Rebase leapp-repository on top of almalinux latest version #23
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This actor used to scan the NetworkManager keyfiles and icfg files itself. No more!
This actor used to scan the NetworkManager ifcfg files itself. Now it uses IfCfg messages, sharing the scanning code with CheckNetworkDeprecations.
Turns out people actually use those. https://bugzilla.redhat.com/show_bug.cgi?id=2111691
When there was not enough space, leapp would output misleading error message propagated from dnf. This error message was replaced and includes a solution article.
After the in-place upgrade and removal of `leapp` packages, there are leftover `*cpython.pyc` files in: `/usr/lib/python2.7/site-packages/leapp/` and `/usr/share/leapp-repository/`. Let's avoid this by not creating them in the first place. Jira ref.: OAMG-7641
* Add mapping based on the installed content Repositories covered by repositories mapping, that are used by installed RPM packages, are used to evaluate expected target repositories on top of evaluating the target repositories from enabled repositories. This covers repositories which might be disabled when upgrading, but should be used to upgrade installed packages during the upgrade. * Cover with a unit test Co-authored-by: Inessa Vasilevskaya <[email protected]>
Morf tests are gone, meet the new max-sst test.
Add a repo update step to mitigate recent failures.
This reverts commit 1859d18. Revert done because of affected container-tests
On RHEL 8+ the `kernel` package was split into multiple packages including `kernel-core`. The `kernel` package is just a placeholder there and might not be installed. The `kernel-rt` package was split similarly. Let's scan for `kernel-core` and (`kernel-rt-core` on RHEL Real Time) instead which should always be present. Jira ref.: OAMG-8383
Superfluous-parens should work magic in discovering wrongly defined consumes and produces fields in actors.
Replace some leftovers from PR#932.
In case the xfs_info command fails for any reason, xfsinfoscanner would crash. By no reason this should cause leapp to exit with a traceback. An additional vetting if the directory is an actual mount point has been added together with proper exception handling. Unit tests also added. OAMG-8147 BZ#2155661 - leapp xfs_info_scanner fails when fstab xfs entry not mounted
If you blacklist a certificate on rhel8 and then upgrade to rhel9, the certificate does not remain blacklisted. On rhel9 we renamed blacklist to blocklist, so after the upgrade we have both blacklist and blocklist folders but the certificates are not moved to the blocklisted folder. The actor migrateblacklist.py was created to solve this issue, but it did not create messages and reports. This checkin adds scan and check versions which generate the appropriate messages and reports. migrateblacklist.py has not been updated to use these messages yet.
When `/etc/leapp/files/pes-events.json` contains invalid data (e.g. empty, invalid syntax, garbage content) leapp tracebacks. This commit fixes that and also introduces a test case to make sure we actually produce report and raise the correct `StopActorExecution` exception. Jira ref.: OAMG-7637
Add the external link to the VDO documentation about importing of existing VDO volumes to LVM management: https://red.ht/import-existing-vdo-volumes-to-lvm
Existing actors will be used for reporting purposes as consumers of GrubConfigError. All scanning will be done in a newly intoduced ScanGrubConfig actor. OAMG-8337
Currently there are rules just for running both linter and tests or just tests in container. This commit adds rule for running just lint. Jira ref.: OAMG-6724
The check should be the safe for 7to8 and 8to9 upgrade. Also add logic to skip the check in case LEAPP_DEVEL_INITRAM_NETWORK env var is set. OAMG-8490
When upgrading RHEL 8 to RHEL 9 on IBM Z systems,
it's important to have correctly configured RoCE
if used, otherwise the network will be down after
the upgrade as the default configuration is not
persistent between RHEL 8 and RHEL 9.
Currently it's possible to configure RoCE in a persistent
way for both RHEL systems since RHEL 8.7 by following
kernel cmdline argument:
net.naming-scheme=rhel-8.7
RHEL 8.7 and newer has persistent RoCE NICs if booted
with the parameter.
For the detection of active RoCE NICs is used the nmcli tool
(considerring that RoCE needs to be configured via NetworkManager
on RHEL 8+). Detected active RoCE NICs are represented by
the RoceDetected msg.
The upgrade is inhibited if any active RoCE NIC is discovered and:
* source os is RHEL 8.6 or older, or
* the system is booted without `net.naming-scheme=rhel-8.7` on kernel
cmdline
Co-authored-by: Petr Stodulk <[email protected]>
If system uses rhsm it is automatically registered into Red Hat Insights at the end of the upgrade process. For the registration the `insights-client` package is requiered and will be installed during the upgrade if missing. This can be skipped by setting the `LEAPP_NO_INSIGHTS_REGISTER=1` environment variable or `--no-insights-register` CLI option. A report is generated informing about the registration and eventual `insights-client` package installation. Jira ref.: OAMG-7872
otherwise you get titles referring to the python object like:
Title: SSSD Domain "<leapp.models.sssd.SSSDDomainConfig object at 0x7fa2592ff510>": sudo rules containing wildcards will stop working.
This patch introduces support for a provided_data_streams: [v1, v2] field in leapp data (pes-events, device-drivers and repomapping). The new check_consumed_assets actor will check that installed version of leapp is compatible with leapp data provided, and inform if any problems are discovered. Unit tests added as well. OAMG-7989
Upstream tests should be testing bleeding edge features using latest bleeding edge leapp data. So let's pass LEAPPDATA_BRANCH=upstream as test env var.
(cherry picked from commit 9de3021)
…ices on 8->9+ Beginning with RHEL8 there are two possible configurations (monolithic and modular) for the libvirt and virt* (virtqemud, virtlockd, virtproxyd, ...) services. The generic strategy implemented in the transitionsystemdservicesstates actor cannot handle such setup and leaves the upgraded system with a an incorrect combination of these configurations. Therefore these services are ignored by the actor and their state transition will be done by the services (and other related units) themselves. Jira: RHEL-22597 (cherry picked from commit 5518ae0)
I've already realized I missed couple of breakpoints over time inside
the initramfs and cannot remember expected cmdline params for each
of them. So let's try to make it more consistent. Keeping the original
cmdline arguments as some people are used to them already, but
introducing new ones.
New introduced breakpoints:
* rd.upgrade.break=leapp-initram
* breaks right after getting to leapp dracut modules
* orig
* rd.break=upgrade
* rd.upgrade.break=upgrade
* rd.upgrade.break=leapp-pre-upgrade
* breaks just right before running leapp in initramfs
* rd.upgrade.break=leapp-post-upgrade
* running just right after leapp upgrade (dnf transaction done),
before the start of post-upgrade phases
* orig:
* rd.break=leapp-upgrade
* rd.upgrade.break=leapp-upgrade
* rd.upgrade.break=leapp-finish
* the last breakpoint, after logs are saved, before the upcoming
reboot (leaving the upgrade environment)
* orig:
* rd.break=leapp-logs
Note: we could possibly drop old ones already, but as this is
going to be one of last changes for IPU 7 -> 8, I decided to leave
such a decision for future. Also, it's possible that we will need
to redesign this part of the upgrade process, so that's another reason
why to just add something, but do not drop anything.
(cherry picked from commit 64c34b5)
## Packaging - Requires xfsprogs and e2fsprogs (oamg#1154) - Bump leapp-repository-dependencies to 10 (oamg#1154) ## Upgrade handling ### Fixes - Detect changes in openssl default configuration file and restore it to the default to the target default during the upgrade to reduce risk of potential issues (oamg#1131) - Do not try to download data files anymore when missing as the service is obsoleted since the data is part of installed packages (oamg#1120) - Drop the invalid `tuv` target channel (oamg#1130) - Fix handling of symlinks under /etc/pki when managing certificates (oamg#1135, oamg#1160, oamg#1166) - Fix semanage import issue (oamg#1164) - Fix the issue of going out of bounds in the isccfg parser (oamg#1124) - Fix traceback when saving the rhsm facts results and the /etc/rhsm/facts directory doesn’t exist yet (oamg#1132) - Handle the upgrade better when a proxy is configured in YUM/DNF configutations (oamg#1143) - Load all rpm repository substitutions that dnf