1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
Commit graph

13 commits

Author SHA1 Message Date
Pino Toscano
bbd68e26a2
redhat_subscription: require credentials only when needed (#5664)
The module currently has a static 'required_if' statement for its
parameters that forces any of 'username' or 'activationkey' or 'token'
in case state=present; while this is generally a good idea, it can be
an extra requirements in some cases. In particular, if the system is
already registered, there is no need for credentials -- some of the
operations of the module, such as manipulating pools, can be done
perfectly without credentials.

Hence:
- change the static 'required_if' to require credentials only when
  forcing the registration
- check for credentials manually when a registration is needed, i.e.
  on an unregistered system; the fail message is the same as the one
  shown by 'required_if'

Adapt the tests to this new situation:
- test_without_required_parameters now needs to mock an unregistered
  system
- add a new version of test_without_required_parameters to test an
  already registered system
- add a simple test case for only state=present usable on an already
  registered system
- remove the credentials from a test case for pool attachment that
  mocks an already registered system
2023-03-22 20:19:55 +01:00
Pino Toscano
9f67cbbe36
rhsm modules: cleanly fail when not run as root (#6211)
subscription-manager on RHEL installs a symlink in /usr/bin to
console-helper (part of usermode), which triggers an interactive prompt
for root credentials when run as user. It seems that console-helper
does not handle well non-interactive contexts (e.g. without a TTY for
input), and thus it will hang waiting for input when run as user in an
Ansible task.

Since subscription-manager requires root already anyway (and it will
fail when explicitly run as user), then apply the same logic locally on
all the modules that interact with it: redhat_subscription,
rhsm_release, and rhsm_repository.
2023-03-22 13:15:32 +01:00
Pino Toscano
e939cd07ef
redhat_subscription: use D-Bus for registration if possible (#6122)
subscription-manager currently does not have a way to get credentials
(username, password, activation keys, organization ID) in a secure way:
the existing command line parameters can be easily spotted when running
a process listing while 'subscription-manager register' runs.
There is a D-Bus service, which is used by e.g. cockpit and Anaconda to
interface with RHSM (at least for registration and common queries).

Try to perform the registration using D-Bus, in a way very similar to
the work done in convert2rhel [1] (with my help):
- try to do a simple signal test to check whether the system bus works;
  inspired by the login in the dconf module
- pass most of the options as registration options; for the few that are
  not part of the registration, execute 'subscription-manager' manually
- add quirks for differently working (or not) registration options for
  the D-Bus Register*() methods depending on the version of RHEL
- 'subscription-manager register' is used only in case the signal test
  is not working; silent fallback in case of D-Bus errors during the
  registration is not done on purpose to avoid silent fallback to a less
  secure registration

[1] https://github.com/oamg/convert2rhel/pull/540/
2023-03-14 22:52:51 +01:00
Felix Fontein
d03ae532ed
Add attributes to more modules (3/4) (#5967)
Add attributes to more modules.
2023-02-20 17:30:26 +01:00
Eric C Chong
4dc897d559
redhat_subscription: Add support for Red Hat API token (#5725)
Add support for Red Hat API token

fix mixed up

fix version
2023-01-05 21:36:07 +01:00
Pino Toscano
471f523f53
redhat_subscription: add server_proxy_scheme parameter (#5662)
Add the `server_proxy_scheme` parameter to configure the scheme used for
the proxy server. This completes the configuration parameters for the
proxy server.
2022-12-08 22:40:37 +01:00
Pino Toscano
f7fa54eed9
redhat_subscription: don't discard vars with key (#5627)
Fixes #3486. From the man-pages of subscription-manager, none of the
parameters used are tied to the activationkey except the two that remain
in its else-clause.

Note that type is not mentioned in the man-pages on 7.6 (at least), but
is still present and available.

Co-authored-by: Thor K. H <thor@roht.no>
2022-11-30 22:15:55 +01:00
Pino Toscano
101c957631
redhat_subscription: drop unneeded args to Rhsm.register() (#5583)
Stop passing all the "rhsm_", and "server_" module arguments to
"Rhsm.register()", and thus as arguments for
"subscription-manager register":
- right before calling "Rhsm.register()", "Rhsm.configure()" is called
  to configure subscription-manager with all the "rhsm_", and "server_"
  arguments; hence, they are already configured
- the passed argument to "--serverurl" is partially wrong:
  "Rhsm.register()" passes only the hostname, whereas the other bits
  (port and prefix) are supported too; this "works" because port and
  prefix were already configured previously, and the lax parsing that
  subscription-manager does allows for missing bits
- the parsing done by subscription-manager for "--baseurl" strips out
  the URL scheme and always uses https: this means that specifying
  "rhsm_baseurl: http://server" as module parameter will be taken as
  "https://server" by subscription-manager; since "rhsm_baseurl" is
  already configured by "Rhsm.configure()", this issue is gone
2022-11-29 13:07:08 +01:00
Pino Toscano
911769d2f3
redhat_subscription: improve wording wrt Satellite (#5581)
Do not mention an explicit version of Satellite for an environment to
use; future versions of Satellite will support that, and older versions
are long EOL.

Also mention Katello next to Red Hat Satellite.
2022-11-26 18:37:58 +01:00
Alexei Znamensky
801e3d86ef
redhat_subscription: fix sanity check (#5555)
* redhat_subscription: fix sanity check

* removed ignore lines
2022-11-16 06:44:18 +01:00
Felix Fontein
b531ecdc9b
Unflatmap community.general (#5461)
* Move files.

* Update imports and references.

* Move wrongly placed files.

* Reverse redirects, deprecate long → short name redirects.

* Simplify contribution guidelines for new modules.

* Rewrite BOTMETA.

* Add changelog fragment.

* Fix ignore.txt files.
2022-11-02 20:42:29 +00:00
Felix Fontein
7743ecd776
Replace symlinks with meta/runtime.yml redirects. (#4562) 2022-04-26 20:33:13 +02:00
Brian Coca
8f90360d49
make collection usable with current ansible vers (#9) 2020-03-11 14:10:38 +00:00