def _do_command(self):
self._validate_options()
supported_resources = get_supported_resources()
if "environments" not in supported_resources:
system_exit(os.EX_UNAVAILABLE,
_("Error: Server does not support environments."))
try:
if self.options.token:
self.cp = self.cp_provider.get_keycloak_auth_cp(
self.options.token)
else:
if not self.options.enabled:
if self.options.username is None or self.options.password is None:
print(_("This operation requires user credentials"))
self.cp_provider.set_user_pass(self.username,
self.password)
self.cp = self.cp_provider.get_basic_auth_cp()
self.identity = require(IDENTITY)
if self.options.set:
self._set_environments()
else:
self._list_environments()
except connection.RestlibException as re:
log.exception(re)
log.error(
"Error: Unable to retrieve environment list from server: {re}".
format(re=re))
mapped_message: str = ExceptionMapper().get_message(re)
system_exit(os.EX_SOFTWARE, mapped_message)
except Exception as e:
handle_exception(
_("Error: Unable to retrieve environment list from server"), e)
def _get_environment_id(self, cp, owner_key, environment_name):
# If none specified on CLI and the server doesn't support environments,
# return None, the registration method will skip environment specification.
# Activation keys may not be used with environment for registration.
# We use a no-auth cp, so we cannot look up environment ids by name
if self.options.activation_keys:
return None
supported_resources = get_supported_resources()
supports_environments = 'environments' in supported_resources
if not environment_name:
if supports_environments:
env_list = cp.getEnvironmentList(owner_key)
# If there aren't any environments, don't prompt for one
if not env_list:
return environment_name
# If the envronment list is len 1, pick that environment
if len(env_list) == 1:
log.debug(
"Using the only available environment: \"{name}\"".
format(name=env_list[0]["name"]))
return env_list[0]['id']
env_name_list = [env['name'] for env in env_list]
print(
_('Hint: Organization "{key}" contains following environments: {list}'
).format(key=owner_key, list=", ".join(env_name_list)))
environment_name = self._prompt_for_environment()
# Should only ever be len 0 or 1
env_matches = [
env['id'] for env in env_list
if env['name'] == environment_name
]
if env_matches:
return env_matches[0]
system_exit(
os.EX_DATAERR,
_("No such environment: {name}").format(
name=environment_name))
# Server doesn't support environments
return environment_name
if not supports_environments:
system_exit(os.EX_UNAVAILABLE,
_("Error: Server does not support environments."))
env = cp.getEnvironment(owner_key=owner_key, name=environment_name)
if not env:
system_exit(
os.EX_DATAERR,
_("No such environment: {name}").format(name=environment_name))
return env['id']
def update_check(self, uep, consumer_uuid, force=False):
"""
Check if packages have changed, and push an update if so.
"""
# If the server doesn't support packages, don't try to send the profile:
supported_resources = get_supported_resources()
if PACKAGES_RESOURCE not in supported_resources:
log.warning("Server does not support packages, skipping profile upload.")
return 0
if force or self.report_package_profile:
return CacheManager.update_check(self, uep, consumer_uuid, force)
elif not self.report_package_profile:
log.warning("Skipping package profile upload due to report_package_profile setting.")
return 0
else:
return 0
def _process_environments(self, admin_cp, owner_key):
"""
Confirms that environment(s) have been chosen if they are supported
and a choice needs to be made
"""
supported_resources = get_supported_resources()
supports_environments = "environments" in supported_resources
if not supports_environments:
if self.options.environments is not None:
system_exit(os.EX_UNAVAILABLE, _("Error: Server does not support environments."))
return None
# We have an activation key, so don't need to fill/check the bits
# related to environments, as they are part of the activation key
if self.options.activation_keys:
return None
all_env_list = admin_cp.getEnvironmentList(owner_key)
if self.options.environments:
environments = self.options.environments
else:
# If there aren't any environments, don't prompt for one
if not all_env_list:
return None
# If the envronment list is len 1, pick that environment
if len(all_env_list) == 1:
log.debug(
'Using the only available environment: "{name}"'.format(name=all_env_list[0]["name"])
)
return all_env_list[0]["id"]
env_name_list = [env["name"] for env in all_env_list]
print(
_('Hint: Organization "{key}" contains following environments: {list}').format(
key=owner_key, list=", ".join(env_name_list)
)
)
environments = self._prompt_for_environment()
if not self.cp.has_capability(MULTI_ENV) and "," in environments:
system_exit(os.EX_USAGE, _("The entitlement server does not allow multiple environments"))
return check_set_environment_names(all_env_list, environments)
def _do_command(self):
self._validate_options()
try:
if self.options.token:
self.cp = self.cp_provider.get_keycloak_auth_cp(
self.options.token)
else:
self.cp_provider.set_user_pass(self.username, self.password)
self.cp = self.cp_provider.get_basic_auth_cp()
supported_resources = get_supported_resources()
if 'environments' in supported_resources:
environments = self._get_environments(self.org)
if len(environments):
print("+-------------------------------------------+")
print(" {env}".format(env=_('Environments')))
print("+-------------------------------------------+")
for env in environments:
print(
columnize(ENVIRONMENT_LIST,
echo_columnize_callback, env['name'],
env['description'] or "") + "\n")
else:
print(_("This org does not have any environments."))
else:
system_exit(os.EX_UNAVAILABLE,
_("Error: Server does not support environments."))
log.debug("Successfully retrieved environment list from server.")
except connection.RestlibException as re:
log.exception(re)
log.error(
"Error: Unable to retrieve environment list from server: {re}".
format(re=re))
system_exit(os.EX_SOFTWARE, str(re))
except Exception as e:
handle_exception(
_("Error: Unable to retrieve environment list from server"), e)
def _do_command(self):
# get current consumer identity
identity = inj.require(inj.IDENTITY)
# check for Classic before doing anything else
if ClassicCheck().is_registered_with_classic():
if identity.is_valid():
print(
_("server type: {type}").format(
type=get_branding().REGISTERED_TO_BOTH_SUMMARY))
else:
# no need to continue if user is only registered to Classic
print(
_("server type: {type}").format(
type=get_branding().REGISTERED_TO_OTHER_SUMMARY))
return
try:
self._validate_options()
consumerid = self.identity.uuid
consumer_name = self.identity.name
if not self.options.regenerate:
owner = get_current_owner(self.cp, self.identity)
ownername = owner['displayName']
ownerid = owner['key']
print(
_('system identity: {consumerid}').format(
consumerid=consumerid))
print(
_('name: {consumer_name}').format(
consumer_name=consumer_name))
print(_('org name: {ownername}').format(ownername=ownername))
print(_('org ID: {ownerid}').format(ownerid=ownerid))
supported_resources = get_supported_resources(
self.cp, self.identity)
if 'environments' in supported_resources:
consumer = self.cp.getConsumer(consumerid)
environment = consumer['environment']
if environment:
environment_name = environment['name']
else:
environment_name = _("None")
print(
_('environment name: {environment_name}').format(
environment_name=environment_name))
else:
if self.options.force:
# get an UEP with basic auth or keycloak auth
if self.options.token:
self.cp = self.cp_provider.get_keycloak_auth_cp(
self.options.token)
else:
self.cp_provider.set_user_pass(self.username,
self.password)
self.cp = self.cp_provider.get_basic_auth_cp()
consumer = self.cp.regenIdCertificate(consumerid)
managerlib.persist_consumer_cert(consumer)
# do this in persist_consumer_cert? or some other
# high level, "I just registered" thing
self.identity.reload()
print(_("Identity certificate has been regenerated."))
log.debug("Successfully generated a new identity from server.")
except connection.GoneException as ge:
# Gone exception is caught in CliCommand and a consistent message
# is printed there for all commands
raise ge
except connection.RestlibException as re:
log.exception(re)
log.error(
u"Error: Unable to generate a new identity for the system: {re}"
).format(re=re)
system_exit(os.EX_SOFTWARE, str(re))
except Exception as e:
handle_exception(
_("Error: Unable to generate a new identity for the system"),
e)
def __init__(self, cache_only=False, apply_overrides=True):
self.identity = inj.require(inj.IDENTITY)
# These should probably move closer their use
self.ent_dir = inj.require(inj.ENT_DIR)
self.prod_dir = inj.require(inj.PROD_DIR)
self.ent_source = ent_cert.EntitlementDirEntitlementSource()
self.cp_provider = inj.require(inj.CP_PROVIDER)
self.manage_repos = 1
self.apply_overrides = apply_overrides
self.manage_repos = manage_repos_enabled()
self.release = None
self.overrides = {}
self.override_supported = False
try:
self.override_supported = 'content_overrides' in get_supported_resources(
uep=None, identity=self.identity)
except (socket.error, connection.ConnectionException) as e:
# swallow the error to fix bz 1298327
log.exception(e)
pass
self.written_overrides = WrittenOverrideCache()
# FIXME: empty report at the moment, should be changed to include
# info about updated repos
self.report = RepoActionReport()
self.report.name = "Repo updates"
# If we are not registered, skip trying to refresh the
# data from the server
if not self.identity.is_valid():
return
# NOTE: if anything in the RepoActionInvoker init blocks, and it
# could, yum could still block. The closest thing to an
# event loop we have is the while True: sleep() in lock.py:Lock.acquire()
# Only attempt to update the overrides if they are supported
# by the server.
if self.override_supported:
try:
override_cache = inj.require(inj.OVERRIDE_STATUS_CACHE)
except KeyError:
override_cache = OverrideStatusCache()
if cache_only:
status = override_cache.read_cache_only()
else:
self.uep = self.cp_provider.get_consumer_auth_cp()
status = override_cache.load_status(self.uep,
self.identity.uuid)
for item in status or []:
# Don't iterate through the list
if item['contentLabel'] not in self.overrides:
self.overrides[item['contentLabel']] = {}
self.overrides[item['contentLabel']][
item['name']] = item['value']
def _do_command(self):
self._validate_options()
# Abort if not registered
self.assert_should_be_registered()
supported_resources = get_supported_resources()
if "content_overrides" not in supported_resources:
system_exit(
os.EX_UNAVAILABLE,
_("Error: The 'repo-override' command is not supported by the server."
))
# update entitlement certificates if necessary. If we do have new entitlements
# CertLib.update() will call RepoActionInvoker.update().
self.entcertlib.update()
# make sure the EntitlementDirectory singleton is refreshed
self._request_validity_check()
overrides = Overrides()
if not manage_repos_enabled():
print(_("Repositories disabled by configuration."))
if self.options.list:
results = overrides.get_overrides(self.identity.uuid)
if results:
self._list(results, self.options.repos)
else:
print(
_("This system does not have any content overrides applied to it."
))
return
if self.options.additions:
repo_ids = [
repo.id
for repo in overrides.repo_lib.get_repos(apply_overrides=False)
]
to_add = [
Override(repo, name, value) for repo in self.options.repos
for name, value in list(self.options.additions.items())
]
try:
results = overrides.add_overrides(self.identity.uuid, to_add)
except connection.RestlibException as ex:
if ex.code == 400:
# blocklisted overrides specified.
# Print message and return a less severe code.
mapped_message: str = ExceptionMapper().get_message(ex)
system_exit(1, mapped_message)
else:
raise ex
# Print out warning messages if the specified repo does not exist in the repo file.
for repo in self.options.repos:
if repo not in repo_ids:
print(
_("Repository '{repo}' does not currently exist, but the override has been added."
).format(repo=repo))
if self.options.removals:
to_remove = [
Override(repo, item) for repo in self.options.repos
for item in self.options.removals
]
results = overrides.remove_overrides(self.identity.uuid, to_remove)
if self.options.remove_all:
results = overrides.remove_all_overrides(self.identity.uuid,
self.options.repos)
# Update the cache and refresh the repo file.
overrides.update(results)
def _do_command(self):
self._reconcile_list_options()
rc = 0
if not manage_repos_enabled():
print(_("Repositories disabled by configuration."))
return rc
# Pull down any new entitlements and refresh the entitlements directory
if self.identity.is_valid():
cert_action_client = ActionClient(skips=[PackageProfileActionInvoker])
cert_action_client.update()
self._request_validity_check()
if self.is_registered():
supported_resources = get_supported_resources()
self.use_overrides = "content_overrides" in supported_resources
else:
self.use_overrides = False
# specifically, yum repos, for now.
rl = RepoActionInvoker()
repos = rl.get_repos()
if self.options.repo_actions is not None:
rc = self._set_repo_status(repos, rl, self.options.repo_actions)
if self.identity.is_valid():
profile_action_client = ProfileActionClient()
profile_action_client.update()
if self.list:
if len(repos):
# TODO: Perhaps this should be abstracted out as well...?
def filter_repos(repo):
disabled_values = ["false", "0"]
repo_enabled = repo["enabled"].lower()
show_enabled = self.list_enabled and repo_enabled not in disabled_values
show_disabled = self.list_disabled and repo_enabled in disabled_values
return show_enabled or show_disabled
repos = list(filter(filter_repos, repos))
if len(repos):
print("+----------------------------------------------------------+")
print(_(" Available Repositories in {file}").format(file=rl.get_repo_file()))
print("+----------------------------------------------------------+")
for repo in repos:
print(
columnize(
REPOS_LIST,
echo_columnize_callback,
repo.id,
repo["name"],
repo["baseurl"],
repo["enabled"],
)
+ "\n"
)
else:
print(_("There were no available repositories matching the specified criteria."))
else:
print(_("This system has no repositories available through subscriptions."))
return rc
