Merge branch 'c9' into a9

.fence-agents.metadata

@@ -3,9 +3,11 @@ e1b766b2b1601fde67b3b19ed2f13b9746bb1cca SOURCES/MarkupSafe-2.0.1.tar.gz
 e1fb5dc6f95a85e7d1f93c6701b331201e8b5479 SOURCES/PyJWT-2.1.0-py3-none-any.whl
 53fc16036940089ceadd4127381e40fd6106a7ed SOURCES/PyYAML-5.1.tar.gz
 b53cba68215f389dffaa51ee2afe10c943278646 SOURCES/adal-1.2.7-py2.py3-none-any.whl
+f524069cc0d499c78034b66cf0e8e45344e89791 SOURCES/aliyun-cli-3.0.198.tar.gz
+c6a6dd2c97adb5a22856ce78ad9e3fdc1cbb9760 SOURCES/aliyun-cli-go-vendor.tar.gz
+87ad43ef7b7e1cbcba1d743541b3118cffda63f8 SOURCES/aliyun-openapi-meta-5cf98b660.tar.gz
 bda476965c380701795849179ed91e9d8134ec7c SOURCES/aliyun-python-sdk-core-2.11.5.tar.gz
 2a3e6ee5713a3cfb47e63a739cc9a05580d95dd6 SOURCES/aliyun_python_sdk_ecs-4.24.7-py2.py3-none-any.whl
-32a9b6bff51343ab89221da66f6f67ba798ddcd6 SOURCES/aliyuncli-2.1.10-py2.py3-none-any.whl
 459383a3bcb16956030e302008a0f140a5fec0fb SOURCES/awscli-2.2.15.tar.gz
 a08c16f613cb0b9a9f8ce7cae782ea20c40ce2af SOURCES/awscrt-0.11.13-cp39-cp39-manylinux2014_x86_64.whl
 46d2d17d958ae305ced32fdd6aa847b0cdf31989 SOURCES/azure-identity-1.10.0.zip
@@ -30,6 +32,7 @@ a8ee91adf4644bbdccfc73ead88f4cd0df7e3552 SOURCES/colorama-0.3.3.tar.gz
 4b50bebad4c5036c030a78cbb869d039bc91c4ec SOURCES/distro-1.5.0-py2.py3-none-any.whl
 aafeddc912b74557754b2aaece3f1364be8e9f6a SOURCES/docutils-0.15.2-py3-none-any.whl
 1ec823f807b73a377cdd47d12e2e34f046bfc889 SOURCES/fence-agents-4.10.0.tar.gz
+05d6d7a3df5bdbd9df1b37a65662e5dbe94f23fd SOURCES/flit_core-3.9.0.tar.gz
 f4e578dc0ed68d6667d7b36cdfc2647d55e9858f SOURCES/google-auth-2.3.0.tar.gz
 ac160113ba8b78b0688edda9f9a088c0b4b5ded2 SOURCES/google_api_core-1.30.0-py2.py3-none-any.whl
 4fd1eb2b927767158e91e369de441fd9221a82d9 SOURCES/google_api_python_client-1.12.8-py2.py3-none-any.whl
@@ -86,13 +89,13 @@ abf532a0cc31ea224e3895f60025e7466b16d7ae SOURCES/ruamel.yaml-0.15.100.tar.gz
 d1011ff44cd5a045de0460c1b79ec65592e86860 SOURCES/ruamel.yaml-0.17.16.tar.gz
 27de97227bbbde5a9f571f9fad223578d7bdf7cc SOURCES/ruamel.yaml.clib-0.2.6.tar.gz
 d7eb0ced8b9f12005ad6f13035689d5611f8a81a SOURCES/s3transfer-0.4.2-py2.py3-none-any.whl
-0b0fcb339be89ae1b6360dbfb2be2075ae9f84c9 SOURCES/setuptools-57.0.0-py3-none-any.whl
-d5354718cb8c9330d3abc27445467ce8a5ed9d70 SOURCES/setuptools-58.3.0.tar.gz
-a4f02fddae697614e356cadfddb6241cc7737f38 SOURCES/setuptools_scm-6.3.2.tar.gz
+54a0d57b77b6030aaca8992282189f4b7b627bc0 SOURCES/setuptools-71.1.0.tar.gz
+749fa3bff5be78c80ac6d6d313c38c73d679542c SOURCES/setuptools_scm-8.1.0.tar.gz
 79e6f2e4f9e24898f1896df379871b9c9922f147 SOURCES/six-1.16.0-py2.py3-none-any.whl
 06fa0bb50f2a4e2917fd14c21e9d2d5508ce0163 SOURCES/six-1.16.0.tar.gz
 47a980b20875d1a1714e921552b5bb0eda190f37 SOURCES/suds_community-0.8.5-py3-none-any.whl
-b42b7960047441db7dc021cc20e14279bd836f8d SOURCES/tomli-1.0.1.tar.gz
+3eae299137c59d6d6d30be01417366c57dd1adf5 SOURCES/tomli-2.0.1.tar.gz
+1389615a3f0bd216e7db4440985d51fb3f2ea2c6 SOURCES/typing_extensions-4.12.2.tar.gz
 83be56610e5f824bb05ff7a5618d6d4df9b6cc08 SOURCES/uritemplate-3.0.1-py2.py3-none-any.whl
 84e2852d8da1655373f7ce5e7d5d3e256b62b4e4 SOURCES/urllib3-1.26.18.tar.gz
 7126323614cada181bc8b06436e80ef372ff8656 SOURCES/wcwidth-0.1.9-py2.py3-none-any.whl

.gitignore

@@ -3,9 +3,11 @@ SOURCES/MarkupSafe-2.0.1.tar.gz
 SOURCES/PyJWT-2.1.0-py3-none-any.whl
 SOURCES/PyYAML-5.1.tar.gz
 SOURCES/adal-1.2.7-py2.py3-none-any.whl
+SOURCES/aliyun-cli-3.0.198.tar.gz
+SOURCES/aliyun-cli-go-vendor.tar.gz
+SOURCES/aliyun-openapi-meta-5cf98b660.tar.gz
 SOURCES/aliyun-python-sdk-core-2.11.5.tar.gz
 SOURCES/aliyun_python_sdk_ecs-4.24.7-py2.py3-none-any.whl
-SOURCES/aliyuncli-2.1.10-py2.py3-none-any.whl
 SOURCES/awscli-2.2.15.tar.gz
 SOURCES/awscrt-0.11.13-cp39-cp39-manylinux2014_x86_64.whl
 SOURCES/azure-identity-1.10.0.zip
@@ -30,6 +32,7 @@ SOURCES/cryptography-3.3.2-cp36-abi3-manylinux2010_x86_64.whl
 SOURCES/distro-1.5.0-py2.py3-none-any.whl
 SOURCES/docutils-0.15.2-py3-none-any.whl
 SOURCES/fence-agents-4.10.0.tar.gz
+SOURCES/flit_core-3.9.0.tar.gz
 SOURCES/google-auth-2.3.0.tar.gz
 SOURCES/google_api_core-1.30.0-py2.py3-none-any.whl
 SOURCES/google_api_python_client-1.12.8-py2.py3-none-any.whl
@@ -86,13 +89,13 @@ SOURCES/ruamel.yaml-0.15.100.tar.gz
 SOURCES/ruamel.yaml-0.17.16.tar.gz
 SOURCES/ruamel.yaml.clib-0.2.6.tar.gz
 SOURCES/s3transfer-0.4.2-py2.py3-none-any.whl
-SOURCES/setuptools-57.0.0-py3-none-any.whl
-SOURCES/setuptools-58.3.0.tar.gz
-SOURCES/setuptools_scm-6.3.2.tar.gz
+SOURCES/setuptools-71.1.0.tar.gz
+SOURCES/setuptools_scm-8.1.0.tar.gz
 SOURCES/six-1.16.0-py2.py3-none-any.whl
 SOURCES/six-1.16.0.tar.gz
 SOURCES/suds_community-0.8.5-py3-none-any.whl
-SOURCES/tomli-1.0.1.tar.gz
+SOURCES/tomli-2.0.1.tar.gz
+SOURCES/typing_extensions-4.12.2.tar.gz
 SOURCES/uritemplate-3.0.1-py2.py3-none-any.whl
 SOURCES/urllib3-1.26.18.tar.gz
 SOURCES/wcwidth-0.1.9-py2.py3-none-any.whl

SOURCES/RHEL-25256-fence_vmware_rest-detect-user-sufficient-rights.patch

@@ -0,0 +1,26 @@
+From fc7d7c4baef64f510bd3332c9f008d3e1128dc7b Mon Sep 17 00:00:00 2001
+From: Peter Varkoly <varkoly@suse.com>
+Date: Sun, 11 Feb 2024 09:13:51 +0100
+Subject: [PATCH] fence_vmware_rest : monitoring is not detecting if the API
+ user has sufficient right to manage the fence device. The call
+ https://{api_host}/api/vcenter/vm is subject to permission checks. If the
+ delivered list is empty the user has no rights.
+
+---
+ agents/vmware_rest/fence_vmware_rest.py | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py
+index 378771863..9dc9a12f4 100644
+--- a/agents/vmware_rest/fence_vmware_rest.py
++++ b/agents/vmware_rest/fence_vmware_rest.py
+@@ -60,6 +60,9 @@ def get_list(conn, options):
+ 		else:
+ 			fail(EC_STATUS)
+ 
++	if options.get("--original-action") == "monitor" and not res["value"]:
++		logging.error("API user does not have sufficient rights to manage the power status.")
++		fail(EC_STATUS)
+ 	for r in res["value"]:
+ 		outlets[r["name"]] = ("", state[r["power_state"]])
+ 

SOURCES/RHEL-31488-RHEL-31485-RHEL-31483-fence_aliyun-update.patch

@@ -0,0 +1,209 @@
+--- a/agents/aliyun/fence_aliyun.py	2024-04-04 10:22:53.720906183 +0200
++++ b/agents/aliyun/fence_aliyun.py	2024-04-04 10:21:47.626425090 +0200
+@@ -1,53 +1,67 @@
+ #!@PYTHON@ -tt
+ 
+-import sys, re
++import sys
+ import logging
+ import atexit
+ import json
++
+ sys.path.append("@FENCEAGENTSLIBDIR@")
+ from fencing import *
+-from fencing import fail, fail_usage, EC_TIMED_OUT, run_delay
++from fencing import fail_usage, run_delay
++
+ 
+ try:
+ 	sys.path.insert(0, '/usr/lib/fence-agents/support/aliyun')
+ 	from aliyunsdkcore import client
+ 	from aliyunsdkcore.auth.credentials import EcsRamRoleCredential
++	from aliyunsdkcore.profile import region_provider
++except ImportError as e:
++	logging.warn("The 'aliyunsdkcore' module has been not installed or is unavailable, try to execute the command 'pip install aliyun-python-sdk-core --upgrade' to solve. error: %s" % e)
++
++
++try:
+ 	from aliyunsdkecs.request.v20140526.DescribeInstancesRequest import DescribeInstancesRequest
+ 	from aliyunsdkecs.request.v20140526.StartInstanceRequest import StartInstanceRequest
+ 	from aliyunsdkecs.request.v20140526.StopInstanceRequest import StopInstanceRequest
+ 	from aliyunsdkecs.request.v20140526.RebootInstanceRequest import RebootInstanceRequest
+-	from aliyunsdkcore.profile import region_provider
+-except ImportError:
+-	pass
++except ImportError as e:
++	logging.warn("The 'aliyunsdkecs' module has been not installed or is unavailable, try to execute the command 'pip install aliyun-python-sdk-ecs --upgrade' to solve. error: %s" % e)
++
+ 
+ def _send_request(conn, request):
++	logging.debug("send request action: %s" % request.get_action_name())
+ 	request.set_accept_format('json')
+ 	try:
+ 		response_str = conn.do_action_with_exception(request)
+-		response_detail = json.loads(response_str)
+-		logging.debug("_send_request reponse: %s" % response_detail)
+-		return response_detail
+ 	except Exception as e:
+-		fail_usage("Failed: _send_request failed: %s" % e)
++		fail_usage("Failed: send request failed: Error: %s" % e)
++
++	response_detail = json.loads(response_str)
++	logging.debug("reponse: %s" % response_detail)
++	return response_detail
+ 
+ def start_instance(conn, instance_id):
++	logging.debug("start instance %s" % instance_id)
+ 	request = StartInstanceRequest()
+ 	request.set_InstanceId(instance_id)
+ 	_send_request(conn, request)
+ 
+ def stop_instance(conn, instance_id):
++	logging.debug("stop instance %s" % instance_id)
+ 	request = StopInstanceRequest()
+ 	request.set_InstanceId(instance_id)
+ 	request.set_ForceStop('true')
+ 	_send_request(conn, request)
+ 
+ def reboot_instance(conn, instance_id):
++	logging.debug("reboot instance %s" % instance_id)
+ 	request = RebootInstanceRequest()
+ 	request.set_InstanceId(instance_id)
+ 	request.set_ForceStop('true')
+ 	_send_request(conn, request)
+ 
+ def get_status(conn, instance_id):
++	logging.debug("get instance %s status" % instance_id)
+ 	request = DescribeInstancesRequest()
+ 	request.set_InstanceIds(json.dumps([instance_id]))
+ 	response = _send_request(conn, request)
+@@ -59,20 +73,30 @@
+ 	return instance_status
+ 
+ def get_nodes_list(conn, options):
++	logging.debug("start to get nodes list")
+ 	result = {}
+ 	request = DescribeInstancesRequest()
+ 	request.set_PageSize(100)
++
++	if "--filter" in options:
++		filter_key = options["--filter"].split("=")[0].strip()
++		filter_value = options["--filter"].split("=")[1].strip()
++		params = request.get_query_params()
++		params[filter_key] = filter_value
++		request.set_query_params(params)
++
+ 	response = _send_request(conn, request)
+-	instance_status = None
+ 	if response is not None:
+ 		instance_list = response.get('Instances').get('Instance')
+ 		for item in instance_list:
+ 			instance_id = item.get('InstanceId')
+ 			instance_name = item.get('InstanceName')
+ 			result[instance_id] = (instance_name, None)
++	logging.debug("get nodes list: %s" % result)
+ 	return result
+ 
+ def get_power_status(conn, options):
++	logging.debug("start to get power(%s) status" % options["--plug"])
+ 	state = get_status(conn, options["--plug"])
+ 
+ 	if state == "Running":
+@@ -81,14 +105,11 @@
+ 		status = "off"
+ 	else:
+ 		status = "unknown"
+-
+-	logging.info("get_power_status: %s" % status)
+-
++	logging.debug("the power(%s) status is %s" % (options["--plug"], status))
+ 	return status
+ 
+-
+ def set_power_status(conn, options):
+-	logging.info("set_power_status: %s" % options["--action"])
++	logging.info("start to set power(%s) status to %s" % (options["--plug"], options["--action"]))
+ 
+ 	if (options["--action"]=="off"):
+ 		stop_instance(conn, options["--plug"])
+@@ -97,7 +118,6 @@
+ 	elif (options["--action"]=="reboot"):
+ 		reboot_instance(conn, options["--plug"])
+ 
+-
+ def define_new_opts():
+ 	all_opt["region"] = {
+ 		"getopt" : "r:",
+@@ -126,17 +146,42 @@
+ 	all_opt["ram_role"] = {
+ 		"getopt": ":",
+ 		"longopt": "ram-role",
+-		"help": "--ram-role=[name]        Ram Role",
++		"help": "--ram-role=[name]              Ram Role",
+ 		"shortdesc": "Ram Role.",
+ 		"required": "0",
+ 		"order": 5
+ 	}
++	all_opt["credentials_file"] = {
++		"getopt": ":",
++		"longopt": "credentials-file",
++		"help": "--credentials-file=[path]            Path to aliyun-cli credentials file",
++		"shortdesc": "Path to credentials file",
++		"required": "0",
++		"order": 6
++	}
++	all_opt["credentials_file_profile"] = {
++		"getopt": ":",
++		"longopt": "credentials-file-profile",
++		"help": "--credentials-file-profile=[profile] Credentials file profile",
++		"shortdesc": "Credentials file profile",
++		"required": "0",
++		"default": "default",
++		"order": 7
++	}
++	all_opt["filter"] = {
++		"getopt": ":",
++		"longopt": "filter",
++		"help": "--filter=[key=value]           Filter (e.g. InstanceIds=[\"i-XXYYZZAA1\",\"i-XXYYZZAA2\"]",
++		"shortdesc": "Filter for list-action.",
++		"required": "0",
++		"order": 8
++	}
+ 
+ # Main agent method
+ def main():
+ 	conn = None
+ 
+-	device_opt = ["port", "no_password", "region", "access_key", "secret_key", "ram_role"]
++	device_opt = ["port", "no_password", "region", "access_key", "secret_key", "ram_role", "credentials_file", "credentials_file_profile", "filter"]
+ 
+ 	atexit.register(atexit_handler)
+ 
+@@ -164,8 +209,25 @@
+ 			ram_role = options["--ram-role"]
+ 			role = EcsRamRoleCredential(ram_role)
+ 			conn = client.AcsClient(region_id=region, credential=role)
+-		region_provider.modify_point('Ecs', region, 'ecs.%s.aliyuncs.com' % region)
+-		
++		elif "--credentials-file" in options and "--credentials-file-profile" in options:
++			import os, configparser
++			try:
++				config = configparser.ConfigParser()
++				config.read(os.path.expanduser(options["--credentials-file"]))
++				access_key = config.get(options["--credentials-file-profile"], "aliyun_access_key_id")
++				secret_key = config.get(options["--credentials-file-profile"], "aliyun_access_key_secret")
++				conn = client.AcsClient(access_key, secret_key, region)
++			except Exception as e:
++				fail_usage("Failed: failed to read credentials file: %s" % e)
++		else:
++			fail_usage("Failed: User credentials are not set. Please set the Access Key and the Secret Key, or configure the RAM role.")
++
++		# Use intranet endpoint to access ECS service
++		try:
++			region_provider.modify_point('Ecs', region, 'ecs.%s.aliyuncs.com' % region)
++		except Exception as e:
++			logging.warn("Failed: failed to modify endpoint to 'ecs.%s.aliyuncs.com': %s" % (region, e))
++
+ 	# Operate the fencing device
+ 	result = fence_action(conn, options, set_power_status, get_power_status, get_nodes_list)
+ 	sys.exit(result)

SOURCES/RHEL-43235-fence_aws-1-list-add-instance-name-status.patch

@@ -0,0 +1,99 @@
+From a4502b3bf15a3be2ebd64b6829cd4f6641f2506b Mon Sep 17 00:00:00 2001
+From: Oyvind Albrigtsen <oalbrigt@redhat.com>
+Date: Fri, 14 Jun 2024 15:28:28 +0200
+Subject: [PATCH 1/2] fencing: use formatted strings to avoid failing when plug
+ is int
+
+---
+ lib/fencing.py.py | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/lib/fencing.py.py b/lib/fencing.py.py
+index 66e2ff156..9c090100d 100644
+--- a/lib/fencing.py.py
++++ b/lib/fencing.py.py
+@@ -985,9 +985,9 @@
+ 						status = status.upper()
+ 
+ 					if options["--action"] == "list":
+-						print(outlet_id + options["--separator"] + alias)
++						print("{}{}{}".format(outlet_id, options["--separator"], alias))
+ 					elif options["--action"] == "list-status":
+-						print(outlet_id + options["--separator"] + alias + options["--separator"] + status)
++						print("{}{}{}{}{}".format(outlet_id, options["--separator"], alias, options["--separator"], status))
+ 
+ 			return
+ 
+
+From f1ef26c885cdedb17eb366e4c8922ffb01aefc7c Mon Sep 17 00:00:00 2001
+From: Oyvind Albrigtsen <oalbrigt@redhat.com>
+Date: Fri, 14 Jun 2024 15:29:12 +0200
+Subject: [PATCH 2/2] fence_aws: improve list, list-status and status actions
+
+---
+ agents/aws/fence_aws.py | 31 +++++++++++++++++++------------
+ 1 file changed, 19 insertions(+), 12 deletions(-)
+
+diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py
+index a9308dd9c..b8d38462e 100644
+--- a/agents/aws/fence_aws.py
++++ b/agents/aws/fence_aws.py
+@@ -22,6 +22,15 @@
+ logger.addHandler(SyslogLibHandler())
+ logging.getLogger('botocore.vendored').propagate = False
+ 
++status = {
++		"running": "on",
++		"stopped": "off",
++		"pending": "unknown",
++		"stopping": "unknown",
++		"shutting-down": "unknown",
++		"terminated": "unknown"
++}
++
+ def get_instance_id(options):
+ 	try:
+ 		token = requests.put('http://169.254.169.254/latest/api/token', headers={"X-aws-ec2-metadata-token-ttl-seconds" : "21600"}).content.decode("UTF-8")
+@@ -45,11 +54,14 @@ def get_nodes_list(conn, options):
+ 			filter_key   = options["--filter"].split("=")[0].strip()
+ 			filter_value = options["--filter"].split("=")[1].strip()
+ 			filter = [{ "Name": filter_key, "Values": [filter_value] }]
+-			for instance in conn.instances.filter(Filters=filter):
+-				result[instance.id] = ("", None)
+-		else:
+-			for instance in conn.instances.all():
+-				result[instance.id] = ("", None)
++			logging.debug("Filter: {}".format(filter))
++
++		for instance in conn.instances.filter(Filters=filter if 'filter' in vars() else []):
++			instance_name = ""
++			for tag in instance.tags or []:
++				if tag.get("Key") == "Name":
++					instance_name = tag["Value"]
++			result[instance.id] = (instance_name, status[instance.state["Name"]])
+ 	except ClientError:
+ 		fail_usage("Failed: Incorrect Access Key or Secret Key.")
+ 	except EndpointConnectionError:
+@@ -67,12 +79,7 @@ def get_power_status(conn, options):
+ 		instance = conn.instances.filter(Filters=[{"Name": "instance-id", "Values": [options["--plug"]]}])
+ 		state = list(instance)[0].state["Name"]
+ 		logger.debug("Status operation for EC2 instance %s returned state: %s",options["--plug"],state.upper())
+-		if state == "running":
+-			return "on"
+-		elif state == "stopped":
+-			return "off"
+-		else:
+-			return "unknown"
++		return status[state]
+ 
+ 	except ClientError:
+ 		fail_usage("Failed: Incorrect Access Key or Secret Key.")
+@@ -146,7 +153,7 @@ def define_new_opts():
+ 	all_opt["filter"] = {
+ 		"getopt" : ":",
+ 		"longopt" : "filter",
+-		"help" : "--filter=[key=value]           Filter (e.g. vpc-id=[vpc-XXYYZZAA]",
++		"help" : "--filter=[key=value]           Filter (e.g. vpc-id=[vpc-XXYYZZAA])",
+ 		"shortdesc": "Filter for list-action",
+ 		"required": "0",
+ 		"order": 5

SOURCES/RHEL-43235-fence_aws-2-log-error-for-unknown-states.patch

@@ -0,0 +1,41 @@
+From c2753c1882b5892b8b7a0fd093baded4a359b2a5 Mon Sep 17 00:00:00 2001
+From: Oyvind Albrigtsen <oalbrigt@redhat.com>
+Date: Mon, 17 Jun 2024 11:19:12 +0200
+Subject: [PATCH] fence_aws: log error if unknown state returned
+
+---
+ agents/aws/fence_aws.py | 14 +++++++++++---
+ 1 file changed, 11 insertions(+), 3 deletions(-)
+
+diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py
+index b8d38462e..5459a06c4 100644
+--- a/agents/aws/fence_aws.py
++++ b/agents/aws/fence_aws.py
+@@ -61,7 +61,12 @@ def get_nodes_list(conn, options):
+ 			for tag in instance.tags or []:
+ 				if tag.get("Key") == "Name":
+ 					instance_name = tag["Value"]
+-			result[instance.id] = (instance_name, status[instance.state["Name"]])
++			try:
++				result[instance.id] = (instance_name, status[instance.state["Name"]])
++			except KeyError as e:
++				if options.get("--original-action") == "list-status":
++					logger.error("Unknown status \"{}\" returned for {} ({})".format(instance.state["Name"], instance.id, instance_name))
++				result[instance.id] = (instance_name, "unknown")
+ 	except ClientError:
+ 		fail_usage("Failed: Incorrect Access Key or Secret Key.")
+ 	except EndpointConnectionError:
+@@ -79,8 +84,11 @@ def get_power_status(conn, options):
+ 		instance = conn.instances.filter(Filters=[{"Name": "instance-id", "Values": [options["--plug"]]}])
+ 		state = list(instance)[0].state["Name"]
+ 		logger.debug("Status operation for EC2 instance %s returned state: %s",options["--plug"],state.upper())
+-		return status[state]
+-
++		try:
++			return status[state]
++		except KeyError as e:
++			logger.error("Unknown status \"{}\" returned".format(state))
++			return "unknown"
+ 	except ClientError:
+ 		fail_usage("Failed: Incorrect Access Key or Secret Key.")
+ 	except EndpointConnectionError:

SOURCES/requirements-aliyun.txt

@@ -1,3 +1 @@
 aliyun-python-sdk-ecs
-# for resource-agents-cloud
-aliyuncli>=2.1.5

SPECS/fence-agents.spec

@@ -53,13 +53,11 @@
 %global reqstsoauthlib_version	1.3.0
 %global ruamelyaml		ruamel.yaml
 %global ruamelyaml_version	0.17.16
-%global setuptools		setuptools
-%global setuptools_version	58.3.0
 
 Name: fence-agents
 Summary: Set of unified programs capable of host isolation ("fencing")
 Version: 4.10.0
-Release: 62%{?alphatag:.%{alphatag}}%{?dist}.4.alma.1
+Release: 76%{?alphatag:.%{alphatag}}%{?dist}
 License: GPLv2+ and LGPLv2+
 URL: https://github.com/ClusterLabs/fence-agents
 Source0: https://fedorahosted.org/releases/f/e/fence-agents/%{name}-%{version}.tar.gz
@@ -79,12 +77,21 @@ Source901: botocore-2.0.0dev123.zip
 # aliyun
 Source1000: aliyun-python-sdk-core-2.11.5.tar.gz
 Source1001: aliyun_python_sdk_ecs-4.24.7-py2.py3-none-any.whl
-Source1002: aliyuncli-2.1.10-py2.py3-none-any.whl
-Source1003: cffi-1.14.5-cp39-cp39-manylinux1_x86_64.whl
-Source1004: colorama-0.3.3.tar.gz
-Source1005: jmespath-0.7.1-py2.py3-none-any.whl
-Source1006: pycryptodome-3.20.0.tar.gz
-Source1007: pycparser-2.20-py2.py3-none-any.whl
+Source1002: cffi-1.14.5-cp39-cp39-manylinux1_x86_64.whl
+Source1003: colorama-0.3.3.tar.gz
+Source1004: jmespath-0.7.1-py2.py3-none-any.whl
+Source1005: pycryptodome-3.20.0.tar.gz
+Source1006: pycparser-2.20-py2.py3-none-any.whl
+# aliyun-cli
+Source2000: aliyun-cli-3.0.198.tar.gz
+## TAG=$(git log --pretty="format:%h" -n 1)
+## distdir="aliyun-openapi-meta-${TAG}"
+## TARFILE="${distdir}.tar.gz"
+## rm -rf $TARFILE $distdir
+## git archive --prefix=$distdir/ HEAD | gzip > $TARFILE
+Source2001: aliyun-openapi-meta-5cf98b660.tar.gz
+## go mod vendor
+Source2002: aliyun-cli-go-vendor.tar.gz
 # awscli
 Source1008: awscrt-0.11.13-cp39-cp39-manylinux2014_x86_64.whl
 Source1009: colorama-0.4.3-py2.py3-none-any.whl
@@ -145,7 +152,7 @@ Source1060: pyroute2.nftables-0.6.13.tar.gz
 Source1061: pyroute2.nslink-0.6.13.tar.gz
 Source1062: pytz-2021.1-py2.py3-none-any.whl
 Source1063: rsa-4.7.2-py3-none-any.whl
-Source1064: setuptools-57.0.0-py3-none-any.whl
+Source1064: setuptools-71.1.0.tar.gz
 Source1065: uritemplate-3.0.1-py2.py3-none-any.whl
 # common (pexpect / suds)
 Source1066: pexpect-4.8.0-py2.py3-none-any.whl
@@ -178,14 +185,15 @@ Source1086: %{chrstnormalizer}-%{chrstnormalizer_version}.tar.gz
 Source1087: %{idna}-%{idna_version}.tar.gz
 Source1088: %{reqstsoauthlib}-%{reqstsoauthlib_version}.tar.gz
 Source1089: %{ruamelyaml}-%{ruamelyaml_version}.tar.gz
-Source1090: %{setuptools}-%{setuptools_version}.tar.gz
 ## required for installation
-Source1091: setuptools_scm-6.3.2.tar.gz
-Source1092: packaging-21.2-py3-none-any.whl
-Source1093: poetry-core-1.0.7.tar.gz
-Source1094: pyparsing-3.0.1.tar.gz
-Source1095: tomli-1.0.1.tar.gz
-Source1096: wheel-0.37.0-py2.py3-none-any.whl
+Source1090: setuptools_scm-8.1.0.tar.gz
+Source1091: packaging-21.2-py3-none-any.whl
+Source1092: poetry-core-1.0.7.tar.gz
+Source1093: pyparsing-3.0.1.tar.gz
+Source1094: tomli-2.0.1.tar.gz
+Source1095: flit_core-3.9.0.tar.gz
+Source1096: typing_extensions-4.12.2.tar.gz
+Source1097: wheel-0.37.0-py2.py3-none-any.whl
 ### END
 
 Patch0: ha-cloud-support-aliyun.patch
@@ -241,17 +249,18 @@ Patch49: RHEL-14344-fence_zvmip-1-document-user-permissions.patch
 Patch50: RHEL-14030-1-all-agents-metadata-update-IO-Power-Network.patch
 Patch51: RHEL-14030-2-fence_cisco_mds-undo-metadata-change.patch
 Patch52: RHEL-14344-fence_zvmip-2-fix-manpage-formatting.patch
-Patch53: RHEL-35273-fence_eps-add-fence_epsr2-for-ePowerSwitch-R2-and-newer.patch
+Patch53: RHEL-31488-RHEL-31485-RHEL-31483-fence_aliyun-update.patch
+Patch54: RHEL-35263-fence_eps-add-fence_epsr2-for-ePowerSwitch-R2-and-newer.patch
+Patch55: RHEL-25256-fence_vmware_rest-detect-user-sufficient-rights.patch
+Patch56: RHEL-43235-fence_aws-1-list-add-instance-name-status.patch
+Patch57: RHEL-43235-fence_aws-2-log-error-for-unknown-states.patch
 
 ### HA support libs/utils ###
 # all archs
 Patch1000: bz2217902-1-kubevirt-fix-bundled-dateutil-CVE-2007-4559.patch
-Patch1001: RHEL-36482-kubevirt-fix-bundled-jinja2-CVE-2024-34064.patch
+Patch1001: RHEL-35649-kubevirt-fix-bundled-jinja2-CVE-2024-34064.patch
 # cloud (x86_64 only)
 Patch2000: bz2217902-2-aws-awscli-azure-fix-bundled-dateutil-CVE-2007-4559.patch
-
-# Patches were taken from:
-# https://gitlab.com/redhat/centos-stream/rpms/fence-agents/-/commit/6fd9a38b274ea70136f55f9125a7c4d402580249
 Patch2001: RHEL-43562-fix-bundled-urllib3-CVE-2024-37891.patch
 
 %global supportedagents amt_ws apc apc_snmp bladecenter brocade cisco_mds cisco_ucs compute drac5 eaton_snmp emerson eps evacuate hpblade ibmblade ibm_powervs ibm_vpc ifmib ilo ilo_moonshot ilo_mp ilo_ssh intelmodular ipdu ipmilan kdump kubevirt lpar mpath redfish rhevm rsa rsb sbd scsi vmware_rest vmware_soap wti
@@ -323,9 +332,12 @@ BuildRequires: gcc
 BuildRequires: libxslt
 ## Python dependencies
 %if 0%{?fedora} || 0%{?centos} > 7 || 0%{?rhel} > 7 || 0%{?suse_version}
-BuildRequires: python3-devel python3-pip
-# wheel for HA support subpackages
-BuildRequires: python3-wheel
+BuildRequires: python3-devel
+# dependencies for building HA support subpackages
+BuildRequires: python3-pip python3-wheel
+%ifarch x86_64
+BuildRequires: golang git
+%endif
 BuildRequires: python3-pycurl python3-requests
 %if 0%{?fedora} || 0%{?centos} > 7 || 0%{?rhel} > 7
 BuildRequires: openwsman-python3
@@ -416,7 +428,11 @@ BuildRequires: %{systemd_units}
 %patch -p1 -P 50
 %patch -p1 -P 51
 %patch -p1 -P 52
-%patch -p1 -P 53 -F2
+%patch -p1 -P 53
+%patch -p1 -P 54 -F2
+%patch -p1 -P 55
+%patch -p1 -P 56
+%patch -p1 -P 57
 
 # prevent compilation of something that won't get used anyway
 sed -i.orig 's|FENCE_ZVM=1|FENCE_ZVM=0|' configure.ac
@@ -426,6 +442,24 @@ sed -i.orig 's|FENCE_ZVM=1|FENCE_ZVM=0|' configure.ac
 	export PYTHON="%{__python3}"
 %endif
 
+# aliyun-cli
+%ifarch x86_64
+tar zxf %SOURCE2000
+pushd aliyun-cli-*
+git init
+rmdir aliyun-openapi-meta
+tar zxf %SOURCE2001
+tar zxf %SOURCE2002
+mv aliyun-openapi-meta-* aliyun-openapi-meta
+%define aliyun_cli_version 3.0.198
+# based on https://github.com/containers/podman/blob/main/rpm/podman.spec
+%define gobuild(o:) go build -buildmode pie -compiler gc -tags="rpm_crashtraceback libtrust_openssl ${BUILDTAGS:-}" -ldflags "-linkmode=external -compressdwarf=false ${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags' -X github.com/aliyun/aliyun-cli/cli.Version=%{aliyun_cli_version}" -a -v -x -mod=vendor %{?**};
+%gobuild -o out/aliyun main/main.go
+mkdir -p ../support/aliyun/aliyun-cli
+install -m 0755 out/aliyun ../support/aliyun/aliyun-cli/
+popd
+%endif
+
 # support libs
 %ifarch x86_64
 LIBS="%{_sourcedir}/requirements-*.txt"
@@ -440,7 +474,7 @@ done
 
 # fix incorrect #! detected by CI
 %ifarch x86_64
-sed -i -e "/^#\!\/Users/c#\!%{__python3}" support/aws/bin/jp support/aliyun/bin/jp support/awscli/bin/jp
+sed -i -e "/^#\!\/Users/c#\!%{__python3}" support/aws/bin/jp support/awscli/bin/jp
 %endif
 
 %ifarch x86_64
@@ -454,11 +488,11 @@ rm -rf kubevirt/rsa*
 
 # regular patch doesnt work in build-section
 pushd support
-/usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=0 < %{PATCH1000}
+/usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=2 < %{PATCH1000}
 /usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=0 < %{PATCH1001}
 
 %ifarch x86_64
-/usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=0 < %{PATCH2000}
+/usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=2 < %{PATCH2000}
 /usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=2 < %{PATCH2001}
 %endif
 popd
@@ -539,7 +573,7 @@ network, storage, or similar. They operate through a unified interface
 (calling conventions) devised for the original Red Hat clustering solution.
 
 %package common
-License: GPLv2+ and LGPLv2+
+License: GPL-2.0-or-later AND LGPL-2.0-or-later AND LGPL-3.0-or-later AND ISC
 Summary: Common base for Fence Agents
 %if 0%{?fedora} || 0%{?centos} > 7 || 0%{?rhel} > 7 || 0%{?suse_version}
 Requires: python3-pycurl
@@ -583,17 +617,18 @@ This package contains support files including the Python fencing library.
 
 %ifarch x86_64
 %package -n ha-cloud-support
-License: GPLv2+ and LGPLv2+
+License: GPL-2.0-or-later AND LGPL-2.0-or-later AND LGPL-2.1-or-later AND Apache-2.0 AND MIT AND BSD-2-Clause AND BSD-3-Clause AND MPL-2.0 AND Apache-2.0 AND PSF-2.0 AND Unlicense AND ISC
 Summary: Support libraries for HA Cloud agents
 # aliyun
 Provides: bundled(python-aliyun-python-sdk-core) = 2.11.5
 Provides: bundled(python-aliyun-python-sdk-ecs) = 4.24.7
-Provides: bundled(aliyuncli) = 2.1.10
 Provides: bundled(python-cffi) = 1.14.5
 Provides: bundled(python-colorama) = 0.3.3
 Provides: bundled(python-jmespath) = 0.7.1
 Provides: bundled(python-pycryptodome) = 3.20.0
 Provides: bundled(python-pycparser) = 2.20
+Provides: bundled(aliyun-cli) = 3.0.198
+Provides: bundled(aliyun-openapi-meta) = 5cf98b660
 # awscli
 Provides: bundled(awscli) = 2.2.15
 Provides: bundled(python-awscrt) = 0.11.13
@@ -652,7 +687,7 @@ Provides: bundled(python-pyroute2-nftables) = 0.6.13
 Provides: bundled(python-pyroute2-nslink) = 0.6.13
 Provides: bundled(python-pytz) = 2021.1
 Provides: bundled(python-rsa) = 4.7.2
-Provides: bundled(python-setuptools) = 57.0.0
+Provides: bundled(python3-setuptools) = 71.1.0
 Provides: bundled(python-uritemplate) = 3.0.1
 %description -n ha-cloud-support
 Support libraries for Fence Agents.
@@ -1189,7 +1224,7 @@ Provides: bundled(python3-%{idna}) = %{idna_version}
 Provides: bundled(python3-%{reqstsoauthlib}) = %{reqstsoauthlib_version}
 Provides: bundled(python3-%{oauthlib}) = %{oauthlib_version}
 Provides: bundled(python3-%{ruamelyaml}) = %{ruamelyaml_version}
-Provides: bundled(python3-%{setuptools}) = %{setuptools_version}
+Provides: bundled(python3-setuptools) = 71.1.0
 %description kubevirt
 Fence agent for KubeVirt platform.
 %files kubevirt
@@ -1495,21 +1530,47 @@ are located on corosync cluster nodes.
 %endif
 
 %changelog
-* Wed Jul 10 2024 Eduard Abdullin <eabdullin@almalinuxorg> - 4.10.0-62.4.alma.1
+* Tue Jul 23 2024 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-76
+- bundled setuptools: fix CVE-2024-6345
+
+  Resolves: RHEL-49658
+
+* Fri Jun 21 2024 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-75
 - bundled urllib3: fix CVE-2024-37891
+  Resolves: RHEL-43562
 
-* Thu May 16 2024 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-62.3
+* Wed Jun 19 2024 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-74
+- fence_aws: add instance name and status to list/list-status actions
+  Resolves: RHEL-43235
+
+* Thu May 23 2024 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-73
+- fence_vmware_rest: detect if the API user has sufficient rights to
+  manage the fence device
+  Resolves: RHEL-25256
+
+* Wed May 15 2024 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-72
 - bundled jinja2: fix CVE-2024-34064
-  Resolves: RHEL-36482
+  Resolves: RHEL-35649
 
-* Fri May  3 2024 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-62.2
+* Fri May  3 2024 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-71
 - fence_eps: add fence_epsr2 for ePowerSwitch R2 and newer
-  Resolves: RHEL-35273
+  Resolves: RHEL-35263
 
-* Thu Mar 21 2024 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-62.1
+* Thu Apr  4 2024 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-70
+- fence_aliyun: add credentials file support, filter parameter, and
+  optimize log output
+  Resolves: RHEL-31488, RHEL-31485, RHEL-31483
+
+* Thu Mar 21 2024 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-69
 - ha-cloud-support: upgrade bundled pyroute2 libs to fix issue in
   gcp-vpc-move-route's stop-action
-  Resolves: RHEL-29668
+  Resolves: RHEL-29649
+
+* Thu Mar 14 2024 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-66
+- Add missing licenses to spec-file
+  Resolves: RHEL-27929
+- ha-cloud-support: fix aliyun-cli
+  Resolves: RHEL-28097
 
 * Thu Jan 18 2024 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-62
 - bundled urllib3: fix CVE-2023-45803
@@ -1949,3 +2010,5 @@ are located on corosync cluster nodes.
 * Mon Mar 11 2013 Marek Grac <mgrac@redhat.com> - 4.0.0-1
 - new upstream release
 - introducing subpackages
+
+