smart_proxy_openscap 0.7.0 → 0.7.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f62ed4762438b0c37885cb031bdec5257e72721c
-  data.tar.gz: f4060366424d6b06adb28c21732286c984a70fc7
+  metadata.gz: 614be4ed227de0a533a7a469807851eb26149a3c
+  data.tar.gz: b3a2db8cb3a01adf4b9385da6ae0bf1576bc244a
 SHA512:
-  metadata.gz: d1b8e805310270da3fe76bea4771d29c150a2a6ed7d5fbaa62d156c0edcd59aba152f5e36cd4cc47de36396fb3b2806a0d21cb1c9a996a3b89bd8497767b41f3
-  data.tar.gz: ff8b396f02fea2f3244bde0988a5ef6a39d643b5f38917199221968d88a85e18714d4b39f0ee2432ef9f654fbb01260dbefe796737704ffaadb451689e9a66e9
+  metadata.gz: eca67114def703b9797e1a4749593690a476b643fa65eba24a7814f2e2d4352e22406f91c9b75eb668329e6b0559cdd3a9be1906b2347ff85eedb82210bc7dda
+  data.tar.gz: 9883048c8cbc9a7c36ac749ca7c24e5e07930863878f200072238cf1eab644069a8e66e6c3ae79a73e5061e1b4f9b00e23507f0d8dbad3772a4c5a8835872797

data/bin/smart-proxy-openscap-send

@@ -37,10 +37,25 @@ if !Proxy::SETTINGS.foreman_url
   exit 437
 end
 
+lockfile = File.join(loaded_settings.spooldir, "spool.lock")
+
+Signal.trap("TERM") {
+  FileUtils.rm(lockfile) if File.exist?(lockfile)
+  exit
+}
+
+if File.exist? lockfile
+  logger.debug "Lock file #{lockfile} for openscap spool exists, not sending spool to server"
+  exit
+end
+
 begin
+  FileUtils.touch lockfile
   Proxy::OpenSCAP::send_spool_to_foreman(loaded_settings)
 rescue StandardError => e
   logger.error e
   puts "#{e} See #{Proxy::OpenSCAP.fullpath(loaded_settings.openscap_send_log_file)}"
   exit 438
+ensure
+  FileUtils.rm lockfile
 end

data/lib/smart_proxy_openscap/fetch_file.rb

@@ -46,6 +46,8 @@ module Proxy::OpenSCAP
     def fetch_scap_content_xml(file_download_path)
       foreman_request = Proxy::HttpRequest::ForemanRequest.new
       req = foreman_request.request_factory.create_get(file_download_path)
+      timeout = Proxy::OpenSCAP::Plugin.settings.timeout
+      foreman_request.http.read_timeout = timeout if timeout
       response = foreman_request.send_request(req)
       response.value
       response.body

data/lib/smart_proxy_openscap/foreman_forwarder.rb

@@ -1,22 +1,23 @@
+require 'smart_proxy_openscap/openscap_exception'
+
 module Proxy::OpenSCAP
   class ForemanForwarder < Proxy::HttpRequest::ForemanRequest
     include ::Proxy::Log
 
-    def post_arf_report(cname, policy_id, date, data)
+    def post_arf_report(cname, policy_id, date, data, timeout)
       begin
         foreman_api_path = upload_path(cname, policy_id, date)
         json = Proxy::OpenSCAP::ArfParser.new(cname, policy_id, date).as_json(data)
-        response = send_request(foreman_api_path, json)
+        response = send_request(foreman_api_path, json, timeout)
         # Raise an HTTP error if the response is not 2xx (success).
         response.value
-        res = JSON.parse(response.body)
-        raise StandardError, "Received response: #{response.code} #{response.msg}" unless res['result'] == 'OK'
-      rescue StandardError => e
-        logger.debug response.body if response
-        logger.debug e.backtrace.join("\n\t")
+        JSON.parse(response.body)
+      rescue Net::HTTPServerException => e
+        logger.debug "Received response: #{response.code} #{response.msg}"
+        logger.debug response.body
+        raise ReportUploadError, e.message if response.code.to_i == 422
         raise e
       end
-      res
     end
 
     private
@@ -25,13 +26,14 @@ module Proxy::OpenSCAP
       "/api/v2/compliance/arf_reports/#{cname}/#{policy_id}/#{date}"
     end
 
-    def send_request(path, body)
+    def send_request(path, body, timeout)
       # Override the parent method to set the right headers
       path = [uri.path, path].join('/') unless uri.path.empty?
       req = Net::HTTP::Post.new(URI.join(uri.to_s, path).path)
       req.add_field('Accept', 'application/json,version=2')
       req.content_type = 'application/json'
       req.body = body
+      http.read_timeout = timeout if timeout
       http.request(req)
     end
   end

data/lib/smart_proxy_openscap/openscap_api.rb

@@ -37,7 +37,7 @@ module Proxy::OpenSCAP
       policy = params[:policy]
 
       begin
-        post_to_foreman = ForemanForwarder.new.post_arf_report(cn, policy, date, request.body.string)
+        post_to_foreman = ForemanForwarder.new.post_arf_report(cn, policy, date, request.body.string, Proxy::OpenSCAP::Plugin.settings.timeout)
         Proxy::OpenSCAP::StorageFS.new(Proxy::OpenSCAP::Plugin.settings.reportsdir, cn, post_to_foreman['id'], date).store_archive(request.body.string)
         post_to_foreman.to_json
       rescue Proxy::OpenSCAP::StoreReportError => e
@@ -58,6 +58,8 @@ module Proxy::OpenSCAP
         { :result => msg }.to_json
       rescue Proxy::OpenSCAP::StoreSpoolError => e
         log_halt 500, e.message
+      rescue Proxy::OpenSCAP::ReportUploadError => e
+        { :result => e.message }.to_json
       end
     end
 

data/lib/smart_proxy_openscap/openscap_exception.rb

@@ -5,4 +5,5 @@ module Proxy::OpenSCAP
   class StoreFailedError < StandardError; end
   class FileNotFound < StandardError; end
   class StoreCorruptedError < StandardError; end
+  class ReportUploadError < StandardError; end
 end

data/lib/smart_proxy_openscap/openscap_import_api.rb

@@ -12,7 +12,7 @@ module Proxy::OpenSCAP
       policy = params[:policy_id]
       log_halt(500, "Insufficient data") if (cn.nil? || date.nil?)
 
-      post_to_foreman = ForemanForwarder.new.post_arf_report(cn, policy, date, request.body.string)
+      post_to_foreman = ForemanForwarder.new.post_arf_report(cn, policy, date, request.body.string, Proxy::OpenSCAP::Plugin.settings.timeout)
       begin
         Proxy::OpenSCAP::StorageFS.new(Proxy::OpenSCAP::Plugin.settings.reportsdir, cn, post_to_foreman['id'], date).store_archive(request.body.string)
       rescue Proxy::OpenSCAP::StoreReportError => e

data/lib/smart_proxy_openscap/spool_forwarder.rb

@@ -52,7 +52,7 @@ module Proxy::OpenSCAP
 
     def forward_arf_file(cname, policy_id, date, arf_file_path)
       data = File.open(arf_file_path, 'rb') { |io| io.read }
-      post_to_foreman = ForemanForwarder.new.post_arf_report(cname, policy_id, date, data)
+      post_to_foreman = ForemanForwarder.new.post_arf_report(cname, policy_id, date, data, @loaded_settings.timeout)
       Proxy::OpenSCAP::StorageFS.new(@loaded_settings.reportsdir, cname, post_to_foreman['id'], date).store_archive(data)
       File.delete arf_file_path
     rescue Proxy::OpenSCAP::OpenSCAPException => e
@@ -60,7 +60,9 @@ module Proxy::OpenSCAP
 
       Proxy::OpenSCAP::StorageFS.new(@loaded_settings.corrupted_dir, cname, policy_id, date).
         move_corrupted(arf_file_path.split('/').last, @loaded_settings.spooldir)
-
+    rescue Proxy::OpenSCAP::ReportUploadError => e
+      logger.error "Failed to upload Arf Report at #{arf_file_path}, cause: #{e.message}, the report will be deleted."
+      File.delete arf_file_path
     rescue StandardError => e
       logger.error "smart-proxy-openscap-send failed to upload Compliance report for #{cname}, generated on #{Time.at date.to_i}. Cause: #{e}"
     end

data/lib/smart_proxy_openscap/version.rb

@@ -10,6 +10,6 @@
 
 module Proxy
   module OpenSCAP
-    VERSION = '0.7.0'
+    VERSION = '0.7.1'
   end
 end

data/settings.d/openscap.yml.example

@@ -26,3 +26,8 @@
 # Directory where corrupted OpenSCAP report XML are stored
 # When proxy cannot parse the report sent by client
 #:corrupted_dir: /var/lib/foreman-proxy/openscap/corrupted
+
+# The time we wait for response after the upload request connection was established, in seconds.
+# Affects sending reports to Foreman (directly and from spool) and fetching scap content or tailoring file
+# for distribution to clients
+#:timeout: 60

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: smart_proxy_openscap
 version: !ruby/object:Gem::Version
-  version: 0.7.0
+  version: 0.7.1
 platform: ruby
 authors:
 - Šimon Lukašík
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-10-12 00:00:00.000000000 Z
+date: 2018-11-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake