sensu-plugins-consul 2.1.1 → 2.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +6 -1
  3. data/bin/check-consul-failures.rb +14 -2
  4. data/bin/check-consul-kv-ttl.rb +13 -3
  5. data/bin/check-consul-leader.rb +6 -1
  6. data/bin/check-consul-maintenance.rb +17 -1
  7. data/bin/check-consul-members.rb +6 -1
  8. data/bin/check-consul-servers.rb +6 -1
  9. data/bin/check-consul-service-health.rb +10 -0
  10. data/bin/check-service-consul.rb +22 -0
  11. data/lib/sensu-plugins-consul/check/base.rb +11 -2
  12. data/lib/sensu-plugins-consul/version.rb +2 -2
  13. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d9abedafc80a6a95bf6308a962080fa105058b28a3837feccf845457f4d6d115
4
- data.tar.gz: ca315bf2270588c875288ed24d8c036608919785a406a93b9a71609da92cd921
3
+ metadata.gz: bd87ab15cda8e6d0cf6bb707400ea7ea3c06de15e3a61ef30879bbbb8339dd17
4
+ data.tar.gz: 29912ea95c1f1a217c67db3ccacadf53a398cdddedaa75bd8c9211b8350a7b82
5
5
  SHA512:
6
- metadata.gz: d0f7784298275404d97983841c9eec49d18c148742d13d19a4532fa59d70d9046373a33930d95249ed6173ec809ced0ddb52d3b63580e5968793389de8eb0931
7
- data.tar.gz: 62774bc2bb5bd8842f0becc96630425b52fd7e3fc0618e01abdc19940bd9162ceae4fdbec193e79877af33d11427be4cf4a51ad92f60d50bfe054e25ffd0321e
6
+ metadata.gz: aa4e77c4eee82eb047d4bc09c0c307111cc0bba12664bdcc1b022e914436c3ce38b970c2f34a3013a85d197eda02aa6ddfc93c18d0dcd26e5151df32efcff607
7
+ data.tar.gz: 5bccd93afe1a40063d4bdcc37ed390927bcc5c5a7740b21181fc82bf7e315f41bb453e6beba2fd34db1f08b2503fee89b3e3f2b0a5e767c91bf7a5c8e2c069db
data/CHANGELOG.md CHANGED
@@ -5,6 +5,10 @@ This CHANGELOG follows the format listed [here](https://github.com/sensu-plugins
5
5
 
6
6
  ## [Unreleased]
7
7
 
8
+ ## [2.2.0] - 2018-06-11
9
+ ### Added
10
+ - add ACL support to all consul checks except `check-consul-quorum.rb` (@scalp42)
11
+
8
12
  ## [2.1.1] - 2018-05-31
9
13
  ### Fixed
10
14
  - `check-consul-leader.rb`: Timeout option must be an integer (@scalp42)
@@ -128,7 +132,8 @@ This CHANGELOG follows the format listed [here](https://github.com/sensu-plugins
128
132
  ### Added
129
133
  - initial release
130
134
 
131
- [Unreleased]: https://github.com/sensu-plugins/sensu-plugins-consul/compare/2.1.1...HEAD
135
+ [Unreleased]: https://github.com/sensu-plugins/sensu-plugins-consul/compare/2.2.0...HEAD
136
+ [2.2.0]: https://github.com/sensu-plugins/sensu-plugins-consul/compare/2.1.1...2.2.0
132
137
  [2.1.1]: https://github.com/sensu-plugins/sensu-plugins-consul/compare/2.1.0...2.1.1
133
138
  [2.1.0]: https://github.com/sensu-plugins/sensu-plugins-consul/compare/2.0.1...2.1.0
134
139
  [2.0.1]: https://github.com/sensu-plugins/sensu-plugins-consul/compare/2.0.0...2.0.1
data/bin/check-consul-failures.rb CHANGED
@@ -59,8 +59,16 @@ class ConsulStatus < Sensu::Plugin::Check::CLI
59
59
  boolean: true,
60
60
  default: false
61
61
 
62
+ option :token,
63
+ description: 'ACL token',
64
+ long: '--token ACL_TOKEN'
65
+
62
66
  def run
63
- r = RestClient::Resource.new("#{config[:scheme]}://#{config[:server]}:#{config[:port]}/v1/agent/members", timeout: 5).get
67
+ r = RestClient::Resource.new(
68
+ "#{config[:scheme]}://#{config[:server]}:#{config[:port]}/v1/agent/members",
69
+ timeout: 5,
70
+ headers: { 'X-Consul-Token' => config[:token] }
71
+ ).get
64
72
  if r.code == 200
65
73
  failing_nodes = JSON.parse(r).find_all { |node| node['Status'] == 4 }
66
74
  if !failing_nodes.nil? && !failing_nodes.empty?
@@ -69,7 +77,11 @@ class ConsulStatus < Sensu::Plugin::Check::CLI
69
77
  nodes_names.push(node['Name'])
70
78
  next if config[:keep_failures]
71
79
  puts "Removing failed node: #{node['Name']}"
72
- RestClient::Resource.new("#{config[:scheme]}://#{config[:server]}:#{config[:port]}/v1/agent/force-leave/#{node['Name']}", timeout: 5).get
80
+ RestClient::Resource.new(
81
+ "#{config[:scheme]}://#{config[:server]}:#{config[:port]}/v1/agent/force-leave/#{node['Name']}",
82
+ timeout: 5,
83
+ headers: { 'X-Consul-Token' => config[:token] }
84
+ ).get
73
85
  nodes_names.delete(node['Name'])
74
86
  end
75
87
  ok 'All clear' if nodes_names.empty?
data/bin/check-consul-kv-ttl.rb CHANGED
@@ -60,7 +60,6 @@ class CheckConsulKvTTL < Sensu::Plugin::Check::CLI
60
60
  description: 'kv namespace to pull data from',
61
61
  short: '-k NAMESPACE',
62
62
  long: '--kv NAMESPACE',
63
- default: nil,
64
63
  required: true
65
64
 
66
65
  option :json,
@@ -95,17 +94,28 @@ class CheckConsulKvTTL < Sensu::Plugin::Check::CLI
95
94
  proc: proc { |a| a.to_i },
96
95
  default: 60
97
96
 
97
+ option :token,
98
+ description: 'ACL token',
99
+ long: '--token ACL_TOKEN'
100
+
98
101
  # Do work
99
102
  def run
100
103
  Diplomat.configure do |dip|
101
104
  dip.url = config[:consul]
105
+ dip.acl_token = config[:token]
102
106
  end
103
107
 
104
108
  begin
105
109
  # Retrieve the kv
106
110
  data = Diplomat::Kv.get(config[:kv])
107
- rescue Faraday::ResourceNotFound
108
- critical "Key/Value(#{config[:kv]}) pair does not exist in Consul."
111
+ rescue Faraday::ResourceNotFound, Diplomat::KeyNotFound
112
+ critical %(Key/value pair "#{config[:kv]}" does not exist in Consul.)
113
+ rescue Diplomat::UnknownStatus => e
114
+ if e.message.include?('403')
115
+ critical %(ACL token is not authorized to access "#{config[:kv]}")
116
+ else
117
+ critical "Unhandled exception(#{e.class}) -- #{e.message}"
118
+ end
109
119
  rescue Exception => e # rubocop:disable Lint/RescueException
110
120
  critical "Unhandled exception(#{e.class}) -- #{e.message}"
111
121
  end
data/bin/check-consul-leader.rb CHANGED
@@ -74,6 +74,10 @@ class ConsulStatus < Sensu::Plugin::Check::CLI
74
74
  proc: proc { |t| t.to_i },
75
75
  default: 5
76
76
 
77
+ option :token,
78
+ description: 'ACL token',
79
+ long: '--token ACL_TOKEN'
80
+
77
81
  def valid_ip(ip)
78
82
  case ip.to_s
79
83
  when Resolv::IPv4::Regex
@@ -100,7 +104,8 @@ class ConsulStatus < Sensu::Plugin::Check::CLI
100
104
  def run
101
105
  options = { timeout: config[:timeout],
102
106
  verify_ssl: (OpenSSL::SSL::VERIFY_NONE if defined? config[:insecure]),
103
- ssl_ca_file: (config[:capath] if defined? config[:capath]) }
107
+ ssl_ca_file: (config[:capath] if defined? config[:capath]),
108
+ headers: { 'X-Consul-Token' => config[:token] } }
104
109
  url = "#{config[:scheme]}://#{config[:server]}:#{config[:port]}/v1/status/leader"
105
110
 
