Foreman package cleanup

I am looking at extra packages on my foreman server which are not available anymore in the repositories.

Main server: Foreman 2.5.1, Katello 4.1.0

# yum list extras
foreman-release-scl.noarch                7-3.el7       @ORG_foreman_2_1_el7_x86_64
java-client.noarch                        1.0-2         installed                                 
katello-default-ca.noarch                 1.0-1         installed                                 
katello-server-ca.noarch                  1.0-1         installed                                 
libmodulemd.x86_64                        1.7.0-1.el7   @pulp                                
localhost-tomcat.noarch                   1.0-1         installed                                 
pulp-client.noarch                        1.0-1         installed                                 
python-gofer-qpid.noarch                  2.12.5-3.el7  @pulp                                
python3-django-cursor-pagination.noarch   0.1.4-1.el7   @ORG_katello_pulpcore_3_6_el7_x86_64
rubygem-hashie.noarch                     3.6.0-1.el7   @foreman                                  
rubygem-little-plugger.noarch             1.1.4-1.el7   @foreman                                  
rubygem-logging.noarch                    2.2.2-4.el7   @foreman                                  
rubygem-multi_json.noarch                 1.12.2-5.el7  @foreman                                  
rubygem-powerbar.noarch                   2.0.1-1.el7   @foreman                                  
tfm-rubygem-arel.noarch                   9.0.0-4.el7   @ORG_foreman_2_1_el7_x86_64               
tfm-rubygem-qpid_messaging.x86_64         1.38.0-1.el7  @katello                                  

I guess it should be safe to remove those? Except maybe those katello-*-ca.noarch?

On my content/puppetmaster proxy I see these extras:

katello-default-ca.noarch      1.0-1            installed           
katello-server-ca.noarch       1.0-1            installed           
libmodulemd.x86_64             1.7.0-1.el7      @ORG_katello_pulp_2_21_el7_x86_64
python-bson.x86_64             3.2-2.el7        @ORG_katello_pulp_2_21_el7_x86_64
python-crane.noarch            3.3.1-2.el7      @ORG_katello_pulp_2_21_el7_x86_64
python-gofer-qpid.noarch       2.12.5-3.el7     @ORG_katello_pulp_2_21_el7_x86_64
python2-amqp.noarch            10:2.2.2-5.el7   @ORG_katello_pulp_2_21_el7_x86_64
python2-billiard.x86_64        10: @ORG_katello_pulp_2_21_el7_x86_64
python2-debpkgr.noarch         1.1.0-1.el7      @ORG_katello_pulp_2_21_el7_x86_64
python2-kombu.noarch           10:4.0.2-14.el7  @ORG_katello_pulp_2_21_el7_x86_64
python2-vine.noarch            10:1.1.3-5.el7   @ORG_katello_pulp_2_21_el7_x86_64

I think java-client, localhost-tomcat and pulp-client are a certificate also certificates which are used. We’re in the process of removing this but right now it’s still needed.

If you synced repos via Pulp (as you appear to do from the repo names, you should have never installed this in the first place. That said, it is now obsolete and we should have obsoleted it in tfm.

We have this definition:

That should be in 2.5 (tfm-6.1-3) but it looks wrong:

Looks like we missed this one in tfm. Please file a bug.

We don’t really have a good way to obsolete things in for Pulp 3. In theory you could get the same package from another repo. See Cleanly uninstalling packages during upgrades as well.

Then there’s a bunch of Pulp 2 cleanup.