Update foreman-maintain health for foremanctl

[aneta-petrova]

What changes are you introducing?

Changing references to foreman-maintain health to foremanctl health.

Why are you introducing these changes? (Explanation, links to references, issues, etc.)

To support the transition to containerized Foreman.

Anything else to add? (Considerations, potential downsides, alternative solutions you have explored, etc.)

This PR only updates the commands. It does not publish the changes to docs.theforeman.org because I'm only verifying the new commands work, not the procedures as a whole.

Contributor checklists

• I am okay with my commits getting squashed when you merge this PR.
• I am familiar with the contributing guidelines.

Please cherry-pick my commits into:

• Foreman 3.19/Katello 4.21
• Foreman 3.18/Katello 4.20 (Satellite 6.19)
• Foreman 3.17/Katello 4.19
• Foreman 3.16/Katello 4.18 (Satellite 6.18; orcharhino 7.6, 7.7, and 7.8)
• Foreman 3.15/Katello 4.17
• Foreman 3.14/Katello 4.16 (Satellite 6.17; orcharhino 7.4; orcharhino 7.5)
• Foreman 3.13/Katello 4.15 (EL9 only)
• Foreman 3.12/Katello 4.14 (Satellite 6.16; orcharhino 7.2 on EL9 only; orcharhino 7.3)
• We do not accept PRs for Foreman older than 3.12.

[github-actions]

The PR preview for 92a79e5 is available at theforeman-foreman-documentation-preview-pr-4843.surge.sh

The following output files are affected by this PR:

• Administering_Project/index-containerized-katello.html
• Administering_Project/index-containerized-orcharhino.html
• Administering_Project/index-containerized-satellite.html
• Tuning_Performance/index-containerized-katello.html
• Tuning_Performance/index-containerized-orcharhino.html
• Tuning_Performance/index-containerized-satellite.html
• Upgrading_Project/index-containerized-katello.html
• Upgrading_Project/index-containerized-orcharhino.html
• Upgrading_Project/index-containerized-satellite.html
• Upgrading_Project_Disconnected/index-containerized-satellite.html

show diff

show diff as HTML

[aneta-petrova]

@jafiala Can you please take a look here? This is my first foremanctl PR that updates a foreman-maintain command to its foremanctl equivalent.

This involves introducing a foremanctl-maintain attribute (which has the same value as foremanctl-installer, I think those can be merged after we change the foremanctl build target attribute) and updating the individual occurrences of the commands.

It does not involve exposing the affected guides' foremanctl variants in the list of containerized guides in https://docs.theforeman.org/release/nightly/ because this particular command is spread over multiple procedures and verifying those procedures (and assemblies) as a whole is out of scope (that should come later, as we actually review the whole guides and expose them).

Does this make sense to you?

[maximiliankolb]

diff LGTM

[aneta-petrova]

With the latest commit, I also exposed proc_troubleshooting-permission-issues.adoc in the Upgrading guide. Because all steps in that procedure are being updated for foremanctl, I think that's safe enough to do already. Doing so will ensure the procedure will show up in https://docs.theforeman.org/nightly/Upgrading_Project/index-containerized-katello.html, which is accessible from https://docs.theforeman.org/release/nightly/

[aneta-petrova]

Hi @qcjames53, I think I applied all your feedback. Can you please re-review?

[maximiliankolb]

Suggested change

	# {foremanctl} health
	$ {foremanctl} health

Needs tech ACK.

FYI: In guides/common/modules/proc_retrieving-status-of-services-by-using-cli.adoc, you use a dollar sign to indicate that it works as normal user too. (issue for foreman-maintain exists on "master" already, but it would be nice to know and adjust it.)

[qcjames53]

foreman-maintain works fine as a regular user that has the ability to elevate to superuser so I think $ is fine. Root access is still required for most operations but all the playbooks use become: true.

[qcjames53]

I'm sorry about the big delay for re-reviewing this. I'm confident we're finally at a place where there won't be any more param changes on theforeman/foremanctl#521. Sorry to keep changing things; it has been a very involved review process. This will need one more round of fixes and I think we'll be good.

[qcjames53]

foreman-maintain works fine as a regular user that has the ability to elevate to superuser so I think $ is fine. Root access is still required for most operations but all the playbooks use become: true.

[qcjames53]

I did a deep dive into this procedure and came to the conclusion we can delete it for current Foreman.

• Foreman maintain added the duplicate permissions check in 2020 as a part of 30527, fixing a duplicate permissions issue in the Sat 6.5 -> 6.6 upgrade (do not know exact Foreman versions since NOTHING mentions it; I think it's 1.21 -> 1.22?).
• Modern Foreman does not allow duplicate permissions to be created and we're well beyond supporting 1.21.
• Eric and I agreed to delete the duplicate permissions check from foremanctl health since it's legacy code and we have a validation in place these days to try and prevent duplicates from being created. The --fix option is gone as well.

What do you think, Aneta?

[qcjames53]

As mentioned above, --fix no longer exists and foremanctl health no longer checks for duplicate permissions.