Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Run in container #577

Merged
merged 5 commits into from
May 26, 2022
Merged
Show file tree
Hide file tree
Changes from 4 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -5,3 +5,4 @@ package/*.bz2
/nbproject/
test-driver
.yardoc/
test/fixtures/anchors/*/*.0
32 changes: 1 addition & 31 deletions src/lib/registration/clients/inst_migration_repos.rb
Original file line number Diff line number Diff line change
Expand Up @@ -49,37 +49,7 @@ def instsys_init
SwMgmt.copy_old_credentials(destdir)

# import the SMT/RMT certificate to inst-sys
import_ssl_certificates
end

# Import the old SSL certificate if present. Tries all known locations.
def import_ssl_certificates
prefix = Yast::Installation.destdir

SslCertificate::PATHS.each do |file|
cert_file = File.join(prefix, file)
if File.exist?(cert_file)
log.info("Importing the SSL certificate from the old system: (#{prefix})#{file} ...")
cert = SslCertificate.load_file(cert_file)
log_certificate(cert)
target_path = File.join(SslCertificate::INSTSYS_CERT_DIR, File.basename(cert_file))
cert.import_to_instsys(target_path)
else
log.debug("SSL certificate (#{prefix})#{file} not found in the system")
end
end
end

# Log the certificate details
# @param cert [Registration::SslCertificate] the SSL certificate
def log_certificate(cert)
# log also the dates
log.info("#{SslCertificateDetails.new(cert).summary}\n" \
"Issued on: #{cert.issued_on}\nExpires on: #{cert.expires_on}")

# log a warning for expired certificate
expires = cert.x509_cert.not_after.localtime
log.warn("The certificate has EXPIRED! (#{expires})") if expires < Time.now
SslCertificate.import_from_system
end
end
end
Expand Down
25 changes: 24 additions & 1 deletion src/lib/registration/clients/inst_scc.rb
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@

require "registration/addon"
require "registration/exceptions"
require "registration/finish_dialog"
require "registration/helpers"
require "registration/connect_helpers"
require "registration/sw_mgmt"
Expand Down Expand Up @@ -208,6 +209,13 @@ def registration_check
)
end

# when managing a system in chroot copy the credentials and the SSL certificate
# from the chroot to the current system
if Yast::WFM.scr_chrooted?
::Registration::SwMgmt.copy_old_credentials(Installation.destdir)
::Registration::SslCertificate.import_from_system
end

if Mode.update
::Registration::SwMgmt.copy_old_credentials(Installation.destdir)

Expand Down Expand Up @@ -268,6 +276,16 @@ def pkg_manager
end
end

# finish the registration workflow
# @return [symbol] result symbol (:next)
def finish
# when managing a system in chroot copy the config file and the SSL certificate
# to the chroot target
::Registration::FinishDialog.new.run("Write") if WFM.scr_chrooted?

:next
end

def registration_ui
::Registration::RegistrationUI.new(@registration)
end
Expand All @@ -283,7 +301,8 @@ def workflow_aliases
"addon_eula" => ->() { addon_eula },
"register_addons" => ->() { register_addons },
"update_autoyast_config" => ->() { update_autoyast_config },
"pkg_manager" => ->() { pkg_manager }
"pkg_manager" => ->() { pkg_manager },
"finish" => ->() { finish }
}
end

Expand Down Expand Up @@ -332,6 +351,10 @@ def start_workflow
next: "pkg_manager"
},
"pkg_manager" => {
abort: :abort,
next: "finish"
},
"finish" => {
abort: :abort,
next: :next
}
Expand Down
2 changes: 1 addition & 1 deletion src/lib/registration/finish_dialog.rb
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ def run(*args)
remove_ncc_credentials
nil
else
raise "Uknown action #{func} passed as first parameter"
raise "Unknown action #{func} passed as first parameter"
end
end

Expand Down
8 changes: 8 additions & 0 deletions src/lib/registration/registration.rb
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@
require "y2packager/new_repository_setup"
require "suse/connect"
require "registration/connect_helpers"
require "registration/finish_dialog"

require "registration/addon"
require "registration/helpers"
Expand Down Expand Up @@ -62,6 +63,13 @@ def register(email, reg_code, distro_target)

# write the global credentials
SUSE::Connect::YaST.create_credentials_file(login, password)

# when managing a system in chroot copy the credentials to the target system
if Yast::WFM.scr_chrooted?
target_path = File.join(Yast::Installation.destdir, self.class.credentials_path)
::FileUtils.cp(self.class.credentials_path, target_path)
::Registration::FinishDialog.new.run("Write")
end
end

def register_product(product, email = nil)
Expand Down
36 changes: 36 additions & 0 deletions src/lib/registration/ssl_certificate.rb
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ class SslCertificate
include Yast::Logger

Yast.import "Stage"
Yast.import "Installation"

# Path to the registration certificate in the instsys
INSTSYS_CERT_DIR = "/etc/pki/trust/anchors".freeze
Expand Down Expand Up @@ -219,6 +220,41 @@ def import_to_instsys(target_path = self.class.default_certificate_path)
self.class.update_instsys_ca
end

# Import the old SSL certificate if present. Tries all known locations.
# Uses Installation.destdir as the root system.
def self.import_from_system
prefix = Yast::Installation.destdir

SslCertificate::PATHS.each do |file|
cert_file = File.join(prefix, file)
if File.exist?(cert_file)
log.info("Importing the SSL certificate from other system: (#{prefix})#{file} ...")
cert = SslCertificate.load_file(cert_file)
cert.log_details
if Yast::Stage.initial
target_path = File.join(SslCertificate::INSTSYS_CERT_DIR, File.basename(cert_file))
cert.import_to_instsys(target_path)
else
cert.import_to_system
end
else
log.debug("SSL certificate (#{prefix})#{file} not found in the system")
end
end
end

# Log the certificate details
def log_details
require "registration/ssl_certificate_details"
# log also the dates
log.info("#{SslCertificateDetails.new(self).summary}\n" \
"Issued on: #{issued_on}\nExpires on: #{expires_on}")

# log a warning for expired certificate
expires = x509_cert.not_after.localtime
log.warn("The certificate has EXPIRED! (#{expires})") if expires < Time.now
end

private

# @param x509_name [OpenSSL::X509::Name] name object
Expand Down
4 changes: 2 additions & 2 deletions src/lib/registration/sw_mgmt.rb
Original file line number Diff line number Diff line change
Expand Up @@ -365,13 +365,13 @@ def self.add_service(product_service, credentials)
credentials_file = UrlHelpers.credentials_from_url(product_service.url)

if credentials_file
if Mode.update
if Mode.update || Yast::WFM.scr_chrooted?
# at update libzypp is already switched to /mnt target,
# update the path accordingly
credentials_file = File.join(Installation.destdir,
::SUSE::Connect::YaST::DEFAULT_CREDENTIALS_DIR,
credentials_file)
log.info "Using #{credentials_file} credentials path in update mode"
log.info "Using #{credentials_file} credentials path"
end
# SCC uses the same credentials for all services, just save them to
# a different file
Expand Down
1 change: 1 addition & 0 deletions test/inst_migration_repos_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
before do
allow(Yast::WFM).to receive(:call)
allow(Yast::Installation).to receive(:destdir).and_return(destdir)
allow(Yast::Stage).to receive(:initial).and_return(true)
allow(Registration::SwMgmt).to receive(:copy_old_credentials)
allow(File).to receive(:exist?).and_return(false)
end
Expand Down