a i@sVddlZddlmZddlmZddlmZddlmZm Z m Z Gdddee Z dS)N)Any)request)URLError)PluginIndependentPlugin PluginOptc@seZdZdZdZdZeddddgZdZd Z d Z d Z d d Z ddZ ddZedddZeedddZddZeeedddZd S)GCPzGoogle Cloud Platformgcp)Zvirtkeep-piiFzyStop the plugin from removing PIIs like project name or organization ID from the metadata retrieved from Metadata server.)defaultZdescz(/sys/devices/virtual/dmi/id/product_namezBhttp://metadata.google.internal/computeMetadata/v1/?recursive=truez[--REDACTED--]NcCsZz@t|jdd}d|vWdWS1s40YWntyTYdS0dS)zo Checks if this plugin should be executed based on the presence of GCE entry in sysfs. zutf-8)encodingzGoogle Compute EngineNF)open PRODUCT_PATHreadOSError)selfZsys_filer:/usr/lib/python3.9/site-packages/sos/report/plugins/gcp.py check_enabled$s 0 zGCP.check_enabledcCs$|jddgd|jddgddS)z Collect the following info: * `gcloud auth list` output * Any google services output from journal zgcloud auth listr tagszgoogle*)ZunitsrN)Zadd_cmd_outputZ add_journalrrrrsetup/sz GCP.setupc Cs|jddgdp}z,||_||tj|jddWn2typ}z|t|WYd}~n d}~00Wdn1s0YdS)Nz metadata.jsonr r)indent) Zcollection_file get_metadatametadatascrub_metadatawritejsondumps RuntimeErrorstr)rZmfileerrrrrcollect<s z GCP.collect)returncCs||j}t|S)zq Retrieves metadata from the Metadata Server and transforms it into a dictionary object. )_query_addressMETADATA_QUERYrloads)rZ response_bodyrrrrFs zGCP.get_metadata)urlr%c Cszvtj|ddid}t|F}|jdkrHtd|jd||WdWS1sj0YWn6ty}ztdt||WYd}~n d}~00dS) zf Query the given url address with headers required by Google Metadata Server. zMetadata-FlavorZGoogle)Zheadersz2Failed to communicate with Metadata Server (code: z): Nz,Failed to communicate with Metadata Server: ) rZRequestZurlopencoder!rdecoderr")rr)ZreqZresponser#rrrr&Ns$   0 zGCP._query_addresscsdrdSjddjddtttdfdd j_jdd d jdd d dS) a" Remove all PII information from metadata, unless a keep-pii option is specified. Note: PII information collected by this plugin, like project number, account names etc. might be required by Google Cloud Support for faster issue resolution. r NZprojectZ projectIdZnumericProjectId)datar%cst|tr2d|vrj|d<fdd|DSt|trNfdd|DSt|trp|jjSt|tr|krjS|S|S)Ntokencsi|]\}}||qSrr).0kvscrubrr wz5GCP.scrub_metadata..scrub..csg|] }|qSrr)r/valuer2rr yr5z5GCP.scrub_metadata..scrub..) isinstancedictREDACTEDitemslistr"replaceint)r-Z project_idZproject_numberZproject_number_intr3rrrr3qs     z!GCP.scrub_metadata..scrubZ attributeszssh-keysZsshKeys)Z get_optionrr"rsafe_redact_keyrrr?rras  zGCP.scrub_metadata)dict_objkeycCs||vr|j||<dS)z Redact keys N)r:)clsrArBrrrr@szGCP.safe_redact_key)__name__ __module__ __qualname__Z short_descZ plugin_nameZprofilesrZ option_listrr'r:rrrr$r9rr"r&r classmethodr@rrrrrs&   'r) rtypingrZurllibrZ urllib.errorrZsos.report.pluginsrrrrrrrrs