choria-mcorpc-support 2.20.8 → 2.23.0.pre
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/mcollective.rb +1 -1
- data/lib/mcollective/agent/bolt_tasks.ddl +235 -0
- data/lib/mcollective/agent/bolt_tasks.json +347 -0
- data/lib/mcollective/agent/bolt_tasks.rb +176 -0
- data/lib/mcollective/agent/choria_util.ddl +152 -0
- data/lib/mcollective/agent/choria_util.json +244 -0
- data/lib/mcollective/agent/rpcutil.ddl +7 -3
- data/lib/mcollective/agent/rpcutil.json +333 -0
- data/lib/mcollective/agent/scout.ddl +169 -0
- data/lib/mcollective/agent/scout.json +224 -0
- data/lib/mcollective/agents.rb +7 -6
- data/lib/mcollective/aggregate.rb +4 -4
- data/lib/mcollective/aggregate/average.rb +2 -2
- data/lib/mcollective/aggregate/base.rb +2 -2
- data/lib/mcollective/aggregate/result.rb +3 -3
- data/lib/mcollective/aggregate/result/collection_result.rb +2 -2
- data/lib/mcollective/aggregate/result/numeric_result.rb +2 -2
- data/lib/mcollective/aggregate/sum.rb +2 -2
- data/lib/mcollective/aggregate/summary.rb +3 -4
- data/lib/mcollective/application.rb +57 -21
- data/lib/mcollective/application/choria.rb +249 -0
- data/lib/mcollective/application/completion.rb +6 -6
- data/lib/mcollective/application/describe_filter.rb +20 -20
- data/lib/mcollective/application/facts.rb +19 -11
- data/lib/mcollective/application/federation.rb +239 -0
- data/lib/mcollective/application/find.rb +4 -4
- data/lib/mcollective/application/help.rb +3 -3
- data/lib/mcollective/application/inventory.rb +3 -341
- data/lib/mcollective/application/ping.rb +3 -77
- data/lib/mcollective/application/playbook.rb +207 -0
- data/lib/mcollective/application/plugin.rb +106 -106
- data/lib/mcollective/application/rpc.rb +3 -108
- data/lib/mcollective/application/tasks.rb +416 -0
- data/lib/mcollective/applications.rb +11 -10
- data/lib/mcollective/audit/choria.rb +33 -0
- data/lib/mcollective/cache.rb +2 -4
- data/lib/mcollective/client.rb +11 -10
- data/lib/mcollective/config.rb +21 -34
- data/lib/mcollective/connector/base.rb +2 -1
- data/lib/mcollective/connector/nats.ddl +9 -0
- data/lib/mcollective/connector/nats.rb +450 -0
- data/lib/mcollective/data.rb +8 -3
- data/lib/mcollective/data/agent_data.rb +1 -1
- data/lib/mcollective/data/base.rb +6 -5
- data/lib/mcollective/data/bolt_task_data.ddl +90 -0
- data/lib/mcollective/data/bolt_task_data.rb +32 -0
- data/lib/mcollective/data/collective_data.rb +1 -1
- data/lib/mcollective/data/fact_data.rb +6 -6
- data/lib/mcollective/data/fstat_data.rb +2 -4
- data/lib/mcollective/data/result.rb +7 -2
- data/lib/mcollective/ddl/agentddl.rb +5 -17
- data/lib/mcollective/ddl/base.rb +11 -14
- data/lib/mcollective/discovery.rb +12 -26
- data/lib/mcollective/discovery/choria.ddl +11 -0
- data/lib/mcollective/discovery/choria.rb +223 -0
- data/lib/mcollective/discovery/flatfile.rb +7 -8
- data/lib/mcollective/discovery/mc.rb +2 -2
- data/lib/mcollective/discovery/stdin.rb +17 -18
- data/lib/mcollective/exceptions.rb +13 -0
- data/lib/mcollective/facts/base.rb +9 -9
