def repo_info(connection, repo_id, repo_name):
'''
check if information about the given repo can be displayed
'''
Expect.ping_pong(connection,
"rhui-manager repo info --repo_id " + repo_id,
"Name: *" + Util.esc_parentheses(repo_name))
def packages_list(connection, repo_id, package):
'''
check if a package is present in the repo
'''
Expect.ping_pong(connection,
"rhui-manager packages list --repo_id " + repo_id,
package)
def cert_upload(connection, certificate_file, test_string):
'''
upload a new or updated Red Hat content certificate
'''
Expect.ping_pong(connection,
"rhui-manager cert upload --cert " + certificate_file,
test_string)
def packages_upload(connection, repo_id, package):
'''
upload a package to the custom repo
'''
Expect.ping_pong(
connection, "rhui-manager packages upload --repo_id " + repo_id +
" --packages " + package, package + " successfully uploaded")
def test_13_install_unsigned_pkg():
'''
try installing the unsigned package, should not work
'''
Expect.ping_pong(
CLI, "yum -y install %s" % UNSIGNED_PACKAGE,
"Package %s-1-1.noarch.rpm is not signed" % UNSIGNED_PACKAGE)
Expect.expect_retval(CLI, "rpm -q %s" % UNSIGNED_PACKAGE, 1)
def repo_add(connection, repo):
'''
add a repo specified by its product name
'''
Expect.ping_pong(
connection,
"rhui-manager repo add --product_name \"" + repo + "\"",
"Successfully added")
def repo_add_by_repo(connection, repo_ids):
'''
add a repo specified by its ID
'''
Expect.ping_pong(
connection,
"rhui-manager repo add_by_repo --repo_ids " + ",".join(repo_ids),
"Successfully added")
def test_11_check_updateinfo(self):
'''
check if the expected update info is found
'''
# yum should print Update ID : RHXA-YYYY:NNNNN
# dnf should print Update ID: RHXA-YYYY:NNNNN
Expect.ping_pong(CLI, "yum updateinfo info",
"Update ID ?: %s" % self.test["errata"])
def test_11_run_command(self):
'''
run a test command (uname) in the RH container
'''
if not self.cli_supported:
raise nose.exc.SkipTest("Not supported on RHEL %s" %
self.cli_os_version)
Expect.ping_pong(CLI, "docker run %s uname" % self.container_id,
"Linux")
def client_cert(connection, repo_labels, name, days, directory):
'''
generate an entitlement certificate
'''
Expect.ping_pong(
connection,
"rhui-manager client cert --repo_label %s " % ",".join(repo_labels)
+ "--name %s --days %s --dir %s" % (name, str(days), directory),
"Entitlement certificate created at %s/%s.crt" % (directory, name))
def client_cert(connection, repo_labels, name, days, dir):
'''
generate an entitlement certificate
'''
Expect.ping_pong(
connection,
"rhui-manager client cert --repo_label " + ",".join(repo_labels) +
" --name " + name + " --days " + str(days) + " --dir " + dir,
"Entitlement certificate created at " + dir + "/" + name + ".crt")
def test_00_rhui_init():
'''
add a CDS and run rhui-subscription-sync to ensure their log files exist
'''
# use initial_run first to ensure we're logged in to rhui-manager
RHUIManager.initial_run(CONNECTION_RHUA)
RHUIManagerInstance.add_instance(CONNECTION_RHUA, "cds")
# can't use expect_retval as the exit code can be 0 or 1 (sync is configured or unconfigured)
Expect.ping_pong(CONNECTION_RHUA, "rhui-subscription-sync ; echo ACK",
"ACK")
def install_rpm_from_rhua(rhua_connection, connection, rpmpath):
'''
Transfer RPM package from RHUA host to the instance and install it
@param rpmpath: path to RPM package on RHUA node
'''
tfile = tempfile.NamedTemporaryFile(delete=False)
tfile.close()
rhua_connection.sftp.get(rpmpath, tfile.name)
connection.sftp.put(tfile.name, tfile.name + ".rpm")
os.unlink(tfile.name)
Expect.ping_pong(connection, "rpm -i " + tfile.name + ".rpm" + " && echo SUCCESS", "[^ ]SUCCESS", 60)
def test_14_install_2nd_signed_pkg():
'''
try installing the package signed with the key unknown to the client, should not work
'''
# dnf in RHEL 8.0 produces a different message
rhel = Util.get_rhel_version(CLI)
if rhel["major"] == 8 and rhel["minor"] == 0:
output = "Public key for %s-1-1.noarch.rpm is not installed" % SIGNED_PACKAGE_SIG2
else:
output = "The GPG keys.*%s.*are not correct for this package" % REPO
Expect.ping_pong(CLI, "yum -y install %s" % SIGNED_PACKAGE_SIG2, output)
Expect.expect_retval(CLI, "rpm -q %s" % SIGNED_PACKAGE_SIG2, 1)
def test_99_cleanup():
'''Cleanup: Delete all repositories from RHUI (interactively; not currently supported by the CLI), remove certs and other files'''
RHUIManagerRepo.delete_all_repos(CONNECTION)
nose.tools.assert_equal(RHUIManagerRepo.list(CONNECTION), [])
RHUIManager.remove_rh_certs(CONNECTION)
Expect.ping_pong(CONNECTION, "rm -rf /tmp/atomic_and_my* ; " +
"ls /tmp/atomic_and_my* 2>&1",
"No such file or directory")
Expect.ping_pong(CONNECTION, "rm -f /tmp/repos.std{out,err} ; " +
"ls /tmp/repos.std{out,err} 2>&1",
"No such file or directory")
rmtree(TMPDIR)
def repo_sync(connection, repo_id, repo_name):
'''
sync a repo
'''
Expect.ping_pong(
connection, "rhui-manager repo sync --repo_id " + repo_id,
"successfully scheduled for the next available timeslot")
repo_status = RHUIManagerCLI.get_repo_status(connection, repo_name)
while repo_status in ["Never", "Running", "Unknown"]:
time.sleep(10)
repo_status = RHUIManagerCLI.get_repo_status(connection, repo_name)
nose.tools.assert_equal(repo_status, "Success")
def install_rpm_from_rhua(rhua_connection, connection, rpmpath):
'''
Transfer RPM package from RHUA host to the instance and install it
@param rpmpath: path to RPM package on RHUA node
'''
tfile = tempfile.NamedTemporaryFile(delete=False)
tfile.close()
rhua_connection.sftp.get(rpmpath, tfile.name)
connection.sftp.put(tfile.name, tfile.name + ".rpm")
os.unlink(tfile.name)
Expect.ping_pong(connection,
"rpm -i " + tfile.name + ".rpm" + " && echo SUCCESS",
"[^ ]SUCCESS", 60)
def validate_repo_list(connection, repo_ids):
'''
check if only the given repo IDs are listed
'''
Expect.expect_retval(
connection,
"rhui-manager repo list | grep -v 'ID.*Repository Name$' | grep :: | cut -d ' ' -f 1 | sort > /tmp/actual_repo_list && echo \""
+ "\n".join(sorted(repo_ids)) +
"\" > /tmp/expected_repo_list && cmp /tmp/actual_repo_list /tmp/expected_repo_list"
)
Expect.ping_pong(connection,
"rm -f /tmp/*_repo_list ; ls /tmp/*_repo_list 2>&1",
"No such file or directory")
def check_package_url(connection, package, path=""):
'''
verify that the package is available from the RHUI (and not from an unwanted repo)
'''
# The name of the test package may contain characters which must be escaped in REs.
# In modern pulp-rpm versions, packages are in .../Packages/<first letter (lowercase)>/,
# and the URL can be .../os/...NVR or .../os//...NVR, so let's tolerate anything between
# the path and the package name. The path is optional, though; if you don't know it or
# don't care about it, call this method with the mandatory arguments only.
package_escaped = re.escape(package)
Expect.ping_pong(connection,
"yumdownloader --url %s" % package_escaped,
"https://%s/pulp/repos/%s.*%s" % \
(ConMgr.get_cds_lb_hostname(), path, package_escaped))
def test_17_missing_cert_handling():
'''check if rhui-manager can handle the loss of the RH cert'''
# for RHBZ#1325390
RHUIManagerEntitlements.upload_rh_certificate(RHUA)
# launch rhui-manager in one connection, delete the cert in the other
RHUIManager.screen(RHUA, "repo")
RHUIManager.remove_rh_certs(RHUA_2)
Expect.enter(RHUA, "a")
# a bit strange response to see in this context, but eh, no == all if you're a geek
Expect.expect(
RHUA, "All entitled products are currently deployed in the RHUI")
Expect.enter(RHUA, "q")
# an error message should be logged, though
Expect.ping_pong(RHUA, "tail /root/.rhui/rhui.log",
"The entitlement.*has no associated certificate")
def client_rpm(connection,
certdata,
rpmdata,
directory,
unprotected_repos=None,
proxy=""):
'''
generate a client configuration RPM
The certdata argument must be a list, and two kinds of data are supported:
* key path and cert path (full paths, starting with "/"), or
* one or more repo labels and optionally an integer denoting the number of days the cert
will be valid for; if unspecified, rhui-manager will use 365. In this case,
a certificate will be generated on the fly.
The rpmdata argument must be a list with one, two or three strings:
* package name: the name for the RPM
* package version: string denoting the version; if unspecified, rhui-manager will use 2.0
* package release: string denoting the release; if unspecified, rhui-manager will use 1
'''
cmd = "rhui-manager client rpm"
if certdata[0].startswith("/"):
cmd += " --private_key %s --entitlement_cert %s" % (certdata[0],
certdata[1])
else:
cmd += " --cert"
if isinstance(certdata[-1], int):
cmd += " --days %s" % certdata.pop()
cmd += " --repo_label %s" % ",".join(certdata)
cmd += " --rpm_name %s" % rpmdata[0]
if len(rpmdata) > 1:
cmd += " --rpm_version %s" % rpmdata[1]
if len(rpmdata) > 2:
cmd += " --rpm_release %s" % rpmdata[2]
else:
rpmdata.append("1")
else:
rpmdata.append("2.0")
rpmdata.append("1")
cmd += " --dir %s" % directory
if unprotected_repos:
cmd += " --unprotected_repos %s" % ",".join(unprotected_repos)
if proxy:
cmd += " --proxy %s" % proxy
Expect.ping_pong(connection,
cmd,
"Location: %s/%s-%s/build/RPMS/noarch/%s-%s-%s.noarch.rpm" % \
(directory, rpmdata[0], rpmdata[1], rpmdata[0], rpmdata[1], rpmdata[2]))
def test_99_cleanup():
'''
delete the archives and their checksum files, local caches; remove CDS
'''
with open(SOSREPORT_LOCATION_RHUA) as location:
sosreport_file = location.read()
Expect.ping_pong(
CONNECTION_RHUA,
"rm -f " + sosreport_file + "* ; " + "ls " + sosreport_file + "* 2>&1",
"No such file or directory")
with open(SOSREPORT_LOCATION_CDS) as location:
sosreport_file = location.read()
Expect.ping_pong(
CONNECTION_CDS,
"rm -f " + sosreport_file + "* ; " + "ls " + sosreport_file + "* 2>&1",
"No such file or directory")
rmtree(TMPDIR)
RHUIManagerInstance.delete_all(CONNECTION_RHUA, "cds")
def client_rpm(connection,
private_key,
entitlement_cert,
rpm_version,
rpm_name,
dir,
unprotected_repos=[]):
'''
generate a client configuration RPM
'''
Expect.ping_pong(
connection,
"rhui-manager client rpm --private_key " + private_key +
" --entitlement_cert " + entitlement_cert + " --rpm_version " +
rpm_version + " --rpm_name " + rpm_name + " --dir " + dir + "%s" %
(" --unprotected_repos " + ",".join(unprotected_repos)
if len(unprotected_repos) > 0 else ""),
"RPMs can be found at " + dir)
def test_16_release_handling():
'''
check EUS release handling (working with /etc/yum/vars/releasever on the client)
'''
# for RHBZ#1504229
Expect.expect_retval(CLI, "rhui-set-release --set 7.5")
Expect.expect_retval(CLI, "[[ $(</etc/yum/vars/releasever) == 7.5 ]]")
Expect.expect_retval(CLI, "[[ $(rhui-set-release) == 7.5 ]]")
Expect.expect_retval(CLI, "rhui-set-release -s 6.5")
Expect.expect_retval(CLI, "[[ $(</etc/yum/vars/releasever) == 6.5 ]]")
Expect.expect_retval(CLI, "[[ $(rhui-set-release) == 6.5 ]]")
Expect.expect_retval(CLI, "rhui-set-release -u")
Expect.expect_retval(CLI, "test -f /etc/yum/vars/releasever", 1)
Expect.expect_retval(CLI, "rhui-set-release -s 7.1")
Expect.expect_retval(CLI, "[[ $(</etc/yum/vars/releasever) == 7.1 ]]")
Expect.expect_retval(CLI, "[[ $(rhui-set-release) == 7.1 ]]")
Expect.expect_retval(CLI, "rhui-set-release --unset")
Expect.expect_retval(CLI, "test -f /etc/yum/vars/releasever", 1)
Expect.expect_retval(CLI, "rhui-set-release foo", 1)
Expect.ping_pong(CLI, "rhui-set-release --help", "Usage:")
Expect.ping_pong(CLI, "rhui-set-release -h", "Usage:")
def test_43_upload_semi_bad_cert(self):
'''check that a partially invalid certificate can still be accepted'''
# for RHBZ#1588931 & RHBZ#1584527
# delete currently used certificates and repos first
RHUIManager.remove_rh_certs(RHUA)
for repo in CUSTOM_REPOS + self.yum_repo_ids:
RHUIManagerCLI.repo_delete(RHUA, repo)
repolist = RHUIManagerCLI.repo_list(RHUA, True)
nose.tools.ok_(not repolist,
msg="can't continue as some repos remain: %s" %
repolist)
# try uploading the cert now
cert = "%s/%s" % (DATADIR, CERTS["partial"])
if Util.cert_expired(RHUA, cert):
raise nose.exc.SkipTest(
"The given certificate has already expired.")
RHUIManagerCLI.cert_upload(RHUA, cert)
# the RHUI log must contain the fact that an invalid path was found in the cert
Expect.ping_pong(RHUA, "tail /root/.rhui/rhui.log",
"Invalid entitlement path")
RHUIManager.remove_rh_certs(RHUA)
def test_03_restart_services_script():
'''
try the rhui-services-restart script
'''
# for RHBZ#1539105
Expect.ping_pong(RHUA, "rhui-services-restart --help", "Usage:")
# fetch current service PIDs
# use 0 if a PID file doesn't exist (the service isn't running)
_, stdout, _ = RHUA.exec_command("for pidfile in %s; do cat $pidfile || echo 0; done" % \
" ".join(RHUI_SERVICE_PIDFILES))
old_pids = list(map(int, stdout.read().decode().splitlines()))
# restart
Expect.expect_retval(RHUA, "rhui-services-restart", timeout=30)
# fetch new service PIDs
_, stdout, _ = RHUA.exec_command("for pidfile in %s; do cat $pidfile || echo 0; done" % \
" ".join(RHUI_SERVICE_PIDFILES))
new_pids = list(map(int, stdout.read().decode().splitlines()))
# the new PIDs must differ and mustn't be 0, which would mean the pidfile couldn't be read
# (which would mean the service didn't (re)start)
for i in range(len(RHUI_SERVICE_PIDFILES)):
nose.tools.ok_(new_pids[i] != old_pids[i], msg="not all the RHUI services restarted")
nose.tools.ok_(new_pids[i] > 0, msg="not all the RHUI services started")
def client_content_source(connection, certdata, rpmdata, directory):
'''
generate an alternate source config rpm
(very similar to client_rpm() -- see the usage described there)
'''
cmd = "rhui-manager client content_source"
if certdata[0].startswith("/"):
cmd += " --private_key %s --entitlement_cert %s" % (certdata[0],
certdata[1])
else:
cmd += " --cert"
if isinstance(certdata[-1], int):
cmd += " --days %s" % certdata.pop()
cmd += " --repo_label %s" % ",".join(certdata)
cmd += " --rpm_name %s" % rpmdata[0]
if len(rpmdata) > 1:
cmd += " --rpm_version %s" % rpmdata[1]
else:
rpmdata.append("2.0")
cmd += " --dir %s" % directory
Expect.ping_pong(connection,
cmd,
"Location: %s/%s-%s/build/RPMS/noarch/%s-%s-1.noarch.rpm" % \
(directory, rpmdata[0], rpmdata[1], rpmdata[0], rpmdata[1]))
def test_99_cleanup(self):
'''cleanup: remove repos and temporary files'''
RHUIManagerCLI.repo_delete(RHUA, self.product["id"])
RHUIManager.remove_rh_certs(RHUA)
Expect.ping_pong(
RHUA, "rm -rf /tmp/%s* ; " % CLI_CFG[0] +
"ls /tmp/%s* 2>&1" % CLI_CFG[0], "No such file or directory")
Expect.ping_pong(
RHUA, "rm -f /tmp/repos.std{out,err} ; " +
"ls /tmp/repos.std{out,err} 2>&1", "No such file or directory")
Expect.ping_pong(
RHUA, "rm -rf /tmp/%s* ; " % ALT_CONTENT_SRC_NAME +
"ls /tmp/%s* 2>&1" % ALT_CONTENT_SRC_NAME,
"No such file or directory")
rmtree(TMPDIR)
def test_23_upload_expired_entitlement_certificate():
'''Bonus: Check expired certificate handling'''
# currently, an error occurs
RHUIManagerCLI.cert_upload(CONNECTION, "/tmp/extra_rhui_files/rhcert_expired.pem", "An unexpected error has occurred during the last operation")
# a relevant traceback is logged, though; check it
Expect.ping_pong(CONNECTION, "tail -1 /root/.rhui/rhui.log", "InvalidOrExpiredCertificate")
def cert_expiration(connection):
'''
check if the certificate expiration date is OK
'''
Expect.ping_pong(connection, "rhui-manager status",
"Entitlement CA certificate expiration date.*OK")
def repo_list(connection, repo_id, repo_name):
'''
check if the given repo ID and name are listed
'''
Expect.ping_pong(connection, "rhui-manager repo list",
repo_id + " *:: " + Util.esc_parentheses(repo_name))
