Project

General

Profile

Bug #11203

hammer allows me to enable reposets with incorrect release versions

Added by Partha Aji almost 4 years ago. Updated about 1 year ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Hammer
Target version:
Difficulty:
Triaged:
Yes
Bugzilla link:
Team Backlog:
Fixed in Releases:
Found in Releases:

Description

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1245776
Description of problem:

Seems that the hammer command for enabling reposets performs no validation for the releasever field. Therefore, I can basically pass arbitrary values to it and the repository will be created:

  1. hammer -u admin -p changeme repository-set enable --name="Red Hat Satellite Tools 6 Beta (for RHEL 7 Server) (RPMs)" --basearch="x86_64" --product "Red Hat Enterprise Linux Server" --organization="Default Organization" --releasever="7.3"
Repository enabled

Here's another example (with more details) of using --releasever="borked"

  1. hammer -u admin -p changeme -v -d repository-set enable --name="Red Hat Satellite Tools 6 Beta (for RHEL 7 Server) (RPMs)" --basearch="x86_64" --product "Red Hat Enterprise Linux Server" --organization="Default Organization" --releasever="borked"
    [ INFO 2015-07-22 13:51:15 Init] Initialization of Hammer CLI (0.1.4.11) has started...
    [DEBUG 2015-07-22 13:51:15 Init] Running at ruby 2.0.0-p598
    [ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli_config.yml has been loaded
    [ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli.modules.d/foreman.yml has been loaded
    [ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli.modules.d/foreman_bootdisk.yml has been loaded
    [ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli.modules.d/foreman_discovery.yml has been loaded
    [ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli.modules.d/foreman_docker.yml has been loaded
    [ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli.modules.d/gutterball.yml has been loaded
    [ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli.modules.d/import.yml has been loaded
    [ INFO 2015-07-22 13:51:15 Init] Configuration from the file /etc/hammer/cli.modules.d/katello.yml has been loaded
    [DEBUG 2015-07-22 13:51:16 Connection] Registered: foreman
    [DEBUG 2015-07-22 13:51:16 API] Global headers: {
    :content_type => "application/json",
    :accept => "application/json;version=2",
    "Accept-Language" => "en"
    }
    [ INFO 2015-07-22 13:51:16 Modules] Extension module hammer_cli_foreman (0.1.4.14) loaded
    [ INFO 2015-07-22 13:51:16 Modules] Extension module hammer_cli_foreman_bootdisk (0.1.2.7) loaded
    [ INFO 2015-07-22 13:51:16 Modules] Extension module hammer_cli_foreman_discovery (0.0.1.10) loaded
    [ INFO 2015-07-22 13:51:16 HammerCLI::MainCommand] subcommand organization (HammerCLIForeman::Organization) was removed.
    [ INFO 2015-07-22 13:51:16 HammerCLI::MainCommand] subcommand organization (HammerCLIKatello::Organization) was created.
    [ INFO 2015-07-22 13:51:16 Modules] Extension module hammer_cli_gutterball (0.0.1.3) loaded
    [ INFO 2015-07-22 13:51:16 Modules] Extension module hammer_cli_import (0.10.19) loaded
    [ INFO 2015-07-22 13:51:16 Modules] Extension module hammer_cli_katello (0.0.7.17) loaded
    [DEBUG 2015-07-22 13:51:16 Init] Using locale 'en'
    [DEBUG 2015-07-22 13:51:16 Init] 'mo' files for locale domain 'hammer-cli' loaded from '/usr/share/gems/gems/hammer_cli-0.1.4.11/locale'
    [DEBUG 2015-07-22 13:51:16 Init] 'mo' files for locale domain 'hammer-cli@system' loaded from '/usr/share/locale'
    [DEBUG 2015-07-22 13:51:16 Init] 'mo' files for locale domain 'hammer-cli-foreman' loaded from '/usr/share/gems/gems/hammer_cli_foreman-0.1.4.14/locale'
    [DEBUG 2015-07-22 13:51:16 Init] 'mo' files for locale domain 'hammer-cli-foreman@system' loaded from '/usr/share/locale'
    [DEBUG 2015-07-22 13:51:16 Init] 'mo' files for locale domain 'hammer_cli_foreman_docker' loaded from '/usr/share/gems/gems/hammer_cli_foreman_docker-0.0.3.9/locale'
    [DEBUG 2015-07-22 13:51:16 Init] 'mo' files for locale domain 'hammer-cli-katello' loaded from '/usr/share/gems/gems/hammer_cli_katello-0.0.7.17/locale'
    [ INFO 2015-07-22 13:51:16 HammerCLI::MainCommand] Called with options: {"option_verbose"=>true, "option_debug"=>true, "option_username"=>"admin", "option_password"=>"***"}
    [ INFO 2015-07-22 13:51:16 HammerCLIKatello::RepositorySetCommand] Called with options: {}
    [ INFO 2015-07-22 13:51:16 HammerCLIKatello::RepositorySetCommand::EnableCommand] Called with options: {"option_name"=>"Red Hat Satellite Tools 6 Beta (for RHEL 7 Server) (RPMs)", "option_product_name"=>"Red Hat Enterprise Linux Server", "option_organization_name"=>"Default Organization", "option_basearch"=>"x86_64", "option_releasever"=>"borked"}
    [ INFO 2015-07-22 13:51:16 API] GET /katello/api/organizations
    [DEBUG 2015-07-22 13:51:16 API] Params: {
    :search => "name = \"Default Organization\""
    }
    [DEBUG 2015-07-22 13:51:16 API] Headers: {
    :params => {
    :search => "name = \"Default Organization\""
    }
    }
    [DEBUG 2015-07-22 13:51:16 API] Response: {
    "total" => 2,
    "subtotal" => 1,
    "page" => 1,
    "per_page" => 20,
    "search" => "name = \"Default Organization\"",
    "sort" => {
    "by" => nil,
    "order" => nil
    },
    "results" => [
    [0] {
    "id" => 1,
    "name" => "Default Organization",
    "title" => "Default Organization",
    "label" => "Default_Organization",
    "created_at" => "2015-07-22T17:39:25Z",
    "updated_at" => "2015-07-22T17:39:29Z"
    }
    ]
    }
    [DEBUG 2015-07-22 13:51:16 API] Response headers: {
    :date => "Wed, 22 Jul 2015 17:51:16 GMT",
    :server => "Apache/2.4.6 (Red Hat Enterprise Linux)",
    :foreman_version => "1.7.2",
    :foreman_api_version => "2",
    :apipie_checksum => "f5be3b0ebc7dd0b408568ebd915897a9",
    :x_ua_compatible => "IE=Edge,chrome=1",
    :cache_control => "must-revalidate, private, max-age=0",
    :x_request_id => "c9d37c583a394e77ff3e52190e896958",
    :x_runtime => "0.237152",
    :x_rack_cache => "miss",
    :x_powered_by => "Phusion Passenger 4.0.18",
    :set_cookie => [
    [0] "_session_id=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJTg3ZjcyZjgzZGRiMDMyOTFlZDQ0NzY4MjJmZDdjMmNkBjsAVEkiC2xvY2FsZQY7AEYiB2Vu--2841784bb1f994e2c1f1e93f05d60c7703022dac; path=/; secure; HttpOnly"
    ],
    :etag => "\"046d4ae9cc755f722b79cbebe11a9fe9\"",
    :status => "200 OK",
    :transfer_encoding => "chunked",
    :content_type => "application/json; charset=utf-8"
    }
    [ INFO 2015-07-22 13:51:16 API] GET /katello/api/organizations/1/products
    [DEBUG 2015-07-22 13:51:16 API] Params: {
    "name" => "Red Hat Enterprise Linux Server"
    }
    [DEBUG 2015-07-22 13:51:16 API] Headers: {
    :params => {
    "name" => "Red Hat Enterprise Linux Server"
    }
    }
    [DEBUG 2015-07-22 13:51:16 API] Response: {
    "total" => 1,
    "subtotal" => 1,
    "page" => 1,
    "per_page" => 20,
    "search" => nil,
    "sort" => {
    "by" => nil,
    "order" => nil
    },
    "results" => [
    [0] {
    "sync_state" => nil,
    "last_sync" => nil,
    "last_sync_words" => nil,
    "organization" => {
    "name" => "Default Organization",
    "label" => "Default_Organization",
    "id" => 1
    },
    "id" => 132,
    "cp_id" => "69",
    "name" => "Red Hat Enterprise Linux Server",
    "label" => "Red_Hat_Enterprise_Linux_Server",
    "description" => nil,
    "provider_id" => 2,
    "sync_plan_id" => nil,
    "sync_status" => {
    "state" => nil
    },
    "sync_summary" => {},
    "gpg_key_id" => nil,
    "redhat" => true,
    "repository_count" => 0,
    "" => nil
    }
    ]
    }
    [DEBUG 2015-07-22 13:51:17 API] Response headers: {
    :date => "Wed, 22 Jul 2015 17:51:16 GMT",
    :server => "Apache/2.4.6 (Red Hat Enterprise Linux)",
    :foreman_version => "1.7.2",
    :foreman_api_version => "2",
    :apipie_checksum => "f5be3b0ebc7dd0b408568ebd915897a9",
    :x_ua_compatible => "IE=Edge,chrome=1",
    :cache_control => "must-revalidate, private, max-age=0",
    :x_request_id => "fff638672f6a731ad2e4cd357301f0ff",
    :x_runtime => "0.135820",
    :x_rack_cache => "miss",
    :x_powered_by => "Phusion Passenger 4.0.18",
    :set_cookie => [
    [0] "_session_id=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJTM5MmViNTE0ZjI4Y2E1NzJjNWYwM2ExZTM5ZGJkYzU5BjsAVEkiC2xvY2FsZQY7AEYiB2Vu--ca1bf1eaf9d564202a9f39bfed93235c2447d7af; path=/; secure; HttpOnly"
    ],
    :etag => "\"4b27b040858c93c1febd14f007fd00ed\"",
    :status => "200 OK",
    :transfer_encoding => "chunked",
    :content_type => "application/json; charset=utf-8"
    }
    [ INFO 2015-07-22 13:51:17 API] GET /katello/api/organizations
    [DEBUG 2015-07-22 13:51:17 API] Params: {
    :search => "name = \"Default Organization\""
    }
    [DEBUG 2015-07-22 13:51:17 API] Headers: {
    :params => {
    :search => "name = \"Default Organization\""
    }
    }
    [DEBUG 2015-07-22 13:51:17 API] Response: {
    "total" => 2,
    "subtotal" => 1,
    "page" => 1,
    "per_page" => 20,
    "search" => "name = \"Default Organization\"",
    "sort" => {
    "by" => nil,
    "order" => nil
    },
    "results" => [
    [0] {
    "id" => 1,
    "name" => "Default Organization",
    "title" => "Default Organization",
    "label" => "Default_Organization",
    "created_at" => "2015-07-22T17:39:25Z",
    "updated_at" => "2015-07-22T17:39:29Z"
    }
    ]
    }
    [DEBUG 2015-07-22 13:51:17 API] Response headers: {
    :date => "Wed, 22 Jul 2015 17:51:17 GMT",
    :server => "Apache/2.4.6 (Red Hat Enterprise Linux)",
    :foreman_version => "1.7.2",
    :foreman_api_version => "2",
    :apipie_checksum => "f5be3b0ebc7dd0b408568ebd915897a9",
    :x_ua_compatible => "IE=Edge,chrome=1",
    :cache_control => "must-revalidate, private, max-age=0",
    :x_request_id => "41b418037dccaec972af66264063f509",
    :x_runtime => "0.052413",
    :x_rack_cache => "miss",
    :x_powered_by => "Phusion Passenger 4.0.18",
    :set_cookie => [
    [0] "_session_id=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJTNhYThlZmNiMGU0ZWI1ZTc3OGY2MWExMjI3NDlmMDI0BjsAVEkiC2xvY2FsZQY7AEYiB2Vu--dcbe92678894d249ff84b33921fdfe63ca0d8fb1; path=/; secure; HttpOnly"
    ],
    :etag => "\"046d4ae9cc755f722b79cbebe11a9fe9\"",
    :status => "200 OK",
    :transfer_encoding => "chunked",
    :content_type => "application/json; charset=utf-8"
    }
    [ INFO 2015-07-22 13:51:17 API] GET /katello/api/organizations/1/products
    [DEBUG 2015-07-22 13:51:17 API] Params: {
    "name" => "Red Hat Enterprise Linux Server"
    }
    [DEBUG 2015-07-22 13:51:17 API] Headers: {
    :params => {
    "name" => "Red Hat Enterprise Linux Server"
    }
    }
    [DEBUG 2015-07-22 13:51:17 API] Response: {
    "total" => 1,
    "subtotal" => 1,
    "page" => 1,
    "per_page" => 20,
    "search" => nil,
    "sort" => {
    "by" => nil,
    "order" => nil
    },
    "results" => [
    [0] {
    "sync_state" => nil,
    "last_sync" => nil,
    "last_sync_words" => nil,
    "organization" => {
    "name" => "Default Organization",
    "label" => "Default_Organization",
    "id" => 1
    },
    "id" => 132,
    "cp_id" => "69",
    "name" => "Red Hat Enterprise Linux Server",
    "label" => "Red_Hat_Enterprise_Linux_Server",
    "description" => nil,
    "provider_id" => 2,
    "sync_plan_id" => nil,
    "sync_status" => {
    "state" => nil
    },
    "sync_summary" => {},
    "gpg_key_id" => nil,
    "redhat" => true,
    "repository_count" => 0,
    "" => nil
    }
    ]
    }
    [DEBUG 2015-07-22 13:51:17 API] Response headers: {
    :date => "Wed, 22 Jul 2015 17:51:17 GMT",
    :server => "Apache/2.4.6 (Red Hat Enterprise Linux)",
    :foreman_version => "1.7.2",
    :foreman_api_version => "2",
    :apipie_checksum => "f5be3b0ebc7dd0b408568ebd915897a9",
    :x_ua_compatible => "IE=Edge,chrome=1",
    :cache_control => "must-revalidate, private, max-age=0",
    :x_request_id => "f6c1ebfd0f43b1467d96c0fe2546a901",
    :x_runtime => "0.297025",
    :x_rack_cache => "miss",
    :x_powered_by => "Phusion Passenger 4.0.18",
    :set_cookie => [
    [0] "_session_id=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJWZjOGVlM2M0MmZiNzQ1OWFlYjQ0OTk5YWZiMzViN2I5BjsAVEkiC2xvY2FsZQY7AEYiB2Vu--26b3e48491da6b3a612c765629a8f0665298a634; path=/; secure; HttpOnly"
    ],
    :etag => "\"4b27b040858c93c1febd14f007fd00ed\"",
    :status => "200 OK",
    :transfer_encoding => "chunked",
    :content_type => "application/json; charset=utf-8"
    }
    [ INFO 2015-07-22 13:51:17 API] GET /katello/api/products/132/repository_sets
    [DEBUG 2015-07-22 13:51:17 API] Params: {
    "name" => "Red Hat Satellite Tools 6 Beta (for RHEL 7 Server) (RPMs)"
    }
    [DEBUG 2015-07-22 13:51:17 API] Headers: {
    :params => {
    "name" => "Red Hat Satellite Tools 6 Beta (for RHEL 7 Server) (RPMs)"
    }
    }
    [DEBUG 2015-07-22 13:51:17 API] Response: {
    "total" => 1,
    "subtotal" => 1,
    "page" => nil,
    "per_page" => nil,
    "search" => nil,
    "sort" => {
    "by" => nil,
    "order" => nil
    },
    "results" => [
    [0] {
    "repositories" => [],
    "id" => "4380",
    "name" => "Red Hat Satellite Tools 6 Beta (for RHEL 7 Server) (RPMs)",
    "label" => "rhel-7-server-satellite-tools-6-beta-rpms",
    "type" => "yum",
    "vendor" => "Red Hat",
    "gpgUrl" => "file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta,file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release",
    "contentUrl" => "/content/beta/rhel/server/7/$basearch/sat-tools/6/os"
    }
    ]
    }
    [DEBUG 2015-07-22 13:51:17 API] Response headers: {
    :date => "Wed, 22 Jul 2015 17:51:17 GMT",
    :server => "Apache/2.4.6 (Red Hat Enterprise Linux)",
    :foreman_version => "1.7.2",
    :foreman_api_version => "2",
    :apipie_checksum => "f5be3b0ebc7dd0b408568ebd915897a9",
    :x_ua_compatible => "IE=Edge,chrome=1",
    :cache_control => "must-revalidate, private, max-age=0",
    :x_request_id => "f321f88a56f2ed61ef00ba6bdf69aed8",
    :x_runtime => "0.163159",
    :x_rack_cache => "miss",
    :x_powered_by => "Phusion Passenger 4.0.18",
    :set_cookie => [
    [0] "_session_id=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJWI1NTFjMGNiZjkwNTRjOGZlNTFkNzU1ODZhZWM2YzViBjsAVEkiC2xvY2FsZQY7AEYiB2Vu--a7d33e4f6662e0c64864a515ac0c8fcc9a720864; path=/; secure; HttpOnly"
    ],
    :etag => "\"e67e6d770582a7ec733d87946de97550\"",
    :status => "200 OK",
    :transfer_encoding => "chunked",
    :content_type => "application/json; charset=utf-8"
    }
    [ INFO 2015-07-22 13:51:17 API] PUT /katello/api/products/132/repository_sets/4380/enable
    [DEBUG 2015-07-22 13:51:17 API] Params: {
    "basearch" => "x86_64",
    "releasever" => "borked"
    }
    [DEBUG 2015-07-22 13:51:17 API] Headers: {}
    [DEBUG 2015-07-22 13:51:24 API] Response: {
    "id" => "80c7f165-8550-4c4e-b99f-6ac6d65f41b9",
    "label" => "Actions::Katello::RepositorySet::EnableRepository",
    "pending" => false,
    "username" => "admin",
    "started_at" => "2015-07-22T17:51:18Z",
    "ended_at" => "2015-07-22T17:51:24Z",
    "state" => "stopped",
    "result" => "success",
    "progress" => 1.0,
    "input" => {
    "services_checked" => [
    [0] "pulp",
    [1] "pulp_auth",
    [2] "candlepin",
    [3] "candlepin_auth",
    [4] "elasticsearch"
    ],
    "repository" => {
    "id" => 5,
    "name" => "Red Hat Satellite Tools 6 Beta for RHEL 7 Server RPMs x86_64 borked",
    "label" => "Red_Hat_Satellite_Tools_6_Beta_for_RHEL_7_Server_RPMs_x86_64_borked"
    },
    "product" => {
    "id" => 132,
    "name" => "Red Hat Enterprise Linux Server",
    "label" => "Red_Hat_Enterprise_Linux_Server",
    "cp_id" => "69"
    },
    "provider" => {
    "id" => 2,
    "name" => "Red Hat"
    },
    "organization" => {
    "id" => 1,
    "name" => "Default Organization",
    "label" => "Default_Organization"
    },
    "locale" => "en"
    },
    "output" => {},
    "humanized" => {
    "action" => "Enable",
    "input" => [
    [0] [
    [0] "repository",
    [1] {
    "text" => "repository 'Red Hat Satellite Tools 6 Beta for RHEL 7 Server RPMs x86_64 borked'",
    "link" => nil
    }
    ],
    [1] [
    [0] "product",
    [1] {
    "text" => "product 'Red Hat Enterprise Linux Server'",
    "link" => "#/products/132/info"
    }
    ],
    [2] [
    [0] "organization",
    [1] {
    "text" => "organization 'Default Organization'",
    "link" => "/organizations/1/edit"
    }
    ]
    ],
    "output" => "",
    "errors" => []
    },
    "cli_example" => nil
    }
    [DEBUG 2015-07-22 13:51:24 API] Response headers: {
    :date => "Wed, 22 Jul 2015 17:51:17 GMT",
    :server => "Apache/2.4.6 (Red Hat Enterprise Linux)",
    :foreman_version => "1.7.2",
    :foreman_api_version => "2",
    :apipie_checksum => "f5be3b0ebc7dd0b408568ebd915897a9",
    :x_ua_compatible => "IE=Edge,chrome=1",
    :cache_control => "no-cache",
    :x_request_id => "bfc466de50b1df8b046204fd78c074d8",
    :x_runtime => "7.168946",
    :x_rack_cache => "invalidate, pass",
    :x_powered_by => "Phusion Passenger 4.0.18",
    :set_cookie => [
    [0] "_session_id=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJWMzMTFjM2QxZmIxODc1ZTZmM2E4M2VlMzg2OWQ3MGYwBjsAVEkiC2xvY2FsZQY7AEYiB2Vu--3bcd1a23b37fc1db9f1eb1de4e488ce16d792030; path=/; secure; HttpOnly"
    ],
    :status => "202 Accepted",
    :transfer_encoding => "chunked",
    :content_type => "application/json; charset=utf-8"
    }
    Repository enabled

