oxidized 0.28.0 → 0.29.0

data/lib/oxidized/hook/githubrepo.rb

@@ -4,18 +4,32 @@ class GithubRepo < Oxidized::Hook
   end
 
   def run_hook(ctx)
-    repo = Rugged::Repository.new(ctx.node.repo)
+    repo  = Rugged::Repository.new(ctx.node.repo)
+    creds = credentials(ctx.node)
+    url   = remote_repo(ctx.node)
+
+    if url.nil? || url.empty?
+      log "No repository defined for #{ctx.node.group}/#{ctx.node.name}", :debug
+      return
+    end
+
     log "Pushing local repository(#{repo.path})..."
-    remote = repo.remotes['origin'] || repo.remotes.create('origin', remote_repo(ctx.node))
-    log "to remote: #{remote.url}"
+    log "to remote: #{url}"
 
-    fetch_and_merge_remote(repo)
+    if repo.remotes['origin'].nil?
+      repo.remotes.create('origin', url)
+    elsif repo.remotes['origin'].url != url
+      repo.remotes.set_url('origin', url)
+    end
+    remote = repo.remotes['origin']
+
+    fetch_and_merge_remote(repo, creds)
 
-    remote.push([repo.head.name], credentials: credentials)
+    remote.push([repo.head.name], credentials: creds)
   end
 
-  def fetch_and_merge_remote(repo)
-    result = repo.fetch('origin', [repo.head.name], credentials: credentials)
+  def fetch_and_merge_remote(repo, creds)
+    result = repo.fetch('origin', [repo.head.name], credentials: creds)
     log result.inspect, :debug
 
     unless result[:total_deltas].positive?
@@ -43,15 +57,20 @@ class GithubRepo < Oxidized::Hook
 
   private
 
-  def credentials
+  def credentials(node)
     Proc.new do |_url, username_from_url, _allowed_types| # rubocop:disable Style/Proc
       git_user = cfg.has_key?('username') ? cfg.username : (username_from_url || 'git')
       if cfg.has_key?('password')
         log "Authenticating using username and password as '#{git_user}'", :debug
         Rugged::Credentials::UserPassword.new(username: git_user, password: cfg.password)
-      elsif cfg.has_key?('publickey') && cfg.has_key?('privatekey')
+      elsif cfg.has_key?('privatekey')
+        pubkey = cfg.has_key?('publickey') ? cfg.publickey : nil
         log "Authenticating using ssh keys as '#{git_user}'", :debug
-        Rugged::Credentials::SshKey.new(username: git_user, publickey: File.expand_path(cfg.publickey), privatekey: File.expand_path(cfg.privatekey), passphrase: ENV["OXIDIZED_SSH_PASSPHRASE"])
+        rugged_sshkey(git_user: git_user, privkey: cfg.privatekey, pubkey: pubkey)
+      elsif cfg.has_key?('remote_repo') && cfg.remote_repo.has_key?(node.group) && cfg.remote_repo[node.group].has_key?('privatekey')
+        pubkey = cfg.remote_repo[node.group].has_key?('publickey') ? cfg.remote_repo[node.group].publickey : nil
+        log "Authenticating using ssh keys as '#{git_user}' for '#{node.group}/#{node.name}'", :debug
+        rugged_sshkey(git_user: git_user, privkey: cfg.remote_repo[node.group].privatekey, pubkey: pubkey)
       else
         log "Authenticating using ssh agent as '#{git_user}'", :debug
         Rugged::Credentials::SshKeyFromAgent.new(username: git_user)
@@ -59,11 +78,23 @@ class GithubRepo < Oxidized::Hook
     end
   end
 
+  def rugged_sshkey(args = {})
+    git_user   = args[:git_user]
+    privkey    = args[:privkey]
+    pubkey     = args[:pubkey] || (privkey + '.pub')
+    Rugged::Credentials::SshKey.new(username:   git_user,
+                                    publickey:  File.expand_path(pubkey),
+                                    privatekey: File.expand_path(privkey),
+                                    passphrase: ENV.fetch("OXIDIZED_SSH_PASSPHRASE", nil))
+  end
+
   def remote_repo(node)
     if node.group.nil? || cfg.remote_repo.is_a?(String)
       cfg.remote_repo
-    else
+    elsif cfg.remote_repo[node.group].is_a?(String)
       cfg.remote_repo[node.group]
+    elsif cfg.remote_repo[node.group].url.is_a?(String)
+      cfg.remote_repo[node.group].url
     end
   end
 end

data/lib/oxidized/hook/slackdiff.rb

@@ -14,11 +14,11 @@ class SlackDiff < Oxidized::Hook
     return unless ctx.event.to_s == "post_store"
 
     log "Connecting to slack"
-    Slack.configure do |config|
+    Slack::Web::Client.configure do |config|
       config.token = cfg.token
       config.proxy = cfg.proxy if cfg.has_key?('proxy')
     end
-    client = Slack::Client.new
+    client = Slack::Web::Client.new
     client.auth_test
     log "Connected"
     if cfg.has_key?("diff") ? cfg.diff : true

data/lib/oxidized/hook/xmppdiff.rb

@@ -2,6 +2,44 @@ require 'xmpp4r'
 require 'xmpp4r/muc/helper/simplemucclient'
 
 class XMPPDiff < Oxidized::Hook
+  def connect
+    @client = Jabber::Client.new(Jabber::JID.new(cfg.jid))
+
+    log "Connecting to XMPP"
+    begin
+      Timeout.timeout(15) do
+        begin
+          @client.connect
+        rescue StandardError => e
+          log "Failed to connect to XMPP: #{e}"
+        end
+        sleep 1
+
+        log "Authenticating to XMPP"
+        @client.auth(cfg.password)
+        sleep 1
+
+        log "Connected to XMPP"
+
+        @muc = Jabber::MUC::SimpleMUCClient.new(@client)
+        @muc.join(cfg.channel + "/" + cfg.nick)
+
+        log "Joined #{cfg.channel}"
+      end
+    rescue Timeout::Error
+      log "timed out"
+      @client = nil
+      @muc = nil
+    end
+
+    @client.on_exception do
+      log "XMPP connection aborted, reconnecting"
+      @client = nil
+      @muc = nil
+      connect
+    end
+  end
+
   def validate_cfg!
     raise KeyError, 'hook.jid is required' unless cfg.has_key?('jid')
     raise KeyError, 'hook.password is required' unless cfg.has_key?('password')
@@ -21,35 +59,17 @@ class XMPPDiff < Oxidized::Hook
         interesting = diff[:patch].lines.to_a[4..-1].any? do |line|
           ["+", "-"].include?(line[0]) && (not ["#", "!"].include?(line[1]))
         end
-        interesting &&= diff[:patch].lines.to_a[5..-1].any? { |line| line[0] == '-' }
-        interesting &&= diff[:patch].lines.to_a[5..-1].any? { |line| line[0] == '+' }
 
         if interesting
-          log "Connecting to XMPP"
-          client = Jabber::Client.new(Jabber::JID.new(cfg.jid))
-          client.connect
-          sleep 1
-          client.auth(cfg.password)
-          sleep 1
-
-          log "Connected"
-
-          m = Jabber::MUC::SimpleMUCClient.new(client)
-          m.join(cfg.channel + "/" + cfg.nick)
-
-          log "Joined"
-
-          title = "#{ctx.node.name} #{ctx.node.group} #{ctx.node.model.class.name.to_s.downcase}"
-          log "Posting diff as snippet to #{cfg.channel}"
-
-          m.say(title + "\n\n" + diff[:patch].lines.to_a[4..-1].join)
-
-          sleep 1
-
-          client.close
+          connect if @muc.nil?
 
-          log "Finished"
+          # Maybe connecting failed, so only proceed if we actually joined the MUC
+          unless @muc.nil?
+            title = "#{ctx.node.name} #{ctx.node.group} #{ctx.node.model.class.name.to_s.downcase}"
+            log "Posting diff as snippet to #{cfg.channel}"
 
+            @muc.say(title + "\n\n" + diff[:patch].lines.to_a[4..-1].join)
+          end
         end
       end
     rescue Timeout::Error

data/lib/oxidized/hook.rb

@@ -55,12 +55,10 @@ module Oxidized
       ctx.event = event
 
       @registered_hooks[event].each do |r_hook|
-        begin
-          r_hook.hook.run_hook ctx
-        rescue StandardError => e
-          Oxidized.logger.error "Hook #{r_hook.name} (#{r_hook.hook}) failed " \
-                                "(#{e.inspect}) for event #{event.inspect}"
-        end
+        r_hook.hook.run_hook ctx
+      rescue StandardError => e
+        Oxidized.logger.error "Hook #{r_hook.name} (#{r_hook.hook}) failed " \
+                              "(#{e.inspect}) for event #{event.inspect}"
       end
     end
   end
@@ -69,8 +67,6 @@ module Oxidized
   class Hook
     attr_reader :cfg
 
-    def initialize; end
-
     def cfg=(cfg)
       @cfg = cfg
       validate_cfg! if respond_to? :validate_cfg!

data/lib/oxidized/input/exec.rb

@@ -6,8 +6,8 @@ module Oxidized
 
     def connect(node)
       @node = node
-      @node.model.cfg["exec"].each { |cb| instance_exec(&cb) }
       @log = File.open(Oxidized::Config::Log + "/#{@node.ip}-exec", "w") if Oxidized.config.input.debug?
+      @node.model.cfg["exec"].each { |cb| instance_exec(&cb) }
     end
 
     def cmd(cmd_str)

data/lib/oxidized/input/input.rb

@@ -1,5 +1,6 @@
 module Oxidized
   class PromptUndetect < OxidizedError; end
+
   class Input
     include Oxidized::Config::Vars
 

data/lib/oxidized/input/ssh.rb

@@ -122,34 +122,27 @@ module Oxidized
     def make_ssh_opts
       secure = Oxidized.config.input.ssh.secure?
       ssh_opts = {
-        number_of_password_prompts: 0,
-        keepalive:                  vars(:ssh_no_keepalive) ? false : true,
-        verify_host_key:            secure ? :always : :never,
-        password:                   @node.auth[:password],
-        timeout:                    Oxidized.config.timeout,
-        port:                       (vars(:ssh_port) || 22).to_i
+        number_of_password_prompts:      0,
+        keepalive:                       vars(:ssh_no_keepalive) ? false : true,
+        verify_host_key:                 secure ? :always : :never,
+        append_all_supported_algorithms: true,
+        password:                        @node.auth[:password],
+        timeout:                         Oxidized.config.timeout,
+        port:                            (vars(:ssh_port) || 22).to_i,
+        forward_agent:                   false
       }
 
       auth_methods = vars(:auth_methods) || %w[none publickey password]
       ssh_opts[:auth_methods] = auth_methods
       Oxidized.logger.debug "AUTH METHODS::#{auth_methods}"
 
-      if (proxy_host = vars(:ssh_proxy))
-        proxy_command =  "ssh "
-        proxy_command += "-o StrictHostKeyChecking=no " unless secure
-        if (proxy_port = vars(:ssh_proxy_port))
-          proxy_command += "-p #{proxy_port} "
-        end
-        proxy_command += "#{proxy_host} -W %h:%p"
-        proxy = Net::SSH::Proxy::Command.new(proxy_command)
-        ssh_opts[:proxy] = proxy
-      end
+      ssh_opts[:proxy] = make_ssh_proxy_command(vars(:ssh_proxy), vars(:ssh_proxy_port), secure) if vars(:ssh_proxy)
 
-      ssh_opts[:keys]       = [vars(:ssh_keys)].flatten if vars(:ssh_keys)
-      ssh_opts[:kex]        = vars(:ssh_kex).split(/,\s*/) if vars(:ssh_kex)
+      ssh_opts[:keys]       = [vars(:ssh_keys)].flatten           if vars(:ssh_keys)
+      ssh_opts[:kex]        = vars(:ssh_kex).split(/,\s*/)        if vars(:ssh_kex)
       ssh_opts[:encryption] = vars(:ssh_encryption).split(/,\s*/) if vars(:ssh_encryption)
-      ssh_opts[:host_key]   = vars(:ssh_host_key).split(/,\s*/) if vars(:ssh_host_key)
-      ssh_opts[:hmac]       = vars(:ssh_hmac).split(/,\s*/) if vars(:ssh_hmac)
+      ssh_opts[:host_key]   = vars(:ssh_host_key).split(/,\s*/)   if vars(:ssh_host_key)
+      ssh_opts[:hmac]       = vars(:ssh_hmac).split(/,\s*/)       if vars(:ssh_hmac)
 
       if Oxidized.config.input.debug?
         ssh_opts[:logger]  = Oxidized.logger
@@ -158,5 +151,15 @@ module Oxidized
 
       ssh_opts
     end
+
+    def make_ssh_proxy_command(proxy_host, proxy_port, secure)
+      return nil unless !proxy_host.nil? && !proxy_host.empty?
+
+      proxy_command =  "ssh "
+      proxy_command += "-o StrictHostKeyChecking=no " unless secure
+      proxy_command += "-p #{proxy_port} "            if proxy_port
+      proxy_command += "#{proxy_host} -W [%h]:%p"
+      Net::SSH::Proxy::Command.new(proxy_command)
+    end
   end
 end

data/lib/oxidized/input/telnet.rb

@@ -35,13 +35,15 @@ module Oxidized
     end
 
     def cmd(cmd_str, expect = @node.prompt)
+      Oxidized.logger.debug "Telnet: #{cmd_str} @#{@node.name}"
       return send(cmd_str + "\r\n") unless expect
 
-      Oxidized.logger.debug "Telnet: #{cmd_str} @#{@node.name}"
-      args = { 'String'  => cmd_str,
-               'Match'   => expect,
-               'Timeout' => @timeout }
-      @telnet.cmd args
+      # create a string to be passed to oxidized_expect and modified _there_
+      # default to a single space so it shouldn't be coerced to nil by any models.
+      out = String(' ')
+      @telnet.puts(cmd_str)
+      @telnet.oxidized_expect(timeout: @timeout, expect: expect, out: out)
+      out
     end
 
     def send(data)
@@ -69,46 +71,52 @@ module Oxidized
   end
 end
 
-class Net::Telnet
-  ## how to do this, without redefining the whole damn thing
-  ## FIXME: we also need output (not sure I'm going to support this)
-  attr_reader :output
-  def oxidized_expect(options)
-    model    = @options["Model"]
-    @log     = @options["Log"]
-
-    expects  = [options[:expect]].flatten
-    time_out = options[:timeout] || @options["Timeout"] || Oxidized.config.timeout?
-
-    Timeout.timeout(time_out) do
-      line = ""
-      rest = ""
-      buf  = ""
-      loop do
-        c = @sock.readpartial(1024 * 1024)
-        @output = c
-        c = rest + c
-
-        if Integer(c.rindex(/#{IAC}#{SE}/no) || 0) <
-           Integer(c.rindex(/#{IAC}#{SB}/no) || 0)
-          buf = preprocess(c[0...c.rindex(/#{IAC}#{SB}/no)])
-          rest = c[c.rindex(/#{IAC}#{SB}/no)..-1]
-        elsif (pt = c.rindex(/#{IAC}[^#{IAC}#{AO}#{AYT}#{DM}#{IP}#{NOP}]?\z/no) ||
-                   c.rindex(/\r\z/no))
-          buf = preprocess(c[0...pt])
-          rest = c[pt..-1]
-        else
-          buf = preprocess(c)
-          rest = ''
-        end
-        if Oxidized.config.input.debug?
-          @log.print buf
-          @log.flush
+module Net
+  class Telnet
+    ## how to do this, without redefining the whole damn thing
+    ## FIXME: we also need output (not sure I'm going to support this)
+    attr_reader :output
+
+    def oxidized_expect(options) ## rubocop:disable Metrics/PerceivedComplexity
+      model    = @options["Model"]
+      @log     = @options["Log"]
+
+      expects  = [options[:expect]].flatten
+      time_out = options[:timeout] || @options["Timeout"] || Oxidized.config.timeout?
+
+      Timeout.timeout(time_out) do
+        line = ""
+        rest = ""
+        buf  = ""
+        loop do
+          c = @sock.readpartial(1024 * 1024)
+          @output = c
+          c = rest + c
+
+          if Integer(c.rindex(/#{IAC}#{SE}/no) || 0) <
+             Integer(c.rindex(/#{IAC}#{SB}/no) || 0)
+            buf = preprocess(c[0...c.rindex(/#{IAC}#{SB}/no)])
+            rest = c[c.rindex(/#{IAC}#{SB}/no)..-1]
+          elsif (pt = c.rindex(/#{IAC}[^#{IAC}#{AO}#{AYT}#{DM}#{IP}#{NOP}]?\z/no) ||
+                     c.rindex(/\r\z/no))
+            buf = preprocess(c[0...pt])
+            rest = c[pt..-1]
+          else
+            buf = preprocess(c)
+            rest = ''
+          end
+          if Oxidized.config.input.debug?
+            @log.print buf
+            @log.flush
+          end
+          line += buf
+          line = model.expects line
+          # match is a regexp object. we need to return that for logins to work.
+          match = expects.find { |re| line.match re }
+          # stomp on the out string object if we have one. (thus we were called by cmd?)
+          options[:out]&.replace(line)
+          return match if match
         end
-        line += buf
-        line = model.expects line
-        match = expects.find { |re| line.match re }
-        return match if match
       end
     end
   end

data/lib/oxidized/job.rb

@@ -1,6 +1,7 @@
 module Oxidized
   class Job < Thread
     attr_reader :start, :end, :status, :time, :node, :config
+
     def initialize(node)
       @node         = node
       @start        = Time.now.utc

data/lib/oxidized/jobs.rb

@@ -4,13 +4,14 @@ module Oxidized
     MAX_INTER_JOB_GAP = 300 # add job if more than X from last job started
     attr_accessor :interval, :max, :want
 
-    def initialize(max, interval, nodes)
-      @max       = max
+    def initialize(max, use_max_threads, interval, nodes)
+      @max = max
+      @use_max_threads = use_max_threads
       # Set interval to 1 if interval is 0 (=disabled) so we don't break
       # the 'ceil' function
-      @interval  = interval.zero? ? 1 : interval
-      @nodes     = nodes
-      @last      = Time.now.utc
+      @interval = interval.zero? ? 1 : interval
+      @nodes = nodes
+      @last = Time.now.utc
       @durations = Array.new @nodes.size, AVERAGE_DURATION
       duration AVERAGE_DURATION
       super()
@@ -33,7 +34,11 @@ module Oxidized
     end
 
     def new_count
-      @want = ((@nodes.size * @duration) / @interval).ceil
+      @want = if @use_max_threads
+                @max
+              else
+                ((@nodes.size * @duration) / @interval).ceil
+              end
       @want = 1 if @want < 1
       @want = @nodes.size if @want > @nodes.size
       @want = @max if @want > @max

data/lib/oxidized/manager.rb

@@ -23,6 +23,7 @@ module Oxidized
     end
 
     attr_reader :input, :output, :source, :model, :hook
+
     def initialize
       @input  = {}
       @output = {}

data/lib/oxidized/model/acmepacket.rb

@@ -0,0 +1,38 @@
+class ACMEPACKET < Oxidized::Model
+  # Oracle ACME Packet 3k, 4k, 6k series
+
+  prompt /^\r*([\w.@()-\/]+[#>]\s?)$/
+
+  comment  '! '
+
+  cmd :all do |cfg, cmdstring|
+    new_cfg = comment "COMMAND: #{cmdstring}\n"
+    new_cfg << cfg.cut_both
+  end
+
+  cmd 'show version' do |cfg|
+    comment cfg
+  end
+
+  cmd 'show running-config' do |cfg|
+    cfg
+  end
+
+  cfg :telnet do
+    password /^Password:/i
+  end
+
+  cfg :telnet, :ssh do
+    # preferred way to handle additional passwords
+    post_login do
+      if vars(:enable) == true
+        cmd "enable"
+      elsif vars(:enable)
+        cmd "enable", /^[pP]assword:/
+        cmd vars(:enable)
+      end
+    end
+    pre_logout 'exit'
+    pre_logout 'exit'
+  end
+end

data/lib/oxidized/model/adtran.rb

@@ -15,9 +15,11 @@ class Adtran < Oxidized::Model
   cmd 'show running-config'
 
   cfg :ssh do
-    post_login do
-      send "enable\n"
-      cmd vars(:enable)
+    if vars :enable
+      post_login do
+        send "enable\n"
+        cmd vars(:enable)
+      end
     end
     post_login 'terminal length 0'
     pre_logout 'exit'

data/lib/oxidized/model/adva.rb

@@ -0,0 +1,66 @@
+# Oxidized model for ADVA devices
+#
+# IMPORTANT: To get this working, cli-paging must be disabled
+# for the user that is used to fetch the configuration.
+
+class ADVA < Oxidized::Model
+  prompt /\w+\-+[#>]\s?$/
+  comment '# '
+
+  cmd :secret do |cfg|
+    cfg.gsub! /community "[^"]+"/, 'community "<hidden>"'
+    cfg
+  end
+
+  cmd :all do |cfg|
+    cfg.cut_both
+  end
+
+  cmd 'show running-config current' do |cfg|
+    cfg.each_line.reject { |line| line.match /^Preparing configuration file.*/ }.join
+  end
+
+  cmd 'show system' do |cfg|
+    cfg = cfg.each_line.reject { |line| line.match /(up time|local time)/i }.join
+
+    cfg = "COMMAND: show system\n\n" + cfg
+    cfg = comment cfg
+    "\n\n" + cfg
+  end
+
+  cmd 'network-element ne-1'
+
+  cmd 'show shelf-info' do |cfg|
+    cfg = "COMMAND: show shelf-info\n\n" + cfg
+    cfg = comment cfg
+    "\n\n" + cfg
+  end
+
+  post do
+    ports = []
+    ports_output = ''
+
+    cmd 'show ports' do |cfg|
+      cfg.each_line do |line|
+        port = line.match(/\|((access|network)[^\|]+)\|/)
+        ports << port if port
+      end
+    end
+
+    ports.each do |port|
+      port_command = 'show ' + port[2] + '-port ' + port[1]
+
+      ports_output << cmd(port_command) do |cfg|
+        cfg = "COMMAND: " + port_command + "\n\n" + cfg
+        cfg = comment cfg
+        "\n\n" + cfg
+      end
+    end
+
+    ports_output
+  end
+
+  cfg :ssh do
+    pre_logout 'logout'
+  end
+end

data/lib/oxidized/model/airfiber.rb

@@ -1,7 +1,7 @@
 class Airfiber < Oxidized::Model
   # Ubiquiti Airfiber (tested with Airfiber 11FX)
 
-  prompt /^AF[\w\.]+#/
+  prompt /^AF[\w\.-]+#/i
 
   cmd :all do |cfg|
     cfg.cut_both