def test_get_product_type_invalid_product(monkeypatch): for sys_type, envar in [('source', 'LEAPP_DEVEL_SOURCE_PRODUCT_TYPE'), ('target', 'LEAPP_DEVEL_TARGET_PRODUCT_TYPE')]: monkeypatch.setattr(api, 'current_actor', CurrentActorMocked({envar: 'wrong'})) with pytest.raises(ValueError) as err: get_product_type(sys_type) assert 'Invalid value in the {} envar'.format(envar) in str(err)
def switched_certificate(context, rhsm_info, cert_path, version): """ Performs all actions needed to switch the product certificate passed. This function will copy the certificate to /etc/pki/product and if necessary /etc/pki/product-default and removes other product certificates from there. Unsets the release and refreshes the subscription-manager. :param context: An instance of a mounting.IsolatedActions class :type context: mounting.IsolatedActions class :param rhsm_info: An instance of a RHSMInfo derived model. :type rhsm_info: RHSMInfo derived model :param cert_path: Path to the product certificate to switch to. :type cert_path: string """ if skip_rhsm(): yield TargetRHSMInfo() return # Make a backup of product certificates pki_path = '/etc/pki' pki_backup_path = '/etc/pki.bak' context.call(['rm', '-rf', pki_backup_path], checked=False) context.call(['cp', '-a', pki_path, pki_backup_path], checked=False) for existing in rhsm_info.existing_product_certificates: try: context.remove(existing) except OSError: api.current_logger().warn( 'Failed to remove existing certificate: %s', existing, exc_info=True) for path in ('/etc/pki/product', '/etc/pki/product-default'): if os.path.isdir(context.full_path(path)): context.copy_to(cert_path, os.path.join(path, os.path.basename(cert_path))) unset_release(context) try: refresh(context) # only ga has releases in rhsm if get_product_type('target') == 'ga': set_release(context, version) target_rhsm_info = TargetRHSMInfo() scan_rhsm_info(context, target_rhsm_info) yield target_rhsm_info finally: # Restore backup of product certificates context.call(['rm', '-rf', pki_path], checked=False) context.call(['cp', '-a', pki_backup_path, pki_path], checked=False) unset_release(context) # Restore release - only ga has releases in rhsm if get_product_type('source') == 'ga': restore_release(context, rhsm_info)
def scan_repositories(read_repofile_func=_read_repofile): """ Scan the repository mapping file and produce RepositoriesMap msg. See the description of the actor for more details. """ _exp_src_prod_type = config.get_product_type('source') _exp_dst_prod_type = config.get_product_type('target') repositories = [] line_num = 0 for line in read_repofile_func(REPOMAP_FILE)[1:]: line_num += 1 # skip empty lines and comments if not line or line.startswith('#'): continue try: (from_repoid, to_repoid, to_pes_repo, from_minor_version, to_minor_version, arch, repo_type, src_prod_type, dst_prod_type) = line.split(',') # filter out records irrelevant for this run if (arch != api.current_actor().configuration.architecture or _exp_src_prod_type != src_prod_type or _exp_dst_prod_type != dst_prod_type): continue repositories.append( RepositoryMap( from_repoid=from_repoid, to_repoid=to_repoid, to_pes_repo=to_pes_repo, from_minor_version=from_minor_version, to_minor_version=to_minor_version, arch=arch, repo_type=repo_type, )) except (ModelViolationError, ValueError) as err: _inhibit_upgrade( 'The repository mapping file is invalid, offending line number: {} ({}).' ' It is possible the file is out of date.'.format( line_num, err)) if not repositories: _inhibit_upgrade( 'The repository mapping file is invalid. Could not find any repository mapping record.' ) api.produce(RepositoriesMap(repositories=repositories))
def test_get_product_type_valid(monkeypatch): prod_types = ('ga', 'beta', 'htb', 'GA', 'BETA', 'HTB', '') for src, dst in [(i, j) for i in prod_types for j in prod_types]: envars = { 'LEAPP_DEVEL_SOURCE_PRODUCT_TYPE': src, 'LEAPP_DEVEL_TARGET_PRODUCT_TYPE': dst } exp_src = 'ga' if not src else src.lower() exp_dst = 'ga' if not dst else dst.lower() monkeypatch.setattr(api, 'current_actor', CurrentActorMocked(envars)) assert exp_src == get_product_type('source') assert exp_dst == get_product_type('target') # return 'ga' if envars are not specified monkeypatch.setattr(api, 'current_actor', CurrentActorMocked()) assert get_product_type('source') == 'ga' assert get_product_type('target') == 'ga'
def _get_product_certificate_path(): """ Retrieves the required / used product certificate for RHSM. """ architecture = api.current_actor().configuration.architecture target_version = api.current_actor().configuration.version.target target_product_type = get_product_type('target') certs_dir = api.get_common_folder_path(PROD_CERTS_FOLDER) # TODO: do we need EUS/... here or is it ga one enough to get eus repos? prod_certs = { 'x86_64': { 'ga': '479.pem', 'beta': '486.pem', 'htb': '230.pem', }, 'aarch64': { 'ga': '419.pem', 'beta': '363.pem', 'htb': '489.pem', }, 'ppc64le': { 'ga': '279.pem', 'beta': '362.pem', 'htb': '233.pem', }, 's390x': { 'ga': '72.pem', 'beta': '433.pem', 'htb': '232.pem', } } try: cert = prod_certs[architecture][target_product_type] except KeyError as e: raise StopActorExecutionError(message=( 'Failed to determine what certificate to use for {}.'.format(e))) cert_path = os.path.join(certs_dir, target_version, cert) if not os.path.isfile(cert_path): details = {'missing certificate': cert, 'path': cert_path} if target_product_type != 'ga': details['hint'] = ( 'You chose to upgrade to beta or htb system but probably' ' chose version for which beta/htb certificates are not' ' attached (e.g. because the GA has been released already).' ' Set the target os version for which the {} certificate' ' is provided using the LEAPP_DEVEL_TARGET_RELEASE envar.'. format(cert)) details['search cmd'] = 'find {} | grep {}'.format(certs_dir, cert) raise StopActorExecutionError( message= 'Cannot find the product certificate file for the chosen target system.', details=details) return cert_path
def set_rhsm_release(): """Set the RHSM release to the target RHEL minor version.""" if rhsm.skip_rhsm(): api.current_logger().debug( 'Skipping setting the RHSM release due to --no-rhsm or environment variables.' ) return if config.get_product_type('target') != 'ga': api.current_logger().debug( 'Skipping setting the RHSM release as target product is set to beta/htb' ) return target_version = api.current_actor().configuration.version.target try: rhsm.set_release(mounting.NotIsolatedActions(base_dir='/'), target_version) except CalledProcessError as err: api.current_logger().warning( 'Unable to set the {0} release through subscription-manager. When using dnf,' ' content of the latest RHEL {1} minor version will be downloaded.\n{2}' .format(target_version, get_target_major_version(), str(err)))
def test_get_product_type_invalid_param(): with pytest.raises(ValueError) as err: get_product_type('fail') assert 'Given invalid sys_type.' in str(err)
def _is_optional_repo(repo): sys_type = get_product_type('source') suffix = 'optional-rpms' if sys_type != 'ga': suffix = 'optional-{}-rpms'.format(sys_type) return repo.from_repoid.endswith(suffix)
def _get_product_certificate_path(): """ Retrieve the required / used product certificate for RHSM. """ architecture = api.current_actor().configuration.architecture target_version = api.current_actor().configuration.version.target target_product_type = get_product_type('target') certs_dir = api.get_common_folder_path(PROD_CERTS_FOLDER) # We do not need any special certificates to reach repos from non-ga channels, only beta requires special cert. if target_product_type != 'beta': target_product_type = 'ga' prod_certs = { 'x86_64': { 'ga': '479.pem', 'beta': '486.pem', }, 'aarch64': { 'ga': '419.pem', 'beta': '363.pem', }, 'ppc64le': { 'ga': '279.pem', 'beta': '362.pem', }, 's390x': { 'ga': '72.pem', 'beta': '433.pem', } } try: cert = prod_certs[architecture][target_product_type] except KeyError as e: raise StopActorExecutionError(message=( 'Failed to determine what certificate to use for {}.'.format(e))) cert_path = os.path.join(certs_dir, target_version, cert) if not os.path.isfile(cert_path): additional_summary = '' if target_product_type != 'ga': additional_summary = ( ' This can happen when upgrading a beta system and the chosen target version does not have' ' beta certificates attached (for example, because the GA has been released already).' ) reporting.create_report([ reporting.Title( 'Cannot find the product certificate file for the chosen target system.' ), reporting.Summary( 'Expected certificate: {cert} with path {path} but it could not be found.{additional}' .format(cert=cert, path=cert_path, additional=additional_summary)), reporting.Tags([reporting.Tags.REPOSITORY]), reporting.Flags([reporting.Flags.INHIBITOR]), reporting.Severity(reporting.Severity.HIGH), reporting.Remediation(hint=( 'Set the corresponding target os version in the LEAPP_DEVEL_TARGET_RELEASE environment variable for' 'which the {cert} certificate is provided'.format(cert=cert))), ]) raise StopActorExecution() return cert_path