def initial_run(connection, crt="/etc/rhui/pem/ca.crt", key="/etc/rhui/pem/ca.key", cert_pw=None, days="", username="******", password="******"):
'''
Do rhui-manager initial run
'''
Expect.enter(connection, "rhui-manager")
state = Expect.expect_list(connection, [(re.compile(".*Full path to the new signing CA certificate:.*", re.DOTALL), 1),
(re.compile(".*RHUI Username:.*", re.DOTALL),2),
(re.compile(".*rhui \(home\) =>.*", re.DOTALL), 3)])
if state in [1, 2]:
if state == 1:
# Need to answer sone first-run questions
Expect.enter(connection, crt)
Expect.expect(connection, "Full path to the new signing CA certificate private key:")
Expect.enter(connection, key)
Expect.expect(connection, "regenerated using rhui-manager.*:")
Expect.enter(connection, days)
Expect.expect(connection, "Enter pass phrase for.*:")
if cert_pw:
Expect.enter(connection, cert_pw)
else:
Expect.enter(connection, Util.get_ca_password(connection))
Expect.expect(connection, "RHUI Username:"******"RHUI Password:"******"rhui \(home\) =>")
else:
# initial step was already performed by someone
pass
Expect.enter(connection, "q")
def setup(self, cds_list, proxy_list, master_hostname):
logger.info("Setting up RHUA instance " + self.hostname)
capassword = ''.join(random.choice(string.ascii_lowercase) for x in range(10))
RHUI_Instance.setup(self)
self.ephemeral_mount("/var/lib/pulp")
logger.debug("Running /mnt/install_RHUA.sh")
self.run_sync("cd /mnt && ./install_RHUA.sh", True)
self.run_sync("chown apache.apache /var/lib/pulp", True)
self.run_sync("mkdir /etc/rhui/pem ||:", True)
self.run_sync("mkdir /etc/rhui/confrpm ||:", True)
# Creating CA
logger.debug("Creating CA")
self.run_sync("echo " + capassword + " > /etc/rhui/pem/ca.pwd", True)
self.run_sync("echo 10 > /etc/rhui/pem/ca.srl", True)
self.run_sync("openssl req -new -x509 -extensions v3_ca -keyout /etc/rhui/pem/ca.key -subj \"/C=US/ST=NC/L=Raleigh/CN=" + self.hostname + " CA\" -out /etc/rhui/pem/ca.crt -days 365 -passout \"pass:"******"\"", True)
# Creating answers
logger.debug("Creating answers file")
proxy_host = None
if proxy_list != []:
proxy_host = proxy_list[0].hostname
Util.generate_answers(RS, version="1.0", generate_certs=True, proxy_host=proxy_host, proxy_port="3128", proxy_user="******", proxy_password=self.proxy_password, capassword=capassword)
logger.debug("Running rhui-installer")
self.run_sync("rhui-installer /etc/rhui/answers", True)
for server in [self] + cds_list:
#Setting conf RPM names
rpmname = self.run_sync("ls -1 /etc/rhui/confrpm/" + server.hostname + "-" + self.version + "-*.rpm | head -1")
server.set_confrpm_name(rpmname)
# Installing coverage
if args.coverage:
self.install_coverage(master_hostname)
# Installing RHUA
logger.debug("Installing RHUI conf rpm")
self.run_sync("rpm -e " + self.hostname)
self.run_sync("rpm -i " + self.confrpm, True)
if proxy_list != []:
# Preventing access without proxy
self.run_sync("iptables -A OUTPUT -p tcp -d 127.0.0.1 --dport 443 -j ACCEPT", True)
for server in [self] + cds_list:
# Allowing to connect to all CDSes and RHUA itself
self.run_sync("iptables -A OUTPUT -d " + server.public_ip + " -j ACCEPT", True)
self.run_sync("iptables -A OUTPUT -d " + server.private_ip + " -j ACCEPT", True)
self.run_sync("iptables -A OUTPUT -p tcp --dport 443 -j REJECT", True)
self.run_sync("service iptables save", True)
logger.info("RHUA " + self.hostname + " setup finished")
def get_cds_status(connection, cdsname):
'''
display CDS sync summary
'''
RHUIManager.screen(connection, "sync")
Expect.enter(connection, "dc")
res_list = Expect.match(connection, re.compile(".*\n" + cdsname.replace(".", "\.") + "[\.\s]*\[([^\n]*)\].*" + cdsname.replace(".", "\.") + "\s*\r\n([^\n]*)\r\n", re.DOTALL), [1, 2], 60)
connection.cli.exec_command("killall -s SIGINT rhui-manager")
ret_list = []
for val in [res_list[0]] + res_list[1].split(" "):
val = Util.uncolorify(val.strip())
ret_list.append(val)
RHUIManager.quit(connection)
return ret_list
def get_repo_status(connection, reponame):
'''
display repo sync summary
'''
RHUIManager.screen(connection, "sync")
Expect.enter(connection, "dr")
reponame_quoted = reponame.replace(".", "\.")
res = Expect.match(connection, re.compile(".*" + reponame_quoted + "\s*\r\n([^\n]*)\r\n.*", re.DOTALL), [1], 60)[0]
connection.cli.exec_command("killall -s SIGINT rhui-manager")
res = Util.uncolorify(res)
ret_list = res.split(" ")
for i in range(len(ret_list)):
ret_list[i] = ret_list[i].strip()
RHUIManager.quit(connection)
return ret_list
def generate_new(connection, days="", cert_pw=None):
'''
generate a new identity certificate
'''
RHUIManager.screen(connection, "identity")
Expect.enter(connection, "g")
Expect.expect(connection, "Proceed\? \[y/n\]")
Expect.enter(connection, "y")
Expect.expect(connection, "regenerated using rhui-manager.*:")
Expect.enter(connection, days)
Expect.expect(connection, "Enter pass phrase for.*:")
if cert_pw:
Expect.enter(connection, cert_pw)
else:
Expect.enter(connection, Util.get_ca_password(connection))
RHUIManager.quit(connection, "Successfully regenerated RHUI Identity certificate", 30)
def get_repo_status(connection, reponame):
'''
display repo sync summary
'''
RHUIManager.screen(connection, "sync")
Expect.enter(connection, "dr")
reponame_quoted = reponame.replace(".", "\.")
res = Expect.match(
connection,
re.compile(".*" + reponame_quoted + "\s*\r\n([^\n]*)\r\n.*",
re.DOTALL), [1], 60)[0]
connection.cli.exec_command("killall -s SIGINT rhui-manager")
res = Util.uncolorify(res)
ret_list = res.split(" ")
for i in range(len(ret_list)):
ret_list[i] = ret_list[i].strip()
RHUIManager.quit(connection)
return ret_list
def generate_new(connection, days="", cert_pw=None):
'''
generate a new identity certificate
'''
RHUIManager.screen(connection, "identity")
Expect.enter(connection, "g")
Expect.expect(connection, "Proceed\? \[y/n\]")
Expect.enter(connection, "y")
Expect.expect(connection, "regenerated using rhui-manager.*:")
Expect.enter(connection, days)
Expect.expect(connection, "Enter pass phrase for.*:")
if cert_pw:
Expect.enter(connection, cert_pw)
else:
Expect.enter(connection, Util.get_ca_password(connection))
RHUIManager.quit(connection,
"Successfully regenerated RHUI Identity certificate",
30)
def get_cds_status(connection, cdsname):
'''
display CDS sync summary
'''
RHUIManager.screen(connection, "sync")
Expect.enter(connection, "dc")
res_list = Expect.match(
connection,
re.compile(
".*\n" + cdsname.replace(".", "\.") + "[\.\s]*\[([^\n]*)\].*" +
cdsname.replace(".", "\.") + "\s*\r\n([^\n]*)\r\n", re.DOTALL),
[1, 2], 60)
connection.cli.exec_command("killall -s SIGINT rhui-manager")
ret_list = []
for val in [res_list[0]] + res_list[1].split(" "):
val = Util.uncolorify(val.strip())
ret_list.append(val)
RHUIManager.quit(connection)
return ret_list
def initial_run(connection,
crt="/etc/rhui/pem/ca.crt",
key="/etc/rhui/pem/ca.key",
cert_pw=None,
days="",
username="******",
password="******"):
'''
Do rhui-manager initial run
'''
Expect.enter(connection, "rhui-manager")
state = Expect.expect_list(
connection,
[(re.compile(".*Full path to the new signing CA certificate:.*",
re.DOTALL), 1),
(re.compile(".*RHUI Username:.*", re.DOTALL), 2),
(re.compile(".*rhui \(home\) =>.*", re.DOTALL), 3)])
if state in [1, 2]:
if state == 1:
# Need to answer sone first-run questions
Expect.enter(connection, crt)
Expect.expect(
connection,
"Full path to the new signing CA certificate private key:")
Expect.enter(connection, key)
Expect.expect(connection, "regenerated using rhui-manager.*:")
Expect.enter(connection, days)
Expect.expect(connection, "Enter pass phrase for.*:")
if cert_pw:
Expect.enter(connection, cert_pw)
else:
Expect.enter(connection, Util.get_ca_password(connection))
Expect.expect(connection, "RHUI Username:"******"RHUI Password:"******"rhui \(home\) =>")
else:
# initial step was already performed by someone
pass
Expect.enter(connection, "q")
def generate_ent_cert(connection, clustername, repolist, certname, dirname, validity_days="", cert_pw=None):
'''
generate an entitlement certificate
'''
RHUIManager.screen(connection, "client")
Expect.enter(connection, "e")
RHUIManager.select_one(connection, clustername)
RHUIManager.select(connection, repolist)
Expect.expect(connection, "Name of the certificate.*contained with it:")
Expect.enter(connection, certname)
Expect.expect(connection, "Local directory in which to save the generated certificate.*:")
Expect.enter(connection, dirname)
Expect.expect(connection, "Number of days the certificate should be valid.*:")
Expect.enter(connection, validity_days)
RHUIManager.proceed_with_check(connection, "Repositories to be included in the entitlement certificate:",
repolist, ["Custom Entitlements", "Red Hat Repositories"])
Expect.expect(connection, "Enter pass phrase for.*:")
if cert_pw:
Expect.enter(connection, cert_pw)
else:
Expect.enter(connection, Util.get_ca_password(connection))
RHUIManager.quit(connection)
def check(cls, rs):
""" Check """
if not 'rhrpm' in rs.config.keys():
raise nose.exc.SkipTest("can't test without RH-signed RPM")
cls.rhrpm = rs.config['rhrpm']
(cls.rhrpmnvr, cls.rhrpmname) = Util.get_rpm_details(cls.rhrpm)
def check(cls, rs):
""" Check """
if not 'rhrpm' in rs.config.keys():
raise nose.exc.SkipTest("can't test without RH-signed RPM")
cls.rhrpm = rs.config['rhrpm']
(cls.rhrpmnvr, cls.rhrpmname) = Util.get_rpm_details(cls.rhrpm)
