def from_ent_cert_content(cls, content, baseurl, ca_cert, release_source): """Create an instance of Repo() from an ent_cert.EntitlementCertContent(). And the other out of band info we need including baseurl, ca_cert, and the release version string. """ repo = cls(content.label) repo.content_type = content.content_type repo["name"] = content.name if content.enabled: repo["enabled"] = "1" repo["enabled_metadata"] = "1" else: repo["enabled"] = "0" repo["enabled_metadata"] = "0" expanded_url_path = Repo._expand_releasever(release_source, content.url) repo["baseurl"] = utils.url_base_join(baseurl, expanded_url_path) # Extract the variables from the url repo_parts = repo["baseurl"].split("/") repoid_vars = [part[1:] for part in repo_parts if part.startswith("$")] if HAS_YUM and repoid_vars: repo["ui_repoid_vars"] = " ".join(repoid_vars) # If no GPG key URL is specified, turn gpgcheck off: gpg_url = content.gpg if not gpg_url: gpg_url = "" repo["gpgcheck"] = "0" else: gpg_url = utils.url_base_join(baseurl, gpg_url) # Leave gpgcheck as the default of 1 repomd_gpg_url = conf["rhsm"]["repomd_gpg_url"] if repomd_gpg_url: repomd_gpg_url = utils.url_base_join(baseurl, repomd_gpg_url) if not gpg_url or gpg_url in ["https://", "http://"]: gpg_url = repomd_gpg_url elif repomd_gpg_url not in gpg_url: gpg_url += "," + repomd_gpg_url repo["gpgkey"] = gpg_url repo["sslclientkey"] = content.cert.key_path() repo["sslclientcert"] = content.cert.path repo["sslcacert"] = ca_cert repo["metadata_expire"] = content.metadata_expire if "arches" in repo and len(content.arches) > 0: repo["arches"] = content.arches repo = Repo._set_proxy_info(repo) return repo
def from_ent_cert_content(cls, content, baseurl, ca_cert, release_source): """Create an instance of Repo() from an ent_cert.EntitlementCertContent(). And the other out of band info we need including baseurl, ca_cert, and the release version string. """ repo = cls(content.label) repo.content_type = content.content_type repo['name'] = content.name if content.enabled: repo['enabled'] = "1" repo['enabled_metadata'] = "1" else: repo['enabled'] = "0" repo['enabled_metadata'] = "0" expanded_url_path = Repo._expand_releasever(release_source, content.url) repo['baseurl'] = utils.url_base_join(baseurl, expanded_url_path) # Extract the variables from the url repo_parts = repo['baseurl'].split("/") repoid_vars = [part[1:] for part in repo_parts if part.startswith("$")] if HAS_YUM and repoid_vars: repo['ui_repoid_vars'] = " ".join(repoid_vars) # If no GPG key URL is specified, turn gpgcheck off: gpg_url = content.gpg if not gpg_url: gpg_url = '' repo['gpgcheck'] = '0' else: gpg_url = utils.url_base_join(baseurl, gpg_url) # Leave gpgcheck as the default of 1 repomd_gpg_url = conf['rhsm']['repomd_gpg_url'] if repomd_gpg_url: repomd_gpg_url = utils.url_base_join(baseurl, repomd_gpg_url) if not gpg_url or gpg_url in ['https://', 'http://']: gpg_url = repomd_gpg_url elif repomd_gpg_url not in gpg_url: gpg_url += ',' + repomd_gpg_url repo['gpgkey'] = gpg_url repo['sslclientkey'] = content.cert.key_path() repo['sslclientcert'] = content.cert.path repo['sslcacert'] = ca_cert repo['metadata_expire'] = content.metadata_expire repo = Repo._set_proxy_info(repo) return repo
def from_ent_cert_content(cls, content, baseurl, ca_cert, release_source): """Create an instance of Repo() from an ent_cert.EntitlementCertContent(). And the other out of band info we need including baseurl, ca_cert, and the release version string. """ repo = cls(content.label) repo.content_type = content.content_type repo['name'] = content.name if content.enabled: repo['enabled'] = "1" repo['enabled_metadata'] = "1" else: repo['enabled'] = "0" repo['enabled_metadata'] = "0" expanded_url_path = Repo._expand_releasever(release_source, content.url) repo['baseurl'] = utils.url_base_join(baseurl, expanded_url_path) # Extract the variables from the url repo_parts = repo['baseurl'].split("/") repoid_vars = [part[1:] for part in repo_parts if part.startswith("$")] if repoid_vars: repo['ui_repoid_vars'] = " ".join(repoid_vars) # If no GPG key URL is specified, turn gpgcheck off: gpg_url = content.gpg if not gpg_url: gpg_url = '' repo['gpgcheck'] = '0' else: gpg_url = utils.url_base_join(baseurl, gpg_url) # Leave gpgcheck as the default of 1 repomd_gpg_url = conf['rhsm']['repomd_gpg_url'] if repomd_gpg_url: repomd_gpg_url = utils.url_base_join(baseurl, repomd_gpg_url) if not gpg_url or gpg_url in ['https://', 'http://']: gpg_url = repomd_gpg_url elif repomd_gpg_url not in gpg_url: gpg_url += ',' + repomd_gpg_url repo['gpgkey'] = gpg_url repo['sslclientkey'] = content.cert.key_path() repo['sslclientcert'] = content.cert.path repo['sslcacert'] = ca_cert repo['metadata_expire'] = content.metadata_expire repo = Repo._set_proxy_info(repo) return repo
