[ENHANCEMENT] Checking the cdn connection using the local entitlement files

README.md

@@ -14,6 +14,8 @@ Tools for use in supporting the operation of Satellite 6
 - [postgres-activity-report](#postgres-activity-report)
 - [production-log-load-stats](#production-log-load-stats)
 - [check-pulp-msg](#check-pulp-msg)
+- [check-cdn-connection](#check-cdn-connection)
+
 
 ## [check-perf-tuning](check-perf-tuning)
 
@@ -135,3 +137,131 @@ Sat May  1 15:17:05 EDT 2021
   [email protected]                 Y                 0     0      0       0      0        0         1     2
   [email protected]                      Y                      0     0      0       0      0        0         1     2
 ```
+
+
+## [check-cdn-connection](check-cdn-connection)
+
+This script can be executed by the customer in a RHEL system registered and with the entitlement/subscription assigned. Based on that, the server will try to reach some CDN links based on the entitlements already assigned to it.
+
+There is a help that will be as below
+```
+# ./check-cdn-connection.sh -h
+./check-cdn-connection.sh to check the first 5 urls of each entitlement
+To see in details, execute ./check-cdn-connection.sh --verbose
+```
+
+If you just execute the command, the output will be as below
+```
+# ./check-cdn-connection.sh 
+Found some entitlements
+Entitlement: 2228110793913314193.pem
+PASS,https://cdn.redhat.com/content/dist/layered/rhel8/ppc64le/3scale-amp/2/debug
+PASS,https://cdn.redhat.com/content/dist/layered/rhel8/ppc64le/3scale-amp/2/os
+PASS,https://cdn.redhat.com/content/dist/layered/rhel8/ppc64le/3scale-amp/2/source/SRPMS
+PASS,https://cdn.redhat.com/content/dist/layered/rhel8/x86_64/3scale-amp/2/debug
+PASS,https://cdn.redhat.com/content/dist/layered/rhel8/x86_64/3scale-amp/2/os
+Entitlement: 286675752367182767.pem
+PASS,https://cdn.redhat.com/content/dist/layered/rhel8/x86_64/3scale-amp/2/debug
+PASS,https://cdn.redhat.com/content/dist/layered/rhel8/x86_64/3scale-amp/2/os
+PASS,https://cdn.redhat.com/content/dist/layered/rhel8/x86_64/3scale-amp/2/source/SRPMS
+PASS,https://cdn.redhat.com/content/beta/layered/rhel8/x86_64/advanced-virt/debug
+PASS,https://cdn.redhat.com/content/beta/layered/rhel8/x86_64/advanced-virt/os
+```
+Note. Here we are checking for `repodata` dir on some URL and also `repomd.xml` file. The PASS information will be present ONLY if both information are present.
+
+If you would like to see more information about the query, normally, it will be necessary when the connection is failing, we can pass the flag `--verbose`, and the output will be as below
+```
+# ./check-cdn-connection.sh --verbose
+Found some entitlements
+Entitlement: 2228110793913314193.pem
+PASS,https://cdn.redhat.com/content/dist/layered/rhel8/ppc64le/3scale-amp/2/debug
+===
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
+<HTML>
+ <HEAD>
+  <TITLE>Index of /67570/rcm/content/dist/layered/rhel8/ppc64le/3scale-amp/2/debug</TITLE>
+ </HEAD>
+ <BODY>
+<H1>Index of /67570/rcm/content/dist/layered/rhel8/ppc64le/3scale-amp/2/debug</H1>
+<PRE>   Name                              Last modified        Size  
+<HR>
+<IMG SRC="/icons/dir.gif" ALT="[DIR]"> <A HREF="debug/../">Parent Directory</A>                  01-Jan-1970 00:00      -  
+<IMG SRC="/icons/dir.gif" ALT="[DIR]"> <A HREF="debug/Packages/">Packages/</A>                         14-Oct-2021 06:00      -  
+<IMG SRC="/icons/dir.gif" ALT="[DIR]"> <A HREF="debug/repodata/">repodata/</A>                         14-Oct-2021 06:00      -  
+</PRE><HR>
+</BODY></HTML>
+---
+<?xml version="1.0" encoding="UTF-8"?>
+<repomd xmlns="http://linux.duke.edu/metadata/repo" xmlns:rpm="http://linux.duke.edu/metadata/rpm">
+  <revision>1634191208</revision>
+  <data type="primary">
+    <checksum type="sha256">e3abf4a576e4d8a4e4b5063695e1875a8b5e6cf54fd59656836bf58893664dd1</checksum>
+    <open-checksum type="sha256">f70c5d27a93cd61a6b9c53f8ea211c5cc7297a446002b1dd0a07d83b405a8ef8</open-checksum>
+    <location href="repodata/e3abf4a576e4d8a4e4b5063695e1875a8b5e6cf54fd59656836bf58893664dd1-primary.xml.gz"/>
+    <timestamp>1634191208</timestamp>
+    <size>2739</size>
+    <open-size>18819</open-size>
+  </data>
+  <data type="filelists">
+    <checksum type="sha256">7da945a60e61e1eb277d88b63e7b74137659dd4c47c4f73265f79729392a7277</checksum>
+    <open-checksum type="sha256">0219049a94863a04767e8f93f7613c41f6d9333b02ba06e2db58e3b9c5da8558</open-checksum>
+    <location href="repodata/7da945a60e61e1eb277d88b63e7b74137659dd4c47c4f73265f79729392a7277-filelists.xml.gz"/>
+    <timestamp>1634191208</timestamp>
+    <size>7745</size>
+    <open-size>131735</open-size>
+  </data>
+  <data type="other">
+    <checksum type="sha256">de7ec5f1a2e9f991e68fbb19f9bc0fe9326eb289b83f42b0aefdc730297f3c5e</checksum>
+    <open-checksum type="sha256">ca4d94ba9eed892aa0d5eebf8ec11076436f8170cee15683a328f829f4b59727</open-checksum>
+    <location href="repodata/de7ec5f1a2e9f991e68fbb19f9bc0fe9326eb289b83f42b0aefdc730297f3c5e-other.xml.gz"/>
+    <timestamp>1634191208</timestamp>
+    <size>3034</size>
+    <open-size>33364</open-size>
+  </data>
+  <data type="primary_db">
+    <checksum type="sha256">94b16fe32eaa308f6ae51313ac3a39401253bf9c09ad894d44dec5670a6a5a9e</checksum>
+    <open-checksum type="sha256">8b50f9cfd5b458b92fa7341f252d9539ee7ed33c4b4fee897133e21678861b17</open-checksum>
+    <location href="repodata/94b16fe32eaa308f6ae51313ac3a39401253bf9c09ad894d44dec5670a6a5a9e-primary.sqlite.bz2"/>
+    <timestamp>1634191208</timestamp>
+    <size>5321</size>
+    <open-size>47104</open-size>
+    <database_version>10</database_version>
+  </data>
+  <data type="filelists_db">
+    <checksum type="sha256">950cd7c2ebecdab6fc025fb038c7f2be6de21eea518e7e270c565c7e3ad61ef6</checksum>
+    <open-checksum type="sha256">f5e4e7cee90b5ca482308ba894a4cf3ce54d3c7d7d049b31e09f88ddad1b7b5a</open-checksum>
+    <location href="repodata/950cd7c2ebecdab6fc025fb038c7f2be6de21eea518e7e270c565c7e3ad61ef6-filelists.sqlite.bz2"/>
+    <timestamp>1634191208</timestamp>
+    <size>11775</size>
+    <open-size>60416</open-size>
+    <database_version>10</database_version>
+  </data>
+  <data type="other_db">
+    <checksum type="sha256">fd1e4c678c7e951d71cdcced245779b42c02bd1451d5f172809694f3e6fbe7c9</checksum>
+    <open-checksum type="sha256">69dbd7e0c1059f8197441e2f3f64df0eea8d9e662de88f5866acf4534babe568</open-checksum>
+    <location href="repodata/fd1e4c678c7e951d71cdcced245779b42c02bd1451d5f172809694f3e6fbe7c9-other.sqlite.bz2"/>
+    <timestamp>1634191208</timestamp>
+    <size>6765</size>
+    <open-size>30720</open-size>
+    <database_version>10</database_version>
+  </data>
+  <data type="group">
+    <checksum type="sha256">a27718cc28ec6d71432e0ef3e6da544b7f9d93f6bb7d0a55aacd592d03144b70</checksum>
+    <location href="repodata/a27718cc28ec6d71432e0ef3e6da544b7f9d93f6bb7d0a55aacd592d03144b70-comps.xml"/>
+    <timestamp>1634191208</timestamp>
+    <size>124</size>
+  </data>
+  <data type="updateinfo">
+    <checksum type="sha256">fc08b27f5bd450523469354967258c278ace0c4d4c93daa8bbcf19dfb556a199</checksum>
+    <open-checksum type="sha256">aedbbb19df839fa56baf8e1c16a7081709408068d6bc5fb55b0aebad4f26742a</open-checksum>
+    <location href="repodata/fc08b27f5bd450523469354967258c278ace0c4d4c93daa8bbcf19dfb556a199-updateinfo.xml.gz"/>
+    <timestamp>1634191208</timestamp>
+    <size>1657</size>
+    <open-size>5521</open-size>
+  </data>
+</repomd>
+===
+...
+```
+
+Note. From this check, we are skipping all the repos that have `$releasever`.

check-cdn-connection.sh

@@ -0,0 +1,79 @@
+#!/bin/bash
+
+# 
+# Delevoper .....: Waldirio M Pinheiro <[email protected]> | <[email protected]>
+# Date ..........: 12/24/2021 (Merry Xmas)
+# Purpose .......: To check the connectivity with CDN using the local/installed 
+# 		   entitlements.
+# License .......: GPL
+# 
+
+
+CA_CERT="/etc/rhsm/ca/redhat-uep.pem"
+ENTITLEMENT_DIR="/etc/pki/entitlement"
+RCT="/usr/bin/rct"
+CURL="/usr/bin/curl -s"
+PRE="https://cdn.redhat.com"
+NUM_OF_URL_TO_CHECK=5
+
+
+if [ "$1" == "--help" ] || [ "$1" == "-h" ]; then
+  echo "$0 to check the first $NUM_OF_URL_TO_CHECK urls of each entitlement"
+  echo "To see in details, execute $0 --verbose"
+  exit
+fi
+
+if [ "$1" == "--verbose" ]; then
+  VERBOSE=1
+else
+  VERBOSE=0
+fi
+
+pem_files_count=$(ls $ENTITLEMENT_DIR | wc -l)
+
+if [ $pem_files_count -eq 0 ]; then
+  echo "Please, assing some subscription"
+  echo "exiting ...."
+  exit
+else
+  echo "Found some entitlements"
+
+  pem_files=$(ls $ENTITLEMENT_DIR | grep -v "\-key")
+  for b in $pem_files
+  do
+    key_cert=$(echo $b | sed "s/.pem/-key.pem/g")
+    url_list=$($RCT cat-cert $ENTITLEMENT_DIR/$b | grep URL: | awk '{print $2}' | grep -v "\$release" | head -n $NUM_OF_URL_TO_CHECK)
+
+    echo "Entitlement: $b"
+    for url in $url_list
+    do
+      #echo "$b,$url_list"
+      #echo "$CURL --cacert $CA_CERT --cert $ENTITLEMENT_DIR/$b --key $ENTITLEMENT_DIR/$key_cert $PRE$url_list"
+      curl_command=$($CURL --cacert $CA_CERT --cert $ENTITLEMENT_DIR/$b --key $ENTITLEMENT_DIR/$key_cert $PRE$url)
+      curl_cmd_repomd=$($CURL --cacert $CA_CERT --cert $ENTITLEMENT_DIR/$b --key $ENTITLEMENT_DIR/$key_cert $PRE$url/repodata/repomd.xml)
+
+      check_repodata=$(echo "$curl_command" | grep repodata | wc -l)
+      check_repomd=$(echo "$curl_cmd_repomd" | wc -l)
+
+      if [ $check_repodata -eq 1 ] && [ $check_repomd -ne 1 ]; then
+        echo "PASS,$PRE$url"
+        if [ $VERBOSE -eq 1 ]; then
+          echo "==="
+          echo "$curl_command"
+          echo "---"
+          echo "$curl_cmd_repomd"
+          echo "==="
+        fi
+      else
+        echo "FAIL,$PRE$url"
+        if [ $VERBOSE -eq 1 ]; then
+          echo "==="
+          echo "$curl_command"
+          echo "---"
+          echo "$curl_cmd_repomd"
+          echo "==="
+        fi
+      fi
+    done
+  done
+fi