summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.gitignore10
-rw-r--r--app/api/responders/resource/environment_configs.py4
-rwxr-xr-xapp/discover/events/listeners/default_listener.py1
-rw-r--r--app/install/calipso-installer.py2
-rw-r--r--app/monitoring/setup/monitoring_handler.py4
-rw-r--r--app/test/scan/test_data/configurations.py4
-rw-r--r--app/utils/logging/full_logger.py10
-rw-r--r--app/utils/mongo_access.py8
-rw-r--r--app/utils/ssh_connection.py81
9 files changed, 64 insertions, 60 deletions
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..73e0e74
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,10 @@
+*~
+*.pyc
+*.swp
+.idea/
+.ropeproject/
+mongo*.conf
+mongo_access.log
+.DS_Store
+
+app/test/event_based_scan/config/test_config.py
diff --git a/app/api/responders/resource/environment_configs.py b/app/api/responders/resource/environment_configs.py
index bee6a4d..32e70ad 100644
--- a/app/api/responders/resource/environment_configs.py
+++ b/app/api/responders/resource/environment_configs.py
@@ -55,7 +55,7 @@ class EnvironmentConfigs(ResponderBase):
validate=DataValidate.REGEX,
requirement=[regex.IP, regex.HOSTNAME],
mandatory=True),
- "password": self.require(str, mandatory=True),
+ "pwd": self.require(str, mandatory=True),
"port": self.require(int,
True,
DataValidate.REGEX,
@@ -96,7 +96,7 @@ class EnvironmentConfigs(ResponderBase):
validate=DataValidate.REGEX,
requirement=[regex.IP, regex.HOSTNAME],
mandatory=True),
- "password": self.require(str, mandatory=True),
+ "pwd": self.require(str, mandatory=True),
"port": self.require(int,
True,
validate=DataValidate.REGEX,
diff --git a/app/discover/events/listeners/default_listener.py b/app/discover/events/listeners/default_listener.py
index 9261cf8..8ebc6cb 100755
--- a/app/discover/events/listeners/default_listener.py
+++ b/app/discover/events/listeners/default_listener.py
@@ -74,7 +74,6 @@ class DefaultListener(ListenerBase, ConsumerMixin):
if self.inv.is_feature_supported(self.env_name, EnvironmentFeatures.MONITORING):
self.inv.monitoring_setup_manager = \
MonitoringSetupManager(self.env_name)
- self.inv.monitoring_setup_manager.server_setup()
def get_consumers(self, consumer, channel):
return [consumer(queues=self.event_queues,
diff --git a/app/install/calipso-installer.py b/app/install/calipso-installer.py
index bccddae..c088876 100644
--- a/app/install/calipso-installer.py
+++ b/app/install/calipso-installer.py
@@ -321,7 +321,7 @@ while container not in container_names:
# starting the containers per arguments:
if action == "start":
# building /home/calipso/calipso_mongo_access.conf and /home/calipso/ldap.conf files, per the arguments:
- calipso_mongo_access_text = "server " + args.hostname + "\nuser " + args.dbuser + "\npassword " + \
+ calipso_mongo_access_text = "server " + args.hostname + "\nuser " + args.dbuser + "\npwd " + \
args.dbpassword + "\nauth_db calipso"
ldap_text = "user admin" + "\npassword password" + "\nurl ldap://" + args.hostname + ":389" + \
"\nuser_id_attribute CN" + "\nuser_pass_attribute userpassword" + \
diff --git a/app/monitoring/setup/monitoring_handler.py b/app/monitoring/setup/monitoring_handler.py
index 5b7cae0..f041264 100644
--- a/app/monitoring/setup/monitoring_handler.py
+++ b/app/monitoring/setup/monitoring_handler.py
@@ -211,8 +211,8 @@ class MonitoringHandler(MongoAccess, CliAccess, BinaryConverter):
def get_ssh(self, host, is_container=False, for_sftp=False):
ssh = SshConnection.get_ssh(host, for_sftp)
if not ssh:
- if is_container:
- conf = self.env_monitoring_config
+ conf = self.env_monitoring_config
+ if is_container or host == conf['server_ip']:
