From 117644119f8c48fe5183aa309ad45a8ba9a4bf53 Mon Sep 17 00:00:00 2001 From: Matej Matuska Date: Fri, 28 Jun 2024 18:53:07 +0200 Subject: [PATCH 87/92] Fix or TODO some version specific actions in actors --- .../common/actors/checkfips/actor.py | 5 ++++- .../checksaphana/libraries/checksaphana.py | 11 +++++++++-- .../opensshpermitrootlogincheck/actor.py | 5 +++-- .../libraries/checkopensslconf.py | 9 ++++++--- .../libraries/repairsystemdsymlinks.py | 19 ++++++------------- repos/system_upgrade/common/libraries/rhui.py | 1 + 6 files changed, 29 insertions(+), 21 deletions(-) diff --git a/repos/system_upgrade/common/actors/checkfips/actor.py b/repos/system_upgrade/common/actors/checkfips/actor.py index bd09b1b9..73408655 100644 --- a/repos/system_upgrade/common/actors/checkfips/actor.py +++ b/repos/system_upgrade/common/actors/checkfips/actor.py @@ -41,7 +41,7 @@ class CheckFips(Actor): reporting.ExternalLink(url=fips_7to8_steps_docs_url, title='Planning an upgrade from RHEL 7 to RHEL 8') ]) - else: + elif version.get_target_major_version() == '9': # FIXME(mhecko): We include these files manually as they are not included automatically when the fips # module is used due to a bug in dracut. This code should be removed, once the dracut bug is resolved. # See https://bugzilla.redhat.com/show_bug.cgi?id=2176560 @@ -53,3 +53,6 @@ class CheckFips(Actor): ] self.produce(UpgradeInitramfsTasks(include_files=fips_required_initramfs_files, include_dracut_modules=[DracutModule(name='fips')])) + elif version.get_target_major_version() == '10': + # TODO(mmatuska): What to do with FIPS on 9to10? OAMG-11431 + pass diff --git a/repos/system_upgrade/common/actors/checksaphana/libraries/checksaphana.py b/repos/system_upgrade/common/actors/checksaphana/libraries/checksaphana.py index 7cd83de8..498fb7a8 100644 --- a/repos/system_upgrade/common/actors/checksaphana/libraries/checksaphana.py +++ b/repos/system_upgrade/common/actors/checksaphana/libraries/checksaphana.py @@ -7,7 +7,8 @@ from leapp.models import SapHanaInfo # Supported architectures for upgrades with SAP HANA to RHEL 'X' SAP_HANA_SUPPORTER_ARCHS = { '8': [architecture.ARCH_X86_64], - '9': [architecture.ARCH_X86_64, architecture.ARCH_PPC64LE] + '9': [architecture.ARCH_X86_64, architecture.ARCH_PPC64LE], + '10': [architecture.ARCH_X86_64, architecture.ARCH_PPC64LE], } SAP_HANA_MINIMAL_MAJOR_VERSION = 2 @@ -186,6 +187,8 @@ def version2_check(info): continue if version.matches_target_version('> 8.6', '< 9.0') or version.matches_target_version('> 9.0'): # if a target release is >=8.8 or >=9.2, the SAP HANA and RHEL versions compatibility is not checked + # TODO(mmatuska): We don't know whether the check will be skipped on RHEL 10 (9to10) yet, + # update the method accoridingly then _report_skip_check() return # if a starget release is 8.6 or 9.0 we still check SAP HANA and RHEL versions compatibility @@ -221,6 +224,7 @@ def platform_check(): Supported architectures: - IPU 7 -> 8: x86_64 - IPU 8 -> 9: x86_64, ppc64le + - IPU 9 -> 10: x86_64, ppc64le In case of the upgrade to a RHEL X version that is not supported for the IPU yet, return False and do not report anything, as the upgrade to @@ -243,7 +247,10 @@ def platform_check(): title='How to in-place upgrade SAP environments from RHEL 7 to RHEL 8'), '9': reporting.ExternalLink( url='https://red.ht/how-to-in-place-upgrade-sap-environments-from-rhel-8-to-rhel-9', - title='How to in-place upgrade SAP environments from RHEL 8 to RHEL 9') + title='How to in-place upgrade SAP environments from RHEL 8 to RHEL 9'), + '10': reporting.ExternalLink( + url='https://red.ht/how-to-in-place-upgrade-sap-environments-from-rhel-9-to-rhel-10', + title='How to in-place upgrade SAP environments from RHEL 9 to RHEL 10'), } reporting.create_report([ diff --git a/repos/system_upgrade/common/actors/opensshpermitrootlogincheck/actor.py b/repos/system_upgrade/common/actors/opensshpermitrootlogincheck/actor.py index 7a49622f..9c1a421c 100644 --- a/repos/system_upgrade/common/actors/opensshpermitrootlogincheck/actor.py +++ b/repos/system_upgrade/common/actors/opensshpermitrootlogincheck/actor.py @@ -50,9 +50,10 @@ class OpenSshPermitRootLoginCheck(Actor): self.process7to8(config) elif get_source_major_version() == '8': self.process8to9(config) + elif int(get_source_major_version()) >= 9: + pass else: - api.current_logger().warning('Unknown source major version: {} (expecting 7 or 8)' - .format(get_source_major_version())) + api.current_logger().warning('Unknown source major version: {}'.format(get_source_major_version())) def process7to8(self, config): # when the config was not modified, we can pass this check and let the diff --git a/repos/system_upgrade/common/actors/openssl/checkopensslconf/libraries/checkopensslconf.py b/repos/system_upgrade/common/actors/openssl/checkopensslconf/libraries/checkopensslconf.py index 06a30fa1..53e803b2 100644 --- a/repos/system_upgrade/common/actors/openssl/checkopensslconf/libraries/checkopensslconf.py +++ b/repos/system_upgrade/common/actors/openssl/checkopensslconf/libraries/checkopensslconf.py @@ -5,8 +5,11 @@ from leapp.libraries.stdlib import api from leapp.models import DistributionSignedRPM, TrackedFilesInfoSource DEFAULT_OPENSSL_CONF = '/etc/pki/tls/openssl.cnf' -URL_8_CRYPTOPOLICIES = 'https://red.ht/rhel-8-system-wide-crypto-policies' -URL_9_CRYPTOPOLICIES = 'https://red.ht/rhel-9-system-wide-crypto-policies' +URL_CRYPTOPOLICIES = { + '8': 'https://red.ht/rhel-8-system-wide-crypto-policies', + '9': 'https://red.ht/rhel-9-system-wide-crypto-policies', + '10': 'https://red.ht/rhel-10-system-wide-crypto-policies', # TODO actually make the url +} def check_ibmca(): @@ -70,7 +73,7 @@ def check_default_openssl(): if not _is_openssl_modified(): return - crypto_url = URL_8_CRYPTOPOLICIES if version.get_target_major_version == '8' else URL_9_CRYPTOPOLICIES + crypto_url = URL_CRYPTOPOLICIES[version.get_target_major_version()] # TODO(pstodulk): Needs in future some rewording, as OpenSSL engines are # deprecated since "RHEL 8" and people should use OpenSSL providers instead. diff --git a/repos/system_upgrade/common/actors/systemd/repairsystemdsymlinks/libraries/repairsystemdsymlinks.py b/repos/system_upgrade/common/actors/systemd/repairsystemdsymlinks/libraries/repairsystemdsymlinks.py index 884b001e..3fcf4aa6 100644 --- a/repos/system_upgrade/common/actors/systemd/repairsystemdsymlinks/libraries/repairsystemdsymlinks.py +++ b/repos/system_upgrade/common/actors/systemd/repairsystemdsymlinks/libraries/repairsystemdsymlinks.py @@ -6,18 +6,11 @@ from leapp.libraries.common.config.version import get_target_major_version from leapp.libraries.stdlib import api, CalledProcessError, run from leapp.models import SystemdBrokenSymlinksSource, SystemdBrokenSymlinksTarget, SystemdServicesInfoSource -_INSTALLATION_CHANGED_EL8 = ['rngd.service', 'sysstat.service'] -_INSTALLATION_CHANGED_EL9 = [] - - -def _get_installation_changed_units(): - version = get_target_major_version() - if version == '8': - return _INSTALLATION_CHANGED_EL8 - if version == '9': - return _INSTALLATION_CHANGED_EL9 - - return [] +_INSTALLATION_CHANGED = { + '8': ['rngd.service', 'sysstat.service'], + '9': [], + '10': [], +} def _service_enabled_source(service_info, name): @@ -49,7 +42,7 @@ def _handle_newly_broken_symlinks(symlinks, service_info): def _handle_bad_symlinks(service_files): - install_changed_units = _get_installation_changed_units() + install_changed_units = _INSTALLATION_CHANGED[get_target_major_version()] potentially_bad = [s for s in service_files if s.name in install_changed_units] for unit_file in potentially_bad: diff --git a/repos/system_upgrade/common/libraries/rhui.py b/repos/system_upgrade/common/libraries/rhui.py index 86f74084..51694ac2 100644 --- a/repos/system_upgrade/common/libraries/rhui.py +++ b/repos/system_upgrade/common/libraries/rhui.py @@ -553,6 +553,7 @@ RHUI_CLOUD_MAP = { } +# TODO(mmatuska) deprecate or adjust for 9to10? def get_upg_path(): """ Get upgrade path in specific string format -- 2.42.0