simp-beaker-helpers 1.20.1 → 1.23.0

data/lib/simp/beaker_helpers.rb

@@ -18,6 +18,95 @@ module Simp::BeakerHelpers
     "simp-beaker-helpers-#{t}-#{$$}-#{rand(0x100000000).to_s(36)}.tmp"
   end
 
+  # Sets a single YUM option in the form that yum-config-manager/dnf
+  # config-manager would expect.
+  #
+  # If not prefaced with a repository, the option will be applied globally.
+  #
+  # Has no effect if yum or dnf is not present.
+  def set_yum_opt_on(suts, key, value)
+    parallel = (ENV['BEAKER_SIMP_parallel'] == 'yes')
+    block_on(suts, :run_in_parallel => parallel) do |sut|
+      repo,target = key.split('.')
+
+      unless target
+        key = "\\*.#{repo}"
+      end
+
+      command = nil
+      if !sut.which('dnf').empty?
+        install_package_unless_present_on(sut, 'dnf-plugins-core', :accept_all_exit_codes => true)
+        command = 'dnf config-manager'
+      elsif !sut.which('yum').empty?
+        command = 'yum-config-manager'
+      end
+
+      on(sut, %{#{command} --save --setopt=#{key}=#{value}}, :silent => true) if command
+    end
+  end
+
+  # Takes a hash of YUM options to set in the form that yum-config-manager/dnf
+  # config-manager would expect.
+  #
+  # If not prefaced with a repository, the option will be applied globally.
+  #
+  # Example:
+  #   {
+  #     'skip_if_unavailable' => '1', # Applies globally
+  #     'foo.installonly_limit' => '5' # Applies only to the 'foo' repo
+  #   }
+  def set_yum_opts_on(suts, yum_opts={})
+    parallel = (ENV['BEAKER_SIMP_parallel'] == 'yes')
+    block_on(suts, :run_in_parallel => parallel) do |sut|
+      yum_opts.each_pair do |k,v|
+        set_yum_opt_on(sut, k, v)
+      end
+    end
+  end
+
+  def install_package_unless_present_on(suts, package_name, package_source=nil, opts={})
+    default_opts = {
+      max_retries: 3,
+      retry_interval: 10
+    }
+
+    parallel = (ENV['BEAKER_SIMP_parallel'] == 'yes')
+    block_on(suts, :run_in_parallel => parallel) do |sut|
+      package_source = package_name unless package_source
+
+      unless sut.check_for_package(package_name)
+        sut.install_package(
+          package_source,
+          '',
+          nil,
+          default_opts.merge(opts)
+        )
+      end
+    end
+  end
+
+  def install_latest_package_on(suts, package_name, package_source=nil, opts={})
+    default_opts = {
+      max_retries: 3,
+      retry_interval: 10
+    }
+
+    parallel = (ENV['BEAKER_SIMP_parallel'] == 'yes')
+    block_on(suts, :run_in_parallel => parallel) do |sut|
+      package_source = package_name unless package_source
+
+      if sut.check_for_package(package_name)
+        sut.upgrade_package(
+          package_source,
+          '',
+          default_opts.merge(opts)
+        )
+      else
+        install_package_unless_present_on(sut, package_name, package_source, opts)
+      end
+    end
+  end
+
   def is_windows?(sut)
     sut[:platform] =~ /windows/i
   end
@@ -80,7 +169,35 @@ module Simp::BeakerHelpers
       else
         container_id = sut.host_hash[:docker_container_id]
       end
-      %x(tar #{exclude_list.join(' ')} -hcf - -C "#{File.dirname(src)}" "#{File.basename(src)}" | docker exec -i "#{container_id}" tar -C "#{dest}" -xf -)
+
+      if ENV['BEAKER_docker_cmd']
+        docker_cmd = ENV['BEAKER_docker_cmd']
+      else
+        docker_cmd = 'docker'
+
+        if ::Docker.version['Components'].any?{|x| x['Name'] =~ /podman/i}
+          docker_cmd = 'podman'
+
+          if ENV['CONTAINER_HOST']
+            docker_cmd = 'podman --remote'
+          elsif ENV['DOCKER_HOST']
+            docker_cmd = "podman --remote --url=#{ENV['DOCKER_HOST']}"
+          end
+        end
+      end
+
+      sut.mkdir_p(File.dirname(dest)) unless directory_exists_on(sut, dest)
+
+      if File.file?(src)
+        cmd = %{#{docker_cmd} cp "#{src}" "#{container_id}:#{dest}"}
+      else
+        cmd = [
+          %{tar #{exclude_list.join(' ')} -hcf - -C "#{File.dirname(src)}" "#{File.basename(src)}"},
+          %{#{docker_cmd} exec -i "#{container_id}" tar -C "#{File.dirname(dest)}" -xf -)}
+        ].join(' | ')
+      end
+
+      %x(#{cmd})
     elsif rsync_functional_on?(sut)
       # This makes rsync_to work like beaker and scp usually do
       exclude_hack = %(__-__' -L --exclude '__-__)
@@ -116,34 +233,34 @@ module Simp::BeakerHelpers
 
   # use the `puppet fact` face to look up facts on an SUT
   def pfact_on(sut, fact_name)
-    require 'ostruct'
-
+    found_fact = nil
     # If puppet is not installed, there are no puppet facts to fetch
     if sut.which('puppet').empty?
-      fact_on(sut, fact_name, :silent => true)
+      found_fact = fact_on(sut, fact_name)
     else
       facts_json = nil
       begin
         cmd_output = on(sut, 'facter -p --json', :silent => true)
-
         # Facter 4+
         raise('skip facter -p') if (cmd_output.stderr =~ /no longer supported/)
 
-        facts = JSON.parse(cmd_output.stdout, object_class: OpenStruct)
+        facts = JSON.parse(cmd_output.stdout)
       rescue StandardError
         # If *anything* fails, we need to fall back to `puppet facts`
 
         facts_json = on(sut, 'puppet facts find garbage_xxx', :silent => true).stdout
-        facts = JSON.parse(facts_json, object_class: OpenStruct).values
+        facts = JSON.parse(facts_json)['values']
       end
 
       found_fact = facts.dig(*(fact_name.split('.')))
 
-      # Fall back to the behavior in fact_on
-      found_fact = '' if found_fact.nil?
-
-      return found_fact
+      # If we did not find a fact, we should use the upstream function since
+      # puppet may be installed via a gem or through some other means.
+      found_fact = fact_on(sut, fact_name) if found_fact.nil?
     end
+
+    # Ensure that Hashes return as Hash objects
+    found_fact.is_a?(OpenStruct) ? found_fact.marshal_dump : found_fact
   end
 
   # Returns the modulepath on the SUT, as an Array
@@ -325,13 +442,16 @@ module Simp::BeakerHelpers
     file_exists_on(sut, '/etc/crypto-policies/config')
   end
 
-  def munge_ssh_crypto_policies(sut, key_types=['ssh-rsa'])
-    if has_crypto_policies(sut)
-      on(sut, "yum update -y crypto-policies", :accept_all_exit_codes => true)
+  def munge_ssh_crypto_policies(suts, key_types=['ssh-rsa'])
+    parallel = (ENV['BEAKER_SIMP_parallel'] == 'yes')
+    block_on(suts, :run_in_parallel => parallel) do |sut|
+      if has_crypto_policies(sut)
+        install_latest_package_on(sut, 'crypto-policies', nil, :accept_all_exit_codes => true)
 
-      # Since we may be doing this prior to having a box flip into FIPS mode, we
-      # need to find and modify *all* of the affected policies
-      on( sut, %{sed --follow-symlinks -i 's/\\(HostKeyAlgorithms\\|PubkeyAcceptedKeyTypes\\)\\(.\\)/\\1\\2#{key_types.join(',')},/g' $( grep -L ssh-rsa $( find /etc/crypto-policies /usr/share/crypto-policies -type f -a \\( -name '*.txt' -o -name '*.config' \\) -exec grep -l PubkeyAcceptedKeyTypes {} \\; ) ) })
+        # Since we may be doing this prior to having a box flip into FIPS mode, we
+        # need to find and modify *all* of the affected policies
+        on( sut, %{sed --follow-symlinks -i 's/\\(HostKeyAlgorithms\\|PubkeyAcceptedKeyTypes\\)\\(.\\)/\\1\\2#{key_types.join(',')},/g' $( grep -L ssh-rsa $( find /etc/crypto-policies /usr/share/crypto-policies -type f -a \\( -name '*.txt' -o -name '*.config' \\) -exec grep -l PubkeyAcceptedKeyTypes {} \\; ) ) })
+      end
     end
   end
 
@@ -341,7 +461,10 @@ module Simp::BeakerHelpers
     puts '  -- (use BEAKER_fips=no to disable)'
     parallel = (ENV['BEAKER_SIMP_parallel'] == 'yes')
 
+    parallel = (ENV['BEAKER_SIMP_parallel'] == 'yes')
     block_on(suts, :run_in_parallel => parallel) do |sut|
+      next if sut[:hypervisor] == 'docker'
+
       if is_windows?(sut)
         puts "  -- SKIPPING #{sut} because it is windows"
         next
@@ -378,13 +501,16 @@ module Simp::BeakerHelpers
 
         fips_enable_modulepath = '--modulepath=/root/.beaker_fips/modules'
 
-        module_install_cmd = 'puppet module install simp-fips --target-dir=/root/.beaker_fips/modules'
+        modules_to_install = {
+          'simp-fips' => ENV['BEAKER_fips_module_version'],
+          'simp-crypto_policy' => nil
+        }
 
-        if ENV['BEAKER_fips_module_version']
-          module_install_cmd += " --version #{ENV['BEAKER_fips_module_version']}"
+        modules_to_install.each_pair do |to_install, version|
+          module_install_cmd = "puppet module install #{to_install} --target-dir=/root/.beaker_fips/modules"
+          module_install_cmd += " --version #{version}" if version
+          on(sut, module_install_cmd)
         end
-
-        on(sut, module_install_cmd)
       end
 
       # Work around Vagrant and cipher restrictions in EL8+
@@ -490,143 +616,173 @@ module Simp::BeakerHelpers
   # Enable EPEL if appropriate to do so and the system is online
   #
   # Can be disabled by setting BEAKER_enable_epel=no
-  def enable_epel_on(sut)
-    if ONLINE && (ENV['BEAKER_stringify_facts'] != 'no')
-      os_info = fact_on(sut, 'os')
-      os_maj_rel = os_info['release']['major']
-
-      # This is based on the official EPEL docs https://fedoraproject.org/wiki/EPEL
-      if ['RedHat', 'CentOS'].include?(os_info['name'])
-        # EL7 returns 1 if install is called and there is nothing to do
-        yum_operation = 'install'
-        yum_operation = 'update' if sut.check_for_package('epel-release')
-
-        on(
-          sut,
-          %{yum #{yum_operation} -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-#{os_maj_rel}.noarch.rpm},
-          :max_retries => 3,
-          :retry_interval => 10
-        )
+  def enable_epel_on(suts)
+    parallel = (ENV['BEAKER_SIMP_parallel'] == 'yes')
+    block_on(suts, :run_in_parallel => parallel) do |sut|
+      if ONLINE
+        os_info = fact_on(sut, 'os')
+        os_maj_rel = os_info['release']['major']
+
+        # This is based on the official EPEL docs https://fedoraproject.org/wiki/EPEL
+        case os_info['name']
+        when 'RedHat','CentOS'
+          install_latest_package_on(
+            sut,
+            'epel-release',
+            "https://dl.fedoraproject.org/pub/epel/epel-release-latest-#{os_maj_rel}.noarch.rpm",
+          )
+
+          if os_info['name'] == 'RedHat'
+            if os_maj_rel == '7'
+              on sut, %{subscription-manager repos --enable "rhel-*-optional-rpms"}
+              on sut, %{subscription-manager repos --enable "rhel-*-extras-rpms"}
+              on sut, %{subscription-manager repos --enable "rhel-ha-for-rhel-*-server-rpms"}
+            end
 
-        if os_info['name'] == 'RedHat'
-          if os_maj_rel == '7'
-            on sut, %{subscription-manager repos --enable "rhel-*-optional-rpms"}
-            on sut, %{subscription-manager repos --enable "rhel-*-extras-rpms"}
-            on sut, %{subscription-manager repos --enable "rhel-ha-for-rhel-*-server-rpms"}
+            if os_maj_rel == '8'
+              on sut, %{subscription-manager repos --enable "codeready-builder-for-rhel-8-#{os_info['architecture']}-rpms"}
+            end
           end
 
-          if os_maj_rel == '8'
-            on sut, %{subscription-manager repos --enable "codeready-builder-for-rhel-8-#{os_info['architecture']}-rpms"}
+          if os_info['name'] == 'CentOS'
+            if os_maj_rel == '8'
+              # 8.0 fallback
+              install_latest_package_on(sut, 'dnf-plugins-core')
+              on sut, %{dnf config-manager --set-enabled powertools || dnf config-manager --set-enabled PowerTools}
+            end
           end
+        when 'OracleLinux'
+          package_name = "oracle-epel-release-el#{os_maj_rel}"
+          install_latest_package_on(sut,package_name)
         end
 
-        if os_info['name'] == 'CentOS'
-          if os_maj_rel == '8'
-            # 8.0 fallback
-            on sut, %{dnf config-manager --set-enabled powertools || dnf config-manager --set-enabled PowerTools}
-          end
-        end
       end
     end
   end
 
-  def linux_errata( sut )
-    # We need to be able to flip between server and client without issue
-    on sut, 'puppet resource group puppet gid=52'
-    on sut, 'puppet resource user puppet comment="Puppet" gid="52" uid="52" home="/var/lib/puppet" managehome=true'
+  def update_package_from_centos_stream(suts, package_name)
+    parallel = (ENV['BEAKER_SIMP_parallel'] == 'yes')
+    block_on(suts, :run_in_parallel => parallel) do |sut|
+      sut.install_package('centos-release-stream') unless sut.check_for_package('centos-release-stream')
+      install_latest_package_on(sut, package_name)
+      sut.uninstall_package('centos-release-stream')
+    end
+  end
 
-    # Make sure we have a domain on our host
-    current_domain = fact_on(sut, 'domain').strip
-    hostname = fact_on(sut, 'hostname').strip
+  def linux_errata( suts )
+    parallel = (ENV['BEAKER_SIMP_parallel'] == 'yes')
+    block_on(suts, :run_in_parallel => parallel) do |sut|
+      # We need to be able to flip between server and client without issue
+      on sut, 'puppet resource group puppet gid=52'
+      on sut, 'puppet resource user puppet comment="Puppet" gid="52" uid="52" home="/var/lib/puppet" managehome=true'
 
-    if current_domain.empty?
-      new_fqdn = hostname + '.beaker.test'
+      os_info = fact_on(sut, 'os')
 
-      on(sut, "sed -i 's/#{hostname}.*/#{new_fqdn} #{hostname}/' /etc/hosts")
-      on(sut, "echo '#{new_fqdn}' > /etc/hostname", :accept_all_exit_codes => true)
-      on(sut, "hostname #{new_fqdn}", :accept_all_exit_codes => true)
+      # Make sure we have a domain on our host
+      current_domain = fact_on(sut, 'domain').strip
+      hostname = fact_on(sut, 'hostname').strip
 
-      if sut.file_exist?('/etc/sysconfig/network')
-        on(sut, "sed -s '/HOSTNAME=/d' /etc/sysconfig/network")
-        on(sut, "echo 'HOSTNAME=#{new_fqdn}' >> /etc/sysconfig/network")
-      end
-    end
+      if current_domain.empty?
+        new_fqdn = hostname + '.beaker.test'
 
-    if fact_on(sut, 'domain').strip.empty?
-      fail("Error: hosts must have an FQDN, got domain='#{current_domain}'")
-    end
+        on(sut, "sed -i 's/#{hostname}.*/#{new_fqdn} #{hostname}/' /etc/hosts")
+        on(sut, "echo '#{new_fqdn}' > /etc/hostname", :accept_all_exit_codes => true)
+        on(sut, "hostname #{new_fqdn}", :accept_all_exit_codes => true)
 
-    # This may not exist in docker so just skip the whole thing
-    if sut.file_exist?('/etc/ssh')
-      # SIMP uses a central ssh key location so we prep that spot in case we
-      # flip to the SIMP SSH module.
-      on(sut, 'mkdir -p /etc/ssh/local_keys')
-      on(sut, 'chown -R root:root /etc/ssh/local_keys')
-      on(sut, 'chmod 755 /etc/ssh/local_keys')
-
-      user_info = on(sut, 'getent passwd').stdout.lines
-
-      # Hash of user => home_dir
-      # Exclude silly directories
-      #   * /
-      #   * /dev/*
-      #   * /s?bin
-      #   * /proc
-      user_info = Hash[
-        user_info.map do |u|
-          u.strip!
-          u = u.split(':')
-          u[5] =~ %r{^(/|/dev/.*|/s?bin/?.*|/proc/?.*)$} ? [nil] : [u[0], u[5]]
+        if sut.file_exist?('/etc/sysconfig/network')
+          on(sut, "sed -s '/HOSTNAME=/d' /etc/sysconfig/network")
+          on(sut, "echo 'HOSTNAME=#{new_fqdn}' >> /etc/sysconfig/network")
         end
-      ]
+      end
+
+      if fact_on(sut, 'domain').strip.empty?
+        fail("Error: hosts must have an FQDN, got domain='#{current_domain}'")
+      end
 
-      user_info.keys.each do |user|
-        src_file = "#{user_info[user]}/.ssh/authorized_keys"
-        tgt_file = "/etc/ssh/local_keys/#{user}"
+      # This may not exist in docker so just skip the whole thing
+      if sut.file_exist?('/etc/ssh')
+        # SIMP uses a central ssh key location so we prep that spot in case we
+        # flip to the SIMP SSH module.
+        on(sut, 'mkdir -p /etc/ssh/local_keys')
+        on(sut, 'chown -R root:root /etc/ssh/local_keys')
+        on(sut, 'chmod 755 /etc/ssh/local_keys')
+
+        user_info = on(sut, 'getent passwd').stdout.lines
+
+        # Hash of user => home_dir
+        # Exclude silly directories
+        #   * /
+        #   * /dev/*
+        #   * /s?bin
+        #   * /proc
+        user_info = Hash[
+          user_info.map do |u|
+            u.strip!
+            u = u.split(':')
+            u[5] =~ %r{^(/|/dev/.*|/s?bin/?.*|/proc/?.*)$} ? [nil] : [u[0], u[5]]
+          end
+        ]
 
-        on(sut, %{if [ -f "#{src_file}" ]; then cp -a -f "#{src_file}" "#{tgt_file}" && chmod 644 "#{tgt_file}"; fi}, :silent => true)
+        user_info.keys.each do |user|
+          src_file = "#{user_info[user]}/.ssh/authorized_keys"
+          tgt_file = "/etc/ssh/local_keys/#{user}"
+
+          on(sut, %{if [ -f "#{src_file}" ]; then cp -a -f "#{src_file}" "#{tgt_file}" && chmod 644 "#{tgt_file}"; fi}, :silent => true)
+        end
       end
-    end
 
