tyler.durden/centreon-plugins
1
0
Fork 0
mirror of https://github.com/centreon/centreon-plugins.git synced 2025-07-27 15:44:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat(passmanager) community-pr handle variable path for hashicorp vault authentication (#5024)

Browse Source 
Refs:CTOR-383
Co-authored-by: Stefan Ludwig <slg2001@gmail.com>
Co-authored-by: Sophie Depassio <sdepassio@centreon.com>
This commit is contained in:
Evan-Adam 2024-06-12 15:26:11 +02:00 committed by GitHub
parent 5dcacf11a0
commit fc601ab39e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
17 changed files with 352 additions and 339 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.github/actions/test-plugins/action.yml vendored
View File

@ -24,5 +24,4 @@ runs:
- name: Install, test and remove plugin - name: Install, test and remove plugin
shell: bash shell: bash
run: | run: python3 .github/scripts/test-all-plugins.py ${{ inputs.package-extension }} ${{ inputs.plugin-list }}
python3 .github/scripts/test-all-plugins.py ${{ inputs.package-extension }} ${{ inputs.plugin-list }}

2
.github/packaging/centreon-plugin.yaml.template vendored
View File

@ -47,6 +47,7 @@ overrides:
perl(Storable), perl(Storable),
perl(POSIX), perl(POSIX),
perl(Encode), perl(Encode),
perl(XML::LibXML),
@RPM_DEPENDENCIES@ @RPM_DEPENDENCIES@
] ]
conflicts: conflicts:
@ -72,6 +73,7 @@ overrides:
libcrypt-argon2-perl, libcrypt-argon2-perl,
libkeepass-reader-perl, libkeepass-reader-perl,
libdatetime-perl, libdatetime-perl,
libxml-libxml-perl,
@DEB_DEPENDENCIES@ @DEB_DEPENDENCIES@
] ]
conflicts: conflicts:

16
.github/scripts/test-all-plugins.py vendored
View File

@ -1,4 +1,5 @@
#!/usr/bin/env python3 #!/usr/bin/env python3
import glob
import subprocess import subprocess
import sys import sys
import os import os
@ -100,6 +101,13 @@ def remove_plugin(plugin, archi):
else: else:
print(f"Unknown architecture, expected deb or rpm, got {archi}. Exiting.") print(f"Unknown architecture, expected deb or rpm, got {archi}. Exiting.")
exit(1) exit(1)
# Remove cache files
tmp_files = glob.glob('/tmp/cache/*')
for file in tmp_files:
try:
os.remove(file)
except Exception as e:
print(f"Erreur while removing file {file} : {str(e)}")
return output_status return output_status
@ -114,6 +122,9 @@ if __name__ == '__main__':
archi = sys.argv.pop(1) # expected either deb or rpm. archi = sys.argv.pop(1) # expected either deb or rpm.
script_name = sys.argv.pop(0) script_name = sys.argv.pop(0)
# Create a directory for cache files
os.mkdir("/tmp/cache")
error_install = 0 error_install = 0
error_tests = 0 error_tests = 0
error_purge = 0 error_purge = 0
@ -125,6 +136,11 @@ if __name__ == '__main__':
for plugin in sys.argv: for plugin in sys.argv:
print("plugin : ", plugin) print("plugin : ", plugin)
folders_list = get_tests_folders(plugin)
if len(folders_list) == 0:
print(f"we don't test {plugin} as it don't have any robots tests.")
continue
nb_plugins += 1 nb_plugins += 1
tmp = install_plugin(plugin, archi) tmp = install_plugin(plugin, archi)
if tmp > 0: if tmp > 0:

1
packaging/centreon-plugin-Cloud-Azure-PolicyInsights-PolicyStates-Api/rpm.json
View File

@ -1,4 +1,5 @@
{ {
"dependencies": [ "dependencies": [
"perl(DateTime)"
] ]
} }

16
src/apps/hashicorp/vault/restapi/custom/api.pm
View File

@ -50,6 +50,7 @@ sub new {
'proto:s' => { name => 'proto' }, 'proto:s' => { name => 'proto' },
'warning-http-status:s' => { name => 'warning_http_status' }, 'warning-http-status:s' => { name => 'warning_http_status' },
'auth-method:s' => { name => 'auth_method', default => 'token' }, 'auth-method:s' => { name => 'auth_method', default => 'token' },
'auth-path:s' => { name => 'auth_path' },
'auth-settings:s%' => { name => 'auth_settings' }, 'auth-settings:s%' => { name => 'auth_settings' },
'unknown-http-status:s' => { name => 'unknown_http_status' }, 'unknown-http-status:s' => { name => 'unknown_http_status' },
'vault-token:s' => { name => 'vault_token'} 'vault-token:s' => { name => 'vault_token'}
@ -80,6 +81,10 @@ sub check_options {
$self->{output}->option_exit(); $self->{output}->option_exit();
}; };
if (defined($options{option_results}->{auth_path})) {
$self->{auth_path} = lc($options{option_results}->{auth_path});
};
$self->{hostname} = (defined($self->{option_results}->{hostname})) ? $self->{option_results}->{hostname} : ''; $self->{hostname} = (defined($self->{option_results}->{hostname})) ? $self->{option_results}->{hostname} : '';
$self->{port} = (defined($self->{option_results}->{port})) ? $self->{option_results}->{port} : 8200; $self->{port} = (defined($self->{option_results}->{port})) ? $self->{option_results}->{port} : 8200;
$self->{proto} = (defined($self->{option_results}->{proto})) ? $self->{option_results}->{proto} : 'http'; $self->{proto} = (defined($self->{option_results}->{proto})) ? $self->{option_results}->{proto} : 'http';
@ -151,7 +156,10 @@ sub get_access_token {
my $decoded; my $decoded;
my $login = $self->parse_auth_method(method => $self->{auth_method}, settings => $self->{auth_settings}); my $login = $self->parse_auth_method(method => $self->{auth_method}, settings => $self->{auth_settings});
my $post_json = JSON::XS->new->utf8->encode($login); my $post_json = JSON::XS->new->utf8->encode($login);
my $url_path = '/' . $self->{api_version} . '/auth/'. $self->{auth_method} . '/login/'; if (!defined($self->{auth_path}) || $self->{auth_path} eq '') {
$self->{auth_path} = $self->{auth_method};
}
my $url_path = '/' . $self->{api_version} . '/auth/'. $self->{auth_path} . '/login/';
$url_path .= $self->{auth_settings}->{username} if (defined($self->{auth_settings}->{username}) && $self->{auth_method} =~ 'userpass|login') ; $url_path .= $self->{auth_settings}->{username} if (defined($self->{auth_settings}->{username}) && $self->{auth_method} =~ 'userpass|login') ;
my $content = $self->{http}->request( my $content = $self->{http}->request(
@ -284,6 +292,12 @@ Specify the Vault authentication specific settings.
Syntax: --auth-settings='<setting>=<value>'.Example for the 'userpass' method: Syntax: --auth-settings='<setting>=<value>'.Example for the 'userpass' method:
--auth-method='userpass' --auth-settings='username=my_account' --auth-settings='password=my_password' --auth-method='userpass' --auth-settings='username=my_account' --auth-settings='password=my_password'
=item B<--auth-path>
Authentication path for 'userpass'. Is an optional setting.
More information here: https://developer.hashicorp.com/vault/docs/auth/userpass#configuration
=item B<--timeout> =item B<--timeout>
Set timeout in seconds (default: 10). Set timeout in seconds (default: 10).

16
src/centreon/plugins/passwordmgr/hashicorpvault.pm
View File

@ -45,6 +45,7 @@ sub new {
$options{options}->add_options(arguments => { $options{options}->add_options(arguments => {
'auth-method:s' => { name => 'auth_method', default => 'token' }, 'auth-method:s' => { name => 'auth_method', default => 'token' },
'auth-path:s' => { name => 'auth_path' },
'auth-settings:s%' => { name => 'auth_settings' }, 'auth-settings:s%' => { name => 'auth_settings' },
'map-option:s@' => { name => 'map_option' }, 'map-option:s@' => { name => 'map_option' },
'secret-path:s@' => { name => 'secret_path' }, 'secret-path:s@' => { name => 'secret_path' },
@ -66,7 +67,10 @@ sub get_access_token {
my $decoded; my $decoded;
my $login = $self->parse_auth_method(method => $self->{auth_method}, settings => $self->{auth_settings}); my $login = $self->parse_auth_method(method => $self->{auth_method}, settings => $self->{auth_settings});
my $post_json = JSON::XS->new->utf8->encode($login); my $post_json = JSON::XS->new->utf8->encode($login);
my $url_path = '/v1/auth/'. $self->{auth_method} . '/login/'; if (!defined($self->{auth_path}) || $self->{auth_path} eq '') {
$self->{auth_path} = $self->{auth_method};
}
my $url_path = '/v1/auth/'. $self->{auth_path} . '/login/';
$url_path .= $self->{auth_settings}->{username} if (defined($self->{auth_settings}->{username}) && $self->{auth_method} =~ 'userpass|login') ; $url_path .= $self->{auth_settings}->{username} if (defined($self->{auth_settings}->{username}) && $self->{auth_method} =~ 'userpass|login') ;
my $content = $self->{http}->request( my $content = $self->{http}->request(
@ -145,6 +149,10 @@ sub settings {
$self->{output}->option_exit(); $self->{output}->option_exit();
} }
if (defined($options{option_results}->{auth_path})) {
$self->{auth_path} = lc($options{option_results}->{auth_path});
}
$self->{auth_method} = lc($options{option_results}->{auth_method}); $self->{auth_method} = lc($options{option_results}->{auth_method});
$self->{auth_settings} = defined($options{option_results}->{auth_settings}) && $options{option_results}->{auth_settings} ne '' ? $options{option_results}->{auth_settings} : {}; $self->{auth_settings} = defined($options{option_results}->{auth_settings}) && $options{option_results}->{auth_settings} ne '' ? $options{option_results}->{auth_settings} : {};
$self->{vault_address} = $options{option_results}->{vault_address}; $self->{vault_address} = $options{option_results}->{vault_address};
@ -277,6 +285,12 @@ Can be: 'http', 'https' (default: http).
Authentication method to log in against the Vault server. Authentication method to log in against the Vault server.
Can be: 'azure', 'cert', 'github', 'ldap', 'okta', 'radius', 'userpass' (default: 'token'); Can be: 'azure', 'cert', 'github', 'ldap', 'okta', 'radius', 'userpass' (default: 'token');
=item B<--auth-path>
Authentication path for 'userpass'. Is an optional setting.
More information here: https://developer.hashicorp.com/vault/docs/auth/userpass#configuration
=item B<--vault-token> =item B<--vault-token>
Directly specify a valid token to log in (only for --auth-method='token'). Directly specify a valid token to log in (only for --auth-method='token').

2
tests/resources/resources.resource
View File

@ -18,6 +18,6 @@ Start Mockoon
... ${MOCKOON_JSON} ... ${MOCKOON_JSON}
... --port ... --port
... 3000 ... 3000
Sleep 5s Sleep 10s
Stop Mockoon Stop Mockoon
Terminate All Processes Terminate All Processes

8
tests/resources/spellcheck/stopwords.t
View File

@ -1,5 +1,6 @@
--add-sysdesc --add-sysdesc
--api-password --api-password
--api-version
--critical-bytesallocatedpercentage --critical-bytesallocatedpercentage
--display-transform-dst --display-transform-dst
--display-transform-src --display-transform-src
@ -26,6 +27,8 @@ eth
fanspeed fanspeed
Fortigate Fortigate
Fortinet Fortinet
HashiCorp
hashicorpvault
ifAlias ifAlias
ifDesc ifDesc
ifName ifName
@ -35,12 +38,14 @@ in-ucast
interface-dsl-name interface-dsl-name
IpAddr IpAddr
Iwsva Iwsva
ldap
license-instances-usage-prct license-instances-usage-prct
Loggly Loggly
MBean MBean
NagVis NagVis
Netscaler Netscaler
OID OID
okta
oneaccess-sys-mib oneaccess-sys-mib
out-bcast out-bcast
out-mcast out-mcast
@ -62,6 +67,9 @@ total-oper-down
total-oper-up total-oper-up
TendMicro TendMicro
uptime uptime
userpass
VDSL2 VDSL2
Veeam Veeam
v1
v2
WSMAN WSMAN

47
tests/robot/apps/protocols/snmp/hashicorp-password-manager.robot Normal file
View File

@ -0,0 +1,47 @@
*** Settings ***
Resource ${CURDIR}${/}..${/}..${/}..${/}..${/}resources/import.resource
Suite Setup Start Mockoon ${MOCKOON_JSON}
Suite Teardown Stop Mockoon
Test Timeout 120s
*** Variables ***
${MOCKOON_JSON} ${CURDIR}${/}vault-authentication-hashicorp.json
${CMD} ${CENTREON_PLUGINS} --plugin apps::protocols::snmp::plugin --hostname=127.0.0.1
*** Test Cases ***
check hashicorp vault manager${Name}
[Documentation] Check hashicorp vaultmanager
[Tags] snmp vault
${cmd_hashicorp} Catenate
... ${CMD}
... --pass-manager=hashicorpvault
... --vault-address=127.0.0.1
... --vault-port=3000
... --vault-protocol=http
... --auth-method=userpass
... --auth-settings="username=hcvaultuser"
... --secret-path="path/of/the/secret"
... --snmp-port=2024
... --map-option="snmp_community=\\%{value_path/of/the/secret}"
... --mode=string-value
... --snmp-version=2c
... --snmp-community=apps/protocols/snmp/snmp-single-oid
... --oid='.1.3.6.1.2.1.1.1.0' ${path-param}
... --format-ok='current value is: \\%{details_ok}'
... --format-details-warning='current value is: \\%{details_warning}'
... --format-details-critical='current value is: \\%{details_critical}'
${output} Run
... ${cmd_hashicorp}
${output} Strip String ${output}
Should Be Equal As Strings
... ${output}
... ${result}
... ${cmd_hashicorp}\n\n Wrong output result for hashicorp auth manager on snmp generic plugin, output got :\n${output} \nExpected : \n ${result}\n
Examples: Name path-param result --
... default path --auth-path='' --auth-settings="password=secrethashicorpPassword" OK: current value is: Linux centreon-devbox 5.10.0-28-amd64 #1 SMP Debian 5.10.209-2 (2024-01-31) x86_64
... wrong path --auth-path='specific-url' --auth-settings="password=secrethashicorpPassword" OK: current value is: Linux centreon-devbox 5.10.0-28-amd64 #1 SMP Debian 5.10.209-2 (2024-01-31) x86_64
... wrong password --auth-path='' --auth-settings="password=WrongPassword" UNKNOWN: 401 Unauthorized

1
tests/robot/apps/protocols/snmp/snmp-single-oid.snmpwalk Normal file
View File

@ -0,0 +1 @@
.1.3.6.1.2.1.1.1.0 = STRING: "Linux centreon-devbox 5.10.0-28-amd64 #1 SMP Debian 5.10.209-2 (2024-01-31) x86_64"

238
tests/robot/apps/protocols/snmp/vault-authentication-hashicorp.json Normal file
View File

@ -0,0 +1,238 @@
{
"uuid": "98b9aab1-da6e-46a5-a2c2-5c001be49806",
"lastMigration": 27,
"name": "Apps hashicorp vault",
"endpointPrefix": "",
"latency": 0,
"port": 3000,
"hostname": "",
"folders": [],
"routes": [
{
"uuid": "6b8dd80b-3ea0-48c0-8e9d-609d618e980e",
"type": "http",
"documentation": "",
"method": "post",
"endpoint": "v1/auth/userpass/login/hcvaultuser",
"responses": [
{
"uuid": "edc924ee-c73b-44e9-8402-d3d75a514083",
"body": "{\r\n \"request_id\":\r\n \"9a423954-2109-1e23-b0e4-f694d557031f\", \"lease_id\":\r\n \"\", \"renewable\":\r\n false, \"lease_duration\":\r\n 0, \"data\":\r\n null, \"wrap_info\":\r\n null, \"warnings\":\r\n [ \"Endpoint replaced the value of these parameters with the values captured from the endpoint's path: [username]\" ], \"auth\":\r\n {\r\n \"client_token\":\r\n \"hvs.CAESIHR511IiIwmAXLTrXQnLJ0Pq-NHQYgfiv4m1ZYVQHVt_Gh4KHGh2cy5HRTZidHZ0b0s3NzE5UG41cE10aUtrQjg\", \"accessor\":\r\n \"fYX782sU7MPQH2Xhf8q0BfSP\", \"policies\":\r\n [ \"default\", \"inf-icinga.ro\" ], \"token_policies\":\r\n [ \"default\", \"inf-icinga.ro\" ], \"metadata\":\r\n {\r\n \"username\":\r\n \"hcvaultuser\"\r\n }, \"lease_duration\":\r\n 604800, \"renewable\":\r\n true, \"entity_id\":\r\n \"cc0f1543-6838-46d1-c97e-d61a5899fc9b\", \"token_type\":\r\n \"service\", \"orphan\":\r\n true, \"mfa_requirement\":\r\n null, \"num_uses\":\r\n 0\r\n }\r\n}",
"latency": 0,
"statusCode": 200,
"label": "if password ok",
"headers": [],
"bodyType": "INLINE",
"filePath": "",
"databucketID": "",
"sendFileAsBody": false,
"rules": [
{
"target": "body",
"modifier": "password",
"value": "secrethashicorpPassword",
"invert": false,
"operator": "equals"
},
{
"target": "body",
"modifier": "username",
"value": "hcvaultuser",
"invert": false,
"operator": "equals"
}
],
"rulesOperator": "AND",
"disableTemplating": false,
"fallbackTo404": false,
"default": false
},
{
"uuid": "fc4cc190-618b-480d-ae22-296248292297",
"body": "{\r\n \"errors\": [\r\n \"wrong user/password\"\r\n ]\r\n}",
"latency": 0,
"statusCode": 401,
"label": "error",
"headers": [],
"bodyType": "INLINE",
"filePath": "",
"databucketID": "",
"sendFileAsBody": false,
"rules": [],
"rulesOperator": "OR",
"disableTemplating": false,
"fallbackTo404": false,
"default": true
}
],
"enabled": true,
"responseMode": null
},
{
"uuid": "8fdb70c1-a874-40eb-8b9f-542dca268992",
"type": "http",
"documentation": "",
"method": "get",
"endpoint": "v1/path/of/the/secret",
"responses": [
{
"uuid": "2dec61d5-f84d-4223-b993-a91d127e0e71",
"body": "{\r\n \"request_id\":\"76aa492b-acc0-52dc-1f2c-3e2f959a5dfd\",\r\n \"lease_id\":\"\",\r\n \"renewable\":false,\r\n \"lease_duration\":0,\r\n \"data\":{\r\n \"data\":{\r\n \"monitor\":\"apps/protocols/snmp/snmp-single-oid\"\r\n },\r\n \"metadata\":{\r\n \"created_time\":\"2023-11-17T13:46:39.240097987Z\",\r\n \"custom_metadata\":null,\r\n \"deletion_time\":\"\",\r\n \"destroyed\":false,\r\n \"version\":1\r\n }\r\n },\r\n \"wrap_info\":null,\r\n \"warnings\":null,\r\n \"auth\":null\r\n}",
"latency": 0,
"statusCode": 200,
"label": "",
"headers": [],
"bodyType": "INLINE",
"filePath": "",
"databucketID": "",
"sendFileAsBody": false,
"rules": [],
"rulesOperator": "OR",
"disableTemplating": false,
"fallbackTo404": false,
"default": true
}
],
"enabled": true,
"responseMode": null
},
{
"uuid": "8ef8c935-ff40-4817-8211-52cc1d0c64b4",
"type": "http",
"documentation": "",
"method": "get",
"endpoint": "v1/otherPath",
"responses": [
{
"uuid": "894d68aa-3f3b-463c-a1dd-cf9dd3565d7c",
"body": "{}",
"latency": 0,
"statusCode": 200,
"label": "",
"headers": [],
"bodyType": "INLINE",
"filePath": "",
"databucketID": "",
"sendFileAsBody": false,
"rules": [],
"rulesOperator": "OR",
"disableTemplating": false,
"fallbackTo404": false,
"default": true
}
],
"enabled": true,
"responseMode": null
},
{
"uuid": "2686745a-9783-4b64-9376-068c159aa725",
"type": "http",
"documentation": "",
"method": "post",
"endpoint": "v1/auth/specific-url/login/hcvaultuser",
"responses": [
{
"uuid": "400e5fea-c3f3-4abc-bc24-73afa75111c6",
"body": "{\r\n \"request_id\":\r\n \"9a423954-2109-1e23-b0e4-f694d557031f\", \"lease_id\":\r\n \"\", \"renewable\":\r\n false, \"lease_duration\":\r\n 0, \"data\":\r\n null, \"wrap_info\":\r\n null, \"warnings\":\r\n [ \"Endpoint replaced the value of these parameters with the values captured from the endpoint's path: [username]\" ], \"auth\":\r\n {\r\n \"client_token\":\r\n \"hvs.CAESIHR511IiIwmAXLTrXQnLJ0Pq-NHQYgfiv4m1ZYVQHVt_Gh4KHGh2cy5HRTZidHZ0b0s3NzE5UG41cE10aUtrQjg\", \"accessor\":\r\n \"fYX782sU7MPQH2Xhf8q0BfSP\", \"policies\":\r\n [ \"default\", \"inf-icinga.ro\" ], \"token_policies\":\r\n [ \"default\", \"inf-icinga.ro\" ], \"metadata\":\r\n {\r\n \"username\":\r\n \"hcvaultuser\"\r\n }, \"lease_duration\":\r\n 604800, \"renewable\":\r\n true, \"entity_id\":\r\n \"cc0f1543-6838-46d1-c97e-d61a5899fc9b\", \"token_type\":\r\n \"service\", \"orphan\":\r\n true, \"mfa_requirement\":\r\n null, \"num_uses\":\r\n 0\r\n }\r\n}",
"latency": 0,
"statusCode": 200,
"label": "if password ok",
"headers": [],
"bodyType": "INLINE",
"filePath": "",
"databucketID": "",
"sendFileAsBody": false,
"rules": [
{
"target": "body",
"modifier": "password",
"value": "secrethashicorpPassword",
"invert": false,
"operator": "equals"
},
{
"target": "body",
"modifier": "username",
"value": "hcvaultuser",
"invert": false,
"operator": "equals"
}
],
"rulesOperator": "AND",
"disableTemplating": false,
"fallbackTo404": false,
"default": false
},
{
"uuid": "21593d10-e496-4a39-ac84-0ef9e0de6bbf",
"body": "{\r\n \"errors\": [\r\n \"wrong user/password\"\r\n ]\r\n}",
"latency": 0,
"statusCode": 401,
"label": "error",
"headers": [],
"bodyType": "INLINE",
"filePath": "",
"databucketID": "",
"sendFileAsBody": false,
"rules": [],
"rulesOperator": "OR",
"disableTemplating": false,
"fallbackTo404": false,
"default": true
}
],
"enabled": true,
"responseMode": null
}
],
"rootChildren": [
{
"type": "route",
"uuid": "6b8dd80b-3ea0-48c0-8e9d-609d618e980e"
},
{
"type": "route",
"uuid": "8fdb70c1-a874-40eb-8b9f-542dca268992"
},
{
"type": "route",
"uuid": "8ef8c935-ff40-4817-8211-52cc1d0c64b4"
},
{
"type": "route",
"uuid": "2686745a-9783-4b64-9376-068c159aa725"
}
],
"proxyMode": false,
"proxyHost": "",
"proxyRemovePrefix": false,
"tlsOptions": {
"enabled": false,
"type": "CERT",
"pfxPath": "",
"certPath": "",
"keyPath": "",
"caPath": "",
"passphrase": ""
},
"cors": true,
"headers": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"proxyReqHeaders": [
{
"key": "",
"value": ""
}
],
"proxyResHeaders": [
{
"key": "",
"value": ""
}
],
"data": []
}

