Red Hat Training
A Red Hat training course is available for Red Hat Satellite
API Guide
Reference documentation for using Satellite's Representational State Transfer (REST) API
Edition 1.0
Red Hat Satellite Documentation Team
satellite-doc-list@redhat.com
Abstract
Chapter 1. Introduction to Red Hat Satellite API
1.1. The Red Hat Satellite API
Note
https://satellite6.example.com/apidoc/v2.html
(replace satellite6.example.com with the host name of your Satellite Server). Be aware that even though versions 1 and 2 of the Satellite 6 API are available, Red Hat only supports version 2.
- Broad client support: Any programming language, framework, or system with support for HTTP protocol can use the API;
- Self descriptive: Client applications require minimal knowledge of the Red Hat Satellite infrastructure as many details are discovered at runtime;
- Resource based model: The resource based REST model provides a natural way to manage a virtualization platform.
- integrate with enterprise IT systems;
- integrate with third-party applications;
- perform automated maintenance or error checking tasks;
- automate repetitive tasks with scripts.
1.2. Representational State Transfer
GET
, POST
, PUT
, and DELETE
. This provides a stateless communication between the client and server where each request acts independent of any other request and contains all necessary information to complete the request.
1.3. Satellite API Compared to Hammer CLI Tool
-d
option to inspect API calls issued by Hammer, for example hammer -d organization list
). Changes in the API are automatically reflected in Hammer, while scripts using the API directly have to be updated manually.
Chapter 2. API Reference
https://satellite6.example.com/apidoc/v2.html
(replace satellite6.example.com with the host name of your Satellite Server). Be aware that even though versions 1 and 2 of the Satellite 6 API are available, Red Hat only supports version 2.
2.1. Understanding the API Syntax
HTTP_VERB API_ROUTEThe HTTP verbs used by the API are GET, POST, PUT, and DELETE. See the HOSTS section of the API reference document at
http://satellite6.example.com/apidoc/v2/hosts.html
for some examples. If you are already familiar with API syntax and the curl
command you can skip this section.
curl
manual page show the following basic syntax: curl [options] [URL...]The options used in this guide include:
-X, --request command
, where command is an HTTP verb.
Using the GET HTTP Verb
GET /api/hosts
with the curl
syntax results in: curl -X GET https://satellite6.example.com/api/hostsSatellite only supports HTTPS for connecting to the API, and some form of authentication is required.
-u
option, and the -k
option to skip SSL peer certificate verification checks:
$ curl -X GET -k -u sat_username https://satellite6.example.com/api/hosts
Enter host password for user 'sat_username':
{
"total": 2,
"subtotal": 2,
"page": 1,
"per_page": 20,
"search": null,
"sort": {
"by": null,
"order": null
},
"results":
output truncated
The above response from the API indicates that there are two results in total, two results are being returned below, this is the first page of the results, and the maximum results per page is set to 20. This is explained more verbosely in Section 2.2, “Understanding the JSON Response Format”.
:parameter
. For example: GET /api/hosts/:idThese are API route parameters and must be replaced by an appropriate value. Route parameters start with a colon and end with
id
.
Note
v2
in the URL for API calls.
Using the POST HTTP Verb
-d, --data
option followed by the quoted JSON formatted data enclosed in braces {}
. Alternatively, the unquoted JSON formatted data can be enclosed in a file, and specified using the curl
command's @
option. For example, -d @file.json
.
json_verify
tool and the json_reformat
tool.
json_verify
tool, you can check the validity of a JSON file as follows:
$ json_verify < test_file.json
json.tool
: curl API_call | python -m json.toolAlternately, use the
json_reformat
tool: curl API_call | json_reformatThe output format is explained in Section 2.2, “Understanding the JSON Response Format”.
POST /katello/api/activation_keys
POST /katello/api/activation_keys
command:
curl -X POST -k -u sat_username:sat_password \ -d @file_of_json-formatted_data \ https://satellite6.example.com/katello/api/activation_keys
activation-key.json
, with contents as follows:
{"organization_id":1, "name":"TestKey", "description":"Just for testing"}
$To view this entry in the web UI, navigate to Content → Activation keys. Remember to reload the page after any changes.curl -H "Accept:application/json,version=2" \
-H "Content-Type:application/json" -X POST \
-u sat_username:sat_password -k \
-d @activation-key.json \
https://satellite6.example.com/katello/api/activation_keys | json_reformat
{ "id": 2, "name": "TestKey", "description": "Just for testing", "unlimited_hosts": true, "auto_attach": true, "content_view_id": null, "environment_id": null, "usage_count": 0, "user_id": 3, "max_hosts": null, "release_version": null, "service_level": null, "content_overrides": [ ], "organization": { "name": "Default Organization", "label": "Default_Organization", "id": 1 }, "created_at": "2017-02-16 12:37:47 UTC", "updated_at": "2017-02-16 12:37:48 UTC", "content_view": null, "environment": null, "products": null, "host_collections": [ ], "permissions": { "view_activation_keys": true, "edit_activation_keys": true, "destroy_activation_keys": true } }
Using the PUT HTTP Verb
-d, --data
option followed by the quoted JSON formatted data enclosed in braces {}
. Alternatively, the unquoted JSON formatted data can be enclosed in a file, and specified using the curl
command's @
option. For example, -d @file.json
.
PUT /katello/api/activation_keys/:id
curl -X PUT -k -u sat_username:sat_password \ -d @file_of_json-formatted_data \ https://satellite6.example.com/katello/api/activation_keys/:idReplace :id with the ID of the Activation key to be updated. Using the PUT command multiple times with the same values will not create multiple entries.
{"organization_id":1, "name":"TestKey", "description":"Just for testing","max_hosts":"10" }Use a command as follows to apply the changes in the JSON file:
$curl -H "Accept:application/json,version=2" \
-H "Content-Type:application/json" -X PUT \
-u sat_username:sat_password -k \
-d @activation-key.json \
https://satellite6.example.com/katello/api/activation_keys/2
{ "id": 2, "name": "TestKey", "description": "Just for testing", "unlimited_hosts": false, "auto_attach": true, "content_view_id": null, "environment_id": null, "usage_count": 0, "user_id": 3, "max_hosts": 10, "release_version": null, "service_level": null, "content_overrides": [ ], "organization": { "name": "Default Organization", "label": "Default_Organization", "id": 1 }, "created_at": "2017-02-16 12:37:47 UTC", "updated_at": "2017-02-16 12:46:17 UTC", "content_view": null, "environment": null, "products": null, "host_collections": [ ], "permissions": { "view_activation_keys": true, "edit_activation_keys": true, "destroy_activation_keys": true } }
Using the DELETE HTTP Verb
curl -X DELETE -k -u sat_username:sat_password \ https://satellite6.example.com/katello/api/activation_keys/:idReplace :id with the ID of the Activation key to be deleted. For example:
$curl -H "Accept:application/json,version=2" \
-H "Content-Type:application/json" -X DELETE \
-u admin:RedHat1! -k \
https://satellite6.example.com/katello/api/activation_keys/2 | json_reformat
output omitted "started_at": "2017-02-16 12:58:17 UTC", "ended_at": "2017-02-16 12:58:18 UTC", "state": "stopped", "result": "success", "progress": 1.0, "input": { "activation_key": { "id": 2, "name": "TestKey" output truncated
Relating API Error Messages to the API Reference
Nested_Resource.Attribute_NameThis translates to the following format used in the API reference:
Resource[Nested_Resource_attributes][Attribute_Name_id]
2.2. Understanding the JSON Response Format
json.tool
module gives a more human readable format.
JSON Response Format for Collections
GET /api/domains
. The output was piped through json.tool
to make the results section easier to read.
$ curl -X GET -k -u admin:password https://satellite6.example.com/api/domains | python -m json.tool
{
"total": 3,
"subtotal": 3,
"page": 1,
"per_page": 20,
"search": null,
"sort": {
"by": null,
"order": null
},
"results": [
{
"id": 23,
"name": "qa.lab.example.com",
"fullname": "QA",
"dns_id": 10,
"created_at": "2013-08-13T09:02:31Z",
"updated_at": "2013-08-13T09:02:31Z"
},
{
"id": 25,
"name": "sat.lab.example.com",
"fullname": "SATLAB",
"dns_id": 8,
"created_at": "2013-08-13T08:32:48Z",
"updated_at": "2013-08-14T07:04:03Z"
},
{
"id": 32,
"name": "hr.lab.example.com",
"fullname": "HR",
"dns_id": 8,
"created_at": "2013-08-16T08:32:48Z",
"updated_at": "2013-08-16T07:04:03Z"
}
]
}
total
— The total number of objects without any search parameters.subtotal
— The number of objects returned with the given search parameters (if there is no search, then subtotal is equal to total).page
— The page number.per_page
— The maximum number of objects returned per page.limit
— The specified number of objects to return in a collection response.offset
— The number of objects skipped before returning a collection.search
— The search string based onscoped_scoped
syntax.sort
by
— The field that the collection is sorted by.order
— The sort order, either ASC for ascending or DESC for descending.
results
— The collection of objects.
JSON Response Format for Single Objects
:id
or :name
, is required in the GET request. Note that :name
cannot always be used as a unique identifier, but :id
can always be used. The format for a single-object JSON response consists of only the object’s attributes.
GET /api/domains/23
or GET /api/domains/qa.lab.example.com
.
$ curl -X GET -k -u admin:password https://satellite6.example.com/api/domains/23 | python -m json.tool
{
"id": 23,
"name": "qa.lab.example.com",
"fullname": "QA",
"dns_id": 10,
"created_at": "2013-08-13T09:02:31Z",
"updated_at": "2013-08-13T09:02:31Z"
}
Chapter 3. Authenticating API Calls
3.1. Using SSL Authentication
- Obtain a certificate from the Satellite Server with which you want to communicate (satellite6.example.com) using one of the following options:
- To obtain a certificate using SSH, run the following command:
$
scp root@satellite6.example.com:/var/www/html/pub/katello-server-ca.crt ./
- If you execute the command directly on the Satellite Server, obtain a certificate from the locally available copy by running the following command:
$
cp /var/www/html/pub/katello-server-ca.crt ./
- To obtain a certificate using HTTP, run the following command:
$
curl -O http://satellite6.example.com/pub/katello-server-ca.crt
Warning
Retrieving a certificate using an unencrypted HTTP connection might present a security risk.
- Use the certificate on your client as a certificate authority to verify the identity of the Satellite Server:
$
curl -X GET -u sat_username:sat_password \
-H "Accept:application/json" --cacert katello-server-ca.crt \
https://satellite6.example.com/katello/api/organizations
GET
is the default action and therefore-X GET
attribute can be omitted here. - Create a Network Security Services (NSS) database to store the certificate:
$
certutil -N -d sql:$HOME/.pki/nssdb
Enter a password which will be used to encrypt your keys. The password should be at least 8 characters long, and should contain at least one non-alphabetic character. Enter new password: Re-enter password:If the NSS database already exists you will be prompted for the password as follows:Enter Password or Pin for "NSS Certificate DB":
- Use the following command to permanently include the certificate in the NSS database:
$
certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "Red Hat Satellite" \
-i katello-server-ca.crt
This imports the certificate into the NSS database, which means you can omit the--cacert
option for each request. You can test this as follows:$
curl -X GET -u sat_username:sat_password https://satellite6.example.com/api/v2/hosts
{ "total": 2, ..., "results": [ ... ] } output omitted
3.2. Using HTTP Authentication
Important
3.3. Using OAuth Authentication
3.3.1. Configuring OAuth
/etc/foreman/settings.yaml
configuration file and can be viewed in the web UI by going to Administer → Settings → Auth. The OAuth consumer key is the token to be used by all OAuth clients. Certain values in the web UI cannot be changed. These values can only be changed by running the satellite-installer
script again with the new options. Note that any manual changes to the file will be lost when upgrading. Enter the following command to see all the OAuth related installer options:
# satellite-installer --full-help | grep oauth
false
in the /etc/foreman/settings.yaml
file. If you want to specify the user under which the request is made, change this configuration option to true
. This allows clients to send a FOREMAN-USER header with the login of an existing Foreman user.
Important
3.3.2. Making an OAuth Request
curl
is shown here to aid in understanding how it works.
Example 3.1. OAuth Request Example Using curl
$In the example above architectures are listed using OAuth for authentication. The request is attempted as a user with login User1. If mapping is enabled in the Foreman settings, the result will only include architectures that user User1 can see. Note that the signature was constructed manually, this should change with anycurl 'https://satellite6.example.com/api/architectures' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json,version=2' \
-H 'FOREMAN-USER: User1' \
-H 'Authorization: OAuth oauth_version="1.0",oauth_consumer_key="secretkey",oauth_signature_method="hmac-sha1",oauth_timestamp=1321473112,oauth_signature=Il8hR8/ogj/XVuOqMPB9qNjSy6E='
oauth_timestamp
change. Also, the signature reflects every parameter, HTTP method, and URI change. Therefore it is recommend to use an OAuth client library to construct all OAuth parameters.
Chapter 4. Getting Started with the Red Hat Satellite API
url = 'https://satellite6.example.com/api/v2/' capsule_url = 'https://capsule.example.com:8443/api/v2/' katello_url = 'https://satellite6.example.com/katello/api/v2/'
/etc/rhsm/rhsm.conf
file, in the port
entry of the [server] section. You can use these values to fully automate your scripts, removing any need to verify which ports to use.
4.1. API Examples Using Curl
curl
to perform various tasks using the Satellite API.
4.1.1. Performing Simple Queries
curl
to search for information about your Satellite deployment. These examples include both the actual command and some sample output, and example values for user names and passwords. Expect different results for each deployment. These examples also use the python -m json.tool
command to format the output.
Note
-k
(insecure) option to bypass certificate checks.
-u username:password
or, if you do not include the password, the command prompts you to enter it. Red Hat recommends that you do not include the password as part of the command, because it then becomes part of your shell history and might present a security risk. These examples include the password only for the sake of simplicity.
-s
(silent) option with curl
that you will not see a progress meter or any error messages.
The following is a basic query that returns a list of resources. Such requests return a list of data wrapped in metadata, while other request types only return the actual object.
$ curl -X GET -s -k -u sat_username:sat_password https://satellite6.example.com/api/v2/hosts | python -m json.tool { "total" => 2, "subtotal" => 2, "page" => 1, "per_page" => 1000, "search" => nil, "sort" => { "by" => nil, "order" => nil }, "results" => [ ... }
Example 4.1. Listing Users
$ curl -X GET -s -k -u sat_username:sat_password https://satellite6.example.com/api/users
{
"total": 1,
"subtotal": 1,
"page": 1,
"per_page": 20,
"search": null,
"sort": {
"by": null,
"order": null
},
"results": [{"firstname":"Admin","lastname":"User","mail":"root@example.com","admin":true,"auth_source_id":1,"auth_source_name":"Internal","timezone":null,"locale":null,"last_login_on":"2017-02-08 23:25:51 UTC","created_at":"2017-01-09 12:10:02 UTC","updated_at":"2017-02-08 23:25:51 UTC","id":3,"login":"admin","default_location":null,"locations":[],"default_organization":{"id":1,"name":"Default Organization","title":"Default Organization","description":null},"organizations":[]}]
}
The following query returns information for the host satellite6.example.com
:
$ curl -X GET -s -k -u sat_username:sat_password https://satellite6.example.com/api/v2/hosts/satellite6.example.com | python -m json.tool { "all_puppetclasses": [], "architecture_id": 1, "architecture_name": "x86_64", "build": false, "capabilities": [ "build" ], "certname": "satellite6.example.com", "comment": null, "compute_profile_id": null, ... }
The following query returns all facts for the host satellite6.example.com
:
$ curl -X GET -s -k -u sat_username:sat_password https://satellite6.example.com/api/v2/hosts/satellite6.example.com/facts | python -m json.tool { ... "results": { "satellite6.example.com": { "augeasversion": "1.0.0", "bios_release_date": "01/01/2007", "bios_version": "0.5.1", "blockdevice_sr0_size": "1073741312", "facterversion": "1.7.6", ... }
The following query returns all hosts that match the pattern "example":
$ curl -X GET -s -k -u sat_username:sat_password https://satellite6.example.com/api/v2/hosts?search=example | python -m json.tool { ... "results": [ { "name": "satellite6.example.com", ... } ], "search": "example", ... }
The following query returns all hosts in the "production" environment:
$ curl -X GET -s -k -u sat_username:sat_password https://satellite6.example.com/api/v2/hosts?search=environment=production | python -m json.tool { ... "results": [ { "environment_name": "production", "name": "satellite6.example.com", ... } ], "search": "environment=production", ... }
The following query returns all hosts with a model name "RHEV Hypervisor":
$ curl -X GET -s -k -u sat_username:sat_password https://satellite6.example.com/api/v2/hosts?search=model=\"RHEV+Hypervisor\" | python -m json.tool { ... "results": [ { "model_id": 1, "model_name": "RHEV Hypervisor", "name": "satellite6.example.com", ... } ], "search": "model=\"RHEV Hypervisor\"", ... }
4.1.2. Creating and Modifying Resources
Accept:version=2
in the request header. The URL specification takes precedence.
$ curl -H "Accept:application/json,version=2" \ -H "Content-Type:application/json" -X POST \ -u username:password -k \ -d json-formatted-data https://satellite6.example.com
$ curl -H "Accept:application/json,version=2" \ -H "Content-Type:application/json" -X POST -u sat_username:sat_password \ -k -d "{\"architecture\":{\"name\":\"i686\"}}" \ https://satellite6.example.com/api/architectures
{"name":"i686","id":3,"created_at":"2015-10-29T13:21:09Z","updated_at":"2015-10-29T13:21:09Z","operatingsystems":[],"images":[]}
$ curl -X GET -u sat_username:sat_password -k https://satellite6.example.com/api/v2/architectures | python -m json.tool { "page": 1, "per_page": 20, "results": [ { "created_at": "2015-04-02T05:29:46Z", "id": 2, "name": "i386", "updated_at": "2015-04-02T05:29:46Z" }, { "created_at": "2015-04-02T05:29:46Z", "id": 1, "name": "x86_64", "updated_at": "2015-04-02T05:29:46Z" }, { "created_at": "2015-11-04T19:40:15Z", "id": 3, "name": "i686", "updated_at": "2015-11-04T19:40:15Z" } ], "search": null, "sort": { "by": null, "order": null }, "subtotal": 3, "total": 3 }
hammer
on the Satellite Server to verify the results:
$ hammer -u sat_username -p sat_password architecture list ---|------- ID | NAME ---|------- 2 | i386 1 | x86_64 3 | i686 ---|-------
Example 4.2. Creating a New User
$curl -H "Accept:application/json,version=2" \
-H "Content-Type:application/json" -X POST \
-u sat_username:sat_password -k \
-d "{\"firstname\":\"Test\",\"lastname\":\"API-User\",\"mail\":\"test@example.com\",\"login\":\"test_api\",\"password\":\"123456\",\"auth_source_id\":1}" \
https://satellite6.example.com/api/users
4.1.2.1. Uploading Content to the Satellite Server
curl
with the Satellite 6 API to upload and import large files to your Satellite Server. This process involves four steps:
- Create an upload request.
- Upload the content.
- Import the content.
- Delete the upload request.
Procedure 4.1. Uploading Content to the Satellite Server
- Create the upload request. Ensure you modify the example parameters to suit your deployment:
$ curl -H "Accept:application/json,version=2" \ -H "Content-Type:application/json" \ -X POST \ -u sat_username:sat_password -k -d "{}" \ https://satellite6.example.com/katello/api/repositories/3/content_uploads
This command returns theupload_id
similar to the following:{"upload_id":"0be156b1-f373-4cad-89d0-924f8f4491d2","_href":"/pulp/api/v2/content/uploads/0be156b1-f373-4cad-89d0-924f8f4491d2/"}
- Upload your content. Ensure you use the correct MIME type when you upload data. The "application/json" MIME type is used for the majority of requests to Satellite 6. Combine the
upload_id
, MIME type, and other parameters to upload content:$ curl -H "Accept:application/json,version=2" \ -H "Content-Type:multipart/form-data" \ -X PUT \ -u sat_username:sat_password \ -k --data-urlencode "content@/home/sat6user/rpmbuild/RPMS/noarch/python-scripttest-1.1.1-1.fc21.noarch.rpm" \ --data-urlencode offset=0 \ https://satellite6.example.com/katello/api/repositories/3/content_uploads/0be156b1-f373-4cad-89d0-924f8f4491d2
- After you have uploaded the content to the Satellite Server, you need to import it into the appropriate repository. Until you complete this step, the Satellite Server will not be aware of the new content:
$ curl -H "Accept:application/json,version=2" \ -H "Content-Type:application/json" \ -X PUT \ -u sat_username:sat_password \ -k -d "{\"upload_ids\":[\"0be156b1-f373-4cad-89d0-924f8f4491d2\"]}" \ https://satellite6.example.com/katello/api/repositories/3/import_uploads
- After you have successfully uploaded and imported your content, you can delete the upload request. This frees any temporary disk space that was used during the upload:
$ curl -H "Accept:application/json,version=2" \ -H "Content-Type:application/json" \ -X DELETE -d "{}" \ -u sat_username:sat_password \ -k https://satellite6.example.com/katello/api/repositories/3/content_uploads/0be156b1-f373-4cad-89d0-924f8f4491d2
Example 4.3. Uploading Content Larger than 30 MB
- Download the sample module:
$ wget https://forgeapi.puppetlabs.com/v3/files/theforeman-foreman-5.0.1.tar.gz?_ga=1.267255502.1792403825.1430297670 -O theforeman-foreman-5.0.1.tar.gz
Split the module into 50,000 byte chunks:$ split --bytes 50000 --numeric-suffixes --suffix-length=1 theforeman-foreman-5.0.1.tar.gz foreman_module.
View the resulting files:$ ls -la theforeman-foreman-5.0.1.tar.gz foreman_module.* -rw-r--r--. 1 root root 50000 Nov 4 04:42 foreman_module.0 -rw-r--r--. 1 root root 32928 Nov 4 04:42 foreman_module.1 -rw-r--r--. 1 root root 82928 Nov 4 04:41 theforeman-foreman-5.0.1.tar.gz
- Create a new upload request (this is the equivalent of
cat
on the Satellite Server).$ curl -H "Accept:application/json,version=2" \ -H "Content-Type:application/json" \ -X POST \ -u sat_username:sat_password -k -d "{}" \ https://ibm-vm01.example.com/katello/api/repositories/2/content_uploads
The above command returns an upload ID:{"upload_id":"9585528f-07ad-4bb1-9c80-ccece249b2b7","_href":"/pulp/api/v2/content/uploads/9585528f-07ad-4bb1-9c80-ccece249b2b7/"}
- Upload the file chunks that you created in Step 1. Notice the use of the
offset
parameter in this example and how it relates to the file size:$ curl -H "Accept:application/json,version=2" \ -H "Content-Type:multipart/form-data" \ -X PUT \ -u sat_username:sat_password \ -k --data-urlencode "content@foreman_module.0" \ --data-urlencode offset=0 \ https://ibm-vm01.example.com/katello/api/repositories/2/content_uploads/9585528f-07ad-4bb1-9c80-ccece249b2b7
$ curl -H "Accept:application/json,version=2" \ -H "Content-Type:multipart/form-data" \ -X PUT \ -u sat_username:sat_password \ -k --data-urlencode "content@foreman_module.1" \ --data-urlencode offset=50000 \ https://ibm-vm01.example.com/katello/api/repositories/2/content_uploads/9585528f-07ad-4bb1-9c80-ccece249b2b7
- Import the complete upload to the repository:
$ curl -H "Accept:application/json,version=2" \ -H "Content-Type:application/json" \ -X PUT \ -u sat_username:sat_password \ -k -d "{\"upload_ids\":[\"9585528f-07ad-4bb1-9c80-ccece249b2b7\"]}" \ https://ibm-vm01.example.com/katello/api/repositories/2/import_uploads
- Delete the upload request:
$ curl -H "Accept:application/json,version=2" \ -H "Content-Type:application/json" \ -X DELETE -d "{}" \ -u sat_username:sat_password \ -k https://ibm-vm01.example.com/katello/api/repositories/2/content_uploads/9585528f-07ad-4bb1-9c80-ccece249b2b7
- Log in to the Satellite Server to check if the file was transferred correctly:
$ ls -la /var/lib/pulp/content/puppet_module/theforeman-foreman-5.0.1.tar.gz -rw-r--r--. 1 apache apache 82928 Nov 4 04:55 /var/lib/pulp/content/puppet_module/theforeman-foreman-5.0.1.tar.gz
Compare the files:$ cmp /var/lib/pulp/content/puppet_module/theforeman-foreman-5.0.1.tar.gz theforeman-foreman-5.0.1.tar.gz
$ echo $? 0
4.1.3. Overriding Smart Class Parameters
https://satellite6.example.com/apidoc/v2/smart_class_parameters/update.html
.
GET /api/smart_class_parameters
. Using curl
, the command is as follows:
$If you know the Puppet class ID, for example 5, you can restrict the scope as follows:curl -X GET -s -k -u sat_username:sat_password \
https://satellite6.example.com/api/smart_class_parameters
$ curl -X GET -s -k -u sat_username:sat_password https://satellite6.example.com/api/puppetclasses/5/smart_class_parameters
puppetclass_name
and key
, which enables you to search for a specific parameter. For example, using the -d, --data
option to pass URL encoded data:
$ curl -X GET -s -k -u sat_username:sat_password https://satellite6.example.com/api/smart_class_parameters -d 'search=puppetclass_name = access_insights_client and key = authmethod'
Standard scoped-search syntax is supported.
GET /api/smart_class_parameters/63
. Using curl
, the command would be:
$Now you can enable overriding of parameter values with a PUT call:curl -X GET -s -k -u sat_username:sat_password \
https://satellite6.example.com/api/smart_class_parameters/63
$Note that there is no way to create or delete the parameters manually. Users can only modify their attributes. Parameters get created and deleted only upon class import from a proxy.curl -H "Accept:application/json,version=2" \
-H "Content-Type:application/json" -X PUT \
-s -k -u sat_username:sat_password \
-d '{"smart_class_parameter":{"override":true}}' \
https://satellite6.example.com/api/smart_class_parameters/63
$Details about all parameters of the API call are here:curl -H "Accept:application/json,version=2" \
-H "Content-Type:application/json" -X PUT \
-s -k -u sat_username:sat_password \
-d '{"smart_class_parameter":{"override_value":{"match":"hostgroup=Test","value":"2.4.6"}}}' \
https://satellite6.example.com/api/smart_class_parameters/63
https://satellite6.example.com/apidoc/v2/override_values.html
.
$curl -X DELETE -s -u sat_username:sat_password \
https://satellite6.example.com/api/smart_class_parameters/63/override_values/3
4.1.3.1. Modifying a Smart Class Parameter Using an External File
Procedure 4.2. Modifying a Smart Class Parameter Using an External File
- Search for the Puppet Class by name, in this case,
motd
:$
curl -H "Accept:application/json,version=2" \
-H "Content-Type:application/json" -X GET \
-u sat_user:sat_passwd -k \
"https://satellite6.example.com/api/smart_class_parameters?search=puppetclass_name=motd” \
| python -m json.tool
{ "page": 1, "per_page": 20, "results": [ { "avoid_duplicates": false, "created_at": "2017-02-06 12:37:48 UTC", "default_value": "", "description": "", "hidden_value": "*****", "hidden_value?": false, "id": 3, "merge_default": false, "merge_overrides": false, "override": false, "override_value_order": "fqdn\nhostgroup\nos\ndomain", "override_values_count": 0, "parameter": "content", "parameter_type": "string", "puppetclass_id": 3, "puppetclass_name": "motd", "required": false, "updated_at": "2017-02-07 13:08:42 UTC", "use_puppet_default": false, "validator_rule": null, "validator_type": "" }, { "avoid_duplicates": false, "created_at": "2017-02-06 12:37:48 UTC", "default_value": true, "description": "", "hidden_value": "*****", "hidden_value?": false, "id": 1, "merge_default": false, "merge_overrides": false, "override": false, "override_value_order": "fqdn\nhostgroup\nos\ndomain", "override_values_count": 0,"parameter": "dynamic_motd", "parameter_type": "boolean", "puppetclass_id": 3, "puppetclass_name": "motd", "required": false, "updated_at": "2017-02-06 15:21:06 UTC", "use_puppet_default": null, "validator_rule": null, "validator_type": null }, { "avoid_duplicates": false, "created_at": "2017-02-06 12:37:48 UTC", "default_value": "", "description": "", "hidden_value": "*****", "hidden_value?": false, "id": 2, "merge_default": false, "merge_overrides": false, "override": false, "override_value_order": "fqdn\nhostgroup\nos\ndomain", "override_values_count": 0, "parameter": "template", "parameter_type": "string", "puppetclass_id": 3, "puppetclass_name": "motd", "required": false, "updated_at": "2017-02-06 15:21:06 UTC", "use_puppet_default": null, "validator_rule": null, "validator_type": null } ], "search": "puppetclass_name=motd", "sort": { "by": null, "order": null }, "subtotal": 3, "total": 66 }Each Smart Class Parameter has an ID that is global for the same Satellite instance. Thecontent
parameter of themotd
class hasid=3
in this Satellite Server. Do not confuse this with the Puppet Class ID which appears just before the Puppet Class name. - Use the parameter ID
3
to get the information specific to themotd
parameter and redirect the output to a file, for example,output_file.json
:$
curl -H "Accept:application/json,version=2" \
-H "Content-Type:application/json" -X GET \
-u sat_user:sat_passwd -k \
"https://satellite6.example.com/api/smart_class_parameters/3 \
| python -m json.tool > output_file.json
- Copy the file created in the previous step to a new file for editing, for example,
changed_file.json
. Open the file in an editor and modify the desired values. In this example, we wish to change the content parameter of themotd
module, which requires changing theoverride
option fromfalse
totrue
:{ "avoid_duplicates": false, "created_at": "2017-02-06 12:37:48 UTC", # This line must be removed. "default_value": "", # A new value should be supplied here. "description": "", "hidden_value": "*****", "hidden_value?": false, "id": 3, "merge_default": false, "merge_overrides": false, "override": false, # The override value must be set to
true
. "override_value_order": "fqdn\nhostgroup\nos\ndomain", "override_values": [], # This line must be removed. "override_values_count": 0, "parameter": "content", "parameter_type": "string", "puppetclass_id": 3, "puppetclass_name": "motd", "required": false, "updated_at": "2017-02-07 11:56:55 UTC", # This line must be removed. "use_puppet_default": false, "validator_rule": null, "validator_type": "" } - After editing the file, verify that it looks as follows and then save the changes:
{ "avoid_duplicates": false, "default_value": "No Unauthorized Access Allowed", "description": "", "hidden_value": "*****", "hidden_value?": false, "id": 3, "merge_default": false, "merge_overrides": false, "override": true, "override_value_order": "fqdn\nhostgroup\nos\ndomain", "override_values_count": 0, "parameter": "content", "parameter_type": "string", "puppetclass_id": 3, "puppetclass_name": "motd", "required": false, "use_puppet_default": false, "validator_rule": null, "validator_type": "" }
- Use a PUT command as follows to apply the changes to Satellite Server:
$
curl -H "Accept:application/json,version=2" \
-H "Content-Type:application/json" \
-X PUT -u $user:$passwd \
-d @changed_file.json \
-k "https://satellite6.example.com/api/smart_class_parameters/3
4.1.4. Applying Errata to a Host or Host Collection
curl
with the PUT command to apply errata to a host, host group, or host collection. The following is the basic syntax of a PUT request:
$ curl -H "Accept:application/json,version=2" \ -H "Content-Type:application/json" -X PUT \ -u sat_username:sat_password -k \ -d json-formatted-data https://satellite6.example.com
https://satellite6.example.com/apidoc/v2.html
) to find a URL to use for applying Errata. You can use the Satellite web UI to help discover the format for the search query. Navigate to Hosts → Host Collections and select a host collection. Go to Collection Actions → Errata Installation and notice the search query box contents. For example, for a Host Collection called my-collection the search box contains host_collection="my-collection"
. This will be used in the example below for Host Collections.
Example 4.4. Applying Errata to a Host
/katello/api/hosts/bulk/install_content
, is used to show the format required for a simple search.
$ curl -H "Accept:application/json,version=2" \ -H "Content-Type:application/json" -X PUT \ -u sat_username:sat_password -k \ -d "{\"organization_id\":1,\"included\":{\"search\":\"my-host\"},\"content_type\":\"errata\",\"content\":[\"RHBA-2016:1981\"]}" https://satellite6.example.com/api/v2/hosts/bulk/install_content
Example 4.5. Applying Errata to a Host Collection
host_collection="my-collection"
as seen in the Satellite web UI.
$ curl -H "Accept:application/json,version=2" \ -H "Content-Type:application/json" -X PUT \ -u sat_username:sat_password -k \ -d "{\"organization_id\":1,\"included\":{\"search\":\"host_collection=\\\"my-collection\\\"\"},\"content_type\":\"errata\",\"content\":[\"RHBA-2016:1981\"]}" https://satellite6.example.com/api/v2/hosts/bulk/install_content
4.2. API Examples Using Ruby
Important
4.2.1. Creating Objects Using Ruby
#!/usr/bin/ruby require 'rest-client' require 'json' url = 'https://satellite6.example.com/api/v2/' katello_url = "#{url}/katello/api/v2/" $username = 'admin' $password = 'changeme' org_name = "MyOrg" environments = [ "Development", "Testing", "Production" ] # Performs a GET using the passed URL location def get_json(location) response = RestClient::Request.new( :method => :get, :url => location, :user => $username, :password => $password, :headers => { :accept => :json, :content_type => :json } ).execute JSON.parse(response.to_str) end # Performs a POST and passes the data to the URL location def post_json(location, json_data) response = RestClient::Request.new( :method => :post, :url => location, :user => $username, :password => $password, :headers => { :accept => :json, :content_type => :json}, :payload => json_data ).execute JSON.parse(response.to_str) end # Creates a hash with ids mapping to names for an array of recods def id_name_map(records) records.inject({}) do |map, record| map.update(record['id'] => record['name']) end end # Get list of existing organizations orgs = get_json("#{katello_url}/organizations") org_list = id_name_map(orgs['results']) if !org_list.has_value?(org_name) # If our organization is not found, create it puts "Creating organization: \t#{org_name}" org_id = post_json("#{katello_url}/organizations", JSON.generate({"name"=> org_name}))["id"] else # Our organization exists, so let's grab it org_id = org_list.key(org_name) puts "Organization \"#{org_name}\" exists" end # Get list of organization's lifecycle environments envs = get_json("#{katello_url}/organizations/#{org_id}/environments") env_list = id_name_map(envs['results']) prior_env_id = env_list.key("Library") # Exit the script if at least one life cycle environment already exists environments.each do |e| if env_list.has_value?(e) puts "ERROR: One of the Environments is not unique to organization" exit end end # Create life cycle environments environments.each do |environment| puts "Creating environment: \t#{environment}" prior_env_id = post_json("#{katello_url}/organizations/#{org_id}/environments", JSON.generate({"name" => environment, "organization_id" => org_id, "prior_id" => prior_env_id}))["id"] end
4.2.2. Using Apipie Bindings
#!/usr/bin/ruby require 'apipie-bindings' org_name = "MyOrg" environments = [ "Development", "Testing", "Production" ] # Create an instance of apipie bindings @api = ApipieBindings::API.new({ :uri => 'https://satellite6.example.com/', :username => 'admin', :password => 'changeme', :api_version => 2 }) # Performs an API call with default options def call_api(resource_name, action_name, params = {}) http_headers = {} apipie_options = { :skip_validation => true } @api.resource(resource_name).call(action_name, params, http_headers, apipie_options) end # Creates a hash with IDs mapping to names for an array of records def id_name_map(records) records.inject({}) do |map, record| map.update(record['id'] => record['name']) end end # Get list of existing organizations orgs = call_api(:organizations, :index) org_list = id_name_map(orgs['results']) if !org_list.has_value?(org_name) # If our organization is not found, create it puts "Creating organization: \t#{org_name}" org_id = call_api(:organizations, :create, {'organization' => { :name => org_name }})['id'] else # Our organization exists, so let's grab it org_id = org_list.key(org_name) puts "Organization \"#{org_name}\" exists" end # Get list of organization's life cycle environments envs = call_api(:lifecycle_environments, :index, {'organization_id' => org_id}) env_list = id_name_map(envs['results']) prior_env_id = env_list.key("Library") # Exit the script if at least one life cycle environment already exists environments.each do |e| if env_list.has_value?(e) puts "ERROR: One of the Environments is not unique to organization" exit end end # Create life cycle environments environments.each do |environment| puts "Creating environment: \t#{environment}" prior_env_id = call_api(:lifecycle_environments, :create, {"name" => environment, "organization_id" => org_id, "prior_id" => prior_env_id })['id'] end
4.3. API Examples Using Python
Important
4.3.1. Creating Objects Using Python
#!/usr/bin/python import json import sys try: import requests except ImportError: print "Please install the python-requests module." sys.exit(-1) # URL to your Satellite 6 server URL = "https://satellite6.example.com" # URL for the API to your deployed Satellite 6 server SAT_API = "%s/katello/api/v2/" % URL # Katello-specific API KATELLO_API = "%s/katello/api/" % URL POST_HEADERS = {'content-type': 'application/json'} # Default credentials to login to Satellite 6 USERNAME = "admin" PASSWORD = "changeme" # Ignore SSL for now SSL_VERIFY = False # Name of the organization to be either created or used ORG_NAME = "MyOrg" # Name for life cycle environments to be either created or used ENVIRONMENTS = ["Development", "Testing", "Production"] def get_json(location): """ Performs a GET using the passed URL location """ r = requests.get(location, auth=(USERNAME, PASSWORD), verify=SSL_VERIFY) return r.json() def post_json(location, json_data): """ Performs a POST and passes the data to the URL location """ result = requests.post( location, data=json_data, auth=(USERNAME, PASSWORD), verify=SSL_VERIFY, headers=POST_HEADERS) return result.json() def main(): """ Main routine that creates or re-uses an organization and life cycle environments. If life cycle environments already exist, exit out. """ # Check if our organization already exists org = get_json(SAT_API + "organizations/" + ORG_NAME) # If our organization is not found, create it if org.get('error', None): org_id = post_json( SAT_API + "organizations/", json.dumps({"name": ORG_NAME}))["id"] print "Creating organization: \t" + ORG_NAME else: # Our organization exists, so let's grab it org_id = org['id'] print "Organization '%s' exists." % ORG_NAME # Now, let's fetch all available life cycle environments for this org... envs = get_json( SAT_API + "organizations/" + str(org_id) + "/environments/") # ... and add them to a dictionary, with respective 'Prior' environment prior_env_id = 0 env_list = {} for env in envs['results']: env_list[env['id']] = env['name'] prior_env_id = env['id'] if env['name'] == "Library" else prior_env_id # Exit the script if at least one life cycle environment already exists if all(environment in env_list.values() for environment in ENVIRONMENTS): print "ERROR: One of the Environments is not unique to organization" sys.exit(-1) # Create life cycle environments for environment in ENVIRONMENTS: new_env_id = post_json( SAT_API + "organizations/" + str(org_id) + "/environments/", json.dumps( { "name": environment, "organization_id": org_id, "prior": prior_env_id} ))["id"] print "Creating environment: \t" + environment prior_env_id = new_env_id if __name__ == "__main__": main()
4.3.2. Running Queries Using Python
sat6api.py
and then add the following content:
#!/usr/bin/python import json import sys try: import requests except ImportError: print "Please install the python-requests module." sys.exit(-1) SAT_API = 'https://satellite6.example.com/api/v2/' USERNAME = "admin" PASSWORD = "password" SSL_VERIFY = False # Ignore SSL for now def get_json(url): # Performs a GET using the passed URL location r = requests.get(url, auth=(USERNAME, PASSWORD), verify=SSL_VERIFY) return r.json() def get_results(url): jsn = get_json(url) if jsn.get('error'): print "Error: " + jsn['error']['message'] else: if jsn.get('results'): return jsn['results'] elif 'results' not in jsn: return jsn else: print "No results found" return None def display_all_results(url): results = get_results(url) if results: print json.dumps(results, indent=4, sort_keys=True) def display_info_for_hosts(url): hosts = get_results(url) if hosts: for host in hosts: print "ID: %-10d Name: %-30s IP: %-20s OS: %-30s" % (host['id'], host['name'], host['ip'], host['operatingsystem_name']) def main(): host = 'satellite6.example.com' print "Displaying all info for host %s ..." % host display_all_results(SAT_API + 'hosts/' + host) print "Displaying all facts for host %s ..." % host display_all_results(SAT_API + 'hosts/%s/facts' % host) host_pattern = 'example' print "Displaying basic info for hosts matching pattern '%s'..." % host_pattern display_info_for_hosts(SAT_API + 'hosts?search=' + host_pattern) environment = 'production' print "Displaying basic info for hosts in environment %s..." % environment display_info_for_hosts(SAT_API + 'hosts?search=environment=' + environment) model = 'RHEV Hypervisor' print "Displaying basic info for hosts with model name %s..." % model display_info_for_hosts(SAT_API + 'hosts?search=model="' + model + '"') if __name__ == "__main__": main()
./sat6api.py
from the command line to display the results.
4.4. Using Extended Searches
os_description
, which you can use in your API query as follows:
$ curl -s -k -u sat_username:sat_password https://satellite6.example.com/api/v2/hosts?search=os_description=\"RHEL+Server+6.6\" | python -m json.tool { ... "results": [ { "name": "satellite6.example.com", "operatingsystem_id": 1, "operatingsystem_name": "RHEL Server 6.6", ... } ], "search": "os_description=\"RHEL Server 6.6\"", }
4.5. Using Searches with Pagination Control
per_page
and page
pagination parameters to limit the search results returned by an API search query. The per_page
parameter specifies the amount per page and the page
parameter specifies which page, as calculated by the per_page
parameter, to return.
per_page
value has a default of 20 which applies when you specify the page
parameter.
Example 4.6. Listing Content Views
$ curl -X GET --user sat_username:sat_password \ "https://satellite6.example.com/katello/api/content_views?per_page=10&page=3"
Example 4.7. Listing Activation Keys
$ curl -X GET --user sat_username:sat_password \ "https://satellite6.example.com/katello/api/activation_keys?organization_id=1&per_page=30&page=2"
Example 4.8. Returning Multiple Pages
$ for i in `seq 1 3`; do curl -X GET --user sat_username:sat_password \ "https://satellite6.example.com/katello/api/content_views?per_page=5&page=$i"; done
4.6. Working with Life Cycle Environments
prior_id
parameter.
https://satellite6.example.com/apidoc/v2/lifecycle_environments.html
. The API routes include /katello/api/environments
and /katello/api/organizations/:organization_id/environments
.
1
, as follows:
$curl -H "Accept:application/json,version=2" \
-H "Content-Type:application/json" -X GET \
-u sat_user:sat_password -k \
https://satellite6.example.com/katello/api/organizations/1/environments | python -m json.tool
output omitted "description": null, "id": 1, "label": "Library", "library": true, "name": "Library", "organization": { "id": 1, "label": "Default_Organization", "name": "Default Organization" }, "permissions": { "destroy_lifecycle_environments": false, "edit_lifecycle_environments": true, "promote_or_remove_content_views_to_environments": true, "view_lifecycle_environments": true }, "prior": null, "successor": null, output truncated
1
, is used as the starting point for creating Life Cycle Environments.
Procedure 4.3. Creating Linked Life Cycle Environments
- Choose an existing Life Cycle Environment that you want to use as a starting point. List the environment using its ID, in this case the environment with ID
1
:$
curl -X GET -s -k -u sat_user:sat_password \
https://satellite6.example.com/katello/api/environments/1 | python -m json.tool
output omitted "id": 1, "label": "Library", output omitted "prior": null, "successor": null, output truncated - Create a new Life Cycle Environment using the
prior
option set to1
:- Create a JSON file, for example,
life-cycle.json
, with the following contents:{"organization_id":1,"label":"api-dev","name":"API Development","prior":1}
- Enter a command as follows:
$
curl -H "Accept:application/json,version=2" \
-H "Content-Type:application/json" -X POST \
-u sat_user:sat_password -k \
-d @life-cycle.json \
https://satellite6.example.com/katello/api/environments \
| python -m json.tool
output omitted "description": null, "id": 2, "label": "api-dev", "library": false, "name": "API Development", "organization": { "id": 1, "label": "Default_Organization", "name": "Default Organization" }, "permissions": { "destroy_lifecycle_environments": true, "edit_lifecycle_environments": true, "promote_or_remove_content_views_to_environments": true, "view_lifecycle_environments": true }, "prior": { "id": 1, "name": "Library" }, output truncated
In the command output you can see the ID for this Life Cycle Environment is2
, and the Life Cycle Environment prior to this one is1
. This signifies that Life Cycle Environment1
and2
are linked. The Life Cycle Environment ID2
is used when creating a successor to this environment. - Create another Life Cycle Environment, using the
prior
option set to2
:- Edit the previously created
life-cycle.json
, updating thelabel
,name
, andprior
values:{"organization_id":1,"label":"api-qa","name":"API QA","prior":2}
- Enter a command as follows:
$
curl -H "Accept:application/json,version=2" \
-H "Content-Type:application/json" -X POST \
-u sat_user:sat_password -k \
-d @life-cycle.json \
https://satellite6.example.com/katello/api/environments \
| python -m json.tool
output omitted "description": null, "id": 3, "label": "api-qa", "library": false, "name": "API QA", "organization": { "id": 1, "label": "Default_Organization", "name": "Default Organization" }, "permissions": { "destroy_lifecycle_environments": true, "edit_lifecycle_environments": true, "promote_or_remove_content_views_to_environments": true, "view_lifecycle_environments": true }, "prior": { "id": 2, "name": "API Development" }, "successor": null, output truncated
In the command output you can see the ID for this Life Cycle Environment is3
, and the Life Cycle Environment prior to this one is2
. This signifies that Life Cycle Environment2
and3
are linked.
Updating a Life Cycle Environment
$curl -H "Accept:application/json,version=2" \
-H "Content-Type:application/json" -X POST \
-u sat_user:sat_password -k \
-d '{"description":"Quality Acceptance Testing"}' \
https://satellite6.example.com/katello/api/environments/3 \
| python -m json.tool
output omitted "description": "Quality Acceptance Testing", "id": 3, "label": "api-qa", "library": false, "name": "API QA", "organization": { "id": 1, "label": "Default_Organization", "name": "Default Organization" }, "permissions": { "destroy_lifecycle_environments": true, "edit_lifecycle_environments": true, "promote_or_remove_content_views_to_environments": true, "view_lifecycle_environments": true }, "prior": { "id": 2, "name": "API Development" }, output truncated
Deleting a Life Cycle Environment
curl -X DELETE -s -k -u sat_user:sat_password https://satellite6.example.com/katello/api/environments/:id
Appendix A. API Response Codes
Table A.1. API Response Codes
Response | Explanation |
---|---|
200 OK | For a successful request action: show, index, update, or delete (GET, PUT, DELETE requests). |
201 Created | For a successful create action (POST request). |
301 Moved Permanently | Redirect when Satellite is restricted to use HTTPS and HTTP is attempted. |
400 Bad Request | A required parameter is missing or the search query has invalid syntax. |
401 Unauthorized | Failed to authorize the user (for example, incorrect credentials). |
403 Forbidden | The user has insufficient permissions to perform the action or read the resource, or the action is unsupported in general. |
404 Not Found | The record with the given ID does not exist. It can appear in show and delete actions when the requested record does not exist; or in create, update and delete actions when one of the associated records does not exist. |
409 Conflict | Could not delete the record due to existing dependencies (for example, host groups with hosts). |
415 Unsupported Media Type | The content type of the HTTP request is not JSON. |
422 Unprocessable Entity | Failed to create an entity due to some validation errors. Applies to create or update actions only. |
500 Internal Server Error | Unexpected internal server error. |
503 Service Unavailable | The server is not running. |
Appendix B. API Permissions Matrix
Table B.1. API Permissions Matrix
Permission Name | Actions | Resource Type |
---|---|---|
view_activation_keys |
| Katello::ActivationKey |
create_activation_keys |
| Katello::ActivationKey |
edit_activation_keys |
| Katello::ActivationKey |
destroy_activation_keys |
| Katello::ActivationKey |
logout |
| |
view_architectures |
| |
create_architectures |
| |
edit_architectures |
| |
destroy_architectures |
| |
view_audit_logs |
| |
view_authenticators |
| |
create_authenticators |
| |
edit_authenticators |
| |
destroy_authenticators |
| |
view_bookmarks |
| |
create_bookmarks |
| |
edit_bookmarks |
| |
destroy_bookmarks |
| |
download_bootdisk |
| |
manage_capsule_content |
| SmartProxy |
view_capsule_content |
| SmartProxy |
view_compute_profiles |
| |
create_compute_profiles |
| |
edit_compute_profiles |
| |
destroy_compute_profiles |
| |
view_compute_resources |
| |
create_compute_resources |
| |
edit_compute_resources |
| |
destroy_compute_resources |
| |
view_compute_resources_vms |
| |
create_compute_resources_vms |
| |
edit_compute_resources_vms |
| |
destroy_compute_resources_vms |
| |
power_compute_resources_vms |
| |
console_compute_resources_vms |
| |
view_config_groups |
| |
create_config_groups |
| |
edit_config_groups |
| |
destroy_config_groups |
| |
view_config_reports |
| |
destroy_config_reports |
| |
upload_config_reports |
| |
view_containers |
| Container |
commit_containers |
| Container |
create_containers |
| Container |
destroy_containers |
| Container |
power_compute_resources_vms |
| ComputeResource |
view_content_hosts |
| Katello::System |
create_content_hosts |
| Katello::System |
edit_content_hosts |
| Katello::System |
destroy_content_hosts |
| Katello::System |
view_content_views |
