def build_extra_structures(self, independent):
""" build list of gpg keys to be added to the specification by
validate_structures() """
needkeys = set()
for source in self.sources:
for key in source.gpgkeys:
needkeys.add(key)
if len(needkeys):
keypkg = lxml.etree.Element('BoundPackage',
name="gpg-pubkey",
type=self.ptype,
origin='Packages')
for key in needkeys:
# figure out the path of the key on the client
keydir = self.config.get("global",
"gpg_keypath",
default="/etc/pki/rpm-gpg")
remotekey = os.path.join(keydir, os.path.basename(key))
localkey = os.path.join(self.keypath, os.path.basename(key))
kdata = open(localkey).read()
# copy the key to the client
keypath = lxml.etree.Element("BoundPath",
name=remotekey,
encoding='ascii',
owner='root',
group='root',
type='file',
perms='0644',
important='true')
keypath.text = kdata
# hook to add version/release info if possible
self._add_gpg_instances(keypkg, kdata, localkey, remotekey)
independent.append(keypath)
independent.append(keypkg)
# see if there are any pulp sources to handle
has_pulp_sources = False
for source in self.sources:
if source.pulp_id:
has_pulp_sources = True
break
if has_pulp_sources:
consumerapi = ConsumerAPI()
consumer = self._get_pulp_consumer(consumerapi=consumerapi)
if consumer is None:
consumer = consumerapi.create(self.metadata.hostname,
self.metadata.hostname)
lxml.etree.SubElement(independent,
"BoundAction",
name="pulp-update",
timing="pre",
when="always",
status="check",
command="pulp-consumer consumer update")
for source in self.sources:
# each pulp source can only have one arch, so we don't
# have to check the arch in url_map
if (source.pulp_id
and source.pulp_id not in consumer['repoids']):
consumerapi.bind(self.metadata.hostname, source.pulp_id)
crt = lxml.etree.SubElement(independent,
"BoundPath",
name="/etc/pki/consumer/cert.pem",
type="file",
owner="root",
group="root",
perms="0644")
crt.text = consumerapi.certificate(self.metadata.hostname)
def build_extra_structures(self, independent):
""" build list of gpg keys to be added to the specification by
validate_structures() """
needkeys = set()
for source in self.sources:
for key in source.gpgkeys:
needkeys.add(key)
if len(needkeys):
if has_yum:
# this must be be has_yum, not use_yum, because
# regardless of whether the user wants to use the yum
# resolver we want to include gpg key data
keypkg = lxml.etree.Element('BoundPackage', name="gpg-pubkey",
type=self.ptype, origin='Packages')
else:
self.logger.warning("GPGKeys were specified for yum sources in "
"sources.xml, but no yum libraries were "
"found")
self.logger.warning("GPG key version/release data cannot be "
"determined automatically")
self.logger.warning("Install yum libraries, or manage GPG keys "
"manually")
keypkg = None
for key in needkeys:
# figure out the path of the key on the client
keydir = self.setup.cfp.get("global", "gpg_keypath",
default="/etc/pki/rpm-gpg")
remotekey = os.path.join(keydir, os.path.basename(key))
localkey = os.path.join(self.keypath, os.path.basename(key))
kdata = open(localkey).read()
# copy the key to the client
keypath = lxml.etree.Element("BoundPath", name=remotekey,
encoding='ascii',
owner='root', group='root',
type='file', perms='0644',
important='true')
keypath.text = kdata
# hook to add version/release info if possible
self._add_gpg_instances(keypkg, kdata, localkey, remotekey)
independent.append(keypath)
if keypkg is not None:
independent.append(keypkg)
if self.has_pulp_sources:
consumerapi = ConsumerAPI()
consumer = self._get_pulp_consumer(consumerapi=consumerapi)
if consumer is None:
consumer = consumerapi.create(self.metadata.hostname,
self.metadata.hostname)
lxml.etree.SubElement(independent, "BoundAction",
name="pulp-update", timing="pre",
when="always", status="check",
command="pulp-consumer consumer update")
for source in self.sources:
# each pulp source can only have one arch, so we don't
# have to check the arch in url_map
if (source.pulp_id and
source.pulp_id not in consumer['repoids']):
consumerapi.bind(self.metadata.hostname, source.pulp_id)
crt = lxml.etree.SubElement(independent, "BoundPath",
name="/etc/pki/consumer/cert.pem",
type="file", owner="root",
group="root", perms="0644")
crt.text = consumerapi.certificate(self.metadata.hostname)
def build_extra_structures(self, independent):
""" build list of gpg keys to be added to the specification by
validate_structures() """
needkeys = set()
for source in self.sources:
for key in source.gpgkeys:
needkeys.add(key)
if len(needkeys):
if has_yum:
# this must be be has_yum, not use_yum, because
# regardless of whether the user wants to use the yum
# resolver we want to include gpg key data
keypkg = lxml.etree.Element('BoundPackage', name="gpg-pubkey",
type=self.ptype, origin='Packages')
else:
self.logger.warning("GPGKeys were specified for yum sources in "
"sources.xml, but no yum libraries were "
"found")
self.logger.warning("GPG key version/release data cannot be "
"determined automatically")
self.logger.warning("Install yum libraries, or manage GPG keys "
"manually")
keypkg = None
for key in needkeys:
# figure out the path of the key on the client
keydir = self.setup.cfp.get("global", "gpg_keypath",
default="/etc/pki/rpm-gpg")
remotekey = os.path.join(keydir, os.path.basename(key))
localkey = os.path.join(self.keypath, os.path.basename(key))
kdata = open(localkey).read()
# copy the key to the client
keypath = lxml.etree.Element("BoundPath", name=remotekey,
encoding='ascii',
owner='root', group='root',
type='file', perms='0644',
important='true')
keypath.text = kdata
# hook to add version/release info if possible
self._add_gpg_instances(keypkg, kdata, localkey, remotekey)
independent.append(keypath)
if keypkg is not None:
independent.append(keypkg)
if self.has_pulp_sources:
consumerapi = ConsumerAPI()
consumer = self._get_pulp_consumer(consumerapi=consumerapi)
if consumer is None:
consumer = consumerapi.create(self.metadata.hostname,
self.metadata.hostname)
lxml.etree.SubElement(independent, "BoundAction",
name="pulp-update", timing="pre",
when="always", status="check",
command="pulp-consumer consumer update")
for source in self.sources:
# each pulp source can only have one arch, so we don't
# have to check the arch in url_map
if (source.pulp_id and
source.pulp_id not in consumer['repoids']):
consumerapi.bind(self.metadata.hostname, source.pulp_id)
crt = lxml.etree.SubElement(independent, "BoundPath",
name="/etc/pki/consumer/cert.pem",
type="file", owner="root",
group="root", perms="0644")
crt.text = consumerapi.certificate(self.metadata.hostname)
def build_extra_structures(self, independent):
""" build list of gpg keys to be added to the specification by
validate_structures() """
needkeys = set()
for source in self.sources:
for key in source.gpgkeys:
needkeys.add(key)
if len(needkeys):
keypkg = lxml.etree.Element('BoundPackage', name="gpg-pubkey",
type=self.ptype, origin='Packages')
for key in needkeys:
# figure out the path of the key on the client
try:
keydir = self.config.get("global", "gpg_keypath")
except (ConfigParser.NoOptionError,
ConfigParser.NoSectionError):
keydir = "/etc/pki/rpm-gpg"
remotekey = os.path.join(keydir, os.path.basename(key))
localkey = os.path.join(self.keypath, os.path.basename(key))
kdata = open(localkey).read()
# copy the key to the client
keypath = lxml.etree.Element("BoundPath", name=remotekey,
encoding='ascii',
owner='root', group='root',
type='file', perms='0644',
important='true')
keypath.text = kdata
# hook to add version/release info if possible
self._add_gpg_instances(keypkg, kdata, localkey, remotekey)
independent.append(keypath)
independent.append(keypkg)
# see if there are any pulp sources to handle
has_pulp_sources = False
for source in self.sources:
if source.pulp_id:
has_pulp_sources = True
break
if has_pulp_sources:
consumerapi = ConsumerAPI()
consumer = self._get_pulp_consumer(consumerapi=consumerapi)
if consumer is None:
consumer = consumerapi.create(self.metadata.hostname,
self.metadata.hostname)
lxml.etree.SubElement(independent, "BoundAction",
name="pulp-update", timing="pre",
when="always", status="check",
command="pulp-consumer consumer update")
for source in self.sources:
# each pulp source can only have one arch, so we don't
# have to check the arch in url_map
if (source.pulp_id and
source.pulp_id not in consumer['repoids']):
consumerapi.bind(self.metadata.hostname, source.pulp_id)
crt = lxml.etree.SubElement(independent, "BoundPath",
name="/etc/pki/consumer/cert.pem",
type="file", owner="root",
group="root", perms="0644")
crt.text = consumerapi.certificate(self.metadata.hostname)
