-_ghddlZddlmZddlmZddlmZddlmZddl m Z m Z m Z Gdde e Z y) N) HTTPResponse)Any)request)URLError)PluginIndependentPlugin PluginOptceZdZdZdZdZedddgZdZd Z d Z d Z d Z d Z dZdZdefdZededefdZdZededefdZy )GCPzGoogle Cloud Platformgcp)virtkeep-piiFzyStop the plugin from removing PIIs like project name or organization ID from the metadata retrieved from Metadata server.)defaultdescz3http://metadata.google.internal/computeMetadata/v1/zBhttp://metadata.google.internal/computeMetadata/v1/?recursive=truez[--REDACTED--]NzDDMI: Google Google Compute Engine/Google Compute Engine, BIOS GooglecX|jd}|ddk7ry|j|dvS)z Checks if this plugin should be executed at all. In this case, it will check the `dmesg` command output to see if the system is running on a Google Cloud Compute instance. dmesgstatusrFoutput)exec_cmd GOOGLE_DMI)selfrs 8/usr/lib/python3/dist-packages/sos/report/plugins/gcp.py check_enabledzGCP.check_enabled)s4  g& ?a %/11cT|jddg|jddgy)z Collect the following info: * Metadata from the Metadata server * `gcloud auth list` output * Any google services output from journal zgcloud auth listr tagszgoogle*)unitsrN)add_cmd_output add_journal)rs rsetupz GCP.setup4s1 .eW= yw7rcb|jddg5} |j|_|j|j t j |jddddy#t$r$}|j t|Yd}~1d}~wwxYw#1swYyxYw)Nz metadata.jsonr r)indent) collection_file get_metadatametadatascrub_metadatawritejsondumps RuntimeErrorstr)rmfileerrs rcollectz GCP.collectBs  ! !/ ! @ &E & $ 1 1 3 ##% DJJt}}Q?@  & &   & CH%% &  & &s/B%AA55 B">BB%B""B%%B.returnc|j|j}|jj}t j |S)zq Retrieves metadata from the Metadata Server and transforms it into a dictionary object. )_query_addressMETADATA_QUERYreaddecoder*loads)rresponse response_bodys rr&zGCP.get_metadataLs= &&t':':; ..0 zz-((rurlcp tj|ddi}tj|5}|jdk7r8t d|jd|j j z|cdddS#1swYyxYw#t$r}t dt|z|d}~wwxYw) zf Query the given url address with headers required by Google Metadata Server. zMetadata-FlavorGoogle)headersz2Failed to communicate with Metadata Server (code: z): Nz,Failed to communicate with Metadata Server: ) rRequesturlopencoder,r5r6rr-)r:reqr8r/s rr3zGCP._query_addressUs //#0A8/LMC% ==C'&""*--5 ..0122     >SIK  s5.BA B9 BB B B B5B00B5crjdryjddjddtdtdtffd j_j jdd d j jdd d y) a" Remove all PII information from metadata, unless a keep-pii option is specified. Note: PII information collected by this plugin, like project number, account names etc. might be required by Google Cloud Support for faster issue resolution. rNproject projectIdnumericProjectIddatar1ct|trCd|vrj|d<|jDcic]\}}||c}}St|tr|Dcgc] }| c}St|t r6|j jj jSt|tr|k(r jS|S|Scc}}wcc}w)Ntoken) isinstancedictREDACTEDitemslistr-replaceint) rGkvvalue project_idproject_numberproject_number_intscrubrs rrWz!GCP.scrub_metadata..scrubys$%d?%)MMDM7;zz|Dtq!a%(*DD$%267e 77$$||NDMMB#GJ >?$$(,0B(Bt}}LLKE7s C&)C, attributeszssh-keyssshKeys) get_optionr'r-rsafe_redact_key)rrTrUrVrWs`@@@@rr(zGCP.scrub_metadatais ??: & ]]9-k: !]]956HI/0     dmm,  T]]95lC' ) T]]95lC& (rdict_objkeyc,||vr|j||<yy)z Redact keys N)rL)clsr\r]s rr[zGCP.safe_redact_keys (?LLHSM r)__name__ __module__ __qualname__ short_desc plugin_nameprofilesr option_list METADATA_ROOTr4rLr'rrr!r0rKr& staticmethodr-rr3r( classmethodr[rrr r s(JKH *e* +KJM'NHH/J 2 8&)d)CL&%(N)t)#))rr )r* http.clientrtypingrurllibr urllib.errorrsos.report.pluginsrrr r rjrrrps- $!CCC)&#C)r