Merge branch 'master' into ltss-verification

Gemfile

@@ -43,7 +43,7 @@ group :development, :test do
   gem 'gettext', require: false # needed for gettext_i18n_rails tasks
   gem 'ruby_parser', '< 3.20', require: false # needed for gettext_i18n_rails tasks, Locked because of Ruby >= 2.6 dependency
   gem 'gettext_test_log'
-  gem 'memory_profiler'
+  gem 'memory_profiler', '~> 1.0.2' # locked because 1.1.0 requires ruby version >= 3.1.0
   gem 'awesome_print'
 end
 

Gemfile.lock

@@ -30,8 +30,8 @@ GEM
       minitest (>= 5.1)
       tzinfo (~> 2.0)
       zeitwerk (~> 2.3)
-    addressable (2.8.6)
-      public_suffix (>= 2.0.2, < 6.0)
+    addressable (2.8.7)
+      public_suffix (>= 2.0.2, < 7.0)
     ast (2.4.2)
     awesome_print (1.9.2)
     base32 (0.3.4)
@@ -136,13 +136,13 @@ GEM
       guard (~> 2.1)
       guard-compat (~> 1.1)
       rspec (>= 2.99.0, < 4.0)
-    hashdiff (1.1.0)
+    hashdiff (1.1.1)
     hpricot (0.8.6)
     i18n (1.14.5)
       concurrent-ruby (~> 1.0)
     json (2.3.1)
     jsonapi-renderer (0.2.2)
-    jwt (2.9.0)
+    jwt (2.9.3)
       base64
     listen (3.6.0)
       rb-fsevent (~> 0.10, >= 0.10.3)
@@ -209,8 +209,7 @@ GEM
     responders (3.1.1)
       actionpack (>= 5.2)
       railties (>= 5.2)
-    rexml (3.3.6)
-      strscan
+    rexml (3.3.9)
     ronn (0.7.3)
       hpricot (>= 0.8.2)
       mustache (>= 0.7.0)
@@ -296,7 +295,6 @@ GEM
     sqlite3 (1.4.4)
     strong_migrations (0.7.9)
       activerecord (>= 5)
-    strscan (3.1.0)
     sync (0.5.0)
     term-ansicolor (1.7.1)
       tins (~> 1.0)
@@ -317,7 +315,7 @@ GEM
       activesupport (>= 3)
       railties (>= 3)
       yard (~> 0.9.20)
-    webmock (3.23.1)
+    webmock (3.24.0)
       addressable (>= 2.8.0)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
@@ -351,7 +349,7 @@ DEPENDENCIES
   guard-rspec
   jwt (~> 2.1)
   listen (>= 3.0.5, <= 3.6.0)
-  memory_profiler
+  memory_profiler (~> 1.0.2)
   minitest (~> 5.15.0)
   mysql2 (~> 0.5.3)
   nokogiri (< 1.13)

PACKAGE.md

@@ -21,7 +21,7 @@ Note: Look below for direction on publishing to registry.
           ```
       * Alternatively, if an OBS working copy is already checked out, update the working copy by running `osc up`
 2. Run `make dist` in your RMT working directory to build a tarball.
-3. Copy the files from the `package/obs` directory to the OBS working directory.
+3. Copy the files from the `package/obs` directory to the OBS working directory `systemsmanagement:SCC:RMT/rmt-server`.
 4. Examine the changes by running `osc status` and `osc diff`.
 5. Stage the changes by running `osc addremove`.
 6. Build the package with osc:

app/controllers/api/connect/v3/systems/systems_controller.rb

@@ -21,8 +21,8 @@ def update
 
     # Since the payload is handled by rails all values are converted to string
     # e.g. cpus: 16 becomes cpus: "16". We save this as string for now and expect
-    # SCC to handle the convertation correctly
-    @system.system_information = hwinfo_params[:hwinfo].to_json
+    # SCC to handle the conversion correctly
+    @system.system_information = @system.system_information_hash.update(hwinfo_params[:hwinfo]).to_json
 
     if @system.save
       logger.info(N_("Updated system information for host '%s'") % @system.hostname)

app/controllers/application_controller.rb

@@ -18,6 +18,7 @@ def authenticate_system(skip_on_duplicated: false)
         return true if skip_on_duplicated && @systems.size > 1
 
         @system = find_system_by_token_header(@systems)
+        update_user_agent
 
         # If SYSTEM_TOKEN_HEADER is present, RMT assumes the client uses a SUSEConnect version
         # that supports this feature. In this case, refresh the token and include it in the response.
@@ -42,6 +43,15 @@ def authenticate_system(skip_on_duplicated: false)
 
   private
 
+  def zypper_request?
+    user_agent = request.headers['HTTP_USER_AGENT']
+    user_agent&.downcase&.starts_with?('zypp')
+  end
+
+  def update_user_agent
+    @system.set_system_information('user_agent', request.headers['HTTP_USER_AGENT']) unless zypper_request?
+  end
+
   # Token mechanism to detect duplicated systems.
   # 1: system doesn't send a token header (old SUSEConnect version)
   # 2: system sends a token, and it matches an existing system with that token

app/controllers/services_controller.rb

@@ -14,12 +14,10 @@ class ServicesController < ApplicationController
   # authenticate requests on this method for Zypper so we have a better picture
   # which systems are still being active (even if not using SUSEConnect).
   before_action only: %w[show] do
-    ua = request.headers['HTTP_USER_AGENT']
-
     # Zypper will never provide the `system_token` credentials for the system.
     # Hence, if there are duplicates, we will not be able to deterministically
     # tell which system is to be updated. Just skip it altogether on this case.
-    authenticate_system(skip_on_duplicated: true) if ua && ua.downcase.starts_with?('zypp')
+    authenticate_system(skip_on_duplicated: true) if zypper_request?
   end
 
   ZYPPER_SERVICE_TTL = 86400

app/models/system.rb

@@ -37,10 +37,17 @@ def self.generate_secure_login
   end
 
   def cloud_provider
+    system_information_hash.fetch(:cloud_provider, nil)
+  end
+
+  def system_information_hash
     # system_information is checked for valid JSON on save. It is safe
     # to assume the structure is valid.
-    info = JSON.parse(system_information).symbolize_keys
-    info.fetch(:cloud_provider, nil)
+    JSON.parse(system_information || '{}').symbolize_keys
+  end
+
+  def set_system_information(key, value)
+    update(system_information: system_information_hash.update(key => value).to_json)
   end
 
   # Generate secure token for System password

db/migrate/20240821114908_change_local_path_type.rb

@@ -0,0 +1,13 @@
+class ChangeLocalPathType < ActiveRecord::Migration[6.1]
+  def up
+    safety_assured do
+      change_column :repositories, :local_path, :string, limit: 512
+      change_column :downloaded_files, :local_path, :string, limit: 512
+    end
+  end
+
+  def down
+    change_column :repositories, :local_path, :string
+    change_column :downloaded_files, :local_path, :string
+  end
+end

db/schema.rb

@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2024_07_29_103525) do
+ActiveRecord::Schema.define(version: 2024_08_21_114908) do
 
   create_table "activations", charset: "utf8", force: :cascade do |t|
     t.bigint "service_id", null: false
@@ -34,7 +34,7 @@
   create_table "downloaded_files", charset: "utf8", force: :cascade do |t|
     t.string "checksum_type"
     t.string "checksum"
-    t.string "local_path"
+    t.string "local_path", limit: 512
     t.bigint "file_size", unsigned: true
     t.index ["checksum_type", "checksum"], name: "index_downloaded_files_on_checksum_type_and_checksum"
     t.index ["local_path"], name: "index_downloaded_files_on_local_path", unique: true
@@ -104,7 +104,7 @@
     t.string "auth_token"
     t.boolean "installer_updates", default: false, null: false
     t.boolean "mirroring_enabled", default: false, null: false
-    t.string "local_path", null: false
+    t.string "local_path", limit: 512, null: false
     t.datetime "last_mirrored_at"
     t.string "friendly_id"
     t.index ["external_url"], name: "index_repositories_on_external_url", unique: true

engines/instance_verification/spec/requests/api/connect/v3/systems/products_controller_spec.rb

@@ -72,9 +72,12 @@
 
         context 'when verification provider returns false' do
           before do
-            expect(InstanceVerification::Providers::Example).to receive(:new)
-              .with(be_a(ActiveSupport::Logger), be_a(ActionDispatch::Request), payload, instance_data).and_return(plugin_double)
-            expect(plugin_double).to receive(:instance_valid?).and_return(false)
+            stub_request(:post, scc_activate_url)
+            .to_return(
+              status: 200,
+              body: { error: 'Unexpected instance verification error has occurred' }.to_json,
+              headers: {}
+            )
             post url, params: payload, headers: headers
           end
 
@@ -86,9 +89,13 @@
 
         context 'when verification provider raises an unhandled exception' do
           before do
-            expect(InstanceVerification::Providers::Example).to receive(:new)
-              .with(be_a(ActiveSupport::Logger), be_a(ActionDispatch::Request), payload, instance_data).and_return(plugin_double)
-            expect(plugin_double).to receive(:instance_valid?).and_raise('Custom plugin error')
+            stub_request(:post, scc_activate_url)
+            .to_return(
+              status: 422,
+              body: { error: 'Unexpected instance verification error has occurred' }.to_json,
+              headers: {}
+            )
+
             post url, params: payload, headers: headers
           end
 
@@ -623,7 +630,7 @@
             .with({ headers: scc_headers, body: payload.merge({ byos_mode: 'byos' }) })
             .and_return(
               status: 401,
-              body: { error: 'error_message' }.to_json,
+              body: 'Migration target not allowed on this instance type',
               headers: {}
             )
           request