Fixes #37515 - Drop Host Vulnerabilities report

Fixes #36547 - Fix parsing of Ubuntu version in fact parsers

Refs #37224 - Force all Hosts to have a comment

The previous implementation of the update had two issues:
1) It only operated on ::Host::Managed
2) It silently failed if the host was invalid for any other reason

Fixes 4c7f36edf

Fixes #37224 - Force Hosts to have a comment

To prevent the nil > empty string transition we would either have to:
check the incoming changes and discard the unwanted ones
- ignore these transitions when creating audits
- just force hosts to always have a comment...

Fixes #37167 - Subscription entitlement report template

Refs #36849 - Fix Ruby 3 kwargs handling

• Add system purpose role and usage to subscriptions entitlement report

fixes #36160 - Redefine append domain names setting

This PR aims to unify the format of host names stored in the database and the way they are displayed.
With this change, the name of the host is always going to be stored with the domain name appended.
The setting formerly named `append_domain_name_for_hosts` is now renamed to `display_fqdn_for_hosts`...

Fixes #36759 - only call allowed transpilers

CVE-2022-3874: OS command injection via ct_command and fcct_command

Instead of allowing to call any command by changing a setting, only
allow specific paths to ct/fcct. If the user needs a different path,
they can set it via settings.yaml.

• ...and fix comment typos

Fixes #29939 - drop category column from settings

Settings table was holding category column to support old style of
settings, but it is now ready to be decomissioned as plugins were given
enough time.

Fixes #35642 - update the message in the new UI to display the host's creator

Add `creator_id` property to the Host model to save the user who created each host.
This property is used in the new host details UI to display the user who created the host.

Fixes #35696 - add bios info to reported data facet

Fixes #35621 - Make power status a selectable column

Fixes #35619 - Add kernel_version to reported data facet for new host UI

Fixes #35347 - purge old trends and foreman_docker references during upgrade (#9343)

Fixes #35359 - Add cacert to http proxy (#9348)

This PR adds a cacert column to the http proxy and uses to this for
connecting to ec2 and other compute resources. This would also be used
by katello/other plugins when communicating to the CDN over a https...

Fixes #35132 - Make audits host detection regex more strict

Fixes #4007 - updating users email to be optional (#9279)

Fixes #34305 - stop creating settings in DB (#9050)

With the setting DSL, we hold all the necessary values for settings in the memory.
We can now stop creating records for the settings in the database.

Refs #33672 - remove unnecessary timestamps from taxable_taxonomies table

Fixes #34396 - job report tweaks

This change adds few enhancements to the existing Job report. The report
is used with REX plugin, which has a button "Create Report" in job
detail page. Clicking that button takes user to the render report form
and fills in the job id input....

Fixes #33672 - drop unnecessary timestamps

Fixes #34661 - Registration migration with nil template

Fix for the issue in registration migration,
when template might not exist while migrating the db.

See https://github.com/theforeman/foreman/pull/8256#discussion_r824099694

Fixes #34409 - rename existing CentOS OSes to CentOS_Stream

Signed-off-by: Lukas Zapletal <lzap+git@redhat.com>

Fixes #34236 - Drop require_ssl_smart_proxies setting

This defaults to true and setting it to false can create security
problems. Mandating client SSL certificates creates a more secure
environment.

Previously when require_ssl_smart_proxies was false, reverse DNS was...

Refs #33909 - Reset User column information

While migrations shouldn't rely on any users existing in the DB, there
are some that currently do. If they try to use User.find_by_lower_login
they will currently error out since the method won't be defined yet.

Refs #33909 - Squash imap column conversion

Refs #33909 - Remove useless User lookup

There is no need to lookup the admin user and use it to update the
http proxy fields.

Refs #33909 - Delete empty migrations

New installs will not run these empty migrations, and old installs will
only list that they have been executed when checking the `rake
db:migrate:status` with no file, which is harmless.

Fixes #33909 - Drop data migrations before Foreman 2.0

All data migrations only modify data on upgrades. On new installs they
are not required. Since we do not generally support upgrading multiple
releases, we can clean up old data migrations. This commit cleans up all...

Fixes #33906 - Drop fix_db_cache setting

This setting was introduced when the current permissions model was
introduced in Foreman 1.7 to allow recreating the user permissions cache
after the migration from the previous model. The setting has no other
uses....

Fixes #33607 - use setting DSL for Puppet category

Fixes #33601 - use setting DSL for Provisioning category

Fixes #33596 - use setting DSL for Notification category

Fixes #33595 - use setting DSL for Email category

Fixes #33589 - use setting DSL for Authentication category

Fixes #32328 - Infrastructure roles

Introduces things needed to assign infrastructure roles to hosts.

A host can now have an infrastructure facet, which can be used to mark a
host as foreman instance by setting a flag on the facet. The facet can
also be used to establish a relationship between the host and a smart...

Refs #31060 - Move environment cleanup to rake task

Fixes #31060 - drop Environments migrations

Drops all migrations related to environments.
Removes all the relations to the environments.
Adds a migration to drop environments from Hostgroup and Host.

Extracted in https://github.com/theforeman/foreman_puppet_enc/pull/41.

Fixes #33541 - drop puppetclass migrations

Removes all migrations related to Puppetclass.

Added in plugin https://github.com/theforeman/foreman_puppet/pull/195

Fixes #31096 - remove config group migrations

These migrations had been added to the plugin foreman_puppet_enc.
Details of addition https://github.com/theforeman/foreman_puppet_enc/pull/13

Fixes #31732 - drop env from TemplateCombination migration

Drop environment relation from TemplateCombination migrations.

Fixes #32893 - use setting DSL for General category

This uses our new DSL to define the General settings, this showcases how
to use the new DSL and other categories should follow in the same
release.

Fixes #33387 - Remove view_tasks permission

This permission was present since the permission model was implemented
in acfbc45886c4 but wasn't really used anywhere. Foreman tasks uses a
different `view_foreman_tasks` permission.

Refs #31059 - drop environments Host extensions

Removes uses of environment from Host

Fixes #31095 - Remove config groups model

Added to the plugin in https://github.com/theforeman/foreman_puppet_enc/pull/12

Fixes #31235 - drop Puppetclass models

Drops Puppetclass models and their usage.
Extracted in https://github.com/theforeman/foreman_puppet_enc/pull/81
Tests extracted in:
- hostgroup - https://github.com/theforeman/foreman_puppet_enc/pull/85

Fixes #31732 - drop environment in TemplateCombination model

Extract Environment from TemplateCombination matrix as temporary solutin.
This should probably get dropped if favor of some better solution like direct set on hostgroup.

Though this will need to be reflected in foreman_puppet_enc plugin....

Fixes #31014 - Drop PuppetLookupKey model

Drops unused model PuppetLookupKey.
Extracted in
- theforeman/foreman_puppet_enc#5
- https://github.com/theforeman/foreman_puppet_enc/pull/42 (test)

Fixes #32959 - Unassign OS in registration migration

Operating systems cannot be assigned to registration templates,
so the migration file should also remove these associations.

Fixes #32753 - Remote code execution through Sendmail

CVE-2021-3584: Sendmail location and arguments, available via Administer
- Settings, both accept arbitrary strings and pass them into shell.
By default, only Foreman super administrator can access settings....

Fixes #30394 - allow non-admins deal with untaxed filters

Prior this non-admin user would have to have assigned Role without
taxonomies (global role) to be able to manipulate filters.
This allows manipulating Filters to any User with Filter perms.

Filters with taxonomies mean they apply to taxonomy. But given they have...

Fixes #30387 - Remove `view_bookmarks` permission

Users should always be able to see public bookmarks and their own
bookmarks, a permission is not needed for this case.

Fixes #32166 - Merging Ignored Interfaces to Excluded Facts (#8560)

Improve the description of the settings to make it clear which should be applied to what use case.

Fixes #32673 - deduplicate records prior uniq index

In 84cb565af244f56029471700bb313d46c45e5fcf we've introduced unique
index in database, because there is a way in Rails to bypass uniqueness
validation, if the records are being introduced at the same time....

Fixes #32657 - Prevent duplicate templates

In certain race conditions when two seeds are executed at the same time,
some templates may be seeded twice. Since there is a unique name
validation in AR on templates, this renders such templates uneditable,
and in case they need updating during seeding, it also prevents the seed...

Fixes #31132 - Downcase MAC addresses

Fixes #30862 - introduce SettingRegistry (#8002)

SettingRegistry keeps all the setting information as set of SettingPresenters in memory.
This registry should be the public API for accessing setting values and keeps all the information about settings.
That will allow dropping all information except `name` and `value` from database....

Fixes #32170 - Adding total_disk_size to host facets

This PR introduced new parameter to hosts facets. Parameter is a total
disk size that is included in Discovery plugin at own. However that
means that we have to maintain a two "facets like" codes at one time...

Fixes #32242 - Drop db_pending_migration setting

This setting was used in the past by the installer to determine whether
or not the database needs to be migrated, but that is no longer the
case.

Fixes #30779 - Implement ActionDispatch::RemoteIp (#7960)

The ActionDispatch::RemoteIp middleware can provide the remote IP
correctly as a property of the request object. This looks at
X-Forwarded-For headers while stripping out reverse proxies and falls...

Fixes #31663 - Registration templates usability issues (#8256)

- New template kind 'Host initial configuration' for
host configuration after the registration.
- Registration templates (like 'Global Registration')
cannot be assigned to operating system...

Fixes #31637 - nilify http proxy credentials

Recently a HTTP form password field changed and is disabled unless user
explicitly sets the password. From the HTML forms nature, if user does
not specify any value in the text field, server receives the value as an...

Fixes #31551 - remove ovirt_use_v4 from oVirt CR attributes

Fixes #31147 - extend StatusCalculator to use 64 bits

Fixes #31258 - Don't fail migration if setting is hardcoded

If the puppetrun setting has been hardcoded in settings.yaml, it will be
marked as readonly causing the migration attempting to delete it to
fail. Since settings have no associations and we don't need callbacks to...

Fixes #30820 - drop digest and use hash index instead

Fixes #30535 - Use HTTP headers in puma

Fixes #29710 - Clean up .where conditions

Using methods such as `none`, `not`, `or`, or `all`, we can simplify
some `.where` calls in ways that weren't possible in some very old rails
versions.

Fixes #30847 - rebuild taxonomy_search (#7995)

As of 72209166fa58d3c5bc2b3629d98696edf7bd7250 there is more effective way to build a taxonomy_scope.
For all filters to benefit from that, we need to save the existing ones.

Fixes #30556 - Get an accurate err for invalid hosts in report (#7897)

Fixes #29993 - Drop Puppetrun

Fixes #28357 - BMC Subnet-Proxy association

Refs #30098 - Drop trends models

Fixes #30244 - prevent Filter empty search_condition

when inherited taxonomy search is empty, it would save search_condition as empty string instead of `nil`, we need to nilify in such case.

Fixes #30207 - isolate LookupKeysControllerTest

Refs #30098 - drop trends import

Fixes #30247 - do not delete VMs by default

We've seen multiple users deleting their VMs when they deleted host in
Foreman. That still seems to be very unexpected especially in case of
unmanaged hosts. It's safer to keep the VM and delete it only if users...

Refs #30127 - drop setting enable_orchestration_on_fact_import

Fixes #28116 - introduce CentOS mirror (8.x) inst. media

fixes #26925 - support host registration

Fixes #29714 - Drop puppetclass_id column from Lookup_keys

Fixes #29761 - correct config status chart layout

`host-configuration-chart` class was used for both the widget and the
chart iteslf, causing the title to be displayed with incorrect margins.
Since widget classes are saved to the database, a migration was added to...

Fixes #28850 - Make users disableable

Fixes #28618 - rename smart vars settings to smart class params

Fixes #29377 - rename report templates

Co-authored-by: Ondřej Ezr <ezrik12@gmail.com>

Fixes #29284 - Drop Rackspace support

Fixes #28598,#28597 - remove VariableLookupKey model, tests

Refs #28539 - smart variables migration direction

Fixes #28539 - Drop smart variables from DB

Fixes #29520 - use Arel where needed to wrap SQL

Fixes #29452 - fk migrations cleanup

Fixes #29464 - plain inputs can be hidden

Some inputs can be sensitive. Users typing such values would prefer to
have the value hidden in the form. The sensitive information can be a
password, private key or general multiline text. Therefore we aren't
limitting the input to type=password, but use text area with hiding...

Fixes #29386 - fix setting_type for oidc_audience

Fixes #27067 - Patch for External IPAM plugin implementation

Fixes #29349 - Fix Layout/SpaceInsideArrayLiteralBrackets cop

Fixes #19896 - Fix Style/RedundantSelf cop

Fixes #28363 - Drop lookup key matcher length limit

Fixes #28568 - Drop smart variable permissions