knows about, not just releasever since repofiles may use the other substitutions too (oamg#1134) - Minor updates of generated reports (oamg#1151) - Print nice error msg when device and driver deprecation data is malformed (oamg#1168) - Report information about required manual steps after the upgrade when openssl-ibmca is installed (oamg#1131) - Update error messages and reports when installed upgrade data files are malformed or missing (oamg#1120) - [IPU 7 -> 8] Fix the upgrade of the RH Satellite server when tomcat is installed (oamg#1150) - [IPU 8 -> 9] Fix the upgrade from RHEL 8.9+ when the release is locked by subscription-manager (oamg#1136, oamg#1138) ### Enhancements - Update upgrade paths: (oamg#1146, oamg#1147, oamg#1175) - RHEL 7.9 -> 8.10, 8.8 (default: 8.10) - RHEL with SAPAHA 7.9 -> 8.10, 8.8 (default: 8.8) - RHEL w/o SAP HANA 8.8 -> 9.2 - RHEL w/o SAP HANA 8.10 -> 9.4 - Added possibility to define DNF configuration for the target system (oamg#1143) - Code cleaning: drop redundant and invalid NFS checks (oamg#1127) - Default to NO_RHSM mode when subscription-manager is not found (oamg#1133) - Detect customized configuration of dynamic linker (oamg#1118) - Detect possible unexpected RPM GPG keys has been installed during RPM transaction (oamg#1101) - Drop obsoleted upgrade paths that relates to releases: 8.6, 8.9, 9.0, 9.3 (oamg#1175) - Ignore Leapp related PES events (oamg#1153) - Introduce generic transition of systemd services states during the IPU (oamg#1060, oamg#1174) - Introduce possibility to upgrade with local repositories (oamg#1099) - Introduced some changes getting us closer to possibility of IPU for Centos (Stream) systems (oamg#1140) - Report the upgrade customisations and modifications of the upgrade tooling (oamg#1148) - Simplify handling of upgrades on systems using RHUI, reducing the maintenance burden for cloud providers (oamg#1057) - Update the leapp upgrade data files - bump data stream to "3.0" (oamg#1163, oamg#1165, oamg#1170) - [IPU 8 -> 9] Enable upgrades RHEL 8 -> 9 using RHUI on Alibaba cloud (oamg#1137, oamg#1165, oamg#1172) - Unify breakpoints inside the upgrade initramfs for the easier troubleshooting (oamg#1157) ## Additional changes interesting for devels - Introduced new functions returning a list of packages related to upgrade - see the rpms library (oamg#1156) - Make detection of installed signed packages distribution agnostic - covers RHEL & CentOS (oamg#876) - Model InstalledRedHatSignedRPM is deprecated, replaced by DistributionSignedRPM (oamg#876) (cherry picked from commit 6421225)
There will be another update of data duing the next week(s), so keeping expected provided_data_stream set on 2.0. However the data are already marked to provide 2.0 & 3.0. (cherry picked from commit 0e51aeb)
* Added RHEL 9 repos for Alibaba RHUI with mapping for IPU 8 -> 9 * Actors require "3.0" in the list of provided_data_streams * All data files updated to provide onls "3.0" data stream * Add NL at the end of the device_driver_deprecation_data.json file to be POSIX compatible as expected. (cherry picked from commit 8552bbf)
Includes fixed idm-tomcatjss related events for upgrades IPU 8 -> 9. Jira: RHEL-21779 (cherry picked from commit b75dc49)
``` The following repos have been added: - Repo(pesid='rhel8-CRB', major_version='8', repoid='rhui-codeready-builder-for-rhel-8-aarch64-rhui-rpms', repo_type='rpm', channel='ga', arch='aarch64', rhui='alibaba') - Repo(pesid='rhel8-rhui-custom-client-at-alibaba', major_version='8', repoid='rhui-custom-rhui_client_at_alibaba-rhel-8', repo_type='rpm', channel='ga', arch='aarch64', rhui='alibaba') - Repo(pesid='rhel8-BaseOS', major_version='8', repoid='rhui-rhel-8-for-aarch64-baseos-rhui-rpms', repo_type='rpm', channel='ga', arch='aarch64', rhui='alibaba') - Repo(pesid='rhel8-Supplementary', major_version='8', repoid='rhui-rhel-8-for-aarch64-supplementary-rhui-rpms', repo_type='rpm', channel='ga', arch='aarch64', rhui='alibaba') - Repo(pesid='rhel8-AppStream', major_version='8', repoid='rhui-rhel-8-for-aarch64-appstream-rhui-rpms', repo_type='rpm', channel='ga', arch='aarch64', rhui='alibaba') ``` Related PR: oamg#1137 (cherry picked from commit c63ccbb)
Update to version 0.20.0
Add ELevate key SIG to all distros.
- gpg-pubkey-73e3b907-6581b071 gpg(PostgreSQL RPM Repository <[email protected]>)
Add one of PostgreSQL's keys to the list of obsoleted ones for 9
Add ELS key SIG to all distros.
…malinux-ng # Conflicts: # README.md # commands/upgrade/util.py # packaging/leapp-repository.spec # repos/system_upgrade/common/actors/checkenabledvendorrepos/actor.py # repos/system_upgrade/common/actors/checketcreleasever/libraries/checketcreleasever.py # repos/system_upgrade/common/actors/checkgrubcore/actor.py # repos/system_upgrade/common/actors/commonleappdracutmodules/files/dracut/85sys-upgrade-redhat/do-upgrade.sh # repos/system_upgrade/common/actors/commonleappdracutmodules/files/dracut/90sys-upgrade/initrd-system-upgrade-generator # repos/system_upgrade/common/actors/efibootorderfix/finalization/actor.py # repos/system_upgrade/common/actors/filterrpmtransactionevents/actor.py # repos/system_upgrade/common/actors/kernel/checkinstalledkernels/libraries/checkinstalledkernels.py # repos/system_upgrade/common/actors/peseventsscanner/actor.py # repos/system_upgrade/common/actors/peseventsscanner/libraries/peseventsscanner.py # repos/system_upgrade/common/actors/peseventsscanner/tests/unit_test_peseventsscanner.py # repos/system_upgrade/common/actors/redhatsignedrpmscanner/actor.py # repos/system_upgrade/common/actors/removeobsoletegpgkeys/libraries/removeobsoleterpmgpgkeys.py # repos/system_upgrade/common/actors/repositoriesmapping/libraries/repositoriesmapping.py # repos/system_upgrade/common/actors/scancustomrepofile/tests/test_scancustomrepofile.py # repos/system_upgrade/common/actors/scanvendorrepofiles/actor.py # repos/system_upgrade/common/actors/scanvendorrepofiles/libraries/scanvendorrepofiles.py # repos/system_upgrade/common/actors/setuptargetrepos/libraries/setuptargetrepos.py # repos/system_upgrade/common/actors/targetuserspacecreator/libraries/userspacegen.py # repos/system_upgrade/common/actors/vendorreposignaturescanner/actor.py # repos/system_upgrade/common/actors/vendorrepositoriesmapping/libraries/vendorrepositoriesmapping.py # repos/system_upgrade/common/libraries/config/version.py # repos/system_upgrade/common/libraries/dnfconfig.py # repos/system_upgrade/common/libraries/dnfplugin.py # repos/system_upgrade/common/libraries/overlaygen.py # repos/system_upgrade/common/libraries/repomaputils.py # repos/system_upgrade/common/libraries/rpms.py # repos/system_upgrade/el7toel8/actors/checkleftoverpackages/actor.py # repos/system_upgrade/el7toel8/actors/networkmanagerupdateconnections/tools/nm-update-client-ids.py # repos/system_upgrade/el7toel8/actors/opensshpermitrootlogincheck/actor.py # repos/system_upgrade/el7toel8/actors/opensshpermitrootlogincheck/libraries/opensshpermitrootlogincheck.py # repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/actor.py # repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/tests/unit_test_satellite_upgrade_facts.py
These files were originally added by RHEL. Neither Alma nor CloudLinux uses them. device_driver_deprecation_data.json pes-events.json repomap.json Files were removed in order not to confuse people.
Thank you for contributing to the Leapp project!Please note that every PR needs to comply with the Leapp Guidelines and must pass all tests in order to be mergable.
Please open ticket in case you experience technical problem with the CI. (RH internal only) Note: In case there are problems with tests not being triggered automatically on new PR/commit or pending for a long time, please consider rerunning the CI by commenting leapp-ci build (might require several comments). If the problem persists, contact leapp-infra. |
Mute broken upstream tests and fix whatever I can do fast. Result: # REPOSITORIES="common,el7toel8" make test_no_lint == 1871 passed, 53 skipped in 39.92 seconds ==
Importing modules from another repository is restricted with latest leapp.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This change brings all changes made in CloudLinux branch on top of the latest AlmaLinux implementaion.