Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-10432

RedHat RHBA-2020:1028 breaks yum.rb in yum provider for some systems

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: PUP 5.5.20, PUP 6.15.0
    • Component/s: None
    • Labels:
    • Template:
      PUP Bug Template
    • Team:
      Night's Watch
    • Story Points:
      1
    • Sprint:
      NW - 2020-04-29
    • Method Found:
      Needs Assessment
    • Release Notes:
      Bug Fix
    • Release Notes Summary:
      Hide
      RedHat subscription Manager update causes ensure => latest to do nothing

      After upgrading RedHat subscription Manager to <version> using ensure => latest on the package provider on a RHEL agent would cause the package resource to never see possible updates.
      Show
      RedHat subscription Manager update causes ensure => latest to do nothing After upgrading RedHat subscription Manager to <version> using ensure => latest on the package provider on a RHEL agent would cause the package resource to never see possible updates.
    • QA Risk Assessment:
      Needs Assessment

      Description

      Puppet Version: 5.5.x (probably 6.x as well)
      Puppet Server Version: NA, but 5.3.x
      OS Name/Version: RedHat Linux 7.8

      Describe your issue in as much detail as possible…
      Describe steps to reproduce…

      Desired Behavior:

      Yum package ensure => latest should ensure latest

      Actual Behavior:

      Yum package ensure => latest never finds an update.  Explicit versions work OK.

      More details:

      RH added a newline character when subscription manager is enabled.

      yum.rb looks for first blank line: https://github.com/puppetlabs/puppet/blob/f2709eb5b28894cf017dbe41290d3c0d168e721b/lib/puppet/provider/package/yum.rb#L123-L125

       

      lib/puppet/provider/package/yum.rb:123-125
       def self.parse_updates(str)
       # Strip off all content before the first blank line
       body = str.partition(/^\s*\n/m).last
      

       As a result, parse_updates returns {} when subscription manager is enabled.

      Old behavior:

      # yum check-update
       Loaded plugins: product-id, search-disabled-repos, subscription-manager
       This system is not registered with an entitlement server. You can use subscription-manager to register.

       

      New behavior:

      # yum check-update
       Loaded plugins: product-id, search-disabled-repos, subscription-manager
       
      This system is not registered with an entitlement server. You can use subscription-manager to register.

       

      workaround 1: disable subscription-manager
      workaround 2: downgrade subscription-manager

       

      Example Code:
      $app == 'pcmhi'
      $version == 'latest'

       # package
          package { $app:
              ensure    => $version,
              provider  => yum,
              require   => Yumrepo[$app],
              subscribe => [
                  Package['nginx'],
                  Package['python3']
              ]
          }

       
       

      Repo Contents:

      Index of rpm/pcmhi/quality_assurance
      Name                       Last modified      Size
      ../
      repodata/                   20-Apr-2020 19:28    -
      pcmhi-3.5.23-0.x86_64.rpm   20-Apr-2020 16:01  19.53 MB
      pcmhi-3.6.0-0.x86_64.rpm    20-Apr-2020 19:28  23.33 MB
      
      

      Manual Update Check:

      # yum check-update | grep pcmhi
       pcmhi.x86_64             1:3.6.0-0             pcmhi

       

      Puppet logs:

      ^[[0;36mDebug: Executing: '/bin/rpm --version'^[[0m
       ^[[0;36mDebug: Executing '/bin/rpm -qa --nosignature --nodigest --qf '%{NAME} %|EPOCH?{%{EPOCH}}:{0}| %{VERSION} %{RELEASE} %{ARCH}\n' | sort'^[[0m
       ^[[0;36mDebug: Executing: '/bin/yum check-update'^[[0m

       

      PoC debug output for yum.rb:
       

      def self.parse_updates(str)
           # Strip off all content before the first blank line
           self.debug "parse_updates input #{str}"
           body = str.partition(/^\s*\n/m).last
           self.debug "parse_updates body #{body}"
       
           updates = Hash.new { |h, k| h[k] = [] }
           body.split.each_slice(3) do |tuple|
             self.debug "tuple #{tuple}"
             break if tuple[0] =~ /^(Obsoleting|Security:|Update)/  

       

      Custom Debug Output (bad):
       
       

      Debug: Executing: '/bin/yum check-update'
      Debug: Puppet::Type::Package::ProviderYum: parse_updates body - note that the subscription manager warning is present on a bad run
      Debug: Puppet::Type::Package::ProviderYum: ----------------------------
      Debug: Puppet::Type::Package::ProviderYum: This system is not registered with an entitlement server. You can use subscription-manager to register.
      containerd.io.x86_64 1.2.6-3.3.el7 sbai 
      docker-ce.x86_64 3:19.03.5-3.el7 sbai 
      docker-ce-cli.x86_64 1:19.03.5-3.el7 sbai 
      pcmhi.x86_64 1:3.6.0-0 pcmhi 
      puppet-agent.x86_64 5.5.19-1.el7 puppet5
      rhn-check.x86_64 2.0.2-24.el7 rhel7 
      rhn-client-tools.x86_64 2.0.2-24.el7 rhel7 
      rhn-setup.x86_64 2.0.2-24.el7 rhel7 
      Debug: Puppet::Type::Package::ProviderYum: ----------------------------
      Debug: Puppet::Type::Package::ProviderYum: update tuple - should be name|version|repo: ["This", "system", "is"]
      Debug: Puppet::Type::Package::ProviderYum: parse_updates output {}
      

       

      Custom Debug Output (downgraded subscription-manager package):

      Debug: Executing: '/bin/yum check-update'
      Debug: Puppet::Type::Package::ProviderYum: parse_updates body - note that the subscription manager warning is present on a bad run
      Debug: Puppet::Type::Package::ProviderYum: ----------------------------
      Debug: Puppet::Type::Package::ProviderYum: containerd.io.x86_64                               1.2.6-3.3.el7         sbai   
      docker-ce.x86_64                                   3:19.03.5-3.el7       sbai   
      docker-ce-cli.x86_64                               1:19.03.5-3.el7       sbai   
      pcmhi.x86_64                                       1:3.6.0-0             pcmhi  
      puppet-agent.x86_64                                5.5.19-1.el7          puppet5
      rhn-check.x86_64                                   2.0.2-24.el7          rhel7  
      rhn-client-tools.x86_64                            2.0.2-24.el7          rhel7  
      rhn-setup.x86_64                                   2.0.2-24.el7          rhel7  
      subscription-manager.x86_64                        1.24.26-1.el7         rhel7  
      subscription-manager-rhsm.x86_64                   1.24.26-1.el7         rhel7  
      subscription-manager-rhsm-certificates.x86_64      1.24.26-1.el7         rhel7  
      Debug: Puppet::Type::Package::ProviderYum: ----------------------------
      <snip>
      Debug: Puppet::Type::Package::ProviderYum: update tuple - should be name|version|repo: ["pcmhi.x86_64", "1:3.6.0-0", "pcmhi"]
      Debug: Puppet::Type::Package::ProviderYum: update_to_hash {:name=>"pcmhi", :epoch=>"1", :version=>"3.6.0", :release=>"0", :arch=>"x86_64"}
      Debug: Puppet::Type::Package::ProviderYum: short_name pcmhi
      Debug: Puppet::Type::Package::ProviderYum: long_name pcmhi.x86_64
      <snip>
      Debug: Puppet::Type::Package::ProviderYum: parse_updates output {"containerd.io"=>[{:name=>"containerd.io", :epoch=>"0", :version=>"1.2.6", :release=>"3.3.el7", :arch=>"x86_64"}], "containerd.io.x86_64"=>[{:name=>"containerd.io", :epoch=>"0", :version=>"1.2.6", :release=>"3.3.el7", :arch=>"x86_64"}], "docker-ce"=>[{:name=>"docker-ce", :epoch=>"3", :version=>"19.03.5", :release=>"3.el7", :arch=>"x86_64"}], "docker-ce.x86_64"=>[{:name=>"docker-ce", :epoch=>"3", :version=>"19.03.5", :release=>"3.el7", :arch=>"x86_64"}], "docker-ce-cli"=>[{:name=>"docker-ce-cli", :epoch=>"1", :version=>"19.03.5", :release=>"3.el7", :arch=>"x86_64"}], "docker-ce-cli.x86_64"=>[{:name=>"docker-ce-cli", :epoch=>"1", :version=>"19.03.5", :release=>"3.el7", :arch=>"x86_64"}], "pcmhi"=>[{:name=>"pcmhi", :epoch=>"1", :version=>"3.6.0", :release=>"0", :arch=>"x86_64"}], "pcmhi.x86_64"=>[{:name=>"pcmhi", :epoch=>"1", :version=>"3.6.0", :release=>"0", :arch=>"x86_64"}], "puppet-agent"=>[{:name=>"puppet-agent", :epoch=>"0", :version=>"5.5.19", :release=>"1.el7", :arch=>"x86_64"}], "puppet-agent.x86_64"=>[{:name=>"puppet-agent", :epoch=>"0", :version=>"5.5.19", :release=>"1.el7", :arch=>"x86_64"}], "rhn-check"=>[{:name=>"rhn-check", :epoch=>"0", :version=>"2.0.2", :release=>"24.el7", :arch=>"x86_64"}], "rhn-check.x86_64"=>[{:name=>"rhn-check", :epoch=>"0", :version=>"2.0.2", :release=>"24.el7", :arch=>"x86_64"}], "rhn-client-tools"=>[{:name=>"rhn-client-tools", :epoch=>"0", :version=>"2.0.2", :release=>"24.el7", :arch=>"x86_64"}], "rhn-client-tools.x86_64"=>[{:name=>"rhn-client-tools", :epoch=>"0", :version=>"2.0.2", :release=>"24.el7", :arch=>"x86_64"}], "rhn-setup"=>[{:name=>"rhn-setup", :epoch=>"0", :version=>"2.0.2", :release=>"24.el7", :arch=>"x86_64"}], "rhn-setup.x86_64"=>[{:name=>"rhn-setup", :epoch=>"0", :version=>"2.0.2", :release=>"24.el7", :arch=>"x86_64"}], "subscription-manager"=>[{:name=>"subscription-manager", :epoch=>"0", :version=>"1.24.26", :release=>"1.el7", :arch=>"x86_64"}], "subscription-manager.x86_64"=>[{:name=>"subscription-manager", :epoch=>"0", :version=>"1.24.26", :release=>"1.el7", :arch=>"x86_64"}], "subscription-manager-rhsm"=>[{:name=>"subscription-manager-rhsm", :epoch=>"0", :version=>"1.24.26", :release=>"1.el7", :arch=>"x86_64"}], "subscription-manager-rhsm.x86_64"=>[{:name=>"subscription-manager-rhsm", :epoch=>"0", :version=>"1.24.26", :release=>"1.el7", :arch=>"x86_64"}], "subscription-manager-rhsm-certificates"=>[{:name=>"subscription-manager-rhsm-certificates", :epoch=>"0", :version=>"1.24.26", :release=>"1.el7", :arch=>"x86_64"}], "subscription-manager-rhsm-certificates.x86_64"=>[{:name=>"subscription-manager-rhsm-certificates", :epoch=>"0", :version=>"1.24.26", :release=>"1.el7", :arch=>"x86_64"}]}
      

       

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              gheorghe.popescu Gheorghe Popescu
              Reporter:
              mschlosser Matt Schlosser
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Zendesk Support