sensu 0.9.13 → 0.10.0

data/CHANGELOG.md

@@ -1,3 +1,26 @@
+## 0.10.0 - 2013-06-27
+
+### Non-backwards compatible changes
+
+Client & check names must not contain spaces or special characters.
+The valid characters are: a-z, A-Z, 0-9, "_", ".", and "-".
+
+"command_executed" was removed from check results, as it may contain
+sensitive information, such as credentials.
+
+### Feature
+
+Passwords in client data (keepalives) and log events are replaced with
+"REDACTED", reducing the possibility of exposure. The following
+attributes will have their values replaced: "password", "passwd", and
+"pass".
+
+### Other
+
+Fixed nil check status when check does not exit.
+
+Fixed the built-in debug handler output encoding (JSON).
+
 ## 0.9.13 - 2013-05-20
 
 ### Features

data/README.md

@@ -5,7 +5,7 @@ A monitoring framework that aims to be simple, malleable, and scalable.
 [![Build Status](https://secure.travis-ci.org/sensu/sensu.png)](https://travis-ci.org/sensu/sensu)
 
 ## Documentation
-  Please refer to the [Sensu Wiki](https://github.com/sensu/sensu/wiki).
+  Please refer to the [Sensu Docs](http://docs.sensuapp.org/).
 
 ## License
   Sensu is released under the [MIT license](https://raw.github.com/sensu/sensu/master/MIT-LICENSE.txt).

data/lib/sensu/client.rb

@@ -47,7 +47,8 @@ module Sensu
     end
 
     def publish_keepalive
-      payload = @settings[:client].merge(:timestamp => Time.now.to_i)
+      keepalive = @settings[:client].merge(:timestamp => Time.now.to_i)
+      payload = redact_passwords(keepalive)
       @logger.debug('publishing keepalive', {
         :payload => payload
       })
@@ -103,7 +104,6 @@ module Sensu
         command, unmatched_tokens = substitute_command_tokens(check)
         check[:executed] = Time.now.to_i
         if unmatched_tokens.empty?
-          check[:command_executed] = command
           execute = Proc.new do
             @logger.debug('executing check command', {
               :check => check
@@ -189,18 +189,11 @@ module Sensu
           queue.bind(@amq.fanout(exchange_name))
         end
         queue.subscribe do |payload|
-          begin
-            check = Oj.load(payload)
-            @logger.info('received check request', {
-              :check => check
-            })
-            process_check(check)
-          rescue Oj::ParseError => error
-            @logger.warn('check request payload must be valid json', {
-              :payload => payload,
-              :error => error.to_s
-            })
-          end
+          check = Oj.load(payload)
+          @logger.info('received check request', {
+            :check => check
+          })
+          process_check(check)
         end
       end
     end

data/lib/sensu/constants.rb

@@ -1,6 +1,6 @@
 module Sensu
   unless defined?(Sensu::VERSION)
-    VERSION = '0.9.13'
+    VERSION = '0.10.0'
 
     LOG_LEVELS = [:debug, :info, :warn, :error, :fatal]
 

data/lib/sensu/extensions/handlers/debug.rb

@@ -10,7 +10,7 @@ module Sensu
       end
 
       def run(event, settings, &block)
-        block.call(Oj.dump(event), 0)
+        block.call(event, 0)
       end
     end
   end

data/lib/sensu/io.rb

@@ -68,7 +68,7 @@ module Sensu
         if wait_on_group
           wait_on_process_group(process.pid)
         end
-        [output, status.exitstatus]
+        [output, status.exited? ? status.exitstatus : 2]
       end
     end
   end

data/lib/sensu/server.rb

@@ -282,6 +282,7 @@ module Sensu
             :mutator => mutator,
             :error => error.to_s
           })
+          @handlers_in_progress_count -= 1
         end
         execute_command(mutator[:command], Oj.dump(event), on_error) do |output, status|
           if status == 0
@@ -298,15 +299,17 @@ module Sensu
           else
             @logger.error('mutator error', {
               :event => event,
-              :extension => extension,
+              :extension => extension.definition,
               :error => 'non-zero exit status (' + status.to_s + '): ' + output
             })
+            @handlers_in_progress_count -= 1
           end
         end
       else
         @logger.error('unknown mutator', {
           :mutator_name => mutator_name
         })
+        @handlers_in_progress_count -= 1
       end
     end
 
@@ -502,19 +505,6 @@ module Sensu
       end
     end
 
-    def valid_result?(result)
-      if result[:client].is_a?(String) && result[:check].is_a?(Hash)
-        result[:check][:name].is_a?(String) &&
-          result[:check][:output].is_a?(String) &&
-          result[:check][:status].is_a?(Integer)
-      else
-        @logger.warn('invalid result', {
-          :result => result
-        })
-        false
-      end
-    end
-
     def setup_results
       @logger.debug('subscribing to results')
       @result_queue = @amq.queue!('results')
@@ -524,9 +514,7 @@ module Sensu
         @logger.debug('received result', {
           :result => result
         })
-        if valid_result?(result)
-          process_result(result)
-        end
+        process_result(result)
         EM::next_tick do
           header.ack
         end

data/lib/sensu/settings.rb

@@ -87,9 +87,10 @@ module Sensu
           config = Oj.load(contents)
           merged = deep_merge(@settings, config)
           unless @loaded_files.empty?
+            changes = deep_diff(@settings, merged)
             @logger.warn('config file applied changes', {
               :config_file => file,
-              :changes => deep_diff(@settings, merged)
+              :changes => redact_passwords(changes)
             })
           end
           @settings = merged
@@ -210,7 +211,7 @@ module Sensu
     end
 
     def validate_check(check)
-      unless check[:name] =~ /^[\w-]+$/
+      unless check[:name] =~ /^[\w\.-]+$/
         invalid_check(check, 'check name cannot contain spaces or special characters')
       end
       unless (check[:interval].is_a?(Integer) && check[:interval] > 0) || !check[:publish]
@@ -379,8 +380,8 @@ module Sensu
       unless @settings[:client].is_a?(Hash)
         invalid('missing client configuration')
       end
-      unless @settings[:client][:name].is_a?(String) && !@settings[:client][:name].empty?
-        invalid('client must have a name')
+      unless @settings[:client][:name] =~ /^[\w\.-]+$/
+        invalid('client must have a name and it cannot contain spaces or special characters')
       end
       unless @settings[:client][:address].is_a?(String)
         invalid('client must have an address')

data/lib/sensu/utilities.rb

@@ -57,5 +57,16 @@ module Sensu
         diff
       end
     end
+
+    def redact_passwords(hash)
+      hash.each do |key, value|
+        if %w[password passwd pass].include?(key.to_s)
+          hash[key] = "REDACTED"
+        elsif value.is_a?(Hash)
+          hash[key] = redact_passwords(value)
+        end
+      end
+      hash
+    end
   end
 end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: sensu
 version: !ruby/object:Gem::Version 
-  hash: 33
+  hash: 55
   prerelease: false
   segments: 
   - 0
-  - 9
-  - 13
-  version: 0.9.13
+  - 10
+  - 0
+  version: 0.10.0
 platform: ruby
 authors: 
 - Sean Porter
@@ -16,7 +16,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2013-05-20 00:00:00 -07:00
+date: 2013-06-27 00:00:00 -07:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency