Merge branch '2.4/dev' into jertel/hfm

2025-12-06 17:22:49 +01:00 · 2023-11-21 16:42:50 -05:00
parent 7d759a99fe 861e850f9a
commit 9ee3423b32
6 changed files with 52 additions and 11 deletions
--- a/2
+++ b/2
@@ -1 +1 @@
-2.4.30
+2.4.40
--- a/salt/common/tools/sbin/so-log-check
+++ b/salt/common/tools/sbin/so-log-check
@@ -109,6 +109,7 @@ if [[ $EXCLUDE_STARTUP_ERRORS == 'Y' ]]; then
    EXCLUDED_ERRORS="$EXCLUDED_ERRORS|timeout exceeded"             # server not yet ready (telegraf waiting on elasticsearch)
    EXCLUDED_ERRORS="$EXCLUDED_ERRORS|influxsize kbytes"            # server not yet ready (telegraf waiting on influx)
    EXCLUDED_ERRORS="$EXCLUDED_ERRORS|expected field at"            # server not yet ready (telegraf waiting on health data)
+    EXCLUDED_ERRORS="$EXCLUDED_ERRORS|connection timed out"         # server not yet ready (telegraf plugin unable to connect)
    EXCLUDED_ERRORS="$EXCLUDED_ERRORS|cached the public key"        # server not yet ready (salt minion waiting on key acceptance)
    EXCLUDED_ERRORS="$EXCLUDED_ERRORS|no ingest nodes"              # server not yet ready (logstash waiting on elastic)
    EXCLUDED_ERRORS="$EXCLUDED_ERRORS|failed to poll"               # server not yet ready (sensoroni waiting on soc)
--- a/salt/manager/tools/sbin/so-yaml.py
+++ b/salt/manager/tools/sbin/so-yaml.py
@@ -16,12 +16,12 @@ lockFile = "/tmp/so-yaml.lock"
 def showUsage(args):
    print('Usage: {} <COMMAND> <YAML_FILE> [ARGS...]'.format(sys.argv[0]))
    print('  General commands:')
-    print('    remove         - Removes a yaml top-level key, if it exists. Requires KEY arg.')
+    print('    remove         - Removes a yaml key, if it exists. Requires KEY arg.')
    print('    help           - Prints this usage information.')
    print('')
    print('  Where:')
    print('   YAML_FILE       - Path to the file that will be modified. Ex: /opt/so/conf/service/conf.yaml')
-    print('   KEY             - Top level key only, does not support dot-notations for nested keys at this time. Ex: level1')
+    print('   KEY             - YAML key, does not support \' or " characters at this time. Ex: level1.level2')
    sys.exit(1)


@@ -36,6 +36,13 @@ def writeYaml(filename, content):
    return yaml.dump(content, file)


+def removeKey(content, key):
+    pieces = key.split(".", 1)
+    if len(pieces) > 1:
+        removeKey(content[pieces[0]], pieces[1])
+    else:
+        content.pop(key, None)
+
 def remove(args):
    if len(args) != 2:
        print('Missing filename or key arg', file=sys.stderr)
@@ -43,11 +50,12 @@ def remove(args):
        return

    filename = args[0]
+    key = args[1]
+
    content = loadYaml(filename)
-
-    content.pop(args[1], None)
-
+    removeKey(content, key)
    writeYaml(filename, content)
+
    return 0


--- a/salt/manager/tools/sbin/so-yaml_test.py
+++ b/salt/manager/tools/sbin/so-yaml_test.py
@@ -57,6 +57,36 @@ class TestRemove(unittest.TestCase):
        expected = "key2: false\n"
        self.assertEqual(actual, expected)

+    def test_remove_nested(self):
+        filename = "/tmp/so-yaml_test-remove.yaml"
+        file = open(filename, "w")
+        file.write("{key1: { child1: 123, child2: abc }, key2: false}")
+        file.close()
+
+        soyaml.remove([filename, "key1.child2"])
+
+        file = open(filename, "r")
+        actual = file.read()
+        file.close()
+
+        expected = "key1:\n  child1: 123\nkey2: false\n"
+        self.assertEqual(actual, expected)
+
+    def test_remove_nested_deep(self):
+        filename = "/tmp/so-yaml_test-remove.yaml"
+        file = open(filename, "w")
+        file.write("{key1: { child1: 123, child2: { deep1: 45, deep2: ab } }, key2: false}")
+        file.close()
+
+        soyaml.remove([filename, "key1.child2.deep1"])
+
+        file = open(filename, "r")
+        actual = file.read()
+        file.close()
+
+        expected = "key1:\n  child1: 123\n  child2:\n    deep2: ab\nkey2: false\n"
+        self.assertEqual(actual, expected)
+
    def test_remove_missing_args(self):
        with patch('sys.exit', new=MagicMock()) as sysmock:
            with patch('sys.stderr', new=StringIO()) as mock_stdout:
--- a/salt/soc/defaults.yaml
+++ b/salt/soc/defaults.yaml
@@ -1240,7 +1240,7 @@ soc:
              showSubtitle: true
            - name: HTTP
              description: HTTP with exe downloads
-              query: 'tags:http AND (file.resp_mime_types:dosexec OR file.resp_mime_types:executable) | groupby http.virtual_host'
+              query: 'tags:http AND file.resp_mime_types:*exec* | groupby http.virtual_host'
              showSubtitle: true
            - name: Intel
              description: Intel framework hits grouped by indicator
--- a/salt/soc/files/bin/salt-relay.sh
+++ b/salt/soc/files/bin/salt-relay.sh
@@ -37,12 +37,14 @@ function poll() {

 function respond() {
  file="$QUEUE_DIR/$1.response"
+  tmpfile="${file}.tmp"
  response=$2

-  touch "$file"
-  chmod 660 "$file"
-  chown "$QUEUE_OWNER:$QUEUE_GROUP" "$file"
-  echo "$response" > "$file"
+  touch "$tmpfile"
+  chmod 660 "$tmpfile"
+  chown "$QUEUE_OWNER:$QUEUE_GROUP" "$tmpfile"
+  echo "$response" > "$tmpfile"
+  mv $tmpfile $file
 }

 function list_minions() {
@@ -1 +1 @@
 .4.30
 .4.40