From: Fabian Ebner <f.ebner@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [RFC common 2/7] APT: add extended repositories check
Date: Wed, 20 Jan 2021 11:01:38 +0100 [thread overview]
Message-ID: <20210120100143.16268-3-f.ebner@proxmox.com> (raw)
In-Reply-To: <20210120100143.16268-1-f.ebner@proxmox.com>
To detect old/bad suites and see whether the 'enterprise' repository or at least
the 'no-subscription' repository is configured.
Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
---
Suggestions for further checks are welcome.
Note that the distribution names might conflict for external non-Debian repos
that would re-use Debian names, but I think we can safely ignore that.
src/PVE/APT.pm | 108 +++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 108 insertions(+)
diff --git a/src/PVE/APT.pm b/src/PVE/APT.pm
index 75d1810..9f29593 100644
--- a/src/PVE/APT.pm
+++ b/src/PVE/APT.pm
@@ -287,4 +287,112 @@ sub list_repositories {
return $repos;
}
+sub check_repositories {
+ my ($repos, $product) = @_;
+
+ my $enterprise_configured = 0;
+ my $no_subscription_configured = 0;
+
+ my $enterprise_uri = "https://enterprise.proxmox.com/debian/${product}";
+ my $enterprise_component = "${product}-enterprise";
+ my $no_subscription_uri = "http://download.proxmox.com/debian/${product}";
+ my $no_subscription_component = "${product}-no-subscription";
+
+ # TODO update for PVE 7.0
+ my @old_suites = (
+ 'lenny',
+ 'squeeze',
+ 'wheezy',
+ 'jessie',
+ 'stretch',
+ 'oldoldstable',
+ 'oldstable',
+ );
+
+ my @new_suites = (
+ 'unstable',
+ 'sid',
+ 'experimental',
+ );
+
+ my $warnings = [];
+
+ my $add_warning = sub {
+ my ($repo, $message) = @_;
+
+ if (defined($repo)) {
+ push @{$warnings}, {
+ path => $repo->{path},
+ number => $repo->{number},
+ message => $message,
+ };
+ } else {
+ push @{$warnings}, { message => $message };
+ }
+ };
+
+ my $match_suite = sub {
+ my ($suite, $list) = @_;
+
+ return grep {
+ $_ =~ m|^\Q$suite\E$| ||
+ $_ =~ m|^\Q$suite\E-backports$| ||
+ $_ =~ m|^\Q$suite\E-backports-sloppy$| ||
+ $_ =~ m|^\Q$suite\E-updates$| ||
+ $_ =~ m|^\Q$suite\E/updates$|
+ } @{$list};
+ };
+
+ foreach my $repo (@{$repos}) {
+ my $types = $split_list->($repo->{Types});
+ my $uris = $split_list->($repo->{URIs});
+ my $components = $split_list->($repo->{Components});
+ my $suites = $split_list->($repo->{Suites});
+
+ foreach my $type (@{$types}) {
+ next if $type ne 'deb';
+
+ foreach my $old_suite (@old_suites) {
+ $add_warning->($repo, "Old suite '${old_suite}' configured!")
+ if $match_suite->($old_suite, $suites);
+ }
+
+ foreach my $new_suite (@new_suites) {
+ $add_warning->($repo, "Suite '${new_suite}' should not be " .
+ "used in production!") if $match_suite->($new_suite, $suites);
+ }
+
+ $add_warning->($repo, "Use the name of the stable distribuition " .
+ "instead of 'stable'!") if $match_suite->('stable', $suites);
+
+ next if !$repo->{enabled};
+
+ foreach my $uri (@{$uris}) {
+ if ($uri =~ m|^\Q$enterprise_uri\E/?|) {
+ foreach my $component (@{$components}) {
+ $enterprise_configured = 1
+ if $component eq $enterprise_component;
+ }
+ }
+ if ($uri =~ m|^\Q$no_subscription_uri\E/?|) {
+ foreach my $component (@{$components}) {
+ $no_subscription_configured = 1
+ if $component eq $no_subscription_component;
+ }
+ }
+ }
+ }
+ }
+
+ if (!$enterprise_configured && !$no_subscription_configured) {
+ $add_warning->(undef, "You should configure either the 'enterprise' " .
+ "or 'no-subscription' repository!");
+ } elsif (!$enterprise_configured && $no_subscription_configured) {
+ $add_warning->(undef, "The 'no-subscription' repository is not " .
+ "recommended for production use!");
+ }
+
+ return $warnings;
+}
+
1;
--
2.20.1
next prev parent reply other threads:[~2021-01-20 10:02 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-20 10:01 [pve-devel] [RFC] APT repositories API/UI Fabian Ebner
2021-01-20 10:01 ` [pve-devel] [RFC common 1/7] add module for APT Fabian Ebner
2021-01-20 10:01 ` Fabian Ebner [this message]
2021-01-20 10:01 ` [pve-devel] [RFC manager 3/7] api: APT: add call to list repositories Fabian Ebner
2021-01-20 10:01 ` [pve-devel] [RFC widget-toolkit 4/7] add UI for APT repositories Fabian Ebner
2021-01-20 10:01 ` [pve-devel] [RFC manager 5/7] ui: add panel for listing " Fabian Ebner
2021-01-20 10:01 ` [pve-devel] [RFC manager 6/7] api: APT: add call for repository check Fabian Ebner
2021-01-20 10:01 ` [pve-devel] [RFC widget-toolkit 7/7] APT repositories: show list of warnings Fabian Ebner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210120100143.16268-3-f.ebner@proxmox.com \
--to=f.ebner@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox