952915f25e
We don't want to trace the RHEL registration scripts because that is likely to log things like passwords and activation keys. To still allow for debugging failed runs, add sanitized logging of the arguments passed to the registration commands, since that is the part of the process where problems are most likely to manifest. Change-Id: I0f661e9c152f43b814fda61211bd56ba93e3b9dc
152 lines
5.1 KiB
Bash
Executable File
152 lines
5.1 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# dib-lint: disable=dibdebugtrace
|
|
|
|
set -eu
|
|
set -o pipefail
|
|
|
|
OK=/mnt/state/var/lib/rhsm/rhsm.ok
|
|
|
|
if [ -e $OK ] ; then
|
|
exit 0
|
|
fi
|
|
|
|
REG_ACTIVATION_KEY="$(os-apply-config --key rh_registration.activation_key --type raw --key-default '')"
|
|
REG_AUTO_ATTACH="$(os-apply-config --key rh_registration.auto_attach --type raw --key-default 'true')"
|
|
REG_BASE_URL="$(os-apply-config --key rh_registration.base_url --type raw --key-default '')"
|
|
REG_ENVIRONMENT="$(os-apply-config --key rh_registration.environment --type raw --key-default '')"
|
|
REG_FORCE="$(os-apply-config --key rh_registration.force --type raw --key-default '')"
|
|
REG_MACHINE_NAME="$(os-apply-config --key rh_registration.machine_name --type raw --key-default '')"
|
|
REG_ORG="$(os-apply-config --key rh_registration.org --type raw --key-default '')"
|
|
REG_PASSWORD="$(os-apply-config --key rh_registration.password --type raw --key-default '')"
|
|
REG_POOL_ID="$(os-apply-config --key rh_registration.poolid --type raw --key-default '')"
|
|
REG_RELEASE="$(os-apply-config --key rh_registration.release --type raw --key-default '')"
|
|
REG_REPOS="$(os-apply-config --key rh_registration.repos --type raw --key-default '')"
|
|
REG_SAT_URL="$(os-apply-config --key rh_registration.satellite_url --type raw --key-default '')"
|
|
REG_SERVER_URL="$(os-apply-config --key rh_registration.server_url --type raw --key-default '')"
|
|
REG_SERVICE_LEVEL="$(os-apply-config --key rh_registration.service_level --type raw --key-default '')"
|
|
REG_USER="$(os-apply-config --key rh_registration.user --type raw --key-default '')"
|
|
REG_TYPE="$(os-apply-config --key rh_registration.type --type raw --key-default '')"
|
|
REG_METHOD="$(os-apply-config --key rh_registration.method --type raw --key-default '')"
|
|
|
|
opts=
|
|
attach_opts=
|
|
repos="repos --enable rhel-7-server-rpms"
|
|
satellite_repo="rhel-7-server-rh-common-rpms"
|
|
if [ -n "${REG_AUTO_ATTACH:-}" ]; then
|
|
opts="$opts --auto-attach"
|
|
|
|
if [ -n "${REG_SERVICE_LEVEL:-}" ]; then
|
|
opts="$opts --servicelevel $REG_SERVICE_LEVEL"
|
|
fi
|
|
|
|
if [ -n "${REG_RELEASE:-}" ]; then
|
|
opts="$opts --release=$REG_RELEASE"
|
|
fi
|
|
else
|
|
if [ -n "${REG_SERVICE_LEVEL:-}" ]; then
|
|
echo "WARNING: REG_SERVICE_LEVEL set without REG_AUTO_ATTACH."
|
|
fi
|
|
|
|
if [ -n "${REG_RELEASE:-}" ]; then
|
|
echo "WARNING: REG_RELEASE set without REG_AUTO_ATTACH."