- data/lib/mcollective/facts/yaml_facts.rb +12 -12
- data/lib/mcollective/generators.rb +3 -3
- data/lib/mcollective/generators/agent_generator.rb +3 -4
- data/lib/mcollective/generators/base.rb +14 -15
- data/lib/mcollective/generators/data_generator.rb +5 -6
- data/lib/mcollective/log.rb +2 -2
- data/lib/mcollective/logger/base.rb +3 -2
- data/lib/mcollective/logger/console_logger.rb +10 -10
- data/lib/mcollective/logger/file_logger.rb +7 -7
- data/lib/mcollective/logger/syslog_logger.rb +11 -15
- data/lib/mcollective/matcher.rb +14 -14
- data/lib/mcollective/matcher/parser.rb +31 -41
- data/lib/mcollective/matcher/scanner.rb +69 -74
- data/lib/mcollective/message.rb +10 -17
- data/lib/mcollective/monkey_patches.rb +2 -4
- data/lib/mcollective/optionparser.rb +1 -0
- data/lib/mcollective/pluginmanager.rb +3 -5
- data/lib/mcollective/pluginpackager.rb +1 -3
- data/lib/mcollective/pluginpackager/agent_definition.rb +10 -11
- data/lib/mcollective/pluginpackager/forge_packager.rb +7 -9
- data/lib/mcollective/pluginpackager/standard_definition.rb +1 -2
- data/lib/mcollective/registration/base.rb +18 -16
- data/lib/mcollective/rpc.rb +2 -4
- data/lib/mcollective/rpc/actionrunner.rb +16 -18
- data/lib/mcollective/rpc/agent.rb +26 -43
- data/lib/mcollective/rpc/audit.rb +1 -0
- data/lib/mcollective/rpc/client.rb +67 -85
- data/lib/mcollective/rpc/helpers.rb +55 -62
- data/lib/mcollective/rpc/progress.rb +2 -2
- data/lib/mcollective/rpc/reply.rb +17 -19
- data/lib/mcollective/rpc/request.rb +7 -5
- data/lib/mcollective/rpc/result.rb +6 -8
- data/lib/mcollective/rpc/stats.rb +49 -58
- data/lib/mcollective/security/base.rb +29 -36
- data/lib/mcollective/security/choria.rb +765 -0
- data/lib/mcollective/shell.rb +9 -4
- data/lib/mcollective/signer/base.rb +28 -0
- data/lib/mcollective/signer/choria.rb +185 -0
- data/lib/mcollective/ssl.rb +8 -6
- data/lib/mcollective/util.rb +58 -55
- data/lib/mcollective/util/bolt_support.rb +176 -0
- data/lib/mcollective/util/bolt_support/plan_runner.rb +167 -0
- data/lib/mcollective/util/bolt_support/task_result.rb +94 -0
- data/lib/mcollective/util/bolt_support/task_results.rb +128 -0
- data/lib/mcollective/util/choria.rb +1103 -0
- data/lib/mcollective/util/indifferent_hash.rb +12 -0
- data/lib/mcollective/util/natswrapper.rb +242 -0
- data/lib/mcollective/util/playbook.rb +435 -0
- data/lib/mcollective/util/playbook/data_stores.rb +201 -0
- data/lib/mcollective/util/playbook/data_stores/base.rb +99 -0
- data/lib/mcollective/util/playbook/data_stores/consul_data_store.rb +88 -0
- data/lib/mcollective/util/playbook/data_stores/environment_data_store.rb +33 -0
- data/lib/mcollective/util/playbook/data_stores/etcd_data_store.rb +42 -0
- data/lib/mcollective/util/playbook/data_stores/file_data_store.rb +106 -0
- data/lib/mcollective/util/playbook/data_stores/shell_data_store.rb +103 -0
- data/lib/mcollective/util/playbook/inputs.rb +265 -0
- data/lib/mcollective/util/playbook/nodes.rb +207 -0
- data/lib/mcollective/util/playbook/nodes/mcollective_nodes.rb +86 -0
- data/lib/mcollective/util/playbook/nodes/pql_nodes.rb +40 -0
- data/lib/mcollective/util/playbook/nodes/shell_nodes.rb +55 -0
- data/lib/mcollective/util/playbook/nodes/terraform_nodes.rb +65 -0
- data/lib/mcollective/util/playbook/nodes/yaml_nodes.rb +47 -0
- data/lib/mcollective/util/playbook/playbook_logger.rb +47 -0
- data/lib/mcollective/util/playbook/puppet_logger.rb +51 -0
- data/lib/mcollective/util/playbook/report.rb +152 -0
- data/lib/mcollective/util/playbook/task_result.rb +55 -0
- data/lib/mcollective/util/playbook/tasks.rb +196 -0
- data/lib/mcollective/util/playbook/tasks/base.rb +45 -0
- data/lib/mcollective/util/playbook/tasks/graphite_event_task.rb +64 -0
- data/lib/mcollective/util/playbook/tasks/mcollective_task.rb +356 -0
- data/lib/mcollective/util/playbook/tasks/shell_task.rb +93 -0
- data/lib/mcollective/util/playbook/tasks/slack_task.rb +105 -0
- data/lib/mcollective/util/playbook/tasks/webhook_task.rb +136 -0
- data/lib/mcollective/util/playbook/template_util.rb +98 -0
- data/lib/mcollective/util/playbook/uses.rb +169 -0
- data/lib/mcollective/util/tasks_support.rb +733 -0
- data/lib/mcollective/util/tasks_support/cli.rb +260 -0
- data/lib/mcollective/util/tasks_support/default_formatter.rb +138 -0
- data/lib/mcollective/util/tasks_support/json_formatter.rb +108 -0
- data/lib/mcollective/validator.rb +8 -3
- data/lib/mcollective/validator/bolt_task_name_validator.ddl +7 -0
- data/lib/mcollective/validator/bolt_task_name_validator.rb +11 -0
- data/lib/mcollective/validator/length_validator.rb +1 -3
- data/lib/mcollective/validator/typecheck_validator.rb +4 -0
- metadata +67 -4
@@ -13,7 +13,7 @@ module MCollective
|
|
13
13
|
# * [ ==================================================> ] 100 / 100
|
14
14
|
class Progress
|
15
15
|
def initialize(size=nil)
|
16
|
-
@twirl = [
|
16
|
+
@twirl = ["|", "/", "-", "\\", "|", "/", "-", "\\"]
|
17
17
|
@twirldex = 0
|
18
18
|
|
19
19
|
if size
|
@@ -56,7 +56,7 @@ module MCollective
|
|
56
56
|
|
57
57
|
@twirldex == 7 ? @twirldex = 0 : @twirldex += 1
|
58
58
|
|
59
|
-
|
59
|
+
txt
|
60
60
|
end
|
61
61
|
end
|
62
62
|
end
|
@@ -13,19 +13,17 @@ module MCollective
|
|
13
13
|
|
14
14
|
begin
|
15
15
|
initialize_data
|
16
|
-
rescue Exception => e
|
17
|
-
Log.warn("Could not pre-populate reply data from the DDL: %s: %s" % [e.class, e.to_s
|
16
|
+
rescue Exception => e # rubocop:disable Lint/RescueException
|
17
|
+
Log.warn("Could not pre-populate reply data from the DDL: %s: %s" % [e.class, e.to_s])
|
18
18
|
end
|
19
19
|
end
|
20
20
|
|
21
21
|
def initialize_data
|
22
|
-
unless @ddl.actions.include?(@action)
|
23
|
-
raise "No action '%s' defined for agent '%s' in the DDL" % [@action, @ddl.pluginname]
|
24
|
-
end
|
22
|
+
raise "No action '%s' defined for agent '%s' in the DDL" % [@action, @ddl.pluginname] unless @ddl.actions.include?(@action)
|
25
23
|
|
26
24
|
interface = @ddl.action_interface(@action)
|
27
25
|
|
28
|
-
interface[:output].
|
26
|
+
interface[:output].each_key do |output|
|
29
27
|
# must deep clone this data to avoid accidental updates of the DDL in cases where the
|
30
28
|
# default is for example a string and someone does << on it
|
31
29
|
@data[output] = Marshal.load(Marshal.dump(interface[:output][output].fetch(:default, nil)))
|
@@ -44,20 +42,20 @@ module MCollective
|
|
44
42
|
@statuscode = code
|
45
43
|
|
46
44
|
case code
|
47
|
-
|
48
|
-
|
45
|
+
when 1
|
46
|
+
raise RPCAborted, msg
|
49
47
|
|
50
|
-
|
51
|
-
|
48
|
+
when 2
|
49
|
+
raise UnknownRPCAction, msg
|
52
50
|
|
53
|
-
|
54
|
-
|
51
|
+
when 3
|
52
|
+
raise MissingRPCData, msg
|
55
53
|
|
56
|
-
|
57
|
-
|
54
|
+
when 4
|
55
|
+
raise InvalidRPCData, msg
|
58
56
|
|
59
|
-
|
60
|
-
|
57
|
+
else
|
58
|
+
raise UnknownRPCError, msg
|
61
59
|
end
|
62
60
|
end
|
63
61
|
|
@@ -78,9 +76,9 @@ module MCollective
|
|
78
76
|
# Returns a compliant Hash of the reply that should be sent
|
79
77
|
# over the middleware
|
80
78
|
def to_hash
|
81
|
-
|
82
|
-
|
83
|
-
|
79
|
+
{:statuscode => @statuscode,
|
80
|
+
:statusmsg => @statusmsg,
|
81
|
+
:data => @data}
|
84
82
|
end
|
85
83
|
end
|
86
84
|
end
|
@@ -57,12 +57,14 @@ module MCollective
|
|
57
57
|
# If data is a hash, gives easy access to its members, else returns nil
|
58
58
|
def [](key)
|
59
59
|
return nil unless @data.is_a?(Hash)
|
60
|
-
|
60
|
+
|
61
|
+
@data[compatible_key(key)]
|
61
62
|
end
|
62
63
|
|
63
64
|
def fetch(key, default)
|
64
65
|
return nil unless @data.is_a?(Hash)
|
65
|
-
|
66
|
+
|
67
|
+
@data.fetch(compatible_key(key), default)
|
66
68
|
end
|
67
69
|
|
68
70
|
def to_hash
|
@@ -76,10 +78,10 @@ module MCollective
|
|
76
78
|
@ddl.validate_rpc_request(@action, @data)
|
77
79
|
end
|
78
80
|
|
79
|
-
def to_json
|
80
|
-
to_hash.merge!({:sender
|
81
|
+
def to_json(*_args)
|
82
|
+
to_hash.merge!({:sender => @sender,
|
81
83
|
:callerid => @callerid,
|
82
|
-
:uniqid
|
84
|
+
:uniqid => @uniqid}).to_json
|
83
85
|
end
|
84
86
|
end
|
85
87
|
end
|
@@ -40,12 +40,10 @@ module MCollective
|
|
40
40
|
|
41
41
|
return if interface.fetch(:output, {}).empty?
|
42
42
|
|
43
|
-
interface[:output].each do |output,
|
43
|
+
interface[:output].each do |output, _properties|
|
44
44
|
next if data.include?(output)
|
45
45
|
|
46
|
-
if output.is_a?(Symbol) && data.include?(output.to_s)
|
47
|
-
data[output] = data.delete(output.to_s)
|
48
|
-
end
|
46
|
+
data[output] = data.delete(output.to_s) if output.is_a?(Symbol) && data.include?(output.to_s)
|
49
47
|
end
|
50
48
|
end
|
51
49
|
|
@@ -69,17 +67,17 @@ module MCollective
|
|
69
67
|
@results.fetch(compatible_key(key), default)
|
70
68
|
end
|
71
69
|
|
72
|
-
def each
|
73
|
-
@results.each_pair
|
70
|
+
def each(&block)
|
71
|
+
@results.each_pair(&block)
|
74
72
|
end
|
75
73
|
|
76
|
-
def to_json(*
|
74
|
+
def to_json(*result)
|
77
75
|
{:agent => @agent,
|
78
76
|
:action => @action,
|
79
77
|
:sender => self[:sender],
|
80
78
|
:statuscode => self[:statuscode],
|
81
79
|
:statusmsg => self[:statusmsg],
|
82
|
-
:data => data}.to_json(*
|
80
|
+
:data => data}.to_json(*result)
|
83
81
|
end
|
84
82
|
|
85
83
|
def <=>(other)
|
@@ -2,9 +2,8 @@ module MCollective
|
|
2
2
|
module RPC
|
3
3
|
# Class to wrap all the stats and to keep track of some timings
|
4
4
|
class Stats
|
5
|
-
attr_accessor :noresponsefrom, :unexpectedresponsefrom, :starttime, :discoverytime, :blocktime, :responses