host = conf['server_ip']
port = int(conf['ssh_port'])
user = conf['ssh_user']
diff --git a/app/test/scan/test_data/configurations.py b/app/test/scan/test_data/configurations.py
index da68dd1..59ad649 100644
--- a/app/test/scan/test_data/configurations.py
+++ b/app/test/scan/test_data/configurations.py
@@ -15,7 +15,7 @@ CONFIGURATIONS = {
"mock": "True",
"host": "10.56.20.239",
"name": "mysql",
- "password": "102QreDdiD5sKcvNf9qbHrmr",
+ "pwd": "102QreDdiD5sKcvNf9qbHrmr",
"port": 3307.0,
"user": "root",
"schema": "nova"
@@ -40,7 +40,7 @@ CONFIGURATIONS = {
"host": "10.56.20.239",
"port": "5673",
"user": "nova",
- "password": "NF2nSv3SisooxPkCTr8fbfOa"
+ "pwd": "NF2nSv3SisooxPkCTr8fbfOa"
},
{
"config_folder": "/tmp/sensu_config",
diff --git a/app/utils/logging/full_logger.py b/app/utils/logging/full_logger.py
index a88f00e..411eceb 100644
--- a/app/utils/logging/full_logger.py
+++ b/app/utils/logging/full_logger.py
@@ -35,13 +35,9 @@ class FullLogger(Logger):
def set_env(self, env):
super().set_env(env)
- defined_handler = next(
- filter(
- lambda handler: handler.__class__ == MongoLoggingHandler.__class__,
- self.log.handlers
- ), None)
-
+ defined_handler = [h for h in self.log.handlers
+ if isinstance(h, MongoLoggingHandler)]
if defined_handler:
- defined_handler.env = env
+ defined_handler[0].env = env
else:
self.add_handler(MongoLoggingHandler(env, self.level))
diff --git a/app/utils/mongo_access.py b/app/utils/mongo_access.py
index 1425017..6277ace 100644
--- a/app/utils/mongo_access.py
+++ b/app/utils/mongo_access.py
@@ -94,11 +94,13 @@ class MongoAccess(DictNamingConverter):
def prepare_connect_uri(self):
params = self.connect_params
- self.log.debug('connecting to MongoDb server: {}'
+ self.log.debug('connecting to MongoDB server: {}'
.format(params['server']))
uri = 'mongodb://'
- if 'password' in params:
- uri = uri + params['user'] + ':' + params['password'] + '@'
+ if 'pwd' in params:
+ uri = uri + params['user'] + ':' + params['pwd'] + '@'
+ else:
+ self.log.info('MongoDB credentials missing')
uri = uri + params['server']
if 'auth_db' in params:
uri = uri + '/' + params['auth_db']
diff --git a/app/utils/ssh_connection.py b/app/utils/ssh_connection.py
index 0fa197a..b0f202a 100644
--- a/app/utils/ssh_connection.py
+++ b/app/utils/ssh_connection.py
@@ -15,11 +15,7 @@ from utils.binary_converter import BinaryConverter
class SshConnection(BinaryConverter):
- config = None
- ssh = None
connections = {}
- cli_connections = {}
- sftp_connections = {}
max_call_count_per_con = 100
timeout = 15 # timeout for exec in seconds
@@ -31,7 +27,7 @@ class SshConnection(BinaryConverter):
for_sftp: bool = False):
super().__init__()
self.host = _host
- self.ssh = None
+ self.ssh_client = None
self.ftp = None
self.for_sftp = for_sftp
self.key = _key
@@ -44,10 +40,7 @@ class SshConnection(BinaryConverter):
self.call_count_limit = 0 if for_sftp \
else (SshConnection.max_call_count_per_con
if _call_count_limit is None else _call_count_limit)
- if for_sftp:
- self.sftp_connections[_host] = self
- else:
- self.cli_connections[_host] = self
+ self.connections[self.get_connection_key(_host, for_sftp)] = self
def check_definitions(self):
if not self.host:
@@ -62,28 +55,28 @@ class SshConnection(BinaryConverter):
'for CLI access to host {}'.format(self.host))
@staticmethod
- def get_ssh(host, for_sftp=False):
- if for_sftp:
- return SshConnection.cli_connections.get(host)
- return SshConnection.sftp_connections.get(host)
+ def get_ssh(host, _for_sftp=False):
+ return SshConnection.get_connection(host, for_sftp=_for_sftp)
@staticmethod
