From 1143f5b53efe4d53bd0c159685cafb16ed8bf703 Mon Sep 17 00:00:00 2001 From: Rodolfo Olivieri Date: Mon, 31 Jul 2023 16:28:07 -0300 Subject: [PATCH 1/3] Update to make the yaml-file more generic The yaml-file was renamed to example.yml and the contents of it was also changed to be as generic as possible. Signed-off-by: Rodolfo Olivieri --- Makefile | 2 +- development/nginx/data/{yaml-file => example.yml} | 7 +------ development/python/mqtt_publish.py | 5 ++--- src/main.go | 1 - 4 files changed, 4 insertions(+), 11 deletions(-) rename development/nginx/data/{yaml-file => example.yml} (59%) diff --git a/Makefile b/Makefile index 9480918..51aedf4 100644 --- a/Makefile +++ b/Makefile @@ -81,4 +81,4 @@ publish: development: @podman-compose -f development/podman-compose.yml down - podman-compose -f development/podman-compose.yml up + podman-compose -f development/podman-compose.yml up -d diff --git a/development/nginx/data/yaml-file b/development/nginx/data/example.yml similarity index 59% rename from development/nginx/data/yaml-file rename to development/nginx/data/example.yml index 959dd52..6138f9d 100644 --- a/development/nginx/data/yaml-file +++ b/development/nginx/data/example.yml @@ -5,12 +5,7 @@ vars: _insights_signature_exclude: "/vars/insights_signature,/vars/content_vars" content: | #!/bin/sh - data='{"alert": false, "summary": "convert2rhel did not detect issues", "report": "", "report_json": {"foo": "bar"}}' - /usr/bin/convert2rhel --help - /usr/bin/convert2rhel --version - echo "BEGIN MARKER" - echo "$data" - echo "END MARKER" + echo "Hello, world!" content_vars: # variables that will be handed to the script as environment vars # will be prefixed with RHC_WORKER_* diff --git a/development/python/mqtt_publish.py b/development/python/mqtt_publish.py index e6724bf..78a3098 100644 --- a/development/python/mqtt_publish.py +++ b/development/python/mqtt_publish.py @@ -5,7 +5,6 @@ import paho.mqtt.client as mqtt def get_ip_address(): - host_ip = "" s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) s.connect(("8.8.8.8", 80)) host_ip = s.getsockname()[0] @@ -13,13 +12,13 @@ def get_ip_address(): return host_ip # This is changed everytime you refresh the box and register the machine again. -CLIENT_ID = "973afbce-19b4-4862-9d7a-6e9d8c410674" +CLIENT_ID = "26468815-8407-4058-bcc8-6bcb4eae51c1" BROKER = '127.0.0.1' BROKER_PORT = 1883 TOPIC = f"yggdrasil/{CLIENT_ID}/data/in" # NOTE: currently can be whatever you placed inside devleopment/nginx/data folder -SERVED_FILENAME = "yaml-file" +SERVED_FILENAME = "example.yml" MESSAGE = { "type": "data", diff --git a/src/main.go b/src/main.go index 89b9daf..6556087 100644 --- a/src/main.go +++ b/src/main.go @@ -73,7 +73,6 @@ func main() { } log.Infoln("Listening to messages...", yggdDispatchSocketAddr) - // Register as a Worker service with gRPC and start accepting connections. s := grpc.NewServer() pb.RegisterWorkerServer(s, &jobServer{}) From 2c5c8fd84b678e3f6dd66f4a3729f771853e9b2c Mon Sep 17 00:00:00 2001 From: Rodolfo Olivieri Date: Wed, 2 Aug 2023 14:07:02 -0300 Subject: [PATCH 2/3] Update README.md with more information Signed-off-by: Rodolfo Olivieri --- README.md | 62 +++++++++++++++++++++++++++++++++++-------------------- 1 file changed, 40 insertions(+), 22 deletions(-) diff --git a/README.md b/README.md index 40c504e..395cbcb 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,9 @@ managed by Red Hat Insights. - [General workflow of the worker](#general-workflow-of-the-worker) - [Getting started with local development](#getting-started-with-local-development) - [Publish first message](#publish-first-message) - - [Bash script example](#bash-script-example) + - [Worker playbooks](#worker-playbooks) + - [Custom playbook](#custom-playbook) + - [Convert2RHEL Playbook](#convert2rhel-playbook) - [FAQ](#faq) - [Are there special environment variables used by `rhc-worker-bash`?](#are-there-special-environment-variables-used-by-rhc-worker-bash) - [Can I change behavior of `rhc-worker-bash`?](#can-i-change-behavior-of-rhc-worker-bash) @@ -23,10 +25,11 @@ managed by Red Hat Insights. Everything starts when message is sent to rhcd. Worker then: 1. Picks up the message from rhcd -2. Downloads the bash script as temporary file (see [Bash script example](#bash-script-example)) -3. Executes the script -4. Reads stdout of the script -5. Sends the stdout wrapped in JSON back to rhcd +2. Downloads the worker playbook as temporary file (see [Worker playbooks](#worker-playbooks)) +3. Verify the integrity of the playbook with `insights-client` +4. Executes the script +5. Reads stdout of the script +6. Sends the stdout wrapped in JSON back to rhcd Then rhcd sends the message to upload service (with data from worker) in order to show the results in Insights UI - our setup for local development simulates the upload with minio storage. @@ -37,12 +40,18 @@ Almost everything that is needed for local development is placed in `development Overview of what is needed: - Script to be executed and data host serving our script - - Example is present inside the folder `development/nginx` - - **Set it up yourself** - see [Bash script example](#bash-script-example) below + - Example is present inside the folder `development/nginx/data` + - **Set it up yourself** - see [Worker playbooks](#worker-playbooks) below - System connected via rhc with running rhcd == the system on which the script will be executed - **Set it up yourself** - for vagrant box see commands below ```bash +# Get a new centos-7 box +vagrant init eurolinux-vagrant/centos-7 + +# Install insights-client and rhc +... + # Connect via rhc vagrant ssh -- -t 'rhc connect --server=$(RHSM_SERVER_URL) --username=$(RHSM_USERNAME) --password=$(RHSM_PASSWORD)' # Run rhcd @@ -72,25 +81,34 @@ vagrant ssh -- -t 'rhcd --log-level trace \ 4. You should see logs in rhcd and file with stdout of your script uploaded to the minio storage - Go to and use credentials from `.env` file -### Bash script example +### Worker playbooks + +There is an [example playbook]( +https://github.com/oamg/rhc-worker-bash/blob/main/development/nginx/data/example.yaml) +available under `development/nginx/data`, with a minimal bash script to use +during the worker execution. + +If there's a need to test any other playbook provided in this repository, one +must change what playbook will be used during the message consumption in the +[mqtt_publish.py](https://github.com/oamg/rhc-worker-bash/blob/main/development/python/mqtt_publish.py#L22) +file with the name that corresponds the ones present in `development/nginx/data`. Currently, the ones available are: + +1. [example.yaml](https://github.com/oamg/rhc-worker-bash/blob/main/development/nginx/data/example.yaml) +2. [convert2rhel.yaml](https://github.com/oamg/rhc-worker-bash/blob/main/development/nginx/data/convert2rhel.yaml) + +#### Custom playbook Create or update a yaml file inside the folder `development/nginx/data/*`. Correct structure with exampe bash script can be seen below: -```yml -vars: - _insights_signature: | - ascii_armored gpg signature - _insights_signature_exclude: "/vars/insights_signature,/vars/content_vars" - content: | - #!/bin/sh - /usr/bin/convert2rhel --help - content_vars: - # variables that will be handed to the script as environment vars - # will be prefixed with RHC_WORKER_* - FOO: bar - BAR: foo -``` +#### Convert2RHEL Playbook + +A specialized [Convert2RHEL](https://github.com/oamg/convert2rhel) playbook can be found under the `development/nginx/data` as well. The playbook will take of the following functions: + +1. Setup Convert2RHEL (Download certificates, repositories and etc...) +2. Set a couple of environment variables for the Convert2RHEl execution (Based on the `content_vars` defined in the playbook) +3. Run convert2rhel with default commands +4. A function to run any post-execution commands needed by the conversion (Currently empty.) ## FAQ From 7029a313f6863a37705066c282f3b83d6359589f Mon Sep 17 00:00:00 2001 From: Rodolfo Olivieri Date: Thu, 3 Aug 2023 09:13:32 -0300 Subject: [PATCH 3/3] Add convert2rhel example playbook Signed-off-by: Rodolfo Olivieri --- development/nginx/data/convert2rhel.yml | 46 +++++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 development/nginx/data/convert2rhel.yml diff --git a/development/nginx/data/convert2rhel.yml b/development/nginx/data/convert2rhel.yml new file mode 100644 index 0000000..97eaa8d --- /dev/null +++ b/development/nginx/data/convert2rhel.yml @@ -0,0 +1,46 @@ +vars: + # Signature to validate that no one tampered with script + insights_signature: | + ascii_armored gpg signature + insights_signature_exclude: "/vars/insights_signature,/vars/content_vars" + content: | + #!/bin/bash + set -euo pipefail + + setup_convert2rhel() { + curl -o /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release https://www.redhat.com/security/data/fd431d51.txt + curl --create-dirs -o /etc/rhsm/ca/redhat-uep.pem https://ftp.redhat.com/redhat/convert2rhel/redhat-uep.pem + curl -o /etc/yum.repos.d/convert2rhel.repo https://ftp.redhat.com/redhat/convert2rhel/7/convert2rhel.repo + + yum install convert2rhel -y && yum update convert2rhel -y + } + + run_convert2rhel() { + set CONVERT2RHEL_EXPERIMENTAL_ANALYSIS="${RHC_WORKER_CONVERT2RHEL_EXPERIMENTAL_ANALYSIS}" + set CONVERT2RHEL_DISABLE_TELEMETRY="${RHC_WORKER_CONVERT2RHEL_DISABLE_TELEMETRY}" + + /usr/bin/convert2rhel --debug -y + } + + finish() { + echo "Done!" + } + + main() { + setup_convert2rhel + run_convert2rhel + } + + # Trap the exit and error exit codes and execute the `cleanup` function. + # Intended to be executed regardless of what happens at the end of the script + # execution, rather than placing it as a normal function call, this will be + # executed regardless if it errors out or finish successfully. + # More at: http://redsymbol.net/articles/bash-exit-traps/ + trap finish EXIT ERR + + main + content_vars: + # variables that will be handed to the script as environment vars + # will be prefixed with RHC_WORKER_* + CONVERT2RHEL_EXPERIMENTAL_ANALYSIS: 1 + CONVERT2RHEL_DISABLE_TELEMETRY: 1