Run in container (#577)

.gitignore

@@ -5,3 +5,4 @@ package/*.bz2
 /nbproject/
 test-driver
 .yardoc/
+test/fixtures/anchors/*/*.0

package/yast2-registration.changes

@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Thu May 26 14:55:59 UTC 2022 - Ladislav Slezák <[email protected]>
+
+- Support managing system in a chroot (bsc#1199840)
+- 4.5.4
+
 -------------------------------------------------------------------
 Fri May  6 07:14:08 UTC 2022 - Ladislav Slezák <[email protected]>
 

package/yast2-registration.spec

@@ -17,7 +17,7 @@
 
 
 Name:           yast2-registration
-Version:        4.5.3
+Version:        4.5.4
 Release:        0
 Summary:        YaST2 - Registration Module
 License:        GPL-2.0-only

src/lib/registration/clients/inst_migration_repos.rb

@@ -49,37 +49,7 @@ def instsys_init
         SwMgmt.copy_old_credentials(destdir)
 
         # import the SMT/RMT certificate to inst-sys
-        import_ssl_certificates
-      end
-
-      # Import the old SSL certificate if present. Tries all known locations.
-      def import_ssl_certificates
-        prefix = Yast::Installation.destdir
-
-        SslCertificate::PATHS.each do |file|
-          cert_file = File.join(prefix, file)
-          if File.exist?(cert_file)
-            log.info("Importing the SSL certificate from the old system: (#{prefix})#{file} ...")
-            cert = SslCertificate.load_file(cert_file)
-            log_certificate(cert)
-            target_path = File.join(SslCertificate::INSTSYS_CERT_DIR, File.basename(cert_file))
-            cert.import_to_instsys(target_path)
-          else
-            log.debug("SSL certificate (#{prefix})#{file} not found in the system")
-          end
-        end
-      end
-
-      # Log the certificate details
-      # @param cert [Registration::SslCertificate] the SSL certificate
-      def log_certificate(cert)
-        # log also the dates
-        log.info("#{SslCertificateDetails.new(cert).summary}\n" \
-        "Issued on: #{cert.issued_on}\nExpires on: #{cert.expires_on}")
-
-        # log a warning for expired certificate
-        expires = cert.x509_cert.not_after.localtime
-        log.warn("The certificate has EXPIRED! (#{expires})") if expires < Time.now
+        SslCertificate.import_from_system
       end
     end
   end

src/lib/registration/clients/inst_scc.rb

@@ -27,6 +27,7 @@
 
 require "registration/addon"
 require "registration/exceptions"
+require "registration/finish_dialog"
 require "registration/helpers"
 require "registration/connect_helpers"
 require "registration/sw_mgmt"
@@ -208,6 +209,13 @@ def registration_check
         )
       end
 
+      # when managing a system in chroot copy the credentials and the SSL certificate
+      # from the chroot to the current system
+      if Yast::WFM.scr_chrooted?
+        ::Registration::SwMgmt.copy_old_credentials(Installation.destdir)
+        ::Registration::SslCertificate.import_from_system
+      end
+
       if Mode.update
         ::Registration::SwMgmt.copy_old_credentials(Installation.destdir)
 
@@ -268,6 +276,16 @@ def pkg_manager
       end
     end
 
+    # finish the registration workflow
+    # @return [symbol] result symbol (:next)
+    def finish
+      # when managing a system in chroot copy the config file and the SSL certificate
+      # to the chroot target
+      ::Registration::FinishDialog.new.run("Write") if WFM.scr_chrooted?
+
+      :next
+    end
+
     def registration_ui
       ::Registration::RegistrationUI.new(@registration)
     end
@@ -283,7 +301,8 @@ def workflow_aliases
         "addon_eula"             => ->() { addon_eula },
         "register_addons"        => ->() { register_addons },
         "update_autoyast_config" => ->() { update_autoyast_config },
-        "pkg_manager"            => ->() { pkg_manager }
+        "pkg_manager"            => ->() { pkg_manager },
+        "finish"                 => ->() { finish }
       }
     end
 
@@ -332,6 +351,10 @@ def start_workflow
           next:  "pkg_manager"
         },
         "pkg_manager"            => {
+          abort: :abort,
+          next:  "finish"
+        },
+        "finish"                 => {
           abort: :abort,
           next:  :next
         }

src/lib/registration/finish_dialog.rb

@@ -59,7 +59,7 @@ def run(*args)
         remove_ncc_credentials
         nil
       else
-        raise "Uknown action #{func} passed as first parameter"
+        raise "Unknown action #{func} passed as first parameter"
       end
     end
 

src/lib/registration/registration.rb

@@ -24,6 +24,7 @@
 require "y2packager/new_repository_setup"
 require "suse/connect"
 require "registration/connect_helpers"
+require "registration/finish_dialog"
 
 require "registration/addon"
 require "registration/helpers"
@@ -62,6 +63,13 @@ def register(email, reg_code, distro_target)
 
       # write the global credentials
       SUSE::Connect::YaST.create_credentials_file(login, password)
+
+      # when managing a system in chroot copy the credentials to the target system
+      if Yast::WFM.scr_chrooted?
+        target_path = File.join(Yast::Installation.destdir, self.class.credentials_path)
+        ::FileUtils.cp(self.class.credentials_path, target_path)
+        ::Registration::FinishDialog.new.run("Write")
+      end
     end
 
     def register_product(product, email = nil)

src/lib/registration/ssl_certificate.rb

@@ -12,6 +12,7 @@ class SslCertificate
     include Yast::Logger
 
     Yast.import "Stage"
+    Yast.import "Installation"
 
     # Path to the registration certificate in the instsys
     INSTSYS_CERT_DIR = "/etc/pki/trust/anchors".freeze
@@ -219,6 +220,41 @@ def import_to_instsys(target_path = self.class.default_certificate_path)
       self.class.update_instsys_ca
     end
 
+    # Import the old SSL certificate if present. Tries all known locations.
+    # Uses Installation.destdir as the root system.
+    def self.import_from_system
+      prefix = Yast::Installation.destdir
+
+      SslCertificate::PATHS.each do |file|
+        cert_file = File.join(prefix, file)
+        if File.exist?(cert_file)
+          log.info("Importing the SSL certificate from other system: (#{prefix})#{file} ...")
+          cert = SslCertificate.load_file(cert_file)
+          cert.log_details
+          if Yast::Stage.initial
+            target_path = File.join(SslCertificate::INSTSYS_CERT_DIR, File.basename(cert_file))
+            cert.import_to_instsys(target_path)
+          else
+            cert.import_to_system
+          end
+        else
+          log.debug("SSL certificate (#{prefix})#{file} not found in the system")
+        end
+      end
+    end
+
+    # Log the certificate details
+    def log_details
+      require "registration/ssl_certificate_details"
+      # log also the dates
+      log.info("#{SslCertificateDetails.new(self).summary}\n" \
+      "Issued on: #{issued_on}\nExpires on: #{expires_on}")
+
+      # log a warning for expired certificate
+      expires = x509_cert.not_after.localtime
+      log.warn("The certificate has EXPIRED! (#{expires})") if expires < Time.now
+    end
+
   private
 
     # @param x509_name [OpenSSL::X509::Name] name object

src/lib/registration/sw_mgmt.rb

@@ -365,13 +365,13 @@ def self.add_service(product_service, credentials)
       credentials_file = UrlHelpers.credentials_from_url(product_service.url)
 
       if credentials_file
-        if Mode.update
+        if Mode.update || Yast::WFM.scr_chrooted?
           # at update libzypp is already switched to /mnt target,
           # update the path accordingly
           credentials_file = File.join(Installation.destdir,
             ::SUSE::Connect::YaST::DEFAULT_CREDENTIALS_DIR,
             credentials_file)
-          log.info "Using #{credentials_file} credentials path in update mode"
+          log.info "Using #{credentials_file} credentials path"
         end
         # SCC uses the same credentials for all services, just save them to
         # a different file

test/inst_migration_repos_spec.rb

@@ -12,6 +12,7 @@
   before do
     allow(Yast::WFM).to receive(:call)
     allow(Yast::Installation).to receive(:destdir).and_return(destdir)
+    allow(Yast::Stage).to receive(:initial).and_return(true)
     allow(Registration::SwMgmt).to receive(:copy_old_credentials)
     allow(File).to receive(:exist?).and_return(false)
   end