portertech-sensu 1.10.0

data/lib/sensu/api/validators/check.rb

@@ -0,0 +1,55 @@
+require "sensu/api/validators/invalid"
+require "sensu/settings/rules"
+require "sensu/settings/validators/check"
+
+module Sensu
+  module API
+    module Validators
+      class Check
+        # Include Sensu Settings rules and check validator.
+        include Sensu::Settings::Rules
+        include Sensu::Settings::Validators::Check
+
+        # Validate a check result, selectively using check definition
+        # validation methods.
+        #
+        # @param check [Hash]
+        def validate_check_result(check)
+          must_be_a_string(check[:output]) ||
+            invalid(check, "check output must be a string")
+          must_be_an_integer(check[:status]) ||
+            invalid(check, "check status must be an integer")
+          must_be_an_integer(check[:executed]) ||
+            invalid(check, "check executed timestamp must be an integer")
+          validate_check_name(check)
+          validate_check_handling(check)
+          validate_check_aggregate(check)
+          validate_check_flap_detection(check)
+          validate_check_truncate_output(check)
+          validate_check_source(check) if check[:source]
+          validate_check_ttl(check) if check[:ttl]
+        end
+
+        # Determine if a check definition is valid.
+        #
+        # @param check [Hash]
+        # @return [TrueClass, FalseClass]
+        def valid?(check)
+          validate_check_result(check)
+          true
+        rescue Invalid
+          false
+        end
+
+        private
+
+        # This method is called when validation methods encounter an
+        # invalid definition object. This method raises an exception
+        # to be caught by `valid?()`.
+        def invalid(*arguments)
+          raise Invalid
+        end
+      end
+    end
+  end
+end

data/lib/sensu/api/validators/client.rb

@@ -0,0 +1,35 @@
+require "sensu/api/validators/invalid"
+require "sensu/settings/rules"
+require "sensu/settings/validators/client"
+
+module Sensu
+  module API
+    module Validators
+      class Client
+        # Include Sensu Settings rules and client validator.
+        include Sensu::Settings::Rules
+        include Sensu::Settings::Validators::Client
+
+        # Determine if a client definition is valid.
+        #
+        # @param client [Hash]
+        # @return [TrueClass, FalseClass]
+        def valid?(client)
+          validate_client(client)
+          true
+        rescue Invalid
+          false
+        end
+
+        private
+
+        # This method is called when `validate_client()` encounters an
+        # invalid definition object. This method raises an exception
+        # to be caught by `valid?()`.
+        def invalid(*arguments)
+          raise Invalid
+        end
+      end
+    end
+  end
+end

data/lib/sensu/api/validators/invalid.rb

@@ -0,0 +1,8 @@
+module Sensu
+  module API
+    module Validators
+      # The error class for validation.
+      class Invalid < RuntimeError; end
+    end
+  end
+end

data/lib/sensu/cli.rb

@@ -0,0 +1,69 @@
+require "optparse"
+require "sensu/logger/constants"
+
+module Sensu
+  class CLI
+    # Parse CLI arguments using Ruby stdlib `optparse`. This method
+    # provides Sensu with process options (eg. log file), and can
+    # provide users with information, such as the Sensu version.
+    #
+    # @param arguments [Array] to parse.
+    # @return [Hash] options
+    def self.read(arguments=ARGV)
+      options = {}
+      if File.exist?("/etc/sensu/config.json")
+        options[:config_file] = "/etc/sensu/config.json"
+      end
+      if Dir.exist?("/etc/sensu/conf.d")
+        options[:config_dirs] = ["/etc/sensu/conf.d"]
+      end
+      optparse = OptionParser.new do |opts|
+        opts.on("-h", "--help", "Display this message") do
+          puts opts
+          exit
+        end
+        opts.on("-V", "--version", "Display version") do
+          puts VERSION
+          exit
+        end
+        opts.on("-c", "--config FILE", "Sensu JSON config FILE. Default: /etc/sensu/config.json (if exists)") do |file|
+          options[:config_file] = file
+        end
+        opts.on("-d", "--config_dir DIR[,DIR]", "DIR or comma-delimited DIR list for Sensu JSON config files. Default: /etc/sensu/conf.d (if exists)") do |dir|
+          options[:config_dirs] = dir.split(",")
+        end
+        opts.on("--validate_config", "Validate the compiled configuration and exit") do
+          options[:validate_config] = true
+        end
+        opts.on("-P", "--print_config", "Print the compiled configuration and exit") do
+          options[:print_config] = true
+        end
+        opts.on("-e", "--extension_dir DIR", "DIR for Sensu extensions") do |dir|
+          options[:extension_dir] = dir
+        end
+        opts.on("-l", "--log FILE", "Log to a given FILE. Default: STDOUT") do |file|
+          options[:log_file] = file
+        end
+        opts.on("-L", "--log_level LEVEL", "Log severity LEVEL") do |level|
+          log_level = level.to_s.downcase.to_sym
+          unless Logger::LEVELS.include?(log_level)
+            puts "Unknown log level: #{level}"
+            exit 1
+          end
+          options[:log_level] = log_level
+        end
+        opts.on("-v", "--verbose", "Enable verbose logging") do
+          options[:log_level] = :debug
+        end
+        opts.on("-b", "--background", "Fork into the background") do
+          options[:daemonize] = true
+        end
+        opts.on("-p", "--pid_file FILE", "Write the PID to a given FILE") do |file|
+          options[:pid_file] = file
+        end
+      end
+      optparse.parse!(arguments)
+      options
+    end
+  end
+end

data/lib/sensu/client/http_socket.rb

@@ -0,0 +1,217 @@
+require "base64"
+require "em-http-server"
+require "sensu/json"
+require "sensu/utilities"
+require "sensu/api/utilities/transport_info"
+require "sensu/client/utils"
+
+module Sensu
+  module Client
+    # EventMachine connection handler for the Sensu HTTP client's socket.
+    #
+    # The Sensu client listens on localhost, port 3031 (by default), for
+    # TCP HTTP connections. This allows software running on the host to
+    # push check results (that may contain metrics) into Sensu, without
+    # needing to know anything about Sensu's internal implementation.
+    #
+    # All requests and responses expect a json-encoded body (if a body
+    # is expected at all).
+    #
+    # This socket requires receiving a proper HTTP request to any of
+    # the following endpoints:
+    #
+    # GET /info
+    #  This endpoint returns 200 OK with some basic Sensu info
+    #
+    # POST /results
+    #  This endpoint expects application/json body with a check result
+    #
+    # GET /settings
+    #  This endpoint responds with 200 OK and the Sensu configuration
+    #
+    # GET /brew
+    #  This endpoint gets you some fresh coffee
+    class HTTPSocket < EM::HttpServer::Server
+      include Sensu::API::Utilities::TransportInfo
+      include Utilities
+      include CheckUtils
+
+      attr_accessor :logger, :settings, :transport
+
+      def initialize
+        super
+        @endpoints = {
+          "/info" => {
+            "methods" => {
+              "GET" => method(:process_request_info)
+            },
+            "help" => "Sensu client information"
+          },
+          "/results" => {
+            "methods" => {
+              "POST" => method(:process_request_results)
+            },
+            "help" => "Send check JSON results here"
+          },
+          "/settings" => {
+            "methods" => {
+              "GET" => method(:process_request_settings)
+            },
+            "help" => "Get redacted Sensu settings (requires basic auth). Use ?redacted=false if you want the setting unredacted."
+          },
+          "/brew" => {
+            "methods" => {
+              "GET" => Proc.new { |response|
+                send_response(418, "I'm a teapot", {
+                  :response => "I'm a teapot!"
+                })
+              }
+            },
+            "help" => "Ask Sensu to brew a cup of joe (try it!)"
+          }
+        }
+        @response = nil
+      end
+
+      def authorized?
+        http_options = @settings[:client][:http_socket] || Hash.new
+        if http_options[:user] and http_options[:password]
+          if @http[:authorization]
+            scheme, base64 = @http[:authorization].split("\s")
+            if scheme == "Basic"
+              user, password = Base64.decode64(base64).split(":")
+              return (user == http_options[:user] && password == http_options[:password])
+            end
+          end
+        end
+        false
+      end
+
+      def unauthorized_response
+        @logger.warn("http socket refusing to serve unauthorized request")
+        @response.headers["WWW-Authenticate"] = 'Basic realm="Sensu Client Restricted Area"'
+        send_response(401, "Unauthorized", {
+          :response => "You must be authenticated using your http_options user and password settings"
+        })
+      end
+
+      def send_response(status, status_string, content)
+        @logger.debug("http socket sending response", {
+          :status => status,
+          :status_string => status_string,
+          :content => content
+        })
+        @response.status = status
+        @response.status_string = status_string
+        @response.content = Sensu::JSON::dump(content)
+        @response.send_response
+      end
+
+      def process_request_info
+        if @settings[:client][:http_socket] &&
+           @settings[:client][:http_socket][:protect_all_endpoints]
+          return unauthorized_response unless authorized?
+        end
+        transport_info do |info|
+          send_response(200, "OK", {
+            :sensu => {
+              :version => VERSION
+            },
+            :transport => info
+          })
+        end
+      end
+
+      def process_request_results
+        if @settings[:client][:http_socket] &&
+           @settings[:client][:http_socket][:protect_all_endpoints]
+          return unauthorized_response unless authorized?
+        end
+        if @http[:content_type] and @http[:content_type].include?("application/json") and @http_content
+          begin
+            object = Sensu::JSON::load(@http_content)
+            if object.is_a?(Array)
+              object.each do |check|
+                process_check_result(check)
+              end
+            else
+              process_check_result(object)
+            end
+            send_response(202, "OK", {:response => "ok"})
+          rescue Sensu::JSON::ParseError, ArgumentError
+            send_response(400, "Failed to parse JSON body", {:response => "Failed to parse JSON body"})
+          end
+        else
+          send_response(415, "Only application/json content type accepted", {:response => "Invalid content type"})
+        end
+      end
+
+      def process_request_settings
+        return unauthorized_response unless authorized?
+        @logger.info("http socket responding to request for configuration settings")
+        if @http_query_string and @http_query_string.downcase.include?("redacted=false")
+          send_response(200, "OK", @settings.to_hash)
+        else
+          send_response(200, "OK", redact_sensitive(@settings.to_hash))
+        end
+      end
+
+      def http_request_errback(error)
+        @logger.error("http socket error while processing request", {
+          :error => error.to_s,
+          :backtrace => error.backtrace
+        })
+        @response = EM::DelegatedHttpResponse.new(self)
+        @response.content_type "application/json"
+        send_response(500, "Internal Server Error", {
+          "response" => "Internal Server Error: Check your Sensu logs for error details"
+        })
+      end
+
+      # This method is called to process HTTP requests
+      def process_http_request
+        @logger.debug("http socket processing", {
+          :http_request_method => @http_request_method,
+          :http_request_uri => @http_request_uri
+        })
+        @response = EM::DelegatedHttpResponse.new(self)
+        @response.content_type "application/json"
+        endpoint = @endpoints[@http_request_uri]
+        if endpoint
+          @logger.debug("http socket endpoint found", {
+            :http_request_uri => @http_request_uri,
+            :accepted_methods => endpoint["methods"].keys
+          })
+          method_name = @http_request_method.upcase
+          method_handler = endpoint["methods"][method_name]
+          if method_handler
+            @logger.debug("http socket executing handler", {
+              :method_name => method_name,
+              :http_request_uri => @http_request_uri
+            })
+            method_handler.call
+          else
+            @logger.debug("http socket method is not allowed for endpoint", {
+              :method_name => method_name,
+              :http_request_uri => @http_request_uri
+            })
+            send_response(405, "Method Not Allowed", {
+              :response => "Valid methods for this endpoint: #{endpoint['methods'].keys}"
+            })
+          end
+        else
+          @logger.warn("http socket unknown endpoint requested", :http_request_uri => @http_request_uri)
+          help_response = {
+            :endpoints => {}
+          }
+          @endpoints.each do |key, value|
+            help_response[:endpoints][key] ||= Hash.new
+            help_response[:endpoints][key]["help"] = value["help"]
+            help_response[:endpoints][key]["methods"] = value["methods"].keys
+          end
+          send_response(404, "Not Found", help_response)
+        end
+      end
+    end
+  end
+end