| Katello::ContentView |
create_content_views |
| Katello::ContentView |
edit_content_views |
| Katello::ContentView |
destroy_content_views |
| Katello::ContentView |
publish_content_views |
| Katello::ContentView |
promote_or_remove_content_views |
| Katello::ContentView |
export_content_views |
| Katello::ContentView |
access_dashboard |
| |
view_discovered_hosts |
| Host |
submit_discovered_hosts |
| Host |
auto_provision_discovered_hosts |
| Host |
provision_discovered_hosts |
| Host |
edit_discovered_hosts |
| Host |
destroy_discovered_hosts |
| Host |
view_discovery_rules |
| DiscoveryRule |
create_discovery_rules |
| DiscoveryRule |
edit_discovery_rules |
| DiscoveryRule |
execute_discovery_rules |
| DiscoveryRule |
destroy_discovery_rules |
| DiscoveryRule |
view_domains |
| |
create_domains |
| |
edit_domains |
| |
destroy_domains |
| |
view_environments |
| |
create_environments |
| |
edit_environments |
| |
destroy_environments |
| |
import_environments |
| |
view_external_usergroups |
| |
create_external_usergroups |
| |
edit_external_usergroups |
| |
destroy_external_usergroups |
| |
view_external_variables |
| |
create_external_variables |
| |
edit_external_variables |
| |
destroy_external_variables |
| |
view_facts |
| |
upload_facts |
| |
view_filters |
| |
create_filters |
| |
edit_filters |
| |
destroy_filters |
| |
view_arf_reports |
| |
destroy_arf_reports |
| |
create_arf_reports |
| |
view_policies |
| ForemanOpenscap::Policy |
edit_policies |
| ForemanOpenscap::Policy |
create_policies |
| ForemanOpenscap::Policy |
destroy_policies |
| ForemanOpenscap::Policy |
assign_policies |
| ForemanOpenscap::Policy |
view_scap_contents |
| ForemanOpenscap::ScapContent |
view_scap_contents |
| ForemanOpenscap::ScapContent |
edit_scap_contents |
| ForemanOpenscap::ScapContent |
create_scap_contents |
| ForemanOpenscap::ScapContent |
destroy_scap_contents |
| ForemanOpenscap::ScapContent |
edit_hosts |
| Host |
edit_hostgroups |
| Host |
view_job_templates |
| JobTemplate |
create_job_templates |
| JobTemplate |
edit_job_templates |
| |
edit_job_templates |
| |
edit_remote_execution_features |
| RemoteExecutionFeature |
destroy_job_templates |
| JobTemplate |
lock_job_templates |
| JobTemplate |
create_job_invocations |
| JobInvocation |
view_job_invocations |
| JobInvocation |
execute_template_invocation | TemplateInvocation | |
filter_autocompletion_for_template_invocation |
| TemplateInvocation |
view_foreman_tasks |
| ForemanTasks::Task |
edit_foreman_tasks |
| ForemanTasks::Task |
create_recurring_logics | ForemanTasks::RecurringLogic | |
view_recurring_logics |
| ForemanTasks::RecurringLogic |
edit_recurring_logics |
| ForemanTasks::RecurringLogic |
view_globals |
| |
create_globals |
| |
edit_globals |
| |
destroy_globals |
| |
view_gpg_keys |
| Katello::GpgKey |
create_gpg_keys |
| Katello::GpgKey |
edit_gpg_keys |
| Katello::GpgKey |
destroy_gpg_keys |
| Katello::GpgKey |
view_host_collections |
| Katello::HostCollection |
create_host_collections |
| Katello::HostCollection |
edit_host_collections |
| Katello::HostCollection |
destroy_host_collections |
| Katello::HostCollection |
edit_classes |
| |
create_params |
| |
edit_params |
| |
destroy_params |
| |
view_hostgroups |
| |
create_hostgroups |
| |
edit_hostgroups |
| |
destroy_hostgroups |
| |
view_hosts |
| |
create_hosts |
| |
edit_hosts |
| |
destroy_hosts |
| |
build_hosts |
| |
power_hosts |
| |
console_hosts |
| |
ipmi_boot |
| |
puppetrun_hosts |
| |
search_repository_image_search |
| Docker/ImageSearch |
view_images |
| |
create_images |
| |
edit_images |
| |
destroy_images |
| |
view_lifecycle_environments |
| Katello::KTEnvironment |
create_lifecycle_environments |
| Katello::KTEnvironment |
edit_lifecycle_environments |
| Katello::KTEnvironment |
destroy_lifecycle_environments |
| Katello::KTEnvironment |
promote_or_remove_content_views_to_environments | Katello::KTEnvironment | |
view_locations |
| |
create_locations |
| |
edit_locations |
| |
destroy_locations |
| |
assign_locations |
| |
view_mail_notifications |
| |
view_media |
| |
create_media |
| |
edit_media |
| |
destroy_media |
| |
view_models |
| |
create_models |
| |
edit_models |
| |
destroy_models |
| |
view_operatingsystems |
| |
create_operatingsystems |
| |
edit_operatingsystems |
| |
destroy_operatingsystems |
| |
view_organizations |
| |
create_organizations |
| |
edit_organizations |
| |
destroy_organizations |
| |
assign_organizations |
| |
view_ptables |
| |
create_ptables |
| |
edit_ptables |
| |
destroy_ptables |
| |
lock_ptables |
| |
view_plugins |
| |
view_products |
| Katello::Product |
create_products |
| Katello::Product |
edit_products |
| Katello::Product |
destroy_products |
| Katello::Product |
sync_products |
| Katello::Product |
export_products |
| Katello::Product |
view_provisioning_templates |
| |
create_provisioning_templates |
| |
edit_provisioning_templates |
| |
destroy_provisioning_templates |
| |
deploy_provisioning_templates |
| |
lock_provisioning_templates |
| |
user_logout |
| |
my_account |
| |
api_status |
| |
view_puppetclasses |
| |
create_puppetclasses |
| |
edit_puppetclasses |
| |
destroy_puppetclasses |
| |
import_puppetclasses |
| |
view_realms |
| |
create_realms |
| |
edit_realms |
| |
destroy_realms |
| |
view_search |
| |
view_cases |
| |
attachments |
| |
configuration |
| |
app_root |
| |
view_log_viewer |
| |
logs |
| |
rh_telemetry_api |
| |
rh_telemetry_view |
| |
rh_telemetry_configurations |
| |
view_registries |
| DockerRegistry |
view_registries |
| DockerRegistry |
create_registries |
| DockerRegistry |
destroy_registries |
| DockerRegistry |
view_roles |
| |
create_roles |
| |
edit_roles |
| |
destroy_roles |
| |
access_settings |
| |
view_smart_proxies |
| |
create_smart_proxies |
| |
edit_smart_proxies |
| |
destroy_smart_proxies |
| |
view_smart_proxies_autosign |
| |
create_smart_proxies_autosign |
| |
destroy_smart_proxies_autosign |
| |
view_smart_proxies_puppetca |
| |
edit_smart_proxies_puppetca |
| |
destroy_smart_proxies_puppetca |
| |
view_statistics |
| |
view_subnets |
| |
create_subnets |
| |
edit_subnets |
| |
destroy_subnets |
| |
import_subnets |
| |
view_subscriptions |
| Organization |
attach_subscriptions |
| Organization |
unattach_subscriptions |
| Organization |
import_manifest |
| Organization |
delete_manifest |
| Organization |
view_sync_plans |
| Katello::SyncPlan |
create_sync_plans |
| Katello::SyncPlan |
edit_sync_plans |
| Katello::SyncPlan |
destroy_sync_plans |
| Katello::SyncPlan |
view_tasks |
| |
view_trends |
| |
create_trends |
| |
edit_trends |
| |
destroy_trends |
| |
update_trends |
| |
my_organizations |
| |
view_usergroups |
| |
create_usergroups |
| |
edit_usergroups |
| |
destroy_usergroups |
| |
view_users |
| |
create_users |
| |
edit_users |
| |
destroy_users |
|