salt/add-support-for-gpgautoimport-539.patch
Alexander Graul 2686359b2c Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
- Update to Salt release version 3006.0 (jsc#PED-3139)
  * See release notes: https://docs.saltproject.io/en/latest/topics/releases/3006.0.html
- Add python3-looseversion as new dependency for salt
- Add python3-packaging as new dependency for salt
- Drop conflictive patch dicarded from upstream
- Fix SLS rendering error when Jinja macros are used
- Fix version detection and avoid building and testing failures
- Added:
  * fix-version-detection-and-avoid-building-and-testing.patch
  * make-sure-the-file-client-is-destroyed-upon-used.patch
- Modified:
  * 3005.1-implement-zypper-removeptf-573.patch
  * activate-all-beacons-sources-config-pillar-grains.patch
  * add-custom-suse-capabilities-as-grains.patch
  * add-environment-variable-to-know-if-yum-is-invoked-f.patch
  * add-migrated-state-and-gpg-key-management-functions-.patch
  * add-publish_batch-to-clearfuncs-exposed-methods.patch
  * add-salt-ssh-support-with-venv-salt-minion-3004-493.patch
  * add-sleep-on-exception-handling-on-minion-connection.patch
  * add-standalone-configuration-file-for-enabling-packa.patch
  * add-support-for-gpgautoimport-539.patch
  * allow-vendor-change-option-with-zypper.patch
  * async-batch-implementation.patch
  * avoid-excessive-syslogging-by-watchdog-cronjob-58.patch
  * bsc-1176024-fix-file-directory-user-and-group-owners.patch
  * change-the-delimeters-to-prevent-possible-tracebacks.patch
  * control-the-collection-of-lvm-grains-via-config.patch
  * debian-info_installed-compatibility-50453.patch
  * dnfnotify-pkgset-plugin-implementation-3002.2-450.patch
  * do-not-load-pip-state-if-there-is-no-3rd-party-depen.patch
  * don-t-use-shell-sbin-nologin-in-requisites.patch
  * drop-serial-from-event.unpack-in-cli.batch_async.patch
  * early-feature-support-config.patch
  * enable-passing-a-unix_socket-for-mysql-returners-bsc.patch
  * enhance-openscap-module-add-xccdf_eval-call-386.patch
  * fix-bsc-1065792.patch
  * fix-for-suse-expanded-support-detection.patch
  * fix-issue-2068-test.patch
  * fix-missing-minion-returns-in-batch-mode-360.patch
  * fix-ownership-of-salt-thin-directory-when-using-the-.patch
  * fix-regression-with-depending-client.ssh-on-psutil-b.patch
  * fix-salt-ssh-opts-poisoning-bsc-1197637-3004-501.patch
  * fix-salt.utils.stringutils.to_str-calls-to-make-it-w.patch
  * fix-the-regression-for-yumnotify-plugin-456.patch
  * fix-traceback.print_exc-calls-for-test_pip_state-432.patch
  * fixes-for-python-3.10-502.patch
  * include-aliases-in-the-fqdns-grains.patch
  * info_installed-works-without-status-attr-now.patch
  * let-salt-ssh-use-platform-python-binary-in-rhel8-191.patch
  * make-aptpkg.list_repos-compatible-on-enabled-disable.patch
  * make-setup.py-script-to-not-require-setuptools-9.1.patch
  * pass-the-context-to-pillar-ext-modules.patch
  * prevent-affection-of-ssh.opts-with-lazyloader-bsc-11.patch
  * prevent-pkg-plugins-errors-on-missing-cookie-path-bs.patch
  * prevent-shell-injection-via-pre_flight_script_args-4.patch
  * read-repo-info-without-using-interpolation-bsc-11356.patch
  * restore-default-behaviour-of-pkg-list-return.patch
  * return-the-expected-powerpc-os-arch-bsc-1117995.patch
  * revert-fixing-a-use-case-when-multiple-inotify-beaco.patch
  * run-salt-api-as-user-salt-bsc-1064520.patch
  * run-salt-master-as-dedicated-salt-user.patch
  * save-log-to-logfile-with-docker.build.patch
  * skip-package-names-without-colon-bsc-1208691-578.patch
  * switch-firewalld-state-to-use-change_interface.patch
  * temporary-fix-extend-the-whitelist-of-allowed-comman.patch
  * update-target-fix-for-salt-ssh-to-process-targets-li.patch
  * use-adler32-algorithm-to-compute-string-checksums.patch
  * use-rlock-to-avoid-deadlocks-in-salt-ssh.patch
  * use-salt-bundle-in-dockermod.patch
  * x509-fixes-111.patch
  * zypperpkg-ignore-retcode-104-for-search-bsc-1176697-.patch
- Removed:
  * add-amazon-ec2-detection-for-virtual-grains-bsc-1195.patch
  * add-support-for-name-pkgs-and-diff_attr-parameters-t.patch
  * align-amazon-ec2-nitro-grains-with-upstream-pr-bsc-1.patch
  * allow-entrypoint-compatibility-for-importlib-metadat.patch
  * clarify-pkg.installed-pkg_verify-documentation.patch
  * detect-module.run-syntax.patch
  * fix-salt.states.file.managed-for-follow_symlinks-tru.patch
  * fix-state.apply-in-test-mode-with-file-state-module-.patch
  * fix-test_ipc-unit-tests.patch
  * fixes-pkg.version_cmp-on-openeuler-systems-and-a-few.patch
  * fopen-workaround-bad-buffering-for-binary-mode-563.patch
  * ignore-erros-on-reading-license-files-with-dpkg_lowp.patch
  * ignore-extend-declarations-from-excluded-sls-files.patch
  * ignore-non-utf8-characters-while-reading-files-with-.patch
  * include-stdout-in-error-message-for-zypperpkg-559.patch
  * make-pass-renderer-configurable-other-fixes-532.patch
  * make-sure-saltcacheloader-use-correct-fileclient-519.patch
  * normalize-package-names-once-with-pkg.installed-remo.patch
  * retry-if-rpm-lock-is-temporarily-unavailable-547.patch
  * set-default-target-for-pip-from-venv_pip_target-envi.patch
  * state.apply-don-t-check-for-cached-pillar-errors.patch
  * state.orchestrate_single-does-not-pass-pillar-none-4.patch

OBS-URL: https://build.opensuse.org/request/show/1084999
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=210
2023-05-05 09:15:58 +00:00

370 lines
13 KiB
Diff

From 2e103365c50fe42a72de3e9d57c3fdbee47454aa Mon Sep 17 00:00:00 2001
From: Michael Calmer <mc@suse.de>
Date: Fri, 8 Jul 2022 10:15:37 +0200
Subject: [PATCH] add support for gpgautoimport (#539)
* add support for gpgautoimport to refresh_db in the zypperpkg module
* call refresh_db function from mod_repo
* call refresh_db with kwargs where possible
* ignore no repos defined exit code
* fix zypperpkg test after adding more success return codes
---
salt/modules/zypperpkg.py | 47 +++++++---
tests/unit/modules/test_zypperpkg.py | 124 +++++++++++++++++++++++----
2 files changed, 140 insertions(+), 31 deletions(-)
diff --git a/salt/modules/zypperpkg.py b/salt/modules/zypperpkg.py
