From ca41224a54f0895e743049e3c8abc02f1b10b112 Mon Sep 17 00:00:00 2001 From: Yuriy Kohut Date: Fri, 28 Nov 2025 11:41:35 +0200 Subject: [PATCH] Update Vendors patch against upstream eabab8c496a7d6a76ff1aa0d7e34b0345530e30a (0.23.0-1) The package version 0.23.0-1.elevate.5 --- SOURCES/leapp-repository-0.23.0-elevate.patch | 750 ++++++++++++++++-- SPECS/leapp-repository.spec | 5 +- 2 files changed, 704 insertions(+), 51 deletions(-) diff --git a/SOURCES/leapp-repository-0.23.0-elevate.patch b/SOURCES/leapp-repository-0.23.0-elevate.patch index 8b17bfc..8d2040d 100644 --- a/SOURCES/leapp-repository-0.23.0-elevate.patch +++ b/SOURCES/leapp-repository-0.23.0-elevate.patch @@ -24,6 +24,19 @@ index e1bafb93..6c81713c 100644 with: fetch-depth: 0 +diff --git a/.github/workflows/pr-welcome-msg.yml b/.github/workflows/pr-welcome-msg.yml +index f056fb79..4c12ab2a 100644 +--- a/.github/workflows/pr-welcome-msg.yml ++++ b/.github/workflows/pr-welcome-msg.yml +@@ -14,7 +14,7 @@ jobs: + runs-on: ubuntu-latest + steps: + - name: Create comment +- uses: peter-evans/create-or-update-comment@v4 ++ uses: peter-evans/create-or-update-comment@v5 + with: + issue-number: ${{ github.event.pull_request.number }} + body: | diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml index ed82e0e5..d1b8fb2a 100644 --- a/.github/workflows/unit-tests.yml @@ -4547,7 +4560,7 @@ index 647e7b44..735144f8 100644 +def get_available_target_distro_ids(): + return [member.value for member in DistroIDs] diff --git a/commands/preupgrade/__init__.py b/commands/preupgrade/__init__.py -index 6443bd8a..8ddfcd8a 100644 +index 6443bd8a..29b10c0f 100644 --- a/commands/preupgrade/__init__.py +++ b/commands/preupgrade/__init__.py @@ -26,7 +26,7 @@ from leapp.utils.output import beautify_actor_exception, report_errors, report_i @@ -4559,7 +4572,7 @@ index 6443bd8a..8ddfcd8a 100644 @command_opt('no-rhsm-facts', is_flag=True, help='Do not store migration information using Red Hat ' 'Subscription Manager. Automatically implied by --no-rhsm.') @command_opt('enablerepo', action='append', metavar='', -@@ -36,8 +36,20 @@ from leapp.utils.output import beautify_actor_exception, report_errors, report_i +@@ -36,8 +36,21 @@ from leapp.utils.output import beautify_actor_exception, report_errors, report_i choices=['ga', 'e4s', 'eus', 'aus'], value_type=str.lower) # This allows the choices to be case insensitive @command_opt('iso', help='Use provided target RHEL installation image to perform the in-place upgrade.') @@ -4570,6 +4583,7 @@ index 6443bd8a..8ddfcd8a 100644 + help='Specify RHEL version to upgrade to for {} detected upgrade flavour'.format( + command_utils.get_upgrade_flavour() + ), ++ aliases=['target-version'], + dest='target_version', +) +@command_opt( @@ -4703,7 +4717,7 @@ index 89b5eb71..773cdf1c 100644 diff --git a/commands/upgrade/__init__.py b/commands/upgrade/__init__.py -index 36be0719..7d7ec7ed 100644 +index 36be0719..31d247df 100644 --- a/commands/upgrade/__init__.py +++ b/commands/upgrade/__init__.py @@ -32,7 +32,7 @@ from leapp.utils.output import beautify_actor_exception, report_errors, report_i @@ -4715,7 +4729,7 @@ index 36be0719..7d7ec7ed 100644 @command_opt('no-rhsm-facts', is_flag=True, help='Do not store migration information using Red Hat ' 'Subscription Manager. Automatically implied by --no-rhsm.') @command_opt('enablerepo', action='append', metavar='', -@@ -42,8 +42,20 @@ from leapp.utils.output import beautify_actor_exception, report_errors, report_i +@@ -42,8 +42,21 @@ from leapp.utils.output import beautify_actor_exception, report_errors, report_i choices=['ga', 'e4s', 'eus', 'aus'], value_type=str.lower) # This allows the choices to be case insensitive @command_opt('iso', help='Use provided target RHEL installation image to perform the in-place upgrade.') @@ -4726,6 +4740,7 @@ index 36be0719..7d7ec7ed 100644 + help='Specify RHEL version to upgrade to for {} detected upgrade flavour'.format( + command_utils.get_upgrade_flavour() + ), ++ aliases=['target-version'], + dest='target_version', +) +@command_opt( @@ -4849,6 +4864,210 @@ index a042ba4a..72d00634 100644 + +#### LEAPP_DEVEL_TARGET_OS +Change the target OS. This is similar to the --target-os CLI option except there is no restriction on what values can be passed in. This can be used when developing conversions to a yet unsupported target OS. +diff --git a/docs/source/contrib-and-devel-guidelines.md b/docs/source/contributing/coding-guidelines.md +similarity index 68% +rename from docs/source/contrib-and-devel-guidelines.md +rename to docs/source/contributing/coding-guidelines.md +index 3229c8a4..d06d0200 100644 +--- a/docs/source/contrib-and-devel-guidelines.md ++++ b/docs/source/contributing/coding-guidelines.md +@@ -1,5 +1,4 @@ +-# Contribution and development guidelines +-## Code guidelines ++# Coding guidelines + + Your code should follow the [Python Coding Guidelines](https://leapp.readthedocs.io/en/latest/contributing.html#follow-python-coding-guidelines) used for the leapp project. On top of these rules follow instructions + below. +@@ -84,53 +83,3 @@ guaranteed to exist and executable. + The use of the {py:mod}`subprocess` library is forbidden in leapp repositories. + Use of the library would require very good reasoning, why the + {py:func}`~leapp.libraries.stdlib.run` function cannot be used. +- +-## Commits and pull requests (PRs) +-### PR description +-The description should contain information about all introduced changes: +-* What has been changed +-* How it has been changed +-* The reason for the change +-* How could people try/test the PR +-* Reference to a Jira ticket, Github issue, ... if applicable +- +-Good description provides all information for readers without the need to +-read the code. Note that reviewers can decline to review the PR with a poor +-description. +- +-### Commit messages +-When your pull-request is ready to be reviewed, every commit needs to include +-a title and a body continuing a description of the change --- what problem is +-being solved and how. The end of the commit body should contain Jira issue +-number (if applicable), GitHub issue that is being fixed, etc.: +-``` +- Commit title +- +- Commit message body on multiple lines +- +- Jira-ref: +-``` +- +-Note that good commit message should provide information in similar way like +-the PR description. Poorly written commit messages can block the merge of PR +-or proper review. +- +-### Granularity of commits +-The granularity of commits depends strongly on the problem being solved. However, +-a large number of small commits is typically undesired. If possible, aim a +-Git history such that commits can be reverted individually, without requiring reverting +-numerous other dependent commits in order to get the `main` branch into a working state. +- +-Note that commits fixing problems of other commits in the PR are expected to be +-squashed before the final review and merge of the PR. Using of `git commit --fixup ...` +-and `git commit --squash ...` commands can help you to prepare such commits +-properly in advance and make the rebase later easier using `git rebase -i --autosquash`. +-We suggest you to get familiar with these commands as it can make your work really +-easier. Note that when you are starting to get higher number of such fixing commits +-in your PR, it's good practice to use the rebase more often. High numbers of such +-commits could make the final rebase more tricky in the end. So your PR should not +-have more than 15 commits at any time. +- +-### Create a separate git branch for your changes +-TBD +- +diff --git a/docs/source/contributing/community-upgrades.md b/docs/source/contributing/community-upgrades.md +new file mode 100644 +index 00000000..cbec0a24 +--- /dev/null ++++ b/docs/source/contributing/community-upgrades.md +@@ -0,0 +1,39 @@ ++# Community upgrades for Centos-like distros ++ ++In the past, this project was solely focused on Red Hat Enterprise Linux upgrades. Recently, we've been extending and refactoring the `leapp-repository` codebase to allow upgrades of other distributions, such as CentOS Stream and also upgrades + conversions between different distributions in one step. ++ ++This document outlines the state of support for upgrades of distributions other than RHEL. Note that support in this case doesn't mean what the codebase allows, but what the core leapp team supports in terms of issues, bugfixes, feature requests, testing, etc. ++ ++RHEL upgrades and upgrades + conversions *to* RHEL are the only officially supported upgrade paths and are the primary focus of leapp developers. However, we are open to and welcome contributions from the community, allowing other upgrade (and conversion) paths in the codebase. For example, we've already integrated a contribution introducing upgrade paths for Alma Linux upgrades. ++ ++This does not mean that we won't offer help outside of the outlined scope, but it is primarily up to the contributors contributing a particular upgrade path to maintain and test it. Also, it can take us some time to get to such PRs, so be patient please. ++ ++Upon agreement we can also update the upgrade paths (in `upgrade_paths.json`) when there is a new release of the particular distribution. However note that we might include some upgrade paths required for conversions *to* RHEL on top of that. ++ ++Contributions improving the overall upgrade experience are also welcome, as they always have been. ++ ++```{note} ++By default, upgrade + conversion paths are automatically derived from upgrade paths. If this is not desired or other paths are required, feel free to open a pull request or open a [discussion](https://github.com/oamg/leapp-repository/discussions) on that topic. ++``` ++ ++## How to contribute ++ ++Currently, the process for enabling upgrades and conversions for other distributions is not fully documented. In the meantime you can use the [pull request introducing Alma Linux upgrades](https://github.com/oamg/leapp-repository/pull/1391/) as reference. However, note that the leapp upgrade data files have special rules for updates, described below. ++ ++### Leapp data files ++ ++#### repomap.json ++ ++To use correct target repositories during the upgrade automatically, the `repomap.json` data file needs to be updated to cover repositories of the newly added distribution. However, the file cannot be updated manually as its content is generated, hence any manual changes would be overwritten with the next update. Currently there is not straightforward way for the community to update our generators, but you can ++ ++- submit a separate PR of how the resulting `repomap.json` file should look like, for an example you can take a look at [this PR](https://github.com/oamg/leapp-repository/pull/1395) ++- or provide the list of repositories (possibly also architectures) present on the distribution ++ ++and we will update the generators accordingly, asking you to review the result then. We are discussing an improvement to make this more community friendly. ++ ++#### pes-events.json and device_driver_deprecation_data.json ++ ++Both PES events and device driver deprecation data only contain data for RHEL in the upstream `leapp-repository` and we will not include any data unrelated to RHEL. If you find a bug in the data, you can open a bug in the [RHEL Jira](https://issues.redhat.com/) for the `leapp-repository` component. ++ ++Before contributing, make sure your PR conforms to our {doc}`Coding guidelines` ++ and {doc}`PR guidelines`. +diff --git a/docs/source/contributing/index.rst b/docs/source/contributing/index.rst +new file mode 100644 +index 00000000..ebdc9151 +--- /dev/null ++++ b/docs/source/contributing/index.rst +@@ -0,0 +1,18 @@ ++Contributing ++======================================================== ++ ++.. toctree:: ++ :maxdepth: 4 ++ :caption: Contents: ++ :glob: ++ ++ coding-guidelines ++ pr-guidelines ++ community-upgrades ++ ++.. Indices and tables ++.. ================== ++.. ++.. * :ref:`genindex` ++.. * :ref:`modindex` ++.. * :ref:`search` +diff --git a/docs/source/contributing/pr-guidelines.md b/docs/source/contributing/pr-guidelines.md +new file mode 100644 +index 00000000..4f6ee4fe +--- /dev/null ++++ b/docs/source/contributing/pr-guidelines.md +@@ -0,0 +1,48 @@ ++# Commits and pull requests (PRs) ++## PR description ++The description should contain information about all introduced changes: ++* What has been changed ++* How it has been changed ++* The reason for the change ++* How could people try/test the PR ++* Reference to a Jira ticket, Github issue, ... if applicable ++ ++Good description provides all information for readers without the need to ++read the code. Note that reviewers can decline to review the PR with a poor ++description. ++ ++## Commit messages ++When your pull-request is ready to be reviewed, every commit needs to include ++a title and a body continuing a description of the change --- what problem is ++being solved and how. The end of the commit body should contain Jira issue ++number (if applicable), GitHub issue that is being fixed, etc.: ++``` ++ Commit title ++ ++ Commit message body on multiple lines ++ ++ Jira-ref: ++``` ++ ++Note that good commit message should provide information in similar way like ++the PR description. Poorly written commit messages can block the merge of PR ++or proper review. ++ ++## Granularity of commits ++The granularity of commits depends strongly on the problem being solved. However, ++a large number of small commits is typically undesired. If possible, aim a ++Git history such that commits can be reverted individually, without requiring reverting ++numerous other dependent commits in order to get the `main` branch into a working state. ++ ++Note that commits fixing problems of other commits in the PR are expected to be ++squashed before the final review and merge of the PR. Using of `git commit --fixup ...` ++and `git commit --squash ...` commands can help you to prepare such commits ++properly in advance and make the rebase later easier using `git rebase -i --autosquash`. ++We suggest you to get familiar with these commands as it can make your work really ++easier. Note that when you are starting to get higher number of such fixing commits ++in your PR, it's good practice to use the rebase more often. High numbers of such ++commits could make the final rebase more tricky in the end. So your PR should not ++have more than 15 commits at any time. ++ ++## Create a separate git branch for your changes ++TBD +diff --git a/docs/source/index.rst b/docs/source/index.rst +index 27537ca4..ed68f751 100644 +--- a/docs/source/index.rst ++++ b/docs/source/index.rst +@@ -21,7 +21,7 @@ providing Red Hat Enterprise Linux in-place upgrade functionality. + upgrade-architecture-and-workflow/index + configuring-ipu/index + libraries-and-api/index +- contrib-and-devel-guidelines ++ contributing/index + faq + + .. Indices and tables diff --git a/docs/source/libraries-and-api/deprecations-list.md b/docs/source/libraries-and-api/deprecations-list.md index 7d6bef18..e620d70d 100644 --- a/docs/source/libraries-and-api/deprecations-list.md @@ -18788,36 +19007,422 @@ index 7e5fbbf0..719ffe21 100644 def __init__(self): self.called = 0 self.files_to_remove = [] +diff --git a/repos/system_upgrade/common/actors/removeobsoletegpgkeys/actor.py b/repos/system_upgrade/common/actors/removeobsoletegpgkeys/actor.py +index 5674ee3f..58b15a84 100644 +--- a/repos/system_upgrade/common/actors/removeobsoletegpgkeys/actor.py ++++ b/repos/system_upgrade/common/actors/removeobsoletegpgkeys/actor.py +@@ -8,9 +8,14 @@ class RemoveObsoleteGpgKeys(Actor): + """ + Remove obsoleted RPM GPG keys. + +- New version might make existing RPM GPG keys obsolete. This might be caused +- for example by the hashing algorithm becoming deprecated or by the key +- getting replaced. ++ The definition of what keys are considered obsolete depends on whether the ++ upgrade also does a conversion: ++ - If not converting, the obsolete keys are those that are no longer valid ++ on the target version. This might be caused for example by the hashing ++ algorithm becoming deprecated or by the key getting replaced. Note that ++ only keys provided by the vendor of the OS are handled. ++ - If converting, the obsolete keys are all of the keys provided by the ++ vendor of the source distribution. + + A DNFWorkaround is registered to actually remove the keys. + """ diff --git a/repos/system_upgrade/common/actors/removeobsoletegpgkeys/libraries/removeobsoleterpmgpgkeys.py b/repos/system_upgrade/common/actors/removeobsoletegpgkeys/libraries/removeobsoleterpmgpgkeys.py -index 198c4368..df08e6fa 100644 +index 198c4368..7d047395 100644 --- a/repos/system_upgrade/common/actors/removeobsoletegpgkeys/libraries/removeobsoleterpmgpgkeys.py +++ b/repos/system_upgrade/common/actors/removeobsoletegpgkeys/libraries/removeobsoleterpmgpgkeys.py -@@ -1,3 +1,4 @@ +@@ -1,3 +1,6 @@ ++import itertools ++ +from leapp.libraries.common.config import get_source_distro_id, get_target_distro_id from leapp.libraries.common.config.version import get_target_major_version from leapp.libraries.common.distro import get_distribution_data from leapp.libraries.common.rpms import has_package -@@ -9,7 +10,7 @@ def _get_obsolete_keys(): +@@ -5,18 +8,25 @@ from leapp.libraries.stdlib import api + from leapp.models import DNFWorkaround, InstalledRPM + + ++def _is_key_installed(key): ++ """ ++ :param key: The NVR of the gpg key RPM (e.g. gpg-pubkey-1d997668-61bae63b) ++ """ ++ name, version, release = key.rsplit("-", 2) ++ return has_package(InstalledRPM, name, version=version, release=release) ++ ++ + def _get_obsolete_keys(): """ - Return keys obsoleted in target and previous versions +- Return keys obsoleted in target and previous versions ++ Get keys obsoleted in target and previous major versions """ - distribution = api.current_actor().configuration.os_release.release_id +- obsoleted_keys_map = get_distribution_data(distribution).get('obsoleted-keys', {}) + distribution = get_target_distro_id() - obsoleted_keys_map = get_distribution_data(distribution).get('obsoleted-keys', {}) ++ obsoleted_keys_map = get_distribution_data(distribution).get("obsoleted-keys", {}) keys = [] for version in range(7, int(get_target_major_version()) + 1): -@@ -35,6 +36,11 @@ def register_dnfworkaround(keys): + try: + for key in obsoleted_keys_map[str(version)]: +- name, version, release = key.rsplit("-", 2) +- if has_package(InstalledRPM, name, version=version, release=release): ++ if _is_key_installed(key): + keys.append(key) + except KeyError: + pass +@@ -24,6 +34,22 @@ def _get_obsolete_keys(): + return keys + + ++def _get_source_distro_keys(): ++ """ ++ Get all known keys of the source distro ++ ++ This includes keys from all relevant previous OS versions as all of those ++ might be present on the system. ++ """ ++ distribution = get_source_distro_id() ++ keys = get_distribution_data(distribution).get("keys", {}) ++ return [ ++ key ++ for key in itertools.chain.from_iterable(keys.values()) ++ if _is_key_installed(key) ++ ] ++ ++ + def register_dnfworkaround(keys): + api.produce( + DNFWorkaround( +@@ -35,8 +61,12 @@ def register_dnfworkaround(keys): def process(): -+ if get_source_distro_id() != get_target_distro_id(): -+ # TODO adjust for conversions, in the current state it would not have -+ # any effect, just skip it -+ return +- keys = _get_obsolete_keys() +- if not keys: +- return ++ if get_source_distro_id() == get_target_distro_id(): ++ # only upgrading - remove keys obsoleted in previous versions ++ keys = _get_obsolete_keys() ++ else: ++ # also converting - we need to remove all keys from the source distro ++ keys = _get_source_distro_keys() + +- register_dnfworkaround(keys) ++ if keys: ++ register_dnfworkaround(keys) +diff --git a/repos/system_upgrade/common/actors/removeobsoletegpgkeys/tests/test_removeobsoleterpmgpgkeys.py b/repos/system_upgrade/common/actors/removeobsoletegpgkeys/tests/test_removeobsoleterpmgpgkeys.py +index b78174cc..8b9b842b 100644 +--- a/repos/system_upgrade/common/actors/removeobsoletegpgkeys/tests/test_removeobsoleterpmgpgkeys.py ++++ b/repos/system_upgrade/common/actors/removeobsoletegpgkeys/tests/test_removeobsoleterpmgpgkeys.py +@@ -1,77 +1,79 @@ + import os ++import unittest.mock as mock + + import pytest + + from leapp.libraries.actor import removeobsoleterpmgpgkeys +-from leapp.libraries.common.config.version import get_target_major_version +-from leapp.libraries.common.rpms import has_package + from leapp.libraries.common.testutils import CurrentActorMocked, produce_mocked + from leapp.libraries.stdlib import api +-from leapp.models import DNFWorkaround, InstalledRPM, RPM ++from leapp.models import InstalledRPM, RPM + ++_CUR_DIR = os.path.dirname(os.path.abspath(__file__)) + +-def _get_test_installedrpm(): +- return InstalledRPM( + - keys = _get_obsolete_keys() - if not keys: - return ++def common_folder_path_mocked(folder): ++ return os.path.join(_CUR_DIR, "../../../files/", folder) ++ ++ ++def test_is_key_installed(monkeypatch): ++ installed_rpms = InstalledRPM( + items=[ + RPM( +- name='gpg-pubkey', +- version='d4082792', +- release='5b32db75', +- epoch='0', +- packager='Red Hat, Inc. (auxiliary key 2) ', +- arch='noarch', +- pgpsig='' ++ name="gpg-pubkey", ++ version="d4082792", ++ release="5b32db75", ++ epoch="0", ++ packager="Red Hat, Inc. (auxiliary key 2) ", ++ arch="noarch", ++ pgpsig="", + ), + RPM( +- name='gpg-pubkey', +- version='2fa658e0', +- release='45700c69', +- epoch='0', +- packager='Red Hat, Inc. (auxiliary key) ', +- arch='noarch', +- pgpsig='' ++ name="gpg-pubkey", ++ version="2fa658e0", ++ release="45700c69", ++ epoch="0", ++ packager="Red Hat, Inc. (auxiliary key) ", ++ arch="noarch", ++ pgpsig="", + ), + RPM( +- name='gpg-pubkey', +- version='12345678', +- release='abcdefgh', +- epoch='0', +- packager='made up', +- arch='noarch', +- pgpsig='' ++ name="gpg-pubkey", ++ version="12345678", ++ release="abcdefgh", ++ epoch="0", ++ packager="made up", ++ arch="noarch", ++ pgpsig="", + ), + ] + ) + ++ monkeypatch.setattr( ++ api, "current_actor", CurrentActorMocked(msgs=[installed_rpms]) ++ ) ++ ++ assert removeobsoleterpmgpgkeys._is_key_installed("gpg-pubkey-d4082792-5b32db75") ++ assert removeobsoleterpmgpgkeys._is_key_installed("gpg-pubkey-2fa658e0-45700c69") ++ assert removeobsoleterpmgpgkeys._is_key_installed("gpg-pubkey-12345678-abcdefgh") ++ assert not removeobsoleterpmgpgkeys._is_key_installed( ++ "gpg-pubkey-db42a60e-37ea5438" ++ ) ++ + + @pytest.mark.parametrize( + "version, expected", + [ +- (9, ["gpg-pubkey-d4082792-5b32db75", "gpg-pubkey-2fa658e0-45700c69"]), +- (8, ["gpg-pubkey-2fa658e0-45700c69"]) ++ ("9", ["gpg-pubkey-d4082792-5b32db75", "gpg-pubkey-2fa658e0-45700c69"]), ++ ("8", ["gpg-pubkey-2fa658e0-45700c69"]) + ] + ) + def test_get_obsolete_keys(monkeypatch, version, expected): +- def get_target_major_version_mocked(): +- return version +- +- monkeypatch.setattr( +- removeobsoleterpmgpgkeys, +- "get_target_major_version", +- get_target_major_version_mocked, +- ) +- ++ monkeypatch.setattr(api, "current_actor", CurrentActorMocked(dst_ver=version)) ++ monkeypatch.setattr(api, "get_common_folder_path", common_folder_path_mocked) + monkeypatch.setattr( +- api, +- "current_actor", +- CurrentActorMocked( +- msgs=[_get_test_installedrpm()] +- ), ++ removeobsoleterpmgpgkeys, "_is_key_installed", lambda key: key in expected + ) + +- cur_dir = os.path.dirname(os.path.abspath(__file__)) +- monkeypatch.setattr(api, 'get_common_folder_path', lambda folder: os.path.join(cur_dir, '../../../files/', folder)) +- + keys = removeobsoleterpmgpgkeys._get_obsolete_keys() + assert set(keys) == set(expected) + +@@ -79,50 +81,83 @@ def test_get_obsolete_keys(monkeypatch, version, expected): + @pytest.mark.parametrize( + "version, obsoleted_keys, expected", + [ +- (10, None, []), +- (10, {}, []), +- (10, {"8": ["gpg-pubkey-888-abc"], "10": ["gpg-pubkey-10-10"]}, ["gpg-pubkey-888-abc", "gpg-pubkey-10-10"]), +- (9, {"8": ["gpg-pubkey-888-abc"], "9": ["gpg-pubkey-999-def"]}, ["gpg-pubkey-999-def", "gpg-pubkey-888-abc"]), +- (8, {"8": ["gpg-pubkey-888-abc"], "9": ["gpg-pubkey-999-def"]}, ["gpg-pubkey-888-abc"]) +- ] ++ ("10", None, []), ++ ("10", {}, []), ++ ( ++ "10", ++ {"8": ["gpg-pubkey-888-abc"], "10": ["gpg-pubkey-10-10"]}, ++ ["gpg-pubkey-888-abc", "gpg-pubkey-10-10"], ++ ), ++ ( ++ "9", ++ {"8": ["gpg-pubkey-888-abc"], "9": ["gpg-pubkey-999-def"]}, ++ ["gpg-pubkey-999-def", "gpg-pubkey-888-abc"], ++ ), ++ ( ++ "8", ++ {"8": ["gpg-pubkey-888-abc"], "9": ["gpg-pubkey-999-def"]}, ++ ["gpg-pubkey-888-abc"], ++ ), ++ ], + ) +-def test_get_obsolete_keys_incomplete_data(monkeypatch, version, obsoleted_keys, expected): +- def get_target_major_version_mocked(): +- return version ++def test_get_obsolete_keys_incomplete_data( ++ monkeypatch, version, obsoleted_keys, expected ++): ++ monkeypatch.setattr(api, "current_actor", CurrentActorMocked(dst_ver=version)) ++ monkeypatch.setattr( ++ removeobsoleterpmgpgkeys, "_is_key_installed", lambda key: key in expected ++ ) + + def get_distribution_data_mocked(_distro): + if obsoleted_keys is None: + return {} +- return {'obsoleted-keys': obsoleted_keys} +- +- def has_package_mocked(*args, **kwargs): +- return True ++ return {"obsoleted-keys": obsoleted_keys} + + monkeypatch.setattr( +- removeobsoleterpmgpgkeys, +- "get_target_major_version", +- get_target_major_version_mocked, ++ removeobsoleterpmgpgkeys, "get_distribution_data", get_distribution_data_mocked + ) + +- monkeypatch.setattr( +- removeobsoleterpmgpgkeys, +- "get_distribution_data", +- get_distribution_data_mocked, +- ) ++ keys = removeobsoleterpmgpgkeys._get_obsolete_keys() ++ assert set(keys) == set(expected) + +- monkeypatch.setattr( +- removeobsoleterpmgpgkeys, +- "has_package", +- has_package_mocked, +- ) + ++@pytest.mark.parametrize( ++ "distro, expected", ++ [ ++ ( ++ "centos", ++ [ ++ "gpg-pubkey-8483c65d-5ccc5b19", ++ "gpg-pubkey-1d997668-621e3cac", ++ "gpg-pubkey-1d997668-61bae63b", ++ ], ++ ), ++ ( ++ "rhel", ++ [ ++ "gpg-pubkey-fd431d51-4ae0493b", ++ "gpg-pubkey-37017186-45761324", ++ "gpg-pubkey-f21541eb-4a5233e8", ++ "gpg-pubkey-897da07a-3c979a7f", ++ "gpg-pubkey-2fa658e0-45700c69", ++ "gpg-pubkey-d4082792-5b32db75", ++ "gpg-pubkey-5a6340b3-6229229e", ++ "gpg-pubkey-db42a60e-37ea5438", ++ ], ++ ), ++ ], ++) ++def test_get_source_distro_keys(monkeypatch, distro, expected): ++ """ ++ Test that the correct keys are returned for each distro. ++ """ ++ monkeypatch.setattr(api, "current_actor", CurrentActorMocked(src_distro=distro)) ++ monkeypatch.setattr(api, "get_common_folder_path", common_folder_path_mocked) + monkeypatch.setattr( +- api, +- "current_actor", +- CurrentActorMocked(), ++ removeobsoleterpmgpgkeys, "_is_key_installed", lambda _key: True + ) + +- keys = removeobsoleterpmgpgkeys._get_obsolete_keys() ++ keys = removeobsoleterpmgpgkeys._get_source_distro_keys() + assert set(keys) == set(expected) + + +@@ -134,16 +169,61 @@ def test_get_obsolete_keys_incomplete_data(monkeypatch, version, obsoleted_keys, + ] + ) + def test_workaround_should_register(monkeypatch, keys, should_register): +- def get_obsolete_keys_mocked(): +- return keys +- + monkeypatch.setattr( +- removeobsoleterpmgpgkeys, +- '_get_obsolete_keys', +- get_obsolete_keys_mocked ++ removeobsoleterpmgpgkeys, "_get_obsolete_keys", lambda: keys + ) +- monkeypatch.setattr(api, 'produce', produce_mocked()) ++ monkeypatch.setattr(api, "produce", produce_mocked()) + monkeypatch.setattr(api, "current_actor", CurrentActorMocked()) + + removeobsoleterpmgpgkeys.process() + assert api.produce.called == should_register ++ ++ ++def test_process(monkeypatch): ++ """ ++ Test that the correct path is taken depending on whether also converting ++ """ ++ obsolete = ["gpg-pubkey-12345678-abcdefgh"] ++ source_distro = ["gpg-pubkey-87654321-hgfedcba"] ++ ++ monkeypatch.setattr( ++ removeobsoleterpmgpgkeys, "_get_obsolete_keys", lambda: obsolete ++ ) ++ monkeypatch.setattr( ++ removeobsoleterpmgpgkeys, "_get_source_distro_keys", lambda: source_distro, ++ ) ++ ++ # upgrade only path ++ monkeypatch.setattr( ++ api, "current_actor", CurrentActorMocked(src_distro="rhel", dst_distro="rhel") ++ ) ++ with mock.patch( ++ "leapp.libraries.actor.removeobsoleterpmgpgkeys.register_dnfworkaround" ++ ): ++ removeobsoleterpmgpgkeys.process() ++ removeobsoleterpmgpgkeys.register_dnfworkaround.assert_called_once_with( ++ obsolete ++ ) ++ ++ # upgrade + conversion paths ++ monkeypatch.setattr( ++ api, "current_actor", CurrentActorMocked(src_distro="rhel", dst_distro="centos") ++ ) ++ with mock.patch( ++ "leapp.libraries.actor.removeobsoleterpmgpgkeys.register_dnfworkaround" ++ ): ++ removeobsoleterpmgpgkeys.process() ++ removeobsoleterpmgpgkeys.register_dnfworkaround.assert_called_once_with( ++ source_distro ++ ) ++ ++ monkeypatch.setattr( ++ api, "current_actor", CurrentActorMocked(src_distro="centos", dst_distro="rhel") ++ ) ++ with mock.patch( ++ "leapp.libraries.actor.removeobsoleterpmgpgkeys.register_dnfworkaround" ++ ): ++ removeobsoleterpmgpgkeys.process() ++ removeobsoleterpmgpgkeys.register_dnfworkaround.assert_called_once_with( ++ source_distro ++ ) diff --git a/repos/system_upgrade/common/actors/removeresumeservice/tests/test_removeresumeservice.py b/repos/system_upgrade/common/actors/removeresumeservice/tests/test_removeresumeservice.py index ea803856..d59ef346 100644 --- a/repos/system_upgrade/common/actors/removeresumeservice/tests/test_removeresumeservice.py @@ -22429,11 +23034,25 @@ index 71f46b47..34e542a8 100644 self.called = 0 self.args = None diff --git a/repos/system_upgrade/common/files/distro/almalinux/gpg-signatures.json b/repos/system_upgrade/common/files/distro/almalinux/gpg-signatures.json -index 24bc93ba..0629d123 100644 +index 24bc93ba..3bd7376c 100644 --- a/repos/system_upgrade/common/files/distro/almalinux/gpg-signatures.json +++ b/repos/system_upgrade/common/files/distro/almalinux/gpg-signatures.json -@@ -8,11 +8,19 @@ - ], +@@ -1,18 +1,26 @@ + { +- "keys": [ +- "51d6647ec21ad6ea", +- "d36cb86cb86b3716", +- "2ae81e8aced7258b", +- "429785e181b961a5", +- "d07bf2a08d50eb66" +- ], ++ "keys": { ++ "51d6647ec21ad6ea": ["gpg-pubkey-3abb34f8-5ffd890e"], ++ "d36cb86cb86b3716": ["gpg-pubkey-ced7258b-6525146f"], ++ "2ae81e8aced7258b": ["gpg-pubkey-b86b3716-61e69f29"], ++ "429785e181b961a5": ["gpg-pubkey-81b961a5-64106f70"], ++ "d07bf2a08d50eb66": [] ++ }, "obsoleted-keys": { "7": [], - "8": [], @@ -22454,19 +23073,23 @@ index 24bc93ba..0629d123 100644 + } diff --git a/repos/system_upgrade/common/files/distro/centos/gpg-signatures.json b/repos/system_upgrade/common/files/distro/centos/gpg-signatures.json -index fe85e03c..6dfa5b0f 100644 +index fe85e03c..8056e825 100644 --- a/repos/system_upgrade/common/files/distro/centos/gpg-signatures.json +++ b/repos/system_upgrade/common/files/distro/centos/gpg-signatures.json -@@ -2,9 +2,24 @@ - "keys": [ - "24c6a8a7f4a80eb5", - "05b555b38483c65d", +@@ -1,10 +1,24 @@ + { +- "keys": [ +- "24c6a8a7f4a80eb5", +- "05b555b38483c65d", - "4eb84e71f2ee9d55" -+ "4eb84e71f2ee9d55", -+ "429785e181b961a5", -+ "d07bf2a08d50eb66", -+ "6c7cb6ef305d49d6" - ], +- ], ++ "keys": { ++ "24c6a8a7f4a80eb5": [], ++ "4eb84e71f2ee9d55": [], ++ "05b555b38483c65d": ["gpg-pubkey-8483c65d-5ccc5b19"], ++ "1ff6a2171d997668": ["gpg-pubkey-1d997668-621e3cac", "gpg-pubkey-1d997668-61bae63b"], ++ "6c7cb6ef305d49d6": [] ++ }, "obsoleted-keys": { + "7": [], + "8": [ @@ -22542,31 +23165,44 @@ index 00000000..a53775cf + } +} diff --git a/repos/system_upgrade/common/files/distro/rhel/gpg-signatures.json b/repos/system_upgrade/common/files/distro/rhel/gpg-signatures.json -index 3cc67f82..c1f4acf4 100644 +index 3cc67f82..0b989984 100644 --- a/repos/system_upgrade/common/files/distro/rhel/gpg-signatures.json +++ b/repos/system_upgrade/common/files/distro/rhel/gpg-signatures.json -@@ -4,7 +4,9 @@ - "5326810137017186", - "938a80caf21541eb", - "fd372689897da07a", +@@ -1,19 +1,28 @@ + { +- "keys": [ +- "199e2f91fd431d51", +- "5326810137017186", +- "938a80caf21541eb", +- "fd372689897da07a", - "45689c882fa658e0" -+ "45689c882fa658e0", -+ "429785e181b961a5", -+ "d07bf2a08d50eb66" - ], +- ], ++ "keys": { ++ "199e2f91fd431d51": ["gpg-pubkey-fd431d51-4ae0493b"], ++ "5326810137017186": ["gpg-pubkey-37017186-45761324"], ++ "938a80caf21541eb": ["gpg-pubkey-f21541eb-4a5233e8"], ++ "fd372689897da07a": ["gpg-pubkey-897da07a-3c979a7f"], ++ "45689c882fa658e0": ["gpg-pubkey-2fa658e0-45700c69"], ++ "f76f66c3d4082792": ["gpg-pubkey-d4082792-5b32db75"], ++ "5054e4a45a6340b3": ["gpg-pubkey-5a6340b3-6229229e"], ++ "219180cddb42a60e": ["gpg-pubkey-db42a60e-37ea5438"] ++ }, "obsoleted-keys": { "7": [], -@@ -13,7 +15,12 @@ + "8": [ + "gpg-pubkey-2fa658e0-45700c69", "gpg-pubkey-37017186-45761324", - "gpg-pubkey-db42a60e-37ea5438" - ], -- "9": ["gpg-pubkey-d4082792-5b32db75"], +- "gpg-pubkey-db42a60e-37ea5438" ++ "gpg-pubkey-db42a60e-37ea5438", ++ "gpg-pubkey-897da07a-3c979a7f" ++ ], + "9": [ + "gpg-pubkey-d4082792-5b32db75", + "gpg-pubkey-3abb34f8-5ffd890e", + "gpg-pubkey-6275f250-5e26cb2e", + "gpg-pubkey-73e3b907-6581b071" -+ ], + ], +- "9": ["gpg-pubkey-d4082792-5b32db75"], "10": ["gpg-pubkey-fd431d51-4ae0493b"] } } @@ -23355,7 +23991,7 @@ index 4f76a61d..4e8b380d 100644 if cli: cli.register_command(RhelUpgradeCommand) diff --git a/repos/system_upgrade/common/files/upgrade_paths.json b/repos/system_upgrade/common/files/upgrade_paths.json -index 22e0fd7d..d2e893d8 100644 +index 22e0fd7d..39fbe6c1 100644 --- a/repos/system_upgrade/common/files/upgrade_paths.json +++ b/repos/system_upgrade/common/files/upgrade_paths.json @@ -2,9 +2,10 @@ @@ -23378,7 +24014,7 @@ index 22e0fd7d..d2e893d8 100644 "9": ["10.0"] } }, -@@ -25,14 +27,17 @@ +@@ -25,14 +27,16 @@ }, "_virtual_versions": { "8": "8.10", @@ -23393,7 +24029,6 @@ index 22e0fd7d..d2e893d8 100644 - "8.10": ["9.0", "9.1", "9.2", "9.3", "9.4", "9.5", "9.6", "9.7"], - "9.7": ["10.0", "10.1"] + "8.10": ["9.0", "9.1", "9.2", "9.3", "9.4", "9.5", "9.6", "9.7", "9.8"], -+ "9.6": ["10.0", "10.1"], + "9.7": ["10.0", "10.1"], + "8": ["9.0", "9.1", "9.2", "9.3", "9.4", "9.5", "9.6", "9.7", "9.8"], + "9": ["10.0", "10.1"] @@ -23565,7 +24200,7 @@ index 00ce3ec8..84cbd753 100644 # We might have a matchlist ['> 8', '<= 9'] that, e.g., results from blindly using source/target versions # to make a matchlist. Our `detected` version might be some fixed string, e.g., `9.1`. So we need to diff --git a/repos/system_upgrade/common/libraries/distro.py b/repos/system_upgrade/common/libraries/distro.py -index 2ed5eacd..a5042769 100644 +index 2ed5eacd..b342d4fc 100644 --- a/repos/system_upgrade/common/libraries/distro.py +++ b/repos/system_upgrade/common/libraries/distro.py @@ -2,7 +2,12 @@ import json @@ -23581,7 +24216,7 @@ index 2ed5eacd..a5042769 100644 def get_distribution_data(distribution): -@@ -11,8 +16,202 @@ def get_distribution_data(distribution): +@@ -11,8 +16,204 @@ def get_distribution_data(distribution): distribution_config = os.path.join(distributions_path, distribution, 'gpg-signatures.json') if os.path.exists(distribution_config): with open(distribution_config) as distro_config_file: @@ -23594,7 +24229,9 @@ index 2ed5eacd..a5042769 100644 + + # Extend with Vendors signatures + for siglist in api.consume(VendorSignatures): -+ distro_config_json["keys"].extend(siglist.sigs) ++ for sig in siglist.sigs: ++ # Add vendor signature as a new key with empty package list ++ distro_config_json["keys"][sig] = [] + + return distro_config_json + @@ -25476,6 +26113,19 @@ index a2537eeb..1482373e 100644 """ Helper library from SSSDFacts actor to allow unit testing. """ +diff --git a/repos/system_upgrade/el9toel10/actors/inhibitcgroupsv1/libraries/inhibitcgroupsv1.py b/repos/system_upgrade/el9toel10/actors/inhibitcgroupsv1/libraries/inhibitcgroupsv1.py +index 6c891f22..0a38ace3 100644 +--- a/repos/system_upgrade/el9toel10/actors/inhibitcgroupsv1/libraries/inhibitcgroupsv1.py ++++ b/repos/system_upgrade/el9toel10/actors/inhibitcgroupsv1/libraries/inhibitcgroupsv1.py +@@ -48,7 +48,7 @@ def process(): + [ + "grubby", + "--update-kernel=ALL", +- '--remove-args="{}"'.format(",".join(remediation_cmd_args)), ++ '--remove-args="{}"'.format(" ".join(remediation_cmd_args)), + ], + ], + ), diff --git a/repos/system_upgrade/el9toel10/actors/sssd/sssdchecks/libraries/sssdchecks.py b/repos/system_upgrade/el9toel10/actors/sssd/sssdchecks/libraries/sssdchecks.py index 0a86fa7b..cb95026c 100644 --- a/repos/system_upgrade/el9toel10/actors/sssd/sssdchecks/libraries/sssdchecks.py diff --git a/SPECS/leapp-repository.spec b/SPECS/leapp-repository.spec index fddccf8..3e17455 100644 --- a/SPECS/leapp-repository.spec +++ b/SPECS/leapp-repository.spec @@ -53,7 +53,7 @@ py2_byte_compile "%1" "%2"} Epoch: 1 Name: leapp-repository Version: 0.23.0 -Release: 1%{?dist}.elevate.4 +Release: 1%{?dist}.elevate.5 Summary: Repositories for leapp License: ASL 2.0 @@ -350,6 +350,9 @@ fi %changelog +* Fri Nov 28 2025 Yuriy Kohut - 0.23.0-1.elevate.5 +- ELevate vendors support for upstream 0.23.0-1 version (eabab8c496a7d6a76ff1aa0d7e34b0345530e30a) + * Thu Nov 13 2025 Yuriy Kohut - 0.23.0-1.elevate.4 - ELevate vendors support for upstream 0.23.0-1 version (249cd3b203d05937a4d4a02b484444291f4aed85)