How can I see which packages are going to be updated and can I create any report out of it?

enoerror · February 16, 2018, 7:48pm

Hi,

I am trying to find out what packages are going to be updated if I run yum update -y on my content hosts that are attached to a foreman/katello server.

Right now there are no errata associated with the content host but there are installable updates. Is there any way to get the list of those packages (what versions are going to be applied and details of those packages, kind of what rpm -qi provides) from command line?

Right now I can see them in web interface but I have to keep proof for auditing purpose that ‘the packages that are going to be updated have newer versions’ as seen from this output. Is there a way to achieve that? Maybe with any hammer sub command or pulp/katello command?

Thanks,

Bernhard_Suttner · February 17, 2018, 7:53pm

What about using the foreman remote execution plugin and run “yum --assumeno update”?

ehelms · February 18, 2018, 1:00pm

Almost every view in the UI for the Content menu is backed by an API call to the server, in this case the page that shows upgradeable packages can be viewed via:

/katello/api/v2/packages?host_id=<HOST_ID>&packages_restrict_upgradable=true

The same query should be attainable via the CLI:

hammer host package list --search="packages_restrict_upgradable=true"

or

hammer package list --host-id <HOST_ID> --packages-restrict-upgradable

Note you may need to specify --full-result in CLI cases to get all packages in one call.

enoerror · February 18, 2018, 2:40pm

Sorry I haven’t used the remote execution plugin before. Do you have an article/documentation/blog handy that I can use? The official remote execution documentation shows examples in the form of job templates…

enoerror · February 18, 2018, 2:41pm

Eric,

Is the list of API calls documented somewhere? I am not at the computer right now but I will test out your suggestion and let you know asap.

Thanks again.

ehelms · February 18, 2018, 3:44pm

Unfortunately not in any stable release because this is a search parameter. For the 1.18/3.7 release stream of Foreman and Katello, work is being implemented that will document all known search parameter options and make that available via the API docs.

enoerror · February 19, 2018, 8:09am

Hi Eric,

So I tested this now and your second command works perfectly. When I tried hammer host package list I got the following output:

# hammer host package list --host-id 2 --search="packages_restrict_upgradable=true" --full-result yes
----
NVRA
----

When I tried # hammer package list --host-id 2 --packages-restrict-upgradable yes, I got:

# hammer package list --host-id 2 --packages-restrict-upgradable yes
-----|------------------------------------------------------|-------------------------------------------
ID   | FILENAME                                             | SOURCE RPM                                
-----|------------------------------------------------------|-------------------------------------------
7146 | kernel-2.6.32-696.18.7.el6.x86_64.rpm                | kernel-2.6.32-696.18.7.el6.src.rpm        
7178 | kernel-2.6.32-696.20.1.el6.x86_64.rpm                | kernel-2.6.32-696.20.1.el6.src.rpm        
7299 | kernel-devel-2.6.32-696.18.7.el6.x86_64.rpm          | kernel-2.6.32-696.18.7.el6.src.rpm        
6976 | kernel-devel-2.6.32-696.20.1.el6.x86_64.rpm          | kernel-2.6.32-696.20.1.el6.src.rpm        
7154 | kernel-firmware-2.6.32-696.18.7.el6.noarch.rpm       | kernel-2.6.32-696.18.7.el6.src.rpm        
7078 | kernel-firmware-2.6.32-696.20.1.el6.noarch.rpm       | kernel-2.6.32-696.20.1.el6.src.rpm        
7005 | libblkid-2.17.2-12.28.el6_9.2.x86_64.rpm             | util-linux-ng-2.17.2-12.28.el6_9.2.src.rpm
6866 | libuuid-2.17.2-12.28.el6_9.2.x86_64.rpm              | util-linux-ng-2.17.2-12.28.el6_9.2.src.rpm
7569 | samba-common-3.6.23-46el6_9.x86_64.rpm               | samba-3.6.23-46el6_9.src.rpm              
7468 | samba-winbind-3.6.23-46el6_9.x86_64.rpm              | samba-3.6.23-46el6_9.src.rpm              
7506 | samba-winbind-clients-3.6.23-46el6_9.x86_64.rpm      | samba-3.6.23-46el6_9.src.rpm              
7602 | selinux-policy-3.7.19-307el6_9.3.noarch.rpm          | selinux-policy-3.7.19-307el6_9.3.src.rpm  
7634 | selinux-policy-targeted-3.7.19-307el6_9.3.noarch.rpm | selinux-policy-3.7.19-307el6_9.3.src.rpm  
7651 | tzdata-2018c-1.el6.noarch.rpm                        | tzdata-2018c-1.el6.src.rpm                
7455 | util-linux-ng-2.17.2-12.28.el6_9.2.x86_64.rpm        | util-linux-ng-2.17.2-12.28.el6_9.2.src.rpm
-----|------------------------------------------------------|-------------------------------------------

I think this solves my question. Thank you.

EDIT: Oh wow from web interface it looks even better. Thanks so much. I owe you few beers now

enoerror · February 23, 2018, 4:54pm

Hey Eric,

Sorry to come back to you piggybacking on the earlier question.

So, for SOX compliance, I have to show a screenshot or pdf file to the auditors. Something that can’t be tampered with. So, I am going to use the katello API from browser and instead of host_id I am going to use https://foreman_server/katello/api/v2/packages?host=my-hostname&packages_restrict_upgradable=true.

Now this will restrict the output to 20 per page. How do I pack all the packages in one single page that can be saved in a file?

Also, do you know how can I show which packages have been updated? Kind of same like packages_restrict_upgradable but post patching, not pre-patching.

Any help is immensely appreciated.

Thanks

enoerror · February 23, 2018, 5:10pm

I figured out that I can use https://foreman_server/katello/api/v2/packages?host=my-hostname&packages_restrict_upgradable=true&&per_page=<SOMELONGNUMBER> to see all packages in one go. Is that the only way?

I can’t wait for the API page to show up, tbh.

ehelms · February 23, 2018, 5:42pm

Some pages respect full_result=true to get all results.

jthisandthat · February 26, 2018, 8:56pm

We have a script that we wrote at work to list all the packages and errata per host for all repos through the hammer CLI.

It also required a second section to prune out the various different arcs though. But this is the hammer commands we use:

for i in $(hammer --csv host list --organization $ORG | grep -vi '^ID' | awk -F, {'print $2'});
do
    for j in $(hammer --csv repository list --organization-label $ORG | grep -vi '^ID' | awk -F, {'print $1'});
        do
                hammer --csv package list --host ${i} --repository-id ${j} --organization-label $ORG --packages-restrict-applicable true | grep -vi '^ID' | awk -F, {'print $2'} >> $file_location
        done

        hammer --csv host errata list --host ${i} | grep -vi '^ID' | awk -F, {'print $2'} >> $file_location
done

Slings · October 19, 2021, 9:37am

Hi,
have you an updated script for hammer cli to show all update packages per hosts ?

I get following error on foreman 2.5.3:
Error: Too many arguments.

Thanks.