Merge pull request #13150 from Security-Onion-Solutions/jertel/yaml

add ability to retrieve yaml values via so-yaml.py; improve so-minion id matching

pyci.sh

@@ -15,12 +15,16 @@ TARGET_DIR=${1:-.}
 
 PATH=$PATH:/usr/local/bin
 
-if ! which pytest &> /dev/null || ! which flake8 &> /dev/null ; then
-    echo "Missing dependencies. Consider running the following command:"
-    echo "  python -m pip install flake8 pytest pytest-cov"
+if [ ! -d .venv ]; then
+    python -m venv .venv
+fi
+
+source .venv/bin/activate
+
+if ! pip install flake8 pytest pytest-cov pyyaml; then
+    echo "Unable to install dependencies."
     exit 1
 fi
 
-pip install pytest pytest-cov
 flake8 "$TARGET_DIR" "--config=${HOME_DIR}/pytest.ini"
-python3 -m pytest "--cov-config=${HOME_DIR}/pytest.ini" "--cov=$TARGET_DIR" --doctest-modules --cov-report=term --cov-fail-under=100  "$TARGET_DIR" 
+python3 -m pytest "--cov-config=${HOME_DIR}/pytest.ini" "--cov=$TARGET_DIR" --doctest-modules --cov-report=term --cov-fail-under=100  "$TARGET_DIR" 

salt/manager/tools/sbin/so-minion

@@ -112,8 +112,8 @@ function testMinion() {
 	result=$?
 
 	# If this so-minion script is not running on the given minion ID, run so-test remotely on the sensor as well
-	local_id=$(lookup_grain id)
-	if [[ ! "$local_id" =~ "${MINION_ID}_" ]]; then
+	local_id=$(lookup_grain id)	
+	if [[ ! "$local_id" =~ "${MINION_ID}_" && "$local_id" != "${MINION_ID}" ]]; then
 		salt "$MINION_ID" cmd.run 'so-test'
 		result=$?
 	fi

salt/manager/tools/sbin/so-yaml.py

@@ -14,19 +14,20 @@
 
 
 def showUsage(args):
-    print('Usage: {} <COMMAND> <YAML_FILE> [ARGS...]'.format(sys.argv[0]))
-    print('  General commands:')
-    print('    append         - Append a list item to a yaml key, if it exists and is a list. Requires KEY and LISTITEM args.')
-    print('    add            - Add a new key and set its value. Fails if key already exists. Requires KEY and VALUE args.')
-    print('    remove         - Removes a yaml key, if it exists. Requires KEY arg.')
-    print('    replace        - Replaces (or adds) a new key and set its value. Requires KEY and VALUE args.')
-    print('    help           - Prints this usage information.')
-    print('')
-    print('  Where:')
-    print('   YAML_FILE       - Path to the file that will be modified. Ex: /opt/so/conf/service/conf.yaml')
-    print('   KEY             - YAML key, does not support \' or " characters at this time. Ex: level1.level2')
-    print('   VALUE           - Value to set for a given key')
-    print('   LISTITEM        - Item to append to a given key\'s list value')
+    print('Usage: {} <COMMAND> <YAML_FILE> [ARGS...]'.format(sys.argv[0]), file=sys.stderr)
+    print('  General commands:', file=sys.stderr)
+    print('    append         - Append a list item to a yaml key, if it exists and is a list. Requires KEY and LISTITEM args.', file=sys.stderr)
+    print('    add            - Add a new key and set its value. Fails if key already exists. Requires KEY and VALUE args.', file=sys.stderr)
+    print('    get            - Displays (to stdout) the value stored in the given key. Requires KEY arg.', file=sys.stderr)
+    print('    remove         - Removes a yaml key, if it exists. Requires KEY arg.', file=sys.stderr)
+    print('    replace        - Replaces (or adds) a new key and set its value. Requires KEY and VALUE args.', file=sys.stderr)
+    print('    help           - Prints this usage information.', file=sys.stderr)
+    print('', file=sys.stderr)
+    print('  Where:', file=sys.stderr)
+    print('   YAML_FILE       - Path to the file that will be modified. Ex: /opt/so/conf/service/conf.yaml', file=sys.stderr)
+    print('   KEY             - YAML key, does not support \' or " characters at this time. Ex: level1.level2', file=sys.stderr)
+    print('   VALUE           - Value to set for a given key', file=sys.stderr)
+    print('   LISTITEM        - Item to append to a given key\'s list value', file=sys.stderr)
     sys.exit(1)
 
 
@@ -38,7 +39,7 @@ def loadYaml(filename):
 
 def writeYaml(filename, content):
     file = open(filename, "w")
-    return yaml.dump(content, file)
+    return yaml.safe_dump(content, file)
 
 
 def appendItem(content, key, listItem):
@@ -49,15 +50,15 @@ def appendItem(content, key, listItem):
         try:
             content[key].append(listItem)
         except AttributeError:
-            print("The existing value for the given key is not a list. No action was taken on the file.")
+            print("The existing value for the given key is not a list. No action was taken on the file.", file=sys.stderr)
             return 1
         except KeyError:
-            print("The key provided does not exist. No action was taken on the file.")
+            print("The key provided does not exist. No action was taken on the file.", file=sys.stderr)
             return 1
 
 
 def convertType(value):
-    if len(value) > 0 and (not value.startswith("0") or len(value) == 1):
+    if isinstance(value, str) and len(value) > 0 and (not value.startswith("0") or len(value) == 1):
         if "." in value:
             try:
                 value = float(value)
@@ -83,7 +84,7 @@ def append(args):
     if len(args) != 3:
         print('Missing filename, key arg, or list item to append', file=sys.stderr)
         showUsage(None)
-        return
+        return 1
 
     filename = args[0]
     key = args[1]
@@ -112,7 +113,7 @@ def add(args):
     if len(args) != 3:
         print('Missing filename, key arg, and/or value', file=sys.stderr)
         showUsage(None)
-        return
+        return 1
 
     filename = args[0]
     key = args[1]
@@ -137,7 +138,7 @@ def remove(args):
     if len(args) != 2:
         print('Missing filename or key arg', file=sys.stderr)
         showUsage(None)
-        return
+        return 1
 
     filename = args[0]
     key = args[1]
@@ -153,7 +154,7 @@ def replace(args):
     if len(args) != 3:
         print('Missing filename, key arg, and/or value', file=sys.stderr)
         showUsage(None)
-        return
+        return 1
 
     filename = args[0]
     key = args[1]
@@ -167,6 +168,32 @@ def replace(args):
     return 0
 
 
+def getKeyValue(content, key):
+    pieces = key.split(".", 1)
+    if len(pieces) > 1:
+        return getKeyValue(content[pieces[0]], pieces[1])
+    return content.get(key, None)
+
+
+def get(args):
+    if len(args) != 2:
+        print('Missing filename or key arg', file=sys.stderr)
+        showUsage(None)
+        return 1
+
+    filename = args[0]
+    key = args[1]
+
+    content = loadYaml(filename)
+    output = getKeyValue(content, key)
+    if output is None:
+        print("Not found", file=sys.stderr)
+        return 2
+
+    print(yaml.safe_dump(output))
+    return 0
+
+
 def main():
     args = sys.argv[1:]
 
@@ -178,6 +205,7 @@ def main():
         "help": showUsage,
         "add": add,
         "append": append,
+        "get": get,
         "remove": remove,
         "replace": replace,
     }
@@ -195,11 +223,11 @@ def main():
                 break
             except Exception:
                 if lockAttempts == 1:
-                    print("Waiting for lock file to be released from another process...")
+                    print("Waiting for lock file to be released from another process...", file=sys.stderr)
                 time.sleep(2)
 
         if lockAttempts == maxAttempts:
-            print("Lock file (" + lockFile + ") could not be created; proceeding without lock.")
+            print("Lock file (" + lockFile + ") could not be created; proceeding without lock.", file=sys.stderr)
 
         cmd = commands.get(args[0], showUsage)
         code = cmd(args[1:])