diff --git a/SOURCES/0041-chore-deps-update-dependency-ubuntu-to-v24.patch b/SOURCES/0041-chore-deps-update-dependency-ubuntu-to-v24.patch new file mode 100644 index 0000000..9f95728 --- /dev/null +++ b/SOURCES/0041-chore-deps-update-dependency-ubuntu-to-v24.patch @@ -0,0 +1,25 @@ +From 9c07443b0148139b511bcd52ecac294c86a15826 Mon Sep 17 00:00:00 2001 +From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> +Date: Wed, 16 Oct 2024 09:17:17 +0000 +Subject: [PATCH 41/53] chore(deps): update dependency ubuntu to v24 + +--- + .github/workflows/reuse-copr-build.yml | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/.github/workflows/reuse-copr-build.yml b/.github/workflows/reuse-copr-build.yml +index 3cf06254..c6702e1a 100644 +--- a/.github/workflows/reuse-copr-build.yml ++++ b/.github/workflows/reuse-copr-build.yml +@@ -16,7 +16,7 @@ jobs: + reusable_workflow_copr_build_job: + # This job only runs for '/rerun' pull request comments by owner, member, or collaborator of the repo/organization. + name: Build copr builds for tft tests +- runs-on: ubuntu-22.04 ++ runs-on: ubuntu-24.04 + outputs: + artifacts: ${{ steps.gen_artifacts.outputs.artifacts }} + if: | +-- +2.47.1 + diff --git a/SOURCES/0041-feat-net-naming-scheme-enable-by-default.patch b/SOURCES/0042-feat-net-naming-scheme-enable-by-default.patch similarity index 98% rename from SOURCES/0041-feat-net-naming-scheme-enable-by-default.patch rename to SOURCES/0042-feat-net-naming-scheme-enable-by-default.patch index 9400d4e..e6f33c6 100644 --- a/SOURCES/0041-feat-net-naming-scheme-enable-by-default.patch +++ b/SOURCES/0042-feat-net-naming-scheme-enable-by-default.patch @@ -1,7 +1,7 @@ From 3c3421a0f155fe3bdfaee74c5345e86874684a09 Mon Sep 17 00:00:00 2001 From: Michal Hecko Date: Tue, 19 Nov 2024 10:56:50 +0100 -Subject: [PATCH] feat(net-naming-scheme): enable by default +Subject: [PATCH 42/53] feat(net-naming-scheme): enable by default This commit enables the use of net.naming-scheme for 8>9 upgrades by default. The previously used environmental variablel @@ -70,5 +70,5 @@ index 7a5eeba5..acf72241 100644 monkeypatch.setattr(api, 'produce', produce_mocked()) -- -2.47.0 +2.47.1 diff --git a/SOURCES/0043-Fix-unreadable-output-in-upgrade-log.patch b/SOURCES/0043-Fix-unreadable-output-in-upgrade-log.patch new file mode 100644 index 0000000..78656dd --- /dev/null +++ b/SOURCES/0043-Fix-unreadable-output-in-upgrade-log.patch @@ -0,0 +1,48 @@ +From 1a0183b1a43e42891199efed9bd0891a24224142 Mon Sep 17 00:00:00 2001 +From: David Kubek +Date: Wed, 8 Jan 2025 12:05:57 +0100 +Subject: [PATCH 43/53] Fix unreadable output in upgrade log + +This commit resolves an issue where unwanted escape sequences (e.g., +ANSI codes) appear in the output of certain commands like `dnf` during +upgrades. + +The issue arises because, starting with version 242, `systemd-nspawn` +introduced new pseudo-TTY capabilities (see the `Input/Output Options` +section in `systemd-nspawn(1)`). As a result, commands run within +container may include these escape sequences. + +To address this, pseudo-TTY support is explicitly disabled in +`systemd-nspawn` for upgrades on RHEL9 and later. + +JIRA: RHEL-69829 +--- + repos/system_upgrade/common/libraries/mounting.py | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/repos/system_upgrade/common/libraries/mounting.py b/repos/system_upgrade/common/libraries/mounting.py +index a546e9d0..2eb19d31 100644 +--- a/repos/system_upgrade/common/libraries/mounting.py ++++ b/repos/system_upgrade/common/libraries/mounting.py +@@ -5,7 +5,7 @@ import shutil + from collections import namedtuple + + from leapp.libraries.common.config import get_all_envs +-from leapp.libraries.common.config.version import get_source_major_version ++from leapp.libraries.common.config.version import get_source_major_version, matches_source_version + from leapp.libraries.stdlib import api, CalledProcessError, run + + # Using ALWAYS_BIND will crash the upgrade process if the file does not exist. +@@ -88,6 +88,9 @@ class IsolationType(object): + # in such a case, just add line into the previous solution.. + # TODO: the same about --capability=all + final_cmd += ['--keep-unit', '--capability=all'] ++ if matches_source_version('>= 9.0'): ++ # Disable pseudo-TTY in container ++ final_cmd += ['--pipe'] + return final_cmd + ['-D', self.target] + binds + setenvs + cmd + + class CHROOT(_Implementation): +-- +2.47.1 + diff --git a/SOURCES/0044-Remove-unmaintained-.gitlab-ci.yml-config-file.patch b/SOURCES/0044-Remove-unmaintained-.gitlab-ci.yml-config-file.patch new file mode 100644 index 0000000..43e8e50 --- /dev/null +++ b/SOURCES/0044-Remove-unmaintained-.gitlab-ci.yml-config-file.patch @@ -0,0 +1,53 @@ +From c92dbb41fc3d3c3c77ae33a723ad9f961b8b8215 Mon Sep 17 00:00:00 2001 +From: dosas +Date: Thu, 9 Jan 2025 14:58:54 +0100 +Subject: [PATCH 44/53] Remove unmaintained .gitlab-ci.yml config file + +--- + .gitlab-ci.yml | 34 ---------------------------------- + 1 file changed, 34 deletions(-) + delete mode 100644 .gitlab-ci.yml + +diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml +deleted file mode 100644 +index 24e91dbb..00000000 +--- a/.gitlab-ci.yml ++++ /dev/null +@@ -1,34 +0,0 @@ +-stages: +-- build-initrd +-- build-srpm +-# - build-rpms +- +-build_initrd: +- only: +- - master@leapp/leapp-actors-internal +- stage: build-initrd +- cache: +- key: "${CI_PIPELINE_ID}" +- paths: +- - sources/dracut/upgrade-boot-files.tgz +- script: +- - 'export BASEDIR="$PWD"' +- - helpers/docker/docker-run.sh +- image: docker-registry.engineering.redhat.com/leapp-builds/leapp-initrd-rhel8-build:latest +- +-build_srpm: +- only: +- - master@leapp/leapp-actors-internal +- stage: build-srpm +- dependencies: +- - build_initrd +- cache: +- key: "${CI_PIPELINE_ID}" +- paths: +- - sources/dracut/upgrade-boot-files.tgz +- script: +- - dnf install -y git-core make rpm-build copr-cli +- - export LEAPP_INITRD_SKIP=1 +- - make srpm +- image: fedora:28 +- +-- +2.47.1 + diff --git a/SOURCES/0045-fix-pes_events_scanner-ensure-output-contains-no-dup.patch b/SOURCES/0045-fix-pes_events_scanner-ensure-output-contains-no-dup.patch new file mode 100644 index 0000000..3b46a57 --- /dev/null +++ b/SOURCES/0045-fix-pes_events_scanner-ensure-output-contains-no-dup.patch @@ -0,0 +1,55 @@ +From e10968202016575ed4431f67a09ab7a3aef8dfcc Mon Sep 17 00:00:00 2001 +From: Petr Stodulka +Date: Wed, 18 Sep 2024 00:40:25 +0200 +Subject: [PATCH 45/53] fix(pes_events_scanner): ensure output contains no + duplicates + +RpmTransactionTasks messages have higher priority than instructions +based on PES data. Previously, if multiple such messages existed +with duplicate instructions, this could lead to the crash of +the actor - especially in case when an existing package has been +asked to be removed several times. Ensure the occurance of each +instruction is unique (list -> set). + +jira: RHEL-50076 +--- + .../libraries/pes_events_scanner.py | 17 ++++++++++------- + 1 file changed, 10 insertions(+), 7 deletions(-) + +diff --git a/repos/system_upgrade/common/actors/peseventsscanner/libraries/pes_events_scanner.py b/repos/system_upgrade/common/actors/peseventsscanner/libraries/pes_events_scanner.py +index f5cb2613..a798017f 100644 +--- a/repos/system_upgrade/common/actors/peseventsscanner/libraries/pes_events_scanner.py ++++ b/repos/system_upgrade/common/actors/peseventsscanner/libraries/pes_events_scanner.py +@@ -78,19 +78,22 @@ def get_installed_pkgs(): + + def get_transaction_configuration(): + """ +- Get pkgs to install, keep and remove from the user configuration files in /etc/leapp/transaction/. ++ Get pkgs to install, keep and remove from RpmTransactionTasks messages. + +- These configuration files have higher priority than PES data. +- :return: RpmTransactionTasks model instance ++ Note these messages reflects inputs from various actors and configuration ++ files in /etc/leapp/transaction/. As these are explicit instruction, they ++ have higher priority than instructions from PES data. ++ ++ :return: TransactionConfiguration + """ +- transaction_configuration = TransactionConfiguration(to_install=[], to_remove=[], to_keep=[]) ++ transaction_configuration = TransactionConfiguration(to_install=set(), to_remove=set(), to_keep=set()) + + _Pkg = partial(Package, repository=None, modulestream=None) + + for tasks in api.consume(RpmTransactionTasks): +- transaction_configuration.to_install.extend(_Pkg(name=pkg_name) for pkg_name in tasks.to_install) +- transaction_configuration.to_remove.extend(_Pkg(name=pkg_name) for pkg_name in tasks.to_remove) +- transaction_configuration.to_keep.extend(_Pkg(name=pkg_name) for pkg_name in tasks.to_keep) ++ transaction_configuration.to_install.update(_Pkg(name=pkg_name) for pkg_name in tasks.to_install) ++ transaction_configuration.to_remove.update(_Pkg(name=pkg_name) for pkg_name in tasks.to_remove) ++ transaction_configuration.to_keep.update(_Pkg(name=pkg_name) for pkg_name in tasks.to_keep) + return transaction_configuration + + +-- +2.47.1 + diff --git a/SOURCES/0046-fix-pes_event_scanner-respect-user-s-trasaction-conf.patch b/SOURCES/0046-fix-pes_event_scanner-respect-user-s-trasaction-conf.patch new file mode 100644 index 0000000..cd93f2c --- /dev/null +++ b/SOURCES/0046-fix-pes_event_scanner-respect-user-s-trasaction-conf.patch @@ -0,0 +1,247 @@ +From 49627082e79744d9b7831356f87c71e2e67add03 Mon Sep 17 00:00:00 2001 +From: Michal Hecko +Date: Thu, 31 Oct 2024 18:13:49 +0100 +Subject: [PATCH 46/53] fix(pes_event_scanner): respect user's trasaction + configuration + +Previously, pes_events_scanner used transaction configuration to +only modify the way it initializes event application. As a consequence, +if a user specified to_remove=['pkg'], then the information would +not make it to pes_events_scanner's output. Similar situation would +arise with to_install/to_keep. This patch adds a post-processing to +explicitly add transaction configuration to the result of applying PES +events. +--- + .../libraries/pes_events_scanner.py | 64 +++++++++++++-- + .../tests/test_pes_event_scanner.py | 78 +++++++++++++++---- + 2 files changed, 120 insertions(+), 22 deletions(-) + +diff --git a/repos/system_upgrade/common/actors/peseventsscanner/libraries/pes_events_scanner.py b/repos/system_upgrade/common/actors/peseventsscanner/libraries/pes_events_scanner.py +index a798017f..50336150 100644 +--- a/repos/system_upgrade/common/actors/peseventsscanner/libraries/pes_events_scanner.py ++++ b/repos/system_upgrade/common/actors/peseventsscanner/libraries/pes_events_scanner.py +@@ -470,9 +470,8 @@ def replace_pesids_with_repoids_in_packages(packages, source_pkgs_repoids): + return packages_with_repoid.union(packages_without_pesid) + + +-def apply_transaction_configuration(source_pkgs): ++def apply_transaction_configuration(source_pkgs, transaction_configuration): + source_pkgs_with_conf_applied = set(source_pkgs) +- transaction_configuration = get_transaction_configuration() + + source_pkgs_with_conf_applied = source_pkgs.union(transaction_configuration.to_install) + +@@ -504,6 +503,50 @@ def remove_leapp_related_events(events): + return res + + ++def include_instructions_from_transaction_configuration(rpm_tasks, transaction_configuration, installed_pkgs): ++ """ ++ Extend current rpm_tasks applying data from transaction_configuration ++ ++ :param PESRpmTransactionTasks rpm_tasks: Currently calculated rpm tasks based on PES data. ++ :param TransactionConfiguration transaction_configuration: Tasked configured by user manually. ++ :param set(str) installed_pkgs: Set of distribution signed packages installed on the system. ++ :returns: updated tasks respecting configuration changes made by user ++ :rtype: PESRpmTransactionTasks ++ """ ++ to_install_from_rpm_tasks = set() if not rpm_tasks else set(rpm_tasks.to_install) ++ to_remove_from_rpm_tasks = set() if not rpm_tasks else set(rpm_tasks.to_remove) ++ to_keep_from_rpm_tasks = set() if not rpm_tasks else set(rpm_tasks.to_keep) ++ ++ # We don't want to try removing packages that are not installed - include only installed ones ++ installed_pkgs_requested_to_be_removed = transaction_configuration.to_remove.intersection(installed_pkgs) ++ pkgs_names_to_extend_to_remove_with = set(pkg.name for pkg in installed_pkgs_requested_to_be_removed) ++ ++ # Add packages to 'to_install' only if they are not already requested to be installed by rpm_tasks ++ pkgs_names_requested_to_be_installed = set(pkg.name for pkg in transaction_configuration.to_install) ++ to_install_pkgs_names_missing_from_tasks = pkgs_names_requested_to_be_installed - to_install_from_rpm_tasks ++ ++ pkg_names_user_wants_to_keep = {pkg.name for pkg in transaction_configuration.to_keep} ++ ++ # Remove packages that were requested by rpm_tasks or by user, but exclude those that should be kept ++ new_to_remove_set = (to_remove_from_rpm_tasks | pkgs_names_to_extend_to_remove_with) - pkg_names_user_wants_to_keep ++ new_to_remove_list = sorted(new_to_remove_set) ++ ++ new_to_install_list = sorted(to_install_from_rpm_tasks | to_install_pkgs_names_missing_from_tasks) ++ new_to_keep_list = sorted(to_keep_from_rpm_tasks | pkg_names_user_wants_to_keep) ++ ++ if not any((new_to_remove_list, new_to_keep_list, new_to_install_list)): # Are all empty? ++ return rpm_tasks # We do not modify the original tasks ++ ++ modules_to_enable = rpm_tasks.modules_to_enable if rpm_tasks else [] ++ modules_to_reset = rpm_tasks.modules_to_reset if rpm_tasks else [] ++ ++ return PESRpmTransactionTasks(to_install=new_to_install_list, ++ to_remove=new_to_remove_list, ++ to_keep=new_to_keep_list, ++ modules_to_enable=modules_to_enable, ++ modules_to_reset=modules_to_reset) ++ ++ + def process(): + # Retrieve data - installed_pkgs, transaction configuration, pes events + events = get_pes_events('/etc/leapp/files', 'pes-events.json') +@@ -511,24 +554,27 @@ def process(): + return + + releases = get_relevant_releases(events) +- source_pkgs = get_installed_pkgs() +- source_pkgs = apply_transaction_configuration(source_pkgs) ++ installed_pkgs = get_installed_pkgs() ++ transaction_configuration = get_transaction_configuration() ++ pkgs_to_begin_computation_with = apply_transaction_configuration(installed_pkgs, transaction_configuration) + + # Keep track of what repoids have the source packages to be able to determine what are the PESIDs of the computed + # packages of the target system, so we can distinguish what needs to be repomapped +- repoids_of_source_pkgs = {pkg.repository for pkg in source_pkgs} ++ repoids_of_source_pkgs = {pkg.repository for pkg in pkgs_to_begin_computation_with} + + events = remove_leapp_related_events(events) + events = remove_undesired_events(events, releases) + + # Apply events - compute what packages should the target system have +- target_pkgs, pkgs_to_demodularize = compute_packages_on_target_system(source_pkgs, events, releases) ++ target_pkgs, pkgs_to_demodularize = compute_packages_on_target_system(pkgs_to_begin_computation_with, ++ events, releases) + + # Packages coming out of the events have PESID as their repository, however, we need real repoid + target_pkgs = replace_pesids_with_repoids_in_packages(target_pkgs, repoids_of_source_pkgs) + + # Apply the desired repository blacklisting +- blacklisted_repoids, target_pkgs = remove_new_packages_from_blacklisted_repos(source_pkgs, target_pkgs) ++ blacklisted_repoids, target_pkgs = remove_new_packages_from_blacklisted_repos(pkgs_to_begin_computation_with, ++ target_pkgs) + + # Look at the target packages and determine what repositories to enable + target_repoids = sorted(set(p.repository for p in target_pkgs) - blacklisted_repoids - repoids_of_source_pkgs) +@@ -536,6 +582,8 @@ def process(): + api.produce(repos_to_enable) + + # Compare the packages on source system and the computed packages on target system and determine what to install +- rpm_tasks = compute_rpm_tasks_from_pkg_set_diff(source_pkgs, target_pkgs, pkgs_to_demodularize) ++ rpm_tasks = compute_rpm_tasks_from_pkg_set_diff(pkgs_to_begin_computation_with, target_pkgs, pkgs_to_demodularize) ++ rpm_tasks = include_instructions_from_transaction_configuration(rpm_tasks, transaction_configuration, ++ installed_pkgs) + if rpm_tasks: + api.produce(rpm_tasks) +diff --git a/repos/system_upgrade/common/actors/peseventsscanner/tests/test_pes_event_scanner.py b/repos/system_upgrade/common/actors/peseventsscanner/tests/test_pes_event_scanner.py +index 80ece770..9a499baa 100644 +--- a/repos/system_upgrade/common/actors/peseventsscanner/tests/test_pes_event_scanner.py ++++ b/repos/system_upgrade/common/actors/peseventsscanner/tests/test_pes_event_scanner.py +@@ -9,9 +9,7 @@ from leapp.libraries.actor.pes_events_scanner import ( + api, + compute_packages_on_target_system, + compute_rpm_tasks_from_pkg_set_diff, +- get_installed_pkgs, + Package, +- process, + reporting, + TransactionConfiguration + ) +@@ -27,8 +25,8 @@ from leapp.models import ( + RepositoriesSetupTasks, + RepositoryData, + RepositoryFile, +- RHUIInfo, +- RPM ++ RPM, ++ RpmTransactionTasks + ) + + +@@ -286,17 +284,14 @@ def test_actor_performs(monkeypatch): + def test_transaction_configuration_has_effect(monkeypatch): + _Pkg = partial(Package, repository=None, modulestream=None) + +- def mocked_transaction_conf(): +- return TransactionConfiguration( +- to_install=[_Pkg('pkg-a'), _Pkg('pkg-b')], +- to_remove=[_Pkg('pkg-c'), _Pkg('pkg-d')], +- to_keep=[] +- ) +- +- monkeypatch.setattr(pes_events_scanner, 'get_transaction_configuration', mocked_transaction_conf) ++ transaction_cfg = TransactionConfiguration( ++ to_install=[_Pkg('pkg-a'), _Pkg('pkg-b')], ++ to_remove=[_Pkg('pkg-c'), _Pkg('pkg-d')], ++ to_keep=[] ++ ) + + packages = {_Pkg('pkg-a'), _Pkg('pkg-c')} +- _result = pes_events_scanner.apply_transaction_configuration(packages) ++ _result = pes_events_scanner.apply_transaction_configuration(packages, transaction_cfg) + result = {(p.name, p.repository, p.modulestream) for p in _result} + expected = {('pkg-a', None, None), ('pkg-b', None, None)} + +@@ -340,7 +335,7 @@ def test_blacklisted_repoid_is_not_produced(monkeypatch): + + monkeypatch.setattr(pes_events_scanner, 'get_installed_pkgs', lambda: installed_pkgs) + monkeypatch.setattr(pes_events_scanner, 'get_pes_events', lambda folder, filename: events) +- monkeypatch.setattr(pes_events_scanner, 'apply_transaction_configuration', lambda pkgs: pkgs) ++ monkeypatch.setattr(pes_events_scanner, 'apply_transaction_configuration', lambda pkgs, transaction_cfg: pkgs) + monkeypatch.setattr(pes_events_scanner, 'get_blacklisted_repoids', lambda: {'blacklisted-rhel8'}) + monkeypatch.setattr(pes_events_scanner, 'replace_pesids_with_repoids_in_packages', + lambda pkgs, src_pkgs_repoids: pkgs) +@@ -475,3 +470,58 @@ def test_remove_leapp_related_events(monkeypatch): + + out_events = pes_events_scanner.remove_leapp_related_events(in_events) + assert out_events == expected_out_events ++ ++ ++def test_transaction_configuration_is_applied(monkeypatch): ++ installed_pkgs = { ++ Package(name='moved-in', repository='rhel7-base', modulestream=None), ++ Package(name='split-in', repository='rhel7-base', modulestream=None), ++ Package(name='pkg-not-in-events', repository='rhel7-base', modulestream=None), ++ } ++ monkeypatch.setattr(pes_events_scanner, 'get_installed_pkgs', lambda *args, **kwags: installed_pkgs) ++ ++ Pkg = partial(Package, modulestream=None) ++ events = [ ++ Event(1, Action.SPLIT, ++ {Pkg('split-in', 'rhel7-base')}, ++ {Pkg('split-out0', 'rhel8-BaseOS'), Pkg('split-out1', 'rhel8-BaseOS')}, ++ (7, 9), (8, 0), []), ++ Event(3, Action.MOVED, ++ {Pkg('moved-in', 'rhel7-base')}, {Pkg('moved-out', 'rhel8-BaseOS')}, ++ (7, 9), (8, 0), []), ++ ] ++ monkeypatch.setattr(pes_events_scanner, 'get_pes_events', lambda *args, **kwargs: events) ++ monkeypatch.setattr(pes_events_scanner, 'remove_leapp_related_events', lambda events: events) ++ monkeypatch.setattr(pes_events_scanner, 'remove_undesired_events', lambda events, releases: events) ++ monkeypatch.setattr(pes_events_scanner, '_get_enabled_modules', lambda *args: []) ++ monkeypatch.setattr(pes_events_scanner, 'replace_pesids_with_repoids_in_packages', ++ lambda target_pkgs, repoids_of_source_pkgs: target_pkgs) ++ monkeypatch.setattr(pes_events_scanner, ++ 'remove_new_packages_from_blacklisted_repos', ++ lambda source_pkgs, target_pkgs: (set(), target_pkgs)) ++ ++ msgs = [ ++ RpmTransactionTasks(to_remove=['pkg-not-in-events']), ++ RpmTransactionTasks(to_remove=['pkg-not-in-events', 'pkg-not-in-events']), ++ RpmTransactionTasks(to_install=['pkg-to-install']), ++ RpmTransactionTasks(to_keep=['keep-me']), ++ ] ++ mocked_actor = CurrentActorMocked(arch='x86_64', src_ver='7.9', dst_ver='8.8', msgs=msgs) ++ monkeypatch.setattr(api, 'current_actor', mocked_actor) ++ ++ monkeypatch.setattr(api, 'produce', produce_mocked()) ++ ++ pes_events_scanner.process() ++ ++ assert api.produce.called == 2 ++ ++ produced_rpm_transaction_tasks = [ ++ msg for msg in api.produce.model_instances if isinstance(msg, PESRpmTransactionTasks) ++ ] ++ ++ assert len(produced_rpm_transaction_tasks) == 1 ++ rpm_transaction_tasks = produced_rpm_transaction_tasks[0] ++ # It is important to see 'pkg-not-in-events' in the list - if the user says remove pkg A, we really remove it ++ assert sorted(rpm_transaction_tasks.to_remove) == ['moved-in', 'pkg-not-in-events', 'split-in'] ++ assert sorted(rpm_transaction_tasks.to_install) == ['moved-out', 'pkg-to-install', 'split-out0', 'split-out1'] ++ assert sorted(rpm_transaction_tasks.to_keep) == ['keep-me'] +-- +2.47.1 + diff --git a/SOURCES/0047-IPU-9-10-obsolete-GPG-key-with-SHA1-signature.patch b/SOURCES/0047-IPU-9-10-obsolete-GPG-key-with-SHA1-signature.patch new file mode 100644 index 0000000..2bf306e --- /dev/null +++ b/SOURCES/0047-IPU-9-10-obsolete-GPG-key-with-SHA1-signature.patch @@ -0,0 +1,36 @@ +From 75b8b96f8b7b6705fe52135dab32cc6c8d886db3 Mon Sep 17 00:00:00 2001 +From: Petr Stodulka +Date: Fri, 10 Jan 2025 15:16:05 +0100 +Subject: [PATCH 47/53] IPU 9 -> 10: obsolete GPG key with SHA1 signature + +When upgrading to RHEL 10, we have analogical problem as we had for +IPU 8 -> 9 due to GPG keys with SHA1 signatures. The SHA1 algorithm +is considered unsecure since RHEL 9 and all RPMs are required to be +signed by keys with SHA2 signatures. The RHEL 9 GPG (auxiliary) key +is unfortunately still signed with SHA1 and RHEL 10 tooling refuse +to use it for any operations. + +To resolve this apply the same solution as we did in the past: +* obsolete original key +* install the target RHEL 10 GPG keys during the upgrade + +jira: RHEL-71517 +--- + .../system_upgrade/common/files/distro/rhel/gpg-signatures.json | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/repos/system_upgrade/common/files/distro/rhel/gpg-signatures.json b/repos/system_upgrade/common/files/distro/rhel/gpg-signatures.json +index 8a5471a8..3cc67f82 100644 +--- a/repos/system_upgrade/common/files/distro/rhel/gpg-signatures.json ++++ b/repos/system_upgrade/common/files/distro/rhel/gpg-signatures.json +@@ -14,6 +14,6 @@ + "gpg-pubkey-db42a60e-37ea5438" + ], + "9": ["gpg-pubkey-d4082792-5b32db75"], +- "10": [] ++ "10": ["gpg-pubkey-fd431d51-4ae0493b"] + } + } +-- +2.47.1 + diff --git a/SOURCES/0048-Fix-storage-scanner-parsing-error.patch b/SOURCES/0048-Fix-storage-scanner-parsing-error.patch new file mode 100644 index 0000000..10b474c --- /dev/null +++ b/SOURCES/0048-Fix-storage-scanner-parsing-error.patch @@ -0,0 +1,49 @@ +From d183370047ab5ef139825dfce7a1b4d6f987092f Mon Sep 17 00:00:00 2001 +From: tomasfratrik +Date: Fri, 28 Jun 2024 14:27:41 +0200 +Subject: [PATCH 48/53] Fix storage scanner parsing error + +Fix storagescanner actor crash when parsing the output of, +e.g., 'pvs -a', which used ':' as a separator and caused errors. +The issue occurred because separator ':' is used to split the outputs of executed commands. +This commit resolves the problem by changing the separator to '|'. + +Jira: RHEL-34570 +--- + .../actors/storagescanner/libraries/storagescanner.py | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/repos/system_upgrade/common/actors/storagescanner/libraries/storagescanner.py b/repos/system_upgrade/common/actors/storagescanner/libraries/storagescanner.py +index cad6bd32..cae38731 100644 +--- a/repos/system_upgrade/common/actors/storagescanner/libraries/storagescanner.py ++++ b/repos/system_upgrade/common/actors/storagescanner/libraries/storagescanner.py +@@ -206,7 +206,7 @@ def _get_lsblk_info(): + @aslist + def _get_pvs_info(): + """ Collect storage info from pvs command """ +- for entry in _get_cmd_output(['pvs', '--noheadings', '--separator', r':'], ':', 6): ++ for entry in _get_cmd_output(['pvs', '--noheadings', '--separator', r'|'], '|', 6): + pv, vg, fmt, attr, psize, pfree = entry + yield PvsEntry( + pv=pv, +@@ -220,7 +220,7 @@ def _get_pvs_info(): + @aslist + def _get_vgs_info(): + """ Collect storage info from vgs command """ +- for entry in _get_cmd_output(['vgs', '--noheadings', '--separator', r':'], ':', 7): ++ for entry in _get_cmd_output(['vgs', '--noheadings', '--separator', r'|'], '|', 7): + vg, pv, lv, sn, attr, vsize, vfree = entry + yield VgsEntry( + vg=vg, +@@ -235,7 +235,7 @@ def _get_vgs_info(): + @aslist + def _get_lvdisplay_info(): + """ Collect storage info from lvdisplay command """ +- for entry in _get_cmd_output(['lvdisplay', '-C', '--noheadings', '--separator', r':'], ':', 12): ++ for entry in _get_cmd_output(['lvdisplay', '-C', '--noheadings', '--separator', r'|'], '|', 12): + lv, vg, attr, lsize, pool, origin, data, meta, move, log, cpy_sync, convert = entry + yield LvdisplayEntry( + lv=lv, +-- +2.47.1 + diff --git a/SOURCES/0049-Use-sysinit-when-calling-vgchange-from-mount_usr.sh.patch b/SOURCES/0049-Use-sysinit-when-calling-vgchange-from-mount_usr.sh.patch new file mode 100644 index 0000000..2e129dc --- /dev/null +++ b/SOURCES/0049-Use-sysinit-when-calling-vgchange-from-mount_usr.sh.patch @@ -0,0 +1,54 @@ +From a46f20841ef32b9de23553591dd7ae8ff5150eff Mon Sep 17 00:00:00 2001 +From: "Bryn M. Reeves" +Date: Tue, 14 Jan 2025 19:57:37 +0000 +Subject: [PATCH 49/53] Use --sysinit when calling vgchange from mount_usr.sh + +The mount_usr.sh script runs 'lvm vgchange': if there are logical +volumes present that require monitoring (snapshots, thin pools, RAID, +etc.) the command will attempt to launch dmeventd. + +Since dmeventd is not installed in the dracut initramfs this produces a +warning and causes the lvm command to exit with non-zero exit status +even though the volume group has been activated and LV block devices are +available. + +This in turn triggers the retry logic in mount_usr.sh: once the retries +are exhausted the script carries on and successfully initiates the +upgrade process. + +The --sysinit switch is used by the LVM dracut modules for this reason. +From vgchange(8): + + --sysinit + Indicates that vgchange/lvchange is being invoked from early + system initialisation scripts (e.g. rc.sysinit or an initrd), + before writable filesystems are available. As such, some + functionality needs to be disabled and this option acts as a + shortcut which selects an appropriate set of options. Currently, + this is equivalent to using --ignorelockingfailure, + --ignoremonitoring, --poll n, and setting env var + LVM_SUPPRESS_LOCKING_FAILURE_MESSAGES. vgchange/lvchange skip + autoactivation, and defer to pvscan autoactivation. + +Testing with this change I no longer see the long delay booting the +upgrade initramfs when snapshot LVs are present. +--- + .../files/dracut/85sys-upgrade-redhat/mount_usr.sh | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/repos/system_upgrade/common/actors/commonleappdracutmodules/files/dracut/85sys-upgrade-redhat/mount_usr.sh b/repos/system_upgrade/common/actors/commonleappdracutmodules/files/dracut/85sys-upgrade-redhat/mount_usr.sh +index 84f4857d..9366ac13 100755 +--- a/repos/system_upgrade/common/actors/commonleappdracutmodules/files/dracut/85sys-upgrade-redhat/mount_usr.sh ++++ b/repos/system_upgrade/common/actors/commonleappdracutmodules/files/dracut/85sys-upgrade-redhat/mount_usr.sh +@@ -107,7 +107,7 @@ try_to_mount_usr() { + + # In case we have the LVM command available try make it activate all partitions + if command -v lvm 2>/dev/null 1>/dev/null; then +- lvm vgchange -a y || { ++ lvm vgchange --sysinit -a y || { + warn "Detected problem when tried to activate LVM VG." + if [ "$_last_attempt" != "true" ]; then + # this is not last execution, retry +-- +2.47.1 + diff --git a/SOURCES/0050-redhatsignedrpmcheck-Add-remediation-hint-and-URL.patch b/SOURCES/0050-redhatsignedrpmcheck-Add-remediation-hint-and-URL.patch new file mode 100644 index 0000000..6aa9ac7 --- /dev/null +++ b/SOURCES/0050-redhatsignedrpmcheck-Add-remediation-hint-and-URL.patch @@ -0,0 +1,67 @@ +From 246405173d8ff633e180f0c5f3d4bd8117ea852d Mon Sep 17 00:00:00 2001 +From: Petr Stodulka +Date: Fri, 10 Jan 2025 22:46:02 +0100 +Subject: [PATCH 50/53] redhatsignedrpmcheck: Add remediation hint and URL + +Users do not have an idea what they should do about the third party +packages - and quite often they do not understand the report itself. +Adding the remediation hint with a link to related KB solution to +help them to understand what they can do about this. + +Note the actor needs significant changes to cover also other non-RHEL +distributions. I decided to keep the change simple and resolve that +in a follow up when we enable upgrades on other distributions as well. + +jira: RHEL-44596 +--- + .../libraries/redhatsignedrpmcheck.py | 23 ++++++++++++++++--- + 1 file changed, 20 insertions(+), 3 deletions(-) + +diff --git a/repos/system_upgrade/common/actors/redhatsignedrpmcheck/libraries/redhatsignedrpmcheck.py b/repos/system_upgrade/common/actors/redhatsignedrpmcheck/libraries/redhatsignedrpmcheck.py +index efdb8f40..14ade534 100644 +--- a/repos/system_upgrade/common/actors/redhatsignedrpmcheck/libraries/redhatsignedrpmcheck.py ++++ b/repos/system_upgrade/common/actors/redhatsignedrpmcheck/libraries/redhatsignedrpmcheck.py +@@ -3,8 +3,6 @@ from leapp.libraries.stdlib import api + from leapp.libraries.stdlib.config import is_verbose + from leapp.models import InstalledUnsignedRPM + +-COMMON_REPORT_TAGS = [reporting.Groups.SANITY] +- + + def generate_report(packages): + """ Generate a report if there are unsigned packages installed on the system """ +@@ -16,11 +14,30 @@ def generate_report(packages): + ' and may be removed during the upgrade process in case Red Hat-signed' + ' packages to be removed during the upgrade depend on them:\n{}' + .format(unsigned_packages_new_line)) ++ hint = ( ++ 'The most simple solution that does not require additional knowledge' ++ ' about the upgrade process' ++ ' is the uninstallation of such packages before the upgrade and' ++ ' installing these (or their newer versions compatible with the target' ++ ' system) back after the upgrade. Also you can just try to upgrade the' ++ ' system on a testing machine (or after the full system backup) to see' ++ ' the result.\n' ++ 'However, it is common use case to migrate or upgrade installed third' ++ ' party packages together with the system during the in-place upgrade' ++ ' process. To examine how to customize the process to deal with such' ++ ' packages, follow the documentation in the attached link' ++ ' for more details.' ++ ) + reporting.create_report([ + reporting.Title(title), + reporting.Summary(summary), + reporting.Severity(reporting.Severity.HIGH), +- reporting.Groups(COMMON_REPORT_TAGS) ++ reporting.Groups([reporting.Groups.SANITY]), ++ reporting.Remediation(hint=hint), ++ reporting.ExternalLink( ++ url='https://red.ht/customize-rhel-upgrade-actors', ++ title='Handling the migration of your custom and third-party applications' ++ ) + ]) + + if is_verbose(): +-- +2.47.1 + diff --git a/SOURCES/0051-Update-postgresqlcheck.py.patch b/SOURCES/0051-Update-postgresqlcheck.py.patch new file mode 100644 index 0000000..07cb44d --- /dev/null +++ b/SOURCES/0051-Update-postgresqlcheck.py.patch @@ -0,0 +1,28 @@ +From fb4131a6c05e26060ab8b49a39a64047d9f2b691 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Filip=20Janu=C5=A1?= +Date: Thu, 21 Nov 2024 11:30:56 +0100 +Subject: [PATCH 51/53] Update postgresqlcheck.py + +Improve the report to clarify the upgrade path for already upgraded PostgreSQL +--- + .../actors/postgresqlcheck/libraries/postgresqlcheck.py | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/repos/system_upgrade/el8toel9/actors/postgresqlcheck/libraries/postgresqlcheck.py b/repos/system_upgrade/el8toel9/actors/postgresqlcheck/libraries/postgresqlcheck.py +index 42519aaf..68997ef4 100644 +--- a/repos/system_upgrade/el8toel9/actors/postgresqlcheck/libraries/postgresqlcheck.py ++++ b/repos/system_upgrade/el8toel9/actors/postgresqlcheck/libraries/postgresqlcheck.py +@@ -7,8 +7,9 @@ from leapp.models import DistributionSignedRPM + report_server_inst_summary = ( + 'PostgreSQL server component will be upgraded. Since RHEL-9 includes' + ' PostgreSQL server 13 by default, which is incompatible with 9.6, 10 and 12' +- ' included in RHEL-8, it is necessary to proceed with additional steps' ++ ' included in RHEL-8, in those cases, it is necessary to proceed with additional steps' + ' for the complete upgrade of the PostgreSQL data.' ++ 'If the database has already been upgraded, then no further actions are required.' + ) + + report_server_inst_hint = ( +-- +2.47.1 + diff --git a/SOURCES/0052-Update-repos-system_upgrade-el8toel9-actors-postgres.patch b/SOURCES/0052-Update-repos-system_upgrade-el8toel9-actors-postgres.patch new file mode 100644 index 0000000..dda9741 --- /dev/null +++ b/SOURCES/0052-Update-repos-system_upgrade-el8toel9-actors-postgres.patch @@ -0,0 +1,30 @@ +From 724e0527f394f06f1bcbef42d6b3384d29b672f3 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Filip=20Janu=C5=A1?= +Date: Thu, 21 Nov 2024 11:39:08 +0100 +Subject: [PATCH 52/53] Update + repos/system_upgrade/el8toel9/actors/postgresqlcheck/libraries/postgresqlcheck.py +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Co-authored-by: Petr Stodůlka +--- + .../actors/postgresqlcheck/libraries/postgresqlcheck.