From 218f7d280dc99524bfdd76c4c2e91ac09db6af7e Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edewata@redhat.com>
Date: Mon, 22 Apr 2024 10:19:15 -0500
Subject: [PATCH] Add exist_ok param for PKIServer.copyfile()

---
 base/server/python/pki/server/__init__.py             |  6 +++++-
 base/server/python/pki/server/deployment/__init__.py  |  6 +++++-
 .../server/deployment/scriptlets/subsystem_layout.py  |  6 ++++--
 base/server/python/pki/server/instance.py             |  3 ++-
 base/server/python/pki/server/upgrade.py              |  6 +++++-
 .../10.10.2/01-AddProfileCaAuditSigningCert.py        | 11 ++++++-----
 .../upgrade/10.9.0/02-AddACMEServerCertProfile.py     | 10 ++++++----
 .../upgrade/10.9.0/04-AddMissingCertProfiles.py       | 11 ++++++-----
 8 files changed, 39 insertions(+), 20 deletions(-)

diff --git a/base/server/python/pki/server/__init__.py b/base/server/python/pki/server/__init__.py
index c870b808dcd..7273a58b9ff 100644
--- a/base/server/python/pki/server/__init__.py
+++ b/base/server/python/pki/server/__init__.py
@@ -695,7 +695,11 @@ def copydirs(self, source, dest, force=False):
             mode=DEFAULT_DIR_MODE,
             force=force)
 
-    def copyfile(self, source, dest, params=None, force=False):
+    def copyfile(self, source, dest, params=None, exist_ok=False, force=False):
+
+        if os.path.exists(dest) and exist_ok:
+            logger.info('Reusing %s', dest)
+            return
 
         logger.info('Creating %s', dest)
 
diff --git a/base/server/python/pki/server/deployment/__init__.py b/base/server/python/pki/server/deployment/__init__.py
index 9428bca1989..8478b78a2ba 100644
--- a/base/server/python/pki/server/deployment/__init__.py
+++ b/base/server/python/pki/server/deployment/__init__.py
@@ -765,7 +765,10 @@ def install_cert_chain(self):
         # validation there. This is only usually necessary when
         # installing a non-CA subsystem on a fresh system.
 
-        self.instance.copyfile(cert_chain_path, destination)
+        self.instance.copyfile(
+            cert_chain_path,
+            destination,
+            exist_ok=True)
 
     def import_ds_ca_cert(self):
 
@@ -831,6 +834,7 @@ def create_cs_cfg(self, subsystem):
                 source_cs_cfg,
                 tmp_cs_cfg,
                 params=self.mdict,
+                exist_ok=True,
                 force=True)
 
             # Merge temporary CS.cfg into /var/lib/pki/<instance>/conf/<subsystem>/CS.cfg
diff --git a/base/server/python/pki/server/deployment/scriptlets/subsystem_layout.py b/base/server/python/pki/server/deployment/scriptlets/subsystem_layout.py
index 5d9570b90dd..299abbf92d9 100644
--- a/base/server/python/pki/server/deployment/scriptlets/subsystem_layout.py
+++ b/base/server/python/pki/server/deployment/scriptlets/subsystem_layout.py
@@ -287,7 +287,8 @@ def spawn(self, deployer):
             instance.copyfile(
                 pki_source_proxy_conf,
                 pki_target_proxy_conf,
-                params=deployer.mdict)
+                params=deployer.mdict,
+                exist_ok=True)
 
         elif deployer.subsystem_type == "TPS":
 
@@ -301,7 +302,8 @@ def spawn(self, deployer):
             instance.copyfile(
                 deployer.mdict['pki_source_phone_home_xml'],
                 pki_target_phone_home_xml,
-                params=deployer.mdict)
+                params=deployer.mdict,
+                exist_ok=True)
 
         instance.load()
 
diff --git a/base/server/python/pki/server/instance.py b/base/server/python/pki/server/instance.py
index 528a452e1a5..5a839da6992 100644
--- a/base/server/python/pki/server/instance.py
+++ b/base/server/python/pki/server/instance.py
@@ -362,7 +362,8 @@ def create_registry(self):
                 'pki_group': self.group,
                 'pki_instance_name': self.name,
                 'pki_instance_path': self.base_dir
-            })
+            },
+            exist_ok=True)
 
     def load(self):
 
diff --git a/base/server/python/pki/server/upgrade.py b/base/server/python/pki/server/upgrade.py
index f9dc9077af1..c2a95581e5f 100644
--- a/base/server/python/pki/server/upgrade.py
+++ b/base/server/python/pki/server/upgrade.py
@@ -88,7 +88,11 @@ def copydirs(self, source, dest, force=False):
         self.instance.copydirs(source, dest, force=force)
 
     def copyfile(self, source, dest, force=False):
-        self.instance.copyfile(source, dest, force=force)
+        self.instance.copyfile(
+            source,
+            dest,
+            exist_ok=True,
+            force=force)
 
     def init_scriptlet(self, scriptlet):
         scriptlet.instance = self.instance
diff --git a/base/server/upgrade/10.10.2/01-AddProfileCaAuditSigningCert.py b/base/server/upgrade/10.10.2/01-AddProfileCaAuditSigningCert.py
index bf5db17c9b6..efacb23842a 100644
--- a/base/server/upgrade/10.10.2/01-AddProfileCaAuditSigningCert.py
+++ b/base/server/upgrade/10.10.2/01-AddProfileCaAuditSigningCert.py
@@ -41,13 +41,14 @@ def upgrade_subsystem(self, instance, subsystem):
 
         pki.util.store_properties(opath, oconfig)
 
-        # now handle new profile
+        logger.info('Creating caAuditSigningCert.cfg')
         path = os.path.join(subsystem.base_dir, 'profiles', 'ca', 'caAuditSigningCert.cfg')
+        self.backup(path)
 
-        if not os.path.exists(path):
-            logger.info('Creating caAuditSigningCert.cfg')
-            self.backup(path)
-            instance.copyfile('/usr/share/pki/ca/profiles/ca/caAuditSigningCert.cfg', path)
+        instance.copyfile(
+            '/usr/share/pki/ca/profiles/ca/caAuditSigningCert.cfg',
+            path,
+            exist_ok=True)
 
         logger.info('Adding caAuditSigningCert into profile.list')
         profile_list = subsystem.config.get('profile.list').split(',')
diff --git a/base/server/upgrade/10.9.0/02-AddACMEServerCertProfile.py b/base/server/upgrade/10.9.0/02-AddACMEServerCertProfile.py
index 39522038d3a..2ada93990ca 100644
--- a/base/server/upgrade/10.9.0/02-AddACMEServerCertProfile.py
+++ b/base/server/upgrade/10.9.0/02-AddACMEServerCertProfile.py
@@ -25,12 +25,14 @@ def upgrade_subsystem(self, instance, subsystem):
         if subsystem.name != 'ca':
             return
 
+        logger.info('Creating acmeServerCert.cfg')
         path = os.path.join(subsystem.base_dir, 'profiles', 'ca', 'acmeServerCert.cfg')
+        self.backup(path)
 
-        if not os.path.exists(path):
-            logger.info('Creating acmeServerCert.cfg')
-            self.backup(path)
-            instance.copyfile('/usr/share/pki/ca/profiles/ca/acmeServerCert.cfg', path)
+        instance.copyfile(
+            '/usr/share/pki/ca/profiles/ca/acmeServerCert.cfg',
+            path,
+            exist_ok=True)
 
         logger.info('Adding acmeServerCert into profile.list')
         profile_list = subsystem.config.get('profile.list').split(',')
diff --git a/base/server/upgrade/10.9.0/04-AddMissingCertProfiles.py b/base/server/upgrade/10.9.0/04-AddMissingCertProfiles.py
index e1506343560..4072b00db24 100644
--- a/base/server/upgrade/10.9.0/04-AddMissingCertProfiles.py
+++ b/base/server/upgrade/10.9.0/04-AddMissingCertProfiles.py
@@ -55,13 +55,14 @@ def upgrade_subsystem(self, instance, subsystem):
             # Create the right file name
             file_name = '{}.cfg'.format(profile)
 
+            logger.info('Creating %s', file_name)
             path = os.path.join(subsystem.base_dir, 'profiles', 'ca', file_name)
+            self.backup(path)
 
-            if not os.path.exists(path):
-                logger.info('Creating %s', file_name)
-                self.backup(path)
-                # copy file from rpm installed to installed instance
-                instance.copyfile('/usr/share/pki/ca/profiles/ca/{}'.format(file_name), path)
+            instance.copyfile(
+                '/usr/share/pki/ca/profiles/ca/{}'.format(file_name),
+                path,
+                exist_ok=True)
 
             logger.info('Adding %s into profile.list', file_name)
             if profile not in profile_list: