Eliminates subscription-manager exec on every Puppet run

Note, that this commit contains changes that break
backward-compatibility.

Additionally:
* this gets rid of `rhsm::repo` which had already been
replaced by `rh_repo`. There is no need of supporting two
types that do the same, just differently.
* types have been added to the `rhsm` class (contrib @kallies).
* the `pool` parameter has been removed, since one should
  use `rh_subscription` for that.
* service `rhsmcertd` is ensured to be enabled and running.
  This service is responsible for a periodical cert renewal
  and auto-attach (see rhsm.conf).
* exec 'sm yum clean all' has beed removed.
* `RHSM-subscribe` has been removed, since auto-attach happens
  already periodical via rhsmcertd.
  Attachment of pool subscriptions happens via `rh_subscription`.

README.md

@@ -21,12 +21,12 @@ Just declare the module with parameters, or load the data from Hiera.
 
 ## Types
 
-### rh_repo
+### rh\_repo
 
 Manage yum repos via the subscription-manager.
 
 
-### rh_subscription
+### rh\_subscription
 
 Enable or disable RH subscriptions based on their pool ID.
 
@@ -38,21 +38,12 @@ class { 'rhsm':
   rh_password => 'mypassword',
 }
 ```
-To attach the system to a specific pool (can be found on a registered system with `subscription-manager list --available`):
-
-```puppet
-class { 'rhsm':
-  rh_user     => 'myuser',
-  rh_password => 'mypassword',
-  pool        => 'the_pool_id'
-}
-```
 
 Use `rh_repo` type to add a repository:
 
 ```puppet
 rh_repo { 'rhel-7-server-extras-rpms':
- ensure => present,
+  ensure => present,
 }
 ```
 

REFERENCE.md

@@ -7,10 +7,6 @@
 
 * [`rhsm`](#rhsm): Subscribe the node to RHSM
 
-**Defined types**
-
-* [`rhsm::repo`](#rhsmrepo): Manage additional RedHat repositories
-
 ## Classes
 
 ### rhsm
@@ -23,13 +19,13 @@ Copyright 2014 Ger Apeldoorn, unless otherwise noted.
 
 #### Examples
 
-##### 
+#####
 
 ```puppet
 include rhsm
 ```
 
-##### 
+#####
 
 ```puppet
 # Hierafile:
@@ -151,14 +147,6 @@ Used directly in rhsm.conf template
 
 Default value: 0
 
-##### `pool`
-
-Data type: `String`
-
-Attach system to a specific pool instead of auto attach to compatible subscriptions
-
-Default value: `undef`
-
 ##### `proxy_hostname`
 
 Data type: `String`
@@ -205,7 +193,7 @@ Data type: `String`
 
 Whether to install subscription-manager
 
-Default value: 'latest'
+Default value: 'installed'
 
 ##### `enabled_repo_ids`
 
@@ -217,21 +205,15 @@ A listing of the Repo IDs to provide to the subscription-manager repo
 
 Default value: []
 
-## Defined types
-
-### rhsm::repo
-
-rhsm::repo
-
-Target file is /etc/yum.repos.d/redhat.repo
-
 Copyright 2014 Ger Apeldoorn, unless otherwise noted.
 
 #### Examples
 
-##### 
+#####
 
 ```puppet
-::rhsm::repo { "rhel-${::operatingsystemmajrelease}-server-extras-rpms": }
+rh_repo { "rhel-${::operatingsystemmajrelease}-server-extras-rpms":
+  ensure => present,
+}
 ```
 

lib/facter/rhsm.rb

@@ -1,15 +1,18 @@
+require 'puppet/util/inifile'
+
 Facter.add(:rhsm, type: :aggregate) do
   confine :os do |os|
     os['family'] == 'RedHat'
   end
 
   # List the currently enabled repositories
-  if File.exist? '/usr/bin/subscription-manager'
+  if File.exist? '/etc/yum.repos.d/redhat.repo'
     chunk(:enabled_repo_ids) do
       repos = Array.[]
-      repo_list = Facter::Core::Execution.exec("subscription-manager repos --list-enabled | awk '/Repo ID:/ {print $3}'")
-      repo_list.each_line do |line|
-        repos.push(line.strip)
+      repo_file = Puppet::Util::IniConfig::PhysicalFile.new('/etc/yum.repos.d/redhat.repo')
+      repo_file.read
+      repo_file.sections.each do |section|
+        repos.push(section.name) if section['enabled'].nil? || section['enabled'].to_i == 1
       end
       { enabled_repo_ids: repos }
     end

lib/puppet/provider/rh_repo/redhat.rb

@@ -1,18 +1,19 @@
+require 'puppet/util/inifile'
+
 # @author Craig Dunn crayfishx/puppet-rhsm
+# @author Stefan Peer speer/puppet-rhsm
+#   (do not run subscription-manager on every Puppet run)
 Puppet::Type.type(:rh_repo).provide(:redhat) do
   commands rhsm: '/usr/sbin/subscription-manager'
   mk_resource_methods
 
   def self.repos
     repos = {}
-    rhsm('repos', '--list').split("\n\n").each do |blk|
-      repo_data = {}
-      blk.split("\n").each do |line|
-        element = line.split(%r{:})
-        repo_data[element.shift] = element.join.lstrip
-      end
-      repos[repo_data['Repo ID']] = {
-        enabled: repo_data['Enabled']
+    repo_file = Puppet::Util::IniConfig::PhysicalFile.new('/etc/yum.repos.d/redhat.repo')
+    repo_file.read
+    repo_file.sections.each do |section|
+      repos[section.name] = {
+        enabled: section['enabled'].nil? || section['enabled'].to_i == 1
       }
     end
     repos
@@ -21,7 +22,7 @@ def self.repos
   def self.instances
     repos.map do |rid, data|
       new(
-        ensure: data[:enabled] == '0' ? :disabled : :enabled,
+        ensure: data[:enabled] ? :enabled : :disabled,
         name:   rid
       )
     end

lib/puppet/provider/rh_subscription/redhat.rb

@@ -1,41 +1,40 @@
 # @author Craig Dunn crayfishx/puppet-rhsm
+# @author Stefan Peer speer/puppet-rhsm
+#   (do not run subscription-manager on every Puppet run)
 Puppet::Type.type(:rh_subscription).provide(:redhat) do
   commands rhsm: '/usr/sbin/subscription-manager'
+  commands rct: '/usr/bin/rct'
+
   mk_resource_methods
 
   def self.subscriptions
     subs = {}
-    rhsm('list', '--consumed').split("\n\n").each do |blk|
+    Dir.glob('/etc/pki/entitlement/*.pem') do |cert|
+      next if cert =~ %r{-key.pem$}
+      cert_raw_data = rct('cat-cert', cert)
       sub_data = {}
-      blk.split("\n").each do |line|
-        element = line.match(%r{^([^:]+):[^\w]+(\w.*)})
-        next unless element.is_a?(MatchData)
-        sub_data[element[1]] = element[2]
+      section = nil
+      cert_raw_data.split("\n").each do |line|
+        if line =~ %r{^([^:\s]+):$}
+          section = Regexp.last_match(1).strip
+          sub_data[section] = {}
+        end
+        next if section.nil?
+        sub_data[section][Regexp.last_match(1).strip] = Regexp.last_match(2).strip if line =~ %r{^\s+([^:]+):(.+)$}
       end
-      subs[sub_data['Pool ID']] = {
-        name: sub_data['Subscription Name'],
-        active: sub_data['Active'],
-        serial: sub_data['Serial']
+      subs[sub_data['Certificate']['Pool ID']] = {
+        name: sub_data['Order']['Name'],
+        serial: sub_data['Certificate']['Serial']
       }
     end
     subs
   end
 
-  def self.active?(str)
-    case str
-    when 'True'
-      :true
-    when 'False'
-      :false
-    end
-  end
-
   def self.instances
     subscriptions.map do |pool, data|
       new(
         ensure: :present,
         name:   pool,
-        active: active?(data[:active]),
         serial: data[:serial]
       )
     end

lib/puppet/type/rh_subscription.rb

@@ -7,10 +7,6 @@
   newparam(:name, isnamevar: true) do
   end
 
-  newproperty(:active) do
-    newvalues(:true, :false)
-  end
-
   newparam(:serial) do
   end
 end