Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Halt upgrades if evr is not owned by foreman on external DB #953

Merged
merged 2 commits into from
Nov 20, 2024
Merged

Halt upgrades if evr is not owned by foreman on external DB #953

merged 2 commits into from
Nov 20, 2024
+63 −0

Conversation

ianballou
Copy link
Contributor

Halts upgrades if the evr extension in Katello external DBs are not owned by foreman. Skips the checks if the evr extension does not exist.

Related installer PR: theforeman/foreman-installer#984

@ianballou ianballou mentioned this pull request Nov 15, 2024
Merged
@ianballou ianballou force-pushed the halt-upgrade-remote-db-evr-permissions branch 2 times, most recently from 4cd6c7a to a54ac48 Compare November 18, 2024 16:39
@ianballou ianballou force-pushed the halt-upgrade-remote-db-evr-permissions branch from a54ac48 to d4d3d5b Compare November 18, 2024 16:43
@ianballou ianballou requested a review from ehelms November 18, 2024 16:46
@ianballou
Copy link
Contributor Author

All the comments should be addressed now.

ehelms
ehelms reviewed Nov 18, 2024
View reviewed changes
definitions/checks/foreman/check_external_db_evr_permissions.rb Outdated
unless evr_owned_by_postgres.empty?
return evr_owned_by_postgres.first['evr_owned_by_postgres'] == '0'
end
fail!('Could not determine if the evr extension is owned by the foreman DB owner')
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What do we expect a user that hits this fail statement to do next? Can we give them some direction?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The only failures reasons I can think of would be if the DB connection failed or if the config doesn't have the correct username information. I've updated the error message.

@ianballou ianballou force-pushed the halt-upgrade-remote-db-evr-permissions branch from 40e70cd to d86def9 Compare November 18, 2024 18:55
@ianballou
Copy link
Contributor Author

I stopped hardcoding 'foreman' as the DB name just in case. We are hardcoding it in the installer check, but I figured why not here since it seems to be supported.

@ianballou ianballou requested a review from ehelms November 18, 2024 18:57
@ehelms
Copy link
Member

ehelms commented Nov 18, 2024

I had just a minor nit, @evgeni please also do a final review

@ianballou ianballou force-pushed the halt-upgrade-remote-db-evr-permissions branch from d86def9 to e6dc6f1 Compare November 18, 2024 19:23
@ianballou ianballou requested a review from ehelms November 18, 2024 19:23
evgeni
evgeni approved these changes Nov 20, 2024
View reviewed changes
definitions/checks/foreman/check_external_db_evr_permissions.rb
SQL
end

def query_if_postgres_owns_evr
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Technically, this doesn't check whether postgres owns it, but whether foreman_db_user (not) owns it.

definitions/checks/foreman/check_external_db_evr_permissions.rb

def foreman_owns_evr?
evr_owned_by_postgres = feature(:foreman_database).query(query_if_postgres_owns_evr)
unless evr_owned_by_postgres.empty?
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess it won't ever be empty, given at this point we do know the extension exists, so it must have some owner?
But it also doesn't hurt to play safe here :)

@evgeni evgeni changed the title Halt upgrades if evr is not owned by foreman Halt upgrades if evr is not owned by foreman on external DB Nov 20, 2024
@evgeni
Copy link
Member

evgeni commented Nov 20, 2024

I stopped hardcoding 'foreman' as the DB name just in case. We are hardcoding it in the installer check, but I figured why not here since it seems to be supported.

We (you 😄 ) don't hard code it in the installer check ;)

@ehelms ehelms merged commit 33d9c9f into theforeman:master Nov 20, 2024
8 checks passed
@ianballou
Copy link
Contributor Author

I stopped hardcoding 'foreman' as the DB name just in case. We are hardcoding it in the installer check, but I figured why not here since it seems to be supported.

We (you 😄 ) don't hard code it in the installer check ;)

Ah I was just thinking of config = load_db_config('foreman'), but that's for the DB name not the username, cool.

@ianballou ianballou deleted the halt-upgrade-remote-db-evr-permissions branch November 21, 2024 15:11
@evgeni
Copy link
Member

evgeni commented Nov 21, 2024

Ah I was just thinking of config = load_db_config('foreman'), but that's for the DB name not the username, cool.

It's not the db name either. It's the "config section" aka "whose DB are we looking at"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ehelms ehelms ehelms approved these changes

@evgeni evgeni evgeni approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ianballou @ehelms @evgeni