133
tests/robot/cloud/aws/cloudtrail/cloud-aws-cloudtrail.json
View File

@ -1,133 +0,0 @@
{
"uuid": "e59ad81e-2050-480d-bbae-0e71c607c927",
"lastMigration": 32,
"name": "Aws cloudtrail",
"endpointPrefix": "",
"latency": 0,
"port": 3000,
"hostname": "",
"folders": [],
"routes": [
{
"uuid": "b5e25f3a-a8e3-4128-9e45-f2654c5a599d",
"type": "http",
"documentation": "",
"method": "post",
"endpoint": "cloudtrail/gettrailstatus/:islogging",
"responses": [
{
"uuid": "76483999-2022-4610-8e8c-9c0bd535e4c5",
"body": "{\r\n \"IsLogging\": {{ urlParam 'islogging' 'true' }},\r\n \"LatestCloudWatchLogsDeliveryError\": \"error\",\r\n \"LatestCloudWatchLogsDeliveryTime\": 1683298944.125,\r\n \"LatestDeliveryAttemptSucceeded\": \"2023-05-05T15:02:24Z\",\r\n \"LatestDeliveryAttemptTime\": \"2023-05-05T15:02:24Z\",\r\n \"LatestDeliveryError\": \"error\",\r\n \"LatestDeliveryTime\": 1683298944.125,\r\n \"LatestDigestDeliveryError\": \"error\",\r\n \"LatestDigestDeliveryTime\": 1683298944.125,\r\n \"LatestNotificationAttemptSucceeded\": \"2023-05-05T15:02:24Z\",\r\n \"LatestNotificationAttemptTime\": \"2023-05-05T15:02:24Z\",\r\n \"LatestNotificationError\": \"error\",\r\n \"LatestNotificationTime\": 1683298944.125,\r\n \"StartLoggingTime\": 1683298944.125,\r\n \"StopLoggingTime\": 1683298477.918,\r\n \"TimeLoggingStarted\": \"2023-05-05T15:02:24Z\",\r\n \"TimeLoggingStopped\": \"2023-05-05T14:54:37Z\"\r\n}",
"latency": 0,
"statusCode": 200,
"label": "",
"headers": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"bodyType": "INLINE",
"filePath": "",
"databucketID": "",
"sendFileAsBody": false,
"rules": [],
"rulesOperator": "OR",
"disableTemplating": false,
"fallbackTo404": false,
"default": true,
"crudKey": "id",
"callbacks": []
}
],
"responseMode": null
},
{
"uuid": "77f82f1c-b06e-478a-8366-ab325830f00e",
"type": "http",
"documentation": "",
"method": "post",
"endpoint": "cloudtrail/events/AwsApiCall/:AwsApiCall/AwsServiceEvent/:AwsServiceEvent/AwsConsoleAction/:AwsConsoleAction/AwsConsoleSignIn/:AwsConsoleSignIn/NextToken/:NextToken",
"responses": [
{
"uuid": "7dd41177-8d63-458a-abcc-b3af3ea8c9cd",
"body": "{\r\n\t\"Events\": [\r\n\t\t{{#each (dataRaw 'EventsData')}}\r\n\t\t {{#if (gt @index 0)}}\r\n\t\t ,\r\n\t\t {{/if}}\r\n \t\t{\r\n \t\t\t\"AccessKeyId\": \"{{AccessKeyId}}\",\r\n \t\t\t\"CloudTrailEvent\": \"{\\\"awsRegion\\\": \\\"eu-west-1\\\", {{#if Error}}\\\"errorCode\\\": \\\"{{ErrorCode}}\\\", \\\"errorMessage\\\": \\\"{{ErrorMessage}}\\\",{{/if}} \\\"eventCategory\\\": \\\"Management\\\", \\\"eventID\\\": \\\"{{EventId}}\\\", \\\"eventName\\\": \\\"{{EventName}}\\\", \\\"eventSource\\\": \\\"{{EventSource}}\\\", \\\"eventTime\\\": \\\"{{EventTime}}\\\", \\\"eventType\\\": \\\"{{EventType}}\\\", \\\"eventVersion\\\": \\\"1.08\\\", \\\"managementEvent\\\": true, \\\"readOnly\\\": true, \\\"recipientAccountId\\\": \\\"{{AccountId}}\\\", \\\"requestID\\\": \\\"{{ faker 'string.uuid' }}\\\", \\\"requestParameters\\\": null, \\\"responseElements\\\": null, \\\"sourceIPAddress\\\": \\\"{{ faker 'internet.ip' }}\\\", \\\"tlsDetails\\\": {\\\"cipherSuite\\\": \\\"ECDHE-RSA-AES128-GCM-SHA256\\\", \\\"clientProvidedHostHeader\\\": \\\"cloudtrail.eu-west-1.amazonaws.com\\\", \\\"tlsVersion\\\": \\\"TLSv1.2\\\"}, \\\"userAgent\\\": \\\"aws-cli/2.11.0 Python/3.11.2 Darwin/22.2.0 source/x86_64 prompt/off command/cloudtrail.lookup-events\\\", \\\"userIdentity\\\": {\\\"accessKeyId\\\": \\\"{{AccessKeyId}}\\\", \\\"accountId\\\": \\\"{{AccountId}}\\\", \\\"arn\\\": \\\"arn:aws:sts::{{AccountId}}:assumed-role/{{UserRole}}/{{UserName}}\\\", \\\"principalId\\\": \\\"{{PrincipalId}}:{{UserName}}\\\", \\\"sessionContext\\\": {\\\"attributes\\\": {\\\"creationDate\\\": \\\"{{ faker 'date.past' EventTime }}\\\", \\\"mfaAuthenticated\\\": \\\"false\\\"}, \\\"sessionIssuer\\\": {\\\"accountId\\\": \\\"{{AccountId}}\\\", \\\"arn\\\": \\\"arn:aws:iam::{{AccountId}}:role/{{UserRole}}\\\", \\\"principalId\\\": \\\"{{PrincipalId}}\\\", \\\"type\\\": \\\"Role\\\", \\\"userName\\\": \\\"{{UserRole}}\\\"}, \\\"webIdFederationData\\\": {}}, \\\"type\\\": \\\"{{ faker 'person.jobArea' }}\\\"}}\",\r\n \t\t\t\"EventId\": \"{{EventId}}\",\r\n \t\t\t\"EventName\": \"{{EventName}}\",\r\n \t\t\t\"EventSource\": \"{{EventSource}}\",\r\n \t\t\t\"EventTime\": \"{{EventTime}}\",\r\n \t\t\t\"ReadOnly\": \"true\",\r\n \t\t\t\"Resources\": [\r\n \t\t\t],\r\n \t\t\t\"Username\": \"{{UserName}}\"\r\n \t\t}\r\n\t\t{{/each}}\r\n\t]\r\n\t{{#if (gte (indexOf (urlParam 'NextToken') 'true' 0) 0)}}\r\n\t {{#unless (includes (stringify (body)) 'NextToken')}}\r\n\t\t ,\"NextToken\": \"{{ faker 'string.alphanumeric' 64 casing='upper' }}\"\r\n\t\t{{/unless}}\r\n\t{{/if}}\r\n}",
"latency": 0,
"statusCode": 200,
"label": "",
"headers": [],
"bodyType": "INLINE",
"filePath": "",
"databucketID": "c5kh",
"sendFileAsBody": false,
"rules": [],
"rulesOperator": "OR",
"disableTemplating": false,
"fallbackTo404": false,
"default": true,
"crudKey": "id",
"callbacks": []
}
],
"responseMode": null
}
],
"rootChildren": [
{
"type": "route",
"uuid": "b5e25f3a-a8e3-4128-9e45-f2654c5a599d"
},
{
"type": "route",
"uuid": "77f82f1c-b06e-478a-8366-ab325830f00e"
}
],
"proxyMode": false,
"proxyHost": "",
"proxyRemovePrefix": false,
"tlsOptions": {
"enabled": false,
"type": "CERT",
"pfxPath": "",
"certPath": "",
"keyPath": "",
"caPath": "",
"passphrase": ""
},
"cors": true,
"headers": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"proxyReqHeaders": [
{
"key": "",
"value": ""
}
],
"proxyResHeaders": [
{
"key": "",
"value": ""
}
],
"data": [
{
"uuid": "5dce6340-bade-4336-8041-50fd22570055",
"id": "nu28",
"name": "EventsTypeData",
"documentation": "",
"value": "[\n {\n \"name\": \"AwsApiCall\",\n \"error\": false\n },\n {\n \"name\": \"AwsServiceEvent\",\n \"error\": false\n },\n {\n \"name\": \"AwsConsoleAction\",\n \"error\": true,\n \t\"errorCode\": \"ThrottlingException\",\n \t\"errorMessage\": \"Rate exceeded error\"\n },\n {\n \"name\": \"AwsConsoleSignIn\",\n \"error\": true,\n \"errorCode\": \"LoginErrorException\",\n \"errorMessage\": \"Login error\"\n }\n]"
},
{
"uuid": "76dec2a5-ff63-4e81-9611-94b900ab16e1",
"id": "c5kh",
"name": "EventsData",
"documentation": "",
"value": "[\n {{#each (dataRaw 'EventsTypeData')}}\n {{#if (gte @isEvent 1)}}\n ,\n {{/if}}\n {{setVar 'isEvent' (add (urlParam name) @isEvent)}}\n {{#repeat (urlParam name comma=true)}}\n {\n \"AccessKeyId\": \"{{ faker 'string.alphanumeric' 20 casing='upper' }}\",\n \"AccountId\": \"{{ faker 'string.numeric' 12 }}\",\n \"Error\": {{error}},\n {{#if error}}\n \"ErrorCode\": \"{{errorCode}}\",\n\t \"ErrorMessage\": \"{{errorMessage}}\",\n {{/if}}\n \"EventId\": \"{{ faker 'string.uuid' }}\",\n \"EventName\": \"{{oneOf (array 'LookupEvents' 'ListInstanceAssociations' 'AssumeRoleWithWebIdentity')}}\",\n \"EventSource\": \"{{oneOf (array 'cloudtrail.amazonaws.com' 'ssm.amazonaws.com' 'sts.amazonaws.com')}}\",\n \"EventTime\": \"{{ faker 'date.recent' }}\",\n \"EventType\": \"{{name}}\",\n \"PrincipalId\": \"{{ faker 'string.alphanumeric' 20 casing='upper' }}\",\n \"UserName\": \"{{ faker 'internet.userName' }}\",\n \"UserRole\": \"{{ faker 'person.jobType' }}\"\n }\n {{/repeat}}\n {{/each}}\n]"
}
],
"callbacks": []
}

194
tests/robot/cloud/aws/cloudtrail/cloud-aws-cloudtrail.robot
View File

@ -1,194 +0,0 @@
*** Settings ***
Documentation AWS CloudTrail plugin
Resource ${CURDIR}${/}..${/}..${/}..${/}..${/}resources/import.resource
Suite Setup Start Mockoon ${MOCKOON_JSON}
Suite Teardown Stop Mockoon
Test Timeout 120s
*** Variables ***
${MOCKOON_JSON} ${CURDIR}${/}cloud-aws-cloudtrail.json
${CMD} ${CENTREON_PLUGINS} --plugin=cloud::aws::cloudtrail::plugin --custommode=paws --region=eu-west --aws-secret-key=secret --aws-access-key=key
&{checktrailstatus_value1}
... trailstatus=true
... trailname=TrailName
... result=OK: Trail is logging: 1 | 'trail_is_logging'=1;;;0;
&{checktrailstatus_value2}
... trailstatus=false
... trailname=TrailName
... result=CRITICAL: Trail is logging: 0 | 'trail_is_logging'=0;;;0;
@{checktrailstatus_values} &{checktrailstatus_value1} &{checktrailstatus_value2}
&{countevents_value1}
... AwsApiCall=4
... AwsServiceEvent=2
... AwsConsoleAction=1
... AwsConsoleSignIn=3
... NextToken=false
... eventtype=
... delta=
... errormessage=
... warningcount=
... criticalcount=
... result=OK: Number of events: 10.00 | 'events_count'=10.00;;;0;
&{countevents_value2}
... AwsApiCall=4
... AwsServiceEvent=2
... AwsConsoleAction=1
... AwsConsoleSignIn=3
... NextToken=true
... eventtype=
... delta=
... errormessage=
... warningcount=
... criticalcount=
... result=OK: Number of events: 20.00 | 'events_count'=20.00;;;0;
&{countevents_value3}
... AwsApiCall=4
... AwsServiceEvent=2
... AwsConsoleAction=1
... AwsConsoleSignIn=3
... NextToken=false
... eventtype=AwsApiCall
... delta=
... errormessage=
... warningcount=
... criticalcount=
... result=OK: Number of events: 4.00 | 'events_count'=4.00;;;0;
&{countevents_value4}
... AwsApiCall=4
... AwsServiceEvent=2
... AwsConsoleAction=1
... AwsConsoleSignIn=3
... NextToken=true
... eventtype=AwsServiceEvent
... delta=
... errormessage=
... warningcount=
... criticalcount=
... result=OK: Number of events: 4.00 | 'events_count'=4.00;;;0;
&{countevents_value5}
... AwsApiCall=4
... AwsServiceEvent=2
... AwsConsoleAction=1
... AwsConsoleSignIn=3
... NextToken=false
... eventtype=AwsApiCall
... delta=10
... errormessage=
... warningcount=
... criticalcount=
... result=OK: Number of events: 4.00 | 'events_count'=4.00;;;0;
&{countevents_value6}
... AwsApiCall=4
... AwsServiceEvent=2
... AwsConsoleAction=1
... AwsConsoleSignIn=3
... NextToken=false
... eventtype=
... delta=
... errormessage='Login error'
... warningcount=
... criticalcount=
... result=OK: Number of events: 3.00 | 'events_count'=3.00;;;0;
&{countevents_value7}
... AwsApiCall=4
... AwsServiceEvent=2
... AwsConsoleAction=1
... AwsConsoleSignIn=3
... NextToken=false
... eventtype=
... delta=
... errormessage='.*error'
... warningcount=
... criticalcount=
... result=OK: Number of events: 4.00 | 'events_count'=4.00;;;0;
&{countevents_value8}
... AwsApiCall=4
... AwsServiceEvent=2
... AwsConsoleAction=1
... AwsConsoleSignIn=3
... NextToken=false
... eventtype=
... delta=
... errormessage=
... warningcount=3
... criticalcount=
... result=WARNING: Number of events: 10.00 | 'events_count'=10.00;;;0;
&{countevents_value9}
... AwsApiCall=4
... AwsServiceEvent=2
... AwsConsoleAction=1
... AwsConsoleSignIn=3
... NextToken=false
... eventtype=
... delta=
... errormessage=
... warningcount=
... criticalcount=5
... result=CRITICAL: Number of events: 10.00 | 'events_count'=10.00;;;0;
@{countevents_values}
... &{countevents_value1}
... &{countevents_value2}
... &{countevents_value3}
... &{countevents_value4}
... &{countevents_value5}
... &{countevents_value6}
... &{countevents_value7}
... &{countevents_value8}
... &{countevents_value9}
*** Test Cases ***
AWS CloudTrail check trail status
[Documentation] Check AWS CloudTrail trail status
[Tags] cloud aws cloudtrail
FOR ${checktrailstatus_value} IN @{checktrailstatus_values}
${output} Run
... ${CMD} --mode=checktrailstatus --endpoint=http://localhost:3000/cloudtrail/gettrailstatus/${checktrailstatus_value.trailstatus} --trail-name=${checktrailstatus_value.trailname}
${output} Strip String ${output}
Should Be Equal As Strings
... ${output}
... ${checktrailstatus_value.result}
... Wrong output result for check trail status of ${checktrailstatus_value}.{\n}Command output:{\n}${output}
END
AWS CloudTrail count events
[Documentation] Check AWS CloudTrail count events
[Tags] cloud aws cloudtrail
FOR ${countevents_value} IN @{countevents_values}
${command} Catenate
... ${CMD}
... --mode=countevents
... --endpoint=http://localhost:3000/cloudtrail/events/AwsApiCall/${countevents_value.AwsApiCall}/AwsServiceEvent/${countevents_value.AwsServiceEvent}/AwsConsoleAction/${countevents_value.AwsConsoleAction}/AwsConsoleSignIn/${countevents_value.AwsConsoleSignIn}/NextToken/${countevents_value.NextToken}
${length} Get Length ${countevents_value.eventtype}
IF ${length} > 0
${command} Catenate ${command} --event-type=${countevents_value.eventtype}
END
${length} Get Length ${countevents_value.delta}
IF ${length} > 0
${command} Catenate ${command} --delta=${countevents_value.delta}
END
${length} Get Length ${countevents_value.errormessage}
IF ${length} > 0
${command} Catenate ${command} --error-message=${countevents_value.errormessage}
END
${length} Get Length ${countevents_value.warningcount}
IF ${length} > 0
${command} Catenate ${command} --warning-count=${countevents_value.warningcount}
END
${length} Get Length ${countevents_value.criticalcount}
IF ${length} > 0
${command} Catenate ${command} --critical-count=${countevents_value.criticalcount}
END
${output} Run ${command}
${output} Strip String ${output}
Should Be Equal As Strings
... ${output}
... ${countevents_value.result}
... Wrong output result for count events of ${countevents_value}.{\n}Command output:{\n}${output}
END

2
tests/robot/cloud/azure/policyinsights/policystates/cloud-azure-policyinsights-policystates.robot
View File

@ -12,7 +12,7 @@ Test Timeout 120s
${MOCKOON_JSON} ${CURDIR}${/}cloud-azure-policyinsights-policystates.json ${MOCKOON_JSON} ${CURDIR}${/}cloud-azure-policyinsights-policystates.json
${LOGIN_ENDPOINT} http://localhost:3000/login ${LOGIN_ENDPOINT} http://localhost:3000/login
${CMD} ${CENTREON_PLUGINS} --plugin=cloud::azure::policyinsights::policystates::plugin --subscription=subscription --tenant=tenant --client-id=client_id --client-secret=secret --login-endpoint=${LOGIN_ENDPOINT} ${CMD} ${CENTREON_PLUGINS} --plugin=cloud::azure::policyinsights::policystates::plugin --subscription=subscription --tenant=tenant --client-id=client_id --client-secret=secret --statefile-dir=/tmp/cache/ --login-endpoint=${LOGIN_ENDPOINT}
&{compliance_value1} &{compliance_value1}
... endpoint=http://localhost:3000/ok ... endpoint=http://localhost:3000/ok

8
tests/robot/hardware/kvm/avocent/acs/8000/hardware-kvm-avocent-acs-8000.robot
View File

@ -18,14 +18,14 @@ Cpu-Detailed
[Documentation] cpu-detailed mode [Documentation] cpu-detailed mode
[Tags] hardware kvm avocent cpu snmp [Tags] hardware kvm avocent cpu snmp
Remove File /dev/shm/snmpstandard_127.0.0.1_2024_cpu-detailed* Remove File /dev/shm/snmpstandard_127.0.0.1_2024_cpu-detailed*
${output} Run Avocent 8000 Plugin "cpu-detailed" --statefile-dir=/dev/shm/ ${output} Run Avocent 8000 Plugin "cpu-detailed" --statefile-dir=/tmp/cache/
${output} Strip String ${output} ${output} Strip String ${output}
Should Be Equal As Strings Should Be Equal As Strings
... ${output} ... ${output}
... OK: CPU Usage: user : Buffer creation, nice : Buffer creation, system : Buffer creation, idle : Buffer creation, wait : Buffer creation, kernel : Buffer creation, interrupt : Buffer creation, softirq : Buffer creation, steal : Buffer creation, guest : Buffer creation, guestnice : Buffer creation ... OK: CPU Usage: user : Buffer creation, nice : Buffer creation, system : Buffer creation, idle : Buffer creation, wait : Buffer creation, kernel : Buffer creation, interrupt : Buffer creation, softirq : Buffer creation, steal : Buffer creation, guest : Buffer creation, guestnice : Buffer creation
... Wrong output result for command:{\n}${output}{\n}{\n}{\n} ... Wrong output result for command:{\n}${output}{\n}{\n}{\n}
${output} Run Avocent 8000 Plugin "cpu-detailed" --statefile-dir=/dev/shm/ ${output} Run Avocent 8000 Plugin "cpu-detailed" --statefile-dir=/tmp/cache/
${output} Strip String ${output} ${output} Strip String ${output}
Remove File /dev/shm/snmpstandard_127.0.0.1_2024_cpu-detailed* Remove File /dev/shm/snmpstandard_127.0.0.1_2024_cpu-detailed*
Should Be Equal As Strings Should Be Equal As Strings
@ -70,14 +70,14 @@ Serial Ports
[Documentation] serial-ports mode [Documentation] serial-ports mode
[Tags] hardware kvm avocent serial snmp [Tags] hardware kvm avocent serial snmp
Remove File /dev/shm/avocent_acs_8000_127.0.0.1_2024_serial-ports* Remove File /dev/shm/avocent_acs_8000_127.0.0.1_2024_serial-ports*
${output} Run Avocent 8000 Plugin "serial-ports" --statefile-dir=/dev/shm/ ${output} Run Avocent 8000 Plugin "serial-ports" --statefile-dir=/tmp/cache/
${output} Strip String ${output} ${output} Strip String ${output}
Should Be Equal As Strings Should Be Equal As Strings
... ${output} ... ${output}
... OK: All serial ports are ok ... OK: All serial ports are ok
... Wrong output result for command:{\n}${output}{\n}{\n}{\n} ... Wrong output result for command:{\n}${output}{\n}{\n}{\n}
${output} Run Avocent 8000 Plugin "serial-ports" --statefile-dir=/dev/shm/ ${output} Run Avocent 8000 Plugin "serial-ports" --statefile-dir=/tmp/cache/
${output} Strip String ${output} ${output} Strip String ${output}
Remove File /dev/shm/avocent_acs_8000_127.0.0.1_2024_serial-ports* Remove File /dev/shm/avocent_acs_8000_127.0.0.1_2024_serial-ports*
Should Be Equal As Strings Should Be Equal As Strings

2
tests/robot/os/linux/snmp/network-interfaces.robot
View File

@ -13,7 +13,7 @@ ${CMD} ${CENTREON_PLUGINS}
... --hostname=127.0.0.1 ... --hostname=127.0.0.1
... --snmp-port=2024 ... --snmp-port=2024
... --snmp-community=os/linux/snmp/network-interfaces ... --snmp-community=os/linux/snmp/network-interfaces
... --statefile-dir=/tmp/ ... --statefile-dir=/tmp/cache/
${COND} ${PERCENT}\{sub\} =~ /exited/ && ${PERCENT}{display} =~ /network/' ${COND} ${PERCENT}\{sub\} =~ /exited/ && ${PERCENT}{display} =~ /network/'

2
tests/robot/os/linux/snmp/os-linux-snmp.robot
View File

@ -32,7 +32,7 @@ Linux SNMP list diskio devices
... --snmp-version=2 ... --snmp-version=2
... --snmp-port=2024 ... --snmp-port=2024
... --disco-show ... --disco-show
${command} Catenate ${command} --snmp-community=${list_diskio_test.snmpcommunity} ... --snmp-community=${list_diskio_test.snmpcommunity}
${output} Run ${command} ${output} Run ${command}
Log To Console ${command} Log To Console ${command}
${nb_results} Get Element Count ${nb_results} Get Element Count