o * bZ@sbddlZddlmZddlmZddlmZddlmZddl m Z m Z m Z Gddde e Z dS) N) HTTPResponse)Any)request)URLError)PluginIndependentPlugin PluginOptc@seZdZdZdZdZeddddgZdZd Z d Z d Z d d Z ddZ defddZededefddZddZededefddZdS)GCPzGoogle Cloud Platformgcp)Zvirtkeep-piiFzyStop the plugin from removing PIIs like project name or organization ID from the metadata retrieved from Metadata server.)defaultZdescz3http://metadata.google.internal/computeMetadata/v1/zBhttp://metadata.google.internal/computeMetadata/v1/?recursive=truez[--REDACTED--]zDDMI: Google Google Compute Engine/Google Compute Engine, BIOS GooglecCs(|d}|ddkr dS|j|dvS)z Checks if this plugin should be executed at all. In this case, it will check the `dmesg` command output to see if the system is running on a Google Cloud Compute instance. dmesgstatusrFoutput)Zexec_cmd GOOGLE_DMI)selfr r8/usr/lib/python3/dist-packages/sos/report/plugins/gcp.py check_enabled(s  zGCP.check_enabledc Cs|jddgdz||_||jtj|jdddddgdWntyA}z|jt|dddgdWYd }~nd }~ww|j d dgd d S) z Collect the following info: * Metadata from the Metadata server * `gcloud auth list` output * Any google services output from journal zgcloud auth listr )tags)indentz metadata.jsonT)Zplug_dirrNzgoogle*)Zunitsr) Zadd_cmd_output get_metadatametadatascrub_metadataZadd_string_as_filejsondumps RuntimeErrorstrZ add_journal)rerrrrrsetup3s    z GCP.setupreturncCs"||j}|}t|S)zq Retrieves metadata from the Metadata Server and transforms it into a dictionary object. )_query_addressMETADATA_QUERYreaddecoderloads)rresponseZ response_bodyrrrrLs   zGCP.get_metadataurlc Csvztj|ddid}t|}Wnty$}ztdt|d}~ww|jdkr9td|jd||S) zf Query the given url address with headers required by Google Metadata Server. zMetadata-FlavorZGoogle)Zheadersz,Failed to communicate with Metadata Server: Nz2Failed to communicate with Metadata Server (code: z): ) rZRequestZurlopenrrrcoder$r%)r(Zreqr'rrrrr"Us$   zGCP._query_addresscsdrdSjddjddtdtdtffdd j_jdd d jdd d dS) a" Remove all PII information from metadata, unless a keep-pii option is specified. Note: PII information collected by this plugin, like project number, account names etc. might be required by Google Cloud Support for faster issue resolution. r NZprojectZ projectIdZnumericProjectIddatar!cst|trd|vrj|d<fdd|DSt|tr'fdd|DSt|tr8|jjSt|trF|krDjS|S|S)Ntokencsi|] \}}||qSrr).0kvscrubrr }sz5GCP.scrub_metadata..scrub..csg|]}|qSrr)r-valuer0rr sz5GCP.scrub_metadata..scrub..) isinstancedictREDACTEDitemslistrreplaceint)r+Z project_idZproject_numberZproject_number_intr1rrrr1ws       z!GCP.scrub_metadata..scrubZ attributeszssh-keysZsshKeys)Z get_optionrrrsafe_redact_key)rrr<rrgs  zGCP.scrub_metadatadict_objkeycCs||vr |j||<dSdS)N)r7)clsr>r?rrrr=szGCP.safe_redact_keyN)__name__ __module__ __qualname__Z short_descZ plugin_nameZprofilesrZ option_listZ METADATA_ROOTr#r7rrr r6r staticmethodrrr"r classmethodr=rrrrr s(  'r )rZ http.clientrtypingrZurllibrZ urllib.errorrZsos.report.pluginsrrrr rrrrs