def from_ent_cert_content(cls, content, baseurl, ca_cert, release_source):
"""Create an instance of Repo() from an ent_cert.EntitlementCertContent().
And the other out of band info we need including baseurl, ca_cert, and
the release version string.
"""
repo = cls(content.label)
repo.content_type = content.content_type
repo["name"] = content.name
if content.enabled:
repo["enabled"] = "1"
repo["enabled_metadata"] = "1"
else:
repo["enabled"] = "0"
repo["enabled_metadata"] = "0"
expanded_url_path = Repo._expand_releasever(release_source, content.url)
repo["baseurl"] = utils.url_base_join(baseurl, expanded_url_path)
# Extract the variables from the url
repo_parts = repo["baseurl"].split("/")
repoid_vars = [part[1:] for part in repo_parts if part.startswith("$")]
if HAS_YUM and repoid_vars:
repo["ui_repoid_vars"] = " ".join(repoid_vars)
# If no GPG key URL is specified, turn gpgcheck off:
gpg_url = content.gpg
if not gpg_url:
gpg_url = ""
repo["gpgcheck"] = "0"
else:
gpg_url = utils.url_base_join(baseurl, gpg_url)
# Leave gpgcheck as the default of 1
repomd_gpg_url = conf["rhsm"]["repomd_gpg_url"]
if repomd_gpg_url:
repomd_gpg_url = utils.url_base_join(baseurl, repomd_gpg_url)
if not gpg_url or gpg_url in ["https://", "http://"]:
gpg_url = repomd_gpg_url
elif repomd_gpg_url not in gpg_url:
gpg_url += "," + repomd_gpg_url
repo["gpgkey"] = gpg_url
repo["sslclientkey"] = content.cert.key_path()
repo["sslclientcert"] = content.cert.path
repo["sslcacert"] = ca_cert
repo["metadata_expire"] = content.metadata_expire
if "arches" in repo and len(content.arches) > 0:
repo["arches"] = content.arches
repo = Repo._set_proxy_info(repo)
return repo
def from_ent_cert_content(cls, content, baseurl, ca_cert, release_source):
"""Create an instance of Repo() from an ent_cert.EntitlementCertContent().
And the other out of band info we need including baseurl, ca_cert, and
the release version string.
"""
repo = cls(content.label)
repo.content_type = content.content_type
repo['name'] = content.name
if content.enabled:
repo['enabled'] = "1"
repo['enabled_metadata'] = "1"
else:
repo['enabled'] = "0"
repo['enabled_metadata'] = "0"
expanded_url_path = Repo._expand_releasever(release_source,
content.url)
repo['baseurl'] = utils.url_base_join(baseurl, expanded_url_path)
# Extract the variables from the url
repo_parts = repo['baseurl'].split("/")
repoid_vars = [part[1:] for part in repo_parts if part.startswith("$")]
if HAS_YUM and repoid_vars:
repo['ui_repoid_vars'] = " ".join(repoid_vars)
# If no GPG key URL is specified, turn gpgcheck off:
gpg_url = content.gpg
if not gpg_url:
gpg_url = ''
repo['gpgcheck'] = '0'
else:
gpg_url = utils.url_base_join(baseurl, gpg_url)
# Leave gpgcheck as the default of 1
repomd_gpg_url = conf['rhsm']['repomd_gpg_url']
if repomd_gpg_url:
repomd_gpg_url = utils.url_base_join(baseurl, repomd_gpg_url)
if not gpg_url or gpg_url in ['https://', 'http://']:
gpg_url = repomd_gpg_url
elif repomd_gpg_url not in gpg_url:
gpg_url += ',' + repomd_gpg_url
repo['gpgkey'] = gpg_url
repo['sslclientkey'] = content.cert.key_path()
repo['sslclientcert'] = content.cert.path
repo['sslcacert'] = ca_cert
repo['metadata_expire'] = content.metadata_expire
repo = Repo._set_proxy_info(repo)
return repo
def from_ent_cert_content(cls, content, baseurl, ca_cert, release_source):
"""Create an instance of Repo() from an ent_cert.EntitlementCertContent().
And the other out of band info we need including baseurl, ca_cert, and
the release version string.
"""
repo = cls(content.label)
repo.content_type = content.content_type
repo['name'] = content.name
if content.enabled:
repo['enabled'] = "1"
repo['enabled_metadata'] = "1"
else:
repo['enabled'] = "0"
repo['enabled_metadata'] = "0"
expanded_url_path = Repo._expand_releasever(release_source, content.url)
repo['baseurl'] = utils.url_base_join(baseurl, expanded_url_path)
# Extract the variables from the url
repo_parts = repo['baseurl'].split("/")
repoid_vars = [part[1:] for part in repo_parts if part.startswith("$")]
if repoid_vars:
repo['ui_repoid_vars'] = " ".join(repoid_vars)
# If no GPG key URL is specified, turn gpgcheck off:
gpg_url = content.gpg
if not gpg_url:
gpg_url = ''
repo['gpgcheck'] = '0'
else:
gpg_url = utils.url_base_join(baseurl, gpg_url)
# Leave gpgcheck as the default of 1
repomd_gpg_url = conf['rhsm']['repomd_gpg_url']
if repomd_gpg_url:
repomd_gpg_url = utils.url_base_join(baseurl, repomd_gpg_url)
if not gpg_url or gpg_url in ['https://', 'http://']:
gpg_url = repomd_gpg_url
elif repomd_gpg_url not in gpg_url:
gpg_url += ',' + repomd_gpg_url
repo['gpgkey'] = gpg_url
repo['sslclientkey'] = content.cert.key_path()
repo['sslclientcert'] = content.cert.path
repo['sslcacert'] = ca_cert
repo['metadata_expire'] = content.metadata_expire
repo = Repo._set_proxy_info(repo)
return repo
def set_remote(self, ostree_remote):
"""Add a remote section to config file based on a OstreeRemote."""
# format section name
section_name = 'remote ' + '"%s"' % ostree_remote.name
# Assume all remotes will share the same cdn
# This is really info about a particular CDN, we just happen
# to only support one at the moment.
baseurl = CFG.get('rhsm', 'baseurl')
ca_cert = CFG.get('rhsm', 'repo_ca_cert')
full_url = utils.url_base_join(baseurl, ostree_remote.url)
log.debug("full_url: %s" % full_url)
self.set(section_name, 'url', full_url)
# gpg_verify not set
gpg_verify_string = 'true' if ostree_remote.gpg_verify else 'false'
self.set(section_name, 'gpg-verify', gpg_verify_string)
if ostree_remote.tls_client_cert_path:
self.set(section_name, 'tls-client-cert-path', ostree_remote.tls_client_cert_path)
if ostree_remote.tls_client_key_path:
self.set(section_name, 'tls-client-key-path', ostree_remote.tls_client_key_path)
# Ideally, setting the tls-ca-path would be depending on the
# baseurl and/or the CDN and if the content uses https. We always
# use https though, and the content does not know the CDN it comes
# from. Need a way to map a Content to a particular CDNInfo, and to
# support multiple CDNInfos setup.
self.set(section_name, 'tls-ca-path', ca_cert)
def set_remote(self, ostree_remote):
"""Add a remote section to config file based on a OstreeRemote."""
