From 69983b0362a3484481755ad309f964a924281039 Mon Sep 17 00:00:00 2001
From: Alex Iribarren <Alex.Iribarren@cern.ch>
Date: Mon, 10 Dec 2018 14:04:47 +0100
Subject: [PATCH 1/4] Add docs on how to download certs

---
 README.md | 35 +++++++++++++++++++++++++++++++++--
 1 file changed, 33 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index c26a806..2abb70e 100644
--- a/README.md
+++ b/README.md
@@ -5,7 +5,38 @@ GPG key to [gpgkeys](gpgkeys/) and any specific configuration to [prod.repos.yam
 This last part is probably not needed.
 
 If you're adding a redhat repo, you probably also need the SSL client certificate.
+ 1. Download the certificates, if necessary (see below)
  1. Add the certificate to Teigi: `tbag set --hg lxsoft/adm 8a85f983598e8558015993b62b96699e.pem --file 8a85f983598e8558015993b62b96699e.pem`
- 2. List the new certificate in `manifests/adm.pp` for the lxsoft machines.
- 3. Make sure your new repo files in [prod.repos.yaml](prod.repos.yaml) list the new certificate.
+ 1. List the new certificate in `manifests/adm.pp` for the lxsoft machines.
+ 1. Make sure your new repo files in [prod.repos.yaml](prod.repos.yaml) list the new certificate.
+
+
+# Downloading Redhat certificates
+
+Certs for linuxsoft-mirror system registered on [RHN](https://access.redhat.com/management/systems/b4ec8c2d-3eae-4ae0-b8fa-ec6d8a08ce9f/subscriptions)
+
+8a85f9845993af3f015993b34c3f0210 - 2017-01-01 - 2020-01-01 Red Hat Enterprise Linux Server, Self-support (1-2 sockets) (Up to 1 guest)
+8a85f983598e8558015993b62b96699e - 2017-01-01 - 2020-01-01 Extended Update Support
+8a85f9875993915c015993b8460b1956 - 2017-01-01 - 2020-01-01 Red Hat Enterprise Linux Developer Suite
+8a85f983598e8558015993be99386c0f - 2017-01-01 - 2020-01-01 Red Hat JBoss A-MQ, 64-Core Standard
+8a85f9825cc471b3015cc47ecc80054c - 2017-06-20 - 2020-01-01 Red Hat Virtualization (2-sockets), Premium
+8a85f983598e8558015993c40f836ef2 - 2017-01-01 - 2020-01-01 Red Hat Enterprise MRG Realtime, Standard (1-2 sockets)
+8a85f9875b339bfe015b33aaa17019fc - 2017-04-03 - 2020-01-01 Red Hat Enterprise Linux Extended Life Cycle Support (Physical or Virtual Nodes)
+
+Note: with each new/changed subscription we have to add/remove subscription for linuxsoft-mirror
+on RHN and use freshly regenerated cert .. seems to be necessary also in case of new product
+versions which appeared after the orig. cert was generated
+
+removed/replaced certs:
+
+8a85f98159926149015993c2a4ed781a - 2017-01-01 - 2020-06-20 Red Hat Virtualization (2-sockets), Premium
+8a85f983598e8558015993be99386c0f - replaced 2018-02-27 for RH-SSO 7.2
+
+## Procedure (Update 2018/04):
+
+1. Download the zip with all certificates
+1. Rename them to the subject (be careful, the following may need to be adapted as Subject format may change)
+```bash
+for i in `ls *.pem`; do  NAME=`openssl x509 -in $i -text | grep -i "Subject:" | sed 's/.*CN *= *\([a-z0-9]\{32\}\).*/\1/'`; mv $i $NAME.pem; done
+```
 
-- 
GitLab


From 36ad85e5a8e94d4f9bfdef984b168e1487861a0b Mon Sep 17 00:00:00 2001
From: Alex Iribarren <Alex.Iribarren@cern.ch>
Date: Mon, 10 Dec 2018 14:23:17 +0100
Subject: [PATCH 2/4] Just do the math

---
 reposync/runreposync.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/reposync/runreposync.sh b/reposync/runreposync.sh
index 97861ef..51d4e5b 100755
--- a/reposync/runreposync.sh
+++ b/reposync/runreposync.sh
@@ -153,7 +153,7 @@ for rpm in ${CHANGELIST}; do
 EOF
 done
 
-CHANGECOUNT=`echo "${CHANGELIST}" | wc -l | awk '{print $1}'`
+CHANGECOUNT=$((POSTCOUNT-PRECOUNT))
 
 cat << EOF | log
   "message_type": "result",
-- 
GitLab


From ca89a5a22addc50b2804975cddf7f92dbbfa2fc2 Mon Sep 17 00:00:00 2001
From: Alex Iribarren <Alex.Iribarren@cern.ch>
Date: Mon, 10 Dec 2018 16:39:31 +0100
Subject: [PATCH 3/4] Added
 rhel-7-server-{rhv-4.2-manager,manager-tools,ansible-2}-rpms

