Actions
Bug #11203
closed
hammer allows me to enable reposets with incorrect release versions
Difficulty:
Triaged:
Yes
Bugzilla link:
Pull request:
Description
Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1245776
Description of problem:
Seems that the hammer command for enabling reposets performs no validation for the releasever field. Therefore, I can basically pass arbitrary values to it and the repository will be created:
- hammer -u admin -p changeme repository-set enable --name="Red Hat Satellite Tools 6 Beta (for RHEL 7 Server) (RPMs)" --basearch="x86_64" --product "Red Hat Enterprise Linux Server" --organization="Default Organization" --releasever="7.3"
Repository enabledHere's another example (with more details) of using --releasever="borked"
- hammer -u admin -p changeme -v -d repository-set enable --name="Red Hat Satellite Tools 6 Beta (for RHEL 7 Server) (RPMs)" --basearch="x86_64" --product "Red Hat Enterprise Linux Server" --organization="Default Organization" --releasever="borked"
[ INFO 2015-07-22 13:51:15 Init] Initialization of Hammer CLI (0.1.4.11) has started...
[DEBUG 2015-07-22 13:51:15 Init] Running at ruby 2.0.0-p598
[ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli_config.yml has been loaded
[ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli.modules.d/foreman.yml has been loaded
[ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli.modules.d/foreman_bootdisk.yml has been loaded
[ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli.modules.d/foreman_discovery.yml has been loaded
[ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli.modules.d/foreman_docker.yml has been loaded
[ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli.modules.d/gutterball.yml has been loaded
[ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli.modules.d/import.yml has been loaded
[ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli.modules.d/katello.yml has been loaded
[DEBUG 2015-07-22 13:51:16 Connection] Registered: foreman
[DEBUG 2015-07-22 13:51:16 API] Global headers: {
:content_type => "application/json",
:accept => "application/json;version=2",
"Accept-Language" => "en"
}
[ INFO 2015-07-22 13:51:16 Modules] Extension module hammer_cli_foreman (0.1.4.14) loaded
[ INFO 2015-07-22 13:51:16 Modules] Extension module hammer_cli_foreman_bootdisk (0.1.2.7) loaded
[ INFO 2015-07-22 13:51:16 Modules] Extension module hammer_cli_foreman_discovery (0.0.1.10) loaded
[ INFO 2015-07-22 13:51:16 HammerCLI::MainCommand] subcommand organization (HammerCLIForeman::Organization) was removed.
[ INFO 2015-07-22 13:51:16 HammerCLI::MainCommand] subcommand organization (HammerCLIKatello::Organization) was created.
[ INFO 2015-07-22 13:51:16 Modules] Extension module hammer_cli_gutterball (0.0.1.3) loaded
[ INFO 2015-07-22 13:51:16 Modules] Extension module hammer_cli_import (0.10.19) loaded
[ INFO 2015-07-22 13:51:16 Modules] Extension module hammer_cli_katello (0.0.7.17) loaded
[DEBUG 2015-07-22 13:51:16 Init] Using locale 'en'
[DEBUG 2015-07-22 13:51:16 Init] 'mo' files for locale domain 'hammer-cli' loaded from '/usr/share/gems/gems/hammer_cli-0.1.4.11/locale'
[DEBUG 2015-07-22 13:51:16 Init] 'mo' files for locale domain 'hammer-cli@system' loaded from '/usr/share/locale'
