def _update_repositories(self):
"""Setup SSL credential to access repositories
We do this in 2 steps:
1. Fetching provided repositories from manifest - URL contains variables to substitute
2. Assigning one certificate/key set to each repository"""
# First delete all repositories from previously used manifests
self._remove_repositories()
backend = SQLBackend()
type_id = backend.lookupContentSourceType('yum')
# Lookup CA cert
ca_cert = satCerts.lookup_cert(constants.CA_CERT_NAME, None)
ca_cert_id = int(ca_cert['id'])
content_sources_batch = {}
for entitlement in self.manifest.get_all_entitlements():
# Lookup SSL certificates and keys
creds = entitlement.get_credentials()
client_cert = satCerts.lookup_cert(
constants.CLIENT_CERT_PREFIX + creds.get_id(), None)
client_key = satCerts.lookup_cert(
constants.CLIENT_KEY_PREFIX + creds.get_id(), None)
client_cert_id = int(client_cert['id'])
client_key_id = int(client_key['id'])
content_source_ssl = ContentSourceSsl()
content_source_ssl['ssl_ca_cert_id'] = ca_cert_id
content_source_ssl['ssl_client_cert_id'] = client_cert_id
content_source_ssl['ssl_client_key_id'] = client_key_id
# Loop provided products
for product in entitlement.get_products():
repositories = product.get_repositories()
for repository in repositories:
if repository not in content_sources_batch:
content_source = ContentSource()
content_source[
'label'] = constants.MANIFEST_REPOSITORY_DB_PREFIX + repository
content_source['source_url'] = repositories[repository]
content_source['org_id'] = None
content_source['type_id'] = type_id
content_source['ssl-sets'] = [content_source_ssl]
content_sources_batch[repository] = content_source
# There may be more SSL certs to one repository, append it
elif content_source_ssl not in content_sources_batch[
repository]['ssl-sets']:
content_sources_batch[repository]['ssl-sets'].append(
content_source_ssl)
importer = ContentSourcesImport(list(content_sources_batch.values()),
backend)
importer.run()
def _create_content_source_obj(self, label, source_url, backend):
type_id = backend.lookupContentSourceType('yum')
content_source = ContentSource()
content_source['label'] = label
content_source['source_url'] = source_url
content_source['org_id'] = None
content_source['type_id'] = type_id
content_source['ssl-sets'] = []
repository = self.repository_tree.find_repository(source_url)
for ssl_set in repository.get_ssl_sets():
content_source_ssl = ContentSourceSsl()
content_source_ssl['ssl_ca_cert_id'] = ssl_set.get_ca_cert()
content_source_ssl['ssl_client_cert_id'] = ssl_set.get_client_cert()
content_source_ssl['ssl_client_key_id'] = ssl_set.get_client_key()
content_source['ssl-sets'].append(content_source_ssl)
return content_source