def set_remote(self, ostree_remote): """Add a remote section to config file based on a OstreeRemote.""" # format section name section_name = 'remote ' + '"%s"' % ostree_remote.name # Assume all remotes will share the same cdn # This is really info about a particular CDN, we just happen # to only support one at the moment. baseurl = CFG.get('rhsm', 'baseurl') ca_cert = CFG.get('rhsm', 'repo_ca_cert') full_url = utils.url_base_join(baseurl, ostree_remote.url) log.debug("full_url: %s" % full_url) self.set(section_name, 'url', full_url) # gpg_verify not set gpg_verify_string = 'true' if ostree_remote.gpg_verify else 'false' self.set(section_name, 'gpg-verify', gpg_verify_string) if ostree_remote.tls_client_cert_path: self.set(section_name, 'tls-client-cert-path', ostree_remote.tls_client_cert_path) if ostree_remote.tls_client_key_path: self.set(section_name, 'tls-client-key-path', ostree_remote.tls_client_key_path) # Ideally, setting the tls-ca-path would be depending on the # baseurl and/or the CDN and if the content uses https. We always # use https though, and the content does not know the CDN it comes # from. Need a way to map a Content to a particular CDNInfo, and to # support multiple CDNInfos setup. self.set(section_name, 'tls-ca-path', ca_cert)
def set_remote(self, ostree_remote): """Add a remote section to config file based on a OstreeRemote.""" # format section name section_name = 'remote ' + '"%s"' % ostree_remote.name # Assume all remotes will share the same cdn # This is really info about a particular CDN, we just happen # to only support one at the moment. baseurl = CFG.get('rhsm', 'baseurl') ca_cert = CFG.get('rhsm', 'repo_ca_cert') full_url = utils.url_base_join(baseurl, ostree_remote.url) log.debug("full_url: %s" % full_url) self.set(section_name, 'url', full_url) # gpg_verify not set gpg_verify_string = 'true' if ostree_remote.gpg_verify else 'false' self.set(section_name, 'gpg-verify', gpg_verify_string) if ostree_remote.tls_client_cert_path: self.set(section_name, 'tls-client-cert-path', ostree_remote.tls_client_cert_path) if ostree_remote.tls_client_key_path: self.set(section_name, 'tls-client-key-path', ostree_remote.tls_client_key_path) # Ideally, setting the tls-ca-path would be depending on the # baseurl and/or the CDN and if the content uses https. We always # use https though, and the content does not know the CDN it comes # from. Need a way to map a Content to a particular CDNInfo, and to # support multiple CDNInfos setup. self.set(section_name, 'tls-ca-path', ca_cert)
def get_content(self, ent_cert, baseurl, ca_cert): lst = [] for content in self.matching_content(ent_cert): content_id = content.label repo = Repo(content_id) repo['name'] = content.name if content.enabled: repo['enabled'] = "1" else: repo['enabled'] = "0" repo['baseurl'] = utils.url_base_join( baseurl, self._use_release_for_releasever(content.url)) # Extract the variables from thr url repo_parts = repo['baseurl'].split("/") repoid_vars = [ part[1:] for part in repo_parts if part.startswith("$") ] if repoid_vars: repo['ui_repoid_vars'] = " ".join(repoid_vars) # If no GPG key URL is specified, turn gpgcheck off: gpg_url = content.gpg if not gpg_url: repo['gpgkey'] = "" repo['gpgcheck'] = '0' else: repo['gpgkey'] = utils.url_base_join(baseurl, gpg_url) # Leave gpgcheck as the default of 1 repo['sslclientkey'] = ent_cert.key_path() repo['sslclientcert'] = ent_cert.path repo['sslcacert'] = ca_cert repo['metadata_expire'] = content.metadata_expire self._set_proxy_info(repo) if self.override_supported and self.apply_overrides: self._set_override_info(repo) lst.append(repo) return lst
def get_content(self, ent_cert, baseurl, ca_cert): lst = [] for content in self.matching_content(ent_cert): content_id = content.label repo = Repo(content_id) repo['name'] = content.name if content.enabled: repo['enabled'] = "1" else: repo['enabled'] = "0" repo['baseurl'] = utils.url_base_join(baseurl, self._use_release_for_releasever(content.url)) # Extract the variables from thr url repo_parts = repo['baseurl'].split("/") repoid_vars = [part[1:] for part in repo_parts if part.startswith("$")] if repoid_vars: repo['ui_repoid_vars'] = " ".join(repoid_vars) # If no GPG key URL is specified, turn gpgcheck off: gpg_url = content.gpg if not gpg_url: repo['gpgkey'] = "" repo['gpgcheck'] = '0' else: repo['gpgkey'] = utils.url_base_join(baseurl, gpg_url) # Leave gpgcheck as the default of 1 repo['sslclientkey'] = ent_cert.key_path() repo['sslclientcert'] = ent_cert.path repo['sslcacert'] = ca_cert repo['metadata_expire'] = content.metadata_expire self._set_proxy_info(repo) if self.override_supported and self.apply_overrides: self._set_override_info(repo) lst.append(repo) return lst