|
6
|
-
|
7
|
-
attr_accessor :responsesfrom, :requestid, :aggregate_summary, :ddl, :aggregate_failures
|
5
|
+
attr_accessor :noresponsefrom, :unexpectedresponsefrom, :starttime, :discoverytime, :blocktime, :responses, :totaltime, :discovered, :discovered_nodes, :okcount,
|
6
|
+
:failcount, :responsesfrom, :requestid, :aggregate_summary, :ddl, :aggregate_failures
|
8
7
|
|
9
8
|
def initialize
|
10
9
|
reset
|
@@ -17,7 +16,7 @@ module MCollective
|
|
17
16
|
@responsesfrom = []
|
18
17
|
@responses = 0
|
19
18
|
@starttime = Time.now.to_f
|
20
|
-
@discoverytime
|
19
|
+
@discoverytime ||= 0
|
21
20
|
@blocktime = 0
|
22
21
|
@totaltime = 0
|
23
22
|
@discovered = 0
|
@@ -31,18 +30,18 @@ module MCollective
|
|
31
30
|
|
32
31
|
# returns a hash of our stats
|
33
32
|
def to_hash
|
34
|
-
{:noresponsefrom
|
33
|
+
{:noresponsefrom => @noresponsefrom,
|
35
34
|
:unexpectedresponsefrom => @unexpectedresponsefrom,
|
36
|
-
:starttime
|
37
|
-
:discoverytime
|
38
|
-
:blocktime
|
39
|
-
:responses
|
40
|
-
:totaltime
|
41
|
-
:discovered
|
42
|
-
:discovered_nodes
|
43
|
-
:okcount
|
44
|
-
:requestid
|
45
|
-
:failcount
|
35
|
+
:starttime => @starttime,
|
36
|
+
:discoverytime => @discoverytime,
|
37
|
+
:blocktime => @blocktime,
|
38
|
+
:responses => @responses,
|
39
|
+
:totaltime => @totaltime,
|
40
|
+
:discovered => @discovered,
|
41
|
+
:discovered_nodes => @discovered_nodes,
|
42
|
+
:okcount => @okcount,
|
43
|
+
:requestid => @requestid,
|
44
|
+
:failcount => @failcount,
|
46
45
|
:aggregate_summary => @aggregate_summary,
|
47
46
|
:aggregate_failures => @aggregate_failures}
|
48
47
|
end
|
@@ -82,9 +81,10 @@ module MCollective
|
|
82
81
|
|
83
82
|
# Utility to time discovery from :start to :end
|
84
83
|
def time_discovery(action)
|
85
|
-
|
84
|
+
case action
|
85
|
+
when :start
|
86
86
|
@discovery_start = Time.now.to_f
|
87
|
-
|
87
|
+
when :end
|
88
88
|
@discoverytime = Time.now.to_f - @discovery_start
|
89
89
|
else
|
90
90
|
raise("Uknown discovery action #{action}")
|
@@ -95,9 +95,10 @@ module MCollective
|
|
95
95
|
|
96
96
|
# helper to time block execution time
|
97
97
|
def time_block_execution(action)
|
98
|
-
|
98
|
+
case action
|
99
|
+
when :start
|
99
100
|
@block_start = Time.now.to_f
|
100
|
-
|
101
|
+
when :end
|
101
102
|
@blocktime += Time.now.to_f - @block_start
|
102
103
|
else
|
103
104
|
raise("Uknown block action #{action}")
|
@@ -156,16 +157,16 @@ module MCollective
|
|
156
157
|
|
157
158
|
result.puts Util.colorize(:bold, "Summary of %s:" % display_as)
|
158
159
|
result.puts
|
159
|
-
|
160
|
-
result.puts aggregate.to_s.split("\n").map{|x| " " + x}.join("\n")
|
161
|
-
else
|
160
|
+
if aggregate_report == ""
|
162
161
|
result.puts Util.colorize(:yellow, " No aggregate summary could be computed")
|
162
|
+
else
|
163
|
+
result.puts aggregate.to_s.split("\n").map {|x| " #{x}"}.join("\n")
|
163
164
|
end
|
164
165
|
result.puts
|
165
166
|
end
|
166
167
|
|
167
168
|
@aggregate_failures.each do |failed|
|
168
|
-
case(failed[:type])
|
169
|
+
case (failed[:type])
|
169
170
|
when :startup
|
170
171
|
message = "exception raised while processing startup hook"
|
171
172
|
when :create
|
@@ -187,65 +188,55 @@ module MCollective
|
|
187
188
|
|
188
189
|
# Returns a blob of text representing the request status based on the
|
189
190
|
# stats contained in this class
|
190
|
-
def report(caption
|
191
|
+
def report(caption="rpc stats", summarize=true, verbose=false)
|
191
192
|
result_text = []
|
192
193
|
|
193
194
|
if verbose
|
194
|
-
|
195
|
-
|
196
|
-
|
197
|
-
|
198
|
-
|
195
|
+
if !@aggregate_summary.empty? && summarize
|
196
|
+
result_text << text_for_aggregates
|
197
|
+
else
|
198
|
+
result_text << ""
|
199
|
+
end
|
199
200
|
|
200
201
|
result_text << Util.colorize(:yellow, "---- #{caption} ----")
|
201
202
|
|
202
203
|
if @discovered
|
203
204
|
@responses < @discovered ? color = :red : color = :reset
|
204
|
-
result_text << " Nodes: %s / %s" % [
|
205
|
+
result_text << " Nodes: %s / %s" % [Util.colorize(color, @discovered), Util.colorize(color, @responses)]
|
205
206
|
else
|
206
207
|
result_text << " Nodes: #{@responses}"
|
207
208
|
end
|
208
209
|
|
209
210
|
@failcount < 0 ? color = :red : color = :reset
|
210
211
|
|
211
|
-
result_text << " Pass / Fail: %s / %s" % [Util.colorize(color, @okcount), Util.colorize(color, @failcount)
|
212
|
+
result_text << " Pass / Fail: %s / %s" % [Util.colorize(color, @okcount), Util.colorize(color, @failcount)]
|
212
213
|
result_text << " Start Time: %s" % [Time.at(@starttime)]
|
213
214
|
result_text << " Discovery Time: %.2fms" % [@discoverytime * 1000]
|
214
215
|
result_text << " Agent Time: %.2fms" % [@blocktime * 1000]
|
215
216
|
result_text << " Total Time: %.2fms" % [@totaltime * 1000]
|
216
|
-
|
217
|
-
|
218
|
-
@responses < @discovered ? color = :red : color = :green
|
219
|
-
|
220
|
-
if @aggregate_summary.size + @aggregate_failures.size > 0 && summarize
|
221
|
-
result_text << text_for_aggregates
|
222
|
-
else
|
223
|
-
result_text << ""
|
224
|
-
end
|
217
|
+
elsif @discovered
|
218
|
+
@responses < @discovered ? color = :red : color = :green
|
225
219
|
|
226
|
-
|
220
|
+
if @aggregate_summary.size + @aggregate_failures.size > 0 && summarize
|
221
|
+
result_text << text_for_aggregates
|
227
222
|
else
|
228
|
-
result_text << "
|
223
|
+
result_text << ""
|
229
224
|
end
|
225
|
+
|
226
|
+
result_text << "Finished processing %s / %s hosts in %.2f ms" % [Util.colorize(color, @responses), Util.colorize(color, @discovered), @blocktime * 1000]
|
227
|
+
else
|
228
|
+
result_text << "Finished processing %s hosts in %.2f ms" % [Util.colorize(:bold, @responses), @blocktime * 1000]
|
230
229
|
end
|
231
230
|
|
232
231
|
no_response_r = no_response_report
|
233
232
|
unexpected_response_r = unexpected_response_report
|
234
|
-
if no_response_r || unexpected_response_r
|
235
|
-
result_text << ""
|
236
|
-
end
|
233
|
+
result_text << "" if no_response_r || unexpected_response_r
|
237
234
|
|
238
|
-
if no_response_r != ""
|
239
|
-
result_text << "" << no_response_r
|
240
|
-
end
|
235
|
+
result_text << "" << no_response_r if no_response_r != ""
|
241
236
|
|
242
|
-
if unexpected_response_r != ""
|
243
|
-
result_text << "" << unexpected_response_r
|
244
|
-
end
|
237
|
+
result_text << "" << unexpected_response_r if unexpected_response_r != ""
|
245
238
|
|
246
|
-
if no_response_r || unexpected_response_r
|
247
|
-
result_text << ""
|
248
|
-
end
|
239
|
+
result_text << "" if no_response_r || unexpected_response_r
|
249
240
|
|
250
241
|
result_text.join("\n")
|
251
242
|
end
|
@@ -254,13 +245,13 @@ module MCollective
|
|
254
245
|
def no_response_report
|
255
246
|
result_text = StringIO.new
|
256
247
|
|
257
|
-
|
248
|
+
unless @noresponsefrom.empty?
|
258
249
|
result_text.puts Util.colorize(:red, "No response from:")
|
259
250
|
result_text.puts
|
260
251
|
|
261
252
|
field_size = Util.field_size(@noresponsefrom, 30)
|
262
253
|
fields_num = Util.field_number(field_size)
|
263
|
-
format = " "
|
254
|
+
format = " #{" %-#{field_size}s" * fields_num}"
|
264
255
|
|
265
256
|
@noresponsefrom.sort.in_groups_of(fields_num) do |c|
|
266
257
|
result_text.puts format % c
|
@@ -274,13 +265,13 @@ module MCollective
|
|
274
265
|
def unexpected_response_report
|
275
266
|
result_text = StringIO.new
|
276
267
|
|
277
|
-
|
268
|
+
unless @unexpectedresponsefrom.empty?
|
278
269
|
result_text.puts Util.colorize(:red, "Unexpected response from:")
|
279
270
|
result_text.puts
|
280
271
|
|
281
272
|
field_size = Util.field_size(@unexpectedresponsefrom, 30)
|
282
273
|
fields_num = Util.field_number(field_size)
|
283
|
-
format = " "
|
274
|
+
format = " #{" %-#{field_size}s" * fields_num}"
|
284
275
|
|
285
276
|
@unexpectedresponsefrom.sort.in_groups_of(fields_num) do |c|
|
286
277
|
result_text.puts format % c
|
@@ -25,12 +25,12 @@ module MCollective
|
|
25
25
|
# that takes care of encoding the core requirements. The best place to see how security
|
26
26
|
# works is by looking at the provided MCollective::Security::PSK plugin.
|
27
27
|
class Base
|
28
|
-
attr_reader :stats
|
29
28
|
attr_accessor :initiated_by
|
30
29
|
|
31
30
|
# Register plugins that inherits base
|
32
31
|
def self.inherited(klass)
|
33
32
|
PluginManager << {:type => "security_plugin", :class => klass.to_s}
|
33
|
+
super
|
34
34
|
end
|
35
35
|
|
36
36
|
# Initializes configuration and logging as well as prepare a zero'd hash of stats
|
@@ -38,7 +38,6 @@ module MCollective
|
|
38
38
|
def initialize
|
39
39
|
@config = Config.instance
|
40
40
|
@log = Log
|
41
|
-
@stats = PluginManager["global_stats"]
|
42
41
|
end
|
43
42
|
|
44
43
|
# Takes a Hash with a filter in it and validates it against host information.
|
@@ -52,18 +51,18 @@ module MCollective
|
|
52
51
|
# - identity - the configured identity of the system
|
53
52
|
#
|
54
53
|
# TODO: Support REGEX and/or multiple filter keys to be AND'd
|
55
|
-
def validate_filter?(filter)
|
54
|
+
def validate_filter?(filter) # rubocop:disable Metrics/MethodLength
|
56
55
|
failed = 0
|
57
56
|
passed = 0
|
58
57
|
|
59
58
|
passed = 1 if Util.empty_filter?(filter)
|
60
59
|
|
61
|
-
filter.
|
60
|
+
filter.each_key do |key|
|
62
61
|
case key
|
63
62
|
when /puppet_class|cf_class/
|
64
63
|
filter[key].each do |f|
|
65
64
|
Log.debug("Checking for class #{f}")
|
66
|
-
if Util.has_cf_class?(f)
|
65
|
+
if Util.has_cf_class?(f)
|
67
66
|
Log.debug("Passing based on configuration management class #{f}")
|
68
67
|
passed += 1
|
69
68
|
else
|
@@ -80,34 +79,34 @@ module MCollective
|
|
80
79
|
begin
|
81
80
|
compound.each do |expression|
|
82
81
|
case expression.keys.first
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
82
|
+
when "statement"
|
83
|
+
truth_values << Matcher.eval_compound_statement(expression).to_s
|
84
|
+
when "fstatement"
|
85
|
+
truth_values << Matcher.eval_compound_fstatement(expression.values.first)
|
86
|
+
when "and"
|
87
|
+
truth_values << "&&"
|
88
|
+
when "or"
|
89
|
+
truth_values << "||"
|
90
|
+
when "("
|
91
|
+
truth_values << "("
|
92
|
+
when ")"
|
93
|
+
truth_values << ")"
|
94
|
+
when "not"
|
95
|
+
truth_values << "!"
|
97
96
|
end
|
98
97
|
end
|
99
98
|
|
100
|
-
result = eval(truth_values.join(" "))
|
99
|
+
result = eval(truth_values.join(" ")) # rubocop:disable Security/Eval
|
101
100
|
rescue DDLValidationError
|
102
101
|
result = false
|
103
102
|
end
|
104
103
|
|
105
104
|
if result
|
106
105
|
Log.debug("Passing based on class and fact composition")
|
107
|
-
passed +=1
|
106
|
+
passed += 1
|
108
107
|
else
|
109
108
|
Log.debug("Failing based on class and fact composition")
|
110
|
-
failed +=1
|
109
|
+
failed += 1
|
111
110
|
end
|
112
111
|
end
|
113
112
|
|
@@ -136,7 +135,7 @@ module MCollective
|
|
136
135
|
when "identity"
|
137
136
|
unless filter[key].empty?
|
138
137
|
# Identity filters should not be 'and' but 'or' as each node can only have one identity
|
139
|
-
matched = filter[key].select{|f| Util.has_identity?(f)}.size
|
138
|
+
matched = filter[key].select {|f| Util.has_identity?(f)}.size
|
140
139
|
|
141
140
|
if matched == 1
|
142
141
|
Log.debug("Passing based on identity")
|
@@ -152,15 +151,11 @@ module MCollective
|
|
152
151
|
if failed == 0 && passed > 0
|
153
152
|
Log.debug("Message passed the filter checks")
|
154
153
|
|
155
|
-
|
156
|
-
|
157
|
-
return true
|
154
|
+
true
|
158
155
|
else
|
159
156
|
Log.debug("Message failed the filter checks")
|
160
157
|
|
161
|
-
|
162
|
-
|
163
|
-
return false
|
158
|
+
false
|
164
159
|
end
|
165
160
|
end
|
166
161
|
|
@@ -194,12 +189,10 @@ module MCollective
|
|
194
189
|
# Mostly used by security plugins to figure out if they should do the hard work of decrypting
|
195
190
|
# etc messages that would only later on be ignored
|
196
191
|
def should_process_msg?(msg, msgid)
|
197
|
-
if msg.expected_msgid
|
198
|
-
|
199
|
-
|
200
|
-
|
201
|
-
raise MsgDoesNotMatchRequestID, msgtext
|
202
|
-
end
|
192
|
+
if msg.expected_msgid && msg.expected_msgid != msgid
|
193
|
+
msgtext = "Got a message with id %s but was expecting %s, ignoring message" % [msgid, msg.expected_msgid]
|
194
|
+
Log.debug msgtext
|
195
|
+
raise MsgDoesNotMatchRequestID, msgtext
|
203
196
|
end
|
204
197
|
|
205
198
|
true
|
@@ -211,7 +204,7 @@ module MCollective
|
|
211
204
|
# callerids are generally in the form uid=123 or cert=foo etc so we do that
|
212
205
|
# here but security plugins could override this for some complex uses
|
213
206
|
def valid_callerid?(id)
|
214
|
-
!!id.match(
|
207
|
+
!!id.match(/^\w+=[\w.\-]+$/)
|
215
208
|
end
|
216
209
|
|
217
210
|
# Returns a unique id for the caller, by default we just use the unix
|