osism 0.20250701.0__py3-none-any.whl → 0.20250804.0__py3-none-any.whl

osism/tasks/__init__.py

@@ -1,12 +1,10 @@
 # SPDX-License-Identifier: Apache-2.0
 
-import logging
 import os
 import re
 import subprocess
 
 from loguru import logger
-from pottery import Redlock
 
 from osism import utils
 
@@ -77,10 +75,8 @@ def run_ansible_in_environment(
 
     # NOTE: Consider arguments in the future
     if locking:
-        logging.getLogger("redlock").setLevel(logging.WARNING)
-        lock = Redlock(
+        lock = utils.create_redlock(
             key=f"lock-ansible-{environment}-{role}",
-            masters={utils.redis},
             auto_release_time=auto_release_time,
         )
 
@@ -195,9 +191,8 @@ def run_command(
         command_env.update(env)
 
     if locking:
-        lock = Redlock(
+        lock = utils.create_redlock(
             key=f"lock-{command}",
-            masters={utils.redis},
             auto_release_time=auto_release_time,
         )
 
@@ -243,6 +238,49 @@ def handle_task(t, wait=True, format="log", timeout=3600):
                 f"osism wait --output --live --delay 2 {t.task_id}"
             )
             return 1
+        except KeyboardInterrupt:
+            logger.info(f"\nTask {t.task_id} interrupted by user (CTRL+C)")
+
+            # Prompt user for task revocation in interactive mode using prompt-toolkit
+            try:
+                from prompt_toolkit import prompt
+
+                # Use prompt-toolkit for better UX with yes/no options and default
+                response = (
+                    prompt(
+                        "Do you want to revoke the running task? [y/N]: ", default="n"
+                    )
+                    .strip()
+                    .lower()
+                )
+
+                if response in ["y", "yes"]:
+                    logger.info(f"Revoking task {t.task_id}...")
+                    if utils.revoke_task(t.task_id):
+                        logger.info(f"Task {t.task_id} has been revoked")
+                    else:
+                        logger.error(f"Failed to revoke task {t.task_id}")
+                else:
+                    logger.info(f"Task {t.task_id} continues running in background")
+                    logger.info(
+                        "Use this command to continue waiting for this task: "
+                        f"osism wait --output --live --delay 2 {t.task_id}"
+                    )
+            except KeyboardInterrupt:
+                # Handle second CTRL+C during prompt
+                logger.info(f"\nTask {t.task_id} continues running in background")
+                logger.info(
+                    "Use this command to continue waiting for this task: "
+                    f"osism wait --output --live --delay 2 {t.task_id}"
+                )
+            except EOFError:
+                # Handle EOF (e.g., when input is not available)
+                logger.info(f"Task {t.task_id} continues running in background")
+                logger.info(
+                    "Use this command to continue waiting for this task: "
+                    f"osism wait --output --live --delay 2 {t.task_id}"
+                )
+            return 1
 
     else:
         if format == "log":

osism/tasks/ansible.py

@@ -1,7 +1,6 @@
 # SPDX-License-Identifier: Apache-2.0
 
 from celery import Celery
-from pottery import Redlock
 
 from osism import settings, utils
 from osism.tasks import Config, run_ansible_in_environment
@@ -12,9 +11,8 @@ app.config_from_object(Config)
 
 @app.on_after_configure.connect
 def setup_periodic_tasks(sender, **kwargs):
-    lock = Redlock(
+    lock = utils.create_redlock(
         key="lock_osism_tasks_ansible_setup_periodic_tasks",
-        masters={utils.redis},
     )
     if settings.GATHER_FACTS_SCHEDULE > 0 and lock.acquire(timeout=10):
         sender.add_periodic_task(

osism/tasks/conductor/__init__.py

@@ -44,8 +44,8 @@ def sync_netbox(self, force_update=False):
 
 
 @app.task(bind=True, name="osism.tasks.conductor.sync_ironic")
-def sync_ironic(self, force_update=False):
-    _sync_ironic(self.request.id, get_ironic_parameters, force_update)
+def sync_ironic(self, node_name=None, force_update=False):
+    _sync_ironic(self.request.id, get_ironic_parameters, node_name, force_update)
 
 
 @app.task(bind=True, name="osism.tasks.conductor.sync_sonic")

osism/tasks/conductor/config.py

@@ -30,7 +30,7 @@ def get_configuration():
                     "image_source"
                 ]
                 if not validators.uuid(image_source) and not validators.url(
-                    image_source
+                    image_source, simple_host=True
                 ):
                     result = openstack.image_get(image_source)
                     if result:
@@ -46,7 +46,7 @@ def get_configuration():
                     "deploy_kernel"
                 ]
                 if not validators.uuid(deploy_kernel) and not validators.url(
-                    deploy_kernel
+                    deploy_kernel, simple_host=True
                 ):
                     result = openstack.image_get(deploy_kernel)
                     if result:
@@ -63,7 +63,7 @@ def get_configuration():
                     "deploy_ramdisk"
                 ]
                 if not validators.uuid(deploy_ramdisk) and not validators.url(
-                    deploy_ramdisk
+                    deploy_ramdisk, simple_host=True
                 ):
                     result = openstack.image_get(deploy_ramdisk)
                     if result:

osism/tasks/conductor/ironic.py

@@ -3,7 +3,6 @@
 import json
 
 import jinja2
-from pottery import Redlock
 
 from osism import utils as osism_utils
 from osism.tasks import netbox, openstack
@@ -128,19 +127,41 @@ def _prepare_node_attributes(device, get_ironic_parameters):
     return node_attributes
 
 
-def sync_ironic(request_id, get_ironic_parameters, force_update=False):
-    osism_utils.push_task_output(
-        request_id,
-        "Starting NetBox device synchronisation with ironic\n",
-    )
+def sync_ironic(request_id, get_ironic_parameters, node_name=None, force_update=False):
+    if node_name:
+        osism_utils.push_task_output(
+            request_id,
+            f"Starting NetBox device synchronisation with ironic for node {node_name}\n",
+        )
+    else:
+        osism_utils.push_task_output(
+            request_id,
+            "Starting NetBox device synchronisation with ironic\n",
+        )
     devices = set()
     nb_device_query_list = get_nb_device_query_list_ironic()
     for nb_device_query in nb_device_query_list:
         devices |= set(netbox.get_devices(**nb_device_query))
 
+    # Filter devices by node_name if specified
+    if node_name:
+        devices = {dev for dev in devices if dev.name == node_name}
+        if not devices:
+            osism_utils.push_task_output(
+                request_id,
+                f"Node {node_name} not found in NetBox\n",
+            )
+            osism_utils.finish_task_output(request_id, rc=1)
+            return
+
     # NOTE: Find nodes in Ironic which are no longer present in NetBox and remove them
     device_names = {dev.name for dev in devices}
     nodes = openstack.baremetal_node_list()
+
+    # Filter nodes by node_name if specified
+    if node_name:
+        nodes = [node for node in nodes if node["Name"] == node_name]
+
     for node in nodes:
         osism_utils.push_task_output(
             request_id, f"Looking for {node['Name']} in NetBox\n"
@@ -180,9 +201,8 @@ def sync_ironic(request_id, get_ironic_parameters, force_update=False):
             if interface.enabled and not interface.mgmt_only and interface.mac_address
         ]
 
-        lock = Redlock(
+        lock = osism_utils.create_redlock(
             key=f"lock_osism_tasks_conductor_sync_ironic-{device.name}",
-            masters={osism_utils.redis},
             auto_release_time=600,
         )
         if lock.acquire(timeout=120):

osism/tasks/conductor/sonic/config_generator.py

@@ -201,6 +201,9 @@ def generate_sonic_config(device, hwsku, device_as_mapping=None):
     # Add NTP server configuration (device-specific)
     _add_ntp_configuration(config, device)
 
+    # Add DNS server configuration (device-specific)
+    _add_dns_configuration(config, device)
+
     # Add VLAN configuration
     _add_vlan_configuration(config, vlan_info, netbox_interfaces, device)
 
@@ -694,18 +697,20 @@ def _determine_peer_type(local_device, connected_device, device_as_mapping=None)
         return "external"  # Default to external on error
 
 
-def _get_ntp_server_for_device(device):
-    """Get single NTP server IP for a SONiC device based on OOB connection to metalbox.
+def _get_metalbox_ip_for_device(device):
+    """Get Metalbox IP for a SONiC device based on OOB connection.
 
     Returns the IP address of the metalbox device interface that is connected to the
     OOB switch. If VLANs are used, returns the IP of the VLAN interface where the
     SONiC switch management interface (eth0) has access.
 
+    This IP is used for both NTP and DNS services.
+
     Args:
         device: SONiC device object
 
     Returns:
-        str: IP address of the NTP server or None if not found
+        str: IP address of the Metalbox or None if not found
     """
     try:
         # Get the OOB IP configuration for this SONiC device
@@ -726,7 +731,7 @@ def _get_ntp_server_for_device(device):
         metalbox_devices = utils.nb.dcim.devices.filter(role="metalbox")
 
         for metalbox in metalbox_devices:
-            logger.debug(f"Checking metalbox device {metalbox.name} for NTP server")
+            logger.debug(f"Checking metalbox device {metalbox.name} for services")
 
             # Get all interfaces on this metalbox
             interfaces = utils.nb.dcim.interfaces.filter(device_id=metalbox.id)
@@ -765,7 +770,7 @@ def _get_ntp_server_for_device(device):
                                     else "interface"
                                 )
                                 logger.info(
-                                    f"Found NTP server {ip_only} on metalbox {metalbox.name} "
+                                    f"Found Metalbox {ip_only} on {metalbox.name} "
                                     f"{interface_type} {interface.name} for SONiC device {device.name}"
                                 )
                                 return ip_only
@@ -773,11 +778,11 @@ def _get_ntp_server_for_device(device):
                             # Skip non-IPv4 addresses
                             continue
 
-        logger.warning(f"No suitable NTP server found for SONiC device {device.name}")
+        logger.warning(f"No suitable Metalbox found for SONiC device {device.name}")
         return None
 
     except Exception as e:
-        logger.warning(f"Could not determine NTP server for device {device.name}: {e}")
+        logger.warning(f"Could not determine Metalbox IP for device {device.name}: {e}")
         return None
 
 
@@ -846,19 +851,17 @@ def _add_ntp_configuration(config, device):
     metalbox device interface connected to the OOB switch.
     """
     try:
-        # Get the specific NTP server for this device
-        ntp_server_ip = _get_ntp_server_for_device(device)
+        # Get the Metalbox IP for this device
+        metalbox_ip = _get_metalbox_ip_for_device(device)
 
-        if ntp_server_ip:
+        if metalbox_ip:
             # Add single NTP server configuration
-            config["NTP_SERVER"][ntp_server_ip] = {
+            config["NTP_SERVER"][metalbox_ip] = {
                 "maxpoll": "10",
                 "minpoll": "6",
                 "prefer": "false",
             }
-            logger.info(
-                f"Added NTP server {ntp_server_ip} to SONiC device {device.name}"
-            )
+            logger.info(f"Added NTP server {metalbox_ip} to SONiC device {device.name}")
         else:
             logger.warning(f"No NTP server found for SONiC device {device.name}")
 
@@ -873,6 +876,27 @@ def clear_ntp_cache():
     logger.debug("Cleared NTP servers cache")
 
 
+def _add_dns_configuration(config, device):
+    """Add DNS_NAMESERVER configuration to device config.
+
+    Each SONiC switch gets exactly one DNS server - the IP address of the
+    metalbox device interface connected to the OOB switch.
+    """
+    try:
+        # Get the Metalbox IP for this device
+        metalbox_ip = _get_metalbox_ip_for_device(device)
+
+        if metalbox_ip:
+            # Add single DNS server configuration
+            config["DNS_NAMESERVER"][metalbox_ip] = {}
+            logger.info(f"Added DNS server {metalbox_ip} to SONiC device {device.name}")
+        else:
+            logger.warning(f"No DNS server found for SONiC device {device.name}")
+
+    except Exception as e:
+        logger.warning(f"Could not add DNS configuration to device {device.name}: {e}")
+
+
 def clear_all_caches():
     """Clear all caches in config_generator module."""
     clear_ntp_cache()

osism/tasks/conductor/sonic/interface.py

@@ -419,6 +419,16 @@ def _extract_port_number_from_alias(alias):
     if not alias:
         return None
 
+    # Try to extract number from Eth54(Port54) format first
+    paren_match = re.search(r"Eth(\d+)\(Port(\d+)\)", alias)
+    if paren_match:
+        port_number = int(paren_match.group(1))
+        logger.debug(
+            f"Extracted port number {port_number} from Eth(Port) alias '{alias}'"
+        )
+        return port_number
+
+    # Fallback to number at end of alias
     match = re.search(r"(\d+)$", alias)
     if match:
         port_number = int(match.group(1))

osism/tasks/conductor/utils.py

@@ -75,8 +75,15 @@ def get_vault():
                 )
             ]
         )
-    except Exception:
-        logger.error("Unable to get vault secret. Dropping encrypted entries")
+    except ValueError as exc:
+        # Handle specific vault password configuration errors
+        logger.error(f"Vault password configuration error: {exc}")
+        logger.error("Please check your vault password setup in Redis")
+        vault = VaultLib()
+    except Exception as exc:
+        # Handle other errors (file access, decryption, etc.)
+        logger.error(f"Unable to get vault secret: {exc}")
+        logger.error("Dropping encrypted entries")
         vault = VaultLib()
     return vault
 

osism/tasks/netbox.py

@@ -2,7 +2,6 @@
 
 from celery import Celery
 from loguru import logger
-from pottery import Redlock
 
 from osism import settings, utils
 from osism.tasks import Config, run_command
@@ -30,9 +29,8 @@ def run(self, action, arguments):
 def set_maintenance(self, device_name, state=True):
     """Set the maintenance state for a device in the NetBox."""
 
-    lock = Redlock(
+    lock = utils.create_redlock(
         key=f"lock_osism_tasks_netbox_set_maintenance_{device_name}",
-        masters={utils.redis},
         auto_release_time=60,
     )
     if lock.acquire(timeout=20):
@@ -59,9 +57,8 @@ def set_maintenance(self, device_name, state=True):
 def set_provision_state(self, device_name, state):
     """Set the provision state for a device in the NetBox."""
 
-    lock = Redlock(
+    lock = utils.create_redlock(
         key=f"lock_osism_tasks_netbox_set_provision_state_{device_name}",
-        masters={utils.redis},
         auto_release_time=60,
     )
     if lock.acquire(timeout=20):
@@ -89,9 +86,8 @@ def set_provision_state(self, device_name, state):
 def set_power_state(self, device_name, state):
     """Set the provision state for a device in the NetBox."""
 
-    lock = Redlock(
+    lock = utils.create_redlock(
         key=f"lock_osism_tasks_netbox_set_provision_state_{device_name}",
-        masters={utils.redis},
         auto_release_time=60,
     )
     if lock.acquire(timeout=20):

osism/tasks/reconciler.py

@@ -6,7 +6,6 @@ import subprocess
 
 from celery import Celery
 from loguru import logger
-from pottery import Redlock
 
 from osism import settings, utils
 from osism.tasks import Config
@@ -17,9 +16,8 @@ app.config_from_object(Config)
 
 @app.on_after_configure.connect
 def setup_periodic_tasks(sender, **kwargs):
-    lock = Redlock(
+    lock = utils.create_redlock(
         key="lock_osism_tasks_reconciler_setup_periodic_tasks",
-        masters={utils.redis},
     )
     if settings.INVENTORY_RECONCILER_SCHEDULE > 0 and lock.acquire(timeout=10):
         sender.add_periodic_task(
@@ -29,9 +27,8 @@ def setup_periodic_tasks(sender, **kwargs):
 
 @app.task(bind=True, name="osism.tasks.reconciler.run")
 def run(self, publish=True, flush_cache=False):
-    lock = Redlock(
+    lock = utils.create_redlock(
         key="lock_osism_tasks_reconciler_run",
-        masters={utils.redis},
         auto_release_time=60,
     )
 
@@ -64,9 +61,8 @@ def run(self, publish=True, flush_cache=False):
 
 @app.task(bind=True, name="osism.tasks.reconciler.run_on_change")
 def run_on_change(self):
-    lock = Redlock(
+    lock = utils.create_redlock(
         key="lock_osism_tasks_reconciler_run_on_change",
-        masters={utils.redis},
         auto_release_time=60,
     )
 

osism/utils/__init__.py

@@ -2,11 +2,13 @@
 
 import time
 import os
+from contextlib import redirect_stdout, redirect_stderr
 from cryptography.fernet import Fernet
 import keystoneauth1
 from loguru import logger
 import openstack
 import pynetbox
+from pottery import Redlock
 from redis import Redis
 import urllib3
 import yaml
@@ -107,8 +109,18 @@ def get_ansible_vault_password():
         f = Fernet(key)
 
         encrypted_ansible_vault_password = redis.get("ansible_vault_password")
+        if encrypted_ansible_vault_password is None:
+            raise ValueError("Ansible vault password is not set in Redis")
+
         ansible_vault_password = f.decrypt(encrypted_ansible_vault_password)
-        return ansible_vault_password.decode("utf-8")
+        password = ansible_vault_password.decode("utf-8")
+
+        if not password or password.strip() == "":
+            raise ValueError(
+                "Ansible vault password is empty or contains only whitespace"
+            )
+
+        return password
     except Exception as exc:
         logger.error("Unable to get ansible vault password")
         raise exc
@@ -181,3 +193,52 @@ def finish_task_output(task_id, rc=None):
     if rc:
         redis.xadd(task_id, {"type": "rc", "content": rc})
     redis.xadd(task_id, {"type": "action", "content": "quit"})
+
+
+def revoke_task(task_id):
+    """
+    Revoke a running Celery task.
+
+    Args:
+        task_id (str): The ID of the task to revoke
+
+    Returns:
+        bool: True if revocation was successful, False otherwise
+    """
+    try:
+        from celery import Celery
+        from osism.tasks import Config
+
+        app = Celery("task")
+        app.config_from_object(Config)
+        app.control.revoke(task_id, terminate=True)
+        return True
+    except Exception as e:
+        logger.error(f"Failed to revoke task {task_id}: {e}")
+        return False
+
+
+def create_redlock(key, auto_release_time=3600):
+    """
+    Create a Redlock instance with output suppression during initialization.
+
+    Args:
+        key (str): The lock key
+        auto_release_time (int): Auto release time in seconds (default: 3600)
+
+    Returns:
+        Redlock: The configured Redlock instance
+    """
+    import logging
+
+    # Permanently suppress pottery logger output
+    pottery_logger = logging.getLogger("pottery")
+    pottery_logger.setLevel(logging.CRITICAL)
+
+    with open(os.devnull, "w") as devnull:
+        with redirect_stdout(devnull), redirect_stderr(devnull):
+            return Redlock(
+                key=key,
+                masters={redis},
+                auto_release_time=auto_release_time,
+            )