def set_remote(self, ostree_remote): """Add a remote section to config file based on a OstreeRemote.""" # format section name section_name = 'remote ' + '"%s"' % ostree_remote.name # Assume all remotes will share the same baseurl baseurl = CFG.get('rhsm', 'baseurl') full_url = utils.url_base_join(baseurl, ostree_remote.url) log.debug("full_url: %s" % full_url) self.set(section_name, 'url', full_url) # gpg_verify not set gpg_verify_string = 'true' if ostree_remote.gpg_verify else 'false' self.set(section_name, 'gpg-verify', gpg_verify_string) if ostree_remote.tls_client_cert_path: self.set(section_name, 'tls-client-cert-path', ostree_remote.tls_client_cert_path) if ostree_remote.tls_client_key_path: self.set(section_name, 'tls-client-key-path', ostree_remote.tls_client_key_path)
def set_remote(self, ostree_remote): """Add a remote section to config file based on a OstreeRemote.""" # format section name section_name = "remote " + '"%s"' % ostree_remote.name # Assume all remotes will share the same cdn # This is really info about a particular CDN, we just happen # to only support one at the moment. baseurl = conf["rhsm"]["baseurl"] ca_cert = conf["rhsm"]["repo_ca_cert"] full_url = utils.url_base_join(baseurl, ostree_remote.url) self.set(section_name, "url", full_url) # gpg_verify not set gpg_verify_string = "true" if ostree_remote.gpg_verify else "false" self.set(section_name, "gpg-verify", gpg_verify_string) if ostree_remote.tls_client_cert_path: self.set(section_name, "tls-client-cert-path", ostree_remote.tls_client_cert_path) if ostree_remote.tls_client_key_path: self.set(section_name, "tls-client-key-path", ostree_remote.tls_client_key_path) # Ideally, setting the tls-ca-path would be depending on the # baseurl and/or the CDN and if the content uses https. We always # use https though, and the content does not know the CDN it comes # from. Need a way to map a Content to a particular CDNInfo, and to # support multiple CDNInfos setup. self.set(section_name, "tls-ca-path", ca_cert) proxy_uri = self.get_proxy() if proxy_uri: self.set(section_name, "proxy", proxy_uri)
def test_url_fragments(self): # Url Fragments should work self.assertEquals(self.base + "/baz", url_base_join(self.base, "baz")) self.assertEquals(self.base + "/baz", url_base_join(self.base, "/baz"))
def test_base_slash(self): base = self.base + '/' self.assertEqual(self.base + "/baz", url_base_join(base, "baz")) self.assertEqual(self.base + "/baz", url_base_join(base, "/baz"))
def test_blank_base_blank_url(self): self.assertEquals("", url_base_join("", ""))
def test_blank_url(self): # Blank should remain blank self.assertEqual("", url_base_join(self.base, ""))
def test_url_fragments(self): # Url Fragments should work self.assertEqual(self.base + "/baz", url_base_join(self.base, "baz")) self.assertEqual(self.base + "/baz", url_base_join(self.base, "/baz"))
def test_file_url(self): # File urls should be preserved self.assertEqual("file://this/is/a/file", url_base_join(self.base, "file://this/is/a/file"))
def test_http_url(self): # Http locations should be preserved self.assertEqual("http://this/is/a/url", url_base_join(self.base, "http://this/is/a/url"))
def test_blank_base_url(self): url = "http://foo.notreal/" self.assertEqual(url, url_base_join("", url))
def test_blank_base_url_fragment(self): url = "baz" self.assertEqual(url, url_base_join("", url))
def test_blank_base_url(self): url = "http://foo.notreal/" self.assertEquals(url, url_base_join("", url))
def test_blank_base_blank_url(self): self.assertEqual("", url_base_join("", ""))
def test_base_slash(self): base = self.base + '/' self.assertEquals(self.base + "/baz", url_base_join(base, "baz")) self.assertEquals(self.base + "/baz", url_base_join(base, "/baz"))
def test_blank_base_url_fragment(self): url = "baz" self.assertEquals(url, url_base_join("", url))
def test_blank_url(self): # Blank should remain blank self.assertEquals("", url_base_join(self.base, ""))
def test_http_url(self): # Http locations should be preserved self.assertEquals("http://this/is/a/url", url_base_join(self.base, "http://this/is/a/url"))
def test_file_url(self): # File urls should be preserved self.assertEquals("file://this/is/a/file", url_base_join(self.base, "file://this/is/a/file"))