import CS leapp-repository-0.20.0-2.el8

.gitignore

@@ -1,2 +1,2 @@
-SOURCES/deps-pkgs-9.tar.gz
-SOURCES/leapp-repository-0.19.0.tar.gz
+SOURCES/deps-pkgs-10.tar.gz
+SOURCES/leapp-repository-0.20.0.tar.gz

.leapp-repository.metadata

@@ -1,2 +1,2 @@
-02499ccd70d4a8e6ce9ad29bd286a317d5e0b57b SOURCES/deps-pkgs-9.tar.gz
-79402ad1aa427e43bdce143f4c0641dda383eb5d SOURCES/leapp-repository-0.19.0.tar.gz
+d520ada12294e4dd8837c81f92d4c184ab403d51 SOURCES/deps-pkgs-10.tar.gz
+185bbb040dba48e1ea2d6c627133af594378afd4 SOURCES/leapp-repository-0.20.0.tar.gz

SOURCES/0001-RHSM-Adjust-the-switch-to-container-mode-for-new-RHS.patch

@@ -1,37 +0,0 @@
-From b6e409e1055b5d8b7f27e5df9eae096eb592a9c7 Mon Sep 17 00:00:00 2001
-From: Petr Stodulka <pstodulk@redhat.com>
-Date: Fri, 27 Oct 2023 13:34:38 +0200
-Subject: [PATCH] RHSM: Adjust the switch to container mode for new RHSM
-
-RHSM in RHEL 8.9+ & RHEL 9.3+ requires newly for the switch to the
-container mode existence and content under /etc/pki/entitlement-host,
-which in our case should by symlink to /etc/pki/entitlement.
-
-So currently we need for the correct switch 2 symlinks:
-  * /etc/pki/rhsm-host        -> /etc/pki/rhsm
-  * /etc/pki/entitlement-host -> /etc/pki/entitlement
-
-Technically we need that only for RHEL 8.9+ but discussing it with
-RHSM SST, we can do this change unconditionally for any RHEL system
-as older versions of RHSM do not check /etc/pki/entitlement-host.
-
-jira: RHEL-14839
----
- repos/system_upgrade/common/libraries/rhsm.py | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/repos/system_upgrade/common/libraries/rhsm.py b/repos/system_upgrade/common/libraries/rhsm.py
-index 4a5b0eb0..18842021 100644
---- a/repos/system_upgrade/common/libraries/rhsm.py
-+++ b/repos/system_upgrade/common/libraries/rhsm.py
-@@ -334,6 +334,7 @@ def set_container_mode(context):
-         return
-     try:
-         context.call(['ln', '-s', '/etc/rhsm', '/etc/rhsm-host'])
-+        context.call(['ln', '-s', '/etc/pki/entitlement', '/etc/pki/entitlement-host'])
-     except CalledProcessError:
-         raise StopActorExecutionError(
-                 message='Cannot set the container mode for the subscription-manager.')
--- 
-2.41.0
-

