Plugins » Katello

This community post uncovered this issue: https://community.theforeman.org/t/installable-errata-suddenly-shows-up-in-hosts-content-view-but-not-installable-via-content-view/28787/13

Basically, Katello will exclude an erratum from a CVV repo if the erratum is incomplete. That exclusion will not occur if the Library source repo doesn't hold the missing RPMs. That is expected. However, this becomes an issue in the case of Rocky Linux with filters (and maybe even RHEL 8, but I couldn't find an example). RLSA-2021:3666 in Rocky Linux 8 exists in both AppStream and BaseOS. However, the c-ares RPMs don't exist in AppStream, only BaseOS. So when the CV copy code gets to copying content for AppStream, even if c-ares is excluded, the erratum will be included. This isn't necessarily an issue, however, it means that the erratum will show up as installable if it is also applicable. That's the bug. Granted, this scenario might be caused by Rocky Linux doing weird things with its errata, but we can't always assume errata will be treated perfectly.

This is reproducible with the Zoo repo with the following steps:
1) Sync Zoo (https://jlsherrill.fedorapeople.org/fake-repos/needed-errata/)
2) Register a content host and install walrus-0.71
3) Delete all walrus packages from the repo
4) Create a content view with Zoo and publish
5) Switch the content host to use your new Zoo content view
6) See that the RHEA-2012:0055 is marked as installable, but you cannot install it.

So, I think the best way to fix the bug will be to update the installable errata query to cover the Zoo case here. We could consider filtering out these errata from the CVs instead, but that's more bug-prone and we need to be more careful about filtering out errata. Missing errata could mean missing security patches.