edera-check 0.2.13

CLI to run checks before installing or using Edera
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215

mod postinstall_cmd;
mod preinstall_cmd;

use clap::{Args, Parser, Subcommand};
use console::{Emoji, style};
use edera_check::helpers::{CheckGroup, CheckGroupResult, host_executor::HostNamespaceExecutor};

use anyhow::{Context, Result};
use chrono::Utc;
use flate2::{Compression, write::GzEncoder};
use log::debug;
use nix::unistd::Uid;
use std::{
    fs,
    fs::File,
    path::{Path, PathBuf},
    process,
};
use tokio::task::JoinHandle;

static SPARKLE: Emoji = Emoji("", "[*]");

#[derive(Parser)]
#[command(name = "edera-check")]
#[command(about = "CLI to run checks before installing or using Edera", long_about = None)]
struct Cli {
    #[command(subcommand)]
    command: Commands,
}

#[derive(Subcommand)]
enum PreinstallAction {
    /// List available check groups and their IDs.
    ListChecks,
}

#[derive(Subcommand)]
enum PostinstallAction {
    /// List available check groups and their IDs.
    ListChecks,
}

#[derive(Args)]
struct PreinstallArgs {
    #[command(subcommand)]
    action: Option<PreinstallAction>,

    /// Validate running kernel for bring-your-own kernel support (default false)
    #[arg(short, long, default_value_t = false)]
    byo_kernel: bool,

    /// Collect information and configuration snapshot of current system (default true)
    #[arg(short, long, default_value_t = true)]
    record_hostinfo: bool,

    /// Run only selected checks, instead of default behavior of running all.
    /// Will override all other check enablement flags.
    #[arg(short, long, value_delimiter = ',')]
    only_checks: Vec<String>,

    /// Directory path to write report to. Will be created if it doesn't exist. Defaults to `/tmp`
    #[arg(short = 'd', long)]
    report_dir: Option<String>,
}

#[derive(Args)]
struct PostinstallArgs {
    #[command(subcommand)]
    action: Option<PostinstallAction>,

    /// Collect information and configuration snapshot of current system (default true)
    #[arg(short, long, default_value_t = true)]
    record_hostinfo: bool,

    /// Run only selected checks, instead of default behavior of running all.
    /// Will override all other check enablement flags.
    #[arg(short, long, value_delimiter = ',')]
    only_checks: Vec<String>,

    /// Directory path to write report to. Will be created if it doesn't exist. Defaults to `/tmp`
    #[arg(short = 'd', long)]
    report_dir: Option<String>,
}

#[derive(Subcommand)]
enum Commands {
    /// Run before installing Edera to validate hardware/host installation readiness.
    Preinstall(PreinstallArgs),
    /// Run after installing Edera to validate workload readiness.
    Postinstall(PostinstallArgs),
}

#[tokio::main(flavor = "multi_thread", worker_threads = 10)]
async fn main() -> Result<()> {
    env_logger::init();

    if !Uid::effective().is_root() {
        println!("{}", style("This tool must be run as root").red().bold());
        process::exit(1);
    }

    let cli = Cli::parse();
    match cli.command {
        Commands::Preinstall(args) => {
            preinstall_cmd::do_preinstall(
                matches!(args.action, Some(PreinstallAction::ListChecks)),
                args.byo_kernel,
                args.record_hostinfo,
                args.only_checks,
                args.report_dir,
            )
            .await
        }
        Commands::Postinstall(args) => {
            postinstall_cmd::do_postinstall(
                matches!(args.action, Some(PostinstallAction::ListChecks)),
                args.record_hostinfo,
                args.only_checks,
                args.report_dir,
            )
            .await
        }
    }
}

async fn create_gzip_from(base_path: PathBuf, host_executor: HostNamespaceExecutor) -> Result<()> {
    let mut archive_path = base_path.clone();
    archive_path.set_extension("tar.gz");
    let tar_gz = File::create(&archive_path)
        .with_context(|| format!("failed to create {}", archive_path.display()))?;
    let enc = GzEncoder::new(tar_gz, Compression::default());
    let mut tar = tar::Builder::new(enc);
    tar.append_dir_all(".", &base_path)
        .context("failed to append to tar {}")?;
    tar.into_inner().context("failed to finish tar")?;
    let container_tarfile = archive_path.to_string_lossy().to_string();

    let targz_content = std::fs::read(&container_tarfile).expect("could not read tar");

    debug!("Read {} bytes of tar", targz_content.len());
    // Remove the source directory after tar creation
    std::fs::remove_dir_all(&base_path)
        .with_context(|| format!("failed to remove results directory {}", base_path.display()))?;

    let copy_to_host: JoinHandle<()> = host_executor.spawn_in_host_ns(async move {
        // Write tar.gz to host
        tokio::fs::write(&container_tarfile, targz_content)
            .await
            .expect("could not write tar to host");

        println!(
            "{} {} Report saved: {}",
            SPARKLE,
            style("All Done!").green(),
            style(container_tarfile).cyan()
        );
    });

    Ok(copy_to_host.await?)
}

fn create_base_path(base_dir: PathBuf, hostname: &str, stage: &str) -> Result<PathBuf> {
    let now = Utc::now();

    let base_path = base_dir.join(format!(
        "edera-{}-report-{}-{}",
        stage,
        hostname,
        now.format("%Y%m%d-%H%M%S")
    ));
    fs::create_dir_all(&base_path)
        .with_context(|| format!("could not create {}", base_path.display()))?;
    debug!("Writing all files to {}", base_path.to_string_lossy());
    Ok(base_path)
}

fn write_group_report(
    group: Box<dyn CheckGroup>,
    result: &CheckGroupResult,
    path: &Path,
) -> Result<()> {
    let path = path.join(group.id());
    fs::create_dir_all(&path).with_context(|| format!("could not create {}", path.display()))?;

    for check in result.results.iter() {
        // Sanitize the name of the check into a flat file. Script Checks default to the path of
        // the script as the name so we need to sanitize.
        let name = check
            .name
            .replace(" ", "_")
            .replace("/", "_")
            .replace(".", "");

        let path = path.join(name);
        match check.output_to_record.as_ref() {
            Some(text) => fs::write(&path, text),
            None => fs::write(&path, format!("{}", check.result)),
        }
        .with_context(|| format!("failed to write to {}", path.display()))?;
    }
    Ok(())
}

async fn booted_under_edera(host_executor: &HostNamespaceExecutor) -> Result<bool> {
    host_executor
        .spawn_in_host_ns(async {
            if !Path::new("/var/lib/edera/protect/.install-completed").exists() {
                return false;
            }
            let xen = Path::new("/sys/hypervisor/type");
            xen.exists() && fs::read_to_string(xen).unwrap_or_default().trim() == "xen"
        })
        .await
        .context("failed to check Edera boot status")
}