Foreman » Installer

Fix Rubocop Layout/RescueEnsureAlignment & Layout/BeginEndAlignment

Fix Rubocop Style/GlobalStdStream

Fixes #37063 - Add feature in katello-certs-check to verify if CA bundle has any certificates with trust rules

- Add feature to verify if provided CA bundle has certificates with trust rules
 - Add test case for the new feature
 - Fix indentation on function check-ca-bundle-size

Refs #36843: Pass array to capture2e as arguments

Fail early if cert files don't exist

While it usually doesn't happen, this showed up in my manual testing and
the output is confusing.

Redirect errors from tput to /dev/null

In minimal environments tput may not be present or work. In that case it
falls back to not having colors, which is fine. The user doesn't need to
be warned about this.

Fixes #36843 - run katello-certs-check in fp-certs-generate

Fixes #35453 - Remove trailing backslash from capsule-certs-generate command in katello-certs-check

Fixes #33109 - Date used by katello-certs-check should be correctly formatted

Replace all dash/underscores in create-migration

Without this, add-server-ssl-crl becomes add_server-ssl-crl instead of
add_server_ssl_crl.

spelling fix

Fixes #31326: Error in certs check if using only a shortname

Katello requires an FQDN be used for installation and thus the
same requirement exists for any custom certificates being used.
This adds a check that the CN is not set to a shortname, and/or
if using Subject Alt Name that there is not a single SAN that...

Add wildcard certificate test for katello-certs-check

Refs #27462 - Add test case for invalid purpose sslserver

Fixes #27462 - Capture the openssl error correctly

Older openssl version will still return 0 exit code and "OK" message
for some errors, such as the openssl in RHEL 7. This cause the
katello-certs-check script not capturing certificate error correctly.
This patch fixed the issue.

Refs #31051 - Remove Warning method from katello-certs-check

The last use of this method was removed in e53e71

Fixes #31051 - Add verification to check if SAN entries match Subject CN on certificate

Change warning to error for certifcates that don't have a CN.
Change the way of comparing string variables.

Refs #30251 - load a branding file if it's present

Fix expired certificate fixture

Update rubocop version and targer Ruby version

Fixes #30251 - make it easier to brand katello-certs-check

Fixes #28549: Fix all rubocop issues

Fixes #28367 - Add a max issuers check

Too many certificates in the bundle breaks various tools. By keeping an
upper limit of 32 it should be safe since only the chain for the server
certificate should be included.

https://access.redhat.com/solutions/3406401 describes this as well, but...

Expand the create-migration script

This allows creating multiple migrations at the same time following the
correct directory conventions. This makes it easy to create the same
migration for multiple scenarios at the same time. For this the argument
order needs to be swapped. It also accepts the code on STDIN to make it...

Fixes #27876 - Add check for passphrase on key

Add a script to show module versions

This is a helper script to easily read the module versions from a
lockfile. This makes it much easier what is bundled in a certain
installer branch. The branch is a guess and might be incorrect. For
example, when it's still being released from master.

Fixes #25564 - add target option

Rather than attempting to detect the target based on the hostname, this adds an
explicit parameter which allows users to force the output to match their use.

Co-Authored-By: Ewoud Kohl van Wijngaarden <ewoud@kohlvanwijngaarden.nl>

Use UTC timestamp in migration name

Rename katello-certs directory

There is an odd puppet bug that triggers when a directory with the same
name exists:

mkdir katello-certs
puppet module install katello-certs

This then fails. By renaming the directory we avoid this collision.

Add katello-certs-check

Add foreman-proxy-certs-generate

This is essentially a separate installer that uses the same modules. It
does read the scenario from the normal installer to determine Foreman's
initial organization for the certificate name. This is implemented as a
hook....

Add a script to create migrations

Add Travis CI test to build/install

Replace LOGDIR to work within the specified PREFIX, and replace
CONFIG_DIR to prevent config files from the local directory being used
in preference to those from the installation prefix.

Fixes #10369 - added support for scenarios

Fixes #5488 - fixed hook deprecation warning

- code from installer executable was moved to hooks
- services details in post-install message printed out on success only

Add --detailed-exitcodes arg

refs #3272 - print new user/password after installation

Reuse color support from Kafo

Installer output now uses color scheme selected by user. Also we don't
have to check color configuration manually. HighLine is already set by
Kafo.

rely on the basename of the script so others can override the location

This change allows katello-installer to use its own configuration file
but re-use the logic contained within foreman-installer.

Fixes #3977 - Don't re-open a Highline colourscheme

Fixes #3610 - explains error detection problems

Fixes #3237 - add --reset-db-feature

Fixes #3238 - respect --no-colors option

Kafo 0.3.0 comaptibility fix

fixes 3209 - exit code only zero by default

Revert config file location, should be relative

Fixes #3131 - Output information at the end of the foreman-installer execution

Change the script name to foreman-installer

Also specify log filename with the same name

Kafoized version of foreman-installer

Foreman installer is now based on kafo gem
Submodules moved to modules/
Updated spec for new version
Update puppet, foreman, foreman-proxy modules
Don't include helper scripts into RPM