Generalize check of the third party RPMs

repos/system_upgrade/common/actors/distributionsignedrpmcheck/actor.py

@@ -0,0 +1,36 @@
+from leapp.actors import Actor
+from leapp.libraries.actor.distributionsignedrpmcheck import check_unsigned_packages
+from leapp.models import InstalledUnsignedRPM
+from leapp.reporting import Report
+from leapp.tags import ChecksPhaseTag, IPUWorkflowTag
+
+
+class DistributionSignedRpmCheck(Actor):
+    """
+    Check if there are any packages that are not signed by distribution GPG keys.
+
+    We are recognizing two (three) types of packages:
+    * RPMs that are part of the system distribution (RHEL, Centos Stream,
+      Fedora, ...) - which are recognized based on the signature by known GPG
+      keys for the particular distribution.
+    * RPMs that are not signed by such GPG keys - including RPMs not signed
+      at all. Such RPMs are considered in general as third party content.
+    (
+      * some packages are known to not be signed as they are created by
+        delivered product (which can be part of the distribution). This includes
+        e.g. katello RPMs created in a Satellite server. We do not report
+        such packages known to us.
+    )
+
+    If any such non-distribution installed RPMs are detected, report it
+    to inform that user needs to take care about them before/during/after
+    the upgrade.
+    """
+
+    name = 'distribution_signed_rpm_check'
+    consumes = (InstalledUnsignedRPM,)
+    produces = (Report,)
+    tags = (IPUWorkflowTag, ChecksPhaseTag)
+
+    def process(self):
+        check_unsigned_packages()

repos/system_upgrade/common/actors/redhatsignedrpmcheck/tests/test_redhatsignedrpmcheck.py → repos/system_upgrade/common/actors/distributionsignedrpmcheck/tests/test_distributionsignedrpmcheck.py

@@ -1,5 +1,5 @@
 from leapp import reporting
-from leapp.libraries.actor import redhatsignedrpmcheck
+from leapp.libraries.actor import distributionsignedrpmcheck
 from leapp.libraries.common.testutils import create_report_mocked, produce_mocked
 from leapp.libraries.stdlib import api
 from leapp.models import InstalledUnsignedRPM, RPM
@@ -16,9 +16,9 @@ def consume_unsigned_message_mocked(*models):
     monkeypatch.setattr(api, "show_message", lambda x: True)
     monkeypatch.setattr(reporting, "create_report", create_report_mocked())
 
-    packages = redhatsignedrpmcheck.get_unsigned_packages()
+    packages = distributionsignedrpmcheck.get_unsigned_packages()
     assert not packages
-    redhatsignedrpmcheck.generate_report(packages)
+    distributionsignedrpmcheck.generate_report(packages)
     assert reporting.create_report.called == 0
 
 
@@ -40,8 +40,8 @@ def consume_unsigned_message_mocked(*models):
     monkeypatch.setattr(api, "show_message", lambda x: True)
     monkeypatch.setattr(reporting, "create_report", create_report_mocked())
 
-    packages = redhatsignedrpmcheck.get_unsigned_packages()
+    packages = distributionsignedrpmcheck.get_unsigned_packages()
     assert len(packages) == 4
-    redhatsignedrpmcheck.generate_report(packages)
+    distributionsignedrpmcheck.generate_report(packages)
     assert reporting.create_report.called == 1
     assert 'Packages not signed by Red Hat found' in reporting.create_report.report_fields['title']