SOURCES/0001-rhui-do-not-bootstrap-target-client-on-aws.patch

@@ -0,0 +1,251 @@
+From 921c06892f7550a3a8e2b3fe941c6272bdacf88d Mon Sep 17 00:00:00 2001
+From: mhecko <mhecko@redhat.com>
+Date: Thu, 15 Feb 2024 09:56:27 +0100
+Subject: [PATCH] rhui: do not bootstrap target client on aws
+
+Bootstrapping target RHUI client now requires installing the entire
+RHEL8 RPM stack. Threfore, do not try installing target client
+and instead rely only on the files from our leapp-rhui-aws package.
+---
+ .../cloud/checkrhui/libraries/checkrhui.py    |   6 +-
+ .../libraries/userspacegen.py                 | 104 ++++++++++++++----
+ .../system_upgrade/common/models/rhuiinfo.py  |   7 ++
+ 3 files changed, 92 insertions(+), 25 deletions(-)
+
+diff --git a/repos/system_upgrade/common/actors/cloud/checkrhui/libraries/checkrhui.py b/repos/system_upgrade/common/actors/cloud/checkrhui/libraries/checkrhui.py
+index 84ab40e3..e1c158c7 100644
+--- a/repos/system_upgrade/common/actors/cloud/checkrhui/libraries/checkrhui.py
++++ b/repos/system_upgrade/common/actors/cloud/checkrhui/libraries/checkrhui.py
+@@ -142,7 +142,11 @@ def customize_rhui_setup_for_aws(rhui_family, setup_info):
+ 
+     target_version = version.get_target_major_version()
+     if target_version == '8':
+-        return  # The rhel8 plugin is packed into leapp-rhui-aws as we need python2 compatible client
++        # RHEL8 rh-amazon-rhui-client depends on amazon-libdnf-plugin that depends
++        # essentially on the entire RHEL8 RPM stack, so we cannot just swap the clients
++        # The leapp-rhui-aws will provide all necessary files to access entire RHEL8 content
++        setup_info.bootstrap_target_client = False
++        return
+ 
+     amazon_plugin_copy_task = CopyFile(src='/usr/lib/python3.9/site-packages/dnf-plugins/amazon-id.py',
+                                        dst='/usr/lib/python3.6/site-packages/dnf-plugins/')
+diff --git a/repos/system_upgrade/common/actors/targetuserspacecreator/libraries/userspacegen.py b/repos/system_upgrade/common/actors/targetuserspacecreator/libraries/userspacegen.py
+index d917bfd5..d60bc75f 100644
+--- a/repos/system_upgrade/common/actors/targetuserspacecreator/libraries/userspacegen.py
++++ b/repos/system_upgrade/common/actors/targetuserspacecreator/libraries/userspacegen.py
+@@ -853,9 +853,9 @@ def _get_rhui_available_repoids(context, cloud_repo):
+     return set(repoids)
+ 
+ 
+-def get_copy_location_from_copy_in_task(context, copy_task):
++def get_copy_location_from_copy_in_task(context_basepath, copy_task):
+     basename = os.path.basename(copy_task.src)
+-    dest_in_container = context.full_path(copy_task.dst)
++    dest_in_container = os.path.join(context_basepath, copy_task.dst)
+     if os.path.isdir(dest_in_container):
+         return os.path.join(copy_task.dst, basename)
+     return copy_task.dst
+@@ -871,7 +871,10 @@ def _get_rh_available_repoids(context, indata):
+ 
+     # If we are upgrading a RHUI system, check what repositories are provided by the (already installed) target clients
+     if indata and indata.rhui_info:
+-        files_provided_by_clients = _query_rpm_for_pkg_files(context, indata.rhui_info.target_client_pkg_names)
++        setup_info = indata.rhui_info.target_client_setup_info
++        target_content_access_files = set()
++        if setup_info.bootstrap_target_client:
++            target_content_access_files = _query_rpm_for_pkg_files(context, indata.rhui_info.target_client_pkg_names)
+ 
+         def is_repofile(path):
+             return os.path.dirname(path) == '/etc/yum.repos.d' and os.path.basename(path).endswith('.repo')
+@@ -884,24 +887,33 @@ def _get_rh_available_repoids(context, indata):
+ 
+         yum_repos_d = context.full_path('/etc/yum.repos.d')
+         all_repofiles = {os.path.join(yum_repos_d, path) for path in os.listdir(yum_repos_d) if path.endswith('.repo')}
+-        client_repofiles = {context.full_path(path) for path in files_provided_by_clients if is_repofile(path)}
++        api.current_logger().debug('(RHUI Setup) All available repofiles: {0}'.format(' '.join(all_repofiles)))
++
++        target_access_repofiles = {
++            context.full_path(path) for path in target_content_access_files if is_repofile(path)
++        }
+ 
+         # Exclude repofiles used to setup the target rhui access as on some platforms the repos provided by
+         # the client are not sufficient to install the client into target userspace (GCP)
+         rhui_setup_repofile_tasks = [task for task in setup_tasks if task.src.endswith('repo')]
+         rhui_setup_repofiles = (
+-            get_copy_location_from_copy_in_task(context, copy_task) for copy_task in rhui_setup_repofile_tasks
++            get_copy_location_from_copy_in_task(context.base_dir, copy) for copy in rhui_setup_repofile_tasks
+         )
+         rhui_setup_repofiles = {context.full_path(repofile) for repofile in rhui_setup_repofiles}
+ 
+-        foreign_repofiles = all_repofiles - client_repofiles - rhui_setup_repofiles
++        foreign_repofiles = all_repofiles - target_access_repofiles - rhui_setup_repofiles
++
++        api.current_logger().debug(
++            'The following repofiles are considered as unknown to'
++            ' the target RHUI content setup and will be ignored: {0}'.format(' '.join(foreign_repofiles))
++        )
+ 
+         # Rename non-client repofiles so they will not be recognized when running dnf repolist
+         for foreign_repofile in foreign_repofiles:
+             os.rename(foreign_repofile, '{0}.back'.format(foreign_repofile))
+ 
+         try:
+-            dnf_cmd = ['dnf', 'repolist', '--releasever', target_ver, '-v']
++            dnf_cmd = ['dnf', 'repolist', '--releasever', target_ver, '-v', '--enablerepo', '*']
+             repolist_result = context.call(dnf_cmd)['stdout']
+             repoid_lines = [line for line in repolist_result.split('\n') if line.startswith('Repo-id')]
+             rhui_repoids = {extract_repoid_from_line(line) for line in repoid_lines}
+@@ -919,6 +931,9 @@ def _get_rh_available_repoids(context, indata):
+             for foreign_repofile in foreign_repofiles:
+                 os.rename('{0}.back'.format(foreign_repofile), foreign_repofile)
+ 
++    api.current_logger().debug(
++        'The following repofiles are considered as provided by RedHat: {0}'.format(' '.join(rh_repoids))
++    )
+     return rh_repoids
+ 
+ 
+@@ -1086,7 +1101,7 @@ def _get_target_userspace():
+     return constants.TARGET_USERSPACE.format(get_target_major_version())
+ 
+ 
+-def _create_target_userspace(context, packages, files, target_repoids):
++def _create_target_userspace(context, indata, packages, files, target_repoids):
+     """Create the target userspace."""
+     target_path = _get_target_userspace()
+     prepare_target_userspace(context, target_path, target_repoids, list(packages))
+@@ -1096,12 +1111,57 @@ def _create_target_userspace(context, packages, files, target_repoids):
+         _copy_files(target_context, files)
