Commit Graph

12 Commits

Author SHA1 Message Date
Jenkins
89e9c01cd4 Merge "Deprecates username and password from boot time registration" 2015-01-09 15:17:57 +00:00
Jenkins
e304882e9d Merge "Fix repo enablement for RHEL during registration" 2015-01-09 15:17:43 +00:00
Jenkins
ef0c043c85 Merge "Add Activation Key Support For Customer Portal" 2015-01-06 18:04:12 +00:00
Ben Nemec
68394e134e Don't trace RHEL registration scripts
These scripts are littered with references to passwords and keys,
so rather than try to disable tracing in every one of those places
I propose we simply turn it off for the scripts.  This will likely
need to be revisited after the global tracing discussion is
resolved anyway.

Change-Id: I805015300bf01b2f8eec9f70ccfdf533dd9386b3
Related-Bug: 1298205
2014-12-17 16:39:27 -06:00
Ryan Brady
2fb72d6ed9 Deprecates username and password from boot time registration
The username and password combination is considered insecure to store in
the metadata passed to the stack as they can easily be obtained and
possibly used in an unathorized manner by logging into one of the
registration systems. The use of an activation key is more desirable
as it can only be used in conjunction with subscription-manager to
register a RHEL system.

This patch deprecates the username and password support from the script
that registers RHEL with either Satellite or RH Customer Portal during
boot-time.  This patch also adds a warning if the username and password
combination is used in the stack metadata. The documentation and examples
have also been updated to warn operators of the deprecation of username
and password.

This patch does not affect the username and password support for
registration activities while building images with diskimage-builder.

Change-Id: I05b7a18e910d31ad2273042409f8657ad9dee36a
2014-12-09 10:56:55 -05:00
Ryan Brady
386a7a01d3 Fix repo enablement for RHEL during registration
Previously the REG_REPOS value was a space delimited list of repo
names, but the spaces were incompatible with passing through json.
If you pass a list in json through the heat parameter, the output
is the string representation of a python list of unicode vaules.
This patch changes the rhel-registration scripts to process the
REG_REPOS value as a comma delimited list which is more easily
passed through json.  Both scripts have been updated to remain
consistent.

Change-Id: I21b3fd115e53aa3b0fa4af9bbfb1f08b6fe163ab
2014-12-04 21:52:16 -05:00
Ryan Brady
bf8b77a8ea Add Activation Key Support For Customer Portal
This patch adds support to register with the hosted customer portal
using activation keys.  If an activation key is present in either
the REG_ACTIVATION_KEY or rh_registration.activation_key, it will
use that value instead of username and password credentials when
registering with Satellite or the hosted Customer Portal.  This
patch also enforces that an org must be set in either the REG_ORG
or rh_registration.org to use the activation key.

Change-Id: If40dd78ba793d508afb1a5ab345470ee5929afb0
2014-12-03 12:46:58 -05:00
Ryan Brady
81b4c00fdc Update RHEL Registration
This patch updates the 00-rhel-registration script to not
not fail a stack when metadata isn't found.

Change-Id: Ie305fed79e4baadf1a03c4a3d06a23cf36e92f77
2014-11-19 18:05:24 -05:00
Ryan Brady
ac8514c089 Enable RHEL Registration
This patch documents the 00-rhsm script as <= RHEL6 as it doesn't
work with the latest release of Satellite.  The Red Hat Network
(RHN) method of registration is being phased out in favor of Red
Hat Customer Portal and Satellite 6.  The subscription-manager
command line tool is the preferred method of registration.

The registration of RHEL is required to enable repositories for
software installation during image creation time.

This element provides functionality for registering RHEL images
during the image build process with diskimage-builder's
disk-image-create script.  The RHEL image will register itself
with either the hosted Red Hat Customer Portal or Satellite to
enable software installation from official repositories. After
the end of the image creation process, the image will unregister
itself so an entitlement will not be decremented from the account.

Boot-time registration is supported through metadata.  Please see
the configuration in the README for more information.

Change-Id: Ia9ef377cc4ed9595633888bfb248a1224e04b542
2014-10-31 12:36:43 -04:00
Richard Su
8baf819b08 Install openstack-selinux on RHEL
The openstack-selinux package contains policy updates for OpenStack.
Updates are accrued in openstack-selinux before they are merged into
the upstream selinux-policy package.

Change-Id: I7c00e5cae17489202fe7aee3e656fca27ab630ba
2014-09-29 21:53:22 -07:00
Ben Nemec
5c69b7a683 Make RHSM registration set -u safe
There are a bunch of optional env vars references in the rhsm
registration script, but they weren't wrapped to be set -u safe so
they cause build failures if any aren't set.

Change-Id: I18326b618f0920efa4dbd805611c6ee66d33ebb0
2014-08-21 21:39:38 -05:00
Ryan Brady
7f78be9318 Adds RHEL common element
This element contains the installation steps common to RHEL
operating system versions.

Change-Id: I37cce0bd5b5d31525f1335ecd416be570d36ad61
2014-07-25 14:17:03 -04:00