index 318c871b37..051f8f72c7 100644
--- a/salt/modules/zypperpkg.py
+++ b/salt/modules/zypperpkg.py
@@ -623,7 +623,7 @@ def list_upgrades(refresh=True, root=None, **kwargs):
salt '*' pkg.list_upgrades
"""
if refresh:
- refresh_db(root)
+ refresh_db(root, **kwargs)
ret = dict()
cmd = ["list-updates"]
@@ -737,7 +737,7 @@ def info_available(*names, **kwargs):
# Refresh db before extracting the latest package
if kwargs.get("refresh", True):
- refresh_db(root)
+ refresh_db(root, **kwargs)
pkg_info = []
batch = names[:]
@@ -1439,7 +1439,6 @@ def mod_repo(repo, **kwargs):
cmd_opt.append(kwargs.get("name"))
if kwargs.get("gpgautoimport") is True:
- global_cmd_opt.append("--gpg-auto-import-keys")
call_refresh = True
if cmd_opt:
@@ -1451,8 +1450,8 @@ def mod_repo(repo, **kwargs):
# when used with "zypper ar --refresh" or "zypper mr --refresh"
# --gpg-auto-import-keys is not doing anything
# so we need to specifically refresh here with --gpg-auto-import-keys
- refresh_opts = global_cmd_opt + ["refresh"] + [repo]
- __zypper__(root=root).xml.call(*refresh_opts)
+ kwargs.update({"repos": repo})
+ refresh_db(root=root, **kwargs)
elif not added and not cmd_opt:
comment = "Specified arguments did not result in modification of repo"
@@ -1463,7 +1462,7 @@ def mod_repo(repo, **kwargs):
return repo
-def refresh_db(force=None, root=None):
+def refresh_db(force=None, root=None, **kwargs):
"""
Trigger a repository refresh by calling ``zypper refresh``. Refresh will run
with ``--force`` if the "force=True" flag is passed on the CLI or
@@ -1474,6 +1473,17 @@ def refresh_db(force=None, root=None):
{'<database name>': Bool}
+ gpgautoimport : False
+ If set to True, automatically trust and import public GPG key for
+ the repository.
+
+ .. versionadded:: 3005
+
+ repos
+ Refresh just the specified repos
+
+ .. versionadded:: 3005
+
root
operate on a different root directory.
@@ -1494,11 +1504,22 @@ def refresh_db(force=None, root=None):
salt.utils.pkg.clear_rtag(__opts__)
ret = {}
refresh_opts = ["refresh"]
+ global_opts = []
if force is None:
force = __pillar__.get("zypper", {}).get("refreshdb_force", True)
if force:
refresh_opts.append("--force")
- out = __zypper__(root=root).refreshable.call(*refresh_opts)
+ repos = kwargs.get("repos", [])
+ refresh_opts.extend([repos] if not isinstance(repos, list) else repos)
+
+ if kwargs.get("gpgautoimport", False):
+ global_opts.append("--gpg-auto-import-keys")
+
+ # We do the actual call to zypper refresh.
+ # We ignore retcode 6 which is returned when there are no repositories defined.
+ out = __zypper__(root=root).refreshable.call(
+ *global_opts, *refresh_opts, success_retcodes=[0, 6]
+ )
for line in out.splitlines():
if not line:
@@ -1683,7 +1704,7 @@ def install(
'arch': '<new-arch>'}}}
"""
if refresh:
- refresh_db(root)
+ refresh_db(root, **kwargs)
try:
pkg_params, pkg_type = __salt__["pkg_resource.parse_targets"](
@@ -1980,7 +2001,7 @@ def upgrade(
cmd_update.insert(0, "--no-gpg-checks")
if refresh:
- refresh_db(root)
+ refresh_db(root, **kwargs)
if dryrun:
cmd_update.append("--dry-run")