- def get_connection(host, for_sftp=False):
+ def get_connection_key(host, for_sftp=False):
key = ('sftp-' if for_sftp else '') + host
+ return key
+
+ @staticmethod
+ def get_connection(host, for_sftp=False):
+ key = SshConnection.get_connection_key(host, for_sftp)
return SshConnection.connections.get(key)
def disconnect(self):
- if self.ssh:
- self.ssh.close()
+ if self.ssh_client:
+ self.ssh_client.close()
@staticmethod
def disconnect_all():
- for ssh in SshConnection.cli_connections.values():
- ssh.disconnect()
- SshConnection.cli_connections = {}
- for ssh in SshConnection.sftp_connections.values():
+ for ssh in SshConnection.connections.values():
ssh.disconnect()
- SshConnection.sftp_connections = {}
+ SshConnection.connections = {}
def get_host(self):
return self.host
@@ -96,8 +89,8 @@ class SshConnection(BinaryConverter):
def connect(self, reconnect=False) -> bool:
connection = self.get_connection(self.host, self.for_sftp)
- if connection:
- self.ssh = connection
+ if connection and connection.ssh_client:
+ self.ssh_client = connection.ssh_client
if reconnect:
self.log.info("SshConnection: " +
"****** forcing reconnect: %s ******",
@@ -109,31 +102,34 @@ class SshConnection(BinaryConverter):
else:
return True
connection.close()
- self.ssh = None
- self.ssh = paramiko.SSHClient()
- connection_key = ('sftp-' if self.for_sftp else '') + self.host
- SshConnection.connections[connection_key] = self.ssh
- self.ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
+ self.ssh_client = None
+ self.ssh_client = paramiko.SSHClient()
+ connection_key = SshConnection.get_connection_key(self.host,
+ self.for_sftp)
+ SshConnection.connections[connection_key] = self
+ self.ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
if self.key:
k = paramiko.RSAKey.from_private_key_file(self.key)
- self.ssh.connect(hostname=self.host, username=self.user, pkey=k,
- port=self.port if self.port is not None
- else self.DEFAULT_PORT,
- password=self.pwd, timeout=30)
+ self.ssh_client.connect(hostname=self.host,
+ username=self.user,
+ pkey=k,
+ port=self.port if self.port is not None
+ else self.DEFAULT_PORT,
+ password=self.pwd, timeout=30)
else:
try:
port = self.port if self.port is not None else self.DEFAULT_PORT
- self.ssh.connect(self.host,
- username=self.user,
- password=self.pwd,
- port=port,
- timeout=30)
+ self.ssh_client.connect(self.host,
+ username=self.user,
+ password=self.pwd,
+ port=port,
+ timeout=30)
except paramiko.ssh_exception.AuthenticationException:
self.log.error('Failed SSH connect to host {}, port={}'
.format(self.host, port))
- self.ssh = None
+ self.ssh_client = None
self.call_count = 0
- return self.ssh is not None
+ return self.ssh_client is not None
def exec(self, cmd):
if not self.connect():
@@ -141,7 +137,8 @@ class SshConnection(BinaryConverter):
self.call_count += 1
self.log.debug("call count: %s, running call:\n%s\n",
str(self.call_count), cmd)
- stdin, stdout, stderr = self.ssh.exec_command(cmd, timeout=self.timeout)
+ stdin, stdout, stderr = \
+ self.ssh_client.exec_command(cmd, timeout=self.timeout)
stdin.close()
err = self.binary2str(stderr.read())
if err:
@@ -164,7 +161,7 @@ class SshConnection(BinaryConverter):
if not self.connect():
return
if not self.ftp:
- self.ftp = self.ssh.open_sftp()
+ self.ftp = self.ssh_client.open_sftp()
try:
self.ftp.put(local_path, remote_path)
except IOError as e:
@@ -200,7 +197,7 @@ class SshConnection(BinaryConverter):
if not self.connect():
return
if not self.ftp:
- self.ftp = self.ssh.open_sftp()
+ self.ftp = self.ssh_client.open_sftp()
try:
self.ftp.get(remote_path, local_path)
except IOError as e: