sensu-plugins-consul 2.1.1 → 2.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (13) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +6 -1
  3. data/bin/check-consul-failures.rb +14 -2
  4. data/bin/check-consul-kv-ttl.rb +13 -3
  5. data/bin/check-consul-leader.rb +6 -1
  6. data/bin/check-consul-maintenance.rb +17 -1
  7. data/bin/check-consul-members.rb +6 -1
  8. data/bin/check-consul-servers.rb +6 -1
  9. data/bin/check-consul-service-health.rb +10 -0
  10. data/bin/check-service-consul.rb +22 -0
  11. data/lib/sensu-plugins-consul/check/base.rb +11 -2
  12. data/lib/sensu-plugins-consul/version.rb +2 -2
  13. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d9abedafc80a6a95bf6308a962080fa105058b28a3837feccf845457f4d6d115
4
- data.tar.gz: ca315bf2270588c875288ed24d8c036608919785a406a93b9a71609da92cd921
3
+ metadata.gz: bd87ab15cda8e6d0cf6bb707400ea7ea3c06de15e3a61ef30879bbbb8339dd17
4
+ data.tar.gz: 29912ea95c1f1a217c67db3ccacadf53a398cdddedaa75bd8c9211b8350a7b82
5
5
  SHA512:
6
- metadata.gz: d0f7784298275404d97983841c9eec49d18c148742d13d19a4532fa59d70d9046373a33930d95249ed6173ec809ced0ddb52d3b63580e5968793389de8eb0931
7
- data.tar.gz: 62774bc2bb5bd8842f0becc96630425b52fd7e3fc0618e01abdc19940bd9162ceae4fdbec193e79877af33d11427be4cf4a51ad92f60d50bfe054e25ffd0321e
6
+ metadata.gz: aa4e77c4eee82eb047d4bc09c0c307111cc0bba12664bdcc1b022e914436c3ce38b970c2f34a3013a85d197eda02aa6ddfc93c18d0dcd26e5151df32efcff607
7
+ data.tar.gz: 5bccd93afe1a40063d4bdcc37ed390927bcc5c5a7740b21181fc82bf7e315f41bb453e6beba2fd34db1f08b2503fee89b3e3f2b0a5e767c91bf7a5c8e2c069db
data/CHANGELOG.md CHANGED
@@ -5,6 +5,10 @@ This CHANGELOG follows the format listed [here](https://github.com/sensu-plugins
5
5
 
6
6
  ## [Unreleased]
7
7
 
8
+ ## [2.2.0] - 2018-06-11
9
+ ### Added
10
+ - add ACL support to all consul checks except `check-consul-quorum.rb` (@scalp42)
11
+
8
12
  ## [2.1.1] - 2018-05-31
9
13
  ### Fixed
10
14
  - `check-consul-leader.rb`: Timeout option must be an integer (@scalp42)
@@ -128,7 +132,8 @@ This CHANGELOG follows the format listed [here](https://github.com/sensu-plugins
128
132
  ### Added
129
133
  - initial release
130
134
 
131
- [Unreleased]: https://github.com/sensu-plugins/sensu-plugins-consul/compare/2.1.1...HEAD
135
+ [Unreleased]: https://github.com/sensu-plugins/sensu-plugins-consul/compare/2.2.0...HEAD
136
+ [2.2.0]: https://github.com/sensu-plugins/sensu-plugins-consul/compare/2.1.1...2.2.0
132
137
  [2.1.1]: https://github.com/sensu-plugins/sensu-plugins-consul/compare/2.1.0...2.1.1
133
138
  [2.1.0]: https://github.com/sensu-plugins/sensu-plugins-consul/compare/2.0.1...2.1.0
134
139
  [2.0.1]: https://github.com/sensu-plugins/sensu-plugins-consul/compare/2.0.0...2.0.1
data/bin/check-consul-failures.rb CHANGED
@@ -59,8 +59,16 @@ class ConsulStatus < Sensu::Plugin::Check::CLI
59
59
  boolean: true,
60
60
  default: false
61
61
 
62
+ option :token,
63
+ description: 'ACL token',
64
+ long: '--token ACL_TOKEN'
65
+
62
66
  def run
63
- r = RestClient::Resource.new("#{config[:scheme]}://#{config[:server]}:#{config[:port]}/v1/agent/members", timeout: 5).get
67
+ r = RestClient::Resource.new(
68
+ "#{config[:scheme]}://#{config[:server]}:#{config[:port]}/v1/agent/members",
69
+ timeout: 5,
70
+ headers: { 'X-Consul-Token' => config[:token] }
71
+ ).get
64
72
  if r.code == 200
65
73
  failing_nodes = JSON.parse(r).find_all { |node| node['Status'] == 4 }
66
74
  if !failing_nodes.nil? && !failing_nodes.empty?
@@ -69,7 +77,11 @@ class ConsulStatus < Sensu::Plugin::Check::CLI
69
77
  nodes_names.push(node['Name'])
70
78
  next if config[:keep_failures]
71
79
  puts "Removing failed node: #{node['Name']}"
72
- RestClient::Resource.new("#{config[:scheme]}://#{config[:server]}:#{config[:port]}/v1/agent/force-leave/#{node['Name']}", timeout: 5).get
80
+ RestClient::Resource.new(
81
+ "#{config[:scheme]}://#{config[:server]}:#{config[:port]}/v1/agent/force-leave/#{node['Name']}",
82
+ timeout: 5,
83
+ headers: { 'X-Consul-Token' => config[:token] }
84
+ ).get
73
85
  nodes_names.delete(node['Name'])
74
86
  end
75
87
  ok 'All clear' if nodes_names.empty?
data/bin/check-consul-kv-ttl.rb CHANGED
@@ -60,7 +60,6 @@ class CheckConsulKvTTL < Sensu::Plugin::Check::CLI
60
60
  description: 'kv namespace to pull data from',
61
61
  short: '-k NAMESPACE',
62
62
  long: '--kv NAMESPACE',
63
- default: nil,
64
63
  required: true
65
64
 
66
65
  option :json,
@@ -95,17 +94,28 @@ class CheckConsulKvTTL < Sensu::Plugin::Check::CLI
95
94
  proc: proc { |a| a.to_i },
96
95
  default: 60
97
96
 
97
+ option :token,
98
+ description: 'ACL token',
99
+ long: '--token ACL_TOKEN'
100
+
98
101
  # Do work
99
102
  def run
100
103
  Diplomat.configure do |dip|
101
104
  dip.url = config[:consul]
105
+ dip.acl_token = config[:token]
102
106
  end
103
107
 
104
108
  begin
105
109
  # Retrieve the kv
106
110
  data = Diplomat::Kv.get(config[:kv])
107
- rescue Faraday::ResourceNotFound
108
- critical "Key/Value(#{config[:kv]}) pair does not exist in Consul."
111
+ rescue Faraday::ResourceNotFound, Diplomat::KeyNotFound
112
+ critical %(Key/value pair "#{config[:kv]}" does not exist in Consul.)
113
+ rescue Diplomat::UnknownStatus => e
114
+ if e.message.include?('403')
115
+ critical %(ACL token is not authorized to access "#{config[:kv]}")
116
+ else
117
+ critical "Unhandled exception(#{e.class}) -- #{e.message}"
118
+ end
109
119
  rescue Exception => e # rubocop:disable Lint/RescueException
110
120
  critical "Unhandled exception(#{e.class}) -- #{e.message}"
111
121
  end
data/bin/check-consul-leader.rb CHANGED
@@ -74,6 +74,10 @@ class ConsulStatus < Sensu::Plugin::Check::CLI
74
74
  proc: proc { |t| t.to_i },
75
75
  default: 5
76
76
 
77
+ option :token,
78
+ description: 'ACL token',
79
+ long: '--token ACL_TOKEN'
80
+
77
81
  def valid_ip(ip)
78
82
  case ip.to_s
79
83
  when Resolv::IPv4::Regex
@@ -100,7 +104,8 @@ class ConsulStatus < Sensu::Plugin::Check::CLI
100
104
  def run
101
105
  options = { timeout: config[:timeout],
102
106
  verify_ssl: (OpenSSL::SSL::VERIFY_NONE if defined? config[:insecure]),
103
- ssl_ca_file: (config[:capath] if defined? config[:capath]) }
107
+ ssl_ca_file: (config[:capath] if defined? config[:capath]),
108
+ headers: { 'X-Consul-Token' => config[:token] } }
104
109
  url = "#{config[:scheme]}://#{config[:server]}:#{config[:port]}/v1/status/leader"
105
110
 
106
111
  r = RestClient::Resource.new(url, options).get
data/bin/check-consul-maintenance.rb CHANGED
@@ -47,6 +47,10 @@ class MaintenanceStatus < Sensu::Plugin::Check::CLI
47
47
  long: '--node NODE',
48
48
  default: 'localhost'
49
49
 
50
+ option :token,
51
+ description: 'ACL token',
52
+ long: '--token ACL_TOKEN'
53
+
50
54
  # Get the maintenance data for the node from consul
51
55
  #
52
56
  def acquire_maintenance_data
@@ -60,8 +64,14 @@ class MaintenanceStatus < Sensu::Plugin::Check::CLI
60
64
  end
61
65
  rescue Faraday::ConnectionFailed => e
62
66
  warning "Connection error occurred: #{e}"
67
+ rescue Faraday::ClientError => e
68
+ if e.response[:status] == 403
69
+ critical %(ACL token is not authorized to access resource: #{e.response[:body]})
70
+ else
71
+ unknown "Exception occurred when checking consul service: #{e}"
72
+ end
63
73
  rescue StandardError => e
64
- unknown "Exception occurred when checking consul node maintenace: #{e}"
74
+ unknown "Exception occurred when checking consul node maintenance: #{e}"
65
75
  end
66
76
 
67
77
  # Main function
@@ -69,6 +79,12 @@ class MaintenanceStatus < Sensu::Plugin::Check::CLI
69
79
  def run
70
80
  Diplomat.configure do |dc|
71
81
  dc.url = config[:consul]
82
+ dc.acl_token = config[:token]
83
+ dc.options = {
84
+ headers: {
85
+ 'X-Consul-Token' => config[:token]
86
+ }
87
+ }
72
88
  end
73
89
 
74
90
  data = acquire_maintenance_data
data/bin/check-consul-members.rb CHANGED
@@ -94,11 +94,16 @@ class ConsulStatus < Sensu::Plugin::Check::CLI
94
94
  long: '--timeout TIMEOUT_IN_SECONDS',
95
95
  default: 5
96
96
 
97
+ option :token,
98
+ description: 'ACL token',
99
+ long: '--token ACL_TOKEN'
100
+
97
101
  def run
98
102
  url = "#{config[:scheme]}://#{config[:server]}:#{config[:port]}/v1/agent/members"
99
103
  options = { timeout: config[:timeout],
100
104
  verify_ssl: (OpenSSL::SSL::VERIFY_NONE if defined? config[:insecure]),
101
- ssl_ca_file: (config[:capath] if defined? config[:capath]) }
105
+ ssl_ca_file: (config[:capath] if defined? config[:capath]),
106
+ headers: { 'X-Consul-Token' => config[:token] } }
102
107
 
103
108
  if config[:wan]
104
109
  url += '?wan=1'
data/bin/check-consul-servers.rb CHANGED
@@ -88,11 +88,16 @@ class ConsulStatus < Sensu::Plugin::Check::CLI
88
88
  proc: proc(&:to_i),
89
89
  default: 5
90
90
 
91
+ option :token,
92
+ description: 'ACL token',
93
+ long: '--token ACL_TOKEN'
94
+
91
95
  def run
92
96
  url = "#{config[:scheme]}://#{config[:server]}:#{config[:port]}/v1/status/peers"
93
97
  options = { timeout: config[:timeout],
94
98
  verify_ssl: (OpenSSL::SSL::VERIFY_NONE if defined? config[:insecure]),
95
- ssl_ca_file: (config[:capath] if defined? config[:capath]) }
99
+ ssl_ca_file: (config[:capath] if defined? config[:capath]),
100
+ headers: { 'X-Consul-Token' => config[:token] } }
96
101
 
97
102
  json = RestClient::Resource.new(url, options).get
98
103
  peers = JSON.parse(json).length.to_i
data/bin/check-consul-service-health.rb CHANGED
@@ -70,6 +70,10 @@ class CheckConsulServiceHealth < Sensu::Plugin::Check::CLI
70
70
  short: '-f',
71
71
  long: '--fail-if-not-found'
72
72
 
73
+ option :token,
74
+ description: 'ACL token',
75
+ long: '--token ACL_TOKEN'
76
+
73
77
  # Get the service checks for the given service
74
78
  def acquire_service_data
75
79
  if config[:tags] && config[:service]
@@ -109,6 +113,12 @@ class CheckConsulServiceHealth < Sensu::Plugin::Check::CLI
109
113
 
110
114
  Diplomat.configure do |dc|
111
115
  dc.url = config[:consul]
116
+ dc.acl_token = config[:token]
117
+ dc.options = {
118
+ headers: {
119
+ 'X-Consul-Token' => config[:token]
120
+ }
121
+ }
112
122
  end
113
123
 
114
124
  found = false
data/bin/check-service-consul.rb CHANGED
@@ -63,6 +63,10 @@ class ServiceStatus < Sensu::Plugin::Check::CLI
63
63
  short: '-f',
64
64
  long: '--fail-if-not-found'
65
65
 
66
+ option :token,
67
+ description: 'ACL token',
68
+ long: '--token ACL_TOKEN'
69
+
66
70
  # Get the check data for the service from consul
67
71
  #
68
72
  def acquire_service_data
@@ -82,6 +86,18 @@ class ServiceStatus < Sensu::Plugin::Check::CLI
82
86
  end
83
87
  rescue Faraday::ConnectionFailed => e
84
88
  warning "Connection error occurred: #{e}"
89
+ rescue Diplomat::UnknownStatus => e
90
+ if e.message.include?('403')
91
+ critical %(ACL token is not authorized to access service "#{config[:service]}")
92
+ else
93
+ critical "Unhandled exception(#{e.class}) -- #{e.message}"
94
+ end
95
+ rescue Faraday::ClientError => e
96
+ if e.response[:status] == 403
97
+ critical %(ACL token is not authorized to access service "#{config[:service]}": #{e.response[:body]})
98
+ else
99
+ unknown "Exception occurred when checking consul service: #{e}"
100
+ end
85
101
  rescue StandardError => e
86
102
  unknown "Exception occurred when checking consul service: #{e}"
87
103
  end
@@ -95,6 +111,12 @@ class ServiceStatus < Sensu::Plugin::Check::CLI
95
111
 
96
112
  Diplomat.configure do |dc|
97
113
  dc.url = config[:consul]
114
+ dc.acl_token = config[:token]
115
+ dc.options = {
116
+ headers: {
117
+ 'X-Consul-Token' => config[:token]
118
+ }
119
+ }
98
120
  end
99
121
 
100
122
  data = acquire_service_data
data/lib/sensu-plugins-consul/check/base.rb CHANGED
@@ -80,6 +80,10 @@ module SensuPluginsConsul
80
80
  proc: proc(&:to_i),
81
81
  default: 5
82
82
 
83
+ option :token,
84
+ description: 'ACL token',
85
+ long: '--token ACL_TOKEN'
86
+
83
87
  #
84
88
  # Fetch and return the parsed JSON data from a specified Consul API endpoint.
85
89
  #
@@ -88,7 +92,8 @@ module SensuPluginsConsul
88
92
  "v1/#{endpoint}"
89
93
  options = { timeout: config[:timeout],
90
94
  verify_ssl: !config[:insecure],
91
- ssl_ca_file: config[:capath] }
95
+ ssl_ca_file: config[:capath],
96
+ headers: { 'X-Consul-Token' => config[:token] } }
92
97
 
93
98
  JSON.parse(RestClient::Resource.new(url, options).get)
94
99
  rescue Errno::ECONNREFUSED
@@ -96,7 +101,11 @@ module SensuPluginsConsul
96
101
  rescue RestClient::RequestTimeout
97
102
  critical 'Consul connection timed out'
98
103
  rescue RestClient::Exception => e
99
- unknown "Consul returned: #{e}"
104
+ if e.message.include?('403')
105
+ critical 'ACL token is not authorized to access resource'
106
+ else
107
+ unknown "Consul returned: #{e}"
108
+ end
100
109
  end
101
110
  end
102
111
  end
data/lib/sensu-plugins-consul/version.rb CHANGED
@@ -3,8 +3,8 @@
3
3
  module SensuPluginsConsul
4
4
  module Version
5
5
  MAJOR = 2
6
- MINOR = 1
7
- PATCH = 1
6
+ MINOR = 2
7
+ PATCH = 0
8
8
 
9
9
  VER_STRING = [MAJOR, MINOR, PATCH].compact.join('.')
10
10
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sensu-plugins-consul
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.1
4
+ version: 2.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sensu Plugins and contributors
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-06-01 00:00:00.000000000 Z
11
+ date: 2018-06-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: sensu-plugin