# format section name
section_name = 'remote ' + '"%s"' % ostree_remote.name
# Assume all remotes will share the same cdn
# This is really info about a particular CDN, we just happen
# to only support one at the moment.
baseurl = CFG.get('rhsm', 'baseurl')
ca_cert = CFG.get('rhsm', 'repo_ca_cert')
full_url = utils.url_base_join(baseurl, ostree_remote.url)
log.debug("full_url: %s" % full_url)
self.set(section_name, 'url', full_url)
# gpg_verify not set
gpg_verify_string = 'true' if ostree_remote.gpg_verify else 'false'
self.set(section_name, 'gpg-verify', gpg_verify_string)
if ostree_remote.tls_client_cert_path:
self.set(section_name, 'tls-client-cert-path',
ostree_remote.tls_client_cert_path)
if ostree_remote.tls_client_key_path:
self.set(section_name, 'tls-client-key-path',
ostree_remote.tls_client_key_path)
# Ideally, setting the tls-ca-path would be depending on the
# baseurl and/or the CDN and if the content uses https. We always
# use https though, and the content does not know the CDN it comes
# from. Need a way to map a Content to a particular CDNInfo, and to
# support multiple CDNInfos setup.
self.set(section_name, 'tls-ca-path', ca_cert)
def get_content(self, ent_cert, baseurl, ca_cert):
lst = []
for content in self.matching_content(ent_cert):
content_id = content.label
repo = Repo(content_id)
repo['name'] = content.name
if content.enabled:
repo['enabled'] = "1"
else:
repo['enabled'] = "0"
repo['baseurl'] = utils.url_base_join(
baseurl, self._use_release_for_releasever(content.url))
# Extract the variables from thr url
repo_parts = repo['baseurl'].split("/")
repoid_vars = [
part[1:] for part in repo_parts if part.startswith("$")
]
if repoid_vars:
repo['ui_repoid_vars'] = " ".join(repoid_vars)
# If no GPG key URL is specified, turn gpgcheck off:
gpg_url = content.gpg
if not gpg_url:
repo['gpgkey'] = ""
repo['gpgcheck'] = '0'
else:
repo['gpgkey'] = utils.url_base_join(baseurl, gpg_url)
# Leave gpgcheck as the default of 1
repo['sslclientkey'] = ent_cert.key_path()
repo['sslclientcert'] = ent_cert.path
repo['sslcacert'] = ca_cert
repo['metadata_expire'] = content.metadata_expire
self._set_proxy_info(repo)
if self.override_supported and self.apply_overrides:
self._set_override_info(repo)
lst.append(repo)
return lst
def get_content(self, ent_cert, baseurl, ca_cert):
lst = []
for content in self.matching_content(ent_cert):
content_id = content.label
repo = Repo(content_id)
repo['name'] = content.name
if content.enabled:
repo['enabled'] = "1"
else:
repo['enabled'] = "0"
repo['baseurl'] = utils.url_base_join(baseurl,
self._use_release_for_releasever(content.url))
# Extract the variables from thr url
repo_parts = repo['baseurl'].split("/")
repoid_vars = [part[1:] for part in repo_parts if part.startswith("$")]
if repoid_vars:
repo['ui_repoid_vars'] = " ".join(repoid_vars)
# If no GPG key URL is specified, turn gpgcheck off:
gpg_url = content.gpg
if not gpg_url:
repo['gpgkey'] = ""
repo['gpgcheck'] = '0'
else:
repo['gpgkey'] = utils.url_base_join(baseurl, gpg_url)
# Leave gpgcheck as the default of 1
repo['sslclientkey'] = ent_cert.key_path()
repo['sslclientcert'] = ent_cert.path
repo['sslcacert'] = ca_cert
repo['metadata_expire'] = content.metadata_expire
self._set_proxy_info(repo)
if self.override_supported and self.apply_overrides:
self._set_override_info(repo)
lst.append(repo)
return lst
def set_remote(self, ostree_remote):
"""Add a remote section to config file based on a OstreeRemote."""
# format section name
section_name = 'remote ' + '"%s"' % ostree_remote.name
# Assume all remotes will share the same baseurl
baseurl = CFG.get('rhsm', 'baseurl')
full_url = utils.url_base_join(baseurl, ostree_remote.url)
log.debug("full_url: %s" % full_url)
self.set(section_name, 'url', full_url)
# gpg_verify not set
gpg_verify_string = 'true' if ostree_remote.gpg_verify else 'false'
self.set(section_name, 'gpg-verify', gpg_verify_string)
if ostree_remote.tls_client_cert_path:
self.set(section_name, 'tls-client-cert-path', ostree_remote.tls_client_cert_path)
if ostree_remote.tls_client_key_path:
self.set(section_name, 'tls-client-key-path', ostree_remote.tls_client_key_path)
def set_remote(self, ostree_remote):
"""Add a remote section to config file based on a OstreeRemote."""
