U -_g@sbddlZddlmZddlmZddlmZddlmZddl m Z m Z m Z Gddde e Z dS) N) HTTPResponse)Any)request)URLError)PluginIndependentPlugin PluginOptc@seZdZdZdZdZeddddgZdZd Z d Z d Z d Z d dZ ddZddZedddZeeedddZddZeeedddZd S)GCPzGoogle Cloud Platformgcp)Zvirtkeep-piiFzyStop the plugin from removing PIIs like project name or organization ID from the metadata retrieved from Metadata server.)defaultZdescz3http://metadata.google.internal/computeMetadata/v1/zBhttp://metadata.google.internal/computeMetadata/v1/?recursive=truez[--REDACTED--]NzDDMI: Google Google Compute Engine/Google Compute Engine, BIOS GooglecCs(|d}|ddkrdS|j|dkS)z Checks if this plugin should be executed at all. In this case, it will check the `dmesg` command output to see if the system is running on a Google Cloud Compute instance. dmesgZstatusrFoutput)Zexec_cmd GOOGLE_DMI)selfr r8/usr/lib/python3/dist-packages/sos/report/plugins/gcp.py check_enabled)s  zGCP.check_enabledcCs$|jddgd|jddgddS)z Collect the following info: * Metadata from the Metadata server * `gcloud auth list` output * Any google services output from journal zgcloud auth listr tagszgoogle*)ZunitsrN)Zadd_cmd_outputZ add_journalrrrrsetup4s z GCP.setupc Cs~|jddgdd}z,||_||tj|jddWn0tk rn}z|t|W5d}~XYnXW5QRXdS)Nz metadata.jsonr r)indent) Zcollection_file get_metadatametadatascrub_metadatawritejsondumps RuntimeErrorstr)rZmfileerrrrrcollectBs z GCP.collect)returncCs"||j}|}t|S)zq Retrieves metadata from the Metadata Server and transforms it into a dictionary object. )_query_addressMETADATA_QUERYreaddecoderloads)rresponseZ response_bodyrrrrLs  zGCP.get_metadata)urlr$c Cszbtj|ddid}t|<}|jdkrHtd|jd||W5QRWSQRXWn4tk r}ztdt||W5d}~XYnXdS) zf Query the given url address with headers required by Google Metadata Server. zMetadata-FlavorZGoogle)Zheadersz2Failed to communicate with Metadata Server (code: z): z,Failed to communicate with Metadata Server: N) rZRequestZurlopencoder r'r(rr!)r+Zreqr*r"rrrr%Us      zGCP._query_addresscsdrdSjddjddtttdfdd j_jdd d jdd d dS) a" Remove all PII information from metadata, unless a keep-pii option is specified. Note: PII information collected by this plugin, like project number, account names etc. might be required by Google Cloud Support for faster issue resolution. r NZprojectZ projectIdZnumericProjectId)datar$cst|tr2d|krj|d<fdd|DSt|trNfdd|DSt|trp|jjSt|tr|krjS|S|S)Ntokencsi|]\}}||qSrr).0kvscrubrr sz5GCP.scrub_metadata..scrub..csg|] }|qSrr)r0valuer3rr sz5GCP.scrub_metadata..scrub..) isinstancedictREDACTEDitemslistr!replaceint)r.Z project_idZproject_numberZproject_number_intr4rrrr4ys     z!GCP.scrub_metadata..scrubZ attributeszssh-keysZsshKeys)Z get_optionrr!rsafe_redact_keyrrr?rris  zGCP.scrub_metadata)dict_objkeycCs||kr|j||<dS)z Redact keys N)r:)clsrArBrrrr@szGCP.safe_redact_key)__name__ __module__ __qualname__Z short_descZ plugin_nameZprofilesrZ option_listZ METADATA_ROOTr&r:rrrrr#r9r staticmethodr!rr%r classmethodr@rrrrr s*   'r )rZ http.clientrtypingrZurllibrZ urllib.errorrZsos.report.pluginsrrrr rrrrs