promise: Improve check_surykatka_json

Improvements: * support for ssl_certificate entry from surykatka * explanation of extended status codes * assurance that URLs are clickable in the monitor.app * format times for humans /reviewed-on !73

promise: Improve check_surykatka_json
Improvements: * support for ssl_certificate entry from surykatka * explanation of extended status codes * assurance that URLs are clickable in the monitor.app * format times for humans /reviewed-on !73
4b92775c · Łukasz Nowak · ded34b9c · 83f161ae · 4b92775c · 4b92775c
Commit 4b92775c authored Dec 20, 2019 by Łukasz Nowak
2 changed files
--- a/slapos/promise/plugin/check_surykatka_json.py
+++ b/slapos/promise/plugin/check_surykatka_json.py
@@ -7,20 +7,48 @@ import email.utils
 import json
 import os
 import time
+try:
+  from urlparse import urlparse
+except ImportError:
+  from urllib.parse import urlparse
 @implementer(interface.IPromise)
 class RunPromise(GenericPromise):
+  EXTENDED_STATUS_CODE_MAPPING = {
+    '520': 'Too many redirects',
+    '523': 'Connection error',
+    '524': 'Connection timeout',
+    '526': 'SSL Error',
+  }
  def __init__(self, config):
    super(RunPromise, self).__init__(config)
    # Set frequency compatible to default surykatka interval - 2 minutes
    self.setPeriodicity(float(self.getConfig('frequency', 2)))
+    self.error_list = []
+    self.info_list = []
+  def appendError(self, message):
+    self.error_list.append(message)
+  def appendInfo(self, message):
+    self.info_list.append(message)
+  def emitLog(self):
+   if len(self.error_list) > 0:
+     emit = self.logger.error
+   else:
+     emit = self.logger.info
+   emit(' '.join(self.error_list + self.info_list))
  def senseBotStatus(self):
    key = 'bot_status'
    def logError(msg, *args):
-      self.logger.error(key + ': ' + msg, *args)
+      self.appendError(key + ': ' + msg % args)
    if key not in self.surykatka_json:
      logError("%r not in %r", key, self.json_file)
@@ -35,26 +63,87 @@ class RunPromise(GenericPromise):
      return
    timetuple = email.utils.parsedate(bot_status['date'])
    last_bot_datetime = datetime.datetime.fromtimestamp(time.mktime(timetuple))
+    last_bot_datetime_string = email.utils.formatdate(time.mktime(timetuple))
    delta = self.utcnow - last_bot_datetime
    # sanity check
    if delta < datetime.timedelta(minutes=0):
      logError('Last bot datetime %s is in future, UTC now %s',
-               last_bot_datetime, self.utcnow)
+               last_bot_datetime_string, self.utcnow_string)
      return
    if delta > datetime.timedelta(minutes=15):
      logError('Last bot datetime %s is more than 15 minutes old, UTC now %s',
-               last_bot_datetime, self.utcnow)
+               last_bot_datetime_string, self.utcnow_string)
      return
-    self.logger.info(
+    self.appendInfo(
-      '%s: Last bot status from %s ok, UTC now is %s',
+      '%s: Last bot status from %s ok, UTC now is %s' %
-      key, last_bot_datetime, self.utcnow)
+      (key, last_bot_datetime_string, self.utcnow_string))
+  def senseSslCertificate(self):
+    key = 'ssl_certificate'
+    def appendError(msg, *args):
+      self.appendError(key + ': ' + msg % args)
+    url = self.getConfig('url')
+    parsed_url = urlparse(url)
+    if parsed_url.scheme == 'https':
+      hostname = parsed_url.netloc
+      ssl_check = True
+      certificate_expiration_days = self.getConfig(
+        'certificate-expiration-days', '15')
+      try:
+        certificate_expiration_days = int(certificate_expiration_days)
+      except ValueError:
+        certificate_expiration_days = None
+    else:
+      ssl_check = False
+      certificate_expiration_days = None
+    if ssl_check is None:
+      return
+    if certificate_expiration_days is None:
+      appendError(
+        'certificate-expiration-days %r is incorrect',
+        self.getConfig('certificate-expiration-days'))
+      return
+    if not hostname:
+      appendError('url %r is incorrect', url)
+      return
+    if key not in self.surykatka_json:
+      appendError(
+        'No data for %s . If the error persist, please update surykatka.', url)
+      return
+    entry_list = [
+      q for q in self.surykatka_json[key] if q['hostname'] == hostname]
+    if len(entry_list) == 0:
+      appendError('No data for %s', url)
+      return
+    for entry in entry_list:
+      timetuple = email.utils.parsedate(entry['not_after'])
+      certificate_expiration_time = datetime.datetime.fromtimestamp(
+        time.mktime(timetuple))
+      if certificate_expiration_time - datetime.timedelta(
+        days=certificate_expiration_days) < self.utcnow:
+        appendError(
+          'Certificate for %s will expire on %s, which is less than %s days, '
+          'UTC now is %s',
+          url, entry['not_after'], certificate_expiration_days,
+          self.utcnow_string)
+        return
+      else:
+        self.appendInfo(
+          '%s: Certificate for %s will expire on %s, which is more than %s '
+          'days, UTC now is %s' %
+          (key, url, entry['not_after'], certificate_expiration_days,
+           self.utcnow_string))
+        return
  def senseHttpQuery(self):
    key = 'http_query'
+    error_list = []
    def logError(msg, *args):
-      self.logger.error(key + ': ' + msg, *args)
+      self.appendError(key + ': ' + msg % args)
    if key not in self.surykatka_json:
      logError("%r not in %r", key, self.json_file)
@@ -66,14 +155,22 @@ class RunPromise(GenericPromise):
    entry_list = [q for q in self.surykatka_json[key] if q['url'] == url]
    if len(entry_list) == 0:
-      logError('No data for %r', url)
+      logError('No data for %s', url)
      return
    error_list = []
    for entry in entry_list:
-      if str(entry['status_code']) != str(status_code):
+      entry_status_code = str(entry['status_code'])
+      if entry_status_code != status_code:
+        status_code_explanation = self.EXTENDED_STATUS_CODE_MAPPING.get(
+          entry_status_code)
+        if status_code_explanation:
+          status_code_explanation = '%s (%s)' % (
+            entry_status_code, status_code_explanation)
+        else:
+          status_code_explanation = entry_status_code
        error_list.append(
          'IP %s got status code %s instead of %s' % (
-            entry['ip'], entry['status_code'], status_code))
+            entry['ip'], status_code_explanation, status_code))
    db_ip_list = [q['ip'] for q in entry_list]
    if len(ip_list):
      if set(ip_list) != set(db_ip_list):
@@ -81,16 +178,16 @@ class RunPromise(GenericPromise):
          'expected IPs %s differes from got %s' % (
            ' '.join(ip_list), ' '.join(db_ip_list)))
    if len(error_list):
-      logError('Problem with %s: ' % (url,) + ', '.join(error_list))
+      logError('Problem with %s : ' % (url,) + ', '.join(error_list))
      return
    if len(ip_list) > 0:
-      self.logger.info(
+      self.appendInfo(
-        '%s: %s replied correctly with status code %s on ip list %s',
+        '%s: %s replied correctly with status code %s on ip list %s' %
-        key, url, status_code, ' '.join(ip_list))
+        (key, url, status_code, ' '.join(ip_list)))
    else:
-      self.logger.info(
+      self.appendInfo(
-        '%s: %s replied correctly with status code %s',
+        '%s: %s replied correctly with status code %s' %
-        key, url, status_code)
+        (key, url, status_code))
  def sense(self):
    """
@@ -100,28 +197,31 @@ class RunPromise(GenericPromise):
    if test_utcnow:
      self.utcnow = datetime.datetime.fromtimestamp(
        time.mktime(email.utils.parsedate(test_utcnow)))
+      self.utcnow_string = test_utcnow
    else:
      self.utcnow = datetime.datetime.utcnow()
+      self.utcnow_string = email.utils.formatdate(time.mktime(
+        self.utcnow.timetuple()))
    self.json_file = self.getConfig('json-file', '')
    if not os.path.exists(self.json_file):
-      self.logger.error('File %r does not exists', self.json_file)
+      self.appendError('File %r does not exists' % self.json_file)
-      return
-    with open(self.json_file) as fh:
-      try:
-        self.surykatka_json = json.load(fh)
-      except Exception:
-        self.logger.error("Problem loading JSON from %r", self.json_file)
-        return
-    report = self.getConfig('report')
-    if report == 'bot_status':
-      return self.senseBotStatus()
-    elif report == 'http_query':
-      return self.senseHttpQuery()
    else:
-      self.logger.error("Report %r is not supported", report)
+      with open(self.json_file) as fh:
-      return
+        try:
+          self.surykatka_json = json.load(fh)
+        except Exception:
+          self.appendError("Problem loading JSON from %r" % self.json_file)
+        else:
+          report = self.getConfig('report')
+          if report == 'bot_status':
+            self.senseBotStatus()
+          elif report == 'http_query':
+            self.senseHttpQuery()
+            self.senseSslCertificate()
+          else:
+            self.appendError("Report %r is not supported" % report)
+    self.emitLog()
  def anomaly(self):
    return self._test(result_count=3, failure_amount=3)
--- a/slapos/test/promise/plugin/test_check_surykatka_json.py
+++ b/slapos/test/promise/plugin/test_check_surykatka_json.py