106
111
  r = RestClient::Resource.new(url, options).get
data/bin/check-consul-maintenance.rb CHANGED
@@ -47,6 +47,10 @@ class MaintenanceStatus < Sensu::Plugin::Check::CLI
47
47
  long: '--node NODE',
48
48
  default: 'localhost'
49
49
 
50
+ option :token,
51
+ description: 'ACL token',
52
+ long: '--token ACL_TOKEN'
53
+
50
54
  # Get the maintenance data for the node from consul
51
55
  #
52
56
  def acquire_maintenance_data
@@ -60,8 +64,14 @@ class MaintenanceStatus < Sensu::Plugin::Check::CLI
60
64
  end
61
65
  rescue Faraday::ConnectionFailed => e
62
66
  warning "Connection error occurred: #{e}"
67
+ rescue Faraday::ClientError => e
68
+ if e.response[:status] == 403
69
+ critical %(ACL token is not authorized to access resource: #{e.response[:body]})
70
+ else
71
+ unknown "Exception occurred when checking consul service: #{e}"
72
+ end
63
73
  rescue StandardError => e
64
- unknown "Exception occurred when checking consul node maintenace: #{e}"
74
+ unknown "Exception occurred when checking consul node maintenance: #{e}"
65
75
  end
66
76
 
67
77
  # Main function
@@ -69,6 +79,12 @@ class MaintenanceStatus < Sensu::Plugin::Check::CLI
69
79
  def run
70
80
  Diplomat.configure do |dc|
71
81
  dc.url = config[:consul]
82
+ dc.acl_token = config[:token]
83
+ dc.options = {
84
+ headers: {
85
+ 'X-Consul-Token' => config[:token]
86
+ }
87
+ }
72
88
  end
73
89
 
74
90
  data = acquire_maintenance_data
data/bin/check-consul-members.rb CHANGED
@@ -94,11 +94,16 @@ class ConsulStatus < Sensu::Plugin::Check::CLI
94
94
  long: '--timeout TIMEOUT_IN_SECONDS',
95
95
  default: 5
96
96
 
97
+ option :token,
98
+ description: 'ACL token',
99
+ long: '--token ACL_TOKEN'
100
+
97
101
  def run
98
102
  url = "#{config[:scheme]}://#{config[:server]}:#{config[:port]}/v1/agent/members"
99
103
  options = { timeout: config[:timeout],
100
104
  verify_ssl: (OpenSSL::SSL::VERIFY_NONE if defined? config[:insecure]),
101
- ssl_ca_file: (config[:capath] if defined? config[:capath]) }
105
+ ssl_ca_file: (config[:capath] if defined? config[:capath]),
106
+ headers: { 'X-Consul-Token' => config[:token] } }
102
107
 
103
108
  if config[:wan]
104
109
  url += '?wan=1'
data/bin/check-consul-servers.rb CHANGED
@@ -88,11 +88,16 @@ class ConsulStatus < Sensu::Plugin::Check::CLI
88
88
  proc: proc(&:to_i),
89
89
  default: 5
90
90
 
91
+ option :token,
92
+ description: 'ACL token',
93
+ long: '--token ACL_TOKEN'
94
+
91
95
  def run
92
96
  url = "#{config[:scheme]}://#{config[:server]}:#{config[:port]}/v1/status/peers"
93
97
  options = { timeout: config[:timeout],
94
98
  verify_ssl: (OpenSSL::SSL::VERIFY_NONE if defined? config[:insecure]),
95
- ssl_ca_file: (config[:capath] if defined? config[:capath]) }
99
+ ssl_ca_file: (config[:capath] if defined? config[:capath]),
100
+ headers: { 'X-Consul-Token' => config[:token] } }
96
101
 
97
102
  json = RestClient::Resource.new(url, options).get
98
103
  peers = JSON.parse(json).length.to_i
data/bin/check-consul-service-health.rb CHANGED
@@ -70,6 +70,10 @@ class CheckConsulServiceHealth < Sensu::Plugin::Check::CLI
70
70
  short: '-f',
71
71
  long: '--fail-if-not-found'
72
72
 
73
+ option :token,
74
+ description: 'ACL token',
75
+ long: '--token ACL_TOKEN'
76
+
73
77
  # Get the service checks for the given service
74
78
  def acquire_service_data
75
79
  if config[:tags] && config[:service]
@@ -109,6 +113,12 @@ class CheckConsulServiceHealth < Sensu::Plugin::Check::CLI
109
113
 
110
114
  Diplomat.configure do |dc|
111
115
  dc.url = config[:consul]
116
+ dc.acl_token = config[:token]
117
+ dc.options = {
118
+ headers: {
119
+ 'X-Consul-Token' => config[:token]
120
+ }
121
+ }
112
122
  end
113
123
 
114
124
  found = false
data/bin/check-service-consul.rb CHANGED
@@ -63,6 +63,10 @@ class ServiceStatus < Sensu::Plugin::Check::CLI
63
63
  short: '-f',
64
64
  long: '--fail-if-not-found'
65
65
 
66
+ option :token,
67
+ description: 'ACL token',
68
+ long: '--token ACL_TOKEN'
69
+
66
70
  # Get the check data for the service from consul
67
71
  #
68
72
  def acquire_service_data
@@ -82,6 +86,18 @@ class ServiceStatus < Sensu::Plugin::Check::CLI
82
86
  end
83
87
  rescue Faraday::ConnectionFailed => e
84
88
  warning "Connection error occurred: #{e}"
89
+ rescue Diplomat::UnknownStatus => e
90
+ if e.message.include?('403')
91
+ critical %(ACL token is not authorized to access service "#{config[:service]}")
92
+ else
93
+ critical "Unhandled exception(#{e.class}) -- #{e.message}"
94
+ end
95
+ rescue Faraday::ClientError => e
96
+ if e.response[:status] == 403
97
+ critical %(ACL token is not authorized to access service "#{config[:service]}": #{e.response[:body]})
98
+ else
99
+ unknown "Exception occurred when checking consul service: #{e}"
100
+ end
85
101
  rescue StandardError => e
86
102
  unknown "Exception occurred when checking consul service: #{e}"
87
103
  end
@@ -95,6 +111,12 @@ class ServiceStatus < Sensu::Plugin::Check::CLI
95
111
 
96
112
  Diplomat.configure do |dc|
97
113
  dc.url = config[:consul]
114
+ dc.acl_token = config[:token]
115
+ dc.options = {
116
+ headers: {
117
+ 'X-Consul-Token' => config[:token]
118
+ }
119
+ }
98
120
  end
99
121
 
100
122
  data = acquire_service_data
data/lib/sensu-plugins-consul/check/base.rb CHANGED
@@ -80,6 +80,10 @@ module SensuPluginsConsul
80
80
  proc: proc(&:to_i),
81
81
  default: 5
82
82
 
83
+ option :token,
84
+ description: 'ACL token',
85
+ long: '--token ACL_TOKEN'
86
+
83
87
  #
84
88
  # Fetch and return the parsed JSON data from a specified Consul API endpoint.
85
89
  #
@@ -88,7 +92,8 @@ module SensuPluginsConsul
88
92
  "v1/#{endpoint}"
89
93
  options = { timeout: config[:timeout],
90
94
  verify_ssl: !config[:insecure],
91
- ssl_ca_file: config[:capath] }
95
+ ssl_ca_file: config[:capath],
96
+ headers: { 'X-Consul-Token' => config[:token] } }
92
97
 
93
98
  JSON.parse(RestClient::Resource.new(url, options).get)
94
99
  rescue Errno::ECONNREFUSED
@@ -96,7 +101,11 @@ module SensuPluginsConsul
96
101
  rescue RestClient::RequestTimeout
97
102
  critical 'Consul connection timed out'
98
103
  rescue RestClient::Exception => e
99
- unknown "Consul returned: #{e}"
104
+ if e.message.include?('403')
105
+ critical 'ACL token is not authorized to access resource'
106
+ else
107
+ unknown "Consul returned: #{e}"
108
+ end
100
109
  end
101
110
  end
102
111
  end
data/lib/sensu-plugins-consul/version.rb CHANGED
@@ -3,8 +3,8 @@
3
3
  module SensuPluginsConsul
4
4
  module Version
5
5
  MAJOR = 2
6
- MINOR = 1
7
- PATCH = 1
6
+ MINOR = 2
7
+ PATCH = 0
8
8
 
9
9
  VER_STRING = [MAJOR, MINOR, PATCH].compact.join('.')
10
10
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sensu-plugins-consul
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.1
4
+ version: 2.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sensu Plugins and contributors
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-06-01 00:00:00.000000000 Z
11
+ date: 2018-06-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: sensu-plugin