def _get_pulp_consumer(self, consumerapi=None): """ Get a Pulp consumer object for the client. :param consumerapi: A Pulp ConsumerAPI object. If none is passed, one will be instantiated. :type consumerapi: pulp.client.api.consumer.ConsumerAPI :returns: dict - the consumer. Returns None on failure (including if there is no existing Pulp consumer for this client. """ if consumerapi is None: consumerapi = ConsumerAPI() consumer = None try: consumer = consumerapi.consumer(self.metadata.hostname) except server.ServerRequestError: # consumer does not exist pass except socket.error: err = sys.exc_info()[1] self.logger.error("Packages: Could not contact Pulp server: %s" % err) except: err = sys.exc_info()[1] self.logger.error("Packages: Unknown error querying Pulp server: " "%s" % err) return consumer
def _get_pulp_consumer(self, consumerapi=None): if consumerapi is None: consumerapi = ConsumerAPI() consumer = None try: consumer = consumerapi.consumer(self.metadata.hostname) except server.ServerRequestError: # consumer does not exist pass except socket.error: err = sys.exc_info()[1] self.logger.error("Packages: Could not contact Pulp server: %s" % err) except: err = sys.exc_info()[1] self.logger.error("Packages: Unknown error querying Pulp server: %s" % err) return consumer
def _get_pulp_consumer(self, consumerapi=None): if consumerapi is None: consumerapi = ConsumerAPI() consumer = None try: consumer = consumerapi.consumer(self.metadata.hostname) except server.ServerRequestError: # consumer does not exist pass except socket.error: err = sys.exc_info()[1] self.logger.error("Packages: Could not contact Pulp server: %s" % err) except: err = sys.exc_info()[1] self.logger.error( "Packages: Unknown error querying Pulp server: %s" % err) return consumer
def list_users(): users = getattr(threading.local(), "users", None) if users is None: users = dict() userapi = UserAPI() consumerapi = ConsumerAPI() for user in userapi.users(): if user['roles'] == ['consumer-users']: # this might be a consumer, but the only way to know # for sure is to try to load it as a consumer try: consumerapi.consumer(user['login']) # yes, this is a consumer. ignore it. continue except ServerRequestError: pass if 'name' not in user or not user['name']: user['name'] = user['login'] elif 'name' in user and isinstance(user['name'], list): user['name'] = user['name'][0] users[user['login']] = user setattr(threading.local(), "users", users) return users
def build_extra_structures(self, independent): """ build list of gpg keys to be added to the specification by validate_structures() """ needkeys = set() for source in self.sources: for key in source.gpgkeys: needkeys.add(key) if len(needkeys): keypkg = lxml.etree.Element('BoundPackage', name="gpg-pubkey", type=self.ptype, origin='Packages') for key in needkeys: # figure out the path of the key on the client keydir = self.config.get("global", "gpg_keypath", default="/etc/pki/rpm-gpg") remotekey = os.path.join(keydir, os.path.basename(key)) localkey = os.path.join(self.keypath, os.path.basename(key)) kdata = open(localkey).read() # copy the key to the client keypath = lxml.etree.Element("BoundPath", name=remotekey, encoding='ascii', owner='root', group='root', type='file', perms='0644', important='true') keypath.text = kdata # hook to add version/release info if possible self._add_gpg_instances(keypkg, kdata, localkey, remotekey) independent.append(keypath) independent.append(keypkg) # see if there are any pulp sources to handle has_pulp_sources = False for source in self.sources: if source.pulp_id: has_pulp_sources = True break if has_pulp_sources: consumerapi = ConsumerAPI() consumer = self._get_pulp_consumer(consumerapi=consumerapi) if consumer is None: consumer = consumerapi.create(self.metadata.hostname, self.metadata.hostname) lxml.etree.SubElement(independent, "BoundAction", name="pulp-update", timing="pre", when="always", status="check", command="pulp-consumer consumer update") for source in self.sources: # each pulp source can only have one arch, so we don't # have to check the arch in url_map if (source.pulp_id and source.pulp_id not in consumer['repoids']): consumerapi.bind(self.metadata.hostname, source.pulp_id) crt = lxml.etree.SubElement(independent, "BoundPath", name="/etc/pki/consumer/cert.pem", type="file", owner="root", group="root", perms="0644") crt.text = consumerapi.certificate(self.metadata.hostname)
def build_extra_structures(self, independent): """ build list of gpg keys to be added to the specification by validate_structures() """ needkeys = set() for source in self.sources: for key in source.gpgkeys: needkeys.add(key) if len(needkeys): if has_yum: # this must be be has_yum, not use_yum, because # regardless of whether the user wants to use the yum # resolver we want to include gpg key data keypkg = lxml.etree.Element('BoundPackage', name="gpg-pubkey", type=self.ptype, origin='Packages') else: self.logger.warning("GPGKeys were specified for yum sources in " "sources.xml, but no yum libraries were " "found") self.logger.warning("GPG key version/release data cannot be " "determined automatically") self.logger.warning("Install yum libraries, or manage GPG keys " "manually") keypkg = None for key in needkeys: # figure out the path of the key on the client keydir = self.setup.cfp.get("global", "gpg_keypath", default="/etc/pki/rpm-gpg") remotekey = os.path.join(keydir, os.path.basename(key)) localkey = os.path.join(self.keypath, os.path.basename(key)) kdata = open(localkey).read() # copy the key to the client keypath = lxml.etree.Element("BoundPath", name=remotekey, encoding='ascii', owner='root', group='root', type='file', perms='0644', important='true') keypath.text = kdata # hook to add version/release info if possible self._add_gpg_instances(keypkg, kdata, localkey, remotekey) independent.append(keypath) if keypkg is not None: independent.append(keypkg) if self.has_pulp_sources: consumerapi = ConsumerAPI() consumer = self._get_pulp_consumer(consumerapi=consumerapi) if consumer is None: consumer = consumerapi.create(self.metadata.hostname, self.metadata.hostname) lxml.etree.SubElement(independent, "BoundAction", name="pulp-update", timing="pre", when="always", status="check", command="pulp-consumer consumer update") for source in self.sources: # each pulp source can only have one arch, so we don't # have to check the arch in url_map if (source.pulp_id and source.pulp_id not in consumer['repoids']): consumerapi.bind(self.metadata.hostname, source.pulp_id) crt = lxml.etree.SubElement(independent, "BoundPath", name="/etc/pki/consumer/cert.pem", type="file", owner="root", group="root", perms="0644") crt.text = consumerapi.certificate(self.metadata.hostname)
def build_extra_structures(self, independent): """ Add additional entries to the ``<Independent/>`` section of the final configuration. This adds several kinds of entries: * For GPG keys, adds a ``Package`` entry that describes the version and release of all expected ``gpg-pubkey`` packages; and ``Path`` entries to copy all of the GPG keys to the appropriate place on the client filesystem. Calls :func:`_add_gpg_instances`. * For Pulp Sources, adds a ``Path`` entry for the consumer certificate; and ``Action`` entries to update the consumer-side Pulp config if the consumer is newly registered. Creates a new Pulp consumer from the Bcfg2 server as necessary. :param independent: The XML tag to add extra entries to. This is modified in place. :type independent: lxml.etree._Element """ needkeys = set() for source in self: for key in source.gpgkeys: needkeys.add(key) if len(needkeys): if HAS_YUM: # this must be be HAS_YUM, not use_yum, because # regardless of whether the user wants to use the yum # resolver we want to include gpg key data keypkg = lxml.etree.Element('BoundPackage', name="gpg-pubkey", type=self.ptype, origin='Packages') else: self.logger.warning("GPGKeys were specified for yum sources " "in sources.xml, but no yum libraries " "were found") self.logger.warning("GPG key version/release data cannot be " "determined automatically") self.logger.warning("Install yum libraries, or manage GPG " "keys manually") keypkg = None for key in needkeys: # figure out the path of the key on the client keydir = self.setup.cfp.get("global", "gpg_keypath", default="/etc/pki/rpm-gpg") remotekey = os.path.join(keydir, os.path.basename(key)) localkey = os.path.join(self.keypath, os.path.basename(key)) kdata = open(localkey).read() # copy the key to the client keypath = lxml.etree.Element("BoundPath", name=remotekey, encoding='ascii', owner='root', group='root', type='file', perms='0644', important='true') keypath.text = kdata # hook to add version/release info if possible self._add_gpg_instances(keypkg, localkey, remotekey, keydata=kdata) independent.append(keypath) if keypkg is not None: independent.append(keypkg) if self.has_pulp_sources: consumerapi = ConsumerAPI() consumer = self._get_pulp_consumer(consumerapi=consumerapi) if consumer is None: consumer = consumerapi.create(self.metadata.hostname, self.metadata.hostname, capabilities=dict(bind=False)) lxml.etree.SubElement(independent, "BoundAction", name="pulp-update", timing="pre", when="always", status="check", command="pulp-consumer consumer update") self.pulp_cert_set.write_data(consumer['certificate'], self.metadata) for source in self: # each pulp source can only have one arch, so we don't # have to check the arch in url_map if (source.pulp_id and source.pulp_id not in consumer['repoids']): consumerapi.bind(self.metadata.hostname, source.pulp_id) crt = lxml.etree.SubElement(independent, "BoundPath", name=self.pulp_cert_set.certpath) self.pulp_cert_set.bind_entry(crt, self.metadata)
def build_extra_structures(self, independent): """ Add additional entries to the ``<Independent/>`` section of the final configuration. This adds several kinds of entries: * For GPG keys, adds a ``Package`` entry that describes the version and release of all expected ``gpg-pubkey`` packages; and ``Path`` entries to copy all of the GPG keys to the appropriate place on the client filesystem. Calls :func:`_add_gpg_instances`. * For Pulp Sources, adds a ``Path`` entry for the consumer certificate; and ``Action`` entries to update the consumer-side Pulp config if the consumer is newly registered. Creates a new Pulp consumer from the Bcfg2 server as necessary. :param independent: The XML tag to add extra entries to. This is modified in place. :type independent: lxml.etree._Element """ needkeys = set() for source in self: for key in source.gpgkeys: needkeys.add(key) if len(needkeys): if HAS_YUM: # this must be be HAS_YUM, not use_yum, because # regardless of whether the user wants to use the yum # resolver we want to include gpg key data keypkg = lxml.etree.Element('BoundPackage', name="gpg-pubkey", type=self.ptype, origin='Packages') else: self.logger.warning("GPGKeys were specified for yum sources " "in sources.xml, but no yum libraries " "were found") self.logger.warning("GPG key version/release data cannot be " "determined automatically") self.logger.warning("Install yum libraries, or manage GPG " "keys manually") keypkg = None for key in needkeys: # figure out the path of the key on the client keydir = self.setup.cfp.get("global", "gpg_keypath", default="/etc/pki/rpm-gpg") remotekey = os.path.join(keydir, os.path.basename(key)) localkey = os.path.join(self.keypath, os.path.basename(key)) kdata = open(localkey).read() # copy the key to the client keypath = lxml.etree.Element("BoundPath", name=remotekey, encoding='ascii', owner='root', group='root', type='file', mode='0644', important='true') keypath.text = kdata # hook to add version/release info if possible self._add_gpg_instances(keypkg, localkey, remotekey, keydata=kdata) independent.append(keypath) if keypkg is not None: independent.append(keypkg) if self.has_pulp_sources: consumerapi = ConsumerAPI() consumer = self._get_pulp_consumer(consumerapi=consumerapi) if consumer is None: try: consumer = \ consumerapi.create(self.metadata.hostname, self.metadata.hostname, capabilities=dict(bind=False)) lxml.etree.SubElement( independent, "BoundAction", name="pulp-update", timing="pre", when="always", status="check", command="pulp-consumer consumer update") self.pulp_cert_set.write_data(consumer['certificate'], self.metadata) except server.ServerRequestError: err = sys.exc_info()[1] self.logger.error("Packages: Could not create Pulp " "consumer %s: %s" % (self.metadata.hostname, err)) for source in self: # each pulp source can only have one arch, so we don't # have to check the arch in url_map if (source.pulp_id and source.pulp_id not in consumer['repoids']): try: consumerapi.bind(self.metadata.hostname, source.pulp_id) except server.ServerRequestError: err = sys.exc_info()[1] self.logger.error("Packages: Could not bind %s to " "Pulp repo %s: %s" % (self.metadata.hostname, source.pulp_id, err)) crt = lxml.etree.SubElement(independent, "BoundPath", name=self.pulp_cert_set.certpath) self.pulp_cert_set.bind_entry(crt, self.metadata)
def build_extra_structures(self, independent): """ build list of gpg keys to be added to the specification by validate_structures() """ needkeys = set() for source in self.sources: for key in source.gpgkeys: needkeys.add(key) if len(needkeys): keypkg = lxml.etree.Element('BoundPackage', name="gpg-pubkey", type=self.ptype, origin='Packages') for key in needkeys: # figure out the path of the key on the client try: keydir = self.config.get("global", "gpg_keypath") except (ConfigParser.NoOptionError, ConfigParser.NoSectionError): keydir = "/etc/pki/rpm-gpg" remotekey = os.path.join(keydir, os.path.basename(key)) localkey = os.path.join(self.keypath, os.path.basename(key)) kdata = open(localkey).read() # copy the key to the client keypath = lxml.etree.Element("BoundPath", name=remotekey, encoding='ascii', owner='root', group='root', type='file', perms='0644', important='true') keypath.text = kdata # hook to add version/release info if possible self._add_gpg_instances(keypkg, kdata, localkey, remotekey) independent.append(keypath) independent.append(keypkg) # see if there are any pulp sources to handle has_pulp_sources = False for source in self.sources: if source.pulp_id: has_pulp_sources = True break if has_pulp_sources: consumerapi = ConsumerAPI() consumer = self._get_pulp_consumer(consumerapi=consumerapi) if consumer is None: consumer = consumerapi.create(self.metadata.hostname, self.metadata.hostname) lxml.etree.SubElement(independent, "BoundAction", name="pulp-update", timing="pre", when="always", status="check", command="pulp-consumer consumer update") for source in self.sources: # each pulp source can only have one arch, so we don't # have to check the arch in url_map if (source.pulp_id and source.pulp_id not in consumer['repoids']): consumerapi.bind(self.metadata.hostname, source.pulp_id) crt = lxml.etree.SubElement(independent, "BoundPath", name="/etc/pki/consumer/cert.pem", type="file", owner="root", group="root", perms="0644") crt.text = consumerapi.certificate(self.metadata.hostname)