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/repos/system_upgrade/el8toel9/actors/postgresqlcheck/libraries/postgresqlcheck.py b/repos/system_upgrade/el8toel9/actors/postgresqlcheck/libraries/postgresqlcheck.py +index 68997ef4..eefe583b 100644 +--- a/repos/system_upgrade/el8toel9/actors/postgresqlcheck/libraries/postgresqlcheck.py ++++ b/repos/system_upgrade/el8toel9/actors/postgresqlcheck/libraries/postgresqlcheck.py +@@ -9,7 +9,7 @@ report_server_inst_summary = ( + ' PostgreSQL server 13 by default, which is incompatible with 9.6, 10 and 12' + ' included in RHEL-8, in those cases, it is necessary to proceed with additional steps' + ' for the complete upgrade of the PostgreSQL data.' +- 'If the database has already been upgraded, then no further actions are required.' ++ 'If the database has already been upgraded, meaning the system is already using PostgreSQL 13, then no further actions are required.' + ) + + report_server_inst_hint = ( +-- +2.47.1 + diff --git a/SOURCES/0053-Fix-remediation-message-in-the-networkdeprecations-a.patch b/SOURCES/0053-Fix-remediation-message-in-the-networkdeprecations-a.patch new file mode 100644 index 0000000..dddfce2 --- /dev/null +++ b/SOURCES/0053-Fix-remediation-message-in-the-networkdeprecations-a.patch @@ -0,0 +1,27 @@ +From bd6e7597c8a125479345c07f2901ecc505218b37 Mon Sep 17 00:00:00 2001 +From: Beniamino Galvani +Date: Wed, 15 Jan 2025 17:57:20 +0100 +Subject: [PATCH 53/53] Fix remediation message in the networkdeprecations + actor + +The message should suggest to remove "dhclient", not "internal". +--- + .../el9toel10/actors/networkdeprecations/actor.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/repos/system_upgrade/el9toel10/actors/networkdeprecations/actor.py b/repos/system_upgrade/el9toel10/actors/networkdeprecations/actor.py +index 94868476..d1d58511 100644 +--- a/repos/system_upgrade/el9toel10/actors/networkdeprecations/actor.py ++++ b/repos/system_upgrade/el9toel10/actors/networkdeprecations/actor.py +@@ -25,7 +25,7 @@ class CheckNetworkDeprecations9to10(Actor): + summary = ('NetworkManager is configured to use the "dhclient" DHCP module.' + ' In Red Hat Enterprise Linux 10, this setting will be ignored' + ' along with any dhcp-client specific configuration.') +- remediation = ('Remove "dhcp=internal" line from "[main]" section from all' ++ remediation = ('Remove "dhcp=dhclient" line from "[main]" section from all' + ' configuration files in "/etc/NetworkManager". Review' + ' configuration in "/etc/dhcp", which will be ignored.') + reporting.create_report([ +-- +2.47.1 + diff --git a/SPECS/leapp-repository.spec b/SPECS/leapp-repository.spec index af2fa3b..289e7fe 100644 --- a/SPECS/leapp-repository.spec +++ b/SPECS/leapp-repository.spec @@ -52,7 +52,7 @@ py2_byte_compile "%1" "%2"} Name: leapp-repository Version: 0.21.0 -Release: 4%{?dist} +Release: 5%{?dist} Summary: Repositories for leapp License: ASL 2.0 @@ -105,7 +105,19 @@ Patch0037: 0037-testutils-add-support-for-configs.patch Patch0038: 0038-userspacegen-rhui-remove-repofiles-only-if-now-owned.patch Patch0039: 0039-Enable-IPU-for-EL-9.6-and-drop-EL-8.8-9.2.patch Patch0040: 0040-spec-drop-the-etc-leapp-actor_confid.d-dir.patch -Patch0041: 0041-feat-net-naming-scheme-enable-by-default.patch +Patch0041: 0041-chore-deps-update-dependency-ubuntu-to-v24.patch +Patch0042: 0042-feat-net-naming-scheme-enable-by-default.patch +Patch0043: 0043-Fix-unreadable-output-in-upgrade-log.patch +Patch0044: 0044-Remove-unmaintained-.gitlab-ci.yml-config-file.patch +Patch0045: 0045-fix-pes_events_scanner-ensure-output-contains-no-dup.patch +Patch0046: 0046-fix-pes_event_scanner-respect-user-s-trasaction-conf.patch +Patch0047: 0047-IPU-9-10-obsolete-GPG-key-with-SHA1-signature.patch +Patch0048: 0048-Fix-storage-scanner-parsing-error.patch +Patch0049: 0049-Use-sysinit-when-calling-vgchange-from-mount_usr.sh.patch +Patch0050: 0050-redhatsignedrpmcheck-Add-remediation-hint-and-URL.patch +Patch0051: 0051-Update-postgresqlcheck.py.patch +Patch0052: 0052-Update-repos-system_upgrade-el8toel9-actors-postgres.patch +Patch0053: 0053-Fix-remediation-message-in-the-networkdeprecations-a.patch %description @@ -315,6 +327,18 @@ Requires: libdb-utils %patch -P 0039 -p1 %patch -P 0040 -p1 %patch -P 0041 -p1 +%patch -P 0042 -p1 +%patch -P 0043 -p1 +%patch -P 0044 -p1 +%patch -P 0045 -p1 +%patch -P 0046 -p1 +%patch -P 0047 -p1 +%patch -P 0048 -p1 +%patch -P 0049 -p1 +%patch -P 0050 -p1 +%patch -P 0051 -p1 +%patch -P 0052 -p1 +%patch -P 0053 -p1 %build @@ -396,6 +420,14 @@ done; # no files here %changelog +* Fri Jan 17 2025 Petr Stodulka - 0.21.0-5 +- Fix pes events scanner crashing when there are duplicate packages in the received instructions +- Fix pes events scanner not respecting user’s transaction configuration +- Fix storage scanner crashing when command outputs contain colon character +- Activate LVM VGs with `--sysinit` option to correct the use in the upgrade initramfs +- Minor improvements in preupgrade reports +- Resolves: RHEL-67621, RHEL-34570, RHEL-44596, RHEL-50076 + * Tue Nov 19 2024 Matej Matuska - 0.21.0-4 - Use net.naming-scheme by default - Resolves: RHEL-23473