import CS leapp-repository-0.20.0-2.el8

.gitignore

@@ -1,2 +1,2 @@
-SOURCES/deps-pkgs-6.tar.gz
-SOURCES/leapp-repository-0.16.0.tar.gz
+SOURCES/deps-pkgs-10.tar.gz
+SOURCES/leapp-repository-0.20.0.tar.gz

.leapp-repository.metadata

@@ -1,2 +1,2 @@
-a5100971d63814c213c5245181891329578baf8d SOURCES/deps-pkgs-6.tar.gz
-2bcc851f1344107581096a6b564375c440a4df4a SOURCES/leapp-repository-0.16.0.tar.gz
+d520ada12294e4dd8837c81f92d4c184ab403d51 SOURCES/deps-pkgs-10.tar.gz
+185bbb040dba48e1ea2d6c627133af594378afd4 SOURCES/leapp-repository-0.20.0.tar.gz

SOURCES/0001-pcidevicesscanner-Also-match-deprecation-data-agains.patch1

@@ -1,70 +0,0 @@
-From b4fc2e0ae62e68dd246ed2eedda0df2a3ba90633 Mon Sep 17 00:00:00 2001
-From: Vinzenz Feenstra <vfeenstr@redhat.com>
-Date: Fri, 1 Apr 2022 15:13:51 +0200
-Subject: [PATCH] pcidevicesscanner: Also match deprecation data against kernel
- modules
-
-Previously when the deprecation data got introduced the kernel drivers
-reported to be used by lspci have not been checked.
-This patch fixes this regression.
-
-Signed-off-by: Vinzenz Feenstra <vfeenstr@redhat.com>
----
- .../libraries/pcidevicesscanner.py            | 29 ++++++++++++++++++-
- 1 file changed, 28 insertions(+), 1 deletion(-)
-
-diff --git a/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py b/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py
-index 146f1a33..0f02bd02 100644
---- a/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py
-+++ b/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py
-@@ -1,7 +1,13 @@
- import re
- 
- from leapp.libraries.stdlib import api, run
--from leapp.models import DetectedDeviceOrDriver, DeviceDriverDeprecationData, PCIDevice, PCIDevices
-+from leapp.models import (
-+    ActiveKernelModulesFacts,
-+    DetectedDeviceOrDriver,
-+    DeviceDriverDeprecationData,
-+    PCIDevice,
-+    PCIDevices
-+)
- 
- # Regex to capture Vendor, Device and SVendor and SDevice values
- PCI_ID_REG = re.compile(r"(?<=Vendor:\t|Device:\t)\w+")
-@@ -82,6 +88,26 @@ def produce_detected_devices(devices):
-     ])
- 
- 
-+def produce_detected_drivers(devices):
-+    active_modules = {
-+        module.file_name
-+        for message in api.consume(ActiveKernelModulesFacts) for module in message.kernel_modules
-+    }
-+
-+    # Create a lookup by driver_name and filter out the kernel that are active
-+    entry_lookup = {
-+        entry.driver_name: entry
-+        for message in api.consume(DeviceDriverDeprecationData) for entry in message.entries
-+        if entry.driver_name and entry.driver_name not in active_modules
-+    }
-+
-+    drivers = {device.driver for device in devices if device.driver in entry_lookup}
-+    api.produce(*[
-+        DetectedDeviceOrDriver(**entry_lookup[driver].dump())
-+        for driver in drivers
-+    ])
-+
-+
- def produce_pci_devices(producer, devices):
-     """ Produce a Leapp message with all PCI devices """
-     producer(PCIDevices(devices=devices))
-@@ -93,4 +119,5 @@ def scan_pci_devices(producer):
-     pci_numeric = run(['lspci', '-vmmkn'], checked=False)['stdout']
-     devices = parse_pci_devices(pci_textual, pci_numeric)
-     produce_detected_devices(devices)
-+    produce_detected_drivers(devices)
-     produce_pci_devices(producer, devices)
--- 
-2.35.1
-