|
|
fi
|
|
|
|
if [ -n "${REG_POOL_ID:-}" ]; then
|
|
attach_opts="$attach_opts --pool=$REG_POOL_ID"
|
|
fi
|
|
fi
|
|
|
|
if [ -n "${REG_BASE_URL:-}" ]; then
|
|
opts="$opts --baseurl=$REG_BASE_URL"
|
|
fi
|
|
|
|
if [ -n "${REG_ENVIRONMENT:-}" ]; then
|
|
opts="$opts --env=$REG_ENVIRONMENT"
|
|
fi
|
|
|
|
if [ -n "${REG_FORCE:-}" ]; then
|
|
opts="$opts --force"
|
|
fi
|
|
|
|
if [ -n "${REG_SERVER_URL:-}" ]; then
|
|
opts="$opts --serverurl=$REG_SERVER_URL"
|
|
fi
|
|
|
|
if [ -n "${REG_ACTIVATION_KEY:-}" ]; then
|
|
opts="$opts --activationkey=$REG_ACTIVATION_KEY"
|
|
|
|
if [ -z "${REG_ORG:-}" ]; then
|
|
echo "WARNING: REG_ACTIVATION_KEY set without REG_ORG."
|
|
fi
|
|
else
|
|
echo "WARNING: Support for registering with a username and password is deprecated."
|
|
echo "Please use activation keys instead. See the README for more information."
|
|
if [ -n "${REG_PASSWORD:-}" ]; then
|
|
opts="$opts --password $REG_PASSWORD"
|
|
fi
|
|
|
|
if [ -n "${REG_USER:-}" ]; then
|
|
opts="$opts --username $REG_USER"
|
|
fi
|
|
fi
|
|
|
|
if [ -n "${REG_MACHINE_NAME:-}" ]; then
|
|
opts="$opts --name $REG_MACHINE_NAME"
|
|
fi
|
|
|
|
if [ -n "${REG_ORG:-}" ]; then
|
|
opts="$opts --org=$REG_ORG"
|
|
fi
|
|
|
|
if [ -n "${REG_REPOS:-}" ]; then
|
|
for repo in $(echo $REG_REPOS | tr ',' '\n'); do
|
|
repos="$repos --enable $repo"
|
|
done
|
|
fi
|
|
|
|
if [ -n "${REG_TYPE:-}" ]; then
|
|
opts="$opts --type=$REG_TYPE"
|
|
fi
|
|
|
|
sanitized_opts=$(echo "$opts" | sed 's/--password \([^ ]*\)/--password ***/g')
|
|
sanitized_opts=$(echo "$sanitized_opts" | sed 's/--activationkey=\([^ ]*\)/--activationkey=***/g')
|
|
|
|
case "${REG_METHOD:-}" in
|
|
portal)
|
|
echo "Registering with options: $sanitized_opts"
|
|
subscription-manager register $opts
|
|
if [ -z "${REG_AUTO_ATTACH:-}" ]; then
|
|
echo "Attaching with options: $attach_opts"
|
|
subscription-manager attach $attach_opts
|
|
fi
|
|
echo "Enabling repos: $repos"
|
|
subscription-manager $repos
|
|
;;
|
|
satellite)
|
|
# Save an unmodified copy of the repo list for logging
|
|
user_repos=$repos
|
|
repos="$repos --enable ${satellite_repo}"
|
|
echo "Installing satellite dependencies"
|
|
rpm -Uvh "$REG_SAT_URL/pub/katello-ca-consumer-latest.noarch.rpm" || true
|
|
echo "Registering with options: $sanitized_opts"
|
|
subscription-manager register $opts
|
|
echo "Enabling repos: $user_repos"
|
|
subscription-manager $repos
|
|
echo "Installing katello-agent"
|
|
yum install -y katello-agent || true # needed for errata reporting to satellite6
|
|
katello-package-upload
|
|
echo "Disabling satellite repo because it is no longer needed"
|
|
subscription-manager repos --disable ${satellite_repo}
|
|
;;
|
|
disable)
|
|
echo "Disabling RHEL registration"
|
|
;;
|
|
*)
|
|
echo "WARNING: only 'portal', 'satellite', and 'disable' are valid values for REG_METHOD."
|
|
exit 0
|
|
esac
|
|
|
|
mkdir -p $(dirname $OK)
|
|
touch $OK
|