search

waveclaw / puppet-subscription_manager

Handle Client Registration to RedHat Satellite 6 or Katello
https://rhn.redhat.com
Other
6 stars 34 forks source link

rhsm_config (still not working) #117 #120

Open ralfbosz opened 1 year ago

ralfbosz commented 1 year ago

The config still does not change when using rhsm_config:

rhsm_config { '/etc/rhsm/rhsm.conf':
  server_port     => 443,
}

From a debug-run:

Debug: Updates to subscription configuration are '{:server_hostname=>"rhsm.redhat.com", :server_insecure=>0, :server_no_proxy=>"", :server_port=>443, :server_prefix=>"/rhsm", :server_proxy_hostname=>"", :server_proxy_password=>"", :server_proxy_port=>"", :server_proxy_user=>"", :server_server_timeout=>180, :server_ssl_verify_depth=>3, :rhsm_auto_enable_yum_plugins=>1, :rhsm_baseurl=>"https://suct2v1249.luna.kpn.org/pulp/content/", :rhsm_ca_cert_dir=>"/etc/rhsm/ca/", :rhsm_consumercertdir=>"/etc/pki/consumer", :rhsm_entitlementcertdir=>"/etc/pki/entitlement", :rhsm_full_refresh_on_yum=>0, :rhsm_manage_repos=>1, :rhsm_pluginconfdir=>"/etc/rhsm/pluginconf.d", :rhsm_plugindir=>"/usr/share/rhsm-plugins", :rhsm_productcertdir=>"/etc/pki/product", :rhsm_repo_ca_cert=>"%(ca_cert_dir)skatello-server-ca.pem", :rhsm_repomd_gpg_url=>"", :rhsm_report_package_profile=>1, :rhsmcertd_autoattachinterval=>1440, :rhsmcertd_certcheckinterval=>240, :rhsmd_processtimeout=>300, :logging_default_log_level=>"INFO"}'
Debug: {:apply=>nil, :remove=>nil}
Debug: rhsm.flush: given nothing to remove.
Debug: rhsm.flush: given nothing to configure.
Debug: Executing: '/usr/sbin/subscription-manager config --list'
Debug: Config was {:server_hostname=>"rhsm.redhat.com", :server_insecure=>0, :server_no_proxy=>"", :server_port=>8443, :server_prefix=>"/rhsm", :server_proxy_hostname=>"", :server_proxy_password=>"", :server_proxy_port=>"", :server_proxy_scheme=>"http", :server_proxy_user=>"", :server_server_timeout=>180, :server_ssl_verify_depth=>3, :rhsm_auto_enable_yum_plugins=>1, :rhsm_baseurl=>"https://suct2v1249.luna.kpn.org/pulp/content/", :rhsm_ca_cert_dir=>"/etc/rhsm/ca/", :rhsm_consumercertdir=>"/etc/pki/consumer", :rhsm_entitlementcertdir=>"/etc/pki/entitlement", :rhsm_full_refresh_on_yum=>1, :rhsm_inotify=>1, :rhsm_manage_repos=>1, :rhsm_package_profile_on_trans=>1, :rhsm_pluginconfdir=>"/etc/rhsm/pluginconf.d", :rhsm_plugindir=>"/usr/share/rhsm-plugins", :rhsm_productcertdir=>"/etc/pki/product", :rhsm_repo_ca_cert=>"%(ca_cert_dir)skatello-server-ca.pem", :rhsm_repomd_gpg_url=>"", :rhsm_report_package_profile=>1, :rhsmcertd_autoattachinterval=>1440, :rhsmcertd_certcheckinterval=>240, :rhsmcertd_disable=>0, :rhsmcertd_splay=>1, :rhsmd_processtimeout=>300, :logging_default_log_level=>"INFO", :name=>"/etc/rhsm/rhsm.conf", :provider=>:subscription_manager, :ensure=>:present}

It seems that the cmds[:apply] is nill. Tested it with a debug and Puppet.debug line in the code and it is empty. No idea how to fix it.

https://github.com/waveclaw/puppet-subscription_manager/blob/a8bddf22d45de457acf47743ab58120e507b82b8/lib/puppet/provider/rhsm_config/subscription_manager.rb#L43

GertjanBijl commented 1 year ago

I ran into this too, and I found that the regex added in e12d8a98ea0d277d5b0be7bed9f2d9cb234fd618 was not working on RHEL6 and RHEL7, but it does work on RHEL8 and RHEL9. Versions of subscription-manager checked: RHEL6: subscription-manager-1.20.10-8.el6.x86_64 -> Does not work RHEL7: subscription-manager-1.24.51-1.el7_9.x86_64 -> Does not work RHEL8: subscription-manager-1.28.32-1.el8.x86_64 -> Works RHEL9: subscription-manager-1.29.30.1-1.el9_1.x86_64 -> Works

In case of RHEL8 or RHEL9, the output of the subscription-manager config --help command results in something like this:

usage: subscription-manager config [OPTIONS]

List, set, or remove the configuration parameters in use by this system

optional arguments:
  -h, --help            show this help message and exit
  --list                list the configuration for this system
  --remove REMOVE       remove configuration entry by section.name
  --server.port SERVER.PORT
                        Section: server, Name: port
  --server.server_timeout SERVER.SERVER_TIMEOUT
                        Section: server, Name: server_timeout
  --server.proxy_scheme SERVER.PROXY_SCHEME
                        Section: server, Name: proxy_scheme
  --server.proxy_port SERVER.PROXY_PORT
                        Section: server, Name: proxy_port
  --server.no_proxy SERVER.NO_PROXY
                        Section: server, Name: no_proxy

with a space as separator.

In case of RHEL6 or RHEL7 the output of the subscription-manager config --help command results in something like this:

Usage: subscription-manager config [OPTIONS]

List, set, or remove the configuration parameters in use by this system

Options:
  -h, --help            show this help message and exit
  --list                list the configuration for this system
  --remove=REMOVE       remove configuration entry by section.name
  --server.proxy_hostname=SERVER.PROXY_HOSTNAME
                        Section: server, Name: proxy_hostname
  --server.server_timeout=SERVER.SERVER_TIMEOUT
                        Section: server, Name: server_timeout
  --server.proxy_user=SERVER.PROXY_USER
                        Section: server, Name: proxy_user
  --server.no_proxy=SERVER.NO_PROXY
                        Section: server, Name: no_proxy

with an '=' as separator.

Because the code to parse this output reads: https://github.com/waveclaw/puppet-subscription_manager/blob/a8bddf22d45de457acf47743ab58120e507b82b8/lib/puppet/provider/rhsm_config/subscription_manager.rb#L244 The regex expects the separator to be a single space only.

If the line is altered to m = line.match(%r{^\s+--([a-z_0-9]+\.[a-z_0-9]+)[=\s][A-Z]+.*}) it works in both (RHEL6/7 and RHEL8/9) cases.

Note: I did not test on RHEL5, that OS is now well beyond extended support, so I don't see a reason to still support it.

GertjanBijl commented 1 year ago

Opened #121 to fix this issue.

GertjanBijl commented 1 year ago

@waveclaw, can you please shine your light on this? The fix is really easy.

waveclaw commented 1 year ago

@waveclaw, can you please shine your light on this? The fix is really easy.

No, it's not 'really easy.' This is not a 'just update the regex' situation. If you had provided an actual merge-request you would have seen the breakage on the unit test.

I have to re-write the provider to support that small looking change plus additional OS detection code. That has knock-on effects up to forcing a new major release when the state parsing changes in any way.

I'm mostly supporting Oracle, Alma and Rocky Linux. Behavior is different but the OS detection finds it as RedHat. That is obviously a problem for legacy versions like 6 and current but older releases like 7.

I'm probably faced with checking if subscription-manager is 1.25 or later as that brought in the new 'equal-less' options parsing without pushing the major release of a backwards-incompatible API change.

GertjanBijl commented 8 months ago

Sorry for short cutting the solution, I thought I did the right thing by creating PR, but apparently I didn't. I'm normally using Gitlab or Bitbucket on prem, so I'm missing the experience on Github. I'd love to see a unit test against my proposed change, so how can I achieve that? I'm very willing to fix this properly, as it still affects our environment.