Bug 970248 - package install fails if gpg is not imported
Summary: package install fails if gpg is not imported
Alias: None
Product: Red Hat Satellite 6
Classification: Red Hat
Component: katello-agent   
(Show other bugs)
Version: 6.0.1
Hardware: Unspecified Unspecified
low vote
Target Milestone: Unspecified
Assignee: Justin Sherrill
QA Contact: Og Maciel
Keywords: Triaged
Depends On:
TreeView+ depends on / blocked
Reported: 2013-06-03 19:25 UTC by Justin Sherrill
Modified: 2014-01-27 14:00 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2013-07-18 21:20:22 UTC
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Justin Sherrill 2013-06-03 19:25:30 UTC
Description of problem:

Currently package/errata/group installs/updates will fail if the gpg key of the repo is not already imported on the client machine.  We should support auto-importing of the gpg key.

How reproducible:

Steps to Reproduce:
1.  Setup a custom repo with gpg signed rpms
2.  Create a new gpg key in katello and associate it to the repo
3.  Register client (with katello-agent installed) to repo and try to initiate package install

Actual results:
will fail because gpg key is not imported

Expected results:
Should auto-import the gpg key.

Additional info:

1) The katello agent will support installing GPG keys, as needed, during 
package (or package group) install|update requests.  But, only when the 
'importkeys' options is included in the "options" that are specified in 
the REST call.

  "options": {"importkeys": true}

How this fits into the rest of the POST body is documented in the 
'content management'[1] section of the pulp dev-guide.

2) The bind REST API calls support a "notify_agent" flag.  When 
specified as FALSE, the pulp server will omit any tasks pertaining to 
agent participation in the bind flow.  When these tasks are omitted, no 
messages are sent to the agent.  When the "notify_agent" flag is not 
specified it defaults to (true) which, in the katello use case, causes 
tracebacks[1] in the agent.log and clutters up the tasking system with 
tasks that eventually timeout and fail.  This flag is documented in the 
"Repository Binding"[2] section of the pulp dev-guide.

Comment 1 Justin Sherrill 2013-06-04 19:41:04 UTC

Comment 2 Justin Sherrill 2013-06-04 19:44:43 UTC
Note that his requires runcible 0.4.9

Comment 4 Brad Buckingham 2013-06-06 21:58:46 UTC
Mass move to ON_QA

Comment 5 Og Maciel 2013-06-10 18:19:15 UTC
I was able to register and install a signed package (Google Chrome) to my client which leads me to believe that I could close this as VERIFIED, but I have a question. Where should the imported key for the custom product be placed in the client? I could not see it under /etc/pki/rpm-gpg/

Comment 6 Og Maciel 2013-06-10 18:19:33 UTC
I was able to register and install a signed package (Google Chrome) to my client which leads me to believe that I could close this as VERIFIED, but I have a question. Where should the imported key for the custom product be placed in the client? I could not see it under /etc/pki/rpm-gpg/

Comment 7 Og Maciel 2013-06-13 19:20:40 UTC
* apr-util-ldap-1.3.9-3.el6_0.1.x86_64
* candlepin-0.8.9-1.el6_4.noarch
* candlepin-scl-1-5.el6_4.noarch
* candlepin-scl-quartz-2.1.5-5.el6_4.noarch
* candlepin-scl-rhino-1.7R3-1.el6_4.noarch
* candlepin-scl-runtime-1-5.el6_4.noarch
* candlepin-selinux-0.8.9-1.el6_4.noarch
* candlepin-tomcat6-0.8.9-1.el6_4.noarch
* elasticsearch-0.19.9-8.el6sat.noarch
* foreman-1.1.10009-1.noarch
* foreman-compute-1.1.10009-1.noarch
* foreman-installer-puppet-concat-0-2.d776701.git.0.21ef926.el6sat.noarch
* foreman-installer-puppet-dhcp-0-5.3a4a13c.el6sat.noarch
* foreman-installer-puppet-dns-0-7.fcae203.el6sat.noarch
* foreman-installer-puppet-foreman-0-6.568c5c4.el6sat.noarch
* foreman-installer-puppet-foreman_proxy-0-8.bd1e35d.el6sat.noarch
* foreman-installer-puppet-puppet-0-3.ab46748.el6sat.noarch
* foreman-installer-puppet-tftp-0-5.ea6c5e5.el6sat.noarch
* foreman-installer-puppet-xinetd-0-50a267b8.git.0.44aca6a.el6sat.noarch
* foreman-libvirt-1.1.10009-1.noarch
* foreman-postgresql-1.1.10009-1.noarch
* foreman-proxy-1.1.10003-1.el6sat.noarch
* foreman-proxy-installer-1.0.1-8.f5ae2cd.el6sat.noarch
* katello-1.4.2-12.el6sat.noarch
* katello-all-1.4.2-12.el6sat.noarch
* katello-candlepin-cert-key-pair-1.0-1.noarch
* katello-certs-tools-1.4.2-2.el6sat.noarch
* katello-cli-1.4.2-7.el6sat.noarch
* katello-cli-common-1.4.2-7.el6sat.noarch
* katello-common-1.4.2-12.el6sat.noarch
* katello-configure-1.4.3-15.el6sat.noarch
* katello-configure-foreman-1.4.3-15.el6sat.noarch
* katello-foreman-all-1.4.2-12.el6sat.noarch
* katello-glue-candlepin-1.4.2-12.el6sat.noarch
* katello-glue-elasticsearch-1.4.2-12.el6sat.noarch
* katello-glue-pulp-1.4.2-12.el6sat.noarch
* katello-qpid-broker-key-pair-1.0-1.noarch
* katello-qpid-client-key-pair-1.0-1.noarch
* katello-selinux-1.4.3-3.el6sat.noarch
* openldap-2.4.23-31.el6.x86_64
* pulp-rpm-plugins-2.1.1-1.el6sat.noarch
* pulp-selinux-2.1.1-1.el6sat.noarch
* pulp-server-2.1.1-1.el6sat.noarch
* python-ldap-2.3.10-1.el6.x86_64
* ruby193-rubygem-ldap_fluff-0.2.2-1.el6sat.noarch
* ruby193-rubygem-net-ldap-0.3.1-2.el6sat.noarch
* signo-0.0.16-1.el6sat.noarch
* signo-katello-0.0.16-1.el6sat.noarch

Comment 8 Mike McCune 2013-07-18 21:20:22 UTC
mass move to CLOSED:CURRENTRELEASE since MDP1 has been released.

Note You need to log in before you can comment on or make changes to this bug.