Skip to content

Commit 6ae8d65

Browse files
Merge pull request #93 from Comcast/upgrade_pkgs_secvulns
updating pkg versions initial commit
2 parents 63f9220 + a24e13b commit 6ae8d65

File tree

279 files changed

+3649
-17057
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

279 files changed

+3649
-17057
lines changed

.github/workflows/pr-prechecks.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,8 @@ jobs:
1111
steps:
1212
- name: Checkout
1313
uses: actions/checkout@v4
14+
with:
15+
ref: ${{ github.event.pull_request.merge_commit_sha }}
1416

1517
- name: Setup golang environment
1618
uses: actions/setup-go@v5
@@ -37,6 +39,8 @@ jobs:
3739
steps:
3840
- name: Checkout
3941
uses: actions/checkout@v4
42+
with:
43+
ref: ${{ github.event.pull_request.merge_commit_sha }}
4044

4145
- name: Setup golang environment
4246
uses: actions/setup-go@v5

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -98,6 +98,7 @@ bh_unicode_properties.cache
9898
GitHub.sublime-settings
9999

100100
### VisualStudioCode ###
101+
.dccache
101102
.vscode/*
102103
!.vscode/settings.json
103104
!.vscode/tasks.json

CHANGELOG.md

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@ log is based on the [Keep a CHANGELOG](http://keepachangelog.com/) project.
2121
- Added support for metrics collection from Dell servers [#77](https://github.com/Comcast/fishymetrics/issues/77)
2222
- Added support for firmware metrics collection from all supported servers and iLO versions from a single universal exporter [#83](https://github.com/Comcast/fishymetrics/issues/83)
2323
- Added support for Supermicro models metrics collection [#87](https://github.com/Comcast/fishymetrics/issues/87)
24+
- Added option to skip/unskip TLS verification [#94](https://github.com/Comcast/fishymetrics/issues/94)
2425

2526
## Fixed
2627

@@ -33,7 +34,8 @@ log is based on the [Keep a CHANGELOG](http://keepachangelog.com/) project.
3334
- Chassis ComputerSystems field is handled improperly [#68](https://github.com/Comcast/fishymetrics/issues/68)
3435
- Power and Thermal metrics collection for Dell R7xxXD server models [#77](https://github.com/Comcast/fishymetrics/issues/77)
3536
- Firmware metrics and request headers update for Dell iDRAC9 with FW ver.3.xx and 4.xx [#77](https://github.com/Comcast/fishymetrics/issues/77)
36-
- Power supply status duplicate bay number metrics [#85] (https://github.com/Comcast/fishymetrics/issues/85)
37+
- Power supply status duplicate bay number metrics [#85](https://github.com/Comcast/fishymetrics/issues/85)
38+
- Capturing Model field in finished scrape log message [#94](https://github.com/Comcast/fishymetrics/issues/94)
3739

3840
## Updated
3941

@@ -46,8 +48,10 @@ log is based on the [Keep a CHANGELOG](http://keepachangelog.com/) project.
4648
- get chassis serial number from JSON response instead of url path [#50](https://github.com/Comcast/fishymetrics/issues/50)
4749
- HP DL380 module to include CPU metrics and all HP models to include bayNumber in PSU metrics [#57](https://github.com/Comcast/fishymetrics/issues/57)
4850
- use standard library for http routing instead of gorilla mux package [#47](https://github.com/Comcast/fishymetrics/issues/47)
49-
- Avoid collecting firmware metrics if count of endpoints are 75 or greater [#77] (https://github.com/Comcast/fishymetrics/issues/77)
51+
- Avoid collecting firmware metrics if count of endpoints are 75 or greater [#77](https://github.com/Comcast/fishymetrics/issues/77)
5052
- Support for physical disk, logical drive and storage controller metrics collection from iLO5 fw ver.3.0.x [#91](https://github.com/Comcast/fishymetrics/issues/91)
53+
- Updated vault api, sdk and containerd packages to fix known security issues [#94](https://github.com/Comcast/fishymetrics/issues/94)
54+
- Deprecate module query param in favor of model [#94](https://github.com/Comcast/fishymetrics/issues/94)
5155

5256
## [0.7.1]
5357

Dockerfile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# syntax=docker/dockerfile:1
22

3-
FROM golang:1.22 as build
3+
FROM golang:1.23 AS build
44
COPY . /go/src/github.com/comcast/fishymetrics
55
WORKDIR /go/src/github.com/comcast/fishymetrics
66

@@ -27,7 +27,7 @@ COPY vendor /sources/vendor/
2727
# Build the sources tarball outside of /deps so it has to be copied explicitly
2828
RUN cd /; tar -czf /sources.tgz sources
2929

30-
FROM alpine:latest as certs
30+
FROM alpine:latest AS certs
3131
RUN apk --update --no-cache add ca-certificates
3232

3333
# 'bin' stage, copy in only the binary and dependencies

Makefile

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,7 @@ build:
1313

1414
docker:
1515
docker build \
16+
--platform linux/amd64 \
1617
--build-arg VERSION=${REPO_VERSION} \
1718
--build-arg REPO_REV=${REPO_REV} \
1819
--build-arg DATE=${BUILD_DATE} \

README.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@ Flags:
2121
--password="" BMC static password
2222
--timeout=15s BMC scrape timeout
2323
--scheme="https" BMC Scheme to use
24+
--insecure-skip-verify Skip TLS verification
2425
--log.level=[debug|info|warn|error]
2526
log level verbosity
2627
--log.method=[file|vector]

cmd/fishymetrics/main.go

Lines changed: 11 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -61,6 +61,7 @@ var (
6161
password = a.Flag("password", "BMC static password").Default("").Envar("BMC_PASSWORD").String()
6262
bmcTimeout = a.Flag("timeout", "BMC scrape timeout").Default("15s").Envar("BMC_TIMEOUT").Duration()
6363
bmcScheme = a.Flag("scheme", "BMC Scheme to use").Default("https").Envar("BMC_SCHEME").String()
64+
insecureSkipVerify = a.Flag("insecure-skip-verify", "Skip TLS verification").Default("false").Envar("INSECURE_SKIP_VERIFY").Bool()
6465
logLevel = a.Flag("log.level", "log level verbosity").PlaceHolder("[debug|info|warn|error]").Default("info").Envar("LOG_LEVEL").String()
6566
logMethod = a.Flag("log.method", "alternative method for logging in addition to stdout").PlaceHolder("[file|vector]").Default("").Envar("LOG_METHOD").String()
6667
logFilePath = a.Flag("log.file-path", "directory path where log files are written if log-method is file").Default("/var/log/fishymetrics").Envar("LOG_FILE_PATH").String()
@@ -109,12 +110,7 @@ func handler(ctx context.Context, w http.ResponseWriter, r *http.Request) {
109110
return
110111
}
111112

112-
// TODO: deprecate module query param in favor of model
113-
moduleName := query.Get("module")
114113
model := query.Get("model")
115-
if model == "" {
116-
model = moduleName
117-
}
118114

119115
// optional query param is used to tell us which credential profile to use when retrieving that hosts username and password
120116
credProf := query.Get("credential_profile")
@@ -130,9 +126,7 @@ func handler(ctx context.Context, w http.ResponseWriter, r *http.Request) {
130126
}
131127
}
132128

133-
// TODO: deprecate module log entry
134129
log.Info("started scrape",
135-
zap.String("module", model),
136130
zap.String("model", model),
137131
zap.String("target", target),
138132
zap.String("credential_profile", credProf),
@@ -236,6 +230,16 @@ func main() {
236230
panic(fmt.Errorf("error converting arg --log.file-max-age to int - %s", err.Error()))
237231
}
238232

233+
c := &config.Config{
234+
BMCScheme: *bmcScheme,
235+
BMCTimeout: *bmcTimeout,
236+
SSLVerify: *insecureSkipVerify,
237+
User: *username,
238+
Pass: *password,
239+
}
240+
241+
config.NewConfig(c)
242+
239243
// init logger config
240244
logConfig := logger.LoggerConfig{
241245
LogLevel: *logLevel,
@@ -294,12 +298,6 @@ func main() {
294298
}
295299
}
296300

297-
config.NewConfig(&config.Config{
298-
BMCScheme: *bmcScheme,
299-
User: *username,
300-
Pass: *password,
301-
})
302-
303301
mux := http.NewServeMux()
304302

305303
mux.HandleFunc("GET /info", func(w http.ResponseWriter, r *http.Request) {

cmd/fishymetrics/templates.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -57,7 +57,7 @@ const indexTmpl string = `<html>
5757
</div>
5858
<form action="scrape">
5959
<label>Target:</label> <input type="text" name="target" placeholder="ip or fdqn"><br>
60-
<label>Module:</label> <input type="text" name="module" placeholder="chassis model i.e. dl360"><br>
60+
<label>Model:</label> <input type="text" name="model" placeholder="chassis model i.e. dl360"><br>
6161
<input type="submit" value="Submit">
6262
</form>
6363
</body>

common/ignored.go

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,7 @@ import (
2525
"net/http"
2626
"time"
2727

28+
"github.com/comcast/fishymetrics/config"
2829
"go.uber.org/zap"
2930
)
3031

@@ -39,7 +40,7 @@ type host struct {
3940
type IgnoredDevice struct {
4041
Name string
4142
Endpoint string
42-
Module string
43+
Model string
4344
CredentialProfile string
4445
}
4546

@@ -112,7 +113,7 @@ func TestConn(w http.ResponseWriter, r *http.Request) {
112113
IdleConnTimeout: 90 * time.Second,
113114
ExpectContinueTimeout: 1 * time.Second,
114115
TLSClientConfig: &tls.Config{
115-
InsecureSkipVerify: true,
116+
InsecureSkipVerify: config.GetConfig().SSLVerify,
116117
},
117118
TLSHandshakeTimeout: 10 * time.Second,
118119
}

config/config.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,7 @@ import (
2424
type Config struct {
2525
BMCScheme string
2626
BMCTimeout time.Duration
27+
SSLVerify bool
2728
User string
2829
Pass string
2930
}

exporter/exporter.go

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -141,7 +141,7 @@ func NewExporter(ctx context.Context, target, uri, profile, model string, exclud
141141
IdleConnTimeout: 90 * time.Second,
142142
ExpectContinueTimeout: 1 * time.Second,
143143
TLSClientConfig: &tls.Config{
144-
InsecureSkipVerify: true,
144+
InsecureSkipVerify: config.GetConfig().SSLVerify,
145145
},
146146
TLSHandshakeTimeout: 10 * time.Second,
147147
}
@@ -190,7 +190,7 @@ func NewExporter(ctx context.Context, target, uri, profile, model string, exclud
190190
common.IgnoredDevices[exp.host] = common.IgnoredDevice{
191191
Name: exp.host,
192192
Endpoint: "https://" + exp.host + "/redfish/v1/Chassis/",
193-
Module: model,
193+
Model: model,
194194
CredentialProfile: exp.credProfile,
195195
}
196196
log.Info("added host "+exp.host+" to ignored list", zap.Any("trace_id", exp.ctx.Value("traceID")))
@@ -543,7 +543,7 @@ func (e *Exporter) scrape() {
543543
common.IgnoredDevices[e.host] = common.IgnoredDevice{
544544
Name: e.host,
545545
Endpoint: "https://" + e.host + "/redfish/v1/Chassis/",
546-
Module: e.Model,
546+
Model: e.Model,
547547
CredentialProfile: e.credProfile,
548548
}
549549
log.Info("added host "+e.host+" to ignored list", zap.Any("trace_id", e.ctx.Value("traceID")))

exporter/moonshot/exporter.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -97,7 +97,7 @@ func NewExporter(ctx context.Context, target, uri, profile string) (*Exporter, e
9797
IdleConnTimeout: 90 * time.Second,
9898
ExpectContinueTimeout: 1 * time.Second,
9999
TLSClientConfig: &tls.Config{
100-
InsecureSkipVerify: true,
100+
InsecureSkipVerify: config.GetConfig().SSLVerify,
101101
},
102102
TLSHandshakeTimeout: 10 * time.Second,
103103
}
@@ -270,7 +270,7 @@ func (e *Exporter) scrape() {
270270
common.IgnoredDevices[e.host] = common.IgnoredDevice{
271271
Name: e.host,
272272
Endpoint: "https://" + e.host + "/rest/v1/chassis/1",
273-
Module: MOONSHOT,
273+
Model: MOONSHOT,
274274
CredentialProfile: e.credProfile,
275275
}
276276
log.Info("added host "+e.host+" to ignored list", zap.Any("trace_id", e.ctx.Value("traceID")))

go.mod

Lines changed: 20 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -1,30 +1,30 @@
11
module github.com/comcast/fishymetrics
22

3-
go 1.22
3+
go 1.23
44

55
require (
66
github.com/hashicorp/go-hclog v1.6.3
77
github.com/hashicorp/go-retryablehttp v0.7.7
8-
github.com/hashicorp/vault/api v1.12.0
8+
github.com/hashicorp/vault/api v1.14.0
99
github.com/hashicorp/vault/api/auth/approle v0.4.0
10-
github.com/hashicorp/vault/sdk v0.11.1
10+
github.com/hashicorp/vault/sdk v0.13.0
1111
github.com/nrednav/cuid2 v1.0.0
1212
github.com/prometheus/client_golang v1.14.0
13-
github.com/stretchr/testify v1.8.4
13+
github.com/stretchr/testify v1.9.0
1414
go.uber.org/zap v1.27.0
1515
gopkg.in/alecthomas/kingpin.v2 v2.2.6
1616
gopkg.in/natefinch/lumberjack.v2 v2.2.1
1717
gopkg.in/yaml.v3 v3.0.1
1818
)
1919

2020
require (
21-
github.com/Microsoft/go-winio v0.6.1 // indirect
21+
github.com/Microsoft/go-winio v0.6.2 // indirect
2222
github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 // indirect
2323
github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d // indirect
2424
github.com/beorn7/perks v1.0.1 // indirect
2525
github.com/cenkalti/backoff/v3 v3.2.2 // indirect
2626
github.com/cespare/xxhash/v2 v2.2.0 // indirect
27-
github.com/containerd/containerd v1.7.12 // indirect
27+
github.com/containerd/containerd v1.7.20 // indirect
2828
github.com/containerd/log v0.1.0 // indirect
2929
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
3030
github.com/distribution/reference v0.6.0 // indirect
@@ -33,23 +33,23 @@ require (
3333
github.com/docker/go-units v0.5.0 // indirect
3434
github.com/fatih/color v1.16.0 // indirect
3535
github.com/felixge/httpsnoop v1.0.3 // indirect
36-
github.com/go-jose/go-jose/v3 v3.0.3 // indirect
37-
github.com/go-logr/logr v1.2.4 // indirect
36+
github.com/go-jose/go-jose/v4 v4.0.1 // indirect
37+
github.com/go-logr/logr v1.3.0 // indirect
3838
github.com/go-logr/stdr v1.2.2 // indirect
3939
github.com/gogo/protobuf v1.3.2 // indirect
40-
github.com/golang/protobuf v1.5.3 // indirect
40+
github.com/golang/protobuf v1.5.4 // indirect
4141
github.com/golang/snappy v0.0.4 // indirect
4242
github.com/hashicorp/errwrap v1.1.0 // indirect
4343
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
4444
github.com/hashicorp/go-multierror v1.1.1 // indirect
4545
github.com/hashicorp/go-rootcerts v1.0.2 // indirect
46-
github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7 // indirect
46+
github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8 // indirect
4747
github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect
48-
github.com/hashicorp/go-sockaddr v1.0.2 // indirect
48+
github.com/hashicorp/go-sockaddr v1.0.6 // indirect
4949
github.com/hashicorp/go-uuid v1.0.3 // indirect
5050
github.com/hashicorp/hcl v1.0.1-vault-5 // indirect
5151
github.com/json-iterator/go v1.1.12 // indirect
52-
github.com/klauspost/compress v1.16.5 // indirect
52+
github.com/klauspost/compress v1.16.7 // indirect
5353
github.com/kr/pretty v0.3.1 // indirect
5454
github.com/mattn/go-colorable v0.1.13 // indirect
5555
github.com/mattn/go-isatty v0.0.20 // indirect
@@ -64,7 +64,7 @@ require (
6464
github.com/modern-go/reflect2 v1.0.2 // indirect
6565
github.com/morikuni/aec v1.0.0 // indirect
6666
github.com/opencontainers/go-digest v1.0.0 // indirect
67-
github.com/opencontainers/image-spec v1.1.0-rc2.0.20221005185240-3a7f492d3f1b // indirect
67+
github.com/opencontainers/image-spec v1.1.0 // indirect
6868
github.com/pierrec/lz4 v2.6.1+incompatible // indirect
6969
github.com/pkg/errors v0.9.1 // indirect
7070
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
@@ -74,18 +74,16 @@ require (
7474
github.com/ryanuber/go-glob v1.0.0 // indirect
7575
github.com/sirupsen/logrus v1.9.3 // indirect
7676
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.45.0 // indirect
77-
go.opentelemetry.io/otel v1.19.0 // indirect
78-
go.opentelemetry.io/otel/metric v1.19.0 // indirect
79-
go.opentelemetry.io/otel/trace v1.19.0 // indirect
77+
go.opentelemetry.io/otel v1.21.0 // indirect
78+
go.opentelemetry.io/otel/metric v1.21.0 // indirect
79+
go.opentelemetry.io/otel/trace v1.21.0 // indirect
8080
go.uber.org/atomic v1.9.0 // indirect
8181
go.uber.org/multierr v1.10.0 // indirect
82-
golang.org/x/crypto v0.21.0 // indirect
83-
golang.org/x/mod v0.11.0 // indirect
84-
golang.org/x/net v0.23.0 // indirect
82+
golang.org/x/crypto v0.23.0 // indirect
83+
golang.org/x/net v0.25.0 // indirect
8584
golang.org/x/sys v0.20.0 // indirect
86-
golang.org/x/text v0.14.0 // indirect
85+
golang.org/x/text v0.15.0 // indirect
8786
golang.org/x/time v0.3.0 // indirect
88-
golang.org/x/tools v0.10.0 // indirect
89-
google.golang.org/protobuf v1.33.0 // indirect
87+
google.golang.org/protobuf v1.34.1 // indirect
9088
gotest.tools/v3 v3.5.1 // indirect
9189
)

0 commit comments

Comments
 (0)