External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-09 15:02:07 -03:30
Code Issues Packages Projects Releases Wiki Activity
awx/tools/sosreport/controller.py

98 lines
3.6 KiB
Python
Raw Permalink Blame History

# Copyright (c) 2016 Ansible, Inc.
# All Rights Reserved.
try:
from sos.plugins import Plugin, RedHatPlugin
except ImportError:
from sos.report.plugins import Plugin, RedHatPlugin
SOSREPORT_CONTROLLER_COMMANDS = [
"awx-manage --version", # controller version
"awx-manage list_instances", # controller cluster configuration
"awx-manage run_dispatcher --status", # controller dispatch worker status
"awx-manage run_callback_receiver --status", # controller callback worker status
"awx-manage check_license --data", # controller license status
"awx-manage run_wsrelay --status", # controller websocket relay status
"supervisorctl status", # controller process status
"/var/lib/awx/venv/awx/bin/pip freeze", # pip package list
"/var/lib/awx/venv/awx/bin/pip freeze -l", # pip package list without globally-installed packages
"/var/lib/awx/venv/ansible/bin/pip freeze", # pip package list
"/var/lib/awx/venv/ansible/bin/pip freeze -l", # pip package list without globally-installed packages
"tree -d /var/lib/awx", # show me the dirs
"ls -ll /var/lib/awx", # check permissions
"ls -ll /var/lib/awx/venv", # list all venvs
"ls -ll /etc/tower",
"ls -ll /var/run/awx-receptor", # list contents of dirctory where receptor socket should be
"ls -ll /etc/receptor",
"receptorctl --socket /var/run/awx-receptor/receptor.sock status", # Get information about the status of the mesh
"receptorctl --socket /var/run/awx-receptor/receptor.sock work list", # Get list of receptor work units
"umask -p", # check current umask
]
SOSREPORT_CONTROLLER_DIRS = [
"/etc/tower/",
"/etc/receptor/",
"/etc/supervisord.conf",
"/etc/supervisord.d/",
"/etc/nginx/",
"/var/log/tower",
"/var/log/nginx",
"/var/log/supervisor",
"/var/log/redis",
"/etc/opt/rh/rh-redis5/redis.conf",
"/etc/redis.conf",
"/var/opt/rh/rh-redis5/log/redis/redis.log",
"/var/log/dist-upgrade",
"/var/log/installer",
"/var/log/unattended-upgrades",
"/var/log/apport.log",
]
SOSREPORT_FORBIDDEN_PATHS = [
"/etc/tower/SECRET_KEY",
"/etc/tower/tower.key",
"/etc/tower/awx.key",
"/etc/tower/tower.cert",
"/etc/tower/awx.cert",
"/var/log/tower/profile",
"/etc/receptor/tls/ca/*.key",
"/etc/receptor/tls/*.key",
]
class Controller(Plugin, RedHatPlugin):
'''Collect Ansible Automation Platform controller information'''
plugin_name = "controller"
short_desc = "Ansible Automation Platform controller information"
def setup(self):
for path in SOSREPORT_CONTROLLER_DIRS:
self.add_copy_spec(path)
for path in SOSREPORT_FORBIDDEN_PATHS:
self.add_forbidden_path(path)
self.add_cmd_output(SOSREPORT_CONTROLLER_COMMANDS)
def postproc(self):
# remove database password
jreg = r"(\s*\'PASSWORD\'\s*:(\s))(?:\"){1,}(.+)(?:\"){1,}"
repl = r"\1********"
self.do_path_regex_sub("/etc/tower/conf.d/postgres.py", jreg, repl)
# remove email password
jreg = r"(EMAIL_HOST_PASSWORD\s*=)\'(.+)\'"
repl = r"\1********"
self.do_path_regex_sub("/etc/tower/settings.py", jreg, repl)
# remove email password (if customized)
jreg = r"(EMAIL_HOST_PASSWORD\s*=)\'(.+)\'"
repl = r"\1********"
self.do_path_regex_sub("/etc/tower/conf.d/custom.py", jreg, repl)
# remove websocket secret
jreg = r"(BROADCAST_WEBSOCKET_SECRET\s*=\s*)\"(.+)\""
repl = r"\1********"
self.do_path_regex_sub("/etc/tower/conf.d/channels.py", jreg, repl)
Reference in New Issue View Git Blame Copy Permalink