ya-errata-import is a new script to import EPEL, CentOS, RedHat, Scientific Linux and Oracle Linux errata into spacewalk. I created this to solve most of my frustrations with existing errata import scripts:
- we have redhat and centos packages in spacewalk, both can have the same package names, which would result in redhat packages being pushed in centos channels because of the errata create (and thus everything fails) Almost every python script has this problem (and some perl scripts too)
- the XML file of errata-import.pl is ok, but updated by one person and only for security errata (I think)
- errata-import.pl had good code, but no RHN integration, and is too easy for missing packages (if 1 package from the errata is there, the errata is created, while other packages might be missing)
- always different scripts were created/used for redhat and centos errata
- most perl scripts lacked proxy support
So, my script (well, combo of shell and perl) was born:
For CentOS:
- first some shell calls to get the latest announces from the centos archive (but not by scraping the announces list, but getting digests, much less traffic then) You can change the number of announces anyway you want by changing the wget command to your liking
- then the perl script comes along, parsing the digest files and looking in 1 channel (yes, one) for package availability and creating the errata there. It has optional integration with RHN for notes, description, topic info, and CVE's and/or can use the OVAL file like the errata-import.pl script does. The created errata gets a suffix based on the OS version and architecture (e.g. ":C5-64" or ":C6-32"), because the same errata can exist for multiple OS versions and architectures (and creating the errata for more than one base channel would result in packages being copied which is a mess again). Also a proxy can be defined for spacewalk and or RHN servers
For RedHat:
- log in to RHN, get the errata for the specified channel (possibility to define the date range)
- then follow the same logic as for CentOS
For EPEL:
- first some shell calls (see the example epel-clone-errata.sh) that downloads the updateinfo.xml.gz from fedora
- then the perl script comes along, parsing the xml file and looking in 1 channel (yes, one) for package availability and creating the errata there. The created errata gets a suffix based on the OS version and architecture (e.g. ":C5-64" or ":R6-32"), because the same errata can exist for multiple OS versions and architectures (and creating the errata for more than one base channel would result in packages being copied which is a mess again). To make sure that you can push the same errata for redhat and centos channels, you can use the --redhat option, so the suffix will be like ":R6-32", otherwise it will be like ":C6-32"
Dependencies:
-
on RHEL 6, the following packages are needed in order to make the proxy work with RHN packages:
perl-Socket6 perl-IO-Socket-INET6 perl-Net-INET6Glue perl-Crypt-SSLeay