-    # SIMP uses structured facts, therefore stringify_facts must be disabled
-    unless ENV['BEAKER_stringify_facts'] == 'yes'
-      on sut, 'puppet config set stringify_facts false'
-    end
+      # SIMP uses structured facts, therefore stringify_facts must be disabled
+      unless ENV['BEAKER_stringify_facts'] == 'yes'
+        on sut, 'puppet config set stringify_facts false'
+      end
 
-    # Occasionally we run across something similar to BKR-561, so to ensure we
-    # at least have the host defaults:
-    #
-    # :hieradatadir is used as a canary here; it isn't the only missing key
-    unless sut.host_hash.key? :hieradatadir
-      configure_type_defaults_on(sut)
-    end
+      # Occasionally we run across something similar to BKR-561, so to ensure we
+      # at least have the host defaults:
+      #
+      # :hieradatadir is used as a canary here; it isn't the only missing key
+      unless sut.host_hash.key? :hieradatadir
+        configure_type_defaults_on(sut)
+      end
 
-    if fact_on(sut, 'osfamily') == 'RedHat'
-      if fact_on(sut, 'operatingsystem') == 'RedHat'
-        RSpec.configure do |c|
-          c.before(:all) do
-            rhel_rhsm_subscribe(sut)
-          end
+      if os_info['family'] == 'RedHat'
+        # OS-specific items
+        if os_info['name'] == 'RedHat'
+          RSpec.configure do |c|
+            c.before(:all) do
+              rhel_rhsm_subscribe(sut)
+            end
 
-          c.after(:all) do
-            rhel_rhsm_unsubscribe(sut)
+            c.after(:all) do
+              rhel_rhsm_unsubscribe(sut)
+            end
           end
         end
-      end
 
-      enable_yum_repos_on(sut)
-      enable_epel_on(sut)
+        if ['CentOS','RedHat','OracleLinux'].include?(os_info['name'])
+          enable_yum_repos_on(sut)
+          enable_epel_on(sut)
 
-      # net-tools required for netstat utility being used by be_listening
-      if fact_on(sut, 'operatingsystemmajrelease') == '7'
-        pp = <<-EOS
-          package { 'net-tools': ensure => installed }
-        EOS
-        apply_manifest_on(sut, pp, :catch_failures => false)
-      end
+          # net-tools required for netstat utility being used by be_listening
+          if os_info['release']['major'].to_i >= 7
+            pp = <<-EOS
+              package { 'net-tools': ensure => installed }
+            EOS
+            apply_manifest_on(sut, pp, :catch_failures => false)
+          end
+
+          unless sut[:hypervisor] == 'docker'
+            if (os_info['name'] == 'CentOS') && (os_info['release']['major'].to_i >= 8)
+              if os_info['release']['minor'].to_i == 3
+                update_package_from_centos_stream(sut, 'kernel')
+                sut.reboot
+              end
+            end
+          end
 
-      # Clean up YUM prior to starting our test runs.
-      on(sut, 'yum clean all')
+          # Clean up YUM prior to starting our test runs.
+          on(sut, 'yum clean all')
+        end
+      end
     end
   end
 
@@ -634,85 +790,100 @@ module Simp::BeakerHelpers
   #
   # Must set BEAKER_RHSM_USER and BEAKER_RHSM_PASS environment variables or pass them in as
   # parameters
-  def rhel_rhsm_subscribe(sut, *opts)
+  def rhel_rhsm_subscribe(suts, *opts)
     require 'securerandom'
 
-    rhsm_opts = {
-      :username => ENV['BEAKER_RHSM_USER'],
-      :password => ENV['BEAKER_RHSM_PASS'],
-      :system_name => "#{sut}_beaker_#{Time.now.to_i}_#{SecureRandom.uuid}",
-      :repo_list => {
-        '7' => [
-          'rhel-7-server-extras-rpms',
-          'rhel-7-server-optional-rpms',
-          'rhel-7-server-rh-common-rpms',
-          'rhel-7-server-rpms',
-          'rhel-7-server-supplementary-rpms'
-        ],
-        '8' => [
-          'rhel-8-for-x86_64-baseos-rpms',
-          'rhel-8-for-x86_64-supplementary-rpms'
-        ]
+    parallel = (ENV['BEAKER_SIMP_parallel'] == 'yes')
+    block_on(suts, :run_in_parallel => parallel) do |sut|
+      rhsm_opts = {
+        :username => ENV['BEAKER_RHSM_USER'],
+        :password => ENV['BEAKER_RHSM_PASS'],
+        :system_name => "#{sut}_beaker_#{Time.now.to_i}_#{SecureRandom.uuid}",
+        :repo_list => {
+          '7' => [
+            'rhel-7-server-extras-rpms',
+            'rhel-7-server-optional-rpms',
+            'rhel-7-server-rh-common-rpms',
+            'rhel-7-server-rpms',
+            'rhel-7-server-supplementary-rpms'
+          ],
+          '8' => [
+            'rhel-8-for-x86_64-baseos-rpms',
+            'rhel-8-for-x86_64-supplementary-rpms'
+          ]
+        }
       }
-    }
 
-    if opts && opts.is_a?(Hash)
-      rhsm_opts.merge!(opts)
-    end
+      if opts && opts.is_a?(Hash)
+        rhsm_opts.merge!(opts)
+      end
 
-    os = fact_on(sut, 'operatingsystem').strip
-    os_release = fact_on(sut, 'operatingsystemmajrelease').strip
+      os = fact_on(sut, 'operatingsystem').strip
+      os_release = fact_on(sut, 'operatingsystemmajrelease').strip
 
-    if os == 'RedHat'
-      unless rhsm_opts[:username] && rhsm_opts[:password]
-        fail("You must set BEAKER_RHSM_USER and BEAKER_RHSM_PASS environment variables to register RHEL systems")
-      end
+      if os == 'RedHat'
+        unless rhsm_opts[:username] && rhsm_opts[:password]
+          fail("You must set BEAKER_RHSM_USER and BEAKER_RHSM_PASS environment variables to register RHEL systems")
+        end
 
-      sub_status = on(sut, 'subscription-manager status', :accept_all_exit_codes => true)
-      unless sub_status.exit_code == 0
-        logger.info("Registering #{sut} via subscription-manager")
-        on(sut, %{subscription-manager register --auto-attach --name='#{rhsm_opts[:system_name]}' --username='#{rhsm_opts[:username]}' --password='#{rhsm_opts[:password]}'}, :silent => true)
-      end
+        sub_status = on(sut, 'subscription-manager status', :accept_all_exit_codes => true)
+        unless sub_status.exit_code == 0
+          logger.info("Registering #{sut} via subscription-manager")
+          on(sut, %{subscription-manager register --auto-attach --name='#{rhsm_opts[:system_name]}' --username='#{rhsm_opts[:username]}' --password='#{rhsm_opts[:password]}'}, :silent => true)
+        end
 
-      if rhsm_opts[:repo_list][os_release]
-        rhel_repo_enable(sut, rhsm_opts[:repo_list][os_release])
-      else
-        logger.warn("simp-beaker-helpers:#{__method__} => Default repos for RHEL '#{os_release}' not found")
-      end
+        if rhsm_opts[:repo_list][os_release]
+          rhel_repo_enable(sut, rhsm_opts[:repo_list][os_release])
+        else
+          logger.warn("simp-beaker-helpers:#{__method__} => Default repos for RHEL '#{os_release}' not found")
+        end
 
-      # Ensure that all users can access the entitlements since we don't know
-      # who we'll be running jobs as (often not root)
-      on(sut, 'chmod -R ugo+rX /etc/pki/entitlement', :accept_all_exit_codes => true)
+        # Ensure that all users can access the entitlements since we don't know
+        # who we'll be running jobs as (often not root)
+        on(sut, 'chmod -R ugo+rX /etc/pki/entitlement', :accept_all_exit_codes => true)
+      end
     end
   end
 
-  def sosreport(sut, dest='sosreports')
-    on(sut, 'puppet resource package sos ensure=latest')
-    on(sut, 'sosreport --batch')
+  def sosreport(suts, dest='sosreports')
+    parallel = (ENV['BEAKER_SIMP_parallel'] == 'yes')
+    block_on(suts, :run_in_parallel => parallel) do |sut|
+      install_latest_package_on(sut, 'sos')
+      on(sut, 'sosreport --batch')
 
-    files = on(sut, 'ls /var/tmp/sosreport* /tmp/sosreport* 2>/dev/null', :accept_all_exit_codes => true).output.lines.map(&:strip)
+      files = on(sut, 'ls /var/tmp/sosreport* /tmp/sosreport* 2>/dev/null', :accept_all_exit_codes => true).output.lines.map(&:strip)
 
-    FileUtils.mkdir_p(dest)
+      FileUtils.mkdir_p(dest)
 
-    files.each do |file|
-      scp_from(sut, file, File.absolute_path(dest))
+      files.each do |file|
+        scp_from(sut, file, File.absolute_path(dest))
+      end
     end
   end
 
-  def rhel_repo_enable(sut, repos)
-    Array(repos).each do |repo|
-      on(sut, %{subscription-manager repos --enable #{repo}})
+  def rhel_repo_enable(suts, repos)
+    parallel = (ENV['BEAKER_SIMP_parallel'] == 'yes')
+    block_on(suts, :run_in_parallel => parallel) do |sut|
+      Array(repos).each do |repo|
+        on(sut, %{subscription-manager repos --enable #{repo}})
+      end
     end
   end
 
-  def rhel_repo_disable(sut, repos)
-    Array(repos).each do |repo|
-      on(sut, %{subscription-manager repos --disable #{repo}}, :accept_all_exit_codes => true)
+  def rhel_repo_disable(suts, repos)
+    parallel = (ENV['BEAKER_SIMP_parallel'] == 'yes')
+    block_on(suts, :run_in_parallel => parallel) do |sut|
+      Array(repos).each do |repo|
+        on(sut, %{subscription-manager repos --disable #{repo}}, :accept_all_exit_codes => true)
+      end
     end
   end
 
-  def rhel_rhsm_unsubscribe(sut)
-    on(sut, %{subscription-manager unregister}, :accept_all_exit_codes => true)
+  def rhel_rhsm_unsubscribe(suts)
+    parallel = (ENV['BEAKER_SIMP_parallel'] == 'yes')
+    block_on(suts, :run_in_parallel => parallel) do |sut|
+      on(sut, %{subscription-manager unregister}, :accept_all_exit_codes => true)
+    end
   end
 
   # Apply known OS fixes we need to run Beaker on each SUT
@@ -786,6 +957,9 @@ module Simp::BeakerHelpers
 
       host_entry = { fqdn => [] }
 
+      # Add the short name because containers can't change the hostname
+      host_entry[fqdn] << host.name if (host[:hypervisor] == 'docker')
+
       # Ensure that all interfaces are active prior to collecting data
       activate_interfaces(host) unless ENV['BEAKER_no_fix_interfaces']
 
@@ -799,7 +973,7 @@ module Simp::BeakerHelpers
         host_entry[fqdn] << ipaddress.strip
 
         unless host_entry[fqdn].empty?
-          suts_network_info[fqdn] = host_entry[fqdn]
+          suts_network_info[fqdn] = host_entry[fqdn].sort.uniq
         end
       end
     end
@@ -828,6 +1002,7 @@ module Simp::BeakerHelpers
       end
 
       copy_to(ca_sut, pki_hosts_file, host_dir)
+
       # generate certs
       on(ca_sut, "cd #{host_dir}; cat #{host_dir}/pki.hosts | xargs bash make.sh")
     end
@@ -862,8 +1037,8 @@ module Simp::BeakerHelpers
       sut.mkdir_p("#{sut_pki_dir}/public")
       sut.mkdir_p("#{sut_pki_dir}/private")
       sut.mkdir_p("#{sut_pki_dir}/cacerts")
-      copy_to(sut, "#{local_host_pki_tree}/#{fqdn}.pem",   "#{sut_pki_dir}/private/")
-      copy_to(sut, "#{local_host_pki_tree}/#{fqdn}.pub",   "#{sut_pki_dir}/public/")
+      copy_to(sut, "#{local_host_pki_tree}/#{fqdn}.pem", "#{sut_pki_dir}/private/")
+      copy_to(sut, "#{local_host_pki_tree}/#{fqdn}.pub", "#{sut_pki_dir}/public/")
 
       copy_to(sut, local_cacert, "#{sut_pki_dir}/cacerts/simp_auto_ca.pem")
 
@@ -873,18 +1048,19 @@ module Simp::BeakerHelpers
       # Need to hash all of the CA certificates so that apps can use them
       # properly! This must happen on the host itself since it needs to match
       # the native hashing algorithms.
-      hash_cmd = <<-EOM.strip
-cd #{sut_pki_dir}/cacerts; \
-for x in *; do \
-  if [ ! -h "$x" ]; then \
-    `openssl x509 -in $x >/dev/null 2>&1`; \
-    if [ $? -eq 0 ]; then \
-      hash=`openssl x509 -in $x -hash | head -1`; \
-      ln -sf $x $hash.0; \
-    fi; \
-   fi; \
-done
-      EOM
+      hash_cmd = <<~EOM.strip
+        PATH=/opt/puppetlabs/puppet/bin:$PATH; \
+        cd #{sut_pki_dir}/cacerts; \
+        for x in *; do \
+          if [ ! -h "$x" ]; then \
+            `openssl x509 -in $x >/dev/null 2>&1`; \
+            if [ $? -eq 0 ]; then \
+              hash=`openssl x509 -in $x -hash | head -1`; \
+              ln -sf $x $hash.0; \
+            fi; \
+           fi; \
+        done
+        EOM
 
       on(sut, hash_cmd)
   end
@@ -1296,64 +1472,79 @@ done
   #    * 'simp-community-postgres'
   #    * 'simp-community-puppet'
   #
-  def install_simp_repos(sut, disable = [])
+  #
+  # Environment Variables:
+  #   * BEAKER_SIMP_install_repos
+  #     * 'no' => disable the capability
+  #   * BEAKER_SIMP_disable_repos
+  #     * Comma delimited list of active yum repo names to disable
+  def install_simp_repos(suts, disable = [])
     # NOTE: Do *NOT* use puppet in this method since it may not be available yet
 
-    # EL7 returns 1 if install is called and there is nothing to do
-    yum_operation = 'install'
-    yum_operation = 'update' if sut.check_for_package('yum-utils')
-
-    on(
-      sut,
-      "yum -y #{yum_operation} yum-utils",
-      :max_retries => 3,
-      :retry_interval => 10
-    )
-
-    # EL7 returns 1 if install is called and there is nothing to do
-    yum_operation = 'install'
-    yum_operation = 'update' if sut.check_for_package('simp-release-community')
-
-    on(
-      sut,
-      %{yum -y #{yum_operation} "https://download.simp-project.com/simp-release-community.rpm"},
-      :max_retries => 3,
-      :retry_interval => 10
-    )
-
-    to_disable = disable.dup
-
-    unless to_disable.empty?
-      if to_disable.include?('simp')
-        to_disable.delete('simp')
-        to_disable << 'simp-community-simp'
-      end
+    return if (ENV.fetch('SIMP_install_repos', 'yes') == 'no')
 
-      if to_disable.include?('simp_deps')
-        to_disable.delete('simp_deps')
-        to_disable << 'simp-community-epel'
-        to_disable << 'simp-community-postgres'
-        to_disable << 'simp-community-puppet'
-      end
+    parallel = (ENV['BEAKER_SIMP_parallel'] == 'yes')
+    block_on(suts, :run_in_parallel => parallel) do |sut|
+      install_package_unless_present_on(sut, 'yum-utils')
 
-      # NOTE: This --enablerepo enables the repos for listing and is inherited
-      # from YUM. This does not actually "enable" the repos, that would require
-      # the "--enable" option (from yum-config-manager) :-D.
-      #
-      # Note: Certain versions of EL8 do not dump by default and EL7 does not
-      # have the '--dump' option.
-      available_repos = on(sut, %{yum-config-manager --enablerepo="*" || yum-config-manager --enablerepo="*" --dump}).stdout.lines.grep(/\A\[(.+)\]\Z/){|x| $1}
+      install_package_unless_present_on(
+        sut,
+        'simp-release-community',
+        "https://download.simp-project.com/simp-release-community.rpm",
+      )
 
-      invalid_repos = (to_disable - available_repos)
+      to_disable = disable.dup
+      to_disable += ENV.fetch('BEAKER_SIMP_disable_repos', '').split(',').map(&:strip)
 
-      # Verify that the repos passed to disable are in the list of valid repos
-      unless invalid_repos.empty?
-        logger.warn(%{WARN: install_simp_repo - requested repos to disable do not exist on the target system '#{invalid_repos.join("', '")}'.})
-      end
+      unless to_disable.empty?
+        if to_disable.include?('simp')
+          to_disable.delete('simp')
+          to_disable << 'simp-community-simp'
+        end
+
+        if to_disable.include?('simp_deps')
+          to_disable.delete('simp_deps')
+          to_disable << 'simp-community-epel'
+          to_disable << 'simp-community-postgres'
+          to_disable << 'simp-community-puppet'
+        end
+
+        # NOTE: This --enablerepo enables the repos for listing and is inherited
+        # from YUM. This does not actually "enable" the repos, that would require
+        # the "--enable" option (from yum-config-manager) :-D.
+        #
+        # Note: Certain versions of EL8 do not dump by default and EL7 does not
+        # have the '--dump' option.
+        available_repos = on(sut, %{yum-config-manager --enablerepo="*" || yum-config-manager --enablerepo="*" --dump}).stdout.lines.grep(/\A\[(.+)\]\Z/){|x| $1}
 
-      (to_disable - invalid_repos).each do |repo|
-        on(sut, %{yum-config-manager --disable "#{repo}"})
+        invalid_repos = (to_disable - available_repos)
+
+        # Verify that the repos passed to disable are in the list of valid repos
+        unless invalid_repos.empty?
+          logger.warn(%{WARN: install_simp_repo - requested repos to disable do not exist on the target system '#{invalid_repos.join("', '")}'.})
+        end
+
+        (to_disable - invalid_repos).each do |repo|
+          on(sut, %{yum-config-manager --disable "#{repo}"})
+        end
       end
     end
+
+    set_yum_opts_on(suts, {'simp*.skip_if_unavailable' => '1' })
+  end
+
+  # Set the release and release type of the SIMP yum repos
+  #
+  # Environment variables may be used to set either one
+  #   * BEAKER_SIMP_repo_release => The actual release (version number)
+  #   * BEAKER_SIMP_repo_release_type => The type of release (stable, unstable, rolling, etc...)
+  def set_simp_repo_release(sut, simp_release_type='stable', simp_release='6')
+    simp_release = ENV.fetch('BEAKER_SIMP_repo_release', simp_release)
+    simp_release_type = ENV.fetch('BEAKER_SIMP_repo_release_type', simp_release_type)
+
+    simp_release_type = 'releases' if (simp_release_type == 'stable')
+
+    create_remote_file(sut, '/etc/yum/vars/simprelease', simp_release)
+    create_remote_file(sut, '/etc/yum/vars/simpreleasetype', simp_release_type)
   end
 end