[sos] Add 'upload' component to upload existing reports and files #3746
Conversation
|
Huge thanks to @pmoravec for all the help reviewing this, suggesting improvements, and finding bugs. |
|
Congratulations! One of the builds has completed. 🍾 You can install the built RPMs by following these steps:
Please note that the RPMs should be used only in a testing environment. |
|
@arif-ali about these ones: sos/upload/init.py:103:0: C0325: Unnecessary parens after '=' keyword (superfluous-parens) ************* Module sos.upload sos/upload/init.py:42:46: W0613: Unused argument 'in_place' (unused-argument) sos/upload/init.py:43:17: W0613: Unused argument 'hook_commons' (unused-argument) sos/upload/init.py:155:24: R1722: Consider using 'sys.exit' instead (consider-using-sys-exit) |
jcastill
force-pushed
the
jcastillo-add-upload-subsystem
branch
from
d5b6c64 to
0e6bc72
Compare
|
With R1725, I made the changes a few months back, and hence enabled the check, so let's do this here too. With the unused variable. If your 100% sure you're going to be using them then potentially you could add the following before the line |
jcastill
force-pushed
the
jcastillo-add-upload-subsystem
branch
from
0e6bc72 to
9c60d66
Compare
Done, should be in the version I just pushed.
Nice one! But I ended up removing it. I'll re-add them in the future when I have ready the code for hooking report etc. |
man/en/sos-upload.1
Outdated
|
|
||
| .PP | ||
| .SH DESCRIPTION | ||
| upload is an sos subcommand to upload sos reports, logs, vmcores, or other files to a policy defined remote location, or an user defined one. |
There was a problem hiding this comment.
Nitpick: s/an user/a user/.
There was a problem hiding this comment.
I think is 'an' because 'user' starts with a vowel, no?
There was a problem hiding this comment.
The rule is "first sound of word", not first letter :) E.g. https://english.stackexchange.com/questions/105116/is-it-a-user-or-an-user (though I am not sure how authoritative that source is).
There was a problem hiding this comment.
Nice, TIL. Fixed in the next push.
sos/policies/distros/redhat.py
Outdated
| @@ -298,7 +298,7 @@ def get_upload_url(self): | |||
| self.ui_log.info("No case id provided, uploading to SFTP") | |||
| return RH_SFTP_HOST | |||
| rh_case_api = "/support/v1/cases/%s/attachments" | |||
| return RH_API_HOST + rh_case_api % self.case_id | |||
| return RH_API_HOST + rh_case_api % self.commons['cmdlineopts'].case_id | |||
There was a problem hiding this comment.
Why this change? AFAIK self.case_id might be blank (and common's case_id set) only in scenario "case id not in cmdline, batch not in cmdline" - should not upload query for case_id, then? (or am I wrong here with my assumption)?
(that concern is valid for sure (while I can be wrong on its impact to this code change):
# python3 bin/sos upload /var/tmp/sosreport-pmoravec-rhel8-012345678-2024-08-13-gbiatgg.tar.xz
sos upload (version 4.7.2)
This utility is used to upload files to a policy-default location.
The archive to be uploaded may contain data considered sensitive and its content
should be reviewed by the originating organization before being passed to any
third party.
No configuration changes will be made to the system running this utility.
Press ENTER to continue, or CTRL-C to quit
Attempting to upload file /var/tmp/sosreport-pmoravec-rhel8-012345678-2024-08-13-gbiatgg.tar.xz to case
No case id provided, uploading to SFTP
No case id provided, uploading to SFTP
Attempting upload to Red Hat Secure FTP
..
There was a problem hiding this comment.
This is one of the things we talked about internally when I first started playing with 'upload'. If you remember, the issue was that without this change, we were getting 'None' on the case_id and it was failing to build the url, and so failed to upload. I have the feeling that I've done something wrong on the upload side and I'm not passing the case_id correctly.
My hope is that more experienced eyes, or at least fresher, can tell me where I'm failing.
|
When I run: and "Press ENTER to continue", and then nothing, then I get a final error: I think the upload did not succeed at the end.. |
| defined location. These files can be either sos reports, | ||
| sos collections, or other kind of files like: vmcores, | ||
| application cores, logs, etc. | ||
|
|
|
When pressing Ctrl+C on |
|
@pmoravec thank you for finding this, I thought we solved these issues:
I'll check the double messaging here, looks horrible.
I'll check this one as well, I remember we had a similar issue with a previous implementation.
No, it should not succeed in that case. |
I'll check this, should be easy to fix. |
Fixed. I used exit() instead of _exit(), which is the one implemented in Soscomponent. |
There was a problem hiding this comment.
At a bare minimum, a new component should be implementing all the abstractions that it needs to operate solo, not acting as a wrapper to existing functionality.
