| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
Adds two test cases for using `--encrypt-pass`; one with just the bare
option and another in conjunction with `--clean` to ensure both can be
used in the same execution.
Resolves: #2566
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Removes the previous OCP cluster profile and replaces it with an updated
one for OCP4 which is entirely separated from the kubernetes profile.
Resolves: #2544
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes an issue where the sos inspection commands were not properly
marked as needing to be run as root (either directly or via sudo) for
containerized hosts, which would lead to incorrect sos command
formatting.
Mark those commands, and the final container removal command, as
explicitly needing root permissions.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
If the master node is determined to not have sos installed, that is not
necessarily a fatal error for scenarios where the 'master' node is only
being used to enumerate node lists and is not actually part of the
cluster. This can happen when a user is using a bastion node to
enumerate and connect to the cluster environment, or if the local host
is being used to enumerate nodes via cluster client tooling.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
| |
Adds a method the `Cluster` that allows a profile to set sos options
specifically for master nodes.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds options that allow a user to specify registry authentication,
either via username/password or an authfile, to allow pulling an image
that exists on a non-public registry.
If a username/password is provided, that will be used. If not, we will
attempt to use an authfile - either provided by the user or by a cluster
profile.
Also adds an option to forcibly pull a new(er) version of the specified
image, to alleviate conditions where a too-old version of the image
already exists on the host.
Closes: #2534
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds tags to numerous plugins for use in conjunction with
Red Hat Insights. Tags are added as generically as possible, however in
cases where that is not feasible or logical, tags are added with the
'insights_' prefix.
Resolves: #2536
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
| |
Adds a new `cmd_as_tag` parameter to `add_cmd_output()` that, if `True`,
will convert the command string to a tag. Default is `False`.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Removes the use of awk in the `rpm` command that generates the
`installed-rpms` output, instead relying on rpm's builtin query tags.
Further removes the `add_rpm_cmd` method and directly calls
`add_cmd_output` with the proper parameters now.
Resolves: #2548
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As the FTP dropbox for Red Hat is being decomissioned and replaced with
an SFTP alternative, update the policy to fallback to the SFTP host and
remove legacy FTP host references.
The default behavior for --upload remains the same, just targeting a
different location. If a username, password, and case number are given,
the first attempt will be to upload to the Red Hat Customer Portal. If
any are missing, or are invalid, then we will fallback to SFTP. During
the fallback if a valid username and password are not provided, sos will
attempt to obtain an anonymous token for the upload before failing out
entirely.
Closes: #2467
Resolves: #2552
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Adds support for uploading via SFTP. This is done via pexpect calling
the system's locally available SFTP binary. If either that binary or
pexpect are unavailable on the local system, we will exit gracefully and
report the issue. This allows sos to keep python3-pexpect as a
recommends rather than a hard dependency.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
With --all-logs, it could potentially collect the kvms that are created
by juju, and hence the sos report size could be significant. This
change will ensure that the kvm images are not collected as part of sos
report.
Closes: #2563
Signed-off-by: Arif Ali <arif.ali@canonical.com>
|
|
|
|
|
|
|
|
|
|
|
| |
A supplement of #1399 fix, now also for adding strings or special
device files.
Also adding a (vendor) test case for it.
Resolves: #2560
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
The file contains important config about internal candlepin broker
routing.
Also, apply scrubbing of two passwords on a single line / in one URI.
Resolves: #2558
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Improves error reporting for failed sos commands by logging stderr (or
stdout if stderr is not populated) to the console, which was previously
being truncated by the builtin error handling of avocado. Printed output
is limited to the last 8k to avoid dumping several MBs at a time for
scenarios such as timeouts where command failure may generate
significant logging prior to failing.
Included with this are 2 minor changes to existing tests. First, remove
verbose output from the expected plugins test to reduce otherwise
irrelevant output for command failures. Second limit the number of
plugins run for the LogLevelTest, both to reduce overall run time for a
test where we aren't testing specific plugins and to improve readability
of failures for such a test.
Resolves: #2556
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Adds a test that checks that the new `priority` parameter is working as
expected for well known and common collections.
Resolves: #2553
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
| |
Assigns new `priority` values to known long running commands, to ensure
those commands run last in their respective plugins' execution.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds a `priority` parameter to `add_cmd_output()` and `add_journal()`,
that can be used to influence the order in which commands are executed
within a plugin. This allows for plugins to specify that long-running
commands should be run last, regardless of where in the plugin those
commands are defined.
As part of accounting for this, minor fixups in the evaluation of run
times for individual commands and how those are reflected in the
report's manifest are included.
Closes: #1585
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Some important logs are written to foreman_[access|error].log in
/var/log/httpd dir. foreman plugin should collect all the logs that
apache plugin skips to prevent duplicit collection.
Resolves: #2554
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Specifying add_copy_spec to a directory means all files from the
directory are collected. That is ridiculous for foremain-installer and
namely foreman-maintain logs, where we should stick to the size limit by
default. Hence collect files from the dir "specifically".
Resolves: #2554
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Both "tc -s filter show dev %eth [|ingress]" commands required as
they provide different output.
Resolves: #2550
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Adds a unittest that ensures conformance for plugin design, e.g.
ensuring that enablement triggers are proper tuples and not
inadvertent strings due to a missing trailing comma for single-tuples.
Resolves: #2549
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
| |
Several plugins did not set a `plugin_name` attribute, instead relying
on a fallback using the class name. Set the `plugin_name` appropriately
in these plugins.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
| |
Rather than relying on a `getattr()` check returning False during a
plugin's initialization, simply set `option_list` to default to an empty
list.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
| |
Adds a `short_desc` attribute to several plugins missing it.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Fixes a number of plugins whose enablement attributes (profiles,
packages, commands, files) were incorrectly formatted and not actual
tuples.
Related: #2549
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Specifying a non-existing plugin to skip is no longer considered a fatal
error. This was previously in place, in part, for third party utilities
calling sos to ensure adherence to known plugins. However, since
`collect` has been integrated into sos natively, this is far less of a
concern.
Specfying non-existing plugins will now only generate a warning message
for plugins wanting to be skipped (`-n`). If non-existing plugins are
specified for enablement via `-e` or `-o`, that will still generate a
fatal error.
Closes: #537
Closes: #1723
Resolves: #2517
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
| |
As netstat command is being deprecated,
we need nstat as an alternative to "netstat -s".
Signed-off-by: Seiichi Ikarashi <s.ikarashi@fujitsu.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Updates the language in the manpage to clarify that in order to enable
additional plugins outside of a profile when a profile is specified,
that users must use `-o` instead of `-e`.
Remove the 'current profiles' list from the manpage as it is outdated
and it is better to refer users to the list reported by the local
installation.
Closes: #504
Resolves: #2543
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Adds a new `--upload-no-ssl-verify` option that controls if we verify the
SSL certificate for an upload target. This will default to `False` to
retain previous default behavior of performing SSL verification.
Closes: #2497
Resolves: #2540
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The python requests module does not provide actual support for
streaming, that is provided by requests-toolchain. The support in
requests is for easy multipart uploads. The internal methods and
variables for https uploads within `Policy` however revolve around
streaming enablement, but don't actually influence the use of streaming
or not. This was due to placeholders during development just being
carried forward rather than corrected before merge.
This was largely forgotten about, until recent reports of upload issues
for user-provided endpoints.
This commit serves to correct the language around the currently
supported https upload functionality. That is, we either use a 'put' or
'post' based on the loaded policy defaults. Further, allow users to
control this setting with a new `--upload-method` option. This will
allow users to specify upload urls that may require the opposite HTTP
method than what the policy defaults dictate.
Related: #2497
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
| |
Moves auto_cancellation to a global setting, instead of environmental.
Related: #2541
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
| |
While providing case id is fully optional, the current phrasing
might be insintepreted it is mandatory.
Resolves: #2542
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
| |
This commit captures the file audit-stop.rules, and
directory plugins.d.
Signed-off-by: Jose Castillo <jcastillo@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Modifies the cirrus configuration to enable auto-cancellation of jobs
for the master branch (it is already enabled for PR branches by
default). This will prevent batch merges from kicking off a test job for
each merge. While it may arise that two or more independent commits that
pass testing on their own branches combine to form an unexpected
failure, this possibility seems remote for sos.
This is a cost saving decision - currently for each commit to master we
are spinning up a minimum of 13 VMs, which can very quickly snowball if
we do multiple merges in a short amount of time (which is historically
how the project does merges).
Second, modify the `gce_instance` fields in the cirrus config to use
pre-defined machine types, as these match our current "custom"
specifications already, and are cheaper to run.
Resolves: #2541
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds an integration test for the upstream Foreman project. After
stageone tests have passed, and if the PR has changes relevant to the
Foreman plugins (or the cirrus config), launch a pre-built GCE image
that has a Foreman deployment on it.
Per request of the Foreman devel team, these tests will be run against
both a CentOS and Debian based Foreman image. Currently, testing is
performed against Foreman 2.4.
Resolves: #2531
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Fixes the definition of `packages` and `profiles` within the plugin to
be tuples.
Resolves: #2537
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
As sos is now python3-only, we can avoid shelling-out to compression
utilities like `xz` or `gzip`, and instead use the method provided by
the built-in `tarfile` module.
Resolves: #2523
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
| |
This patch is to update kernel plugin to collect
page allocation failure info
Resolves: #2504
Signed-off-by: Mamatha Inamdar <mamatha4@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
|
|
| |
This patch is to Introduce snapper plugin to collect
/usr/lib/snapper/ information to check executable
permission for installation-helper command
Resolves: #2504
Signed-off-by: Mamatha Inamdar <mamatha4@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
|
| |
This patch is to update block plugin to collect
state of sda
Resolves: #2504
Signed-off-by: Mamatha Inamdar <mamatha4@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
| |
get_inst_info does not use and isnt called with 'prefix' argument
Resolves: #2535
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
| |
We can ignore .* at the start of a RE.
Resolves: #2527
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Adds a new plugin for z/VM collection, based on collections performed by
the existing s390 dbginfo.sh support script.
Related: #2514
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Adds additional s390-relevant commands from the dbginfo.sh support
script for s390/s390X systems.
Closes: #2228
Resolves: #2514
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The SSH configurations may have an include directive. This
adjustment to the plugin will copy in the main configs and
then read those for any include keywords and attempt to
copy those as well.
Resolves: #2528
Signed-off-by: Kevin C Myers kemyers at redhat dot com
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Candlepin as a tomcat application needs to collect the logs, not
foreman.
Ideally, the tomcat plugin should be responsible for colecting the
logs, but doing so would pollute non-candlepin usage (cf. apache
logs in foreman plugin as well).
Resolves: #2530
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As logs contain diffs of configs, we must apply the same config
scrubbing to the logs as well.
Further, extend logs files to obfuscate to the whole installer dir
to cover also upstream-only filenames.
Resolves: #2532
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes the logs pre_sos_setup() to write to the journal using a stream
rather than writing several MB directly all at once. This fixes an issue
where using the `journal.send()` method from the systemd module would
result in no data being written to the journal during the test setup.
Second, switch over to inspecting the full journal rather than the most
recent boot journal.
Related: #2499
|
|
|
|
|
|
|
|
| |
The `grub2-mkconfig` command will load the `dm_mod` module if it is not
already loaded. As such, add a predicate to skip command execution if
that module is not loaded already.
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
|