---
 prod.repos.d/redhat-7-ev-x86_64.repo | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/prod.repos.d/redhat-7-ev-x86_64.repo b/prod.repos.d/redhat-7-ev-x86_64.repo
index 0e31628..77db234 100644
--- a/prod.repos.d/redhat-7-ev-x86_64.repo
+++ b/prod.repos.d/redhat-7-ev-x86_64.repo
@@ -10,8 +10,8 @@ baseurl = https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/rhevh
 name = Red Hat Enterprise Virtualization Hypervisor 7 (RPMs)
 sslclientcert = /certs/8a85f9825cc471b3015cc47ecc80054c.pem
 sslcacert = /certs/redhat-uep.pem
-
 enabled = 1
+
 [rhel-7-server-x86_64-rhevh-debug-rpms]
 baseurl = https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/rhevh/debug
 name = Red Hat Enterprise Virtualization Hypervisor 7 (Debug RPMs)
@@ -186,3 +186,24 @@ baseurl = https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/rhvh/
 sslclientcert = /certs/8a85f9825cc471b3015cc47ecc80054c.pem
 sslcacert = /certs/redhat-uep.pem
 enabled = 1
+
+[rhel-7-server-rhv-4.2-manager-rpms]
+name = Red Hat Virtualization Manager v4.2 (RHEL 7 Server) (RPMs)
+baseurl = https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/rhv-manager/4.2/os
+sslclientcert = /certs/8a85f9825cc471b3015cc47ecc80054c.pem
+sslcacert = /certs/redhat-uep.pem
+enabled = 1
+
+[rhel-7-server-rhv-4-manager-tools-rpms]
+name = Red Hat Virtualization Manager 4 Tools (RHEL 7 Server) (RPMs)
+baseurl = https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/rhv-manager-tools/4/os
+sslclientcert = /certs/8a85f9825cc471b3015cc47ecc80054c.pem
+sslcacert = /certs/redhat-uep.pem
+enabled = 1
+
+[rhel-7-server-ansible-2-rpms]
+name = Red Hat Ansible Engine 2 RPMs for Red Hat Enterprise Linux 7 Server
+baseurl = https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/ansible/2/os
+sslclientcert = /certs/8a85f9825cc471b3015cc47ecc80054c.pem
+sslcacert = /certs/redhat-uep.pem
+enabled = 1
-- 
GitLab


From b19c7e0c71674bdc4b0b189944336230d0e6a83f Mon Sep 17 00:00:00 2001
From: Alex Iribarren <Alex.Iribarren@cern.ch>
Date: Mon, 10 Dec 2018 16:43:26 +0100
Subject: [PATCH 4/4] Try to improve the formatting

---
 README.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 2abb70e..0a42ec0 100644
--- a/README.md
+++ b/README.md
@@ -15,6 +15,7 @@ If you're adding a redhat repo, you probably also need the SSL client certificat
 
 Certs for linuxsoft-mirror system registered on [RHN](https://access.redhat.com/management/systems/b4ec8c2d-3eae-4ae0-b8fa-ec6d8a08ce9f/subscriptions)
 
+```
 8a85f9845993af3f015993b34c3f0210 - 2017-01-01 - 2020-01-01 Red Hat Enterprise Linux Server, Self-support (1-2 sockets) (Up to 1 guest)
 8a85f983598e8558015993b62b96699e - 2017-01-01 - 2020-01-01 Extended Update Support
 8a85f9875993915c015993b8460b1956 - 2017-01-01 - 2020-01-01 Red Hat Enterprise Linux Developer Suite
@@ -22,6 +23,7 @@ Certs for linuxsoft-mirror system registered on [RHN](https://access.redhat.com/
 8a85f9825cc471b3015cc47ecc80054c - 2017-06-20 - 2020-01-01 Red Hat Virtualization (2-sockets), Premium
 8a85f983598e8558015993c40f836ef2 - 2017-01-01 - 2020-01-01 Red Hat Enterprise MRG Realtime, Standard (1-2 sockets)
 8a85f9875b339bfe015b33aaa17019fc - 2017-04-03 - 2020-01-01 Red Hat Enterprise Linux Extended Life Cycle Support (Physical or Virtual Nodes)
+```
 
 Note: with each new/changed subscription we have to add/remove subscription for linuxsoft-mirror
 on RHN and use freshly regenerated cert .. seems to be necessary also in case of new product
@@ -29,8 +31,10 @@ versions which appeared after the orig. cert was generated
 
 removed/replaced certs:
 
+```
 8a85f98159926149015993c2a4ed781a - 2017-01-01 - 2020-06-20 Red Hat Virtualization (2-sockets), Premium
 8a85f983598e8558015993be99386c0f - replaced 2018-02-27 for RH-SSO 7.2
+```
 
 ## Procedure (Update 2018/04):
 
@@ -39,4 +43,4 @@ removed/replaced certs:
 ```bash
 for i in `ls *.pem`; do  NAME=`openssl x509 -in $i -text | grep -i "Subject:" | sed 's/.*CN *= *\([a-z0-9]\{32\}\).*/\1/'`; mv $i $NAME.pem; done
 ```
-
+1. Proceed with steps above.
-- 
GitLab