idhddlZddlmZddlmZddlmZddlmZddl m Z m Z m Z Gdde e Z y) N) HTTPResponse)Any)request)URLError)PluginIndependentPlugin PluginOptceZdZdZdZdZedddgZdZd Z d Z d Z d Z d Z dZdefdZededefdZdZededefdZy)GCPzGoogle Cloud Platformgcp)virtkeep-piiFzyStop the plugin from removing PIIs like project name or organization ID from the metadata retrieved from Metadata server.)defaultdescz3http://metadata.google.internal/computeMetadata/v1/zBhttp://metadata.google.internal/computeMetadata/v1/?recursive=truez[--REDACTED--]zDDMI: Google Google Compute Engine/Google Compute Engine, BIOS GooglecX|jd}|ddk7ry|j|dvS)z Checks if this plugin should be executed at all. In this case, it will check the `dmesg` command output to see if the system is running on a Google Cloud Compute instance. dmesgstatusrFoutput)exec_cmd GOOGLE_DMI)selfrs 8/usr/lib/python3/dist-packages/sos/report/plugins/gcp.py check_enabledzGCP.check_enabled(s4  g& ?a %/11cT|jddg|jddgy)z Collect the following info: * Metadata from the Metadata server * `gcloud auth list` output * Any google services output from journal zgcloud auth listr tagszgoogle*)unitsrN)add_cmd_output add_journal)rs rsetupz GCP.setup3s1 .eW= yw7rcb|jddg5} |j|_|j|j t j |jddddy#t$r$}|j t|Yd}~1d}~wwxYw#1swYyxYw)Nz metadata.jsonr r)indent) collection_file get_metadatametadatascrub_metadatawritejsondumps RuntimeErrorstr)rmfileerrs rcollectz GCP.collectAs  ! !/ ! @ &E & $ 1 1 3 ##% DJJt}}Q?@  & &   & CH%% &  & &s/B%AA55 B">BB%B""B%%B.returnc|j|j}|jj}t j |S)zq Retrieves metadata from the Metadata Server and transforms it into a dictionary object. )_query_addressMETADATA_QUERYreaddecoder*loads)rresponse response_bodys rr&zGCP.get_metadataKs= &&t':':; ..0 zz-((rurlcB tj|ddi}tj|}|j dk7r8t d|j d|jjz|S#t$r}t dt |zd}~wwxYw) zf Query the given url address with headers required by Google Metadata Server. zMetadata-FlavorGoogle)headersz,Failed to communicate with Metadata Server: Nz2Failed to communicate with Metadata Server (code: z): ) rRequesturlopenrr,r-coder5r6)r:reqr8r/s rr3zGCP._query_addressTs  K//#0A8/LMCs+H ==C "---/7}}/E/E/GHI I K>SIK K Ks.A99 BBBcrjdryjddjddtdtdtffd j_j jdd d j jdd d y) a" Remove all PII information from metadata, unless a keep-pii option is specified. Note: PII information collected by this plugin, like project number, account names etc. might be required by Google Cloud Support for faster issue resolution. rNproject projectIdnumericProjectIddatar1ct|trCd|vrj|d<|jDcic]\}}||c}}St|tr|Dcgc] }| c}St|t r6|j jj jSt|tr|k(r jS|S|Scc}}wcc}w)Ntoken) isinstancedictREDACTEDitemslistr-replaceint) rGkvvalue project_idproject_numberproject_number_intscrubrs rrWz!GCP.scrub_metadata..scrubvs$%d?%)MMDM7;zz|Dtq!a%(*DDD$'267e 77D#&||NDMMB#GJ >?D#&(,0B(Bt}}LLKE7s C&)C, attributeszssh-keyssshKeys) get_optionr'r-rsafe_redact_key)rrTrUrVrWs`@@@@rr(zGCP.scrub_metadatafs ??: & ]]9-k: !]]956HI/0     dmm,  T]]95lC' ) T]]95lC& (rdict_objkeyc,||vr|j||<yy)N)rL)clsr\r]s rr[zGCP.safe_redact_keys (?LLHSM rN)__name__ __module__ __qualname__ short_desc plugin_nameprofilesr option_list METADATA_ROOTr4rLrrr!r0rKr& staticmethodr-rr3r( classmethodr[rrr r s(JKH *e* +KJM'NH/J 2 8&)d)CL"%(N)t)#))rr )r* http.clientrtypingrurllibr urllib.errorrsos.report.pluginsrrr r rjrrrps- $!CC)&#)r