rhsm_baseurl incorrectly set, preventing software update/install via dnf

[benblasco]

When using the role in its most basic configuration subscription-manager completes successfully, but sets rhsm_baseurl to "" instead of NULL. As a consequence software installations and other dnf operations cannot run successfully.

Software installation error message (after rhc role run):

[bblasco@opti rhel]$ ansible "rhel91*" -m shell -a "dnf install -y insights-client" -b
rhel91b.opti.blasco.id.au | FAILED | rc=1 >>                                                                                                      
Updating Subscription Management repositories.                                                                                                    
Red Hat Enterprise Linux 9 for x86_64 - AppStre 0.0  B/s |   0  B     00:00    Error: Failed to download metadata for repo 'rhel-9-for-x86_64-apps
tream-rpms': Cannot download repomd.xml: Empty mirrorlist and no basepath specified!non-zero return code

Cause of error above is that the baseurl is set incorrectly for every repository in /etc/yum.repos.d/redhat.repo:

[root@localhost yum.repos.d]# pwd
/etc/yum.repos.d
[root@localhost yum.repos.d]# grep baseurl redhat.repo | head
baseurl = content/dist/layered/rhel9/x86_64/openstack-deployment-tools/17/os
baseurl = content/dist/rhel/atomic/7/7Server/$basearch/cdk/2.3/os
baseurl = content/dist/layered/rhel9/x86_64/openstack-tools/17.1/debug
baseurl = content/eus/rhel9/$releasever/x86_64/codeready-builder/source/SRPMS
baseurl = content/dist/layered/rhel9/x86_64/kmm/1/debug
baseurl = content/dist/layered/rhel9/x86_64/dirsrv/12.2/source/SRPMS
baseurl = content/e4s/rhel9/$releasever/x86_64/rt/debug
baseurl = content/beta/layered/rhel9/x86_64/openstack/os
baseurl = content/dist/layered/rhel9/x86_64/ansible-automation-platform/2.3/debug
baseurl = content/dist/layered/rhel9/x86_64/dirsrv/12.3/debug

In the above, the prefix https://cdn.redhat.com/ is missing from every baseurl. It should look like:

[root@localhost yum.repos.d]# grep baseurl redhat.repo | head
baseurl = https://cdn.redhat.com/content/dist/rhel/atomic/7/7Server/$basearch/cdk/3.4/os
baseurl = https://cdn.redhat.com/content/dist/rhel/atomic/7/7Server/$basearch/cdk/3.5/os
baseurl = https://cdn.redhat.com/content/dist/layered/rhel9/x86_64/sat-client/6/source/SRPMS
baseurl = https://cdn.redhat.com/content/dist/middleware/quarkus/1.0/x86_64/os
baseurl = https://cdn.redhat.com/content/dist/layered/rhel9/x86_64/rhodf/4/os
baseurl = https://cdn.redhat.com/content/dist/layered/rhel9/x86_64/rh-sso/7.6/os
baseurl = https://cdn.redhat.com/content/dist/rhel9/$releasever/x86_64/nfv/os
baseurl = https://cdn.redhat.com/content/dist/layered/rhel9/x86_64/rhocp/4.14/source/SRPMS
baseurl = https://cdn.redhat.com/content/dist/rhel/atomic/7/7Server/$basearch/cdk/3.4/debug
baseurl = https://cdn.redhat.com/content/dist/layered/rhel9/x86_64/rhocp/4.13/debug

I believe the issue may be caused by this commit: https://github.com/linux-system-roles/rhc/commit/b95a84e621bd98a74a5c57d5b76077895a7f71a0

The issue is that when the task - name: Call subscription-manager in tasks/subscription-manager.yml is called, it passes the parameter "rhsm_baseurl": "" to the playbook. That value should be NULL, which I have confirmed by testing the community.general.redhat_subscription module in its own playbook. I have attached a run of my playbook that uses the rhc role to this case to prove that this is what is happening.

The code I am testing with can be found here: https://github.com/benblasco/fedoralaptop/blob/master/rhel/rhelconfigure.yml

[benblasco]

The problem can be found in line 391 of the attached log rhelconfigure_log:

            "rhsm_baseurl": "",

rhelconfigure_log.txt

[benblasco]

Please also note that the issue has been tested against the following collection versions (as discussed with @ptoscano )

[bblasco@opti rhel]$ ansible-galaxy collection list | grep general
community.general                   7.2.0  
community.general             6.6.2  
community.general         6.6.0  

[bblasco@opti rhel]$ ansible-galaxy collection list | grep fedora
fedora.linux_system_roles           1.44.0 
fedora.linux_system_roles 1.46.0

I have also verified the issue in 1.50.0 which was released today.

[benblasco]

In case it is necessary, the credentials I am passing to the role look like:

---
rhn_username: <USER>
rhn_password: <PASSWORD>

organization_id: <ORG_ID>
activation_key: <AK>

Actual values above redacted for security reasons.

[richm]

Is there a workaround? Can you pass in the actual url for rhsm_baseurl, or some other value?

[benblasco]

@richm Yes I have just tested your proposed work-around successfully.

Config change:

rhc_baseurl: "https://cdn.redhat.com/"

Result:

[bblasco@rhel91 ~]$ sudo grep base /etc/yum.repos.d/redhat.repo  |head
baseurl = https://cdn.redhat.com/content/dist/middleware/rhosds/3.0/x86_64/os
baseurl = https://cdn.redhat.com/content/e4s/rhel9/$releasever/x86_64/sap-solutions/debug
baseurl = https://cdn.redhat.com/content/aus/rhel9/$releasever/x86_64/sat-client/6/source/SRPMS
baseurl = https://cdn.redhat.com/content/dist/layered/rhel9/x86_64/dirsrv/12.3/source/SRPMS
baseurl = https://cdn.redhat.com/content/dist/layered/rhel9/x86_64/cert/1/os
baseurl = https://cdn.redhat.com/content/dist/layered/rhel9/x86_64/fast-datapath/os
baseurl = https://cdn.redhat.com/content/dist/rhel/atomic/7/7Server/$basearch/cdk/3.5/source/SRPMS
baseurl = https://cdn.redhat.com/content/dist/layered/rhel9/x86_64/rhv-tools/4/debug
baseurl = https://cdn.redhat.com/content/dist/layered/rhel9/x86_64/network-observability/1/debug
baseurl = https://cdn.redhat.com/content/dist/rhel9/$releasever/x86_64/sap/os

[ptoscano]

Ops, apologies for the regression: I forgot that the variable actually exists, since it is provided in defaults/main.yml. The regression is there since 1.2.0.

Hopefully #127 should fix this.

[benblasco]

Fix tested successfully. Thanks @richm @ptoscano