Version-Release number of selected component (if applicable):

  • Satellite 6.1.1 SNAP 14

How reproducible:

Steps to Reproduce:
1. Import a valid Red Hat manifest
2. Run the hammer command mentioned above
3.

Actual results:

The repository is created for --releasever="borked"

Expected results:

The repository should not be created

Additional info:

Associated revisions

Revision 80795424 (diff)
Added by Partha Aji almost 4 years ago

Fixes #11203 - Spiffier rh repo enablement validation

Prior to this commit when a user ran command like
hammer repository-set enable --name="Red Hat
Satellite Tools 6 Beta (for RHEL 7 Server) (RPMs)" --basearch="x86_64"
--product "Red Hat Enterprise Linux Server" --organization="Default
Organization" --releasever="borked"

No error was being raised. This is because "Red Hat
Satellite Tools 6 Beta" did not use a release version in its content
url. So no red flags were being raised. This however caused a repo with
a bad name to get created . This broke the enablement code in the UI
causing a lot of pain.

This commit fixes this issue by complaining in clear terms to the user
that releasever is not an acceptable substitution and also prints the
url showing why its not acceptable

"""
["releasever"] cannot be specified for Red Hat Satellite Tools 6 Beta
(for RHEL 7 Server) (RPMs) as that information is not substituable in
/content/beta/rhel/server/7/$basearch/sat-tools/6/os
"""

Revision 13ee4b9b
Added by Partha Aji almost 4 years ago

Merge pull request #5371 from parthaa/enabler

Fixes #11203 - Spiffier rh repo enablement validation

History

#1 Updated by The Foreman Bot almost 4 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/Katello/katello/pull/5371 added
  • Pull request deleted ()

#2 Updated by Partha Aji almost 4 years ago

  • Assignee set to Partha Aji

#3 Updated by Partha Aji almost 4 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#4 Updated by Eric Helms almost 4 years ago

  • Legacy Backlogs Release (now unused) set to 70
  • Triaged changed from No to Yes

Also available in: Atom PDF