Skip to content

Commit

Permalink
enh(gorgone-servicediscovery): use credentials from centreon vault fo…
Browse files Browse the repository at this point in the history
…r manual scan (#1108)
  • Loading branch information
sdepassio authored May 10, 2023
1 parent 83c6358 commit 82c7da9
Show file tree
Hide file tree
Showing 2 changed files with 49 additions and 6 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -750,7 +750,8 @@ sub service_execute_commands {
my $command = gorgone::modules::centreon::autodiscovery::services::resources::substitute_service_discovery_command(
command_line => $self->{discovery}->{rules}->{$rule_id}->{command_line},
host => $host,
poller => $self->{service_pollers}->{$poller_id}
poller => $self->{service_pollers}->{$poller_id},
vault_count => $options{vault_count}
);

$self->{logger}->writeLogInfo("[autodiscovery] -servicediscovery- $self->{uuid} [" .
Expand Down Expand Up @@ -846,6 +847,17 @@ sub launchdiscovery {
}
$self->{audit_user_id} = $user_id;

##################
# get vault config
##################
($status, $message, my $vault_count) = gorgone::modules::centreon::autodiscovery::services::resources::get_vault_configured(
class_object_centreon => $self->{class_object_centreon}
);
if ($status < 0) {
$self->send_log_msg_error(token => $options{token}, subname => 'servicediscovery', number => $self->{uuid}, message => $message);
return -1;
}

################
# get rules
################
Expand Down Expand Up @@ -874,7 +886,8 @@ sub launchdiscovery {
class_object_centreon => $self->{class_object_centreon},
with_macro => 1,
host_lookup => $data->{content}->{filter_hosts},
poller_lookup => $data->{content}->{filter_pollers}
poller_lookup => $data->{content}->{filter_pollers},
vault_count => $vault_count
);
if ($status < 0) {
$self->send_log_msg_error(token => $options{token}, subname => 'servicediscovery', number => $self->{uuid}, message => $message);
Expand Down Expand Up @@ -921,7 +934,7 @@ sub launchdiscovery {
pollers_reload => {}
};

$self->service_execute_commands();
$self->service_execute_commands(vault_count => $vault_count);

return 0;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -99,6 +99,20 @@ sub get_audit_user_id {
return (0, '', $user_id);
}

sub get_vault_configured {
my (%options) = @_;

my ($status, $datas) = $options{class_object_centreon}->custom_execute(
request => "SELECT count(id) FROM vault_configuration",
mode => 2
);
if ($status == -1 || !defined($datas->[0])) {
return (-1, 'cannot get number of vault configured');
}

return (0, '', $datas->[0]->[0]);
}

sub get_rules {
my (%options) = @_;

Expand Down Expand Up @@ -374,7 +388,11 @@ sub get_hosts {
if (defined($done_macro_host->{ $host_id })) {
$datas->{$host_id}->{macros} = $done_macro_host->{ $host_id };
} else {
($status, my $message, my $macros) = get_macros_host(host_id => $host_id, class_object_centreon => $options{class_object_centreon});
($status, my $message, my $macros) = get_macros_host(
host_id => $host_id,
class_object_centreon => $options{class_object_centreon},
vault_count => $options{vault_count}
);
if ($status == -1) {
return (-1, $message);
}
Expand Down Expand Up @@ -429,14 +447,22 @@ sub get_macros_host {
}

($status, $datas) = $options{class_object_centreon}->custom_execute(
request => "SELECT host_macro_name, host_macro_value FROM on_demand_macro_host WHERE host_host_id = " . $lhost_id,
request => "SELECT host_macro_name, host_macro_value, is_password FROM on_demand_macro_host WHERE host_host_id = " . $lhost_id,
mode => 2
);
if ($status == -1) {
return (-1, 'get macro: cannot get on_demand_macro_host');
}
foreach (@$datas) {
set_macro(\%macros, $_->[0], $_->[1]);
my $macro_name = $_->[0];
my $macro_value = $_->[1];
my $is_password = $_->[2];
# Replace macro value if a vault is used
if ($options{vault_count} > 0 && defined($is_password) && $is_password == 1) {
set_macro(\%macros, $macro_name, "{" . $macro_name . "::secret::" . $macro_value . "}");
} else {
set_macro(\%macros, $macro_name, $macro_value);
}
}

($status, $datas) = $options{class_object_centreon}->custom_execute(
Expand Down Expand Up @@ -471,6 +497,10 @@ sub substitute_service_discovery_command {

$command =~ s/\$HOSTADDRESS\$/$options{host}->{host_address}/g;
$command =~ s/\$HOSTNAME\$/$options{host}->{host_name}/g;

if ($options{vault_count} > 0) {
$command .= ' --pass-manager="centreonvault"';
}

return $command;
}
Expand Down

0 comments on commit 82c7da9

Please sign in to comment.