Telegraf Charm

Merge ~barryprice/charm-telegraf:master into charm-telegraf:master

  1. Git
  2. lp:~barryprice/charm-telegraf
  3. master
  4. Merge into master
Proposed by Barry Price
Status: Merged
Approved by: Barry Price
Approved revision: e127023015de01c0434d53a936118a75bf2e4d96
Merged at revision: a310706c90982b25be4b20c363cc0c99590637a4
Proposed branch: ~barryprice/charm-telegraf:master
Merge into: charm-telegraf:master
Diff against target: 97 lines (+47/-3)
3 files modified
src/config.yaml (+3/-2)
src/reactive/telegraf.py (+23/-1)
src/tests/unit/test_telegraf.py (+21/-0)
Reviewer Review Type Date Requested Status
Haw Loeung +1 Approve
Barry Price Needs Resubmitting
BootStack Reviewers Pending
Review via email: mp+398433@code.launchpad.net

Commit message

Make our prometheus_ip_range config option a little more resilient

To post a comment you must log in.
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

This merge proposal is being monitored by mergebot. Change the status to Approved to merge.

Revision history for this message
Haw Loeung (hloeung) :
Revision history for this message
Haw Loeung (hloeung) :
Revision history for this message
Haw Loeung (hloeung) :
Revision history for this message
Haw Loeung (hloeung) :
Revision history for this message
Haw Loeung (hloeung) :
Revision history for this message
Barry Price (barryprice) wrote :

Addressed feedback, pushed changes

review: Needs Resubmitting
Revision history for this message
Haw Loeung (hloeung) wrote :

LGTM

review: Approve (+1)
Revision history for this message
Haw Loeung (hloeung) wrote :

LGTM

review: Approve (+1)
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

Change successfully merged at revision a310706c90982b25be4b20c363cc0c99590637a4

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/src/config.yaml b/src/config.yaml
2index ecdc9a7..f2bf6f6 100644
3--- a/src/config.yaml
4+++ b/src/config.yaml
5@@ -210,8 +210,9 @@ options:
6 default: ""
7 type: string
8 description: >
9- If set, the list of IP Ranges which are allowed to access metrics.
10- ex: prometheus_ip_range = "[192.168.0.0/24, 192.168.1.0/30]"
11+ If set, the comma-separated list of IP Ranges which are allowed to access
12+ metrics.
13+ ex: prometheus_ip_range = "192.168.0.0/24,192.168.1.0/30"
14 collect_iptables_metrics:
15 default: false
16 type: boolean
17diff --git a/src/reactive/telegraf.py b/src/reactive/telegraf.py
18index ea2af96..e3fcad3 100644
19--- a/src/reactive/telegraf.py
20+++ b/src/reactive/telegraf.py
21@@ -17,6 +17,7 @@
22 import base64
23 import binascii
24 import io
25+import ipaddress
26 import json
27 import os
28 import re
29@@ -84,6 +85,10 @@ class InvalidInstallMethod(Exception):
30 pass
31
32
33+class InvalidPrometheusIPRange(Exception):
34+ pass
35+
36+
37 def write_telegraf_file(path, content):
38 return host.write_file(
39 path,
40@@ -383,7 +388,24 @@ def get_prometheus_ip_range():
41 config = hookenv.config()
42 if config.get("prometheus_ip_range") == "":
43 return []
44- return config.get("prometheus_ip_range").split(",")
45+ # we should have a list of IPs, confirm that's the case
46+ ips = []
47+ for ip in config.get("prometheus_ip_range").split(","):
48+ # strip any spaces
49+ ip = ip.strip()
50+ try:
51+ ipaddress.ip_network(ip)
52+ except ValueError:
53+ hookenv.log(
54+ "Invalid prometheus_ip_range provided: {}".format(
55+ config.get("prometheus_ip_range")
56+ ),
57+ level=hookenv.ERROR,
58+ )
59+ raise InvalidPrometheusIPRange()
60+ else:
61+ ips.append(ip)
62+ return ips
63
64
65 def get_socket_listener_port():
66diff --git a/src/tests/unit/test_telegraf.py b/src/tests/unit/test_telegraf.py
67index 9771618..56da00f 100644
68--- a/src/tests/unit/test_telegraf.py
69+++ b/src/tests/unit/test_telegraf.py
70@@ -1181,6 +1181,27 @@ def test_prometheus_client_output(mocker, monkeypatch, config):
71 )
72
73
74+def test_get_prometheus_ip_range_with_bad_data(mocker, monkeypatch, config):
75+ # if prometheus_ip_range is populated with an invalid IP, confirm we block
76+ config["prometheus_ip_range"] = "1.2.3.4, 5.6.7.8, banana"
77+ # we expect to raise this specific exception (and the hook to therefore fail)
78+ with pytest.raises(telegraf.InvalidPrometheusIPRange):
79+ telegraf.get_prometheus_ip_range()
80+
81+
82+def test_get_prometheus_ip_range_with_good_data(mocker, monkeypatch, config):
83+ # if prometheus_ip_range is populated with valid IPs, confirm we don't block
84+ status_set = mocker.patch("reactive.telegraf.hookenv.status_set")
85+ config["prometheus_ip_range"] = "192.168.0.0/24, 10.0.0.0/8"
86+
87+ our_range = telegraf.get_prometheus_ip_range()
88+ # confirm we didn't block
89+ assert not status_set.called
90+ # and confirm we got the expected range back
91+ expected_range = ["192.168.0.0/24", "10.0.0.0/8"]
92+ assert our_range == expected_range
93+
94+
95 def test_prometheus_client_output_departed(mocker, monkeypatch, config):
96 configs_dir().join("prometheus_client.conf").write("empty")
97 relations = [1]

Subscribers

People subscribed via source and target branches

to all changes: