4ceac85048
This commit introduces the new dcagent package. It is comprised of a
periodic process that queries the necessary endpoints to gather the
audit data and an API running on port 8325 (internal) and 8326 (admin).
The api only has one endpoint /v1/dcaudit that accepts only PATCH and
will respond with 'in-sync' or 'out-of-sync' for dcmanager-audit based
on the RegionOne data provided or will return the subcloud data for the
requested endpoints for dcorch-audit.
The agent also supports a key 'use_cache' to be sent in the payload
that will determine if it should use the cache data gathered by the
periodic process or get new information on the fly.
Example of payload using cached data:
{
"base_audit": "",
"firmware_audit": "<regionone-audit-data>",
"kubernetes_audit": "<regionone-audit-data>",
"kube_rootca_audit" : "<regionone-audit-data>",
"software_audit": "<regionone-audit-data>"
}
Example of payload requesting new information:
{
"certificates": "",
"iuser": "",
"fernet_repo": "",
"use_cache": "false"
}
NOTES:
- As patch and load audits will be deprecated in the next major
release, no effort was made to integrate both patch and load audit
to dcagent.
- All tests described below were executed applying [1] as well,
to avoid retesting.
[1]: https://review.opendev.org/c/starlingx/distcloud/+/923351
Test plan:
- PASS: Run dcmanager audit with dcagent. Verify only one call is
made to audit the subcloud and the response include the
correct sync status.
- PASS: Run dcmanager audit without dcagent. Verify the audit
works as expected querying each individual endpoint.
Story: 2011106
Task: 50559
Change-Id: I1820ca9688d5d05f8712f9a42f6012f2ec3e2d8a
Signed-off-by: Victor Romano <victor.gluzromano@windriver.com>
56 lines
1.6 KiB
Python
56 lines
1.6 KiB
Python
#
|
|
# Copyright (c) 2024 Wind River Systems, Inc.
|
|
#
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
#
|
|
|
|
import http.client
|
|
import json
|
|
|
|
from oslo_config import cfg
|
|
from oslo_log import log as logging
|
|
import pecan
|
|
from pecan import expose
|
|
from pecan import request
|
|
|
|
from dcagent.common.audit_manager import RequestedAudit
|
|
from dcagent.common.exceptions import UnsupportedAudit
|
|
from dcagent.common.i18n import _
|
|
|
|
CONF = cfg.CONF
|
|
LOG = logging.getLogger(__name__)
|
|
|
|
|
|
class AuditController(object):
|
|
@expose(generic=True, template="json")
|
|
def index(self):
|
|
# Route the request to specific methods with parameters
|
|
pass
|
|
|
|
@index.when(method="PATCH", template="json")
|
|
def patch(self):
|
|
"""Return the audit information."""
|
|
|
|
# Convert JSON string in request to Python dict
|
|
try:
|
|
payload = json.loads(request.body)
|
|
except ValueError:
|
|
pecan.abort(http.client.BAD_REQUEST, _("Request body decoding error"))
|
|
|
|
if not payload:
|
|
pecan.abort(http.client.BAD_REQUEST, _("Body required"))
|
|
|
|
try:
|
|
# Delete "use_cache" from payload so it doesn't get passed as an audit
|
|
use_cache = payload.pop("use_cache", True)
|
|
requested_audit = RequestedAudit(use_cache=use_cache)
|
|
return requested_audit.get_sync_status(payload)
|
|
|
|
except UnsupportedAudit as ex:
|
|
LOG.exception(ex)
|
|
pecan.abort(http.client.BAD_REQUEST, ex.msg)
|
|
except Exception as ex:
|
|
LOG.exception(ex)
|
|
msg = f"Unable to get audit info: {ex}"
|
|
pecan.abort(http.client.INTERNAL_SERVER_ERROR, _(msg))
|