This means the upload logic needs to be separated from its current location in Policy, and implemented as a discrete unit. Policy should then control the default setting, and users should be able to direct sos to chose an upload target/profile/whatever we want to call it as an override. E.G. if I have an sos report locally on my Fedora workstation that was taken from a RHEL box, and I am unable due to some network policy to directly upload from the RHEL box, then on my Fedora system I should be able to send that sos report to Red Hat.
Further, any current or future usage of the component's functionality should go through the actual component code. Much like we do with sos clean, when --clean is used for a report being generated. We hook into the component from within report, to ensure we use the exact code flow for cleaning the archive as we would by running a clean after-the-fact.
jcastill
force-pushed
the
jcastillo-add-upload-subsystem
branch
from
9c60d66 to
72dd27c
Compare
I agree with everything above, but the idea behind this PR is to be a first implementation to get the upload component started, and then move things carefully from policy to upload. Could this approach be acceptable? |
|
I support this initial implementation of the feature to let enhance I was thinking to raise the same concern, but I realized I would see beneficial for the discussion about refactorization if we already has some implementation in hand. With the current code, it is hard for me to specify "cut this away from here and put it (there)", if we have no "(there)". With the If somebody sees as a potential threat "we accept this initial implementation, but will never refactor the code as needed, and we dont want that technical debt here", then I can make a commitment: once there will be an agreement about the refactorisation and if nobody(*) will have time to implement it, I will work on such PR. (*) nobody including Jose as the primary person to implement. I assume he will be the primary person to make his own feature to make it complete. On the other side, there can be various reasons he won't be able to do the refactorisation (time, other work on sos, willingness, whatever). And then anybody else (with me as the volunteer with above commitment) can contribute that way. |
On this note, I already started moving things around from policies/distros just after I sent this PR - this is not something I want to leave abandoned, or done in six months time or more, but as soon as possible. But also I want to make sure I cover all the possible cases, and the upload code in policies has been there for a long time, working perfectly, so want to be extra careful while refactoring. |
| [--case-id id]\fR | ||
| [--upload-url url]\fR | ||
| [--upload-user user]\fR | ||
| [--upload-pass pass]\fR | ||
| [--upload-directory dir]\fR | ||
| [--upload-method]\fR | ||
| [--upload-no-ssl-verify]\fR | ||
| [--upload-protocol protocol]\fR |
There was a problem hiding this comment.
@jcastill Could the --upload-protocol s3 flags be included in this work? Unfortunately, it contains unique flags that made S3 easier to implement at the time.
[--upload-s3-endpoint endpoint]
[--upload-s3-region region]
[--upload-s3-bucket bucket]
[--upload-s3-access-key access_key]
[--upload-s3-secret-key secret_key]
[--upload-s3-object-prefix object_prefix]
The existing flags and how the provided values were used were not well aligned for S3, even though valid for FTP, HTTP, etc. protocols. I didn't want to cause any breakage for existing upload protocols while trying to make them work for all protocols, so S3 ended up with unique flags.
I planned to attempt a refactor at some point (sos v5?) where the original protocols and s3 overlap. For example, allowing synonymous flags:
--upload-user~--upload-s3-access-key--upload-pass~--upload-s3-secret-key--upload-directory~--upload-s3-object-prefix--upload-url~--upload-s3-endpoint
However, I haven't been able to dedicate the time yet.
There was a problem hiding this comment.
Could the --upload-protocol s3 flags be included in this work? Unfortunately, it contains unique flags that made S3 easier to implement at the time.
Yes, I'll make sure I include them in the next iteration of this PR.
I planned to attempt a refactor at some point (sos v5?) where the original protocols and s3 overlap. For example, allowing synonymous flags:
--upload-user ~ --upload-s3-access-key --upload-pass ~ --upload-s3-secret-key --upload-directory ~ --upload-s3-object-prefix --upload-url ~ --upload-s3-endpointHowever, I haven't been able to dedicate the time yet.
Let me know if I can help. My original idea was to have this PR as a starting point and then move stuff out of the generic policy and the OS-specific ones in a second PR, but that was rejected, so I'm working on the full change now. As soon as I finish with that, we can start working on the refactor of S3 it that's OK with you. In fact we need to do some work with S3 uploads for the RH customer portal, so we could do both things in parallel.
There was a problem hiding this comment.
Let me know if I can help. My original idea was to have this PR as a starting point and then move stuff out of the generic policy and the OS-specific ones in a second PR, but that was rejected, so I'm working on the full change now. As soon as I finish with that, we can start working on the refactor of S3 it that's OK with you. In fact we need to do some work with S3 uploads for the RH customer portal, so we could do both things in parallel.
When you have a branch published for public view and somewhat functional let me know. I'll branch off of it and start migrating the s3 portions in then submit a PR targeting your branch for you to review.
As for the s3 refactoring, we can look into it and I'd be more than happy to try and make some time. I believe a few lend themselves easily, or at least I don't immediately recall any issues with using them, like URL, user, and password. One I do recall bringing up some questions is the --upload-directory. For example, should this be only the prefixes inside the bucket? Or should it split the directory like {bucket}/{prefix} on only the first slash? There may have been others, but I would have to review the LinuxPolicy.get_upload_xxxx() functions and internal self._vars again.
Without some "group think" I decided not to implement something I (or others) may have been unhappy with later but stuck with unless making breaking changes.
There was a problem hiding this comment.
There may be less to refactor than I first thought as I haven't reviewed the code in almost a year. I guess ended up implementing some of it already. Hope I'm still happy with my choices after a year 😄
sos/sos/policies/distros/__init__.py
Lines 615 to 629 in 2aa4fcf
arif-ali
added
the
Status/Need More Info
|
For reference, I have a PPA https://launchpad.net/~arif-ali/+archive/ubuntu/sos-pr-3746 for anyone wanting to test Ubuntu platforms specifically of this PR |
|
Following the maintainers call on January 14, the general plan to move forward with some form of With that in mind, this PR would ideally be merge-ready (no outstanding changes requested, all testing complete) by Friday, February 7 with an absolute hard deadline of Monday, February 10. Before diving into a full code review cycle, one aspect I would like to address now so it does not become a sticking point later on is the previously mentioned terminology around an upload destination. "Profile" already has specific meaning within the project, and we shouldn't overload it. I don't feel that "upload-profile" is distinct enough as users and contributors are highly likely to just reduce that back down to "profiles". I have some suggestions below (in order of preference), but am not saying it has to be one of these, feel free to come up with some alternative as well:
|
jcastill
force-pushed
the
jcastillo-add-upload-subsystem
branch
from
439785b to
4967f42
Compare
|
I've pushed what I have so far. Next push will have:
Regarding @arif-ali 's comments:
I think that was has been always the case, right?
You are right, we probably won't need these options, thank you!
Probably no.
For now I think it will be good to start with just one file, and I can expand it later on to multiple files. |
jcastill
force-pushed
the
jcastillo-add-upload-subsystem
branch
from
4967f42 to
38909a2
Compare
|
@arif-ali the global options that you list seem to be printed for all subsystems, and I don't think all options apply for all of them. I.e. they appear for the help subsystem as well: If this is the case, we can change this later on, or perhaps just add a note saying 'Note: Not every global option will apply to this subsystem' or something that sounds better |
Yeah, the global options are not-so global further more. I pointed that somewhere else we should revisit the current approach in copying enumerated list of options and/or their values here and there, within a component or among them (when one component calls another). Ideally we should have some json or yaml describing what option is used by what component and with what default value and what is inherited from where - all such lists can be shrunk to calling "populate arguments per that hierarchy json/yaml". Again something worth independent on an upload PR (I think we discussed something else - worth filing them as separate new Issues to prevent forgetting them?) |
jcastill
force-pushed
the
jcastillo-add-upload-subsystem
branch
from
38909a2 to
6b690c6
Compare
jcastill
force-pushed
the
jcastillo-add-upload-subsystem
branch
from
6b690c6 to
9209cc4
Compare
Agreed this can be weak. S3 uses the term endpoint, and in the most general sense that could be s3.amazon.com, which bucket would determine what account receives/controls the data. It also may not be amazon, but results in a similar issue. Any of the other three terms, or probably any new one, would be less ambiguous when using s3 protocol for uploads. |
When I think about the argument code duplication in regards to upload, at least when only considering the upload shared arguments themselves my first thought is extending this to another argparse group in a class method, and inheriting it in other modules. Something (generically) like: class SoSUpload(SoSComponent):
@classmethod
def add_upload_local_arguments(cls, parser: argparse.ArgumentParser):
upload_grp = parser.add_argument_group('Local Upload Options')
group.add_argument(
'--local-1',
type=str,
help="Some local argument1 to the upload module, not shared with other modules/subcommands")
@classmethod
def add_upload_shared_arguments(cls, parser: argparse.ArgumentParser):
shared_upload_grp = parser.add_argument_group('Global/Shared Upload Options')
shared_upload_grp.add_argument("--upload-url", default=None,
help="Upload the archive to specified server")
shared_upload_grp.add_argument("--upload-user", default=None,
