Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
S
slapos.toolbox
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
5
Merge Requests
5
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
nexedi
slapos.toolbox
Commits
1ee763ab
Commit
1ee763ab
authored
Dec 27, 2019
by
Łukasz Nowak
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
XXX: Support ssl_certificate
This promise has to be redesigned, otherwise it's pure spaghetti...
parent
7c1594ad
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
104 additions
and
17 deletions
+104
-17
slapos/promise/plugin/check_surykatka_json.py
slapos/promise/plugin/check_surykatka_json.py
+84
-15
slapos/test/promise/plugin/test_check_surykatka_json.py
slapos/test/promise/plugin/test_check_surykatka_json.py
+20
-2
No files found.
slapos/promise/plugin/check_surykatka_json.py
View file @
1ee763ab
...
...
@@ -7,6 +7,7 @@ import email.utils
import
json
import
os
import
time
import
urlparse
@
implementer
(
interface
.
IPromise
)
...
...
@@ -58,15 +59,76 @@ class RunPromise(GenericPromise):
'%s: Last bot status from %s ok, UTC now is %s'
,
key
,
last_bot_datetime
,
self
.
utcnow
)
def
senseSslCertificate
(
self
):
key
=
'ssl_certificate'
error_list
=
[]
info_list
=
[]
def
appendError
(
msg
,
*
args
):
self
.
logger
.
error
(
key
+
': '
+
msg
,
*
args
)
url
=
self
.
getConfig
(
'url'
)
parsed_url
=
urlparse
.
urlparse
(
url
)
if
parsed_url
.
scheme
==
'https'
:
hostname
=
parsed_url
.
netloc
ssl_check
=
True
certificate_expiration_days
=
self
.
getConfig
(
'certificate-expiration-days'
,
'15'
)
try
:
certificate_expiration_days
=
int
(
certificate_expiration_days
)
except
ValueError
:
certificate_expiration_days
=
None
else
:
ssl_check
=
False
certificate_expiration_days
=
None
if
ssl_check
is
None
:
return
error_list
,
info_list
if
certificate_expiration_days
is
None
:
appendError
(
'certificate-expiration-days %r is incorrect'
,
self
.
getConfig
(
'certificate-expiration-days'
))
return
error_list
,
info_list
if
not
hostname
:
appendError
(
'url %r is incorrect'
,
url
)
return
error_list
,
info_list
if
key
not
in
self
.
surykatka_json
:
appendError
(
'No data for %s . If the error persist, please update surykatka.'
,
url
)
return
error_list
,
info_list
entry_list
=
[
q
for
q
in
self
.
surykatka_json
[
key
]
if
q
[
'hostname'
]
==
hostname
]
if
len
(
entry_list
)
==
0
:
appendError
(
'No data for %s'
,
url
)
return
error_list
,
info_list
for
entry
in
entry_list
:
timetuple
=
email
.
utils
.
parsedate
(
entry
[
'not_after'
])
certificate_expiration_time
=
datetime
.
datetime
.
fromtimestamp
(
time
.
mktime
(
timetuple
))
if
certificate_expiration_time
-
datetime
.
timedelta
(
days
=
certificate_expiration_days
)
<
self
.
utcnow
:
appendError
(
'Certificate for %s will expire on %s, which is less than %s days, '
'UTC now is %s'
,
url
,
entry
[
'not_after'
],
certificate_expiration_days
,
self
.
utcnow
)
return
error_list
,
info_list
else
:
return
[],
[
'%s: Certificate for %s will expire on %s, which is more than %s '
'days, UTC now is %s'
%
(
key
,
url
,
entry
[
'not_after'
],
certificate_expiration_days
,
self
.
utcnow
)]
def
senseHttpQuery
(
self
):
key
=
'http_query'
error_list
=
[]
info_list
=
[]
def
log
Error
(
msg
,
*
args
):
self
.
logger
.
error
(
key
+
': '
+
msg
,
*
args
)
def
append
Error
(
msg
,
*
args
):
error_list
.
append
(
key
+
': '
+
(
msg
%
args
)
)
if
key
not
in
self
.
surykatka_json
:
log
Error
(
"%r not in %r"
,
key
,
self
.
json_file
)
return
append
Error
(
"%r not in %r"
,
key
,
self
.
json_file
)
return
error_list
,
info_list
url
=
self
.
getConfig
(
'url'
)
status_code
=
self
.
getConfig
(
'status-code'
)
...
...
@@ -74,8 +136,8 @@ class RunPromise(GenericPromise):
entry_list
=
[
q
for
q
in
self
.
surykatka_json
[
key
]
if
q
[
'url'
]
==
url
]
if
len
(
entry_list
)
==
0
:
log
Error
(
'No data for %s'
,
url
)
return
append
Error
(
'No data for %s'
,
url
)
return
error_list
,
info_list
error_list
=
[]
for
entry
in
entry_list
:
entry_status_code
=
str
(
entry
[
'status_code'
])
...
...
@@ -97,16 +159,16 @@ class RunPromise(GenericPromise):
'expected IPs %s differes from got %s'
%
(
' '
.
join
(
ip_list
),
' '
.
join
(
db_ip_list
)))
if
len
(
error_list
):
log
Error
(
'Problem with %s : '
%
(
url
,)
+
', '
.
join
(
error_list
))
return
append
Error
(
'Problem with %s : '
%
(
url
,)
+
', '
.
join
(
error_list
))
return
error_list
,
info_list
if
len
(
ip_list
)
>
0
:
self
.
logger
.
info
(
'%s: %s replied correctly with status code %s on ip list %s'
,
key
,
url
,
status_code
,
' '
.
join
(
ip_list
))
return
[],
[
'%s: %s replied correctly with status code %s on ip list %s'
%
(
key
,
url
,
status_code
,
' '
.
join
(
ip_list
))]
else
:
self
.
logger
.
info
(
'%s: %s replied correctly with status code %s'
,
key
,
url
,
status_code
)
return
[],
[
'%s: %s replied correctly with status code %s'
%
(
key
,
url
,
status_code
)]
def
sense
(
self
):
"""
...
...
@@ -134,7 +196,14 @@ class RunPromise(GenericPromise):
if
report
==
'bot_status'
:
return
self
.
senseBotStatus
()
elif
report
==
'http_query'
:
return
self
.
senseHttpQuery
()
error_list
,
info_list
=
self
.
senseHttpQuery
()
error_ssl_list
,
info_ssl_list
=
self
.
senseSslCertificate
()
error_list
+=
error_ssl_list
info_list
+=
info_ssl_list
if
len
(
error_list
)
>
0
:
self
.
logger
.
error
(
' '
.
join
(
error_list
+
info_list
))
elif
len
(
info_list
)
>
0
:
self
.
logger
.
info
(
' '
.
join
(
info_list
))
else
:
self
.
logger
.
error
(
"Report %r is not supported"
,
report
)
return
...
...
slapos/test/promise/plugin/test_check_surykatka_json.py
View file @
1ee763ab
...
...
@@ -214,7 +214,8 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'json-file'
:
self
.
json_file
,
'url'
:
'https://www.erp5.com/'
,
'status-code'
:
'302'
,
'ip-list'
:
'127.0.0.1 127.0.0.2'
'ip-list'
:
'127.0.0.1 127.0.0.2'
,
'test-utcnow'
:
'Fri, 27 Dec 2019 15:11:12 -0000'
}
)
self
.
writeSurykatkaJson
(
"""{
...
...
@@ -237,6 +238,20 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
"status_code": 200,
"url": "https://www.erp5.org/"
}
],
"ssl_certificate": [
{
"date": "Fri, 27 Dec 2019 14:43:26 -0000",
"hostname": "www.erp5.com",
"ip": "127.0.0.1",
"not_after": "Mon, 13 Jul 2020 12:00:00 -0000"
},
{
"date": "Fri, 27 Dec 2019 14:43:26 -0000",
"hostname": "www.erp5.com",
"ip": "127.0.0.2",
"not_after": "Mon, 13 Jul 2020 12:00:00 -0000"
}
]
}
"""
)
...
...
@@ -245,7 +260,10 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
self
.
assertPassedMessage
(
self
.
getPromiseResult
(
self
.
promise_name
),
"http_query: https://www.erp5.com/ replied correctly with "
"status code 302 on ip list 127.0.0.1 127.0.0.2"
"status code 302 on ip list 127.0.0.1 127.0.0.2 ssl_certificate: "
"Certificate for https://www.erp5.com/ will expire on Mon, 13 Jul "
"2020 12:00:00 -0000, which is more than 15 days, UTC now is "
"2019-12-27 15:11:12"
)
def
test_no_ip_list
(
self
):
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment