Activity
From 04/18/2021 to 05/17/2021
05/17/2021
- 11:00 PM Bug #12646: Isolated Reverse proxy exposes all of Katello/Foreman
- We have assessed this bug and there are a few considerations. The reverse proxy on the content proxy grants both UI a...
- 04:09 PM Feature #32610 (Ready For Testing): Drop Puppet 5 from version check
- 04:05 PM Feature #32610 (Closed): Drop Puppet 5 from version check
05/12/2021
- 02:12 PM Revision 20d51840 (puppet-foreman): Allow customising ProxyAddHeaders
- When the Apache instance configured by this module is not dealing with
user requests directly because there's another... - 11:39 AM Revision 5286eff3 (puppet-certs): Bump master to 12.1.0
- Enhancements have been merged and this reflects that. Not a release.
- 07:55 AM Revision 837af136 (puppet-katello): Verify in tests on contents that changed
- 07:55 AM Revision 07e0f0eb (puppet-katello): Drop unnecessary checks for EL7 vs EL8 in tests
- 01:59 AM Feature #32586 (Ready For Testing): The candlepin module should calculate the certificate subject from the Artemis client certificate
- 01:56 AM Feature #32586 (Ready For Testing): The candlepin module should calculate the certificate subject from the Artemis client certificate
- 01:31 AM Feature #32585 (Ready For Testing): Add a function to extract the certificate subject DN to determine artemis client DN programmatically
- 01:27 AM Feature #32585 (Closed): Add a function to extract the certificate subject DN to determine artemis client DN programmatically
05/11/2021
- 03:22 PM Revision f0ff2d6b (puppet-candlepin): Remove qpid test fixture
- f8ec9a28b92ed66f247bb1ad0a79fcc4e2803d70 remove Qpid functionality was
removed altogether. This also stops checking o... - 07:24 AM Revision 489658c0 (puppet-candlepin): Enable pki-core module in EL8 acceptance tests
- Works around https://github.com/theforeman/puppet-candlepin/issues/188
Install of tomcatjss fails on at least some EL... - 12:34 AM Revision 44df5304 (puppet-certs): Switch Foreman client certificates to root:foreman
05/10/2021
- 04:01 PM Bug #32532 (Closed): tuning runs without valid tuning level
- Applied in changeset commit:installer|de9619fc9cc5dd0a964f8533f559aa026aebb2a9.
- 03:15 PM Revision de9619fc (installer): Fixes #32532: Ensure a valid tuning option is supplied
- Adds a validator to the tuning option to ensure that what is supplied
on the command line is in fact one of the valid... - 01:01 PM Bug #32567 (Closed): If bootstrap RPM symlink is removed the installer does not repair it
- Applied in changeset commit:puppet-foreman_proxy_content|f495723f2fe633fda8138079a46dfe3023cc141c.
- 12:27 PM Revision f495723f (puppet-foreman_proxy_content): Fixes #32567: Ensure bootstrap RPM symlink exists
- Adds a separate existence check for the symlink to ensure it exists
and points at the latest RPM. This ensures that i... - 09:51 AM Revision 3a6be458 (puppet-foreman): Support setting the priority of the Yum repositories
- Fixes #949
05/08/2021
- 12:02 AM Bug #32567 (Ready For Testing): If bootstrap RPM symlink is removed the installer does not repair it
05/07/2021
- 03:52 PM Bug #32567 (Closed): If bootstrap RPM symlink is removed the installer does not repair it
- 01:01 PM Feature #32383 (Closed): Use Foreman client certificates to communicate with Pulp
- Applied in changeset commit:puppet-foreman_proxy_content|81d47ae10e8528ed46dbe79c6f9d0b6ddc84cdf3.
- 12:06 PM Revision 81d47ae1 (puppet-foreman_proxy_content): Fixes #32383: Set Pulp to expect Foreman host as the authenticating client
- This sets Apache to expect the client certificate to contain as the
common name the hostname of Foreman. This corresp...
05/06/2021
- 02:18 PM Bug #32553 (Ready For Testing): remove md5 from allowed content types for pulpcore
- 02:14 PM Bug #32553 (Closed): remove md5 from allowed content types for pulpcore
- 02:09 PM Bug #32552 (Ready For Testing): run pulpcore db migration before collectstatic
- 02:05 PM Bug #32552 (Rejected): run pulpcore db migration before collectstatic
- 12:14 PM Revision 7ca6ed80 (puppet-pulpcore): Bump version to 3.4.0
- This marks that the next version is at least 3.4.0 but not a release yet.
- 12:01 PM Bug #32529 (Closed): The installer does not update the katello-ca-consumer-latest symlink to the latest RPM once the bootstrap RPM's release is greater than 9.
- Applied in changeset commit:puppet-foreman_proxy_content|9b769afcde9fa08ff17fa41d6f302e6c2bdec097.
- 11:50 AM Revision 9b769afc (puppet-foreman_proxy_content): Fixes #32529: Find latest bootstrap RPM by sorting as integer
- The code that finds the maximum (latest) bootstrap RPM was doing
so via a lexical sort which resulted in incorrect or...
05/05/2021
- 08:56 PM Bug #32532 (Ready For Testing): tuning runs without valid tuning level
- 08:48 PM Bug #32532 (Closed): tuning runs without valid tuning level
- *Steps to Reproduce:*
1. # satellite-installer --tuning --help
2. # satellite-installer --tuning --something
3. # ... - 04:48 PM Bug #32529 (Ready For Testing): The installer does not update the katello-ca-consumer-latest symlink to the latest RPM once the bootstrap RPM's release is greater than 9.
- 04:43 PM Bug #32529 (Assigned): The installer does not update the katello-ca-consumer-latest symlink to the latest RPM once the bootstrap RPM's release is greater than 9.
- 04:43 PM Bug #32529 (Closed): The installer does not update the katello-ca-consumer-latest symlink to the latest RPM once the bootstrap RPM's release is greater than 9.
- 03:14 PM Revision bae95e15 (puppet-certs): Add acceptance tests for certs::qpid
- 02:16 AM Refactor #32512 (Closed): Add keystore puppet provider type to puppet-certs
05/04/2021
- 11:41 PM Refactor #32511 (Closed): Add puppet type to manage an nssdb
- 05:34 PM Tracker #32506 (Ready For Testing): Add puppet provider and types in puppet-certs
- 03:30 PM Tracker #32506 (Closed): Add puppet provider and types in puppet-certs
- 03:32 PM Refactor #32507 (Closed): Add Puppet type to manage nssdb certificates
- 03:29 PM Revision 91e12d9d (installer): bump version to 2.6-develop
- 12:02 PM Revision 72b465f7 (puppet-candlepin): Allow Puppet 7 compatible versions of mods
- 12:02 PM Revision 57af478d (puppet-certs): Allow Puppet 7 compatible versions of mods
- 12:02 PM Revision 0520a491 (puppet-foreman): Allow Puppet 7 compatible versions of mods
- 12:01 PM Revision 37c8d06b (puppet-foreman_proxy): Allow Puppet 7 compatible versions of mods
- 12:01 PM Revision 50902d7d (puppet-foreman_proxy_content): Allow Puppet 7 compatible versions of mods
- 12:01 PM Revision 55a79bf1 (puppet-katello): Allow Puppet 7 compatible versions of mods
05/03/2021
- 08:11 PM Revision cff3db16 (puppet-pulpcore): Allow Puppet 7 compatible versions of mods
- 08:11 PM Revision 4b42579c (puppet-puppetserver_foreman): Allow Puppet 7 compatible versions of mods
- 08:11 PM Revision 886088ec (puppet-qpid): Allow Puppet 7 compatible versions of mods
- 06:53 PM Revision 1101ab39 (puppet-pulpcore): Refs #32383: Configurable client certificate authentication to Pulp
- Allows a user supplied mapping of certificate CN to Pulp user name.
If this is present, set the REMOTE_USER to
a Pulp...
05/01/2021
- 04:13 AM Revision 5ddc1cce (puppet-foreman): Make database.yml and settings.yaml have consistent headers
- This brings the two files in sync with how they include the
_header.erb subtemplate.
04/30/2021
04/29/2021
- 03:29 PM Revision dd904078 (puppet-foreman_proxy_content): Include certs::foreman_proxy instead of declaring
- This allows inclusion prior to this module while achieving the same end
result. - 03:07 PM Revision 92eb55dd (puppet-foreman): Allow configuring the path to the GPG key for Yum repositories
- 03:07 PM Revision 691a8a06 (puppet-foreman): Support changing the base URL for Yum repositories
- 01:52 PM Revision 9686d75c (puppet-foreman_proxy): Support Ubuntu 20.04
- The most notable change is that Ubuntu 20.04 changes the tftp root from
/var/lib/tftpboot to /srv/tftp. This matches ... - 01:52 PM Revision f849d128 (puppet-foreman_proxy): Read the tftp root default from the TFTP module
- This uses the fact that the tftp module uses Hiera data in modules. This
allows lookup to work even if the class isn'... - 12:59 PM Revision 5a3e923e (puppet-tftp): Support Puppet 7
- 12:03 PM Revision 403d2d8d (puppet-foreman): Allow customising the list of HTTP headers to unset
- This patchset adds a new parameter to `foreman::config::apache` called
`request_headers_to_unset` containing a list o... - 11:52 AM Revision 8d4700a5 (puppet-katello): Remove unused Pulp Apache templates
- 11:48 AM Revision 934aa2ea (puppet-foreman_proxy_content): Use foreman::repo to configure repositories in acceptance
- This has the added benefit that SCL repositories are also configured if
needed. It can't use staging from koji, but u... - 09:51 AM Bug #32453 (New): Handle Ubuntu 20.04 tftp directory move
- In Ubuntu 20.04 the tftp directory was changed from /var/lib/tftpboot to /srv/tftp (matching Debian's default again)....
- 09:44 AM Revision 4cef7ea3 (puppet-tftp): Support Ubuntu 20.04
- The major change here is that Ubuntu 20.04 moves the default root from
/var/lib/tftpboot to /srv/tftp. That matches w... - 09:19 AM Revision d43fe083 (puppet-candlepin): Test enabled TLS versions in basic_candlepin_spec.rb
- 12:22 AM Revision 835da054 (puppet-foreman_proxy_content): Release 18.1.0
04/28/2021
- 06:01 PM Bug #32443 (Closed): support md5 checksums for pulpcore_allowed_content_checksums to better support upgrades
- Applied in changeset commit:puppet-foreman_proxy_content|07195e249214507d37d9f8b52dfdf86e3251b04d.
- 04:19 PM Bug #32443 (Ready For Testing): support md5 checksums for pulpcore_allowed_content_checksums to better support upgrades
- 02:42 PM Bug #32443 (Closed): support md5 checksums for pulpcore_allowed_content_checksums to better support upgrades
- md5 was supported by default in pulpcore 3.9 (4.0), but not in pulpcore 3.11 (4.1) as configured. We should continue...
- 05:07 PM Revision 4c54bbc6 (puppet-foreman_proxy_content): Improve clarity of content type feature param documentation strings
- 05:01 PM Revision 07195e24 (puppet-foreman_proxy_content): Fixes #32443 - Add support for md5 for ALLOWED_CONTENT_CHECKSUM
- 03:01 PM Bug #32442 (Closed): Use own packaging of ansible-runner on Debian
- Applied in changeset commit:puppet-foreman_proxy|a8794fe277c230e3f8e678ef823c049937cdf847.
- 02:14 PM Bug #32442 (Ready For Testing): Use own packaging of ansible-runner on Debian
- 02:13 PM Bug #32442 (Closed): Use own packaging of ansible-runner on Debian
- ansible-runner upstream used to provide Debian packages, and while the old repository is still available, it's not up...
- 02:29 PM Revision a8794fe2 (puppet-foreman_proxy): Fixes #32442 - use own ansible-runner packages on Debian
- ansible-runner upstream used to provide Debian packages, and while
the old repository is still available, it's not up... - 01:31 PM Revision fd2ba9e9 (puppet-foreman_proxy): Allow puppet-puppet < 16.0.0
- This should have been included in the 18.0.0 release
of this module.
04/27/2021
- 11:42 PM Feature #32383 (Ready For Testing): Use Foreman client certificates to communicate with Pulp
- 11:32 PM Revision 845004f9 (puppet-dns): Release 8.2.0
- 10:28 PM Revision a9bf4343 (puppet-katello): Release 20.0.0
- 10:28 PM Revision 5e7519f9 (puppet-foreman_proxy_content): Release 18.0.0
- 10:05 PM Revision 7db621fa (puppet-foreman_proxy): Release 18.0.0
- 10:03 PM Revision 5a98d7bc (puppet-foreman): Release 17.0.0
- 07:19 PM Revision d741efe6 (puppet-puppet): Release 15.0.0
- 12:28 AM Revision 785296b3 (puppet-certs): Release 12.0.0
04/26/2021
- 08:41 PM Revision af405542 (puppet-foreman_proxy): Support Puppet 7
- 07:39 PM Revision fa6a208f (puppet-katello): Allow puppet-certs < 13.0.0 (#408)
- 06:52 PM Revision 63e50981 (puppet-foreman_proxy_content): Allow puppet-certs < 13.0.0
- 06:32 PM Revision 09dca7b0 (puppet-puppetserver_foreman): Release 1.0.0
- 06:29 PM Revision d8372605 (puppet-foreman_proxy): Refs #31893 - correct default value
- 06:01 PM Bug #32401 (Closed): foreman-proxy-certs-generate output includes removed parameter --foreman-proxy-content-parent-fqdn
- Applied in changeset commit:installer|01773ed6238d96bc6108943362fa06eda084d5b4.
- 05:54 PM Revision 01773ed6 (installer): Fixes #32401: Fix drop of --foreman-proxy-content-parent-fqdn parameter
- 05:01 PM Feature #31893 (Closed): smart_proxy_ansible should use theforeman.foreman.foreman instead of foreman in callback_whitelist
- Applied in changeset commit:puppet-foreman_proxy|d0246464af4275dd6cfa32ec79549ec370c3eb0d.
- 04:54 PM Revision d0246464 (puppet-foreman_proxy): Fixes #31893 - make theforeman.foreman.foreman default callback on RH
- 04:08 PM Revision a16cde52 (puppet-candlepin): Release 11.3.0
- 04:08 PM Revision 9074ba6d (puppet-certs): Refs #31574: Compare SHA256 fingerprints when checking truststore
- The default on some operating systems such as EL7 is to print the
SHA1 fingerprint of a certificate. The java trustst... - 10:57 AM Revision 6770a642 (puppet-git): Release 6.3.0
- 09:34 AM Revision ba98d069 (puppet-foreman_proxy_content): Refs #32338 - Move content array param to params.pp
- Kafo bug #31565 means we can't use arrays as defaults in the file
itself. It ends up being interpreted as a long stri...
04/22/2021
- 09:01 PM Feature #32274 (Closed): Update default Apache ciphers to current Mozilla intermediate profile
- Applied in changeset commit:installer|d762ed7c7ab9d9c8be0739e3fd025ea2a067cefb.
- 09:01 PM Feature #32160 (Closed): Enable pulp_ansible plugin for pulpcore on nightlies with installer
- Applied in changeset commit:puppet-katello|4c2faafa8bee1106ef4e3c477e1efddeba86b9cd.
- 08:44 PM Bug #32401 (Ready For Testing): foreman-proxy-certs-generate output includes removed parameter --foreman-proxy-content-parent-fqdn
- 08:44 PM Bug #32401 (Closed): foreman-proxy-certs-generate output includes removed parameter --foreman-proxy-content-parent-fqdn
- 08:40 PM Revision d762ed7c (installer): Fixes #32274 - Update default Apache ciphers
- This takes the Mozilla intermediate SSL profile with EL7 software
versions. - 08:40 PM Revision b29a4537 (installer): Refs #32160 - alias param for ansible_collection support
- 08:39 PM Revision 447cff81 (puppet-foreman_proxy_content): Fixes #32160 - enable ansible content
- 08:39 PM Revision 4c2faafa (puppet-katello): Fixes #32160 - enable ansible collection content
- 05:01 PM Feature #32338 (Closed): support ALLOWED_CONTENT_CHECKSUMS option with pulpcore
- Applied in changeset commit:puppet-foreman_proxy_content|85bcb81d7313c95114544a1b1967adb70c7ffa31.
- 04:15 PM Revision 85bcb81d (puppet-foreman_proxy_content): Fixes #32338 - expose pulpcore allowed_content_checksums
- 12:55 PM Revision 44db0d7c (puppet-dns): Support Puppet 7
- 12:18 PM Revision 52a05e46 (puppet-candlepin): Manage the candlepin::group
- 12:48 AM Refactor #32384 (New): Drop dedicated candlepin_events certificate settings in katello.yaml
- 12:36 AM Feature #32383 (Closed): Use Foreman client certificates to communicate with Pulp
- Find a way to use the Foreman client certificates to communicate with Pulp rather than generating special purpose cer...
- 12:28 AM Tracker #32381 (Ready For Testing): Communication with services from Foreman application should use a single set of client certificates
- 12:23 AM Tracker #32381 (Closed): Communication with services from Foreman application should use a single set of client certificates
- 12:26 AM Feature #32382 (Closed): Use Foreman client certificates for communication with Artemis broker in Candlepin
04/21/2021
- 05:35 PM Bug #32330 (Resolved): Remove passenger from katello-devel module
- 05:01 PM Bug #31574 (Closed): The Artemis client certificate is not updated in truststore if it changes
- Applied in changeset commit:puppet-certs|de946a474eb951419cc2c5ff62ada9956c7242a8.
- 04:04 PM Revision de946a47 (puppet-certs): Fixes #31574: Ensure truststore certificates get updated when they change
- 04:01 PM Feature #32037 (Closed): Disable katello-agent and infrastructure by default and allow users to enable it on new installs or disable it on upgrades
- Applied in changeset commit:installer|74179f9c2f00b4c4ef4d504aba0a89efb322b73d.
- 03:57 PM Revision 74179f9c (installer): Fixes #32037 - Disable katello-agent on install, ensure enabled on upgrade
- 03:56 PM Revision f26e9411 (puppet-foreman_proxy_content): Refs #32037: Add flag to enable katello_agent infrastructure and disable it by default
- 03:56 PM Revision 15879e53 (puppet-katello): Refs #32037: Add flag to enable katello_agent infrastructure and disable it by default
- 03:24 PM Revision 5462f346 (puppet-pulpcore): Release 3.3.0
- 02:04 PM Revision 5dd89f4a (puppet-foreman_proxy): Add smart_proxy_dns_route53 plugin support
- 02:01 PM Feature #32369 (Closed): Allow content enablement for Katello to be controlled by only the puppet-foreman_proxy_content parameter
- Applied in changeset commit:installer|fa27f19609bfa45f7dd772bd86097d1dc19fcaa9.
- 01:47 PM Revision fa27f196 (installer): Fixes #32369: Set katello content enable params based on puppet-foreman_proxy_content params
- 01:47 PM Revision 594fbf5d (puppet-katello): Refs #32369 - Move content enable flags to params
- This moves the content enable flags to the params class and away from
init.pp. This will allow a user to either set t... - 01:01 PM Bug #31950 (Closed): Need to configure pulp_ansible/galaxy endpoint in apache for satellite deployments:
- Applied in changeset commit:puppet-pulpcore|6ed8be4ec1dd8170fdf8e373019164ac15cb2dec.
- 12:37 PM Revision 6ed8be4e (puppet-pulpcore): Fixes #31950 - support ansible plugin
04/20/2021
- 10:58 PM Feature #32369 (Ready For Testing): Allow content enablement for Katello to be controlled by only the puppet-foreman_proxy_content parameter
- 07:31 PM Feature #32369 (Closed): Allow content enablement for Katello to be controlled by only the puppet-foreman_proxy_content parameter
- 06:39 PM Revision c5a24d4a (puppet-candlepin): Drop unknown Tomcat properties
- Setting property 'xmlValidation' to 'false' did not find a matching property.
Setting property 'xmlNamespaceAware' to... - 02:47 PM Bug #32346: Trying to load signed certificate
- Moving to installer since it's not a bug in hammer. Not sure which component is more relevant though.
- 01:37 PM Feature #32160 (Ready For Testing): Enable pulp_ansible plugin for pulpcore on nightlies with installer
- 09:56 AM Revision 2e1347bb (puppet-pulpcore): Refs #32338 - Add support for ALLOWED_CONTENT_CHECKSUMS
- Co-authored-by: Ewoud Kohl van Wijngaarden <ewoud@kohlvanwijngaarden.nl>
- 09:32 AM Revision fe5cffd4 (puppet-foreman_proxy): Refs #31893 - make ansible callback configurable
04/19/2021
- 08:52 PM Bug #32352 (Closed): mod_auth_kerb has been replaced by mod_auth_gssapi
- Kerberos authentication can not be used on CentOS and CentOS Stream.
mod_auth_kerb as been deprecated and replaced b... - 08:09 PM Bug #31950 (Ready For Testing): Need to configure pulp_ansible/galaxy endpoint in apache for satellite deployments:
- 03:36 PM Feature #32348 (Duplicate): support ansible_collections in katello & pulpcore
- 03:34 PM Feature #32348 (Ready For Testing): support ansible_collections in katello & pulpcore
- 03:32 PM Feature #32348 (Duplicate): support ansible_collections in katello & pulpcore
- This would involve:
* supporting the ansible plugin install in pulpcore
* enabling it in puppet-foreman_proxy_con... - 03:26 PM Revision 6658c226 (puppet-puppetserver_foreman): Support Puppetserver 7
- 03:26 PM Revision 0fae2ede (puppet-puppetserver_foreman): Support JSON fact cache
- In Puppetserver 6.20.0 support was added for a JSON fact cache and
Puppetserver 7 defaults to JSON. JSON is faster th... - 03:26 PM Revision 1fbea241 (puppet-puppetserver_foreman): Fix typos
- 02:32 PM Bug #32346 (New): Trying to load signed certificate
- I've done this before without problems, but this is on a fresh installation.
Generate CSR:... - 01:19 PM Feature #32338 (Ready For Testing): support ALLOWED_CONTENT_CHECKSUMS option with pulpcore
- 12:27 PM Revision efeaef92 (puppet-candlepin): Tomcat parameter is named sslProtocol not sslProtocols
Also available in: Atom