+     dnfplugin.install(_get_target_userspace())
+ 
++    # If we used only repofiles from leapp-rhui-<provider> then remove these as they provide
++    # duplicit definitions as the target clients already installed in the target container
++    if indata.rhui_info:
++        api.current_logger().debug(
++            'Target container should have access to content. '
++            'Removing repofiles from leapp-rhui-<provider> from the target..'
++        )
++        setup_info = indata.rhui_info.target_client_setup_info
++        if not setup_info.bootstrap_target_client:
++            target_userspace_path = _get_target_userspace()
++            for copy in setup_info.preinstall_tasks.files_to_copy_into_overlay:
++                dst_in_container = get_copy_location_from_copy_in_task(target_userspace_path, copy)
++                dst_in_container = dst_in_container.strip('/')
++                dst_in_host = os.path.join(target_userspace_path, dst_in_container)
++                if os.path.isfile(dst_in_host) and dst_in_host.endswith('.repo'):
++                    api.current_logger().debug('Removing repofile: {0}'.format(dst_in_host))
++                    os.remove(dst_in_host)
++
+     # and do not forget to set the rhsm into the container mode again
+     with mounting.NspawnActions(_get_target_userspace()) as target_context:
+         rhsm.set_container_mode(target_context)
+ 
+ 
+-def install_target_rhui_client_if_needed(context, indata):
++def _apply_rhui_access_preinstall_tasks(context, rhui_setup_info):
++    if rhui_setup_info.preinstall_tasks:
++        api.current_logger().debug('Applying RHUI preinstall tasks.')
++        preinstall_tasks = rhui_setup_info.preinstall_tasks
++
++        for file_to_remove in preinstall_tasks.files_to_remove:
++            api.current_logger().debug('Removing {0} from the scratch container.'.format(file_to_remove))
++            context.remove(file_to_remove)
++
++        for copy_info in preinstall_tasks.files_to_copy_into_overlay:
++            api.current_logger().debug(
++                'Copying {0} in {1} into the scratch container.'.format(copy_info.src, copy_info.dst)
++            )
++            context.makedirs(os.path.dirname(copy_info.dst), exists_ok=True)
++            context.copy_to(copy_info.src, copy_info.dst)
++
++
++def _apply_rhui_access_postinstall_tasks(context, rhui_setup_info):
++    if rhui_setup_info.postinstall_tasks:
++        api.current_logger().debug('Applying RHUI postinstall tasks.')
++        for copy_info in rhui_setup_info.postinstall_tasks.files_to_copy:
++            context.makedirs(os.path.dirname(copy_info.dst), exists_ok=True)
++            debug_msg = 'Copying {0} to {1} (inside the scratch container).'
++            api.current_logger().debug(debug_msg.format(copy_info.src, copy_info.dst))
++            context.call(['cp', copy_info.src, copy_info.dst])
++
++
++def setup_target_rhui_access_if_needed(context, indata):
+     if not indata.rhui_info:
+         return
+ 
+@@ -1110,15 +1170,14 @@ def install_target_rhui_client_if_needed(context, indata):
+     _create_target_userspace_directories(userspace_dir)
+ 
+     setup_info = indata.rhui_info.target_client_setup_info
+-    if setup_info.preinstall_tasks:
+-        preinstall_tasks = setup_info.preinstall_tasks
++    _apply_rhui_access_preinstall_tasks(context, setup_info)
+ 
+-        for file_to_remove in preinstall_tasks.files_to_remove:
+-            context.remove(file_to_remove)
+-
+-        for copy_info in preinstall_tasks.files_to_copy_into_overlay:
+-            context.makedirs(os.path.dirname(copy_info.dst), exists_ok=True)
+-            context.copy_to(copy_info.src, copy_info.dst)
++    if not setup_info.bootstrap_target_client:
++        # Installation of the target RHUI client is not possible and we bundle all necessary
++        # files into the leapp-rhui-<provider> packages.
++        api.current_logger().debug('Bootstrapping target RHUI client is disabled, leapp will rely '
++                                   'only on files budled in leapp-rhui-<provider> package.')
++        return
+ 
+     cmd = ['dnf', '-y']
+ 
+@@ -1149,16 +1208,13 @@ def install_target_rhui_client_if_needed(context, indata):
+ 
+     context.call(cmd, callback_raw=utils.logging_handler, stdin='\n'.join(dnf_transaction_steps))
+ 
+-    if setup_info.postinstall_tasks:
+-        for copy_info in setup_info.postinstall_tasks.files_to_copy:
+-            context.makedirs(os.path.dirname(copy_info.dst), exists_ok=True)
+-            context.call(['cp', copy_info.src, copy_info.dst])
++    _apply_rhui_access_postinstall_tasks(context, setup_info)
+ 
+     # Do a cleanup so there are not duplicit repoids
+     files_owned_by_clients = _query_rpm_for_pkg_files(context, indata.rhui_info.target_client_pkg_names)
+ 
+     for copy_task in setup_info.preinstall_tasks.files_to_copy_into_overlay:
+-        dest = get_copy_location_from_copy_in_task(context, copy_task)
++        dest = get_copy_location_from_copy_in_task(context.base_dir, copy_task)
+         can_be_cleaned_up = copy_task.src not in setup_info.files_supporting_client_operation
+         if dest not in files_owned_by_clients and can_be_cleaned_up:
+             context.remove(dest)
+@@ -1184,10 +1240,10 @@ def perform():
+             target_iso = next(api.consume(TargetOSInstallationImage), None)
+             with mounting.mount_upgrade_iso_to_root_dir(overlay.target, target_iso):
+ 
+-                install_target_rhui_client_if_needed(context, indata)
++                setup_target_rhui_access_if_needed(context, indata)
+ 
+                 target_repoids = _gather_target_repositories(context, indata, prod_cert_path)
+-                _create_target_userspace(context, indata.packages, indata.files, target_repoids)
++                _create_target_userspace(context, indata, indata.packages, indata.files, target_repoids)
+                 # TODO: this is tmp solution as proper one needs significant refactoring
+                 target_repo_facts = repofileutils.get_parsed_repofiles(context)
+                 api.produce(TMPTargetRepositoriesFacts(repositories=target_repo_facts))
+diff --git a/repos/system_upgrade/common/models/rhuiinfo.py b/repos/system_upgrade/common/models/rhuiinfo.py
+index 3eaa4826..0a2e45af 100644
+--- a/repos/system_upgrade/common/models/rhuiinfo.py
++++ b/repos/system_upgrade/common/models/rhuiinfo.py
+@@ -36,6 +36,13 @@ class TargetRHUISetupInfo(Model):
+     files_supporting_client_operation = fields.List(fields.String(), default=[])
+     """A subset of files copied in preinstall tasks that should not be cleaned up."""
+ 
++    bootstrap_target_client = fields.Boolean(default=True)
++    """
++    Swap the current RHUI client for the target one to facilitate access to the target content.
++
++    When False, only files from the leapp-rhui-<provider> will be used to access target content.
++    """
++
+ 
+ class RHUIInfo(Model):
+     """
+-- 
+2.43.0
+

