def org_keys_sufficient_direct_request_test(self):
"""Test the org_keys_sufficient() helper method - direct request."""
# run the function with sufficient authentication data
request = SubscriptionRequest.from_structure(self.KEY_REQUEST)
self.assertTrue(org_keys_sufficient(subscription_request=request))
# run the function with insufficient authentication data
request = SubscriptionRequest.from_structure(self.KEY_MISSING_REQUEST)
self.assertFalse(org_keys_sufficient(subscription_request=request))
def username_password_sufficient_direct_request_test(self):
"""Test the username_password_sufficient() helper method - direct request."""
# run the function with sufficient authentication data
request = SubscriptionRequest.from_structure(self.PASSWORD_REQUEST)
self.assertTrue(username_password_sufficient(subscription_request=request))
# run the function with insufficient authentication data
request = SubscriptionRequest.from_structure(self.PASSWORD_MISSING_REQUEST)
self.assertFalse(username_password_sufficient(subscription_request=request))
def test_set_rhsm_config_tast_restore_default_value(self):
"""Test the SetRHSMConfigurationTask task - restore default values."""
mock_config_proxy = Mock()
# RHSM config default values
default_config = {
SetRHSMConfigurationTask.CONFIG_KEY_SERVER_HOSTNAME:
"server.example.com",
SetRHSMConfigurationTask.CONFIG_KEY_SERVER_PROXY_HOSTNAME:
"proxy.example.com",
SetRHSMConfigurationTask.CONFIG_KEY_SERVER_PROXY_PORT: "1000",
SetRHSMConfigurationTask.CONFIG_KEY_SERVER_PROXY_USER: "******",
SetRHSMConfigurationTask.CONFIG_KEY_SERVER_PROXY_PASSWORD:
"******",
SetRHSMConfigurationTask.CONFIG_KEY_RHSM_BASEURL:
"cdn.example.com",
"key_anaconda_does_not_use_1": "foo1",
"key_anaconda_does_not_use_2": "foo2"
}
# a representative subscription request, with server hostname and rhsm baseurl
# set to blank
request = SubscriptionRequest()
request.type = SUBSCRIPTION_REQUEST_TYPE_ORG_KEY
request.organization = "123456789"
request.account_username = "******"
request.server_hostname = ""
request.rhsm_baseurl = ""
request.server_proxy_hostname = "proxy.foo.com"
request.server_proxy_port = 9001
request.server_proxy_user = "******"
request.account_password.set_secret("foo_password")
request.activation_keys.set_secret(["key1", "key2", "key3"])
request.server_proxy_password.set_secret("foo_proxy_password")
# create a task
task = SetRHSMConfigurationTask(rhsm_config_proxy=mock_config_proxy,
rhsm_config_defaults=default_config,
subscription_request=request)
task.run()
# check that the server.hostname and rhsm.baseurl keys are set
# to the default value
expected_dict = {
"server.hostname": get_variant(Str, "server.example.com"),
"server.proxy_hostname": get_variant(Str, "proxy.foo.com"),
"server.proxy_port": get_variant(Str, "9001"),
"server.proxy_user": get_variant(Str, "foo_proxy_user"),
"server.proxy_password": get_variant(Str, "foo_proxy_password"),
"rhsm.baseurl": get_variant(Str, "cdn.example.com")
}
mock_config_proxy.SetAll.assert_called_once_with(expected_dict, "")
def SubscriptionRequest(self) -> Structure:
"""Return DBus structure holding current subscription request.
Subscription request holds data necessary for a successful subscription attempt.
"""
return SubscriptionRequest.to_structure(
self.implementation.subscription_request)
def SubscriptionRequest(self, subscription_request: Structure):
"""Set a new DBus structure holding subscription request data.
:param subscription_request: DBus structure corresponding to SubscriptionRequest
"""
converted_data = SubscriptionRequest.from_structure(
subscription_request)
self.implementation.set_subscription_request(converted_data)
def __init__(self):
super().__init__()
# system purpose
self._valid_roles = []
self._valid_slas = []
self._valid_usage_types = []
self._system_purpose_data = SystemPurposeData()
self.system_purpose_data_changed = Signal()
self._load_valid_system_purpose_values()
# subscription request
self._subscription_request = SubscriptionRequest()
self.subscription_request_changed = Signal()
# attached subscriptions
self._attached_subscriptions = []
self.attached_subscriptions_changed = Signal()
# Insights
# What are the defaults for Red Hat Insights ?
# - during a kickstart installation, the user
# needs to opt-in by using the rhsm command
# with the --connect-to-insights option
# - during a GUI interactive installation the
# "connect to Insights" checkbox is checked by default,
# making Insights opt-out
# - in both cases the system also needs to be subscribed,
# or else the system can't be connected to Insights
self._connect_to_insights = False
self.connect_to_insights_changed = Signal()
# registration status
self.registered_changed = Signal()
self._registered = False
# subscription status
self.subscription_attached_changed = Signal()
self._subscription_attached = False
# RHSM service startup and access
self._rhsm_startup_task = StartRHSMTask(
verify_ssl=conf.payload.verify_ssl)
self._rhsm_observer = RHSMObserver(
self._rhsm_startup_task.is_service_available)
# RHSM config default values cache
self._rhsm_config_defaults = None
def username_password_sufficient(subscription_request=None):
"""Report if sufficient credentials are set for username & password registration attempt.
:param subscription_request: an subscription request, if None a fresh subscription request
will be fetched from the Subscription module over DBus
:type subscription_request: SubscriptionRequest instance
:return: True if sufficient, False otherwise
:rtype: bool
"""
if subscription_request is None:
subscription_proxy = SUBSCRIPTION.get_proxy()
subscription_request_struct = subscription_proxy.SubscriptionRequest
subscription_request = SubscriptionRequest.from_structure(
subscription_request_struct)
username_set = bool(subscription_request.account_username)
password_set = subscription_request.account_password.type in SECRET_SET_TYPES
return username_set and password_set
def org_keys_sufficient(subscription_request=None):
"""Report if sufficient credentials are set for org & keys registration attempt.
:param subscription_request: an subscription request, if None a fresh subscription request
will be fetched from the Subscription module over DBus
:type subscription_request: SubscriptionRequest instance
:return: True if sufficient, False otherwise
:rtype: bool
"""
if subscription_request is None:
subscription_proxy = SUBSCRIPTION.get_proxy()
subscription_request_struct = subscription_proxy.SubscriptionRequest
subscription_request = SubscriptionRequest.from_structure(
subscription_request_struct)
organization_set = bool(subscription_request.organization)
key_set = subscription_request.activation_keys.type in SECRET_SET_TYPES
return organization_set and key_set
def process_kickstart(self, data):
"""Process the kickstart data."""
log.debug("Processing kickstart data...")
# system purpose
#
# Try if any of the values in kickstart match a valid field.
# If it does, write the valid field value instead of the value from kickstart.
#
# This way a value in kickstart that has a different case and/or trailing white space
# can still be used to preselect a value in a UI instead of being marked as a custom
# user specified value.
system_purpose_data = SystemPurposeData()
system_purpose_data.role = system_purpose.process_field(
data.syspurpose.role, self.valid_roles, "role")
system_purpose_data.sla = system_purpose.process_field(
data.syspurpose.sla, self.valid_slas, "sla")
system_purpose_data.usage = system_purpose.process_field(
data.syspurpose.usage, self.valid_usage_types, "usage")
if data.syspurpose.addons:
# As we do not have a list of valid addons available, we just use what was provided
# by the user in kickstart verbatim.
system_purpose_data.addons = data.syspurpose.addons
self.set_system_purpose_data(system_purpose_data)
# apply system purpose data, if any, so that it is all in place when we start
# talking to the RHSM service
if self.system_purpose_data.check_data_available():
self._apply_syspurpose()
# subscription request
subscription_request = SubscriptionRequest()
# credentials
if data.rhsm.organization:
subscription_request.organization = data.rhsm.organization
if data.rhsm.activation_keys:
subscription_request.activation_keys.set_secret(
data.rhsm.activation_keys)
# if org id and at least one activation key is set, switch authentication
# type to ORG & KEY
if data.rhsm.organization and data.rhsm.activation_keys:
subscription_request.type = SUBSCRIPTION_REQUEST_TYPE_ORG_KEY
# custom URLs
if data.rhsm.server_hostname:
subscription_request.server_hostname = data.rhsm.server_hostname
if data.rhsm.rhsm_baseurl:
subscription_request.rhsm_baseurl = data.rhsm.rhsm_baseurl
# HTTP proxy
if data.rhsm.proxy:
# first try to parse the proxy string from kickstart
try:
proxy = ProxyString(data.rhsm.proxy)
if proxy.host:
# ensure port is an integer and set to -1 if unknown
port = int(proxy.port) if proxy.port else -1
subscription_request.server_proxy_hostname = proxy.host
subscription_request.server_proxy_port = port
# ensure no username translates to the expected ""
# instead of the None returned by the ProxyString class
subscription_request.server_proxy_user = proxy.username or ""
subscription_request.server_proxy_password.set_secret(
proxy.password)
except ProxyStringError as e:
# should not be fatal, but definitely logged as error
message = "Failed to parse proxy for the rhsm command: {}".format(
str(e))
warnings.warn(message, KickstartParseWarning)
# set the resulting subscription request
self.set_subscription_request(subscription_request)
# insights
self.set_connect_to_insights(bool(data.rhsm.connect_to_insights))
def _set_subscription_request(self):
"""Set subscription request to the Subscription DBus module."""
self._subscription_module.SetSubscriptionRequest(
SubscriptionRequest.to_structure(self.subscription_request))
def _get_subscription_request(self):
"""Get SubscriptionRequest from the Subscription module."""
struct = self._subscription_module.SubscriptionRequest
return SubscriptionRequest.from_structure(struct)
def register_and_subscribe(payload,
progress_callback=None,
error_callback=None,
restart_payload=False):
"""Try to register and subscribe the installation environment.
:param payload: Anaconda payload instance
:param progress_callback: progress callback function, takes one argument, subscription phase
:type progress_callback: callable(subscription_phase)
:param error_callback: error callback function, takes one argument, the error message
:type error_callback: callable(error_message)
:param bool restart_payload: should payload restart be attempted if it appears necessary ?
NOTE: The restart_payload attribute controls if the subscription helper function should
attempt to restart the payload thread if it deems it necessary (DVD -> CDN switch,
registration with CDN source, etc.). If restart_payload is True, it might restart
the payload. If it is False, it well never try to do that.
The main usecase of this at the moment is when the subscription helper function
is invoked during early Anaconda kickstart installation. At this stage the initial
payload restart has not yet been run and starting it too early could lead to various
issues. At this stage we don't want the helper function to restart payload, so we keep
restart_payload at default value (False). Later on during manual user interaction we
definitely want payload to be restarted as needed (the initial restart long done)
and so we pass restart_payload=True.
"""
# assign dummy callback functions if none were provided by caller
if progress_callback is None:
progress_callback = dummy_progress_callback
if error_callback is None:
error_callback = dummy_error_callback
# connect to the Subscription DBus module
subscription_proxy = SUBSCRIPTION.get_proxy()
# First make sure network connectivity is available
# by waiting for the connectivity check thread
# to finish, in case it is running, usually early
# during Anaconda startup.
threadMgr.wait(THREAD_WAIT_FOR_CONNECTING_NM)
# Next we make sure to set RHSM config options
# to be in sync with the current subscription request.
task_path = subscription_proxy.SetRHSMConfigWithTask()
task_proxy = SUBSCRIPTION.get_proxy(task_path)
task.sync_run_task(task_proxy)
# Then check if we are not already registered.
#
# In some fairly bizarre cases it is apparently
# possible that registration & attach will succeed,
# but the attached subscription will be incomplete
# and/or invalid. These cases will be caught by
# the subscription token check and marked as failed
# by Anaconda.
#
# It is also possible that registration succeeds,
# but attach fails.
#
# To make recovery and another registration attempt
# possible, we need to first unregister the already
# registered system, as a registration attempt on
# an already registered system would fail.
if subscription_proxy.IsRegistered:
log.debug(
"subscription thread: system already registered, unregistering")
progress_callback(SubscriptionPhase.UNREGISTER)
task_path = subscription_proxy.UnregisterWithTask()
task_proxy = SUBSCRIPTION.get_proxy(task_path)
try:
task.sync_run_task(task_proxy)
except UnregistrationError as e:
log.debug("subscription thread: unregistration failed: %s", e)
# Failing to unregister the system is an unrecoverable error,
# so we end there.
error_callback(str(e))
return
log.debug("Subscription GUI: unregistration succeeded")
# Try to register.
#
# If we got this far the system was either not registered
# or was unregistered successfully.
log.debug("subscription thread: attempting to register")
progress_callback(SubscriptionPhase.REGISTER)
# check authentication method has been set and credentials seem to be
# sufficient (though not necessarily valid)
subscription_request_struct = subscription_proxy.SubscriptionRequest
subscription_request = SubscriptionRequest.from_structure(
subscription_request_struct)
task_path = None
if subscription_request.type == SUBSCRIPTION_REQUEST_TYPE_USERNAME_PASSWORD:
if username_password_sufficient():
task_path = subscription_proxy.RegisterUsernamePasswordWithTask()
elif subscription_request.type == SUBSCRIPTION_REQUEST_TYPE_ORG_KEY:
if org_keys_sufficient():
task_path = subscription_proxy.RegisterOrganizationKeyWithTask()
if task_path:
task_proxy = SUBSCRIPTION.get_proxy(task_path)
try:
task.sync_run_task(task_proxy)
except RegistrationError as e:
log.debug("subscription thread: registration attempt failed: %s",
e)
log.debug(
"subscription thread: skipping auto attach due to registration error"
)
error_callback(str(e))
return
log.debug("subscription thread: registration succeeded")
else:
log.debug(
"subscription thread: credentials insufficient, skipping registration attempt"
)
error_callback(
_("Registration failed due to insufficient credentials."))
return
# try to attach subscription
log.debug("subscription thread: attempting to auto attach an entitlement")
progress_callback(SubscriptionPhase.ATTACH_SUBSCRIPTION)
task_path = subscription_proxy.AttachSubscriptionWithTask()
task_proxy = SUBSCRIPTION.get_proxy(task_path)
try:
task.sync_run_task(task_proxy)
except SubscriptionError as e:
log.debug("subscription thread: failed to attach subscription: %s", e)
error_callback(str(e))
return
# parse attached subscription data
log.debug("subscription thread: parsing attached subscription data")
task_path = subscription_proxy.ParseAttachedSubscriptionsWithTask()
task_proxy = SUBSCRIPTION.get_proxy(task_path)
task.sync_run_task(task_proxy)
# check if the current installation source should be overridden by
# the CDN source we can now use
# - at the moment this is true only for the CDROM source
source_proxy = payload.get_source_proxy()
if payload.type == PAYLOAD_TYPE_DNF:
if source_proxy.Type in SOURCE_TYPES_OVERRIDEN_BY_CDN:
log.debug(
"subscription thread: overriding current installation source by CDN"
)
switch_source(payload, SOURCE_TYPE_CDN)
# If requested, also restart the payload if CDN is the installation source
# The CDN either already was the installation source or we just switched to it.
#
# Make sure to get fresh source proxy as the old one might be stale after
# a source switch.
source_proxy = payload.get_source_proxy()
if restart_payload and source_proxy.Type == SOURCE_TYPE_CDN:
log.debug(
"subscription thread: restarting payload after registration")
_do_payload_restart(payload)
# and done, report attaching subscription was successful
log.debug("subscription thread: auto attach succeeded")
progress_callback(SubscriptionPhase.DONE)
def register_and_subscribe(payload,
progress_callback=None,
error_callback=None):
"""Try to register and subscribe the installation environment.
:param payload: Anaconda payload instance
:param progress_callback: progress callback function, takes one argument, subscription phase
:type progress_callback: callable(subscription_phase)
:param error_callback: error callback function, takes one argument, the error message
:type error_callback: callable(error_message)
"""
# assign dummy callback functions if none were provided by caller
if progress_callback is None:
progress_callback = dummy_progress_callback
if error_callback is None:
error_callback = dummy_error_callback
# connect to the Subscription DBus module
subscription_proxy = SUBSCRIPTION.get_proxy()
# First make sure network connectivity is available
# by waiting for the connectivity check thread
# to finish, in case it is running, usually early
# during Anaconda startup.
threadMgr.wait(THREAD_WAIT_FOR_CONNECTING_NM)
# Next we make sure to set RHSM config options
# to be in sync with the current subscription request.
task_path = subscription_proxy.SetRHSMConfigWithTask()
task_proxy = SUBSCRIPTION.get_proxy(task_path)
task.sync_run_task(task_proxy)
# Then check if we are not already registered.
#
# In some fairly bizarre cases it is apparently
# possible that registration & attach will succeed,
# but the attached subscription will be incomplete
# and/or invalid. These cases will be caught by
# the subscription token check and marked as failed
# by Anaconda.
#
# It is also possible that registration succeeds,
# but attach fails.
#
# To make recovery and another registration attempt
# possible, we need to first unregister the already
# registered system, as a registration attempt on
# an already registered system would fail.
if subscription_proxy.IsRegistered:
log.debug(
"subscription thread: system already registered, unregistering")
progress_callback(SubscriptionPhase.UNREGISTER)
task_path = subscription_proxy.UnregisterWithTask()
task_proxy = SUBSCRIPTION.get_proxy(task_path)
try:
task.sync_run_task(task_proxy)
except UnregistrationError as e:
log.debug("subscription thread: unregistration failed: %s", e)
# Failing to unregister the system is an unrecoverable error,
# so we end there.
error_callback(str(e))
return
log.debug("Subscription GUI: unregistration succeeded")
# Try to register.
#
# If we got this far the system was either not registered
# or was unregistered successfully.
log.debug("subscription thread: attempting to register")
progress_callback(SubscriptionPhase.REGISTER)
# check authentication method has been set and credentials seem to be
# sufficient (though not necessarily valid)
subscription_request_struct = subscription_proxy.SubscriptionRequest
subscription_request = SubscriptionRequest.from_structure(
subscription_request_struct)
task_path = None
if subscription_request.type == SUBSCRIPTION_REQUEST_TYPE_USERNAME_PASSWORD:
if username_password_sufficient():
task_path = subscription_proxy.RegisterUsernamePasswordWithTask()
elif subscription_request.type == SUBSCRIPTION_REQUEST_TYPE_ORG_KEY:
if org_keys_sufficient():
task_path = subscription_proxy.RegisterOrganizationKeyWithTask()
if task_path:
task_proxy = SUBSCRIPTION.get_proxy(task_path)
try:
task.sync_run_task(task_proxy)
except RegistrationError as e:
log.debug("subscription thread: registration attempt failed: %s",
e)
log.debug(
"subscription thread: skipping auto attach due to registration error"
)
error_callback(str(e))
return
log.debug("subscription thread: registration succeeded")
else:
log.debug(
"subscription thread: credentials insufficient, skipping registration attempt"
)
error_callback(
_("Registration failed due to insufficient credentials."))
return
# try to attach subscription
log.debug("subscription thread: attempting to auto attach an entitlement")
progress_callback(SubscriptionPhase.ATTACH_SUBSCRIPTION)
task_path = subscription_proxy.AttachSubscriptionWithTask()
task_proxy = SUBSCRIPTION.get_proxy(task_path)
try:
task.sync_run_task(task_proxy)
except SubscriptionError as e:
log.debug("subscription thread: failed to attach subscription: %s", e)
error_callback(str(e))
return
# parse attached subscription data
log.debug("subscription thread: parsing attached subscription data")
task_path = subscription_proxy.ParseAttachedSubscriptionsWithTask()
task_proxy = SUBSCRIPTION.get_proxy(task_path)
task.sync_run_task(task_proxy)
# report attaching subscription was successful
log.debug("subscription thread: auto attach succeeded")
# set CDN as installation source now that we can use it
log.debug("subscription thread: setting CDN as installation source")
set_source_cdn(payload)
# and done
progress_callback(SubscriptionPhase.DONE)
