Compare commits
5 Commits
a8-elevate
...
c8
Author | SHA1 | Date |
---|---|---|
eabdullin | 6e448a755d | |
Andrew Lukoshko | 7f3492f658 | |
CentOS Sources | 7418c7fbb3 | |
CentOS Sources | 205e8ee942 | |
CentOS Sources | 091a7af850 |
|
@ -1,2 +1,2 @@
|
|||
SOURCES/deps-pkgs-6.tar.gz
|
||||
SOURCES/leapp-repository-0.16.0.tar.gz
|
||||
SOURCES/deps-pkgs-10.tar.gz
|
||||
SOURCES/leapp-repository-0.20.0.tar.gz
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
a5100971d63814c213c5245181891329578baf8d SOURCES/deps-pkgs-6.tar.gz
|
||||
2bcc851f1344107581096a6b564375c440a4df4a SOURCES/leapp-repository-0.16.0.tar.gz
|
||||
d520ada12294e4dd8837c81f92d4c184ab403d51 SOURCES/deps-pkgs-10.tar.gz
|
||||
185bbb040dba48e1ea2d6c627133af594378afd4 SOURCES/leapp-repository-0.20.0.tar.gz
|
||||
|
|
|
@ -1,70 +0,0 @@
|
|||
From b4fc2e0ae62e68dd246ed2eedda0df2a3ba90633 Mon Sep 17 00:00:00 2001
|
||||
From: Vinzenz Feenstra <vfeenstr@redhat.com>
|
||||
Date: Fri, 1 Apr 2022 15:13:51 +0200
|
||||
Subject: [PATCH] pcidevicesscanner: Also match deprecation data against kernel
|
||||
modules
|
||||
|
||||
Previously when the deprecation data got introduced the kernel drivers
|
||||
reported to be used by lspci have not been checked.
|
||||
This patch fixes this regression.
|
||||
|
||||
Signed-off-by: Vinzenz Feenstra <vfeenstr@redhat.com>
|
||||
---
|
||||
.../libraries/pcidevicesscanner.py | 29 ++++++++++++++++++-
|
||||
1 file changed, 28 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py b/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py
|
||||
index 146f1a33..0f02bd02 100644
|
||||
--- a/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py
|
||||
+++ b/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py
|
||||
@@ -1,7 +1,13 @@
|
||||
import re
|
||||
|
||||
from leapp.libraries.stdlib import api, run
|
||||
-from leapp.models import DetectedDeviceOrDriver, DeviceDriverDeprecationData, PCIDevice, PCIDevices
|
||||
+from leapp.models import (
|
||||
+ ActiveKernelModulesFacts,
|
||||
+ DetectedDeviceOrDriver,
|
||||
+ DeviceDriverDeprecationData,
|
||||
+ PCIDevice,
|
||||
+ PCIDevices
|
||||
+)
|
||||
|
||||
# Regex to capture Vendor, Device and SVendor and SDevice values
|
||||
PCI_ID_REG = re.compile(r"(?<=Vendor:\t|Device:\t)\w+")
|
||||
@@ -82,6 +88,26 @@ def produce_detected_devices(devices):
|
||||
])
|
||||
|
||||
|
||||
+def produce_detected_drivers(devices):
|
||||
+ active_modules = {
|
||||
+ module.file_name
|
||||
+ for message in api.consume(ActiveKernelModulesFacts) for module in message.kernel_modules
|
||||
+ }
|
||||
+
|
||||
+ # Create a lookup by driver_name and filter out the kernel that are active
|
||||
+ entry_lookup = {
|
||||
+ entry.driver_name: entry
|
||||
+ for message in api.consume(DeviceDriverDeprecationData) for entry in message.entries
|
||||
+ if entry.driver_name and entry.driver_name not in active_modules
|
||||
+ }
|
||||
+
|
||||
+ drivers = {device.driver for device in devices if device.driver in entry_lookup}
|
||||
+ api.produce(*[
|
||||
+ DetectedDeviceOrDriver(**entry_lookup[driver].dump())
|
||||
+ for driver in drivers
|
||||
+ ])
|
||||
+
|
||||
+
|
||||
def produce_pci_devices(producer, devices):
|
||||
""" Produce a Leapp message with all PCI devices """
|
||||
producer(PCIDevices(devices=devices))
|
||||
@@ -93,4 +119,5 @@ def scan_pci_devices(producer):
|
||||
pci_numeric = run(['lspci', '-vmmkn'], checked=False)['stdout']
|
||||
devices = parse_pci_devices(pci_textual, pci_numeric)
|
||||
produce_detected_devices(devices)
|
||||
+ produce_detected_drivers(devices)
|
||||
produce_pci_devices(producer, devices)
|
||||
--
|
||||
2.35.1
|
||||
|
|
@ -0,0 +1,251 @@
|
|||
From 921c06892f7550a3a8e2b3fe941c6272bdacf88d Mon Sep 17 00:00:00 2001
|
||||
From: mhecko <mhecko@redhat.com>
|
||||
Date: Thu, 15 Feb 2024 09:56:27 +0100
|
||||
Subject: [PATCH] rhui: do not bootstrap target client on aws
|
||||
|
||||
Bootstrapping target RHUI client now requires installing the entire
|
||||
RHEL8 RPM stack. Threfore, do not try installing target client
|
||||
and instead rely only on the files from our leapp-rhui-aws package.
|
||||
---
|
||||
.../cloud/checkrhui/libraries/checkrhui.py | 6 +-
|
||||
.../libraries/userspacegen.py | 104 ++++++++++++++----
|
||||
.../system_upgrade/common/models/rhuiinfo.py | 7 ++
|
||||
3 files changed, 92 insertions(+), 25 deletions(-)
|
||||
|
||||
diff --git a/repos/system_upgrade/common/actors/cloud/checkrhui/libraries/checkrhui.py b/repos/system_upgrade/common/actors/cloud/checkrhui/libraries/checkrhui.py
|
||||
index 84ab40e3..e1c158c7 100644
|
||||
--- a/repos/system_upgrade/common/actors/cloud/checkrhui/libraries/checkrhui.py
|
||||
+++ b/repos/system_upgrade/common/actors/cloud/checkrhui/libraries/checkrhui.py
|
||||
@@ -142,7 +142,11 @@ def customize_rhui_setup_for_aws(rhui_family, setup_info):
|
||||
|
||||
target_version = version.get_target_major_version()
|
||||
if target_version == '8':
|
||||
- return # The rhel8 plugin is packed into leapp-rhui-aws as we need python2 compatible client
|
||||
+ # RHEL8 rh-amazon-rhui-client depends on amazon-libdnf-plugin that depends
|
||||
+ # essentially on the entire RHEL8 RPM stack, so we cannot just swap the clients
|
||||
+ # The leapp-rhui-aws will provide all necessary files to access entire RHEL8 content
|
||||
+ setup_info.bootstrap_target_client = False
|
||||
+ return
|
||||
|
||||
amazon_plugin_copy_task = CopyFile(src='/usr/lib/python3.9/site-packages/dnf-plugins/amazon-id.py',
|
||||
dst='/usr/lib/python3.6/site-packages/dnf-plugins/')
|
||||
diff --git a/repos/system_upgrade/common/actors/targetuserspacecreator/libraries/userspacegen.py b/repos/system_upgrade/common/actors/targetuserspacecreator/libraries/userspacegen.py
|
||||
index d917bfd5..d60bc75f 100644
|
||||
--- a/repos/system_upgrade/common/actors/targetuserspacecreator/libraries/userspacegen.py
|
||||
+++ b/repos/system_upgrade/common/actors/targetuserspacecreator/libraries/userspacegen.py
|
||||
@@ -853,9 +853,9 @@ def _get_rhui_available_repoids(context, cloud_repo):
|
||||
return set(repoids)
|
||||
|
||||
|
||||
-def get_copy_location_from_copy_in_task(context, copy_task):
|
||||
+def get_copy_location_from_copy_in_task(context_basepath, copy_task):
|
||||
basename = os.path.basename(copy_task.src)
|
||||
- dest_in_container = context.full_path(copy_task.dst)
|
||||
+ dest_in_container = os.path.join(context_basepath, copy_task.dst)
|
||||
if os.path.isdir(dest_in_container):
|
||||
return os.path.join(copy_task.dst, basename)
|
||||
return copy_task.dst
|
||||
@@ -871,7 +871,10 @@ def _get_rh_available_repoids(context, indata):
|
||||
|
||||
# If we are upgrading a RHUI system, check what repositories are provided by the (already installed) target clients
|
||||
if indata and indata.rhui_info:
|
||||
- files_provided_by_clients = _query_rpm_for_pkg_files(context, indata.rhui_info.target_client_pkg_names)
|
||||
+ setup_info = indata.rhui_info.target_client_setup_info
|
||||
+ target_content_access_files = set()
|
||||
+ if setup_info.bootstrap_target_client:
|
||||
+ target_content_access_files = _query_rpm_for_pkg_files(context, indata.rhui_info.target_client_pkg_names)
|
||||
|
||||
def is_repofile(path):
|
||||
return os.path.dirname(path) == '/etc/yum.repos.d' and os.path.basename(path).endswith('.repo')
|
||||
@@ -884,24 +887,33 @@ def _get_rh_available_repoids(context, indata):
|
||||
|
||||
yum_repos_d = context.full_path('/etc/yum.repos.d')
|
||||
all_repofiles = {os.path.join(yum_repos_d, path) for path in os.listdir(yum_repos_d) if path.endswith('.repo')}
|
||||
- client_repofiles = {context.full_path(path) for path in files_provided_by_clients if is_repofile(path)}
|
||||
+ api.current_logger().debug('(RHUI Setup) All available repofiles: {0}'.format(' '.join(all_repofiles)))
|
||||
+
|
||||
+ target_access_repofiles = {
|
||||
+ context.full_path(path) for path in target_content_access_files if is_repofile(path)
|
||||
+ }
|
||||
|
||||
# Exclude repofiles used to setup the target rhui access as on some platforms the repos provided by
|
||||
# the client are not sufficient to install the client into target userspace (GCP)
|
||||
rhui_setup_repofile_tasks = [task for task in setup_tasks if task.src.endswith('repo')]
|
||||
rhui_setup_repofiles = (
|
||||
- get_copy_location_from_copy_in_task(context, copy_task) for copy_task in rhui_setup_repofile_tasks
|
||||
+ get_copy_location_from_copy_in_task(context.base_dir, copy) for copy in rhui_setup_repofile_tasks
|
||||
)
|
||||
rhui_setup_repofiles = {context.full_path(repofile) for repofile in rhui_setup_repofiles}
|
||||
|
||||
- foreign_repofiles = all_repofiles - client_repofiles - rhui_setup_repofiles
|
||||
+ foreign_repofiles = all_repofiles - target_access_repofiles - rhui_setup_repofiles
|
||||
+
|
||||
+ api.current_logger().debug(
|
||||
+ 'The following repofiles are considered as unknown to'
|
||||
+ ' the target RHUI content setup and will be ignored: {0}'.format(' '.join(foreign_repofiles))
|
||||
+ )
|
||||
|
||||
# Rename non-client repofiles so they will not be recognized when running dnf repolist
|
||||
for foreign_repofile in foreign_repofiles:
|
||||
os.rename(foreign_repofile, '{0}.back'.format(foreign_repofile))
|
||||
|
||||
try:
|
||||
- dnf_cmd = ['dnf', 'repolist', '--releasever', target_ver, '-v']
|
||||
+ dnf_cmd = ['dnf', 'repolist', '--releasever', target_ver, '-v', '--enablerepo', '*']
|
||||
repolist_result = context.call(dnf_cmd)['stdout']
|
||||
repoid_lines = [line for line in repolist_result.split('\n') if line.startswith('Repo-id')]
|
||||
rhui_repoids = {extract_repoid_from_line(line) for line in repoid_lines}
|
||||
@@ -919,6 +931,9 @@ def _get_rh_available_repoids(context, indata):
|
||||
for foreign_repofile in foreign_repofiles:
|
||||
os.rename('{0}.back'.format(foreign_repofile), foreign_repofile)
|
||||
|
||||
+ api.current_logger().debug(
|
||||
+ 'The following repofiles are considered as provided by RedHat: {0}'.format(' '.join(rh_repoids))
|
||||
+ )
|
||||
return rh_repoids
|
||||
|
||||
|
||||
@@ -1086,7 +1101,7 @@ def _get_target_userspace():
|
||||
return constants.TARGET_USERSPACE.format(get_target_major_version())
|
||||
|
||||
|
||||
-def _create_target_userspace(context, packages, files, target_repoids):
|
||||
+def _create_target_userspace(context, indata, packages, files, target_repoids):
|
||||
"""Create the target userspace."""
|
||||
target_path = _get_target_userspace()
|
||||
prepare_target_userspace(context, target_path, target_repoids, list(packages))
|
||||
@@ -1096,12 +1111,57 @@ def _create_target_userspace(context, packages, files, target_repoids):
|
||||
_copy_files(target_context, files)
|
||||
dnfplugin.install(_get_target_userspace())
|
||||
|
||||
+ # If we used only repofiles from leapp-rhui-<provider> then remove these as they provide
|
||||
+ # duplicit definitions as the target clients already installed in the target container
|
||||
+ if indata.rhui_info:
|
||||
+ api.current_logger().debug(
|
||||
+ 'Target container should have access to content. '
|
||||
+ 'Removing repofiles from leapp-rhui-<provider> from the target..'
|
||||
+ )
|
||||
+ setup_info = indata.rhui_info.target_client_setup_info
|
||||
+ if not setup_info.bootstrap_target_client:
|
||||
+ target_userspace_path = _get_target_userspace()
|
||||
+ for copy in setup_info.preinstall_tasks.files_to_copy_into_overlay:
|
||||
+ dst_in_container = get_copy_location_from_copy_in_task(target_userspace_path, copy)
|
||||
+ dst_in_container = dst_in_container.strip('/')
|
||||
+ dst_in_host = os.path.join(target_userspace_path, dst_in_container)
|
||||
+ if os.path.isfile(dst_in_host) and dst_in_host.endswith('.repo'):
|
||||
+ api.current_logger().debug('Removing repofile: {0}'.format(dst_in_host))
|
||||
+ os.remove(dst_in_host)
|
||||
+
|
||||
# and do not forget to set the rhsm into the container mode again
|
||||
with mounting.NspawnActions(_get_target_userspace()) as target_context:
|
||||
rhsm.set_container_mode(target_context)
|
||||
|
||||
|
||||
-def install_target_rhui_client_if_needed(context, indata):
|
||||
+def _apply_rhui_access_preinstall_tasks(context, rhui_setup_info):
|
||||
+ if rhui_setup_info.preinstall_tasks:
|
||||
+ api.current_logger().debug('Applying RHUI preinstall tasks.')
|
||||
+ preinstall_tasks = rhui_setup_info.preinstall_tasks
|
||||
+
|
||||
+ for file_to_remove in preinstall_tasks.files_to_remove:
|
||||
+ api.current_logger().debug('Removing {0} from the scratch container.'.format(file_to_remove))
|
||||
+ context.remove(file_to_remove)
|
||||
+
|
||||
+ for copy_info in preinstall_tasks.files_to_copy_into_overlay:
|
||||
+ api.current_logger().debug(
|
||||
+ 'Copying {0} in {1} into the scratch container.'.format(copy_info.src, copy_info.dst)
|
||||
+ )
|
||||
+ context.makedirs(os.path.dirname(copy_info.dst), exists_ok=True)
|
||||
+ context.copy_to(copy_info.src, copy_info.dst)
|
||||
+
|
||||
+
|
||||
+def _apply_rhui_access_postinstall_tasks(context, rhui_setup_info):
|
||||
+ if rhui_setup_info.postinstall_tasks:
|
||||
+ api.current_logger().debug('Applying RHUI postinstall tasks.')
|
||||
+ for copy_info in rhui_setup_info.postinstall_tasks.files_to_copy:
|
||||
+ context.makedirs(os.path.dirname(copy_info.dst), exists_ok=True)
|
||||
+ debug_msg = 'Copying {0} to {1} (inside the scratch container).'
|
||||
+ api.current_logger().debug(debug_msg.format(copy_info.src, copy_info.dst))
|
||||
+ context.call(['cp', copy_info.src, copy_info.dst])
|
||||
+
|
||||
+
|
||||
+def setup_target_rhui_access_if_needed(context, indata):
|
||||
if not indata.rhui_info:
|
||||
return
|
||||
|
||||
@@ -1110,15 +1170,14 @@ def install_target_rhui_client_if_needed(context, indata):
|
||||
_create_target_userspace_directories(userspace_dir)
|
||||
|
||||
setup_info = indata.rhui_info.target_client_setup_info
|
||||
- if setup_info.preinstall_tasks:
|
||||
- preinstall_tasks = setup_info.preinstall_tasks
|
||||
+ _apply_rhui_access_preinstall_tasks(context, setup_info)
|
||||
|
||||
- for file_to_remove in preinstall_tasks.files_to_remove:
|
||||
- context.remove(file_to_remove)
|
||||
-
|
||||
- for copy_info in preinstall_tasks.files_to_copy_into_overlay:
|
||||
- context.makedirs(os.path.dirname(copy_info.dst), exists_ok=True)
|
||||
- context.copy_to(copy_info.src, copy_info.dst)
|
||||
+ if not setup_info.bootstrap_target_client:
|
||||
+ # Installation of the target RHUI client is not possible and we bundle all necessary
|
||||
+ # files into the leapp-rhui-<provider> packages.
|
||||
+ api.current_logger().debug('Bootstrapping target RHUI client is disabled, leapp will rely '
|
||||
+ 'only on files budled in leapp-rhui-<provider> package.')
|
||||
+ return
|
||||
|
||||
cmd = ['dnf', '-y']
|
||||
|
||||
@@ -1149,16 +1208,13 @@ def install_target_rhui_client_if_needed(context, indata):
|
||||
|
||||
context.call(cmd, callback_raw=utils.logging_handler, stdin='\n'.join(dnf_transaction_steps))
|
||||
|
||||
- if setup_info.postinstall_tasks:
|
||||
- for copy_info in setup_info.postinstall_tasks.files_to_copy:
|
||||
- context.makedirs(os.path.dirname(copy_info.dst), exists_ok=True)
|
||||
- context.call(['cp', copy_info.src, copy_info.dst])
|
||||
+ _apply_rhui_access_postinstall_tasks(context, setup_info)
|
||||
|
||||
# Do a cleanup so there are not duplicit repoids
|
||||
files_owned_by_clients = _query_rpm_for_pkg_files(context, indata.rhui_info.target_client_pkg_names)
|
||||
|
||||
for copy_task in setup_info.preinstall_tasks.files_to_copy_into_overlay:
|
||||
- dest = get_copy_location_from_copy_in_task(context, copy_task)
|
||||
+ dest = get_copy_location_from_copy_in_task(context.base_dir, copy_task)
|
||||
can_be_cleaned_up = copy_task.src not in setup_info.files_supporting_client_operation
|
||||
if dest not in files_owned_by_clients and can_be_cleaned_up:
|
||||
context.remove(dest)
|
||||
@@ -1184,10 +1240,10 @@ def perform():
|
||||
target_iso = next(api.consume(TargetOSInstallationImage), None)
|
||||
with mounting.mount_upgrade_iso_to_root_dir(overlay.target, target_iso):
|
||||
|
||||
- install_target_rhui_client_if_needed(context, indata)
|
||||
+ setup_target_rhui_access_if_needed(context, indata)
|
||||
|
||||
target_repoids = _gather_target_repositories(context, indata, prod_cert_path)
|
||||
- _create_target_userspace(context, indata.packages, indata.files, target_repoids)
|
||||
+ _create_target_userspace(context, indata, indata.packages, indata.files, target_repoids)
|
||||
# TODO: this is tmp solution as proper one needs significant refactoring
|
||||
target_repo_facts = repofileutils.get_parsed_repofiles(context)
|
||||
api.produce(TMPTargetRepositoriesFacts(repositories=target_repo_facts))
|
||||
diff --git a/repos/system_upgrade/common/models/rhuiinfo.py b/repos/system_upgrade/common/models/rhuiinfo.py
|
||||
index 3eaa4826..0a2e45af 100644
|
||||
--- a/repos/system_upgrade/common/models/rhuiinfo.py
|
||||
+++ b/repos/system_upgrade/common/models/rhuiinfo.py
|
||||
@@ -36,6 +36,13 @@ class TargetRHUISetupInfo(Model):
|
||||
files_supporting_client_operation = fields.List(fields.String(), default=[])
|
||||
"""A subset of files copied in preinstall tasks that should not be cleaned up."""
|
||||
|
||||
+ bootstrap_target_client = fields.Boolean(default=True)
|
||||
+ """
|
||||
+ Swap the current RHUI client for the target one to facilitate access to the target content.
|
||||
+
|
||||
+ When False, only files from the leapp-rhui-<provider> will be used to access target content.
|
||||
+ """
|
||||
+
|
||||
|
||||
class RHUIInfo(Model):
|
||||
"""
|
||||
--
|
||||
2.43.0
|
||||
|
|
@ -1,44 +0,0 @@
|
|||
From 53ceded213ae17ca5d27268bc496e736dfea7e64 Mon Sep 17 00:00:00 2001
|
||||
From: Vinzenz Feenstra <vfeenstr@redhat.com>
|
||||
Date: Thu, 14 Apr 2022 14:50:07 +0200
|
||||
Subject: [PATCH 2/3] pciscanner: Fix 2 issues in regards to pci address
|
||||
handling
|
||||
|
||||
In a previous patch, the introduction of the new handling of deprecation
|
||||
data, 2 problems slipped through.
|
||||
|
||||
1. The regex replacement for pci ids errornous adds an empty space
|
||||
instead of empty string
|
||||
2. Drivers should be matched on lspci output against the driver
|
||||
deprecation data only if the pci_id is empty
|
||||
|
||||
Signed-off-by: Vinzenz Feenstra <vfeenstr@redhat.com>
|
||||
---
|
||||
.../actors/pcidevicesscanner/libraries/pcidevicesscanner.py | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py b/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py
|
||||
index 0f02bd02..eb063abb 100644
|
||||
--- a/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py
|
||||
+++ b/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py
|
||||
@@ -78,7 +78,7 @@ def parse_pci_devices(pci_textual, pci_numeric):
|
||||
def produce_detected_devices(devices):
|
||||
prefix_re = re.compile('0x')
|
||||
entry_lookup = {
|
||||
- prefix_re.sub(' ', entry.device_id): entry
|
||||
+ prefix_re.sub('', entry.device_id): entry
|
||||
for message in api.consume(DeviceDriverDeprecationData) for entry in message.entries
|
||||
}
|
||||
api.produce(*[
|
||||
@@ -98,7 +98,7 @@ def produce_detected_drivers(devices):
|
||||
entry_lookup = {
|
||||
entry.driver_name: entry
|
||||
for message in api.consume(DeviceDriverDeprecationData) for entry in message.entries
|
||||
- if entry.driver_name and entry.driver_name not in active_modules
|
||||
+ if not entry.device_id and entry.driver_name and entry.driver_name not in active_modules
|
||||
}
|
||||
|
||||
drivers = {device.driver for device in devices if device.driver in entry_lookup}
|
||||
--
|
||||
2.35.1
|
||||
|
|
@ -1,78 +0,0 @@
|
|||
From a1fdabea9c00a96ffc1504577f12733e1c1830ee Mon Sep 17 00:00:00 2001
|
||||
From: Evgeni Golov <evgeni@golov.de>
|
||||
Date: Thu, 7 Apr 2022 14:56:18 +0200
|
||||
Subject: [PATCH 3/3] Ensure the right repositories are enabled on Satellite
|
||||
Capsules
|
||||
|
||||
---
|
||||
.../actors/satellite_upgrade_facts/actor.py | 6 +++-
|
||||
.../unit_test_satellite_upgrade_facts.py | 34 ++++++++++++++++++-
|
||||
2 files changed, 38 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/actor.py b/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/actor.py
|
||||
index eb87cd68..fb83107e 100644
|
||||
--- a/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/actor.py
|
||||
+++ b/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/actor.py
|
||||
@@ -129,6 +129,10 @@ class SatelliteUpgradeFacts(Actor):
|
||||
modules_to_enable=modules_to_enable
|
||||
)
|
||||
)
|
||||
- repositories_to_enable = ['ansible-2.9-for-rhel-8-x86_64-rpms', 'satellite-6.11-for-rhel-8-x86_64-rpms',
|
||||
+ repositories_to_enable = ['ansible-2.9-for-rhel-8-x86_64-rpms',
|
||||
'satellite-maintenance-6.11-for-rhel-8-x86_64-rpms']
|
||||
+ if has_package(InstalledRPM, 'foreman'):
|
||||
+ repositories_to_enable.append('satellite-6.11-for-rhel-8-x86_64-rpms')
|
||||
+ else:
|
||||
+ repositories_to_enable.append('satellite-capsule-6.11-for-rhel-8-x86_64-rpms')
|
||||
self.produce(RepositoriesSetupTasks(to_enable=repositories_to_enable))
|
||||
diff --git a/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/tests/unit_test_satellite_upgrade_facts.py b/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/tests/unit_test_satellite_upgrade_facts.py
|
||||
index 5c8e79ff..e77b7b58 100644
|
||||
--- a/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/tests/unit_test_satellite_upgrade_facts.py
|
||||
+++ b/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/tests/unit_test_satellite_upgrade_facts.py
|
||||
@@ -1,6 +1,14 @@
|
||||
import os
|
||||
|
||||
-from leapp.models import DNFWorkaround, InstalledRPM, Module, RPM, RpmTransactionTasks, SatelliteFacts
|
||||
+from leapp.models import (
|
||||
+ DNFWorkaround,
|
||||
+ InstalledRPM,
|
||||
+ Module,
|
||||
+ RepositoriesSetupTasks,
|
||||
+ RPM,
|
||||
+ RpmTransactionTasks,
|
||||
+ SatelliteFacts
|
||||
+)
|
||||
from leapp.snactor.fixture import current_actor_context
|
||||
|
||||
RH_PACKAGER = 'Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>'
|
||||
@@ -87,3 +95,27 @@ def test_detects_remote_postgresql(current_actor_context):
|
||||
assert not satellitemsg.postgresql.local_postgresql
|
||||
|
||||
assert not current_actor_context.consume(DNFWorkaround)
|
||||
+
|
||||
+
|
||||
+def test_enables_right_repositories_on_satellite(current_actor_context):
|
||||
+ current_actor_context.feed(InstalledRPM(items=[FOREMAN_RPM]))
|
||||
+ current_actor_context.run()
|
||||
+
|
||||
+ rpmmessage = current_actor_context.consume(RepositoriesSetupTasks)[0]
|
||||
+
|
||||
+ assert 'ansible-2.9-for-rhel-8-x86_64-rpms' in rpmmessage.to_enable
|
||||
+ assert 'satellite-maintenance-6.11-for-rhel-8-x86_64-rpms' in rpmmessage.to_enable
|
||||
+ assert 'satellite-6.11-for-rhel-8-x86_64-rpms' in rpmmessage.to_enable
|
||||
+ assert 'satellite-capsule-6.11-for-rhel-8-x86_64-rpms' not in rpmmessage.to_enable
|
||||
+
|
||||
+
|
||||
+def test_enables_right_repositories_on_capsule(current_actor_context):
|
||||
+ current_actor_context.feed(InstalledRPM(items=[FOREMAN_PROXY_RPM]))
|
||||
+ current_actor_context.run()
|
||||
+
|
||||
+ rpmmessage = current_actor_context.consume(RepositoriesSetupTasks)[0]
|
||||
+
|
||||
+ assert 'ansible-2.9-for-rhel-8-x86_64-rpms' in rpmmessage.to_enable
|
||||
+ assert 'satellite-maintenance-6.11-for-rhel-8-x86_64-rpms' in rpmmessage.to_enable
|
||||
+ assert 'satellite-6.11-for-rhel-8-x86_64-rpms' not in rpmmessage.to_enable
|
||||
+ assert 'satellite-capsule-6.11-for-rhel-8-x86_64-rpms' in rpmmessage.to_enable
|
||||
--
|
||||
2.35.1
|
||||
|
|
@ -1,23 +0,0 @@
|
|||
From 496abd1775779054377c5e35ae96fa4d390bab42 Mon Sep 17 00:00:00 2001
|
||||
From: Petr Stodulka <pstodulk@redhat.com>
|
||||
Date: Tue, 19 Apr 2022 21:51:03 +0200
|
||||
Subject: [PATCH] Enforce the removal of rubygem-irb (do not install it)
|
||||
|
||||
---
|
||||
etc/leapp/transaction/to_remove | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/etc/leapp/transaction/to_remove b/etc/leapp/transaction/to_remove
|
||||
index 0feb782..07c6864 100644
|
||||
--- a/etc/leapp/transaction/to_remove
|
||||
+++ b/etc/leapp/transaction/to_remove
|
||||
@@ -1,3 +1,6 @@
|
||||
### List of packages (each on new line) to be removed from the upgrade transaction
|
||||
# Removing initial-setup package to avoid it asking for EULA acceptance during upgrade - OAMG-1531
|
||||
initial-setup
|
||||
+
|
||||
+# temporary workaround for the file conflict symlink <-> dir (#2030627)
|
||||
+rubygem-irb
|
||||
--
|
||||
2.35.1
|
||||
|
|
@ -1,209 +0,0 @@
|
|||
From eeb4f99f57c67937ea562fce11fd5607470ae0a6 Mon Sep 17 00:00:00 2001
|
||||
From: Petr Stodulka <pstodulk@redhat.com>
|
||||
Date: Fri, 22 Apr 2022 00:20:15 +0200
|
||||
Subject: [PATCH] [IPU 8 -> 9] Migrate blacklisted CAs (hotfix)
|
||||
|
||||
Preserve blacklisted certificates during the IPU 8 -> 9
|
||||
|
||||
Path for the blacklisted certificates has been changed on RHEL 9.
|
||||
The original paths on RHEL 8 and older systems have been:
|
||||
/etc/pki/ca-trust/source/blacklist/
|
||||
/usr/share/pki/ca-trust-source/blacklist/
|
||||
However on RHEL 9 the blacklist directory has been renamed to 'blocklist'.
|
||||
So the paths are:
|
||||
/etc/pki/ca-trust/source/blocklist/
|
||||
/usr/share/pki/ca-trust-source/blocklist/
|
||||
This actor moves all blacklisted certificates into the expected directories
|
||||
and fix symlinks if to point to the new dirs if they originally pointed
|
||||
to one of obsoleted dirs.
|
||||
|
||||
Covered cases:
|
||||
- covered situations with missing dirs
|
||||
- covered both mentioned blacklist directories
|
||||
- update symlinks in case they point to one of obsoleted directories
|
||||
- remove obsoleted directories when all files migrated successfully
|
||||
- execute /usr/bin/update-ca-trust in the end
|
||||
- remove original a blacklist directory in case all discovered files
|
||||
inside are migrated successfully
|
||||
- print error logs in case of any issues so the upgrade does not
|
||||
crash in case of troubles and users could deal with problems
|
||||
manually after the upgrade
|
||||
|
||||
The actor is not covered by unit-tests as it's just a hotfix. Follow
|
||||
up works are expected to extend the problem with reports during
|
||||
preupgrade phases, improve the test coverage, ....
|
||||
|
||||
BZ: https://bugzilla.redhat.com/show_bug.cgi?id=2077432
|
||||
Followup ticket: CRYPTO-7097
|
||||
---
|
||||
.../actors/migrateblacklistca/actor.py | 28 ++++++
|
||||
.../libraries/migrateblacklistca.py | 89 +++++++++++++++++++
|
||||
.../tests/unit_test_migrateblacklistca.py | 25 ++++++
|
||||
3 files changed, 142 insertions(+)
|
||||
create mode 100644 repos/system_upgrade/el8toel9/actors/migrateblacklistca/actor.py
|
||||
create mode 100644 repos/system_upgrade/el8toel9/actors/migrateblacklistca/libraries/migrateblacklistca.py
|
||||
create mode 100644 repos/system_upgrade/el8toel9/actors/migrateblacklistca/tests/unit_test_migrateblacklistca.py
|
||||
|
||||
diff --git a/repos/system_upgrade/el8toel9/actors/migrateblacklistca/actor.py b/repos/system_upgrade/el8toel9/actors/migrateblacklistca/actor.py
|
||||
new file mode 100644
|
||||
index 00000000..863a0063
|
||||
--- /dev/null
|
||||
+++ b/repos/system_upgrade/el8toel9/actors/migrateblacklistca/actor.py
|
||||
@@ -0,0 +1,28 @@
|
||||
+from leapp.actors import Actor
|
||||
+from leapp.libraries.actor import migrateblacklistca
|
||||
+from leapp.tags import ApplicationsPhaseTag, IPUWorkflowTag
|
||||
+
|
||||
+
|
||||
+class MigrateBlacklistCA(Actor):
|
||||
+ """
|
||||
+ Preserve blacklisted certificates during the upgrade
|
||||
+
|
||||
+ Path for the blacklisted certificates has been changed on RHEL 9.
|
||||
+ The original paths on RHEL 8 and older systems have been:
|
||||
+ /etc/pki/ca-trust/source/blacklist/
|
||||
+ /usr/share/pki/ca-trust-source/blacklist/
|
||||
+ However on RHEL 9 the blacklist directory has been renamed to 'blocklist'.
|
||||
+ So the new paths are:
|
||||
+ /etc/pki/ca-trust/source/blocklist/
|
||||
+ /usr/share/pki/ca-trust-source/blocklist/
|
||||
+ This actor moves all blacklisted certificates into the expected directories
|
||||
+ and fix symlinks if needed.
|
||||
+ """
|
||||
+
|
||||
+ name = 'migrate_blacklist_ca'
|
||||
+ consumes = ()
|
||||
+ produces = ()
|
||||
+ tags = (ApplicationsPhaseTag, IPUWorkflowTag)
|
||||
+
|
||||
+ def process(self):
|
||||
+ migrateblacklistca.process()
|
||||
diff --git a/repos/system_upgrade/el8toel9/actors/migrateblacklistca/libraries/migrateblacklistca.py b/repos/system_upgrade/el8toel9/actors/migrateblacklistca/libraries/migrateblacklistca.py
|
||||
new file mode 100644
|
||||
index 00000000..73c9d565
|
||||
--- /dev/null
|
||||
+++ b/repos/system_upgrade/el8toel9/actors/migrateblacklistca/libraries/migrateblacklistca.py
|
||||
@@ -0,0 +1,89 @@
|
||||
+import os
|
||||
+import shutil
|
||||
+
|
||||
+from leapp.libraries.stdlib import api, CalledProcessError, run
|
||||
+
|
||||
+# dict(orig_dir: new_dir)
|
||||
+DIRS_CHANGE = {
|
||||
+ '/etc/pki/ca-trust/source/blacklist/': '/etc/pki/ca-trust/source/blocklist/',
|
||||
+ '/usr/share/pki/ca-trust-source/blacklist/': '/usr/share/pki/ca-trust-source/blocklist/'
|
||||
+}
|
||||
+
|
||||
+
|
||||
+def _link_src_path(filepath):
|
||||
+ """
|
||||
+ Return expected target path for the symlink.
|
||||
+
|
||||
+ In case the symlink points to one of dirs supposed to be migrated in this
|
||||
+ actor, we need to point to the new directory instead.
|
||||
+
|
||||
+ In case the link points anywhere else, keep the target path as it is.
|
||||
+ """
|
||||
+ realpath = os.path.realpath(filepath)
|
||||
+ for dirname in DIRS_CHANGE:
|
||||
+ if realpath.startswith(dirname):
|
||||
+ return realpath.replace(dirname, DIRS_CHANGE[dirname])
|
||||
+
|
||||
+ # it seems we can keep this path
|
||||
+ return realpath
|
||||
+
|
||||
+
|
||||
+def _migrate_file(filename, src_basedir):
|
||||
+ dst_path = filename.replace(src_basedir, DIRS_CHANGE[src_basedir])
|
||||
+ if os.path.exists(dst_path):
|
||||
+ api.current_logger().info(
|
||||
+ 'Skipping migration of the {} certificate. The target file already exists'
|
||||
+ .format(filename)
|
||||
+ )
|
||||
+ return
|
||||
+ os.makedirs(os.path.dirname(dst_path), mode=0o755, exist_ok=True)
|
||||
+ if os.path.islink(filename):
|
||||
+ # create the new symlink instead of the moving the file
|
||||
+ # as the target path could be different as well
|
||||
+ link_src_path = _link_src_path(filename)
|
||||
+ # TODO: is the broken symlink ok?
|
||||
+ os.symlink(link_src_path, dst_path)
|
||||
+ os.unlink(filename)
|
||||
+ else:
|
||||
+ # normal file, just move it
|
||||
+ shutil.move(filename, dst_path)
|
||||
+
|
||||
+
|
||||
+def _get_files(dirname):
|
||||
+ return run(['find', dirname, '-type', 'f,l'], split=True)['stdout']
|
||||
+
|
||||
+
|
||||
+def process():
|
||||
+ for dirname in DIRS_CHANGE:
|
||||
+ if not os.path.exists(dirname):
|
||||
+ # The directory does not exist; nothing to do here
|
||||
+ continue
|
||||
+ try:
|
||||
+ blacklisted_certs = _get_files(dirname)
|
||||
+ except (CalledProcessError, OSError) as e:
|
||||
+ # TODO: create post-upgrade report
|
||||
+ api.current_logger().error('Cannot get list of files in {}: {}.'.format(dirname, e))
|
||||
+ api.current_logger().error('Certificates under {} must be migrated manually.'.format(dirname))
|
||||
+ continue
|
||||
+ failed_files = []
|
||||
+ for filename in blacklisted_certs:
|
||||
+ try:
|
||||
+ _migrate_file(filename, dirname)
|
||||
+ except OSError as e:
|
||||
+ api.current_logger().error(
|
||||
+ 'Failed migration of blacklisted certificate {}: {}'
|
||||
+ .format(filename, e)
|
||||
+ )
|
||||
+ failed_files.append(filename)
|
||||
+ if not failed_files:
|
||||
+ # the failed removal is not such a big issue here
|
||||
+ # clean the dir if all files have been migrated successfully
|
||||
+ shutil.rmtree(dirname, ignore_errors=True)
|
||||
+ try:
|
||||
+ run(['/usr/bin/update-ca-trust'])
|
||||
+ except (CalledProcessError, OSError) as e:
|
||||
+ api.current_logger().error(
|
||||
+ 'Cannot update CA trust on the system.'
|
||||
+ ' It needs to be done manually after the in-place upgrade.'
|
||||
+ ' Reason: {}'.format(e)
|
||||
+ )
|
||||
diff --git a/repos/system_upgrade/el8toel9/actors/migrateblacklistca/tests/unit_test_migrateblacklistca.py b/repos/system_upgrade/el8toel9/actors/migrateblacklistca/tests/unit_test_migrateblacklistca.py
|
||||
new file mode 100644
|
||||
index 00000000..970dcb97
|
||||
--- /dev/null
|
||||
+++ b/repos/system_upgrade/el8toel9/actors/migrateblacklistca/tests/unit_test_migrateblacklistca.py
|
||||
@@ -0,0 +1,25 @@
|
||||
+import os
|
||||
+
|
||||
+from leapp.libraries.actor import migrateblacklistca
|
||||
+from leapp.libraries.common.testutils import CurrentActorMocked
|
||||
+from leapp.libraries.stdlib import api
|
||||
+
|
||||
+
|
||||
+class MockedGetFiles():
|
||||
+ def __init__(self):
|
||||
+ self.called = 0
|
||||
+
|
||||
+ def __call__(self):
|
||||
+ self.called += 1
|
||||
+ return []
|
||||
+
|
||||
+
|
||||
+def test_no_dirs_exist(monkeypatch):
|
||||
+ mocked_files = MockedGetFiles()
|
||||
+ monkeypatch.setattr(os.path, 'exists', lambda dummy: False)
|
||||
+ monkeypatch.setattr(migrateblacklistca, '_get_files', mocked_files)
|
||||
+ monkeypatch.setattr(api, 'current_actor', CurrentActorMocked())
|
||||
+ # this is bad mock, but we want to be sure that update-ca-trust is not
|
||||
+ # called on the testing machine
|
||||
+ monkeypatch.setattr(migrateblacklistca, 'run', lambda dummy: dummy)
|
||||
+ assert not mocked_files.called
|
||||
--
|
||||
2.35.1
|
||||
|
|
@ -1,108 +0,0 @@
|
|||
From 32702c7c7d1c445b9ab95e0d1bbdfdf8f06d4303 Mon Sep 17 00:00:00 2001
|
||||
From: Petr Stodulka <pstodulk@redhat.com>
|
||||
Date: Wed, 27 Apr 2022 11:25:40 +0200
|
||||
Subject: [PATCH] Skip comment lines when parsing grub configuration file
|
||||
|
||||
Added simple unit-test for default grub info to see the valid lines
|
||||
can be parsed as expected.
|
||||
---
|
||||
.../systemfacts/libraries/systemfacts.py | 21 ++++++++-
|
||||
.../tests/test_systemfacts_grub.py | 46 +++++++++++++++++++
|
||||
2 files changed, 65 insertions(+), 2 deletions(-)
|
||||
create mode 100644 repos/system_upgrade/common/actors/systemfacts/tests/test_systemfacts_grub.py
|
||||
|
||||
diff --git a/repos/system_upgrade/common/actors/systemfacts/libraries/systemfacts.py b/repos/system_upgrade/common/actors/systemfacts/libraries/systemfacts.py
|
||||
index 0de8b383..81aea6f5 100644
|
||||
--- a/repos/system_upgrade/common/actors/systemfacts/libraries/systemfacts.py
|
||||
+++ b/repos/system_upgrade/common/actors/systemfacts/libraries/systemfacts.py
|
||||
@@ -9,6 +9,7 @@ import re
|
||||
import six
|
||||
|
||||
from leapp import reporting
|
||||
+from leapp.exceptions import StopActorExecutionError
|
||||
from leapp.libraries.common import repofileutils
|
||||
from leapp.libraries.common.config import architecture
|
||||
from leapp.libraries.stdlib import api, CalledProcessError, run
|
||||
@@ -289,9 +290,25 @@ def _default_grub_info():
|
||||
])
|
||||
else:
|
||||
for line in run(['cat', default_grb_fpath], split=True)['stdout']:
|
||||
- if not line.strip():
|
||||
+ line = line.strip()
|
||||
+ if not line or line[0] == '#':
|
||||
+ # skip comments and empty lines
|
||||
continue
|
||||
- name, value = tuple(map(type(line).strip, line.split('=', 1)))
|
||||
+ try:
|
||||
+ name, value = tuple(map(type(line).strip, line.split('=', 1)))
|
||||
+ except ValueError as e:
|
||||
+ # we do not want to really continue when we cannot parse this file
|
||||
+ # TODO(pstodulk): rewrite this in the form we produce inhibitor
|
||||
+ # with problematic lines. This is improvement just in comparison
|
||||
+ # to the original hard crash.
|
||||
+ raise StopActorExecutionError(
|
||||
+ 'Failed parsing of {}'.format(default_grb_fpath),
|
||||
+ details={
|
||||
+ 'error': str(e),
|
||||
+ 'problematic line': str(line)
|
||||
+ }
|
||||
+ )
|
||||
+
|
||||
yield DefaultGrub(
|
||||
name=name,
|
||||
value=value
|
||||
diff --git a/repos/system_upgrade/common/actors/systemfacts/tests/test_systemfacts_grub.py b/repos/system_upgrade/common/actors/systemfacts/tests/test_systemfacts_grub.py
|
||||
new file mode 100644
|
||||
index 00000000..08552771
|
||||
--- /dev/null
|
||||
+++ b/repos/system_upgrade/common/actors/systemfacts/tests/test_systemfacts_grub.py
|
||||
@@ -0,0 +1,46 @@
|
||||
+import os
|
||||
+
|
||||
+from leapp.libraries.actor import systemfacts
|
||||
+from leapp.models import DefaultGrub
|
||||
+
|
||||
+
|
||||
+class RunMocked(object):
|
||||
+ def __init__(self, cmd_result):
|
||||
+ self.called = 0
|
||||
+ self.cmd_result = cmd_result
|
||||
+ self.split = False
|
||||
+ self.cmd = None
|
||||
+
|
||||
+ def __call__(self, cmd, split=False):
|
||||
+ self.cmd = cmd
|
||||
+ self.split = split
|
||||
+ self.called += 1
|
||||
+ return self.cmd_result
|
||||
+
|
||||
+
|
||||
+def test_default_grub_info_valid(monkeypatch):
|
||||
+ mocked_run = RunMocked({
|
||||
+ 'stdout': [
|
||||
+ 'line="whatever else here"',
|
||||
+ 'newline="whatever"',
|
||||
+ '# comment here',
|
||||
+ 'why_not=value',
|
||||
+ ' # whitespaces around comment ',
|
||||
+ ' ',
|
||||
+ ' last=last really'
|
||||
+ ],
|
||||
+ })
|
||||
+ expected_result = [
|
||||
+ DefaultGrub(name='line', value='"whatever else here"'),
|
||||
+ DefaultGrub(name='newline', value='"whatever"'),
|
||||
+ DefaultGrub(name='why_not', value='value'),
|
||||
+ DefaultGrub(name='last', value='last really'),
|
||||
+ ]
|
||||
+ monkeypatch.setattr(systemfacts, 'run', mocked_run)
|
||||
+ monkeypatch.setattr(os.path, 'isfile', lambda dummy: True)
|
||||
+ for msg in systemfacts._default_grub_info():
|
||||
+ expected_msg = expected_result.pop(0)
|
||||
+ assert msg.name == expected_msg.name
|
||||
+ assert msg.value == expected_msg.value
|
||||
+ assert mocked_run.called
|
||||
+ assert not expected_result
|
||||
--
|
||||
2.35.1
|
||||
|
|
@ -2,7 +2,7 @@
|
|||
%global repositorydir %{leapp_datadir}/repositories
|
||||
%global custom_repositorydir %{leapp_datadir}/custom-repositories
|
||||
|
||||
%define leapp_repo_deps 6
|
||||
%define leapp_repo_deps 10
|
||||
|
||||
%if 0%{?rhel} == 7
|
||||
%define leapp_python_sitelib %{python2_sitelib}
|
||||
|
@ -41,24 +41,23 @@ py2_byte_compile "%1" "%2"}
|
|||
# RHEL 8+ packages to be consistent with other leapp projects in future.
|
||||
|
||||
Name: leapp-repository
|
||||
Version: 0.16.0
|
||||
Release: 6%{?dist}
|
||||
Version: 0.20.0
|
||||
Release: 2%{?dist}
|
||||
Summary: Repositories for leapp
|
||||
|
||||
License: ASL 2.0
|
||||
URL: https://oamg.github.io/leapp/
|
||||
Source0: https://github.com/oamg/leapp-repository/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
|
||||
Source1: deps-pkgs-6.tar.gz
|
||||
Source0: https://github.com/oamg/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
|
||||
Source1: deps-pkgs-10.tar.gz
|
||||
|
||||
# NOTE: Our packages must be noarch. Do no drop this in any way.
|
||||
BuildArch: noarch
|
||||
|
||||
### PATCHES HERE
|
||||
# Patch0001: filename.patch
|
||||
Patch0001: 0001-pcidevicesscanner-Also-match-deprecation-data-agains.patch1
|
||||
Patch0002: 0002-pciscanner-Fix-2-issues-in-regards-to-pci-address-ha.patch
|
||||
Patch0003: 0003-Ensure-the-right-repositories-are-enabled-on-Satelli.patch
|
||||
Patch0004: 0004-Enforce-the-removal-of-rubygem-irb-do-not-install-it.patch
|
||||
Patch0005: 0005-IPU-8-9-Migrate-blacklisted-CAs-hotfix.patch
|
||||
Patch0006: 0006-Skip-comment-lines-when-parsing-grub-configuration-f.patch
|
||||
|
||||
Patch0001: 0001-rhui-do-not-bootstrap-target-client-on-aws.patch
|
||||
|
||||
|
||||
%description
|
||||
%{summary}
|
||||
|
@ -77,7 +76,7 @@ Requires: python2-leapp
|
|||
Obsoletes: leapp-repository-data <= 0.6.1
|
||||
Provides: leapp-repository-data <= 0.6.1
|
||||
|
||||
# Former leapp subpackage that is part of the sos package since HEL 7.8
|
||||
# Former leapp subpackage that is part of the sos package since RHEL 7.8
|
||||
Obsoletes: leapp-repository-sos-plugin <= 0.10.0
|
||||
|
||||
# Set the conflict to be sure this RPM is not upgraded automatically to
|
||||
|
@ -97,18 +96,22 @@ Conflicts: leapp-upgrade-el7toel8
|
|||
|
||||
%endif
|
||||
|
||||
# IMPORTANT: everytime the requirements are changed, increment number by one
|
||||
# IMPORTANT: every time the requirements are changed, increment number by one
|
||||
# - same for Provides in deps subpackage
|
||||
Requires: leapp-repository-dependencies = %{leapp_repo_deps}
|
||||
|
||||
# IMPORTANT: this is capability provided by the leapp framework rpm.
|
||||
# Check that 'version' instead of the real framework rpm version.
|
||||
Requires: leapp-framework >= 2.2
|
||||
Requires: leapp-framework >= 5.0
|
||||
|
||||
# Since we provide sub-commands for the leapp utility, we expect the leapp
|
||||
# tool to be installed as well.
|
||||
Requires: leapp
|
||||
|
||||
# Used to determine RHEL version of a given target RHEL installation image -
|
||||
# uncompressing redhat-release package from the ISO.
|
||||
Requires: cpio
|
||||
|
||||
# The leapp-repository rpm is renamed to %%{lpr_name}
|
||||
Obsoletes: leapp-repository < 0.14.0-5
|
||||
Provides: leapp-repository = %{version}-%{release}
|
||||
|
@ -117,13 +120,21 @@ Provides: leapp-repository = %{version}-%{release}
|
|||
# to install "leapp-upgrade" in the official docs.
|
||||
Provides: leapp-upgrade = %{version}-%{release}
|
||||
|
||||
# Provide leapp-commands so the framework could refer to them when customers
|
||||
# do not have installed particular leapp-repositories
|
||||
Provides: leapp-command(answer)
|
||||
Provides: leapp-command(preupgrade)
|
||||
Provides: leapp-command(upgrade)
|
||||
Provides: leapp-command(rerun)
|
||||
Provides: leapp-command(list-runs)
|
||||
|
||||
|
||||
%description -n %{lpr_name}
|
||||
Leapp repositories for the in-place upgrade to the next major version
|
||||
of the Red Hat Enterprise Linux system.
|
||||
|
||||
|
||||
# This metapackage should contain all RPM dependencies exluding deps on *leapp*
|
||||
# This metapackage should contain all RPM dependencies excluding deps on *leapp*
|
||||
# RPMs. This metapackage will be automatically replaced during the upgrade
|
||||
# to satisfy dependencies with RPMs from target system.
|
||||
%package -n %{lpr_name}-deps
|
||||
|
@ -132,7 +143,7 @@ Summary: Meta-package with system dependencies of %{lpr_name} package
|
|||
# The package has been renamed, so let's obsoletes the old one
|
||||
Obsoletes: leapp-repository-deps < 0.14.0-5
|
||||
|
||||
# IMPORTANT: everytime the requirements are changed, increment number by one
|
||||
# IMPORTANT: every time the requirements are changed, increment number by one
|
||||
# - same for Requires in main package
|
||||
Provides: leapp-repository-dependencies = %{leapp_repo_deps}
|
||||
##################################################
|
||||
|
@ -140,6 +151,16 @@ Provides: leapp-repository-dependencies = %{leapp_repo_deps}
|
|||
##################################################
|
||||
Requires: dnf >= 4
|
||||
Requires: pciutils
|
||||
|
||||
# required to be able to format disk images with XFS file systems (default)
|
||||
Requires: xfsprogs
|
||||
|
||||
# required to be able to format disk images with Ext4 file systems
|
||||
# NOTE: this is not happening by default, but we can expact that many customers
|
||||
# will want to / need to do this - especially on RHEL 7 now. Adding this deps
|
||||
# as the best trade-off to resolve this problem.
|
||||
Requires: e2fsprogs
|
||||
|
||||
%if 0%{?rhel} && 0%{?rhel} == 7
|
||||
# Required to gather system facts about SELinux
|
||||
Requires: libselinux-python
|
||||
|
@ -160,6 +181,18 @@ Requires: python3-requests
|
|||
Requires: python3-six
|
||||
# required by SELinux actors
|
||||
Requires: policycoreutils-python-utils
|
||||
# required by systemfacts, and several other actors
|
||||
Requires: procps-ng
|
||||
Requires: kmod
|
||||
# since RHEL 8+ dracut does not have to be present on the system all the time
|
||||
# and missing dracut could be killing situation for us :)
|
||||
Requires: dracut
|
||||
|
||||
# Required to scan NetworkManagerConnection (e.g. to recognize secrets)
|
||||
# NM is requested to be used on RHEL 8+ systems
|
||||
Requires: NetworkManager-libnm
|
||||
Requires: python3-gobject-base
|
||||
|
||||
%endif
|
||||
##################################################
|
||||
# end requirement
|
||||
|
@ -177,19 +210,13 @@ Requires: policycoreutils-python-utils
|
|||
# APPLY PATCHES HERE
|
||||
# %%patch0001 -p1
|
||||
%patch0001 -p1
|
||||
%patch0002 -p1
|
||||
%patch0003 -p1
|
||||
%patch0004 -p1
|
||||
%patch0005 -p1
|
||||
%patch0006 -p1
|
||||
|
||||
# enforce removal of packages below during the upgrade
|
||||
|
||||
%build
|
||||
%if 0%{?rhel} == 7
|
||||
cp -a leapp*deps-el8*rpm repos/system_upgrade/el7toel8/files/bundled-rpms/
|
||||
cp -a leapp*deps*el8.noarch.rpm repos/system_upgrade/el7toel8/files/bundled-rpms/
|
||||
%else
|
||||
cp -a leapp*deps-el9*rpm repos/system_upgrade/el8toel9/files/bundled-rpms/
|
||||
cp -a leapp*deps*el9.noarch.rpm repos/system_upgrade/el8toel9/files/bundled-rpms/
|
||||
%endif
|
||||
|
||||
|
||||
|
@ -201,6 +228,7 @@ install -m 0755 -d %{buildroot}%{_sysconfdir}/leapp/repos.d/
|
|||
install -m 0755 -d %{buildroot}%{_sysconfdir}/leapp/transaction/
|
||||
install -m 0755 -d %{buildroot}%{_sysconfdir}/leapp/files/
|
||||
install -m 0644 etc/leapp/transaction/* %{buildroot}%{_sysconfdir}/leapp/transaction
|
||||
install -m 0644 etc/leapp/files/* %{buildroot}%{_sysconfdir}/leapp/files
|
||||
|
||||
# install CLI commands for the leapp utility on the expected path
|
||||
install -m 0755 -d %{buildroot}%{leapp_python_sitelib}/leapp/cli/
|
||||
|
@ -220,6 +248,7 @@ rm -rf %{buildroot}%{repositorydir}/common/actors/testactor
|
|||
find %{buildroot}%{repositorydir}/common -name "test.py" -delete
|
||||
rm -rf `find %{buildroot}%{repositorydir} -name "tests" -type d`
|
||||
find %{buildroot}%{repositorydir} -name "Makefile" -delete
|
||||
find %{buildroot} -name "*.py.orig" -delete
|
||||
|
||||
for DIRECTORY in $(find %{buildroot}%{repositorydir}/ -mindepth 1 -maxdepth 1 -type d);
|
||||
do
|
||||
|
@ -247,6 +276,7 @@ done;
|
|||
%dir %{repositorydir}
|
||||
%dir %{custom_repositorydir}
|
||||
%dir %{leapp_python_sitelib}/leapp/cli/commands
|
||||
%config %{_sysconfdir}/leapp/files/*
|
||||
%{_sysconfdir}/leapp/repos.d/*
|
||||
%{_sysconfdir}/leapp/transaction/*
|
||||
%{repositorydir}/*
|
||||
|
@ -257,6 +287,217 @@ done;
|
|||
# no files here
|
||||
|
||||
%changelog
|
||||
* Tue Feb 20 2024 Petr Stodulka <pstodulk@redhat.com> - 0.20.0-2
|
||||
- Fallback to original RHUI solution on AWS to fix issues caused by changes in RHUI client
|
||||
- Resolves: RHEL-16729
|
||||
|
||||
* Tue Feb 13 2024 Toshio Kuratomi <toshio@fedoraproject.org> - 0.20.0-1
|
||||
- Rebase to new upstream v0.20.0.
|
||||
- Fix semanage import issue
|
||||
- Fix handling of libvirt's systemd services
|
||||
- Add a dracut breakpoint for the pre-upgrade step.
|
||||
- Drop obsoleted upgrade paths (obsoleted releases: 8.6, 8.9, 9.0, 9.3)
|
||||
- Resolves: RHEL-16729
|
||||
|
||||
* Tue Jan 23 2024 Toshio Kuratomi <toshio@fedoraproject.org> - 0.19.0-10
|
||||
- Print nice error msg when device and driver deprecation data is malformed
|
||||
- Fix another cornercase when preserving symlinks to certificates in /etc/pki
|
||||
- Update the leapp upgrade data files - fixing upgrades with idm-tomcatjss
|
||||
- Resolves: RHEL-16729
|
||||
|
||||
* Fri Jan 19 2024 Petr Stodulka <pstodulk@redhat.com> - 0.19.0-9
|
||||
- Do not try to download data files anymore when missing as the service
|
||||
is obsoleted since the data is part of installed packages
|
||||
- Update error messages and reports when installed upgrade data files
|
||||
are malformed or missing to instruct user how to resolve it
|
||||
- Update the leapp upgrade data files - bump data stream to "3.0"
|
||||
- Resolves: RHEL-16729
|
||||
|
||||
* Fri Jan 12 2024 Petr Stodulka <pstodulk@redhat.com> - 0.19.0-7
|
||||
- Add detection of possible usage of OpenSSL IBMCA engine on IBM Z machines
|
||||
- Add detection of modified /etc/pki/tls/openssl.cnf file
|
||||
- Update the leapp upgrade data files
|
||||
- Fix handling of symlinks under /etc/pki with relative paths specified
|
||||
- Report custom actors and modifications of the upgrade tooling
|
||||
- Requires xfsprogs and e2fsprogs to ensure that Ext4 and XFS tools are installed
|
||||
- Bump leapp-repository-dependencies to 10
|
||||
- Resolves: RHEL-1774, RHEL-16729
|
||||
|
||||
* Thu Nov 16 2023 Petr Stodulka <pstodulk@redhat.com> - 0.19.0-5
|
||||
- Enable new upgrade path for RHEL 8.10 -> RHEL 9.4 (including RHEL with SAP HANA)
|
||||
- Introduce generic transition of systemd services states during the IPU
|
||||
- Introduce possibility to upgrade with local repositories
|
||||
- Improve possibilities of upgrade when a proxy is configured in DNF configutation file
|
||||
- Fix handling of symlinks under /etc/pki when managing certificates
|
||||
- Fix the upgrade with custom https repositories
|
||||
- Default to the NO_RHSM mode when subscription-manager is not installed
|
||||
- Detect customized configuration of dynamic linker
|
||||
- Drop the invalid `tuv` target channel for the --channel option
|
||||
- Fix the issue of going out of bounds in the isccfg parser
|
||||
- Fix traceback when saving the rhsm facts results and the /etc/rhsm/facts directory doesn’t exist yet
|
||||
- Load all rpm repository substitutions that dnf knows about, not just "releasever" only
|
||||
- Simplify handling of upgrades on systems using RHUI, reducing the maintenance burden for cloud providers
|
||||
- Detect possible unexpected RPM GPG keys has been installed during RPM transaction
|
||||
- Resolves: RHEL-16729
|
||||
|
||||
* Thu Nov 02 2023 Petr Stodulka <pstodulk@redhat.com> - 0.19.0-4
|
||||
- Fix the upgrade for systems without subscription-manager package
|
||||
- Resolves: RHEL-14901
|
||||
|
||||
* Tue Oct 31 2023 Petr Stodulka <pstodulk@redhat.com> - 0.19.0-3
|
||||
- Fix the upgrade when the release is locked by new subscription-manager
|
||||
- Resolves: RHEL-14901
|
||||
|
||||
* Wed Aug 23 2023 Petr Stodulka <pstodulk@redhat.com> - 0.19.0-1
|
||||
- Rebase to v0.19.0
|
||||
- Requires leapp-framework 5.0
|
||||
- Handle correctly the installed certificates to allow upgrades with custom repositories using HTTPs with enabled SSL verification
|
||||
- Fix failing upgrades with devtmpfs file systems specified in FSTAB
|
||||
- Do not try to update GRUB core on IBM Z systems
|
||||
- Minor improvements and fixes of various reports and error messages
|
||||
- Redesign handling of information about kernel (booted and target) to reflect changes in RHEL 9.3
|
||||
- Use new leapp CLI API which provides better report summary output
|
||||
- Resolves: rhbz#2215997, rhbz#2222861, rhbz#2232618
|
||||
|
||||
* Tue Jul 18 2023 Petr Stodulka <pstodulk@redhat.com> - 0.18.0-5
|
||||
- Fix the calculation of the required free space on each partitions/volume for the upgrade transactions
|
||||
- Create source overlay images with dynamic sizes to optimize disk space consumption
|
||||
- Update GRUB2 when /boot resides on multiple devices aggregated in RAID
|
||||
- Use new leapp CLI API which provides better report summary output
|
||||
- Introduce possibility to add (custom) kernel drivers to initramfs
|
||||
- Detect and report use of deprecated Xorg drivers
|
||||
- Fix the generation of the report about hybrid images
|
||||
- Inhibit the upgrade when unsupported x86-64 microarchitecture is detected
|
||||
- Minor improvements and fixes of various reports
|
||||
- Requires leapp-framework 4.0
|
||||
- Update leapp data files
|
||||
- Resolves: rhbz#2140011, rhbz#2144304, rhbz#2174095, rhbz#2215997
|
||||
|
||||
* Mon Jun 19 2023 Petr Stodulka <pstodulk@redhat.com> - 0.18.0-4
|
||||
- Introduce new upgrade path RHEL 8.9 -> 9.3
|
||||
- Update leapp data files to reflect new changes between systems
|
||||
- Detect and report use of deprecated Xorg drivers
|
||||
- Minor improvements of generated reports
|
||||
- Fix false positive report about invalid symlinks
|
||||
- Inhibit the upgrade when unsupported x86-64 microarchitecture is detected
|
||||
- Resolves: rhbz#2215997
|
||||
|
||||
* Mon Jun 05 2023 Petr Stodulka <pstodulk@redhat.com> - 0.18.0-3
|
||||
- Update the repomap.json file to address planned changes on RHUI Azure
|
||||
- Resolves: rhbz#2203800
|
||||
|
||||
* Fri May 19 2023 Petr Stodulka <pstodulk@redhat.com> - 0.18.0-2
|
||||
- Include leap data files in the package
|
||||
- Introduce in-place upgrades for systems with enabled FIPS mode
|
||||
- Enable the upgrade path 8.8 -> 9.2 for RHEL with SAP HANA
|
||||
- Fix the upgrade of ruby-irb package
|
||||
- Resolves: rhbz#2030627, rhbz#2097003, rhbz#2203800, rhbz#2203803
|
||||
|
||||
* Tue Feb 21 2023 Petr Stodulka <pstodulk@redhat.com> - 0.18.0-1
|
||||
- Rebase to v0.18.0
|
||||
- Introduce new upgrade path RHEL 8.8 -> 9.2
|
||||
- Requires cpio
|
||||
- Requires python3-gobject-base, NetworkManager-libnm
|
||||
- Bump leapp-repository-dependencies to 9
|
||||
- Add breadcrumbs results to RHSM facts
|
||||
- Add leapp RHUI packages to an allowlist to drop confusing reports
|
||||
- Added checks for RHEL SAP IPU 8.6 -> 9.0
|
||||
- Check RPM signatures during the upgrade
|
||||
- Check only mounted XFS partitions
|
||||
- Check the validity and compatitibility of used leapp data
|
||||
- Detect CIFS also when upgrading from RHEL8 to RHEL9 (PR1035)
|
||||
- Detect RoCE on IBM Z machines and check the configuration is safe for the upgrade
|
||||
- Detect a proxy configuration in YUM/DNF and adjust an error msg on issues caused by the configuration
|
||||
- Detect and report systemd symlinks that are broken before the upgrade
|
||||
- Detect the kernel-core RPM instead of kernel to prevent an error during post-upgrade phases
|
||||
- Disable the amazon-id DNF plugin on AWS during the upgrade stage to omit confusing error messages
|
||||
- Do not create new *pyc files when running leapp after the DNF upgrade transaction
|
||||
- Drop obsoleted upgrade paths
|
||||
- Enable upgrades of RHEL 8 for SAP HANA to RHEL 9 on ppc64le
|
||||
- Enable upgrades on s390x when /boot is part of rootfs
|
||||
- Extend the allow list of RHUI clients by azure-sap-apps to omit confusing report
|
||||
- Filter out PES events unrelated for the used upgrade path and handle overlapping event
|
||||
(fixes upgrades with quagga installed)
|
||||
- Fix scan of ceph volumes on systems without ceph-osd or when ceph-osd container is not found
|
||||
- Fix systemd symlinks that become incorrect during the IPU
|
||||
- Fix the check of memory (RAM) limits and use human readable values in the report
|
||||
- Fix the kernel detection during initramfs creation for new kernel on RHEL 9.2+
|
||||
- Fix the upgrade of IBM Z machines configured with ZFCP
|
||||
- Fix the upgrade on Azure using RHUI for SAP Apps images
|
||||
- Ignore external accounts in /etc/passwd
|
||||
- Improve remediation instructions for packages in unknown repositories
|
||||
- Improve the error message to guide users when discovered more space is needed
|
||||
- Improve the handling of blocklisted certificates
|
||||
- Inhibit the upgrade when entries in /etc/fstab cause overshadowing during the upgrade
|
||||
- Introduced an option to use an ISO file as a target RHEL version content source
|
||||
- Introduced possibility to specify what systemd services should be enabled/disabled on the upgraded system
|
||||
- Introduced the --nogpgcheck option to skip checking of RPM signatures
|
||||
- Map the target repositories also based on the installed content
|
||||
- Prevent re-run of leapp in the upgrade initramfs in case of previous failure
|
||||
- Prevent the upgrade with RHSM when Baseos and Appstream target repositories are not discovered
|
||||
- Provide common information about systemd services
|
||||
- RHUI(Azure) Handle correctly various SAP images
|
||||
- Register subscribed systems automatically to Red Hat Insights unless --no-insights-register is used
|
||||
- Remove obsoleted GPG keys provided by RH after the upgrade to prevent errors
|
||||
- Rework the network configuration handling and parse the configuration data properly
|
||||
- Set the system release lock after the upgrade also for premium channels
|
||||
- Small improvements in various reports
|
||||
- Resolves: rhbz#2088492, rhbz#2111691, rhbz#2127920, rhbz#2129716,rhbz#2139907, rhbz#2139907, rhbz#2141393, rhbz#2143372, rhbz#2155661
|
||||
|
||||
* Wed Sep 07 2022 Petr Stodulka <pstodulk@redhat.com> - 0.17.0-3
|
||||
- Adding back instruction to not install rubygem-irb during the in-place upgrade
|
||||
to prevent conflict between files
|
||||
- Resolves: rhbz#2090995
|
||||
|
||||
* Wed Sep 07 2022 Petr Stodulka <pstodulk@redhat.com> - 0.17.0-2
|
||||
- Update VDO checks to enable user to decide the system state on check failures
|
||||
and undetermined block devices
|
||||
- The VDO dialog and related VDO reports have been properly updated
|
||||
- Resolves: rhbz#2096159
|
||||
|
||||
* Wed Aug 24 2022 Petr Stodulka <pstodulk@redhat.com> - 0.17.0-1
|
||||
- Rebase to v0.17.0
|
||||
- Support upgrade path RHEL 8.7 -> 9.0 and RHEL SAP 8.6 -> 9.0
|
||||
- Provide and require leapp-repository-dependencies 7
|
||||
- Provide `leapp-command(<CMD>)` for each CLI command provided by leapp-repository
|
||||
- Require dracut, kmod, procps-ng on RHEL 8+
|
||||
- Require leapp-framework >= 3.1
|
||||
- Add actors covering removal of NIS components on RHEL 9
|
||||
- Add checks for obsolete .NET versions
|
||||
- Allow specifying the report schema v1.2.0
|
||||
- Check and handle upgrades with custom crypto policies
|
||||
- Check and migrate OpenSSH configuration
|
||||
- Check and migrate multipath configuration
|
||||
- Check minimum memory requirements
|
||||
- Do not create the upgrade bootloader entry when the dnf dry-run actor stops the upgrade
|
||||
- Enable Base and SAP in-place upgrades on Azure
|
||||
- Enable in-place upgrade in case LUKS volumes are Ceph OSDs
|
||||
- Enable in-place upgrades in Azure RHEL 8 base images using RHUI
|
||||
- Enable in-place upgrades on IBM z16 machines
|
||||
- Enable the CRB repository for the upgrade only if enabled on the source system
|
||||
- Fix cloud provider detection on AWS
|
||||
- Fix detection of the latest kernel
|
||||
- Fix issues caused by leapp artifacts from previous in-place upgrades
|
||||
- Fix issues with false positive switch to emergency console during the upgrade
|
||||
- Fix swap page size on aarch64
|
||||
- Fix the VDO scanner to skip partitions unrelated to VDO and adjust error messages
|
||||
- Fix the false positive NFS storage detection on NFS servers and improve the report msg
|
||||
- Fix the issues on systems with the LANGUAGE environment variable
|
||||
- Fix the root directory scan to deal with non-utf8 filenames
|
||||
- Handle upgrades of SAP systems on AWS
|
||||
- Inform about necessary migrations related to bacula-director when installed on the system
|
||||
- Inhibit the upgrade when /var/lib/leapp being mounted in a non-persistent fashion to prevent failures
|
||||
- Inhibit the upgrade when /var/lib/leapp mounted with the noexec option to prevent failures
|
||||
- Inhibit upgrade when NVIDIA driver is detected
|
||||
- Make the application of custom selinux rules more reliable and do not override changes done by RPM scriptlets
|
||||
- Migrate the OpenSSL configuration
|
||||
- PESEventScanner actor has been fully refactored
|
||||
- Report changes around SCP and SFTP
|
||||
- Skip comment lines when parsing the GRUB configuration file
|
||||
- Stop propagating the “debug” and ”enforcing=0” kernel cmdline options into the target kernel cmdline options
|
||||
- Mass refactoring to be compatible with leapp v0.15.0
|
||||
- Resolves: rhbz#2090995, rhbz#2040470, rhbz#2092005, rhbz#2093220, rhbz#2095704, rhbz#2096159, rhbz#2100108, rhbz#2100110, rhbz#2103282, rhbz#2106904, rhbz#2110627
|
||||
|
||||
* Wed Apr 27 2022 Petr Stodulka <pstodulk@redhat.com> - 0.16.0-6
|
||||
- Skip comments in /etc/default/grub during the parsing
|
||||
- Resolves: #1997076
|
||||
|
|
Loading…
Reference in New Issue