# format section name
section_name = "remote " + '"%s"' % ostree_remote.name
# Assume all remotes will share the same cdn
# This is really info about a particular CDN, we just happen
# to only support one at the moment.
baseurl = conf["rhsm"]["baseurl"]
ca_cert = conf["rhsm"]["repo_ca_cert"]
full_url = utils.url_base_join(baseurl, ostree_remote.url)
self.set(section_name, "url", full_url)
# gpg_verify not set
gpg_verify_string = "true" if ostree_remote.gpg_verify else "false"
self.set(section_name, "gpg-verify", gpg_verify_string)
if ostree_remote.tls_client_cert_path:
self.set(section_name, "tls-client-cert-path",
ostree_remote.tls_client_cert_path)
if ostree_remote.tls_client_key_path:
self.set(section_name, "tls-client-key-path",
ostree_remote.tls_client_key_path)
# Ideally, setting the tls-ca-path would be depending on the
# baseurl and/or the CDN and if the content uses https. We always
# use https though, and the content does not know the CDN it comes
# from. Need a way to map a Content to a particular CDNInfo, and to
# support multiple CDNInfos setup.
self.set(section_name, "tls-ca-path", ca_cert)
proxy_uri = self.get_proxy()
if proxy_uri:
self.set(section_name, "proxy", proxy_uri)
def test_url_fragments(self):
# Url Fragments should work
self.assertEquals(self.base + "/baz",
url_base_join(self.base, "baz"))
self.assertEquals(self.base + "/baz",
url_base_join(self.base, "/baz"))
def test_base_slash(self):
base = self.base + '/'
self.assertEqual(self.base + "/baz",
url_base_join(base, "baz"))
self.assertEqual(self.base + "/baz",
url_base_join(base, "/baz"))
def test_blank_base_blank_url(self):
self.assertEquals("",
url_base_join("", ""))
def test_blank_url(self):
# Blank should remain blank
self.assertEqual("",
url_base_join(self.base, ""))
def test_url_fragments(self):
# Url Fragments should work
self.assertEqual(self.base + "/baz",
url_base_join(self.base, "baz"))
self.assertEqual(self.base + "/baz",
url_base_join(self.base, "/baz"))
def test_file_url(self):
# File urls should be preserved
self.assertEqual("file://this/is/a/file",
url_base_join(self.base, "file://this/is/a/file"))
def test_http_url(self):
# Http locations should be preserved
self.assertEqual("http://this/is/a/url",
url_base_join(self.base, "http://this/is/a/url"))
def test_blank_base_url(self):
url = "http://foo.notreal/"
self.assertEqual(url,
url_base_join("", url))
def test_blank_base_url_fragment(self):
url = "baz"
self.assertEqual(url,
url_base_join("", url))
def test_blank_base_url(self):
url = "http://foo.notreal/"
self.assertEquals(url,
url_base_join("", url))
def test_blank_base_blank_url(self):
self.assertEqual("",
url_base_join("", ""))
def test_base_slash(self):
base = self.base + '/'
self.assertEquals(self.base + "/baz",
url_base_join(base, "baz"))
self.assertEquals(self.base + "/baz",
url_base_join(base, "/baz"))
def test_blank_base_url_fragment(self):
url = "baz"
self.assertEquals(url,
url_base_join("", url))
def test_blank_url(self):
# Blank should remain blank
self.assertEquals("",
url_base_join(self.base, ""))
def test_http_url(self):
# Http locations should be preserved
self.assertEquals("http://this/is/a/url",
url_base_join(self.base, "http://this/is/a/url"))
def test_file_url(self):
# File urls should be preserved
self.assertEquals("file://this/is/a/file",
url_base_join(self.base, "file://this/is/a/file"))
