missing-maintainer-keys


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159

#!/usr/bin/env python

"""
This script checks, if for each maintainer (defined in the hostinfo data)
a public ssh key is available in the bcfg2 repository.
"""

import os
import sys
import yaml
import argparse
import logging
import nagiosplugin

class MissingMaintainerKeys(nagiosplugin.Resource):
    def __init__(self, hostinfo, repo):
        self.hostinfo = hostinfo
        self.repo = repo

    @property
    def name(self):
        return "missing_maintainer_keys"

    def _get_all_hosts(self):
        hosts = list()
        hosts_path = os.path.join(self.hostinfo, 'metadata', 'hosts')
        with open(hosts_path) as hosts_file:
            hostlist = yaml.load(hosts_file)
            hosts = hostlist['hosts']
        return hosts

    def _get_all_maintainers(self, hosts):
        maintainers = set()
        for host in hosts:
            data = dict()
            with open(os.path.join(self.hostinfo, host)) as host_file:
                data = yaml.load(host_file)

            if 'maintainers' in data and data['maintainers'] is not None:
                for maintainer in data['maintainers']:
                    if type(maintainer) is dict:
                        maintainers |= set(maintainer.values())
                    else:
                        maintainers |= set([maintainer])
        return maintainers

    def probe(self):
        hosts = self._get_all_hosts()
        maintainers = self._get_all_maintainers(hosts)
        yield nagiosplugin.Metric('count', maintainers, context='count')

        errors = list()
        for maintainer in maintainers:
            keyfile = os.path.join(self.repo, 'SSHKeys', maintainer + '.pub')
            if not os.path.exists(keyfile):
                errors.append(maintainer)

        yield nagiosplugin.Metric('missing', errors, context='missing')

class MissingMaintainerKeysContext(nagiosplugin.Context):
    def __init__(self, name, result_cls=nagiosplugin.Result):
        super(MissingMaintainerKeysContext, self).__init__(
            name,
            result_cls=result_cls)

    def describe(self, metric):
        if len(metric.value) > 0:
            return ("missing keys: %s" % ', '.join(metric.value))

        return "all keys available"

    def evaluate(self, metric, resource):
        if len(metric.value) > 0:
            return self.result_cls(nagiosplugin.Critical,
                hint=self.describe(metric), metric=metric)

        return self.result_cls(nagiosplugin.Ok,
            hint=self.describe(metric), metric=metric)

    def performance(self, metric, resource):
        return nagiosplugin.Performance(
            label='missing',
            value=len(metric.value),
            crit="1",
            min="0")

class MaintainersContext(nagiosplugin.Context):
    def __init__(self, name, result_cls=nagiosplugin.Result):
        super(MaintainersContext, self).__init__(
            name,
            result_cls=result_cls)

    def describe(self, metric):
        if len(metric.value) < 1:
            return "no maintainer found"
        if len(metric.value) == 1:
            return "1 maintainer found"
        return "%d maintainers found" % len(metric.value)

    def evaluate(self, metric, resource):
        if len(metric.value) < 1:
            return self.result_cls(nagiosplugin.Critical,
                hint=self.describe(metric), metric=metric)

        return self.result_cls(nagiosplugin.Ok,
            hint=self.describe(metric), metric=metric)

    def performance(self, metric, resource):
        return nagiosplugin.Performance(
            label='count',
            value=len(metric.value),
            min="0")

def print_version():
    import version
    self = os.path.basename(sys.argv[0])
    print("%s %s" % (self, version.get_git_version()))
    sys.exit(nagiosplugin.Unknown.code)

@nagiosplugin.guarded
def main():
    basepath = '/usr/local/share/hostinfo'
    repopath = '/var/lib/bcfg2/'
    if 'HOSTINFO_PATH' in os.environ and os.environ['HOSTINFO_PATH'] != '':
        basepath = os.environ['HOSTINFO_PATH']

    parser = argparse.ArgumentParser(
        description=__doc__,
        formatter_class=argparse.ArgumentDefaultsHelpFormatter)
    parser.add_argument("-p", "--path", default=basepath,
                        help="set the path to the hostinfo data")
    parser.add_argument("-r", "--repo", default=repopath,
                        help="set the path to the bcfg2 repo")
    parser.add_argument("-V", "--version", action="store_true",
                        help="only print the version number and exit")
    parser.add_argument("-v", "--verbose", action="count", default=0,
                        help="increase output verbosity (use up to 3 times)")
    parser.add_argument("-t", "--timeout", type=int, default=10,
                        help="abort check execution with a UNKNOWN result "
                             "after so many seconds (use 0 for no timeout)")
    args = parser.parse_args()

    if args.version:
        print_version()

    if not os.path.exists(args.path):
        raise Exception("hostinfo data not found in '%s'" % args.path)

    if not os.path.exists(args.repo):
        raise Exception("bcfg2 repo not found in '%s'" % args.repo)

    check = nagiosplugin.Check(
        MissingMaintainerKeys(args.path, args.repo),
        MaintainersContext('count'),
        MissingMaintainerKeysContext('missing'))
    check.main(verbose=args.verbose, timeout=args.timeout)

if __name__ == '__main__':
    main()