SOURCES/0001-rhui-do-not-bootstrap-target-client-on-aws.patch

@@ -0,0 +1,251 @@
+From 921c06892f7550a3a8e2b3fe941c6272bdacf88d Mon Sep 17 00:00:00 2001
+From: mhecko <mhecko@redhat.com>
+Date: Thu, 15 Feb 2024 09:56:27 +0100
+Subject: [PATCH] rhui: do not bootstrap target client on aws
+
+Bootstrapping target RHUI client now requires installing the entire
+RHEL8 RPM stack. Threfore, do not try installing target client
+and instead rely only on the files from our leapp-rhui-aws package.
+---
+ .../cloud/checkrhui/libraries/checkrhui.py    |   6 +-
+ .../libraries/userspacegen.py                 | 104 ++++++++++++++----
+ .../system_upgrade/common/models/rhuiinfo.py  |   7 ++
+ 3 files changed, 92 insertions(+), 25 deletions(-)
+
+diff --git a/repos/system_upgrade/common/actors/cloud/checkrhui/libraries/checkrhui.py b/repos/system_upgrade/common/actors/cloud/checkrhui/libraries/checkrhui.py
+index 84ab40e3..e1c158c7 100644
+--- a/repos/system_upgrade/common/actors/cloud/checkrhui/libraries/checkrhui.py
++++ b/repos/system_upgrade/common/actors/cloud/checkrhui/libraries/checkrhui.py
+@@ -142,7 +142,11 @@ def customize_rhui_setup_for_aws(rhui_family, setup_info):
+ 
+     target_version = version.get_target_major_version()
+     if target_version == '8':
+-        return  # The rhel8 plugin is packed into leapp-rhui-aws as we need python2 compatible client
++        # RHEL8 rh-amazon-rhui-client depends on amazon-libdnf-plugin that depends
++        # essentially on the entire RHEL8 RPM stack, so we cannot just swap the clients
++        # The leapp-rhui-aws will provide all necessary files to access entire RHEL8 content
++        setup_info.bootstrap_target_client = False
++        return
+ 
+     amazon_plugin_copy_task = CopyFile(src='/usr/lib/python3.9/site-packages/dnf-plugins/amazon-id.py',
+                                        dst='/usr/lib/python3.6/site-packages/dnf-plugins/')
+diff --git a/repos/system_upgrade/common/actors/targetuserspacecreator/libraries/userspacegen.py b/repos/system_upgrade/common/actors/targetuserspacecreator/libraries/userspacegen.py
+index d917bfd5..d60bc75f 100644
+--- a/repos/system_upgrade/common/actors/targetuserspacecreator/libraries/userspacegen.py
++++ b/repos/system_upgrade/common/actors/targetuserspacecreator/libraries/userspacegen.py
+@@ -853,9 +853,9 @@ def _get_rhui_available_repoids(context, cloud_repo):
+     return set(repoids)
+ 
+ 
+-def get_copy_location_from_copy_in_task(context, copy_task):
++def get_copy_location_from_copy_in_task(context_basepath, copy_task):
+     basename = os.path.basename(copy_task.src)
+-    dest_in_container = context.full_path(copy_task.dst)
++    dest_in_container = os.path.join(context_basepath, copy_task.dst)
+     if os.path.isdir(dest_in_container):
+         return os.path.join(copy_task.dst, basename)
+     return copy_task.dst
+@@ -871,7 +871,10 @@ def _get_rh_available_repoids(context, indata):
+ 
+     # If we are upgrading a RHUI system, check what repositories are provided by the (already installed) target clients
+     if indata and indata.rhui_info:
+-        files_provided_by_clients = _query_rpm_for_pkg_files(context, indata.rhui_info.target_client_pkg_names)
++        setup_info = indata.rhui_info.target_client_setup_info
++        target_content_access_files = set()
++        if setup_info.bootstrap_target_client:
++            target_content_access_files = _query_rpm_for_pkg_files(context, indata.rhui_info.target_client_pkg_names)
+ 
+         def is_repofile(path):
+             return os.path.dirname(path) == '/etc/yum.repos.d' and os.path.basename(path).endswith('.repo')
+@@ -884,24 +887,33 @@ def _get_rh_available_repoids(context, indata):
+ 
+         yum_repos_d = context.full_path('/etc/yum.repos.d')
+         all_repofiles = {os.path.join(yum_repos_d, path) for path in os.listdir(yum_repos_d) if path.endswith('.repo')}
+-        client_repofiles = {context.full_path(path) for path in files_provided_by_clients if is_repofile(path)}
++        api.current_logger().debug('(RHUI Setup) All available repofiles: {0}'.format(' '.join(all_repofiles)))
++
++        target_access_repofiles = {
++            context.full_path(path) for path in target_content_access_files if is_repofile(path)
++        }
+ 
+         # Exclude repofiles used to setup the target rhui access as on some platforms the repos provided by
+         # the client are not sufficient to install the client into target userspace (GCP)
+         rhui_setup_repofile_tasks = [task for task in setup_tasks if task.src.endswith('repo')]
+         rhui_setup_repofiles = (
+-            get_copy_location_from_copy_in_task(context, copy_task) for copy_task in rhui_setup_repofile_tasks
++            get_copy_location_from_copy_in_task(context.base_dir, copy) for copy in rhui_setup_repofile_tasks
+         )
+         rhui_setup_repofiles = {context.full_path(repofile) for repofile in rhui_setup_repofiles}
+ 
+-        foreign_repofiles = all_repofiles - client_repofiles - rhui_setup_repofiles
++        foreign_repofiles = all_repofiles - target_access_repofiles - rhui_setup_repofiles
++
++        api.current_logger().debug(
++            'The following repofiles are considered as unknown to'
++            ' the target RHUI content setup and will be ignored: {0}'.format(' '.join(foreign_repofiles))
++        )
+ 
+         # Rename non-client repofiles so they will not be recognized when running dnf repolist
+         for foreign_repofile in foreign_repofiles:
+             os.rename(foreign_repofile, '{0}.back'.format(foreign_repofile))
+ 
+         try:
+-            dnf_cmd = ['dnf', 'repolist', '--releasever', target_ver, '-v']
++            dnf_cmd = ['dnf', 'repolist', '--releasever', target_ver, '-v', '--enablerepo', '*']
+             repolist_result = context.call(dnf_cmd)['stdout']
+             repoid_lines = [line for line in repolist_result.split('\n') if line.startswith('Repo-id')]
+             rhui_repoids = {extract_repoid_from_line(line) for line in repoid_lines}
+@@ -919,6 +931,9 @@ def _get_rh_available_repoids(context, indata):
+             for foreign_repofile in foreign_repofiles:
+                 os.rename('{0}.back'.format(foreign_repofile), foreign_repofile)
+ 
++    api.current_logger().debug(
++        'The following repofiles are considered as provided by RedHat: {0}'.format(' '.join(rh_repoids))
++    )
+     return rh_repoids
+ 
+ 
+@@ -1086,7 +1101,7 @@ def _get_target_userspace():
+     return constants.TARGET_USERSPACE.format(get_target_major_version())
+ 
+ 
+-def _create_target_userspace(context, packages, files, target_repoids):
++def _create_target_userspace(context, indata, packages, files, target_repoids):
+     """Create the target userspace."""
+     target_path = _get_target_userspace()
+     prepare_target_userspace(context, target_path, target_repoids, list(packages))
+@@ -1096,12 +1111,57 @@ def _create_target_userspace(context, packages, files, target_repoids):
+         _copy_files(target_context, files)
+     dnfplugin.install(_get_target_userspace())
+ 
++    # If we used only repofiles from leapp-rhui-<provider> then remove these as they provide
++    # duplicit definitions as the target clients already installed in the target container
++    if indata.rhui_info:
++        api.current_logger().debug(
++            'Target container should have access to content. '
++            'Removing repofiles from leapp-rhui-<provider> from the target..'
++        )
++        setup_info = indata.rhui_info.target_client_setup_info
++        if not setup_info.bootstrap_target_client:
++            target_userspace_path = _get_target_userspace()
++            for copy in setup_info.preinstall_tasks.files_to_copy_into_overlay:
++                dst_in_container = get_copy_location_from_copy_in_task(target_userspace_path, copy)
++                dst_in_container = dst_in_container.strip('/')
++                dst_in_host = os.path.join(target_userspace_path, dst_in_container)
++                if os.path.isfile(dst_in_host) and dst_in_host.endswith('.repo'):
++                    api.current_logger().debug('Removing repofile: {0}'.format(dst_in_host))
++                    os.remove(dst_in_host)
++
+     # and do not forget to set the rhsm into the container mode again
+     with mounting.NspawnActions(_get_target_userspace()) as target_context:
+         rhsm.set_container_mode(target_context)
+ 
+ 
+-def install_target_rhui_client_if_needed(context, indata):
++def _apply_rhui_access_preinstall_tasks(context, rhui_setup_info):
++    if rhui_setup_info.preinstall_tasks:
++        api.current_logger().debug('Applying RHUI preinstall tasks.')
++        preinstall_tasks = rhui_setup_info.preinstall_tasks
++
++        for file_to_remove in preinstall_tasks.files_to_remove:
++            api.current_logger().debug('Removing {0} from the scratch container.'.format(file_to_remove))
++            context.remove(file_to_remove)
++
++        for copy_info in preinstall_tasks.files_to_copy_into_overlay:
++            api.current_logger().debug(
++                'Copying {0} in {1} into the scratch container.'.format(copy_info.src, copy_info.dst)
++            )
++            context.makedirs(os.path.dirname(copy_info.dst), exists_ok=True)
++            context.copy_to(copy_info.src, copy_info.dst)
++
++
++def _apply_rhui_access_postinstall_tasks(context, rhui_setup_info):
++    if rhui_setup_info.postinstall_tasks:
++        api.current_logger().debug('Applying RHUI postinstall tasks.')
++        for copy_info in rhui_setup_info.postinstall_tasks.files_to_copy:
++            context.makedirs(os.path.dirname(copy_info.dst), exists_ok=True)
++            debug_msg = 'Copying {0} to {1} (inside the scratch container).'
++            api.current_logger().debug(debug_msg.format(copy_info.src, copy_info.dst))
++            context.call(['cp', copy_info.src, copy_info.dst])
++
++
++def setup_target_rhui_access_if_needed(context, indata):
+     if not indata.rhui_info:
+         return
+ 
+@@ -1110,15 +1170,14 @@ def install_target_rhui_client_if_needed(context, indata):
+     _create_target_userspace_directories(userspace_dir)
+ 
+     setup_info = indata.rhui_info.target_client_setup_info
+-    if setup_info.preinstall_tasks:
+-        preinstall_tasks = setup_info.preinstall_tasks
++    _apply_rhui_access_preinstall_tasks(context, setup_info)
+ 
+-        for file_to_remove in preinstall_tasks.files_to_remove:
+-            context.remove(file_to_remove)
+-
+-        for copy_info in preinstall_tasks.files_to_copy_into_overlay:
+-            context.makedirs(os.path.dirname(copy_info.dst), exists_ok=True)
+-            context.copy_to(copy_info.src, copy_info.dst)
++    if not setup_info.bootstrap_target_client:
++        # Installation of the target RHUI client is not possible and we bundle all necessary
++        # files into the leapp-rhui-<provider> packages.
++        api.current_logger().debug('Bootstrapping target RHUI client is disabled, leapp will rely '
++                                   'only on files budled in leapp-rhui-<provider> package.')
++        return
+ 
+     cmd = ['dnf', '-y']
+ 
+@@ -1149,16 +1208,13 @@ def install_target_rhui_client_if_needed(context, indata):
+ 
+     context.call(cmd, callback_raw=utils.logging_handler, stdin='\n'.join(dnf_transaction_steps))
+ 
+-    if setup_info.postinstall_tasks:
+-        for copy_info in setup_info.postinstall_tasks.files_to_copy:
+-            context.makedirs(os.path.dirname(copy_info.dst), exists_ok=True)
+-            context.call(['cp', copy_info.src, copy_info.dst])
++    _apply_rhui_access_postinstall_tasks(context, setup_info)
+ 
+     # Do a cleanup so there are not duplicit repoids
+     files_owned_by_clients = _query_rpm_for_pkg_files(context, indata.rhui_info.target_client_pkg_names)
+ 
+     for copy_task in setup_info.preinstall_tasks.files_to_copy_into_overlay:
+-        dest = get_copy_location_from_copy_in_task(context, copy_task)
++        dest = get_copy_location_from_copy_in_task(context.base_dir, copy_task)
+         can_be_cleaned_up = copy_task.src not in setup_info.files_supporting_client_operation
+         if dest not in files_owned_by_clients and can_be_cleaned_up:
+             context.remove(dest)
+@@ -1184,10 +1240,10 @@ def perform():
+             target_iso = next(api.consume(TargetOSInstallationImage), None)
+             with mounting.mount_upgrade_iso_to_root_dir(overlay.target, target_iso):
+ 
+-                install_target_rhui_client_if_needed(context, indata)
++                setup_target_rhui_access_if_needed(context, indata)
+ 
+                 target_repoids = _gather_target_repositories(context, indata, prod_cert_path)
+-                _create_target_userspace(context, indata.packages, indata.files, target_repoids)
++                _create_target_userspace(context, indata, indata.packages, indata.files, target_repoids)
+                 # TODO: this is tmp solution as proper one needs significant refactoring
+                 target_repo_facts = repofileutils.get_parsed_repofiles(context)
+                 api.produce(TMPTargetRepositoriesFacts(repositories=target_repo_facts))
+diff --git a/repos/system_upgrade/common/models/rhuiinfo.py b/repos/system_upgrade/common/models/rhuiinfo.py
+index 3eaa4826..0a2e45af 100644
+--- a/repos/system_upgrade/common/models/rhuiinfo.py
++++ b/repos/system_upgrade/common/models/rhuiinfo.py
+@@ -36,6 +36,13 @@ class TargetRHUISetupInfo(Model):
+     files_supporting_client_operation = fields.List(fields.String(), default=[])
+     """A subset of files copied in preinstall tasks that should not be cleaned up."""
+ 
++    bootstrap_target_client = fields.Boolean(default=True)
++    """
++    Swap the current RHUI client for the target one to facilitate access to the target content.
++
++    When False, only files from the leapp-rhui-<provider> will be used to access target content.
++    """
++
+ 
+ class RHUIInfo(Model):
+     """
+-- 
+2.43.0
+

SOURCES/0002-pciscanner-Fix-2-issues-in-regards-to-pci-address-ha.patch

@@ -1,44 +0,0 @@
-From 53ceded213ae17ca5d27268bc496e736dfea7e64 Mon Sep 17 00:00:00 2001
-From: Vinzenz Feenstra <vfeenstr@redhat.com>
-Date: Thu, 14 Apr 2022 14:50:07 +0200
-Subject: [PATCH 2/3] pciscanner: Fix 2 issues in regards to pci address
- handling
-
-In a previous patch, the introduction of the new handling of deprecation
-data, 2 problems slipped through.
-
-1. The regex replacement for pci ids errornous adds an empty space
-   instead of empty string
-2. Drivers should be matched on lspci output against the driver
-   deprecation data only if the pci_id is empty
-
-Signed-off-by: Vinzenz Feenstra <vfeenstr@redhat.com>
----
- .../actors/pcidevicesscanner/libraries/pcidevicesscanner.py   | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py b/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py
-index 0f02bd02..eb063abb 100644
---- a/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py
-+++ b/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py
-@@ -78,7 +78,7 @@ def parse_pci_devices(pci_textual, pci_numeric):
- def produce_detected_devices(devices):
-     prefix_re = re.compile('0x')
-     entry_lookup = {
--        prefix_re.sub(' ', entry.device_id): entry
-+        prefix_re.sub('', entry.device_id): entry
-         for message in api.consume(DeviceDriverDeprecationData) for entry in message.entries
-     }
-     api.produce(*[
-@@ -98,7 +98,7 @@ def produce_detected_drivers(devices):
-     entry_lookup = {
-         entry.driver_name: entry
-         for message in api.consume(DeviceDriverDeprecationData) for entry in message.entries
--        if entry.driver_name and entry.driver_name not in active_modules
-+        if not entry.device_id and entry.driver_name and entry.driver_name not in active_modules
-     }
- 
-     drivers = {device.driver for device in devices if device.driver in entry_lookup}
--- 
-2.35.1
-

SOURCES/0003-Ensure-the-right-repositories-are-enabled-on-Satelli.patch

@@ -1,78 +0,0 @@
-From a1fdabea9c00a96ffc1504577f12733e1c1830ee Mon Sep 17 00:00:00 2001
-From: Evgeni Golov <evgeni@golov.de>
-Date: Thu, 7 Apr 2022 14:56:18 +0200
-Subject: [PATCH 3/3] Ensure the right repositories are enabled on Satellite
- Capsules
-
----
- .../actors/satellite_upgrade_facts/actor.py   |  6 +++-
- .../unit_test_satellite_upgrade_facts.py      | 34 ++++++++++++++++++-
- 2 files changed, 38 insertions(+), 2 deletions(-)
-
-diff --git a/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/actor.py b/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/actor.py
-index eb87cd68..fb83107e 100644
---- a/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/actor.py
-+++ b/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/actor.py
-@@ -129,6 +129,10 @@ class SatelliteUpgradeFacts(Actor):
-             modules_to_enable=modules_to_enable
-             )
-         )
--        repositories_to_enable = ['ansible-2.9-for-rhel-8-x86_64-rpms', 'satellite-6.11-for-rhel-8-x86_64-rpms',
-+        repositories_to_enable = ['ansible-2.9-for-rhel-8-x86_64-rpms',
-                                   'satellite-maintenance-6.11-for-rhel-8-x86_64-rpms']
-+        if has_package(InstalledRPM, 'foreman'):
-+            repositories_to_enable.append('satellite-6.11-for-rhel-8-x86_64-rpms')
-+        else:
-+            repositories_to_enable.append('satellite-capsule-6.11-for-rhel-8-x86_64-rpms')
-         self.produce(RepositoriesSetupTasks(to_enable=repositories_to_enable))
-diff --git a/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/tests/unit_test_satellite_upgrade_facts.py b/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/tests/unit_test_satellite_upgrade_facts.py
-index 5c8e79ff..e77b7b58 100644
---- a/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/tests/unit_test_satellite_upgrade_facts.py
-+++ b/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/tests/unit_test_satellite_upgrade_facts.py
-@@ -1,6 +1,14 @@
- import os
- 
--from leapp.models import DNFWorkaround, InstalledRPM, Module, RPM, RpmTransactionTasks, SatelliteFacts
-+from leapp.models import (
-+    DNFWorkaround,
-+    InstalledRPM,
-+    Module,
-+    RepositoriesSetupTasks,
-+    RPM,
-+    RpmTransactionTasks,
-+    SatelliteFacts
-+)
- from leapp.snactor.fixture import current_actor_context
- 
- RH_PACKAGER = 'Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>'
-@@ -87,3 +95,27 @@ def test_detects_remote_postgresql(current_actor_context):
-     assert not satellitemsg.postgresql.local_postgresql
- 
-     assert not current_actor_context.consume(DNFWorkaround)
-+
-+
-+def test_enables_right_repositories_on_satellite(current_actor_context):
-+    current_actor_context.feed(InstalledRPM(items=[FOREMAN_RPM]))
-+    current_actor_context.run()
-+
-+    rpmmessage = current_actor_context.consume(RepositoriesSetupTasks)[0]
-+
-+    assert 'ansible-2.9-for-rhel-8-x86_64-rpms' in rpmmessage.to_enable
-+    assert 'satellite-maintenance-6.11-for-rhel-8-x86_64-rpms' in rpmmessage.to_enable
-+    assert 'satellite-6.11-for-rhel-8-x86_64-rpms' in rpmmessage.to_enable
-+    assert 'satellite-capsule-6.11-for-rhel-8-x86_64-rpms' not in rpmmessage.to_enable
-+
-+
-+def test_enables_right_repositories_on_capsule(current_actor_context):
-+    current_actor_context.feed(InstalledRPM(items=[FOREMAN_PROXY_RPM]))
-+    current_actor_context.run()
-+
-+    rpmmessage = current_actor_context.consume(RepositoriesSetupTasks)[0]
-+
-+    assert 'ansible-2.9-for-rhel-8-x86_64-rpms' in rpmmessage.to_enable
-+    assert 'satellite-maintenance-6.11-for-rhel-8-x86_64-rpms' in rpmmessage.to_enable
-+    assert 'satellite-6.11-for-rhel-8-x86_64-rpms' not in rpmmessage.to_enable
-+    assert 'satellite-capsule-6.11-for-rhel-8-x86_64-rpms' in rpmmessage.to_enable
--- 
-2.35.1
-

SOURCES/0004-Enforce-the-removal-of-rubygem-irb-do-not-install-it.patch

@@ -1,23 +0,0 @@
-From 496abd1775779054377c5e35ae96fa4d390bab42 Mon Sep 17 00:00:00 2001
-From: Petr Stodulka <pstodulk@redhat.com>
-Date: Tue, 19 Apr 2022 21:51:03 +0200
-Subject: [PATCH] Enforce the removal of rubygem-irb (do not install it)
-
----
- etc/leapp/transaction/to_remove | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/etc/leapp/transaction/to_remove b/etc/leapp/transaction/to_remove
-index 0feb782..07c6864 100644
---- a/etc/leapp/transaction/to_remove
-+++ b/etc/leapp/transaction/to_remove
-@@ -1,3 +1,6 @@
- ### List of packages (each on new line) to be removed from the upgrade transaction
- # Removing initial-setup package to avoid it asking for EULA acceptance during upgrade - OAMG-1531
- initial-setup
-+
-+# temporary workaround for the file conflict symlink <-> dir (#2030627)
-+rubygem-irb
--- 
-2.35.1
-

SOURCES/0005-IPU-8-9-Migrate-blacklisted-CAs-hotfix.patch

@@ -1,209 +0,0 @@
-From eeb4f99f57c67937ea562fce11fd5607470ae0a6 Mon Sep 17 00:00:00 2001
-From: Petr Stodulka <pstodulk@redhat.com>
-Date: Fri, 22 Apr 2022 00:20:15 +0200
-Subject: [PATCH] [IPU 8 -> 9] Migrate blacklisted CAs (hotfix)
-
-Preserve blacklisted certificates during the IPU 8 -> 9
-
-Path for the blacklisted certificates has been changed on RHEL 9.
-The original paths on RHEL 8 and older systems have been:
-    /etc/pki/ca-trust/source/blacklist/
-    /usr/share/pki/ca-trust-source/blacklist/
-However on RHEL 9 the blacklist directory has been renamed to 'blocklist'.
-So the paths are:
-    /etc/pki/ca-trust/source/blocklist/
-    /usr/share/pki/ca-trust-source/blocklist/
-This actor moves all blacklisted certificates into the expected directories
-and fix symlinks if to point to the new dirs if they originally pointed
-to one of obsoleted dirs.
-
-Covered cases:
-- covered situations with missing dirs
-- covered both mentioned blacklist directories
-- update symlinks in case they point to one of obsoleted directories
-- remove obsoleted directories when all files migrated successfully
-- execute /usr/bin/update-ca-trust in the end
-- remove original a blacklist directory in case all discovered files
-  inside are migrated successfully
-- print error logs in case of any issues so the upgrade does not
-  crash in case of troubles and users could deal with problems
-  manually after the upgrade
-
-The actor is not covered by unit-tests as it's just a hotfix. Follow
-up works are expected to extend the problem with reports during
-preupgrade phases, improve the test coverage, ....
-
-BZ: https://bugzilla.redhat.com/show_bug.cgi?id=2077432
-Followup ticket: CRYPTO-7097
----
- .../actors/migrateblacklistca/actor.py        | 28 ++++++
- .../libraries/migrateblacklistca.py           | 89 +++++++++++++++++++
- .../tests/unit_test_migrateblacklistca.py     | 25 ++++++
- 3 files changed, 142 insertions(+)
- create mode 100644 repos/system_upgrade/el8toel9/actors/migrateblacklistca/actor.py
- create mode 100644 repos/system_upgrade/el8toel9/actors/migrateblacklistca/libraries/migrateblacklistca.py
- create mode 100644 repos/system_upgrade/el8toel9/actors/migrateblacklistca/tests/unit_test_migrateblacklistca.py
-
-diff --git a/repos/system_upgrade/el8toel9/actors/migrateblacklistca/actor.py b/repos/system_upgrade/el8toel9/actors/migrateblacklistca/actor.py
-new file mode 100644
-index 00000000..863a0063
---- /dev/null
-+++ b/repos/system_upgrade/el8toel9/actors/migrateblacklistca/actor.py
-@@ -0,0 +1,28 @@
-+from leapp.actors import Actor
-+from leapp.libraries.actor import migrateblacklistca
-+from leapp.tags import ApplicationsPhaseTag, IPUWorkflowTag
-+
-+
-+class MigrateBlacklistCA(Actor):
-+    """
-+    Preserve blacklisted certificates during the upgrade
-+
-+    Path for the blacklisted certificates has been changed on RHEL 9.
-+    The original paths on RHEL 8 and older systems have been:
-+        /etc/pki/ca-trust/source/blacklist/
-+        /usr/share/pki/ca-trust-source/blacklist/
-+    However on RHEL 9 the blacklist directory has been renamed to 'blocklist'.
-+    So the new paths are:
-+        /etc/pki/ca-trust/source/blocklist/
-+        /usr/share/pki/ca-trust-source/blocklist/
-+    This actor moves all blacklisted certificates into the expected directories
-+    and fix symlinks if needed.
-+    """
-+
-+    name = 'migrate_blacklist_ca'
-+    consumes = ()
-+    produces = ()
-+    tags = (ApplicationsPhaseTag, IPUWorkflowTag)
-+
-+    def process(self):
-+        migrateblacklistca.process()
-diff --git a/repos/system_upgrade/el8toel9/actors/migrateblacklistca/libraries/migrateblacklistca.py b/repos/system_upgrade/el8toel9/actors/migrateblacklistca/libraries/migrateblacklistca.py
-new file mode 100644
-index 00000000..73c9d565
---- /dev/null
-+++ b/repos/system_upgrade/el8toel9/actors/migrateblacklistca/libraries/migrateblacklistca.py
-@@ -0,0 +1,89 @@
-+import os
-+import shutil
-+
-+from leapp.libraries.stdlib import api, CalledProcessError, run
-+
-+# dict(orig_dir: new_dir)
-+DIRS_CHANGE = {
-+    '/etc/pki/ca-trust/source/blacklist/': '/etc/pki/ca-trust/source/blocklist/',
-+    '/usr/share/pki/ca-trust-source/blacklist/': '/usr/share/pki/ca-trust-source/blocklist/'
-+}
-+
-+
-+def _link_src_path(filepath):
-+    """
-+    Return expected target path for the symlink.
-+
-+    In case the symlink points to one of dirs supposed to be migrated in this
-+    actor, we need to point to the new directory instead.
-+
-+    In case the link points anywhere else, keep the target path as it is.
-+    """
-+    realpath = os.path.realpath(filepath)
-+    for dirname in DIRS_CHANGE:
-+        if realpath.startswith(dirname):
-+            return realpath.replace(dirname, DIRS_CHANGE[dirname])
-+
-+    # it seems we can keep this path
-+    return realpath
-+
-+
-+def _migrate_file(filename, src_basedir):
-+    dst_path = filename.replace(src_basedir, DIRS_CHANGE[src_basedir])
-+    if os.path.exists(dst_path):
-+        api.current_logger().info(
-+            'Skipping migration of the {} certificate. The target file already exists'
-+            .format(filename)
-+        )
-+        return
-+    os.makedirs(os.path.dirname(dst_path), mode=0o755, exist_ok=True)
-+    if os.path.islink(filename):
-+        # create the new symlink instead of the moving the file
-+        # as the target path could be different as well
-+        link_src_path = _link_src_path(filename)
-+        # TODO: is the broken symlink ok?
-+        os.symlink(link_src_path, dst_path)
-+        os.unlink(filename)
-+    else:
-+        # normal file, just move it
-+        shutil.move(filename, dst_path)
-+
-+
-+def _get_files(dirname):
-+    return run(['find', dirname, '-type', 'f,l'], split=True)['stdout']
-+
-+
-+def process():
-+    for dirname in DIRS_CHANGE:
-+        if not os.path.exists(dirname):
-+            # The directory does not exist; nothing to do here
-+            continue
-+        try:
-+            blacklisted_certs = _get_files(dirname)
-+        except (CalledProcessError, OSError) as e:
-+            # TODO: create post-upgrade report
-+            api.current_logger().error('Cannot get list of files in {}: {}.'.format(dirname, e))
-+            api.current_logger().error('Certificates under {} must be migrated manually.'.format(dirname))
-+            continue
-+        failed_files = []
-+        for filename in blacklisted_certs:
-+            try:
-+                _migrate_file(filename, dirname)
-+            except OSError as e:
-+                api.current_logger().error(
-+                    'Failed migration of blacklisted certificate {}: {}'
-+                    .format(filename, e)
-+                )
-+                failed_files.append(filename)
-+        if not failed_files:
-+            # the failed removal is not such a big issue here
-+            # clean the dir if all files have been migrated successfully
-+            shutil.rmtree(dirname, ignore_errors=True)
-+    try:
-+        run(['/usr/bin/update-ca-trust'])
-+    except (CalledProcessError, OSError) as e:
-+        api.current_logger().error(
-+            'Cannot update CA trust on the system.'
-+            ' It needs to be done manually after the in-place upgrade.'
-+            ' Reason: {}'.format(e)
-+        )
-diff --git a/repos/system_upgrade/el8toel9/actors/migrateblacklistca/tests/unit_test_migrateblacklistca.py b/repos/system_upgrade/el8toel9/actors/migrateblacklistca/tests/unit_test_migrateblacklistca.py
-new file mode 100644
-index 00000000..970dcb97
---- /dev/null
-+++ b/repos/system_upgrade/el8toel9/actors/migrateblacklistca/tests/unit_test_migrateblacklistca.py
-@@ -0,0 +1,25 @@
-+import os
-+
-+from leapp.libraries.actor import migrateblacklistca
-+from leapp.libraries.common.testutils import CurrentActorMocked
-+from leapp.libraries.stdlib import api
-+
-+
-+class MockedGetFiles():
-+    def __init__(self):
-+        self.called = 0
-+
-+    def __call__(self):
-+        self.called += 1
-+        return []
-+
-+
-+def test_no_dirs_exist(monkeypatch):
-+    mocked_files = MockedGetFiles()
-+    monkeypatch.setattr(os.path, 'exists', lambda dummy: False)
-+    monkeypatch.setattr(migrateblacklistca, '_get_files', mocked_files)
-+    monkeypatch.setattr(api, 'current_actor', CurrentActorMocked())
-+    # this is bad mock, but we want to be sure that update-ca-trust is not
-+    # called on the testing machine
-+    monkeypatch.setattr(migrateblacklistca, 'run', lambda dummy: dummy)
-+    assert not mocked_files.called
--- 
-2.35.1
-