help="Username to authenticate with")
shared_upload_grp.add_argument("--upload-pass", default=None,
help="Password to authenticate with")
@classmethod
def add_parser_options(cls, parser: argparse.ArgumentParser):
upload_grp = parser.add_argument_group('Upload Options')
cls.add_upload_local_arguments(upload_grp)
cls.add_upload_shared_arguments(upload_grp)and in report (or collect etc.) from upload import add_upload_shared_arguments
class SoSReport(SoSComponent):
@classmethod
def add_parser_options(cls, parser: argparse.ArgumentParser):
report_grp = parser.add_argument_group('Report Options')
cls.add_upload_shared_arguments(report_grp)It's a very simple version of the idea, which does not account for the number of groups that might be required if collect inherits from report, etc. etc. I didn't have to deal with complex cross inheritance between multiple modules when I've used this before. Also, I suspect I am overlooking something, which you probably found when you mentioned hitting duplication issues previously. Probably something I would run into when looking at the wider code base (Policy or originating class default values maybe?). Feel free to just thumbs down the idea if it overlooks issues and complications that would turn up during implementation. I just wanted to get it out of my head 😄 |
|
@arif-ali how do you reproduce the warning:
I can only do so if I explicitly use --tmp-dir to a tmpfs, but runs that don't specify it don't get the warning at all. And I think it falls into the category of global options that don't explicitly apply to upload |
This could be the fact that |
Ah that makes sense. OK, as I said, it seems to be a global option so I'm not sure if I should touch it in this PR or leave it to @pmoravec 's |
yup, sounds good |
jcastill
force-pushed
the
jcastillo-add-upload-subsystem
branch
from
9209cc4 to
ad9ba5f
Compare
|
I fixed @pmoravec's find about upload_directory. I think this is ready - I'm sure there are things to change, unnecessary code that I brought from policy, text strings in English that can be improved, but it's my first subsystem so I think it's normal, and I reviewed this so often that I have reached a kind of semantic satiation, and I need extra eyes. |
man/en/sos-upload.1
Outdated
|
|
||
| .PP | ||
| .SH DESCRIPTION | ||
| upload is an sos subcommand to upload sos reports, logs, vmcores, or other files to a policy defined remote location, or a user defined one. |
There was a problem hiding this comment.
Nitpick: put this to multiple lines likewise e.g. options? Or likewise https://github.com/sosreport/sos/blob/main/man/en/sos-report.1#L49 .
sos/upload/__init__.py
Outdated
| package = sos.upload.targets | ||
| supported_upload_targets = {} | ||
| upload_targets = self._load_modules(package, 'targets') |
There was a problem hiding this comment.
Why not simplier:
supported_upload_targets = {}
upload_targets = self._load_modules(sos.upload.targets, 'targets')
package variable is used just once..
sos/upload/__init__.py
Outdated
| package = sos.upload.targets | ||
| supported_upload_targets = {} | ||
| upload_targets = self._load_modules(package, 'targets') | ||
| for upload_target in upload_targets: |
There was a problem hiding this comment.
.. and maybe you can even merge the previous line to this..? `upload_targets is also not used anywhere else.
There was a problem hiding this comment.
https://github.com/sosreport/sos/pull/3746/files#r1901976808 needs addressing.
I added a few points, mostly nitpicks or some minor stuff. Otherwise the code looks good to me and it passed all tests I invented :) 👍
This commit marks the beginning of the addition of a new 'upload' component for sos, which can be used to upload already created sos reports, collects, or other files like logs or vmcores to a policy defined location. The user needs to specify a file location, and can make use of any of the options that exist nowadays for the --upload option. This first commit includes: - The initial framework for the 'upload' component. - The new man page for 'sos upload'. - The code in the component 'help' to show information about the component. - The code in sos/__init__.py to deal with the component. - The code for uploads to Red Hat and Ubuntu systems. - The code to allow uploads specifying remote destination, called targets in this implementation. For example, you could generate a sos report in a CentOS system and specify a target defined as 'redhat' or 'RedHatUpload' to upload to the Red Hat Customer Portal. - And modifications to setup.py to build the man pages. Related: RHEL-23032, SUPDEV-138, CLIOT-481 Co-authored-by: Jose Castillo <[email protected]> Co-authored-by: Pavel Moravec <[email protected]> Co-authored-by: Trevor Benson <[email protected]> Signed-off-by: Jose Castillo <[email protected]>
jcastill
force-pushed
the
jcastillo-add-upload-subsystem
branch
from
ad9ba5f to
f99726b
Compare
This commit marks the beginning of the addition of a new 'upload' component for sos, which can be used to upload already created sos reports, collects, or other files like logs or vmcores to a policy defined location.
The user needs to specify a file location, and can make use of any of the options that exist nowadays for the --upload option.
This first commit includes:
Related: RHEL-23032, SUPDEV-138, CLIOT-481
Please place an 'X' inside each '[]' to confirm you adhere to our Contributor Guidelines