G%@i\ddlZddlmZddlmZddlmZddlmZm Z m Z Gddee Z y)N)Any)request)URLError)PluginIndependentPlugin PluginOptceZdZdZdZdZedddgZdZd Z d Z d Z d Z d Z dZdefdZdedefdZdZededefdZy )GCPzGoogle Cloud Platformgcp)virtkeep-piiFzyStop the plugin from removing PIIs like project name or organization ID from the metadata retrieved from Metadata server.)defaultdescz(/sys/devices/virtual/dmi/id/product_namezBhttp://metadata.google.internal/computeMetadata/v1/?recursive=truez[--REDACTED--]Nct|jd5}d|jvcdddS#1swYyxYw)zo Checks if this plugin should be executed based on the presence of GCE entry in sysfs. zutf-8)encodingzGoogle Compute EngineN)open PRODUCT_PATHread)selfsys_files 8/usr/lib/python3/dist-packages/sos/report/plugins/gcp.py check_enabledzGCP.check_enabled$s9 $##g 6 >(*hmmo= > > >s4=cT|jddg|jddgy)z Collect the following info: * `gcloud auth list` output * Any google services output from journal zgcloud auth listr tagszgoogle*)unitsrN)add_cmd_output add_journal)rs rsetupz GCP.setup,s1 .eW= yw7cb|jddg5} |j|_|j|j t j |jddddy#t$r$}|j t|Yd}~1d}~wwxYw#1swYyxYw)Nz metadata.jsonr r)indent) collection_file get_metadatametadatascrub_metadatawritejsondumps RuntimeErrorstr)rmfileerrs rcollectz GCP.collect9s  ! !/ ! @ &E & $ 1 1 3 ##% DJJt}}Q?@  & &   & CH%% &  & &s/B%AA55 B">BB%B""B%%B.returncb|j|j}tj|S)zq Retrieves metadata from the Metadata Server and transforms it into a dictionary object. )_query_addressMETADATA_QUERYr)loads)r response_bodys rr%zGCP.get_metadataCs) ++D,?,?@ zz-((r urlc tj|ddi}tj|5}|jdk7r8t d|jd|j j z|j j cdddS#1swYyxYw#t$r}t dt|z|d}~wwxYw) zf Query the given url address with headers required by Google Metadata Server. zMetadata-FlavorGoogle)headersz2Failed to communicate with Metadata Server (code: z): Nz,Failed to communicate with Metadata Server: ) rRequesturlopencoder+rdecoderr,)rr6reqresponser.s rr2zGCP._query_addressKs //#0A8/LMC% 0==C'&""*--5 ..0122 }}--/  0 0 0 >SIK  s5.B+A%B B+B($B+(B++ C4C  Ccrjdryjddjddtdtdtffd j_j jdd d j jdd d y) a" Remove all PII information from metadata, unless a keep-pii option is specified. Note: PII information collected by this plugin, like project number, account names etc. might be required by Google Cloud Support for faster issue resolution. r Nproject projectIdnumericProjectIddatar0ct|trCd|vrj|d<|jDcic]\}}||c}}St|tr|Dcgc] }| c}St|t r6|j jj jSt|tr|k(r jS|S|Scc}}wcc}w)Ntoken) isinstancedictREDACTEDitemslistr,replaceint) rEkvvalue project_idproject_numberproject_number_intscrubrs rrUz!GCP.scrub_metadata..scrubns$%d?%)MMDM7;zz|Dtq!a%(*DD$%267e 77$$||NDMMB#GJ >?$$(,0B(Bt}}LLKE7s C&)C, attributeszssh-keyssshKeys) get_optionr&r,rsafe_redact_key)rrRrSrTrUs`@@@@rr'zGCP.scrub_metadata^s ??: & ]]9-k: !]]956HI/0     dmm,  T]]95lC' ) T]]95lC& (r dict_objkeyc,||vr|j||<yy)z Redact keys N)rJ)clsrZr[s rrYzGCP.safe_redact_keys (?LLHSM r )__name__ __module__ __qualname__ short_desc plugin_nameprofilesr option_listrr3rJr&rrr/rIr%r,r2r' classmethodrYr rr r s(JKH *e* +K>L'NHH> 8&)d)##&%(N)t)#))r r ) r)typingrurllibr urllib.errorrsos.report.pluginsrrrr rfr rrks* !CCy)&#y)r