SOURCES/0002-Do-not-create-dangling-symlinks-for-containerized-RH.patch

@@ -1,62 +0,0 @@
-From d1f28cbd143f2dce85f7f175308437954847aba8 Mon Sep 17 00:00:00 2001
-From: Petr Stodulka <pstodulk@redhat.com>
-Date: Thu, 2 Nov 2023 14:20:11 +0100
-Subject: [PATCH] Do not create dangling symlinks for containerized RHSM
-
-When setting RHSM into the container mode, we are creating symlinks
-to /etc/rhsm and /etc/pki/entitlement directories. However, this
-creates dangling symlinks if RHSM is not installed or user manually
-removes one of these dirs.
-
-If any of these directories is missing, skip other actions and
-log the warning. Usually it means that RHSM is not actually used
-or installed at all, so in these cases we can do the skip. The
-only corner case when system could use RHSM without
-/etc/pki/entitlement is when RHSM is configured to put these
-certificate on a different path, and we do not support nor cover
-such a scenario as we are not scanning the RHSM configuration at
-all.
-
-This also solves the problems on systems that does not have RHSM
-available at all.
----
- repos/system_upgrade/common/libraries/rhsm.py | 16 ++++++++++++++++
- 1 file changed, 16 insertions(+)
-
-diff --git a/repos/system_upgrade/common/libraries/rhsm.py b/repos/system_upgrade/common/libraries/rhsm.py
-index 18842021..eb388829 100644
---- a/repos/system_upgrade/common/libraries/rhsm.py
-+++ b/repos/system_upgrade/common/libraries/rhsm.py
-@@ -325,6 +325,11 @@ def set_container_mode(context):
-     could be affected and the generated repo file in the container could be
-     affected as well (e.g. when the release is set, using rhsm, on the host).
- 
-+    We want to put RHSM into the container mode always when /etc/rhsm and
-+    /etc/pki/entitlement directories exists, even when leapp is executed with
-+    --no-rhsm option. If any of these directories are missing, skip other
-+    actions - most likely RHSM is not installed in such a case.
-+
-     :param context: An instance of a mounting.IsolatedActions class
-     :type context: mounting.IsolatedActions class
-     """
-@@ -332,6 +337,17 @@ def set_container_mode(context):
-         api.current_logger().error('Trying to set RHSM into the container mode'
-                                    'on host. Skipping the action.')
-         return
-+    # TODO(pstodulk): check "rhsm identity" whether system is registered
-+    # and the container mode should be required
-+    if (not os.path.exists(context.full_path('/etc/rhsm'))
-+            or not os.path.exists(context.full_path('/etc/pki/entitlement'))):
-+        api.current_logger().warning(
-+            'Cannot set the container mode for the subscription-manager as'
-+            ' one of required directories is missing. Most likely RHSM is not'
-+            ' installed. Skipping other actions.'
-+        )
-+        return
-+
-     try:
-         context.call(['ln', '-s', '/etc/rhsm', '/etc/rhsm-host'])
-         context.call(['ln', '-s', '/etc/pki/entitlement', '/etc/pki/entitlement-host'])
--- 
-2.41.0
-

SOURCES/leapp-repository-0.19.0-elevate.patch

@@ -1,384 +0,0 @@
-diff --git a/commands/command_utils.py b/commands/command_utils.py
-index 338978dd..af78efdf 100644
---- a/commands/command_utils.py
-+++ b/commands/command_utils.py
-@@ -13,7 +13,7 @@ LEAPP_UPGRADE_FLAVOUR_DEFAULT = 'default'
- LEAPP_UPGRADE_FLAVOUR_SAP_HANA = 'saphana'
- LEAPP_UPGRADE_PATHS = 'upgrade_paths.json'
- 
--VERSION_REGEX = re.compile(r"^([1-9]\d*)\.(\d+)$")
-+VERSION_REGEX = re.compile(r"^([1-9]\d*)(\.(\d+))?$")
- 
- 
- def check_version(version):
-diff --git a/commands/upgrade/breadcrumbs.py b/commands/upgrade/breadcrumbs.py
-index 16903ee0..46f116fb 100644
---- a/commands/upgrade/breadcrumbs.py
-+++ b/commands/upgrade/breadcrumbs.py
-@@ -61,7 +61,7 @@ class _BreadCrumbs(object):
-             if not os.path.exists('/etc/rhsm'):
-                 # If there's no /etc/rhsm folder just skip it
-                 return
--            os.path.mkdir('/etc/rhsm/facts')
-+            os.mkdir('/etc/rhsm/facts')
-         try:
-             with open('/etc/rhsm/facts/leapp.facts', 'w') as f:
-                 json.dump(_flattened({
-diff --git a/repos/system_upgrade/common/actors/addupgradebootentry/libraries/addupgradebootentry.py b/repos/system_upgrade/common/actors/addupgradebootentry/libraries/addupgradebootentry.py
-index 4e1c4204..3474867a 100644
---- a/repos/system_upgrade/common/actors/addupgradebootentry/libraries/addupgradebootentry.py
-+++ b/repos/system_upgrade/common/actors/addupgradebootentry/libraries/addupgradebootentry.py
-@@ -18,7 +18,7 @@ def add_boot_entry(configs=None):
-             '/usr/sbin/grubby',
-             '--add-kernel', '{0}'.format(kernel_dst_path),
-             '--initrd', '{0}'.format(initram_dst_path),
--            '--title', 'RHEL-Upgrade-Initramfs',
-+            '--title', 'ELevate-Upgrade-Initramfs',
-             '--copy-default',
-             '--make-default',
-             '--args', '{DEBUG}{NET} enforcing=0 rd.plymouth=0 plymouth.enable=0'.format(DEBUG=debug, NET=ip_arg)
-diff --git a/repos/system_upgrade/common/actors/addupgradebootentry/tests/unit_test_addupgradebootentry.py b/repos/system_upgrade/common/actors/addupgradebootentry/tests/unit_test_addupgradebootentry.py
-index ddc37e52..a9c40691 100644
---- a/repos/system_upgrade/common/actors/addupgradebootentry/tests/unit_test_addupgradebootentry.py
-+++ b/repos/system_upgrade/common/actors/addupgradebootentry/tests/unit_test_addupgradebootentry.py
-@@ -42,7 +42,7 @@ run_args_add = [
-     '/usr/sbin/grubby',
-     '--add-kernel', '/abc',
-     '--initrd', '/def',
--    '--title', 'RHEL-Upgrade-Initramfs',
-+    '--title', 'ELevate-Upgrade-Initramfs',
-     '--copy-default',
-     '--make-default',
-     '--args',
-diff --git a/repos/system_upgrade/common/actors/commonleappdracutmodules/files/dracut/85sys-upgrade-redhat/do-upgrade.sh b/repos/system_upgrade/common/actors/commonleappdracutmodules/files/dracut/85sys-upgrade-redhat/do-upgrade.sh
-index 491b85ec..059cf506 100755
---- a/repos/system_upgrade/common/actors/commonleappdracutmodules/files/dracut/85sys-upgrade-redhat/do-upgrade.sh
-+++ b/repos/system_upgrade/common/actors/commonleappdracutmodules/files/dracut/85sys-upgrade-redhat/do-upgrade.sh
-@@ -9,7 +9,7 @@ type getarg >/dev/null 2>&1 || . /lib/dracut-lib.sh
- 
- get_rhel_major_release() {
-     local os_version
--    os_version=$(grep -o '^VERSION="[0-9][0-9]*\.' /etc/initrd-release | grep -o '[0-9]*')
-+    os_version=$(grep -o '^VERSION="[0-9][0-9]*' /etc/initrd-release | grep -o '[0-9]*')
-     [ -z "$os_version" ] && {
-         # This should not happen as /etc/initrd-release is supposed to have API
-         # stability, but check is better than broken system.
-@@ -377,4 +377,3 @@ getarg 'rd.break=leapp-logs' && emergency_shell -n upgrade "Break after LEAPP sa
- sync
- mount -o "remount,$old_opts" "$NEWROOT"
- exit $result
--
-diff --git a/repos/system_upgrade/common/actors/commonleappdracutmodules/files/dracut/90sys-upgrade/initrd-system-upgrade-generator b/repos/system_upgrade/common/actors/commonleappdracutmodules/files/dracut/90sys-upgrade/initrd-system-upgrade-generator
-index 5cc6fd92..fe81626f 100755
---- a/repos/system_upgrade/common/actors/commonleappdracutmodules/files/dracut/90sys-upgrade/initrd-system-upgrade-generator
-+++ b/repos/system_upgrade/common/actors/commonleappdracutmodules/files/dracut/90sys-upgrade/initrd-system-upgrade-generator
-@@ -1,7 +1,7 @@
- #!/bin/sh
- 
- get_rhel_major_release() {
--    _os_version=$(cat /etc/initrd-release | grep -o '^VERSION="[0-9][0-9]*\.' | grep -o '[0-9]*')
-+    _os_version=$(cat /etc/initrd-release | grep -o '^VERSION="[0-9][0-9]*' | grep -o '[0-9]*')
-     [ -z "$_os_version" ] && {
-         # This should not happen as /etc/initrd-release is supposed to have API
-         # stability, but check is better than broken system.
-diff --git a/repos/system_upgrade/common/actors/efibootorderfix/finalization/actor.py b/repos/system_upgrade/common/actors/efibootorderfix/finalization/actor.py
-index f42909f0..4a2bc8ad 100644
---- a/repos/system_upgrade/common/actors/efibootorderfix/finalization/actor.py
-+++ b/repos/system_upgrade/common/actors/efibootorderfix/finalization/actor.py
-@@ -1,17 +1,118 @@
-+import os
-+import re
-+
-+from leapp.libraries.stdlib import run, api
- from leapp.actors import Actor
--from leapp.libraries.common import efi_reboot_fix
-+from leapp.models import InstalledTargetKernelVersion, KernelCmdlineArg, FirmwareFacts, MountEntry
- from leapp.tags import FinalizationPhaseTag, IPUWorkflowTag
-+from leapp.exceptions import StopActorExecutionError
- 
- 
- class EfiFinalizationFix(Actor):
-     """
--    Adjust EFI boot entry for final reboot
-+    Ensure that EFI boot order is updated, which is particularly necessary
-+    when upgrading to a different OS distro. Also rebuilds grub config
-+    if necessary.
-     """
- 
-     name = 'efi_finalization_fix'
--    consumes = ()
-+    consumes = (KernelCmdlineArg, InstalledTargetKernelVersion, FirmwareFacts, MountEntry)
-     produces = ()
-     tags = (FinalizationPhaseTag, IPUWorkflowTag)
- 
-     def process(self):
--        efi_reboot_fix.maybe_emit_updated_boot_entry()
-+        is_system_efi = False
-+        ff = next(self.consume(FirmwareFacts), None)
-+
-+        dirname = {
-+                'AlmaLinux': 'almalinux',
-+                'CentOS Linux': 'centos',
-+                'CentOS Stream': 'centos',
-+                'Oracle Linux Server': 'redhat',
-+                'Red Hat Enterprise Linux': 'redhat',
-+                'Rocky Linux': 'rocky',
-+                'Scientific Linux': 'redhat',
-+                'EuroLinux': 'eurolinux',
-+        }
-+
-+        efi_shimname_dict = {
-+            'x86_64': 'shimx64.efi',
-+            'aarch64': 'shimaa64.efi'
-+        }
-+
-+        def devparts(dev):
-+          """
-+          NVMe block devices aren't named like SCSI/ATA/etc block devices and must be parsed differently.
-+          SCSI/ATA/etc devices have a syntax resembling /dev/sdb4 for the 4th partition on the 2nd disk.
-+          NVMe devices have a syntax resembling /dev/nvme0n2p4 for the 4th partition on the 2nd disk.
-+          """
-+          if '/dev/nvme' in dev:
-+            """
-+            NVMe
-+            """
-+            part = next(re.finditer(r'p\d+$', dev)).group(0)
-+            dev = dev[:-len(part)]
-+            part = part[1:]
-+          else:
-+            """
-+            Non-NVMe (SCSI, ATA, etc)
-+            """
-+            part = next(re.finditer(r'\d+$', dev)).group(0)
-+            dev = dev[:-len(part)]
-+          return [dev, part];
-+
-+        with open('/etc/system-release', 'r') as sr:
-+            release_line = next(line for line in sr if 'release' in line)
-+            distro = release_line.split(' release ', 1)[0]
-+
-+        efi_bootentry_label = distro
-+        distro_dir = dirname.get(distro, 'default')
-+        shim_filename = efi_shimname_dict.get(api.current_actor().configuration.architecture, 'shimx64.efi')
-+
-+        shim_path = '/boot/efi/EFI/' + distro_dir + '/' + shim_filename
-+        grub_cfg_path = '/boot/efi/EFI/' + distro_dir + '/grub.cfg'
-+        bootmgr_path = '\\EFI\\' + distro_dir + '\\' + shim_filename
-+
-+        has_efibootmgr = os.path.exists('/sbin/efibootmgr')
-+        has_shim = os.path.exists(shim_path)
-+        has_grub_cfg = os.path.exists(grub_cfg_path)
-+
-+        if not ff:
-+            raise StopActorExecutionError(
-+                'Could not identify system firmware',
-+                details={'details': 'Actor did not receive FirmwareFacts message.'}
-+            )
-+
-+        if not has_efibootmgr:
-+            return
-+
-+        for fact in self.consume(FirmwareFacts):
-+            if fact.firmware == 'efi':
-+                is_system_efi = True
-+                break
-+
-+        if is_system_efi and has_shim:
-+            efidevlist = []
-+            with open('/proc/mounts', 'r') as fp:
-+                for line in fp:
-+                    if '/boot/efi' in line:
-+                        efidevpath = line.split(' ', 1)[0]
-+                        efidevpart = efidevpath.split('/')[-1]
-+            if os.path.exists('/proc/mdstat'):
-+               with open('/proc/mdstat', 'r') as mds:
-+                 for line in mds:
-+                   if line.startswith(efidevpart):
-+                     mddev = line.split(' ')
-+                     for md in mddev:
-+                       if '[' in md:
-+                         efimd = md.split('[', 1)[0]
-+                         efidp = efidevpath.replace(efidevpart, efimd)
-+                         efidevlist.append(efidp)
-+            if len(efidevlist) == 0:
-+              efidevlist.append(efidevpath)
-+            for devpath in efidevlist:
-+              efidev, efipart = devparts(devpath)
-+              run(['/sbin/efibootmgr', '-c', '-d', efidev, '-p', efipart, '-l', bootmgr_path, '-L', efi_bootentry_label])
-+
-+            if not has_grub_cfg:
-+                run(['/sbin/grub2-mkconfig', '-o', grub_cfg_path])
-diff --git a/repos/system_upgrade/common/actors/ipuworkflowconfig/libraries/ipuworkflowconfig.py b/repos/system_upgrade/common/actors/ipuworkflowconfig/libraries/ipuworkflowconfig.py
-index 9e213f64..52cfe14f 100644
---- a/repos/system_upgrade/common/actors/ipuworkflowconfig/libraries/ipuworkflowconfig.py
-+++ b/repos/system_upgrade/common/actors/ipuworkflowconfig/libraries/ipuworkflowconfig.py
-@@ -47,15 +47,20 @@ def get_os_release(path):
-     :return: `OSRelease` model if the file can be parsed
-     :raises: `IOError`
-     """
-+    os_version = '.'.join(platform.dist()[1].split('.')[:2])
-     try:
-         with open(path) as f:
-             data = dict(l.strip().split('=', 1) for l in f.readlines() if '=' in l)
-+            release_id = data.get('ID', '').strip('"')
-+            version_id = data.get('VERSION_ID', '').strip('"')
-+            if release_id == 'centos' and '.' not in os_version:
-+                os_version = "{}.999".format(version_id)
-             return OSRelease(
--                release_id=data.get('ID', '').strip('"'),
-+                release_id=release_id,
-                 name=data.get('NAME', '').strip('"'),
-                 pretty_name=data.get('PRETTY_NAME', '').strip('"'),
-                 version=data.get('VERSION', '').strip('"'),
--                version_id=data.get('VERSION_ID', '').strip('"'),
-+                version_id=os_version,
-                 variant=data.get('VARIANT', '').strip('"') or None,
-                 variant_id=data.get('VARIANT_ID', '').strip('"') or None
-             )
-diff --git a/repos/system_upgrade/common/actors/redhatsignedrpmscanner/actor.py b/repos/system_upgrade/common/actors/redhatsignedrpmscanner/actor.py
-index 1085beee..8416fd39 100644
---- a/repos/system_upgrade/common/actors/redhatsignedrpmscanner/actor.py
-+++ b/repos/system_upgrade/common/actors/redhatsignedrpmscanner/actor.py
-@@ -17,11 +17,28 @@ class RedHatSignedRpmScanner(Actor):
-     tags = (IPUWorkflowTag, FactsPhaseTag)
- 
-     def process(self):
--        RH_SIGS = ['199e2f91fd431d51',
-+        RH_SIGS = ['199e2f91fd431d51', # rhel
-                    '5326810137017186',
-                    '938a80caf21541eb',
-                    'fd372689897da07a',
--                   '45689c882fa658e0']
-+                   '45689c882fa658e0',
-+                   '24c6a8a7f4a80eb5', # centos
-+                   '05b555b38483c65d',
-+                   '4eb84e71f2ee9d55',
-+                   'a963bbdbf533f4fa',
-+                   '6c7cb6ef305d49d6',
-+                   '51d6647ec21ad6ea', # almalinux
-+                   'd36cb86cb86b3716',
-+                   '2ae81e8aced7258b',
-+                   '15af5dac6d745a60', # rockylinux
-+                   '702d426d350d275d',
-+                   '72f97b74ec551f03', # ol
-+                   '82562ea9ad986da3',
-+                   'bc4d06a08d8b756f',
-+                   '75c333f418cd4a9e', # eurolinux
-+                   'b413acad6275f250',
-+                   'f7ad3e5a1c9fd080',
-+                   'b0b4183f192a7d7d'] # scientific
- 
-         signed_pkgs = InstalledRedHatSignedRPM()
-         unsigned_pkgs = InstalledUnsignedRPM()
-@@ -46,7 +63,12 @@ class RedHatSignedRpmScanner(Actor):
-             """
-             return (    # pylint: disable-msg=consider-using-ternary
-                     pkg.name == 'gpg-pubkey'
--                    and pkg.packager.startswith('Red Hat, Inc.')
-+                    and (pkg.packager.startswith('Red Hat, Inc.')
-+                    or pkg.packager.startswith('CentOS')
-+                    or pkg.packager.startswith('AlmaLinux')
-+                    or pkg.packager.startswith('infrastructure@rockylinux.org')
-+                    or pkg.packager.startswith('EuroLinux')
-+                    or pkg.packager.startswith('Scientific Linux'))
-                     or all_signed
-             )
- 
-diff --git a/repos/system_upgrade/common/actors/removeobsoletegpgkeys/libraries/removeobsoleterpmgpgkeys.py b/repos/system_upgrade/common/actors/removeobsoletegpgkeys/libraries/removeobsoleterpmgpgkeys.py
-index 1cc5d64f..11c61e36 100644
---- a/repos/system_upgrade/common/actors/removeobsoletegpgkeys/libraries/removeobsoleterpmgpgkeys.py
-+++ b/repos/system_upgrade/common/actors/removeobsoletegpgkeys/libraries/removeobsoleterpmgpgkeys.py
-@@ -11,7 +11,11 @@ OBSOLETED_KEYS_MAP = {
-         "gpg-pubkey-37017186-45761324",
-         "gpg-pubkey-db42a60e-37ea5438",
-     ],
--    9: ["gpg-pubkey-d4082792-5b32db75"],
-+    9: [
-+        "gpg-pubkey-d4082792-5b32db75",
-+        "gpg-pubkey-3abb34f8-5ffd890e",
-+        "gpg-pubkey-6275f250-5e26cb2e",
-+    ],
- }
- 
- 
-diff --git a/repos/system_upgrade/common/actors/targetuserspacecreator/libraries/userspacegen.py b/repos/system_upgrade/common/actors/targetuserspacecreator/libraries/userspacegen.py
-index 9dfa0f14..3dc8e6db 100644
---- a/repos/system_upgrade/common/actors/targetuserspacecreator/libraries/userspacegen.py
-+++ b/repos/system_upgrade/common/actors/targetuserspacecreator/libraries/userspacegen.py
-@@ -400,9 +400,9 @@ def _prep_repository_access(context, target_userspace):
-     target_yum_repos_d = os.path.join(target_etc, 'yum.repos.d')
-     backup_yum_repos_d = os.path.join(target_etc, 'yum.repos.d.backup')
- 
--    _copy_certificates(context, target_userspace)
- 
-     if not rhsm.skip_rhsm():
-+        _copy_certificates(context, target_userspace)
-         run(['rm', '-rf', os.path.join(target_etc, 'rhsm')])
-         context.copytree_from('/etc/rhsm', os.path.join(target_etc, 'rhsm'))
-     # NOTE: we cannot just remove the original target yum.repos.d dir
-diff --git a/repos/system_upgrade/common/libraries/config/version.py b/repos/system_upgrade/common/libraries/config/version.py
-index 0f1e5874..5eb80c9c 100644
---- a/repos/system_upgrade/common/libraries/config/version.py
-+++ b/repos/system_upgrade/common/libraries/config/version.py
-@@ -15,8 +15,8 @@ OP_MAP = {
- 
- _SUPPORTED_VERSIONS = {
-     # Note: 'rhel-alt' is detected when on 'rhel' with kernel 4.x
--    '7': {'rhel': ['7.9'], 'rhel-alt': [], 'rhel-saphana': ['7.9']},
--    '8': {'rhel': ['8.6', '8.8', '8.9'], 'rhel-saphana': ['8.6', '8.8']},
-+    '7': {'rhel': ['7.9'], 'rhel-alt': [], 'rhel-saphana': ['7.9'], 'centos': ['7.9'], 'eurolinux': ['7.9'], 'ol': ['7.9'], 'scientific': ['7.9']},
-+    '8': {'rhel': ['8.5', '8.6', '8.8', '8.9', '8.10'], 'rhel-saphana': ['8.6', '8.8', '8.9', '8.10'], 'centos': ['8.5', '8.999'], 'almalinux': ['8.6', '8.7', '8.8', '8.9', '8.10'], 'eurolinux': ['8.6', '8.7', '8.8', '8.9', '8.10'], 'ol': ['8.6', '8.7', '8.8', '8.9', '8.10'], 'rocky': ['8.6', '8.7', '8.8', '8.9', '8.10']},
- }
- 
- 
-diff --git a/repos/system_upgrade/common/libraries/module.py b/repos/system_upgrade/common/libraries/module.py
-index abde69e7..7d4e8aa4 100644
---- a/repos/system_upgrade/common/libraries/module.py
-+++ b/repos/system_upgrade/common/libraries/module.py
-@@ -1,4 +1,3 @@
--import os
- import warnings
- 
- from leapp.libraries.common.config.version import get_source_major_version
-@@ -23,14 +22,20 @@ def _create_or_get_dnf_base(base=None):
-         # have repositories only for the exact system version (including the minor number). In a case when
-         # /etc/yum/vars/releasever is present, read its contents so that we can access repositores on such systems.
-         conf = dnf.conf.Conf()
--        pkg_manager = 'yum' if get_source_major_version() == '7' else 'dnf'
--        releasever_path = '/etc/{0}/vars/releasever'.format(pkg_manager)
--        if os.path.exists(releasever_path):
--            with open(releasever_path) as releasever_file:
--                releasever = releasever_file.read().strip()
--                conf.substitutions['releasever'] = releasever
--        else:
--            conf.substitutions['releasever'] = get_source_major_version()
-+
-+        # preload releasever from what we know, this will be our fallback
-+        conf.substitutions['releasever'] = get_source_major_version()
-+
-+        # dnf on EL7 doesn't load vars from /etc/yum, so we need to help it a bit
-+        if get_source_major_version() == '7':
-+            try:
-+                with open('/etc/yum/vars/releasever') as releasever_file:
-+                    conf.substitutions['releasever'] = releasever_file.read().strip()
-+            except IOError:
-+                pass
-+
-+        # load all substitutions from etc
-+        conf.substitutions.update_from_etc('/')
- 
-         base = dnf.Base(conf=conf)
-         base.init_plugins()
-diff --git a/repos/system_upgrade/common/libraries/rhsm.py b/repos/system_upgrade/common/libraries/rhsm.py
-index 4a5b0eb0..9fdec233 100644
---- a/repos/system_upgrade/common/libraries/rhsm.py
-+++ b/repos/system_upgrade/common/libraries/rhsm.py
-@@ -92,7 +92,7 @@ def _handle_rhsm_exceptions(hint=None):
- 
- def skip_rhsm():
-     """Check whether we should skip RHSM related code."""
--    return get_env('LEAPP_NO_RHSM', '0') == '1'
-+    return True
- 
- 
- def with_rhsm(f):

SPECS/leapp-repository.spec

@@ -2,7 +2,7 @@
 %global repositorydir %{leapp_datadir}/repositories
 %global custom_repositorydir %{leapp_datadir}/custom-repositories
 
-%define leapp_repo_deps  9
+%define leapp_repo_deps  10
 
 %if 0%{?rhel} == 7
     %define leapp_python_sitelib %{python2_sitelib}
@@ -40,25 +40,24 @@ py2_byte_compile "%1" "%2"}
 # to create such an rpm. Instead, we are going to introduce new naming for
 # RHEL 8+ packages to be consistent with other leapp projects in future.
 
-Epoch:		1
 Name:           leapp-repository
-Version:        0.19.0
-Release:        6%{?dist}
+Version:        0.20.0
+Release:        2%{?dist}
 Summary:        Repositories for leapp
 
 License:        ASL 2.0
 URL:            https://oamg.github.io/leapp/
 Source0:        https://github.com/oamg/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
-Source1:        deps-pkgs-9.tar.gz
+Source1:        deps-pkgs-10.tar.gz
 
 # NOTE: Our packages must be noarch. Do no drop this in any way.
 BuildArch:      noarch
 
 ### PATCHES HERE
 # Patch0001:    filename.patch
-Patch0001:      0001-RHSM-Adjust-the-switch-to-container-mode-for-new-RHS.patch
-Patch0002:      0002-Do-not-create-dangling-symlinks-for-containerized-RH.patch
-Patch0003:	leapp-repository-0.19.0-elevate.patch
+
+Patch0001:      0001-rhui-do-not-bootstrap-target-client-on-aws.patch
+
 
 %description
 %{summary}
@@ -152,6 +151,16 @@ Provides:  leapp-repository-dependencies = %{leapp_repo_deps}
 ##################################################
 Requires:   dnf >= 4
 Requires:   pciutils
+
+# required to be able to format disk images with XFS file systems (default)
+Requires:   xfsprogs
+
+# required to be able to format disk images with Ext4 file systems
+# NOTE: this is not happening by default, but we can expact that many customers
+# will want to / need to do this - especially on RHEL 7 now. Adding this deps
+# as the best trade-off to resolve this problem.
+Requires:   e2fsprogs
+
 %if 0%{?rhel} && 0%{?rhel} == 7
 # Required to gather system facts about SELinux
 Requires:   libselinux-python
@@ -201,8 +210,6 @@ Requires:   python3-gobject-base
 # APPLY PATCHES HERE
 # %%patch0001 -p1
 %patch0001 -p1
-%patch0002 -p1
-%patch0003 -p1
 
 
 %build
@@ -274,21 +281,64 @@ done;
 %{_sysconfdir}/leapp/transaction/*
 %{repositorydir}/*
 %{leapp_python_sitelib}/leapp/cli/commands/*
-%exclude %{_sysconfdir}/leapp/files/repomap.json
-%exclude %{_sysconfdir}/leapp/files/pes-events.json
-%exclude %{_sysconfdir}/leapp/files/device_driver_deprecation_data.json
-%exclude %{leapp_datadir}/repositories/system_upgrade/common/files/rpm-gpg/*/*
+
 
 %files -n %{lpr_name}-deps
 # no files here
 
 %changelog
-* Wed Apr 24 2024 Yuriy Kohut <ykohut@almalinux.org> - 1:0.19.0-6
-- Enable CentOS Stream release 8 to 9 elevation
-- Update actor.py to support NVMe device enumeration
+* Tue Feb 20 2024 Petr Stodulka <pstodulk@redhat.com> - 0.20.0-2
+- Fallback to original RHUI solution on AWS to fix issues caused by changes in RHUI client
+- Resolves: RHEL-16729
 
-* Wed Jan 10 2024 Yuriy Kohut <ykohut@almalinux.org> - 1:0.19.0-5
-- AlmaLinux/CentOS/Oracle/Rocky/EuroLinux support (phase 1)
+* Tue Feb 13 2024 Toshio Kuratomi <toshio@fedoraproject.org> - 0.20.0-1
+- Rebase to new upstream v0.20.0.
+- Fix semanage import issue
+- Fix handling of libvirt's systemd services
+- Add a dracut breakpoint for the pre-upgrade step.
+- Drop obsoleted upgrade paths (obsoleted releases: 8.6, 8.9, 9.0, 9.3)
+- Resolves: RHEL-16729
+
+* Tue Jan 23 2024 Toshio Kuratomi <toshio@fedoraproject.org> - 0.19.0-10
+- Print nice error msg when device and driver deprecation data is malformed
+- Fix another cornercase when preserving symlinks to certificates in /etc/pki
+- Update the leapp upgrade data files - fixing upgrades with idm-tomcatjss
+- Resolves: RHEL-16729
+
+* Fri Jan 19 2024 Petr Stodulka <pstodulk@redhat.com> - 0.19.0-9
+- Do not try to download data files anymore when missing as the service
+  is obsoleted since the data is part of installed packages
+- Update error messages and reports when installed upgrade data files
+  are malformed or missing to instruct user how to resolve it
+- Update the leapp upgrade data files - bump data stream to "3.0"
+- Resolves: RHEL-16729
+
+* Fri Jan 12 2024 Petr Stodulka <pstodulk@redhat.com> - 0.19.0-7
+- Add detection of possible usage of OpenSSL IBMCA engine on IBM Z machines
+- Add detection of modified /etc/pki/tls/openssl.cnf file
+- Update the leapp upgrade data files
+- Fix handling of symlinks under /etc/pki with relative paths specified
+- Report custom actors and modifications of the upgrade tooling
+- Requires xfsprogs and e2fsprogs to ensure that Ext4 and XFS tools are installed
+- Bump leapp-repository-dependencies to 10
+- Resolves: RHEL-1774, RHEL-16729
+
+* Thu Nov 16 2023 Petr Stodulka <pstodulk@redhat.com> - 0.19.0-5
+- Enable new upgrade path for RHEL 8.10 -> RHEL 9.4 (including RHEL with SAP HANA)
+- Introduce generic transition of systemd services states during the IPU
+- Introduce possibility to upgrade with local repositories
+- Improve possibilities of upgrade when a proxy is configured in DNF configutation file
+- Fix handling of symlinks under /etc/pki when managing certificates
+- Fix the upgrade with custom https repositories
+- Default to the NO_RHSM mode when subscription-manager is not installed
+- Detect customized configuration of dynamic linker
+- Drop the invalid `tuv` target channel for the --channel option
+- Fix the issue of going out of bounds in the isccfg parser
+- Fix traceback when saving the rhsm facts results and the /etc/rhsm/facts directory doesn’t exist yet
+- Load all rpm repository substitutions that dnf knows about, not just "releasever" only
+- Simplify handling of upgrades on systems using RHUI, reducing the maintenance burden for cloud providers
+- Detect possible unexpected RPM GPG keys has been installed during RPM transaction
+- Resolves: RHEL-16729
 
 * Thu Nov 02 2023 Petr Stodulka <pstodulk@redhat.com> - 0.19.0-4
 - Fix the upgrade for systems without subscription-manager package