[DEBUG 2015-07-22 13:51:16 Init] 'mo' files for locale domain 'hammer-cli-foreman' loaded from '/usr/share/gems/gems/hammer_cli_foreman-0.1.4.14/locale'
[DEBUG 2015-07-22 13:51:16 Init] 'mo' files for locale domain 'hammer-cli-foreman@system' loaded from '/usr/share/locale'
[DEBUG 2015-07-22 13:51:16 Init] 'mo' files for locale domain 'hammer_cli_foreman_docker' loaded from '/usr/share/gems/gems/hammer_cli_foreman_docker-0.0.3.9/locale'
[DEBUG 2015-07-22 13:51:16 Init] 'mo' files for locale domain 'hammer-cli-katello' loaded from '/usr/share/gems/gems/hammer_cli_katello-0.0.7.17/locale'
[ INFO 2015-07-22 13:51:16 HammerCLI::MainCommand] Called with options: {"option_verbose"=>true, "option_debug"=>true, "option_username"=>"admin", "option_password"=>"***"}
[ INFO 2015-07-22 13:51:16 HammerCLIKatello::RepositorySetCommand] Called with options: {}
[ INFO 2015-07-22 13:51:16 HammerCLIKatello::RepositorySetCommand::EnableCommand] Called with options: {"option_name"=>"Red Hat Satellite Tools 6 Beta (for RHEL 7 Server) (RPMs)", "option_product_name"=>"Red Hat Enterprise Linux Server", "option_organization_name"=>"Default Organization", "option_basearch"=>"x86_64", "option_releasever"=>"borked"}
[ INFO 2015-07-22 13:51:16 API] GET /katello/api/organizations
[DEBUG 2015-07-22 13:51:16 API] Params: {
:search => "name = \"Default Organization\""
}
[DEBUG 2015-07-22 13:51:16 API] Headers: {
:params => {
:search => "name = \"Default Organization\""
}
}
[DEBUG 2015-07-22 13:51:16 API] Response: {
"total" => 2,
"subtotal" => 1,
"page" => 1,
"per_page" => 20,
"search" => "name = \"Default Organization\"",
"sort" => {
"by" => nil,
"order" => nil
},
"results" => [
[0] {
"id" => 1,
"name" => "Default Organization",
"title" => "Default Organization",
"label" => "Default_Organization",
"created_at" => "2015-07-22T17:39:25Z",
"updated_at" => "2015-07-22T17:39:29Z"
}
]
}
[DEBUG 2015-07-22 13:51:16 API] Response headers: {
:date => "Wed, 22 Jul 2015 17:51:16 GMT",
:server => "Apache/2.4.6 (Red Hat Enterprise Linux)",
:foreman_version => "1.7.2",
:foreman_api_version => "2",
:apipie_checksum => "f5be3b0ebc7dd0b408568ebd915897a9",
:x_ua_compatible => "IE=Edge,chrome=1",
:cache_control => "must-revalidate, private, max-age=0",
:x_request_id => "c9d37c583a394e77ff3e52190e896958",
:x_runtime => "0.237152",
:x_rack_cache => "miss",
:x_powered_by => "Phusion Passenger 4.0.18",
:set_cookie => [
[0] "_session_id=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJTg3ZjcyZjgzZGRiMDMyOTFlZDQ0NzY4MjJmZDdjMmNkBjsAVEkiC2xvY2FsZQY7AEYiB2Vu--2841784bb1f994e2c1f1e93f05d60c7703022dac; path=/; secure; HttpOnly"
],
:etag => "\"046d4ae9cc755f722b79cbebe11a9fe9\"",
:status => "200 OK",
:transfer_encoding => "chunked",
:content_type => "application/json; charset=utf-8"
}
[ INFO 2015-07-22 13:51:16 API] GET /katello/api/organizations/1/products
[DEBUG 2015-07-22 13:51:16 API] Params: {
"name" => "Red Hat Enterprise Linux Server"
}
[DEBUG 2015-07-22 13:51:16 API] Headers: {
:params => {
"name" => "Red Hat Enterprise Linux Server"
}
}
[DEBUG 2015-07-22 13:51:16 API] Response: {
"total" => 1,
"subtotal" => 1,
"page" => 1,
"per_page" => 20,
"search" => nil,
"sort" => {
"by" => nil,
"order" => nil
},
"results" => [
[0] {
"sync_state" => nil,
"last_sync" => nil,
"last_sync_words" => nil,
"organization" => {
"name" => "Default Organization",
"label" => "Default_Organization",
"id" => 1
},
"id" => 132,
"cp_id" => "69",
"name" => "Red Hat Enterprise Linux Server",
"label" => "Red_Hat_Enterprise_Linux_Server",
"description" => nil,
"provider_id" => 2,
"sync_plan_id" => nil,
"sync_status" => {
"state" => nil
},
"sync_summary" => {},
"gpg_key_id" => nil,
"redhat" => true,
"repository_count" => 0,
"" => nil
}
]
}
[DEBUG 2015-07-22 13:51:17 API] Response headers: {
:date => "Wed, 22 Jul 2015 17:51:16 GMT",
:server => "Apache/2.4.6 (Red Hat Enterprise Linux)",
:foreman_version => "1.7.2",
:foreman_api_version => "2",
:apipie_checksum => "f5be3b0ebc7dd0b408568ebd915897a9",
:x_ua_compatible => "IE=Edge,chrome=1",
:cache_control => "must-revalidate, private, max-age=0",
:x_request_id => "fff638672f6a731ad2e4cd357301f0ff",
:x_runtime => "0.135820",
:x_rack_cache => "miss",
:x_powered_by => "Phusion Passenger 4.0.18",
:set_cookie => [
[0] "_session_id=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJTM5MmViNTE0ZjI4Y2E1NzJjNWYwM2ExZTM5ZGJkYzU5BjsAVEkiC2xvY2FsZQY7AEYiB2Vu--ca1bf1eaf9d564202a9f39bfed93235c2447d7af; path=/; secure; HttpOnly"
],
:etag => "\"4b27b040858c93c1febd14f007fd00ed\"",
:status => "200 OK",
:transfer_encoding => "chunked",
:content_type => "application/json; charset=utf-8"
}
[ INFO 2015-07-22 13:51:17 API] GET /katello/api/organizations
[DEBUG 2015-07-22 13:51:17 API] Params: {
:search => "name = \"Default Organization\""
}
[DEBUG 2015-07-22 13:51:17 API] Headers: {
:params => {
:search => "name = \"Default Organization\""
}
}
[DEBUG 2015-07-22 13:51:17 API] Response: {
"total" => 2,
"subtotal" => 1,
"page" => 1,
"per_page" => 20,
"search" => "name = \"Default Organization\"",
"sort" => {
"by" => nil,
"order" => nil
},
"results" => [
[0] {
"id" => 1,
"name" => "Default Organization",
"title" => "Default Organization",
"label" => "Default_Organization",
"created_at" => "2015-07-22T17:39:25Z",
"updated_at" => "2015-07-22T17:39:29Z"
}
]
}
[DEBUG 2015-07-22 13:51:17 API] Response headers: {
:date => "Wed, 22 Jul 2015 17:51:17 GMT",
:server => "Apache/2.4.6 (Red Hat Enterprise Linux)",
:foreman_version => "1.7.2",
:foreman_api_version => "2",
:apipie_checksum => "f5be3b0ebc7dd0b408568ebd915897a9",
:x_ua_compatible => "IE=Edge,chrome=1",
:cache_control => "must-revalidate, private, max-age=0",
:x_request_id => "41b418037dccaec972af66264063f509",
:x_runtime => "0.052413",
:x_rack_cache => "miss",
:x_powered_by => "Phusion Passenger 4.0.18",
:set_cookie => [
[0] "_session_id=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJTNhYThlZmNiMGU0ZWI1ZTc3OGY2MWExMjI3NDlmMDI0BjsAVEkiC2xvY2FsZQY7AEYiB2Vu--dcbe92678894d249ff84b33921fdfe63ca0d8fb1; path=/; secure; HttpOnly"
],
:etag => "\"046d4ae9cc755f722b79cbebe11a9fe9\"",
:status => "200 OK",
:transfer_encoding => "chunked",
:content_type => "application/json; charset=utf-8"
}
[ INFO 2015-07-22 13:51:17 API] GET /katello/api/organizations/1/products
[DEBUG 2015-07-22 13:51:17 API] Params: {
"name" => "Red Hat Enterprise Linux Server"
}
[DEBUG 2015-07-22 13:51:17 API] Headers: {
:params => {
"name" => "Red Hat Enterprise Linux Server"
}
}
[DEBUG 2015-07-22 13:51:17 API] Response: {
"total" => 1,
"subtotal" => 1,
"page" => 1,
"per_page" => 20,
"search" => nil,
"sort" => {
"by" => nil,
"order" => nil
},
"results" => [
[0] {
"sync_state" => nil,
"last_sync" => nil,
"last_sync_words" => nil,
"organization" => {
"name" => "Default Organization",
"label" => "Default_Organization",
"id" => 1
},
"id" => 132,
"cp_id" => "69",
"name" => "Red Hat Enterprise Linux Server",
"label" => "Red_Hat_Enterprise_Linux_Server",
"description" => nil,
"provider_id" => 2,
"sync_plan_id" => nil,
"sync_status" => {
"state" => nil
},
"sync_summary" => {},
"gpg_key_id" => nil,
"redhat" => true,
"repository_count" => 0,
"" => nil
}
]
}
[DEBUG 2015-07-22 13:51:17 API] Response headers: {
:date => "Wed, 22 Jul 2015 17:51:17 GMT",
:server => "Apache/2.4.6 (Red Hat Enterprise Linux)",
:foreman_version => "1.7.2",
:foreman_api_version => "2",
:apipie_checksum => "f5be3b0ebc7dd0b408568ebd915897a9",
:x_ua_compatible => "IE=Edge,chrome=1",
:cache_control => "must-revalidate, private, max-age=0",
:x_request_id => "f6c1ebfd0f43b1467d96c0fe2546a901",
:x_runtime => "0.297025",
:x_rack_cache => "miss",
:x_powered_by => "Phusion Passenger 4.0.18",
:set_cookie => [
[0] "_session_id=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJWZjOGVlM2M0MmZiNzQ1OWFlYjQ0OTk5YWZiMzViN2I5BjsAVEkiC2xvY2FsZQY7AEYiB2Vu--26b3e48491da6b3a612c765629a8f0665298a634; path=/; secure; HttpOnly"
],
:etag => "\"4b27b040858c93c1febd14f007fd00ed\"",
:status => "200 OK",
:transfer_encoding => "chunked",
:content_type => "application/json; charset=utf-8"
}
[ INFO 2015-07-22 13:51:17 API] GET /katello/api/products/132/repository_sets
[DEBUG 2015-07-22 13:51:17 API] Params: {
"name" => "Red Hat Satellite Tools 6 Beta (for RHEL 7 Server) (RPMs)"
}
[DEBUG 2015-07-22 13:51:17 API] Headers: {
:params => {
"name" => "Red Hat Satellite Tools 6 Beta (for RHEL 7 Server) (RPMs)"
}
}
[DEBUG 2015-07-22 13:51:17 API] Response: {
"total" => 1,
"subtotal" => 1,
"page" => nil,
"per_page" => nil,
"search" => nil,
"sort" => {
"by" => nil,
"order" => nil
},
"results" => [
[0] {
"repositories" => [],
"id" => "4380",
"name" => "Red Hat Satellite Tools 6 Beta (for RHEL 7 Server) (RPMs)",
"label" => "rhel-7-server-satellite-tools-6-beta-rpms",
"type" => "yum",
"vendor" => "Red Hat",
"gpgUrl" => "file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta,file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release",
"contentUrl" => "/content/beta/rhel/server/7/$basearch/sat-tools/6/os"
}
]
}
[DEBUG 2015-07-22 13:51:17 API] Response headers: {
:date => "Wed, 22 Jul 2015 17:51:17 GMT",
:server => "Apache/2.4.6 (Red Hat Enterprise Linux)",
:foreman_version => "1.7.2",
:foreman_api_version => "2",
:apipie_checksum => "f5be3b0ebc7dd0b408568ebd915897a9",
:x_ua_compatible => "IE=Edge,chrome=1",
:cache_control => "must-revalidate, private, max-age=0",
:x_request_id => "f321f88a56f2ed61ef00ba6bdf69aed8",
:x_runtime => "0.163159",
:x_rack_cache => "miss",
:x_powered_by => "Phusion Passenger 4.0.18",
:set_cookie => [
[0] "_session_id=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJWI1NTFjMGNiZjkwNTRjOGZlNTFkNzU1ODZhZWM2YzViBjsAVEkiC2xvY2FsZQY7AEYiB2Vu--a7d33e4f6662e0c64864a515ac0c8fcc9a720864; path=/; secure; HttpOnly"
],
:etag => "\"e67e6d770582a7ec733d87946de97550\"",
:status => "200 OK",
:transfer_encoding => "chunked",
:content_type => "application/json; charset=utf-8"
}
[ INFO 2015-07-22 13:51:17 API] PUT /katello/api/products/132/repository_sets/4380/enable
[DEBUG 2015-07-22 13:51:17 API] Params: {
"basearch" => "x86_64",
"releasever" => "borked"
}
[DEBUG 2015-07-22 13:51:17 API] Headers: {}
[DEBUG 2015-07-22 13:51:24 API] Response: {
"id" => "80c7f165-8550-4c4e-b99f-6ac6d65f41b9",
"label" => "Actions::Katello::RepositorySet::EnableRepository",
"pending" => false,
"username" => "admin",
"started_at" => "2015-07-22T17:51:18Z",
"ended_at" => "2015-07-22T17:51:24Z",
"state" => "stopped",
"result" => "success",
"progress" => 1.0,
"input" => {
"services_checked" => [
[0] "pulp",
[1] "pulp_auth",
[2] "candlepin",
[3] "candlepin_auth",
[4] "elasticsearch"
],
"repository" => {
"id" => 5,
"name" => "Red Hat Satellite Tools 6 Beta for RHEL 7 Server RPMs x86_64 borked",
"label" => "Red_Hat_Satellite_Tools_6_Beta_for_RHEL_7_Server_RPMs_x86_64_borked"
},
"product" => {
"id" => 132,
"name" => "Red Hat Enterprise Linux Server",
"label" => "Red_Hat_Enterprise_Linux_Server",
"cp_id" => "69"
},
"provider" => {
"id" => 2,
"name" => "Red Hat"
},
"organization" => {
"id" => 1,
"name" => "Default Organization",
"label" => "Default_Organization"
},
"locale" => "en"
},
"output" => {},
"humanized" => {
"action" => "Enable",
"input" => [
[0] [
[0] "repository",
[1] {
"text" => "repository 'Red Hat Satellite Tools 6 Beta for RHEL 7 Server RPMs x86_64 borked'",
"link" => nil
}
],
[1] [
[0] "product",
[1] {
"text" => "product 'Red Hat Enterprise Linux Server'",
"link" => "#/products/132/info"
}
],
[2] [
[0] "organization",
[1] {
"text" => "organization 'Default Organization'",
"link" => "/organizations/1/edit"
}
]
],
"output" => "",
"errors" => []
},
"cli_example" => nil
}
[DEBUG 2015-07-22 13:51:24 API] Response headers: {
:date => "Wed, 22 Jul 2015 17:51:17 GMT",
:server => "Apache/2.4.6 (Red Hat Enterprise Linux)",
:foreman_version => "1.7.2",
:foreman_api_version => "2",
:apipie_checksum => "f5be3b0ebc7dd0b408568ebd915897a9",
:x_ua_compatible => "IE=Edge,chrome=1",
:cache_control => "no-cache",
:x_request_id => "bfc466de50b1df8b046204fd78c074d8",
:x_runtime => "7.168946",
:x_rack_cache => "invalidate, pass",
:x_powered_by => "Phusion Passenger 4.0.18",
:set_cookie => [
[0] "_session_id=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJWMzMTFjM2QxZmIxODc1ZTZmM2E4M2VlMzg2OWQ3MGYwBjsAVEkiC2xvY2FsZQY7AEYiB2Vu--3bcd1a23b37fc1db9f1eb1de4e488ce16d792030; path=/; secure; HttpOnly"
],
:status => "202 Accepted",
:transfer_encoding => "chunked",
:content_type => "application/json; charset=utf-8"
}
Repository enabled
Version-Release number of selected component (if applicable):
- Satellite 6.1.1 SNAP 14
How reproducible:
Steps to Reproduce:
1. Import a valid Red Hat manifest
2. Run the hammer command mentioned above
3.
Actual results:
The repository is created for --releasever="borked"
Expected results:
The repository should not be created
Additional info:
Updated by The Foreman Bot over 9 years ago
- Status changed from New to Ready For Testing
- Pull request https://github.com/Katello/katello/pull/5371 added
- Pull request deleted (
)
Updated by Partha Aji over 9 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset katello|807954247725729fecf978fa0b324d708b7c9baf.
Updated by Eric Helms over 9 years ago
- Translation missing: en.field_release set to 70
- Triaged changed from No to Yes
Actions