Canonical Livepatch Charm

Merge ~barryprice/charm-canonical-livepatch/+git/canonical-livepatch-charm:master into ~livepatch-charmers/charm-canonical-livepatch:master

  1. Git
  2. lp:~barryprice/charm-canonical-livepatch/+git/canonical-livepatch-charm
  3. master
  4. Merge into master
Proposed by Barry Price
Status: Merged
Approved by: Barry Price
Approved revision: d756423732711b3d34d5ac4eb4717652d2466869
Merged at revision: d70cd8dadb3d78b4bc01559dd8cc1f0f788c2ec0
Proposed branch: ~barryprice/charm-canonical-livepatch/+git/canonical-livepatch-charm:master
Merge into: ~livepatch-charmers/charm-canonical-livepatch:master
Diff against target: 155 lines (+44/-21)
4 files modified
Makefile (+2/-2)
dev/null (+0/-0)
files/check_canonical-livepatch.py (+2/-2)
reactive/canonical_livepatch.py (+40/-17)
Reviewer Review Type Date Requested Status
Stuart Bishop (community) Approve
Review via email: mp+355912@code.launchpad.net

Commit message

Write our actual live status for the nagios check, instead of an empty file (which the latest check script would see as an error)

To post a comment you must log in.
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

This merge proposal is being monitored by mergebot. Change the status to Approved to merge.

Revision history for this message
Stuart Bishop (stub) wrote :

Yup. Comments inline, but its a matter of taste.

review: Approve
Revision history for this message
Stuart Bishop (stub) wrote :

Yup. Comments inline.

review: Approve
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

Merge proposal is approved, but source revision has changed, setting status to needs review.

Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

Change successfully merged at revision d70cd8dadb3d78b4bc01559dd8cc1f0f788c2ec0

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/Makefile b/Makefile
index e8168bf..d608afb 100644
--- a/Makefile
+++ b/Makefile
@@ -12,7 +12,7 @@ clean:
12.PHONY: testdeps12.PHONY: testdeps
13testdeps:13testdeps:
14 @sudo apt-get update14 @sudo apt-get update
15 @sudo apt-get install -y make flake8 python3-flake8 python3-pip python-pip snapd15 @sudo apt-get install -y make flake8 python3-flake8 python3-pip python-pip snapd libffi-dev
16 @which juju >/dev/null || (sudo snap install juju --classic)16 @which juju >/dev/null || (sudo snap install juju --classic)
17 @which charm >/dev/null || (sudo snap install charm)17 @which charm >/dev/null || (sudo snap install charm)
18 @which bundletester >/dev/null || (pip2 install bundletester juju-deployer)18 @which bundletester >/dev/null || (pip2 install bundletester juju-deployer)
@@ -20,7 +20,7 @@ testdeps:
2020
21.PHONY: lint21.PHONY: lint
22lint:22lint:
23 @flake8 --max-complexity=16 --max-line-length=120 && echo OK23 @flake8 --max-complexity=16 --max-line-length=120 --exclude=lib/* && echo OK
2424
25.PHONY: charmbuild25.PHONY: charmbuild
26charmbuild:26charmbuild:
diff --git a/files/canonical-livepatch-status.txt b/files/canonical-livepatch-status.txt
27deleted file mode 10064427deleted file mode 100644
index e69de29..0000000
--- a/files/canonical-livepatch-status.txt
+++ /dev/null
diff --git a/files/check_canonical-livepatch.py b/files/check_canonical-livepatch.py
index f578f93..a40936a 100755
--- a/files/check_canonical-livepatch.py
+++ b/files/check_canonical-livepatch.py
@@ -26,7 +26,7 @@ def load_status():
26 with open(livepatch_output_path, 'r') as canonical_livepatch_log:26 with open(livepatch_output_path, 'r') as canonical_livepatch_log:
27 livepatch_status = canonical_livepatch_log.read()27 livepatch_status = canonical_livepatch_log.read()
2828
29 return livepatch_status29 return livepatch_status.strip()
3030
3131
32def check_serious_errors():32def check_serious_errors():
@@ -95,7 +95,7 @@ def check_check_state(check_state):
9595
96def check_patch_state(patch_state):96def check_patch_state(patch_state):
97 """Check for issues with patchState, including unexpected output"""97 """Check for issues with patchState, including unexpected output"""
98 if patch_state in ['applied', 'nothing-to-apply']:98 if patch_state in ['applied', 'applying', 'nothing-to-apply']:
99 pass99 pass
100 elif patch_state == 'unapplied':100 elif patch_state == 'unapplied':
101 return 'Livepatch has not applied the downloaded patches.'101 return 'Livepatch has not applied the downloaded patches.'
diff --git a/reactive/canonical_livepatch.py b/reactive/canonical_livepatch.py
index 03c1903..e8ba806 100644
--- a/reactive/canonical_livepatch.py
+++ b/reactive/canonical_livepatch.py
@@ -5,7 +5,7 @@ from charmhelpers.core.host import write_file, is_container
5from charmhelpers.core import hookenv5from charmhelpers.core import hookenv
6from charmhelpers.contrib.charmsupport import nrpe6from charmhelpers.contrib.charmsupport import nrpe
7from distutils.version import LooseVersion7from distutils.version import LooseVersion
8from os import environ, path, uname8from os import environ, mkdir, path, uname
9from subprocess import check_call, check_output, CalledProcessError9from subprocess import check_call, check_output, CalledProcessError
10from time import sleep10from time import sleep
11from yaml import safe_load11from yaml import safe_load
@@ -53,26 +53,46 @@ def unit_update(status=None, message=None):
53 hookenv.status_set('active', 'Running kernel {}, patchState: {}'.format(*patch_details))53 hookenv.status_set('active', 'Running kernel {}, patchState: {}'.format(*patch_details))
5454
5555
56def get_patch_details():56def get_livepatch_status():
57 kernel = patch_state = 'unknown'
58
59 cmd = ['/snap/bin/canonical-livepatch', 'status']57 cmd = ['/snap/bin/canonical-livepatch', 'status']
58 livepatch_status = ''
60 try:59 try:
61 livepatch_state = check_output(cmd, universal_newlines=True)60 livepatch_status = check_output(cmd, universal_newlines=True)
62 except CalledProcessError as e:61 except CalledProcessError:
63 hookenv.log('Unable to get status: {}'.format(str(e)), hookenv.ERROR)62 # If the service hasn't been enabled yet, we'll get a process error - this is fine
64 return kernel, patch_state63 pass
64 return livepatch_status
65
66
67def write_status_to_disk():
68 # In a race with nrpe, create /var/lib/nagios if nrpe didn't do it yet
69 if not path.exists('/var/lib/nagios'):
70 mkdir('/var/lib/nagios')
71
72 current_status = get_livepatch_status()
73 perms = 0o644
74 write_file(
75 path='/var/lib/nagios/canonical-livepatch-status.txt',
76 content=current_status,
77 owner='root',
78 perms=perms,
79 )
80
81
82def get_patch_details():
83 kernel = 'unknown'
84 raw_status = get_livepatch_status()
6585
66 # status will usually pass YAML (but not always!)86 # status will usually pass YAML (but not always!)
67 try:87 try:
68 status_yaml = safe_load(livepatch_state)88 status = safe_load(raw_status)
69 except Exception:89 except Exception:
70 hookenv.log('Unable to parse status yaml', hookenv.ERROR)90 hookenv.log('Unable to parse status yaml', hookenv.ERROR)
71 return kernel, patch_state91 return kernel, raw_status
7292
73 # even if we got YAML, be paranoid93 # even if we got YAML, be paranoid
74 try:94 try:
75 for k in status_yaml['status']:95 for k in status['status']:
76 if k['running'] is True:96 if k['running'] is True:
77 kernel = k['kernel']97 kernel = k['kernel']
78 patch_state = k['livepatch']['patchState']98 patch_state = k['livepatch']['patchState']
@@ -122,6 +142,11 @@ def activate_livepatch():
122 unit_update()142 unit_update()
123 else:143 else:
124 hookenv.log('Unable to activate canonical-livepatch as no key has been set', hookenv.ERROR)144 hookenv.log('Unable to activate canonical-livepatch as no key has been set', hookenv.ERROR)
145 cmd = ['/snap/bin/canonical-livepatch', 'disable']
146 try:
147 check_output(cmd, universal_newlines=True)
148 except CalledProcessError as e:
149 hookenv.log('Unable to deactivate: {}'.format(str(e)), hookenv.ERROR)
125 clear_flag('canonical-livepatch.active')150 clear_flag('canonical-livepatch.active')
126 unit_update('blocked', 'Service disabled, please set livepatch_key to activate')151 unit_update('blocked', 'Service disabled, please set livepatch_key to activate')
127152
@@ -216,6 +241,7 @@ def init_key():
216def update_key():241def update_key():
217 # handle regular config-changed hooks for the livepatch key242 # handle regular config-changed hooks for the livepatch key
218 activate_livepatch()243 activate_livepatch()
244 write_status_to_disk()
219245
220246
221@when('snap.installed.canonical-livepatch', 'config.changed.snap_channel')247@when('snap.installed.canonical-livepatch', 'config.changed.snap_channel')
@@ -247,12 +273,9 @@ def configure_nagios(nagios):
247 'files/check_canonical-livepatch.py',273 'files/check_canonical-livepatch.py',
248 '/usr/lib/nagios/plugins/check_canonical-livepatch.py',274 '/usr/lib/nagios/plugins/check_canonical-livepatch.py',
249 )275 )
250 # don't overwrite an existing status file276
251 if not path.exists('/var/lib/nagios/canonical-livepatch-status.txt'):277 # write current status to disk to satisfy the nagios check
252 file_to_units(278 write_status_to_disk()
253 'files/canonical-livepatch-status.txt',
254 '/var/lib/nagios/canonical-livepatch-status.txt',
255 )
256279
257 # remove check from previous release with poorly formed name280 # remove check from previous release with poorly formed name
258 nrpe_setup.remove_check(281 nrpe_setup.remove_check(

Subscribers

People subscribed via source and target branches