From 499358a17dc03a3c97ceaee9445e8162701c2ddb Mon Sep 17 00:00:00 2001 From: mhorky Date: Tue, 6 Feb 2024 14:19:14 +0100 Subject: [PATCH] CCT-69: Update identity reporting in DNF plugin during autoregistration * Card ID: CCT-66 (main branch) * Card ID: CCT-67 (backport) During the first phase of anonymous cloud registration, the system has valid entitlement certificates that aren't associated with any consumer. We shouldn't be reporting missing identity. Previously this was an error state that was not valid, but with automatic registration it is possible to have a system consuming content that does not have an identity, for a transition period before it is part of an anonymous or claimed organization. (Cherry-picked from 4820e5f61be6613f3408af3cee849c560ce195c3) --- src/dnf-plugins/subscription-manager.py | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/src/dnf-plugins/subscription-manager.py b/src/dnf-plugins/subscription-manager.py index 5d080bd7ff..ea0db71b72 100644 --- a/src/dnf-plugins/subscription-manager.py +++ b/src/dnf-plugins/subscription-manager.py @@ -38,6 +38,13 @@ else: from ConfigParser import ConfigParser +from typing import TYPE_CHECKING + +if TYPE_CHECKING: + from subscription_manager.certdirectory import EntitlementDirectory + from subscription_manager.identity import Identity + + expired_warning = _(""" *** WARNING *** The subscription for following product(s) has expired: @@ -124,12 +131,15 @@ def _update(cache_only): Update entitlement certificates and redhat.repo :param cache_only: is True, when rhsm.full_refresh_on_yum is set to 0 in rhsm.conf """ - - logger.info(_('Updating Subscription Management repositories.')) - - identity = inj.require(inj.IDENTITY) - - if not identity.is_valid(): + logger.info(_("Updating Subscription Management repositories.")) + identity: Identity = inj.require(inj.IDENTITY) + ent_dir: EntitlementDirectory = inj.require(inj.ENT_DIR) + + # During first phase of anonymous cloud registration the system has + # valid entitlement certificates, but does not yet have any identity. + # We have access to the content, so we shouldn't be reporting missing + # identity certificate. + if not identity.is_valid() and len(ent_dir.list_valid()) == 0: logger.info(_("Unable to read consumer identity")) if config.in_container():