SOURCES/0006-Skip-comment-lines-when-parsing-grub-configuration-f.patch

@@ -1,108 +0,0 @@
-From 32702c7c7d1c445b9ab95e0d1bbdfdf8f06d4303 Mon Sep 17 00:00:00 2001
-From: Petr Stodulka <pstodulk@redhat.com>
-Date: Wed, 27 Apr 2022 11:25:40 +0200
-Subject: [PATCH] Skip comment lines when parsing grub configuration file
-
-Added simple unit-test for default grub info to see the valid lines
-can be parsed as expected.
----
- .../systemfacts/libraries/systemfacts.py      | 21 ++++++++-
- .../tests/test_systemfacts_grub.py            | 46 +++++++++++++++++++
- 2 files changed, 65 insertions(+), 2 deletions(-)
- create mode 100644 repos/system_upgrade/common/actors/systemfacts/tests/test_systemfacts_grub.py
-
-diff --git a/repos/system_upgrade/common/actors/systemfacts/libraries/systemfacts.py b/repos/system_upgrade/common/actors/systemfacts/libraries/systemfacts.py
-index 0de8b383..81aea6f5 100644
---- a/repos/system_upgrade/common/actors/systemfacts/libraries/systemfacts.py
-+++ b/repos/system_upgrade/common/actors/systemfacts/libraries/systemfacts.py
-@@ -9,6 +9,7 @@ import re
- import six
- 
- from leapp import reporting
-+from leapp.exceptions import StopActorExecutionError
- from leapp.libraries.common import repofileutils
- from leapp.libraries.common.config import architecture
- from leapp.libraries.stdlib import api, CalledProcessError, run
-@@ -289,9 +290,25 @@ def _default_grub_info():
-         ])
-     else:
-         for line in run(['cat', default_grb_fpath], split=True)['stdout']:
--            if not line.strip():
-+            line = line.strip()
-+            if not line or line[0] == '#':
-+                # skip comments and empty lines
-                 continue
--            name, value = tuple(map(type(line).strip, line.split('=', 1)))
-+            try:
-+                name, value = tuple(map(type(line).strip, line.split('=', 1)))
-+            except ValueError as e:
-+                # we do not want to really continue when we cannot parse this file
-+                # TODO(pstodulk): rewrite this in the form we produce inhibitor
-+                # with problematic lines. This is improvement just in comparison
-+                # to the original hard crash.
-+                raise StopActorExecutionError(
-+                    'Failed parsing of {}'.format(default_grb_fpath),
-+                    details={
-+                        'error': str(e),
-+                        'problematic line': str(line)
-+                    }
-+                )
-+
-             yield DefaultGrub(
-                 name=name,
-                 value=value
-diff --git a/repos/system_upgrade/common/actors/systemfacts/tests/test_systemfacts_grub.py b/repos/system_upgrade/common/actors/systemfacts/tests/test_systemfacts_grub.py
-new file mode 100644
-index 00000000..08552771
---- /dev/null
-+++ b/repos/system_upgrade/common/actors/systemfacts/tests/test_systemfacts_grub.py
-@@ -0,0 +1,46 @@
-+import os
-+
-+from leapp.libraries.actor import systemfacts
-+from leapp.models import DefaultGrub
-+
-+
-+class RunMocked(object):
-+    def __init__(self, cmd_result):
-+        self.called = 0
-+        self.cmd_result = cmd_result
-+        self.split = False
-+        self.cmd = None
-+
-+    def __call__(self, cmd, split=False):
-+        self.cmd = cmd
-+        self.split = split
-+        self.called += 1
-+        return self.cmd_result
-+
-+
-+def test_default_grub_info_valid(monkeypatch):
-+    mocked_run = RunMocked({
-+        'stdout': [
-+            'line="whatever else here"',
-+            'newline="whatever"',
-+            '# comment here',
-+            'why_not=value',
-+            ' # whitespaces around comment ',
-+            ' ',
-+            ' last=last really'
-+        ],
-+    })
-+    expected_result = [
-+        DefaultGrub(name='line', value='"whatever else here"'),
-+        DefaultGrub(name='newline', value='"whatever"'),
-+        DefaultGrub(name='why_not', value='value'),
-+        DefaultGrub(name='last', value='last really'),
-+    ]
-+    monkeypatch.setattr(systemfacts, 'run', mocked_run)
-+    monkeypatch.setattr(os.path, 'isfile', lambda dummy: True)
-+    for msg in systemfacts._default_grub_info():
-+        expected_msg = expected_result.pop(0)
-+        assert msg.name == expected_msg.name
-+        assert msg.value == expected_msg.value
-+    assert mocked_run.called
-+    assert not expected_result
--- 
-2.35.1
-

SPECS/leapp-repository.spec

@@ -2,7 +2,7 @@
 %global repositorydir %{leapp_datadir}/repositories
 %global custom_repositorydir %{leapp_datadir}/custom-repositories
 
-%define leapp_repo_deps  6
+%define leapp_repo_deps  10
 
 %if 0%{?rhel} == 7
     %define leapp_python_sitelib %{python2_sitelib}
@@ -41,24 +41,23 @@ py2_byte_compile "%1" "%2"}
 # RHEL 8+ packages to be consistent with other leapp projects in future.
 
 Name:           leapp-repository
-Version:        0.16.0
-Release:        6%{?dist}
+Version:        0.20.0
+Release:        2%{?dist}
 Summary:        Repositories for leapp
 
 License:        ASL 2.0
 URL:            https://oamg.github.io/leapp/
-Source0:        https://github.com/oamg/leapp-repository/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
-Source1:        deps-pkgs-6.tar.gz
+Source0:        https://github.com/oamg/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
+Source1:        deps-pkgs-10.tar.gz
+
+# NOTE: Our packages must be noarch. Do no drop this in any way.
 BuildArch:      noarch
 
 ### PATCHES HERE
 # Patch0001:    filename.patch
-Patch0001:      0001-pcidevicesscanner-Also-match-deprecation-data-agains.patch1
-Patch0002:      0002-pciscanner-Fix-2-issues-in-regards-to-pci-address-ha.patch
-Patch0003:      0003-Ensure-the-right-repositories-are-enabled-on-Satelli.patch
-Patch0004:      0004-Enforce-the-removal-of-rubygem-irb-do-not-install-it.patch
-Patch0005:      0005-IPU-8-9-Migrate-blacklisted-CAs-hotfix.patch
-Patch0006:      0006-Skip-comment-lines-when-parsing-grub-configuration-f.patch
+
+Patch0001:      0001-rhui-do-not-bootstrap-target-client-on-aws.patch
+
 
 %description
 %{summary}
@@ -77,7 +76,7 @@ Requires:       python2-leapp
 Obsoletes:      leapp-repository-data <= 0.6.1
 Provides:       leapp-repository-data <= 0.6.1
 
-# Former leapp subpackage that is part of the sos package since HEL 7.8
+# Former leapp subpackage that is part of the sos package since RHEL 7.8
 Obsoletes:      leapp-repository-sos-plugin <= 0.10.0
 
 # Set the conflict to be sure this RPM is not upgraded automatically to
@@ -97,18 +96,22 @@ Conflicts:      leapp-upgrade-el7toel8
 
 %endif
 
-# IMPORTANT: everytime the requirements are changed, increment number by one
+# IMPORTANT: every time the requirements are changed, increment number by one
 # - same for Provides in deps subpackage
 Requires:       leapp-repository-dependencies = %{leapp_repo_deps}
 
 # IMPORTANT: this is capability provided by the leapp framework rpm.
 # Check that 'version' instead of the real framework rpm version.
-Requires:       leapp-framework >= 2.2
+Requires:       leapp-framework >= 5.0
 
 # Since we provide sub-commands for the leapp utility, we expect the leapp
 # tool to be installed as well.
 Requires:       leapp
 
+# Used to determine RHEL version of a given target RHEL installation image -
+# uncompressing redhat-release package from the ISO.
+Requires:   cpio
+
 # The leapp-repository rpm is renamed to %%{lpr_name}
 Obsoletes:      leapp-repository < 0.14.0-5
 Provides:       leapp-repository = %{version}-%{release}
@@ -117,13 +120,21 @@ Provides:       leapp-repository = %{version}-%{release}
 # to install "leapp-upgrade" in the official docs.
 Provides:       leapp-upgrade = %{version}-%{release}
 
+# Provide leapp-commands so the framework could refer to them when customers
+# do not have installed particular leapp-repositories
+Provides:       leapp-command(answer)
+Provides:       leapp-command(preupgrade)
+Provides:       leapp-command(upgrade)
+Provides:       leapp-command(rerun)
+Provides:       leapp-command(list-runs)
+
 
 %description -n %{lpr_name}
 Leapp repositories for the in-place upgrade to the next major version
 of the Red Hat Enterprise Linux system.
 
 
-# This metapackage should contain all RPM dependencies exluding deps on *leapp*
+# This metapackage should contain all RPM dependencies excluding deps on *leapp*
 # RPMs. This metapackage will be automatically replaced during the upgrade
 # to satisfy dependencies with RPMs from target system.
 %package -n %{lpr_name}-deps
@@ -132,7 +143,7 @@ Summary:    Meta-package with system dependencies of %{lpr_name} package
 # The package has been renamed, so let's obsoletes the old one
 Obsoletes:      leapp-repository-deps < 0.14.0-5
 
-# IMPORTANT: everytime the requirements are changed, increment number by one
+# IMPORTANT: every time the requirements are changed, increment number by one
 # - same for Requires in main package
 Provides:  leapp-repository-dependencies = %{leapp_repo_deps}
 ##################################################
@@ -140,6 +151,16 @@ Provides:  leapp-repository-dependencies = %{leapp_repo_deps}
 ##################################################
 Requires:   dnf >= 4
 Requires:   pciutils
+
+# required to be able to format disk images with XFS file systems (default)
+Requires:   xfsprogs
+
+# required to be able to format disk images with Ext4 file systems
+# NOTE: this is not happening by default, but we can expact that many customers
+# will want to / need to do this - especially on RHEL 7 now. Adding this deps
+# as the best trade-off to resolve this problem.
+Requires:   e2fsprogs
+
 %if 0%{?rhel} && 0%{?rhel} == 7
 # Required to gather system facts about SELinux
 Requires:   libselinux-python
@@ -160,6 +181,18 @@ Requires:   python3-requests
 Requires:   python3-six
 # required by SELinux actors
 Requires:   policycoreutils-python-utils
+# required by systemfacts, and several other actors
+Requires:   procps-ng
+Requires:   kmod
+# since RHEL 8+ dracut does not have to be present on the system all the time
+# and missing dracut could be killing situation for us :)
+Requires:   dracut
+
+# Required to scan NetworkManagerConnection (e.g. to recognize secrets)
+# NM is requested to be used on RHEL 8+ systems
+Requires:   NetworkManager-libnm
+Requires:   python3-gobject-base
+
 %endif
 ##################################################
 # end requirement
@@ -177,19 +210,13 @@ Requires:   policycoreutils-python-utils
 # APPLY PATCHES HERE
 # %%patch0001 -p1
 %patch0001 -p1
-%patch0002 -p1
-%patch0003 -p1
-%patch0004 -p1
-%patch0005 -p1
-%patch0006 -p1
 
-# enforce removal of packages below during the upgrade
 
 %build
 %if 0%{?rhel} == 7
-cp -a leapp*deps-el8*rpm repos/system_upgrade/el7toel8/files/bundled-rpms/
+cp -a leapp*deps*el8.noarch.rpm repos/system_upgrade/el7toel8/files/bundled-rpms/
 %else
-cp -a leapp*deps-el9*rpm repos/system_upgrade/el8toel9/files/bundled-rpms/
+cp -a leapp*deps*el9.noarch.rpm repos/system_upgrade/el8toel9/files/bundled-rpms/
 %endif
 
 
@@ -201,6 +228,7 @@ install -m 0755 -d %{buildroot}%{_sysconfdir}/leapp/repos.d/
 install -m 0755 -d %{buildroot}%{_sysconfdir}/leapp/transaction/
 install -m 0755 -d %{buildroot}%{_sysconfdir}/leapp/files/
 install -m 0644 etc/leapp/transaction/* %{buildroot}%{_sysconfdir}/leapp/transaction
+install -m 0644 etc/leapp/files/* %{buildroot}%{_sysconfdir}/leapp/files
 
 # install CLI commands for the leapp utility on the expected path
 install -m 0755 -d %{buildroot}%{leapp_python_sitelib}/leapp/cli/
@@ -220,6 +248,7 @@ rm -rf %{buildroot}%{repositorydir}/common/actors/testactor
 find %{buildroot}%{repositorydir}/common -name "test.py" -delete
 rm -rf `find %{buildroot}%{repositorydir} -name "tests" -type d`
 find %{buildroot}%{repositorydir} -name "Makefile" -delete
+find %{buildroot} -name "*.py.orig" -delete
 
 for DIRECTORY in $(find  %{buildroot}%{repositorydir}/  -mindepth 1 -maxdepth 1 -type d);
 do
@@ -247,6 +276,7 @@ done;
 %dir %{repositorydir}
 %dir %{custom_repositorydir}
 %dir %{leapp_python_sitelib}/leapp/cli/commands
+%config %{_sysconfdir}/leapp/files/*
 %{_sysconfdir}/leapp/repos.d/*
 %{_sysconfdir}/leapp/transaction/*
 %{repositorydir}/*
@@ -257,6 +287,217 @@ done;
 # no files here
 
 %changelog
+* Tue Feb 20 2024 Petr Stodulka <pstodulk@redhat.com> - 0.20.0-2
+- Fallback to original RHUI solution on AWS to fix issues caused by changes in RHUI client
+- Resolves: RHEL-16729
+
+* Tue Feb 13 2024 Toshio Kuratomi <toshio@fedoraproject.org> - 0.20.0-1
+- Rebase to new upstream v0.20.0.
+- Fix semanage import issue
+- Fix handling of libvirt's systemd services
+- Add a dracut breakpoint for the pre-upgrade step.
+- Drop obsoleted upgrade paths (obsoleted releases: 8.6, 8.9, 9.0, 9.3)
+- Resolves: RHEL-16729
+
+* Tue Jan 23 2024 Toshio Kuratomi <toshio@fedoraproject.org> - 0.19.0-10
+- Print nice error msg when device and driver deprecation data is malformed
+- Fix another cornercase when preserving symlinks to certificates in /etc/pki
+- Update the leapp upgrade data files - fixing upgrades with idm-tomcatjss
+- Resolves: RHEL-16729
+
+* Fri Jan 19 2024 Petr Stodulka <pstodulk@redhat.com> - 0.19.0-9
+- Do not try to download data files anymore when missing as the service
+  is obsoleted since the data is part of installed packages
+- Update error messages and reports when installed upgrade data files
+  are malformed or missing to instruct user how to resolve it
+- Update the leapp upgrade data files - bump data stream to "3.0"
+- Resolves: RHEL-16729
+
+* Fri Jan 12 2024 Petr Stodulka <pstodulk@redhat.com> - 0.19.0-7
+- Add detection of possible usage of OpenSSL IBMCA engine on IBM Z machines
+- Add detection of modified /etc/pki/tls/openssl.cnf file
+- Update the leapp upgrade data files
+- Fix handling of symlinks under /etc/pki with relative paths specified
+- Report custom actors and modifications of the upgrade tooling
+- Requires xfsprogs and e2fsprogs to ensure that Ext4 and XFS tools are installed
+- Bump leapp-repository-dependencies to 10
+- Resolves: RHEL-1774, RHEL-16729
+
+* Thu Nov 16 2023 Petr Stodulka <pstodulk@redhat.com> - 0.19.0-5
+- Enable new upgrade path for RHEL 8.10 -> RHEL 9.4 (including RHEL with SAP HANA)
+- Introduce generic transition of systemd services states during the IPU
+- Introduce possibility to upgrade with local repositories
+- Improve possibilities of upgrade when a proxy is configured in DNF configutation file
+- Fix handling of symlinks under /etc/pki when managing certificates
+- Fix the upgrade with custom https repositories
+- Default to the NO_RHSM mode when subscription-manager is not installed
+- Detect customized configuration of dynamic linker
+- Drop the invalid `tuv` target channel for the --channel option
+- Fix the issue of going out of bounds in the isccfg parser
+- Fix traceback when saving the rhsm facts results and the /etc/rhsm/facts directory doesn’t exist yet
+- Load all rpm repository substitutions that dnf knows about, not just "releasever" only
+- Simplify handling of upgrades on systems using RHUI, reducing the maintenance burden for cloud providers
+- Detect possible unexpected RPM GPG keys has been installed during RPM transaction
+- Resolves: RHEL-16729
+
+* Thu Nov 02 2023 Petr Stodulka <pstodulk@redhat.com> - 0.19.0-4
+- Fix the upgrade for systems without subscription-manager package
+- Resolves: RHEL-14901
+
+* Tue Oct 31 2023 Petr Stodulka <pstodulk@redhat.com> - 0.19.0-3
+- Fix the upgrade when the release is locked by new subscription-manager
+- Resolves: RHEL-14901
+
+* Wed Aug 23 2023 Petr Stodulka <pstodulk@redhat.com> - 0.19.0-1
+- Rebase to v0.19.0
+- Requires leapp-framework 5.0
+- Handle correctly the installed certificates to allow upgrades with custom repositories using HTTPs with enabled SSL verification
+- Fix failing upgrades with devtmpfs file systems specified in FSTAB
+- Do not try to update GRUB core on IBM Z systems
+- Minor improvements and fixes of various reports and error messages
+- Redesign handling of information about kernel (booted and target) to reflect changes in RHEL 9.3
+- Use new leapp CLI API which provides better report summary output
+- Resolves: rhbz#2215997, rhbz#2222861, rhbz#2232618
+
+* Tue Jul 18 2023 Petr Stodulka <pstodulk@redhat.com> - 0.18.0-5
+- Fix the calculation of the required free space on each partitions/volume for the upgrade transactions
+- Create source overlay images with dynamic sizes to optimize disk space consumption
+- Update GRUB2 when /boot resides on multiple devices aggregated in RAID
+- Use new leapp CLI API which provides better report summary output
+- Introduce possibility to add (custom) kernel drivers to initramfs
+- Detect and report use of deprecated Xorg drivers
+- Fix the generation of the report about hybrid images
+- Inhibit the upgrade when unsupported x86-64 microarchitecture is detected
+- Minor improvements and fixes of various reports
+- Requires leapp-framework 4.0
+- Update leapp data files
+- Resolves: rhbz#2140011, rhbz#2144304, rhbz#2174095, rhbz#2215997
+
+* Mon Jun 19 2023 Petr Stodulka <pstodulk@redhat.com> - 0.18.0-4
+- Introduce new upgrade path RHEL 8.9 -> 9.3
+- Update leapp data files to reflect new changes between systems
+- Detect and report use of deprecated Xorg drivers
+- Minor improvements of generated reports
+- Fix false positive report about invalid symlinks
+- Inhibit the upgrade when unsupported x86-64 microarchitecture is detected
+- Resolves: rhbz#2215997
+
+* Mon Jun 05 2023 Petr Stodulka <pstodulk@redhat.com> - 0.18.0-3
+- Update the repomap.json file to address planned changes on RHUI Azure
+- Resolves: rhbz#2203800
+
+* Fri May 19 2023 Petr Stodulka <pstodulk@redhat.com> - 0.18.0-2
+- Include leap data files in the package
+- Introduce in-place upgrades for systems with enabled FIPS mode
+- Enable the upgrade path 8.8 -> 9.2 for RHEL with SAP HANA
+- Fix the upgrade of ruby-irb package
+- Resolves: rhbz#2030627, rhbz#2097003, rhbz#2203800, rhbz#2203803
+
+* Tue Feb 21 2023 Petr Stodulka <pstodulk@redhat.com> - 0.18.0-1
+- Rebase to v0.18.0
+- Introduce new upgrade path RHEL 8.8 -> 9.2
+- Requires cpio
+- Requires python3-gobject-base, NetworkManager-libnm
+- Bump leapp-repository-dependencies to 9
+- Add breadcrumbs results to RHSM facts
+- Add leapp RHUI packages to an allowlist to drop confusing reports
+- Added checks for RHEL SAP IPU 8.6 -> 9.0
+- Check RPM signatures during the upgrade
+- Check only mounted XFS partitions
+- Check the validity and compatitibility of used leapp data
+- Detect CIFS also when upgrading from RHEL8 to RHEL9 (PR1035)
+- Detect RoCE on IBM Z machines and check the configuration is safe for the upgrade
+- Detect a proxy configuration in YUM/DNF and adjust an error msg on issues caused by the configuration
+- Detect and report systemd symlinks that are broken before the upgrade
+- Detect the kernel-core RPM instead of kernel to prevent an error during post-upgrade phases
+- Disable the amazon-id DNF plugin on AWS during the upgrade stage to omit confusing error messages
+- Do not create new *pyc files when running leapp after the DNF upgrade transaction
+- Drop obsoleted upgrade paths
+- Enable upgrades of RHEL 8 for SAP HANA to RHEL 9 on ppc64le
+- Enable upgrades on s390x when /boot is part of rootfs
+- Extend the allow list of RHUI clients by azure-sap-apps to omit confusing report
+- Filter out PES events unrelated for the used upgrade path and handle overlapping event
+ (fixes upgrades with quagga installed)
+- Fix scan of ceph volumes on systems without ceph-osd or when ceph-osd container is not found
+- Fix systemd symlinks that become incorrect during the IPU
+- Fix the check of memory (RAM) limits and use human readable values in the report
+- Fix the kernel detection during initramfs creation for new kernel on RHEL 9.2+
+- Fix the upgrade of IBM Z machines configured with ZFCP
+- Fix the upgrade on Azure using RHUI for SAP Apps images
+- Ignore external accounts in /etc/passwd
+- Improve remediation instructions for packages in unknown repositories
+- Improve the error message to guide users when discovered more space is needed
+- Improve the handling of blocklisted certificates
+- Inhibit the upgrade when entries in /etc/fstab cause overshadowing during the upgrade
+- Introduced an option to use an ISO file as a target RHEL version content source
+- Introduced possibility to specify what systemd services should be enabled/disabled on the upgraded system
+- Introduced the --nogpgcheck option to skip checking of RPM signatures
+- Map the target repositories also based on the installed content
+- Prevent re-run of leapp in the upgrade initramfs in case of previous failure
+- Prevent the upgrade with RHSM when Baseos and Appstream target repositories are not discovered
+- Provide common information about systemd services
+- RHUI(Azure) Handle correctly various SAP images
+- Register subscribed systems automatically to Red Hat Insights unless --no-insights-register is used
+- Remove obsoleted GPG keys provided by RH after the upgrade to prevent errors
+- Rework the network configuration handling and parse the configuration data properly
+- Set the system release lock after the upgrade also for premium channels
+- Small improvements in various reports
+- Resolves: rhbz#2088492, rhbz#2111691, rhbz#2127920, rhbz#2129716,rhbz#2139907, rhbz#2139907, rhbz#2141393, rhbz#2143372, rhbz#2155661
+
+* Wed Sep 07 2022 Petr Stodulka <pstodulk@redhat.com> - 0.17.0-3
+- Adding back instruction to not install rubygem-irb during the in-place upgrade
+  to prevent conflict between files
+- Resolves: rhbz#2090995
+
+* Wed Sep 07 2022 Petr Stodulka <pstodulk@redhat.com> - 0.17.0-2
+- Update VDO checks to enable user to decide the system state on check failures
+  and undetermined block devices
+- The VDO dialog and related VDO reports have been properly updated
+- Resolves: rhbz#2096159
+
+* Wed Aug 24 2022 Petr Stodulka <pstodulk@redhat.com> - 0.17.0-1
+- Rebase to v0.17.0
+- Support upgrade path RHEL 8.7 -> 9.0 and RHEL SAP 8.6 -> 9.0
+- Provide and require leapp-repository-dependencies 7
+- Provide `leapp-command(<CMD>)` for each CLI command provided by leapp-repository
+- Require dracut, kmod, procps-ng on RHEL 8+
+- Require leapp-framework >= 3.1
+- Add actors covering removal of NIS components on RHEL 9
+- Add checks for obsolete .NET versions
+- Allow specifying the report schema v1.2.0
+- Check and handle upgrades with custom crypto policies
+- Check and migrate OpenSSH configuration
+- Check and migrate multipath configuration
+- Check minimum memory requirements
+- Do not create the upgrade bootloader entry when the dnf dry-run actor stops the upgrade
+- Enable Base and SAP in-place upgrades on Azure
+- Enable in-place upgrade in case LUKS volumes are Ceph OSDs
+- Enable in-place upgrades in Azure RHEL 8 base images using RHUI
+- Enable in-place upgrades on  IBM z16 machines
+- Enable the CRB repository for the upgrade only if enabled on the source system
+- Fix cloud provider detection on AWS
+- Fix detection of the latest kernel
+- Fix issues caused by leapp artifacts from previous in-place upgrades
+- Fix issues with false positive switch to emergency console during the upgrade
+- Fix swap page size on aarch64
+- Fix the VDO scanner to skip partitions unrelated to VDO and adjust error messages
+- Fix the false positive NFS storage detection on NFS servers and improve the report msg
+- Fix the issues on systems with the LANGUAGE environment variable
+- Fix the root directory scan to deal with non-utf8 filenames
+- Handle upgrades of SAP systems on AWS
+- Inform about necessary migrations related to bacula-director when installed on the system
+- Inhibit the upgrade when /var/lib/leapp being mounted in a non-persistent fashion to prevent failures
+- Inhibit the upgrade when /var/lib/leapp mounted with the noexec option to prevent failures
+- Inhibit upgrade when NVIDIA driver is detected
+- Make the application of custom selinux rules more reliable and do not override changes done by RPM scriptlets
+- Migrate the OpenSSL configuration
+- PESEventScanner actor has been fully refactored
+- Report changes around SCP and SFTP
+- Skip comment lines when parsing the GRUB configuration file
+- Stop propagating the “debug” and ”enforcing=0” kernel cmdline options into the target kernel cmdline options
+- Mass refactoring to be compatible with leapp v0.15.0
+- Resolves: rhbz#2090995, rhbz#2040470, rhbz#2092005, rhbz#2093220, rhbz#2095704, rhbz#2096159, rhbz#2100108, rhbz#2100110, rhbz#2103282, rhbz#2106904, rhbz#2110627
+
 * Wed Apr 27 2022 Petr Stodulka <pstodulk@redhat.com> - 0.16.0-6
 - Skip comments in /etc/default/grub during the parsing
 - Resolves: #1997076