smart_proxy_salt 2.1.8 → 3.1.2

data/lib/smart_proxy_salt/rest.rb

@@ -1,31 +1,34 @@
+# frozen_string_literal: true
+
 require 'json'
 require 'smart_proxy_salt/api_request'
 
-module Proxy::Salt::Rest
-  extend ::Proxy::Log
-  extend ::Proxy::Util
+module Proxy
+  module Salt
+    # Rest Salt API methods
+    module Rest
+      extend ::Proxy::Log
+      extend ::Proxy::Util
 
-  class << self
-    def environments_list
-      JSON.dump(Proxy::Salt::ApiRequest.new.post('/run', :fun => 'fileserver.envs', :client => 'runner')['return'][0])
-    end
+      class << self
+        def environments_list
+          JSON.dump(Proxy::Salt::ApiRequest.new.post('/run', :fun => 'fileserver.envs', :client => 'runner')['return'][0])
+        end
 
-    def states_list(environment)
-      states = []
-      files = Proxy::Salt::ApiRequest.new.post('/run', :fun => 'fileserver.file_list',
-                                   :saltenv => environment,
-                                   :client => 'runner')['return'][0]
+        def states_list(environment)
+          states = []
+          files = Proxy::Salt::ApiRequest.new.post('/run', :fun => 'fileserver.file_list',
+                                                           :saltenv => environment,
+                                                           :client => 'runner')['return'][0]
 
-      files.each do |file|
-        if file =~ /\.sls\Z/ && file != "top.sls"
-          states << file.gsub('.sls', '').
-                         gsub('/init', '').
-                         chomp('/').
-                         gsub('/', '.')
+          files.each do |file|
+            next unless file =~ /\.sls\Z/ && file != 'top.sls'
+            states << file.gsub('.sls', '').gsub('/init', '').chomp('/').tr('/', '.')
+          end
+
+          JSON.dump(states)
         end
       end
-
-      JSON.dump(states)
     end
   end
 end

data/lib/smart_proxy_salt/salt.rb

@@ -1,31 +1,37 @@
+# frozen_string_literal: true
+
 require 'smart_proxy_salt/cli'
 require 'smart_proxy_salt/rest'
 
-module Proxy::Salt
-  class NotFound < RuntimeError; end
+module Proxy
+  # SmartProxy Salt
+  module Salt
+    class NotFound < RuntimeError; end
 
-  class Plugin < ::Proxy::Plugin
-    plugin 'salt', Proxy::Salt::VERSION
+    # Implement a SmartProxy plugin
+    class Plugin < ::Proxy::Plugin
+      plugin 'salt', Proxy::Salt::VERSION
 
-    default_settings :autosign_file      => '/etc/salt/autosign.conf',
-                     :salt_command_user  => 'root',
-                     :use_api            => false
+      default_settings :autosign_file      => '/etc/salt/autosign.conf',
+                       :salt_command_user  => 'root',
+                       :use_api            => false
 
-    http_rackup_path File.expand_path('salt_http_config.ru', File.expand_path('../', __FILE__))
-    https_rackup_path File.expand_path('salt_http_config.ru', File.expand_path('../', __FILE__))
-  end
+      http_rackup_path File.expand_path('salt_http_config.ru', File.expand_path('../', __FILE__))
+      https_rackup_path File.expand_path('salt_http_config.ru', File.expand_path('../', __FILE__))
+    end
 
-  class << self
-    def method_missing(m, *args, &block)
-      # Use API, if it supports it, otherwise fallback to the CLI
-      if Proxy::Salt::Plugin.settings.use_api && Proxy::Salt::Rest.respond_to?(m)
-        Proxy::Salt::Rest.send(m, *args, &block)
-      elsif Proxy::Salt::CLI.respond_to?(m)
-        Proxy::Salt::CLI.send(m, *args, &block)
-      elsif !Proxy::Salt::Plugin.settings.use_api && Proxy::Salt::Rest.respond_to?(m)
-        raise NotImplementedError, 'You must enable the Salt API to use this feature.'
-      else
-        super
+    class << self
+      def method_missing(m, *args, &block)
+        # Use API, if it supports it, otherwise fallback to the CLI
+        if Proxy::Salt::Plugin.settings.use_api && Proxy::Salt::Rest.respond_to?(m)
+          Proxy::Salt::Rest.send(m, *args, &block)
+        elsif Proxy::Salt::CLI.respond_to?(m)
+          Proxy::Salt::CLI.send(m, *args, &block)
+        elsif !Proxy::Salt::Plugin.settings.use_api && Proxy::Salt::Rest.respond_to?(m)
+          raise NotImplementedError.new('You must enable the Salt API to use this feature.')
+        else
+          super
+        end
       end
     end
   end

data/lib/smart_proxy_salt/salt_api.rb

@@ -1,104 +1,109 @@
+# frozen_string_literal: true
+
 require 'sinatra'
 require 'smart_proxy_salt/salt'
 
-module Proxy::Salt
-  class Api < ::Sinatra::Base
-    include ::Proxy::Log
-    helpers ::Proxy::Helpers
-    authorize_with_ssl_client
+module Proxy
+  module Salt
+    # Implement the SmartProxy API
+    class Api < ::Sinatra::Base
+      include ::Proxy::Log
+      helpers ::Proxy::Helpers
+      authorize_with_ssl_client
 
-    post '/autosign/:host' do
-      content_type :json
-      begin
-        Proxy::Salt.autosign_create(params[:host]).to_json
-      rescue => e
-        log_halt 406, "Failed to create autosign for #{params[:host]}: #{e}"
+      post '/autosign/:host' do
+        content_type :json
+        begin
+          Proxy::Salt.autosign_create(params[:host]).to_json
+        rescue Exception => e
+          log_halt 406, "Failed to create autosign for #{params[:host]}: #{e}"
+        end
       end
-    end
 
-    delete '/autosign/:host' do
-      content_type :json
-      begin
-        Proxy::Salt.autosign_remove(params[:host]).to_json
-      rescue Proxy::Salt::NotFound => e
-        log_halt 404, "#{e}"
-      rescue => e
-        log_halt 406, "Failed to remove autosign for #{params[:host]}: #{e}"
+      delete '/autosign/:host' do
+        content_type :json
+        begin
+          Proxy::Salt.autosign_remove(params[:host]).to_json
+        rescue Proxy::Salt::NotFound => e
+          log_halt 404, e.to_s
+        rescue Exception => e
+          log_halt 406, "Failed to remove autosign for #{params[:host]}: #{e}"
+        end
       end
-    end
 
-    get '/autosign' do
-      content_type :json
-      begin
-        Proxy::Salt::autosign_list.to_json
-      rescue => e
-        log_halt 406, "Failed to list autosign entries: #{e}"
+      get '/autosign' do
+        content_type :json
+        begin
+          Proxy::Salt.autosign_list.to_json
+        rescue Exception => e
+          log_halt 406, "Failed to list autosign entries: #{e}"
+        end
       end
-    end
 
-    get '/environments' do
-      content_type :json
-      begin
-        Proxy::Salt::environments_list
-      rescue => e
-        log_halt 406, "Failed to list environments: #{e}"
+      get '/environments' do
+        content_type :json
+        begin
+          Proxy::Salt.environments_list
+        rescue Exception => e
+          log_halt 406, "Failed to list environments: #{e}"
+        end
       end
-    end
 
-    get '/environments/:environment' do
-      content_type :json
-      begin
-        Proxy::Salt::states_list params[:environment]
-      rescue Proxy::Salt::NotFound => e
-        log_halt 404, "#{e}"
-      rescue => e
-        log_halt 406, "Failed to list states for #{params[:host]}: #{e}"
+      get '/environments/:environment' do
+        content_type :json
+        begin
+          Proxy::Salt.states_list params[:environment]
+        rescue Proxy::Salt::NotFound => e
+          log_halt 404, e.to_s
+        rescue Exception => e
+          log_halt 406, "Failed to list states for #{params[:host]}: #{e}"
+        end
       end
-    end
 
-    post '/highstate/:host' do
-      content_type :json
-      begin
-        log_halt 500, "Failed salt run for #{params[:host]}: Check Log files" unless (result = Proxy::Salt.highstate(params[:host]))
-        result
-      rescue => e
-        log_halt 406, "Failed salt run for #{params[:host]}: #{e}"
+      post '/highstate/:host' do
+        content_type :json
+        begin
+          log_halt 500, "Failed salt run for #{params[:host]}: Check Log files" unless (result = Proxy::Salt.highstate(params[:host]))
+          result
+        rescue Exception => e
+          log_halt 406, "Failed salt run for #{params[:host]}: #{e}"
+        end
       end
-    end
 
-    delete '/key/:host' do
-      content_type :json
-      begin
-        Proxy::Salt.key_delete(params[:host])
-      rescue => e
-        log_halt 406, "Failed delete salt key for #{params[:host]}: #{e}"
+      delete '/key/:host' do
+        content_type :json
+        begin
+          Proxy::Salt.key_delete(params[:host])
+        rescue Exception => e
+          log_halt 406, "Failed delete salt key for #{params[:host]}: #{e}"
+        end
       end
-    end
 
-    post '/key/:host' do
-      content_type :json
-      begin
-        Proxy::Salt::key_accept(params[:host])
-      rescue => e
-        log_halt 406, "Failed to accept salt key for #{params[:host]}: #{e}"
+      post '/key/:host' do
+        content_type :json
+        begin
+          Proxy::Salt.key_accept(params[:host])
+        rescue Exception => e
+          log_halt 406, "Failed to accept salt key for #{params[:host]}: #{e}"
+        end
       end
-    end
 
-    delete '/key/reject/:host' do
-      content_type :json
-      begin
-        Proxy::Salt::key_reject(params[:host])
-      rescue => e
-        log_halt 406, "Failed to reject salt key for #{params[:host]}: #{e}"
+      delete '/key/reject/:host' do
+        content_type :json
+        begin
+          Proxy::Salt.key_reject(params[:host])
+        rescue Exception => e
+          log_halt 406, "Failed to reject salt key for #{params[:host]}: #{e}"
+        end
       end
-    end
 
-    get '/key' do
-      content_type :json
-      begin
-        Proxy::Salt::key_list.to_json
-      rescue => e
-        log_halt 406, "Failed to list keys: #{e}"
+      get '/key' do
+        content_type :json
+        begin
+          Proxy::Salt.key_list.to_json
+        rescue Exception => e
+          log_halt 406, "Failed to list keys: #{e}"
+        end
       end
     end
   end

data/lib/smart_proxy_salt/salt_http_config.ru

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'smart_proxy_salt/salt_api'
 map '/salt' do
   run Proxy::Salt::Api

data/lib/smart_proxy_salt/version.rb

@@ -1,5 +1,8 @@
+# frozen_string_literal: true
+
 module Proxy
+  # Salt module
   module Salt
-    VERSION = '2.1.8'
+    VERSION = '3.1.2'
   end
 end

data/salt/report_upload/README.md

@@ -0,0 +1,31 @@
+# Foreman Salt Report Upload
+
+Currently, there are two possibilites to upload the salt report to Foreman:
+1. Use /usr/sbin/upload-salt-reports which is called by a cron job every 10 minutes by default
+2. Upload the report immediately by using a Salt Reactor.
+
+This README, handles the second option and how to configure it
+
+## Setup
+Add the content of 'master.snippet' to '/etc/salt/master' which configures a reactor. 
+In case there is already a reactor configured, you need to adapt it using the options mentioned in 'master.snippet'.
+
+In case '/srv/salt' is configured as 'file_roots' in your '/etc/salt/master' config, setup the necessary salt state file and Salt runner functions:
+
+```
+/srv/salt/foreman_report_upload.sls
+/srv/salt/_runners/foreman_report_upload.py
+```
+
+After changing the salt master run:
+
+```
+systemctl restart salt-master
+```
+
+After adding the foreman_report_upload.sls and foreman_report_upload.py, run the following:
+
+```
+salt-run saltutil.sync_all
+```
+

data/salt/report_upload/master.snippet

@@ -0,0 +1,3 @@
+reactor:
+  - 'salt/job/*/ret/*':
+    - /srv/salt/foreman_report_upload.sls

data/salt/report_upload/srv/salt/_runners/foreman_report_upload.py

@@ -0,0 +1,106 @@
+# -*- coding: utf-8 -*-
+'''
+Uploads reports from the Salt job cache to Foreman
+'''
+from __future__ import absolute_import, print_function, unicode_literals
+
+FOREMAN_CONFIG = '/etc/salt/foreman.yaml'
+
+try:
+    from http.client import HTTPConnection, HTTPSConnection
+except ImportError:
+    from httplib import HTTPSConnection, HTTPSConnection
+
+import ssl
+import json
+import yaml
+import os
+import sys
+import base64
+
+# Import python libs
+import logging
+
+log = logging.getLogger(__name__)
+
+
+def salt_config():
+    with open(FOREMAN_CONFIG, 'r') as f:
+        config = yaml.load(f.read())
+    return config
+
+
+def upload(report):
+    config = salt_config()
+    headers = {'Accept': 'application/json',
+               'Content-Type': 'application/json'}
+
+    if config[':proto'] == 'https':
+        ctx = ssl.create_default_context()
+        ctx.load_cert_chain(certfile=config[':ssl_cert'], keyfile=config[':ssl_key'])
+        if config[':ssl_ca']:
+          ctx.load_verify_locations(cafile=config[':ssl_ca'])
+        connection = HTTPSConnection(config[':host'],
+                port=config[':port'], context=ctx)
+    else:
+        connection = HTTPConnection(config[':host'],
+                port=config[':port'])
+        if ':username' in config and ':password' in config:
+            token = base64.b64encode('{}:{}'.format(config[':username'],
+                                                    config[':password']))
+            headers['Authorization'] = 'Basic {}'.format(token)
+
+    connection.request('POST', '/salt/api/v2/jobs/upload',
+            json.dumps(report), headers)
+    response = connection.getresponse()
+
+    if response.status == 200:
+        info_msg = 'Success {0}: {1}'.format(report['job']['job_id'], response.read())
+        log.info(info_msg)
+    else:
+        log.error("Unable to upload job - aborting report upload")
+        log.error(response.read())
+
+
+def create_report(json_str):
+    msg = json.loads(json_str)
+
+    if msg['fun'] == 'state.highstate':
+        return {'job':
+             {
+               'result': {
+                 msg['id']: msg['return'],
+               },
+               'function': 'state.highstate',
+               'job_id': msg['jid']
+             }
+           }
+    elif msg['fun'] == 'state.template_str':
+        for key, entry in msg['return'].items():
+            if key.startswith('module_') and entry['__id__'] == 'state.highstate':
+                return {'job':
+                     {
+                       'result': {
+                         msg['id']: entry['changes']['ret'],
+                       },
+                       'function': 'state.highstate',
+                       'job_id': msg['jid']
+                     }
+                   }
+    raise Exception('No state.highstate found')
+
+
+def now(highstate):
+    '''
+    Upload a highstate to Foreman
+    highstate :
+        dictionary containing a highstate (generated by a Salt reactor)
+    '''
+    log.debug('Upload highstate to Foreman')
+
+    try:
+        report = create_report(base64.decodestring(highstate))
+        upload(report)
+    except Exception as exc:
+        log.error('Exception encountered: %s', exc)
+