Project

General

Profile

Actions
Copy link

Bug #11203

closed

hammer allows me to enable reposets with incorrect release versions

Added by Partha Aji almost 9 years ago. Updated almost 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Partha Aji
Category:
Hammer
Target version:
Katello 2.4.0
Difficulty:
Triaged:
Yes
Bugzilla link:
1245776
Pull request:
https://github.com/Katello/katello/pull/5371
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1245776
Description of problem:

Seems that the hammer command for enabling reposets performs no validation for the releasever field. Therefore, I can basically pass arbitrary values to it and the repository will be created:

  1. hammer -u admin -p changeme repository-set enable --name="Red Hat Satellite Tools 6 Beta (for RHEL 7 Server) (RPMs)" --basearch="x86_64" --product "Red Hat Enterprise Linux Server" --organization="Default Organization" --releasever="7.3"
Repository enabled

Here's another example (with more details) of using --releasever="borked"

  1. hammer -u admin -p changeme -v -d repository-set enable --name="Red Hat Satellite Tools 6 Beta (for RHEL 7 Server) (RPMs)" --basearch="x86_64" --product "Red Hat Enterprise Linux Server" --organization="Default Organization" --releasever="borked"
    [ INFO 2015-07-22 13:51:15 Init] Initialization of Hammer CLI (0.1.4.11) has started...
    [DEBUG 2015-07-22 13:51:15 Init] Running at ruby 2.0.0-p598
    [ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli_config.yml has been loaded
    [ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli.modules.d/foreman.yml has been loaded
    [ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli.modules.d/foreman_bootdisk.yml has been loaded
    [ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli.modules.d/foreman_discovery.yml has been loaded
    [ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli.modules.d/foreman_docker.yml has been loaded
    [ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli.modules.d/gutterball.yml has been loaded
    [ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli.modules.d/import.yml has been loaded
    [ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli.modules.d/katello.yml has been loaded
    [DEBUG 2015-07-22 13:51:16 Connection] Registered: foreman
    [DEBUG 2015-07-22 13:51:16 API] Global headers: {
    :content_type => "application/json",
    :accept => "application/json;version=2",
    "Accept-Language" => "en"
    }
    [ INFO 2015-07-22 13:51:16 Modules] Extension module hammer_cli_foreman (0.1.4.14) loaded
    [ INFO 2015-07-22 13:51:16 Modules] Extension module hammer_cli_foreman_bootdisk (0.1.2.7) loaded
    [ INFO 2015-07-22 13:51:16 Modules] Extension module hammer_cli_foreman_discovery (0.0.1.10) loaded
    [ INFO 2015-07-22 13:51:16 HammerCLI::MainCommand] subcommand organization (HammerCLIForeman::Organization) was removed.
    [ INFO 2015-07-22 13:51:16 HammerCLI::MainCommand] subcommand organization (HammerCLIKatello::Organization) was created.
    [ INFO 2015-07-22 13:51:16 Modules] Extension module hammer_cli_gutterball (0.0.1.3) loaded
    [ INFO 2015-07-22 13:51:16 Modules] Extension module hammer_cli_import (0.10.19) loaded
    [ INFO 2015-07-22 13:51:16 Modules] Extension module hammer_cli_katello (0.0.7.17) loaded
    [DEBUG 2015-07-22 13:51:16 Init] Using locale 'en'
    [DEBUG 2015-07-22 13:51:16 Init] 'mo' files for locale domain 'hammer-cli' loaded from '/usr/share/gems/gems/hammer_cli-0.1.4.11/locale'
    [DEBUG 2015-07-22 13:51:16 Init] 'mo' files for locale domain 'hammer-cli@system' loaded from '/usr/share/locale'
    [DEBUG 2015-07-22 13:51:16 Init] 'mo' files for locale domain 'hammer-cli-foreman' loaded from '/usr/share/gems/gems/hammer_cli_foreman-0.1.4.14/locale'
    [DEBUG 2015-07-22 13:51:16 Init] 'mo' files for locale domain 'hammer-cli-foreman@system' loaded from '/usr/share/locale'
    [DEBUG 2015-07-22 13:51:16 Init] 'mo' files for locale domain 'hammer_cli_foreman_docker' loaded from '/usr/share/gems/gems/hammer_cli_foreman_docker-0.0.3.9/locale'
    [DEBUG 2015-07-22 13:51:16 Init] 'mo' files for locale domain 'hammer-cli-katello' loaded from '/usr/share/gems/gems/hammer_cli_katello-0.0.7.17/locale'
    [ INFO 2015-07-22 13:51:16 HammerCLI::MainCommand] Called with options: {"option_verbose"=>true, "option_debug"=>true, "option_username"=>"admin", "option_password"=>"***"}
    [ INFO 2015-07-22 13:51:16 HammerCLIKatello::RepositorySetCommand] Called with options: {}
    [ INFO 2015-07-22 13:51:16 HammerCLIKatello::RepositorySetCommand::EnableCommand] Called with options: {"option_name"=>"Red Hat Satellite Tools 6 Beta (for RHEL 7 Server) (RPMs)", "option_product_name"=>"Red Hat Enterprise Linux Server", "option_organization_name"=>"Default Organization", "option_basearch"=>"x86_64", "option_releasever"=>"borked"}
    [ INFO 2015-07-22 13:51:16 API] GET /katello/api/organizations
    [DEBUG 2015-07-22 13:51:16 API] Params: {
    :search => "name = \"Default Organization\""
    }
    [DEBUG 2015-07-22 13:51:16 API] Headers: {
    :params => {
    :search => "name = \"Default Organization\""
    }
    }
    [DEBUG 2015-07-22 13:51:16 API] Response: {
    "total" => 2,
    "subtotal" => 1,
    "page" => 1,
    "per_page" => 20,
    "search" => "name = \"Default Organization\"",
    "sort" => {
    "by" => nil,
    "order" => nil
    },
    "results" => [
    [0] {
    "id" => 1,
    "name" => "Default Organization",
    "title" => "Default Organization",
    "label" => "Default_Organization",
    "created_at" => "2015-07-22T17:39:25Z",
    "updated_at" => "2015-07-22T17:39:29Z"
    }
    ]
    }
    [DEBUG 2015-07-22 13:51:16 API] Response headers: {
    :date => "Wed, 22 Jul 2015 17:51:16 GMT",
    :server => "Apache/2.4.6 (Red Hat Enterprise Linux)",
    :foreman_version => "1.7.2",
    :foreman_api_version => "2",
    :apipie_checksum => "f5be3b0ebc7dd0b408568ebd915897a9",
    :x_ua_compatible => "IE=Edge,chrome=1",
    :cache_control => "must-revalidate, private, max-age=0",
    :x_request_id => "c9d37c583a394e77ff3e52190e896958",
    :x_runtime => "0.237152",
    :x_rack_cache => "miss",
    :x_powered_by => "Phusion Passenger 4.0.18",
    :set_cookie => [
    [0] "_session_id=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJTg3ZjcyZjgzZGRiMDMyOTFlZDQ0NzY4MjJmZDdjMmNkBjsAVEkiC2xvY2FsZQY7AEYiB2Vu--2841784bb1f994e2c1f1e93f05d60c7703022dac; path=/; secure; HttpOnly"
    ],
    :etag => "\"046d4ae9cc755f722b79cbebe11a9fe9\"",
    :status => "200 OK",
    :transfer_encoding => "chunked",
    :content_type => "application/json; charset=utf-8"
    }
    [ INFO 2015-07-22 13:51:16 API] GET /katello/api/organizations/1/products
    [DEBUG 2015-07-22 13:51:16 API] Params: {
    "name" => "Red Hat Enterprise Linux Server"
    }
    [DEBUG 2015-07-22 13:51:16 API] Headers: {
    :params => {
    "name" => "Red Hat Enterprise Linux Server"
    }
    }
    [DEBUG 2015-07-22 13:51:16 API] Response: {
    "total" => 1,
    "subtotal" => 1,
    "page" => 1,
    "per_page" => 20,
    "search" => nil,
    "sort" => {
    "by" => nil,
    "order" => nil
    },
    "results" => [
    [0] {
    "sync_state" => nil,
    "last_sync" => nil,
    "last_sync_words" => nil,
    "organization" => {
    "name" => "Default Organization",
    "label" => "Default_Organization",
    "id" => 1
    },
    "id" => 132,
    "cp_id" => "69",
    "name" => "Red Hat Enterprise Linux Server",
    "label" => "Red_Hat_Enterprise_Linux_Server",
    "description" => nil,
    "provider_id" => 2,
    "sync_plan_id" => nil,
    "sync_status" => {
    "state" => nil
    },
    "sync_summary" => {},
    "gpg_key_id" => nil,
    "redhat" => true,
    "repository_count" => 0,
    "" => nil
    }
    ]
    }
    [DEBUG 2015-07-22 13:51:17 API] Response headers: {
    :date => "Wed, 22 Jul 2015 17:51:16 GMT",
    :server => "Apache/2.4.6 (Red Hat Enterprise Linux)",
    :foreman_version => "1.7.2",
    :foreman_api_version => "2",
    :apipie_checksum => "f5be3b0ebc7dd0b408568ebd915897a9",
    :x_ua_compatible => "IE=Edge,chrome=1",
    :cache_control => "must-revalidate, private, max-age=0",
    :x_request_id => "fff638672f6a731ad2e4cd357301f0ff",
    :x_runtime => "0.135820",
    :x_rack_cache => "miss",
    :x_powered_by => "Phusion Passenger 4.0.18",
    :set_cookie => [
    [0] "_session_id=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJTM5MmViNTE0ZjI4Y2E1NzJjNWYwM2ExZTM5ZGJkYzU5BjsAVEkiC2xvY2FsZQY7AEYiB2Vu--ca1bf1eaf9d564202a9f39bfed93235c2447d7af; path=/; secure; HttpOnly"
    ],
    :etag => "\"4b27b040858c93c1febd14f007fd00ed\"",
    :status => "200 OK",
    :transfer_encoding => "chunked",
    :content_type => "application/json; charset=utf-8"
    }
    [ INFO 2015-07-22 13:51:17 API] GET /katello/api/organizations
    [DEBUG 2015-07-22 13:51:17 API] Params: {
    :search => "name = \"Default Organization\""
    }
    [DEBUG 2015-07-22 13:51:17 API] Headers: {
    :params => {
    :search => "name = \"Default Organization\""
    }
    }
    [DEBUG 2015-07-22 13:51:17 API] Response: {
    "total" => 2,
    "subtotal" => 1,
    "page" => 1,
    "per_page" => 20,
    "search" => "name = \"Default Organization\"",
    "sort" => {
    "by" => nil,
    "order" => nil
    },
    "results" => [
    [0] {
    "id" => 1,
    "name" => "Default Organization",
    "title" => "Default Organization",
    "label" => "Default_Organization",
    "created_at" => "2015-07-22T17:39:25Z",
    "updated_at" => "2015-07-22T17:39:29Z"
    }
    ]
    }
    [DEBUG 2015-07-22 13:51:17 API] Response headers: {
    :date => "Wed, 22 Jul 2015 17:51:17 GMT",
    :server => "Apache/2.4.6 (Red Hat Enterprise Linux)",
    :foreman_version => "1.7.2",
    :foreman_api_version => "2",
    :apipie_checksum => "f5be3b0ebc7dd0b408568ebd915897a9",
    :x_ua_compatible => "IE=Edge,chrome=1",
    :cache_control => "must-revalidate, private, max-age=0",
    :x_request_id => "41b418037dccaec972af66264063f509",
    :x_runtime => "0.052413",
    :x_rack_cache => "miss",
    :x_powered_by => "Phusion Passenger 4.0.18",
    :set_cookie => [
    [0] "_session_id=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJTNhYThlZmNiMGU0ZWI1ZTc3OGY2MWExMjI3NDlmMDI0BjsAVEkiC2xvY2FsZQY7AEYiB2Vu--dcbe92678894d249ff84b33921fdfe63ca0d8fb1; path=/; secure; HttpOnly"
    ],
    :etag => "\"046d4ae9cc755f722b79cbebe11a9fe9\"",
    :status => "200 OK",
    :transfer_encoding => "chunked",
    :content_type => "application/json; charset=utf-8"
    }
    [ INFO 2015-07-22 13:51:17 API] GET /katello/api/organizations/1/products
    [DEBUG 2015-07-22 13:51:17 API] Params: {
    "name" => "Red Hat Enterprise Linux Server"
    }
    [DEBUG 2015-07-22 13:51:17 API] Headers: {
    :params => {
    "name" => "Red Hat Enterprise Linux Server"
    }
    }
    [DEBUG 2015-07-22 13:51:17 API] Response: {
    "total" => 1,
    "subtotal" => 1,
    "page" => 1,
    "per_page" => 20,
    "search" => nil,
    "sort" => {
    "by" => nil,
    "order" => nil
    },
    "results" => [
    [0] {
    "sync_state" => nil,
    "last_sync" => nil,
    "last_sync_words" => nil,
    "organization" => {
    "name" => "Default Organization",
    "label" => "Default_Organization",
    "id" => 1
    },
    "id" => 132,
    "cp_id" => "69",
    "name" => "Red Hat Enterprise Linux Server",
    "label" => "Red_Hat_Enterprise_Linux_Server",
    "description" => nil,
    "provider_id" => 2,
    "sync_plan_id" => nil,
    "sync_status" => {
    "state" => nil
    },
    "sync_summary" => {},
    "gpg_key_id" => nil,
    "redhat" => true,
    "repository_count" => 0,
    "" => nil
    }
    ]
    }
    [DEBUG 2015-07-22 13:51:17 API] Response headers: {
    :date => "Wed, 22 Jul 2015 17:51:17 GMT",
    :server => "Apache/2.4.6 (Red Hat Enterprise Linux)",
    :foreman_version => "1.7.2",
    :foreman_api_version => "2",
    :apipie_checksum => "f5be3b0ebc7dd0b408568ebd915897a9",
    :x_ua_compatible => "IE=Edge,chrome=1",
    :cache_control => "must-revalidate, private, max-age=0",
    :x_request_id => "f6c1ebfd0f43b1467d96c0fe2546a901",
    :x_runtime => "0.297025",
    :x_rack_cache => "miss",
    :x_powered_by => "Phusion Passenger 4.0.18",
    :set_cookie => [
    [0] "_session_id=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJWZjOGVlM2M0MmZiNzQ1OWFlYjQ0OTk5YWZiMzViN2I5BjsAVEkiC2xvY2FsZQY7AEYiB2Vu--26b3e48491da6b3a612c765629a8f0665298a634; path=/; secure; HttpOnly"
    ],
    :etag => "\"4b27b040858c93c1febd14f007fd00ed\"",
    :status => "200 OK",
    :transfer_encoding => "chunked",
    :content_type => "application/json; charset=utf-8"
    }
    [ INFO 2015-07-22 13:51:17 API] GET /katello/api/products/132/repository_sets
    [DEBUG 2015-07-22 13:51:17 API] Params: {
    "name" => "Red Hat Satellite Tools 6 Beta (for RHEL 7 Server) (RPMs)"
    }
    [DEBUG 2015-07-22 13:51:17 API] Headers: {
    :params => {
    "name" => "Red Hat Satellite Tools 6 Beta (for RHEL 7 Server) (RPMs)"
    }
    }
    [DEBUG 2015-07-22 13:51:17 API] Response: {
    "total" => 1,
    "subtotal" => 1,
    "page" => nil,
    "per_page" => nil,
    "search" => nil,
    "sort" => {
    "by" => nil,
    "order" => nil
    },
    "results" => [
    [0] {
    "repositories" => [],
    "id" => "4380",
    "name" => "Red Hat Satellite Tools 6 Beta (for RHEL 7 Server) (RPMs)",
    "label" => "rhel-7-server-satellite-tools-6-beta-rpms",
    "type" => "yum",
    "vendor" => "Red Hat",
    "gpgUrl" => "file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta,file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release",
    "contentUrl" => "/content/beta/rhel/server/7/$basearch/sat-tools/6/os"
    }
    ]
    }
    [DEBUG 2015-07-22 13:51:17 API] Response headers: {
    :date => "Wed, 22 Jul 2015 17:51:17 GMT",
    :server => "Apache/2.4.6 (Red Hat Enterprise Linux)",
    :foreman_version => "1.7.2",
    :foreman_api_version => "2",
    :apipie_checksum => "f5be3b0ebc7dd0b408568ebd915897a9",
    :x_ua_compatible => "IE=Edge,chrome=1",
    :cache_control => "must-revalidate, private, max-age=0",
    :x_request_id => "f321f88a56f2ed61ef00ba6bdf69aed8",
    :x_runtime => "0.163159",
    :x_rack_cache => "miss",
    :x_powered_by => "Phusion Passenger 4.0.18",
    :set_cookie => [
    [0] "_session_id=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJWI1NTFjMGNiZjkwNTRjOGZlNTFkNzU1ODZhZWM2YzViBjsAVEkiC2xvY2FsZQY7AEYiB2Vu--a7d33e4f6662e0c64864a515ac0c8fcc9a720864; path=/; secure; HttpOnly"
    ],
    :etag => "\"e67e6d770582a7ec733d87946de97550\"",
    :status => "200 OK",
    :transfer_encoding => "chunked",
    :content_type => "application/json; charset=utf-8"
    }
    [ INFO 2015-07-22 13:51:17 API] PUT /katello/api/products/132/repository_sets/4380/enable
    [DEBUG 2015-07-22 13:51:17 API] Params: {
    "basearch" => "x86_64",
    "releasever" => "borked"
    }
    [DEBUG 2015-07-22 13:51:17 API] Headers: {}
    [DEBUG 2015-07-22 13:51:24 API] Response: {
    "id" => "80c7f165-8550-4c4e-b99f-6ac6d65f41b9",
    "label" => "Actions::Katello::RepositorySet::EnableRepository",
    "pending" => false,
    "username" => "admin",
    "started_at" => "2015-07-22T17:51:18Z",
    "ended_at" => "2015-07-22T17:51:24Z",
    "state" => "stopped",
    "result" => "success",
    "progress" => 1.0,
    "input" => {
    "services_checked" => [
    [0] "pulp",
    [1] "pulp_auth",
    [2] "candlepin",
    [3] "candlepin_auth",
    [4] "elasticsearch"
    ],
    "repository" => {
    "id" => 5,
    "name" => "Red Hat Satellite Tools 6 Beta for RHEL 7 Server RPMs x86_64 borked",
    "label" => "Red_Hat_Satellite_Tools_6_Beta_for_RHEL_7_Server_RPMs_x86_64_borked"
    },
    "product" => {
    "id" => 132,
    "name" => "Red Hat Enterprise Linux Server",
    "label" => "Red_Hat_Enterprise_Linux_Server",
    "cp_id" => "69"
    },
    "provider" => {
    "id" => 2,
    "name" => "Red Hat"
    },
    "organization" => {
    "id" => 1,
    "name" => "Default Organization",
    "label" => "Default_Organization"
    },
    "locale" => "en"
    },
    "output" => {},
    "humanized" => {
    "action" => "Enable",
    "input" => [
    [0] [
    [0] "repository",
    [1] {
    "text" => "repository 'Red Hat Satellite Tools 6 Beta for RHEL 7 Server RPMs x86_64 borked'",
    "link" => nil
    }
    ],
    [1] [
    [0] "product",
    [1] {
    "text" => "product 'Red Hat Enterprise Linux Server'",
    "link" => "#/products/132/info"
    }
    ],
    [2] [
    [0] "organization",
    [1] {
    "text" => "organization 'Default Organization'",
    "link" => "/organizations/1/edit"
    }
    ]
    ],
    "output" => "",
    "errors" => []
    },
    "cli_example" => nil
    }
    [DEBUG 2015-07-22 13:51:24 API] Response headers: {
    :date => "Wed, 22 Jul 2015 17:51:17 GMT",
    :server => "Apache/2.4.6 (Red Hat Enterprise Linux)",
    :foreman_version => "1.7.2",
    :foreman_api_version => "2",
    :apipie_checksum => "f5be3b0ebc7dd0b408568ebd915897a9",
    :x_ua_compatible => "IE=Edge,chrome=1",
    :cache_control => "no-cache",
    :x_request_id => "bfc466de50b1df8b046204fd78c074d8",
    :x_runtime => "7.168946",
    :x_rack_cache => "invalidate, pass",
    :x_powered_by => "Phusion Passenger 4.0.18",
    :set_cookie => [
    [0] "_session_id=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJWMzMTFjM2QxZmIxODc1ZTZmM2E4M2VlMzg2OWQ3MGYwBjsAVEkiC2xvY2FsZQY7AEYiB2Vu--3bcd1a23b37fc1db9f1eb1de4e488ce16d792030; path=/; secure; HttpOnly"
    ],
    :status => "202 Accepted",
    :transfer_encoding => "chunked",
    :content_type => "application/json; charset=utf-8"
    }
    Repository enabled

Version-Release number of selected component (if applicable):

  • Satellite 6.1.1 SNAP 14

How reproducible:

Steps to Reproduce:
1. Import a valid Red Hat manifest
2. Run the hammer command mentioned above
3.

Actual results:

The repository is created for --releasever="borked"

Expected results:

The repository should not be created

Additional info:

Actions
Copy link
 #1

Updated by The Foreman Bot almost 9 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/Katello/katello/pull/5371 added
  • Pull request deleted ()
Actions
Copy link
 #2

Updated by Partha Aji almost 9 years ago

  • Assignee set to Partha Aji
Actions
Copy link
 #3

Updated by Partha Aji over 8 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100
Actions
Copy link
 #4

Updated by Eric Helms over 8 years ago

  • translation missing: en.field_release set to 70
  • Triaged changed from No to Yes
Actions
Copy link

Also available in: Atom PDF