@@ -2808,7 +2829,7 @@ def search(criteria, refresh=False, **kwargs):
root = kwargs.get("root", None)
if refresh:
- refresh_db(root)
+ refresh_db(root, **kwargs)
cmd = ["search"]
if kwargs.get("match") == "exact":
@@ -2959,7 +2980,7 @@ def download(*packages, **kwargs):
refresh = kwargs.get("refresh", False)
if refresh:
- refresh_db(root)
+ refresh_db(root, **kwargs)
pkg_ret = {}
for dld_result in (
@@ -3111,7 +3132,7 @@ def list_patches(refresh=False, root=None, **kwargs):
salt '*' pkg.list_patches
"""
if refresh:
- refresh_db(root)
+ refresh_db(root, **kwargs)
return _get_patches(root=root)
@@ -3205,7 +3226,7 @@ def resolve_capabilities(pkgs, refresh=False, root=None, **kwargs):
salt '*' pkg.resolve_capabilities resolve_capabilities=True w3m_ssl
"""
if refresh:
- refresh_db(root)
+ refresh_db(root, **kwargs)
ret = list()
for pkg in pkgs:
diff --git a/tests/unit/modules/test_zypperpkg.py b/tests/unit/modules/test_zypperpkg.py
index e85c93da3b..f5b6d74b6f 100644
--- a/tests/unit/modules/test_zypperpkg.py
+++ b/tests/unit/modules/test_zypperpkg.py
@@ -377,7 +377,12 @@ class ZypperTestCase(TestCase, LoaderModuleMockMixin):
run_out = {"stderr": "", "stdout": "\n".join(ref_out), "retcode": 0}
zypper_mock = MagicMock(return_value=run_out)
- call_kwargs = {"output_loglevel": "trace", "python_shell": False, "env": {}}
+ call_kwargs = {
+ "output_loglevel": "trace",
+ "python_shell": False,
+ "env": {},
+ "success_retcodes": [0, 6],
+ }
with patch.dict(zypper.__salt__, {"cmd.run_all": zypper_mock}):
with patch.object(salt.utils.pkg, "clear_rtag", Mock()):
result = zypper.refresh_db()
@@ -395,6 +400,73 @@ class ZypperTestCase(TestCase, LoaderModuleMockMixin):
zypper_mock.assert_called_with(
["zypper", "--non-interactive", "refresh", "--force"], **call_kwargs
)
+ zypper.refresh_db(gpgautoimport=True)
+ zypper_mock.assert_called_with(
+ [
+ "zypper",
+ "--non-interactive",
+ "--gpg-auto-import-keys",
+ "refresh",
+ "--force",
+ ],
+ **call_kwargs
+ )
+ zypper.refresh_db(gpgautoimport=True, force=True)
+ zypper_mock.assert_called_with(
+ [
+ "zypper",
+ "--non-interactive",
+ "--gpg-auto-import-keys",
+ "refresh",
+ "--force",
+ ],
+ **call_kwargs
+ )
+ zypper.refresh_db(gpgautoimport=True, force=False)
+ zypper_mock.assert_called_with(
+ [
+ "zypper",
+ "--non-interactive",
+ "--gpg-auto-import-keys",
+ "refresh",
+ ],
+ **call_kwargs
+ )
+ zypper.refresh_db(
+ gpgautoimport=True,
+ refresh=True,
+ repos="mock-repo-name",
+ root=None,
+ url="http://repo.url/some/path",
+ )
+ zypper_mock.assert_called_with(
+ [
+ "zypper",
+ "--non-interactive",
+ "--gpg-auto-import-keys",
+ "refresh",
+ "--force",
+ "mock-repo-name",
+ ],
+ **call_kwargs
+ )
+ zypper.refresh_db(
+ gpgautoimport=True,
+ repos="mock-repo-name",
+ root=None,
+ url="http://repo.url/some/path",
+ )
+ zypper_mock.assert_called_with(
+ [
+ "zypper",
+ "--non-interactive",
+ "--gpg-auto-import-keys",
+ "refresh",
+ "--force",
+ "mock-repo-name",
+ ],
+ **call_kwargs
+ )
def test_info_installed(self):
"""
@@ -2082,18 +2154,23 @@ Repository 'DUMMY' not found by its alias, number, or URI.
url = self.new_repo_config["url"]
name = self.new_repo_config["name"]
- with zypper_patcher:
+ with zypper_patcher, patch.object(zypper, "refresh_db", Mock()) as refreshmock:
zypper.mod_repo(name, **{"url": url, "gpgautoimport": True})
self.assertEqual(
zypper.__zypper__(root=None).xml.call.call_args_list,
[
call("ar", url, name),
- call("--gpg-auto-import-keys", "refresh", name),
],
)
self.assertTrue(
zypper.__zypper__(root=None).refreshable.xml.call.call_count == 0
)
+ refreshmock.assert_called_once_with(
+ gpgautoimport=True,
+ repos=name,
+ root=None,
+ url="http://repo.url/some/path",
+ )
def test_repo_noadd_nomod_ref(self):
"""
@@ -2112,15 +2189,17 @@ Repository 'DUMMY' not found by its alias, number, or URI.
"salt.modules.zypperpkg", **self.zypper_patcher_config
)
- with zypper_patcher:
+ with zypper_patcher, patch.object(zypper, "refresh_db", Mock()) as refreshmock:
zypper.mod_repo(name, **{"url": url, "gpgautoimport": True})
- self.assertEqual(
- zypper.__zypper__(root=None).xml.call.call_args_list,
- [call("--gpg-auto-import-keys", "refresh", name)],
- )
self.assertTrue(
zypper.__zypper__(root=None).refreshable.xml.call.call_count == 0
)
+ refreshmock.assert_called_once_with(
+ gpgautoimport=True,
+ repos=name,
+ root=None,
+ url="http://repo.url/some/path",
+ )
def test_repo_add_mod_ref(self):
"""
@@ -2133,10 +2212,10 @@ Repository 'DUMMY' not found by its alias, number, or URI.
zypper_patcher = patch.multiple(
"salt.modules.zypperpkg", **self.zypper_patcher_config
)
-
url = self.new_repo_config["url"]
name = self.new_repo_config["name"]
- with zypper_patcher:
+
+ with zypper_patcher, patch.object(zypper, "refresh_db", Mock()) as refreshmock:
zypper.mod_repo(
name, **{"url": url, "refresh": True, "gpgautoimport": True}
)
@@ -2144,11 +2223,17 @@ Repository 'DUMMY' not found by its alias, number, or URI.
zypper.__zypper__(root=None).xml.call.call_args_list,
[
call("ar", url, name),
- call("--gpg-auto-import-keys", "refresh", name),
],
)
zypper.__zypper__(root=None).refreshable.xml.call.assert_called_once_with(
- "--gpg-auto-import-keys", "mr", "--refresh", name
+ "mr", "--refresh", name
+ )
+ refreshmock.assert_called_once_with(
+ gpgautoimport=True,
+ refresh=True,
+ repos=name,
+ root=None,
+ url="http://repo.url/some/path",
)
def test_repo_noadd_mod_ref(self):
@@ -2168,16 +2253,19 @@ Repository 'DUMMY' not found by its alias, number, or URI.
"salt.modules.zypperpkg", **self.zypper_patcher_config
)
- with zypper_patcher:
+ with zypper_patcher, patch.object(zypper, "refresh_db", Mock()) as refreshmock:
zypper.mod_repo(
name, **{"url": url, "refresh": True, "gpgautoimport": True}
)
- self.assertEqual(
- zypper.__zypper__(root=None).xml.call.call_args_list,
- [call("--gpg-auto-import-keys", "refresh", name)],
- )
zypper.__zypper__(root=None).refreshable.xml.call.assert_called_once_with(
- "--gpg-auto-import-keys", "mr", "--refresh", name
+ "mr", "--refresh", name
+ )
+ refreshmock.assert_called_once_with(
+ gpgautoimport=True,
+ refresh=True,
+ repos=name,
+ root=None,
+ url="http://repo.url/some/path",
)
def test_wildcard_to_query_match_all(self):
--
2.39.2