manageiq / manageiq-gems-pending Goto Github PK

Gems Pending to be extracted for ManageIQ project.

License: Other

Ruby 98.89% Shell 0.04% PowerShell 1.06%

manageiq-gems-pending's Introduction

ManageIQ::Gems::Pending

Code extracted from ManageIQ/manageiq gems/pending directory in an effort to reduce complexity of ManageIQ/manageiq repository.

Installation

Add this line to your application's Gemfile:

gem 'manageiq-gems-pending'

And then execute:

$ bundle

Or install it yourself as:

$ gem install manageiq-gems-pending

Development

After checking out the repo, run bin/setup to install dependencies. Then, run rake spec to run the tests. You can also run bin/console for an interactive prompt that will allow you to experiment.

To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and tags, and push the .gem file to rubygems.org.

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/ManageIQ/manageiq-gems-pending.

License

See LICENSE.txt.

manageiq-gems-pending's People

Contributors

Stargazers

Watchers

Forkers

chessbyte carbonin agrare fryguy aufi zakiva yrudman alongoldboim sseago jerryk55 gtanzillo pkliczewski kbrock bzwei jvlcek matobet chrisarcand mansam bdunne blomquisg cben tzumainn enoodle aljesusg skateman petervo lfu durandom imtayadeway jameswnl jrafanie israel-hdez abellotti movitto andyvesel nmaludy rwsu hsong-rh mkanoor masayag gberginc borod108 rsevilla87 nicklamuro ailisp simaishi jprause paulslaby alexander-demicev juliancheal kruge002 jntullo gianpietro1 rakeshrajwar d-m-u mzazrivec xiaoruiguo tumido alexanderzagaynov fabiendupont zitanemeckova madhavanror nizaminabeel pemcg faraazkhan xlab-si gmcculloug astrozzc mfeifer tonyli71 mohneeshjhapuresoftware khanhct isabella232 jdenver23 jaywcarman alizapeikes nasark ciumabok

manageiq-gems-pending's Issues

Intermittent spec failure in miq-benchmark_spec.rb

Found on #443 https://travis-ci.org/ManageIQ/manageiq-gems-pending/jobs/570796622 (not sure how long that link will be valid for...)

 1) Benchmark Timeout raising within .realtime_block
     Failure/Error: raise("Completed without Timeout!?  Tip: may result from unclosed Tempfile object.")
     
     RuntimeError:
       Completed without Timeout!?  Tip: may result from unclosed Tempfile object.
     # ./spec/util/extensions/miq-benchmark_spec.rb:124:in `block (3 levels) in <top (required)>'
     # ./spec/util/extensions/miq-benchmark_spec.rb:112:in `times'
     # ./spec/util/extensions/miq-benchmark_spec.rb:112:in `block (2 levels) in <top (required)>'

Extract PostgresAdmin into a separate gem

This is still an idea in it's infancy that has only been briefly discussed by @carbonin and myself (possibly in other forms). This is mostly a follow up to some discussion surrounding #385 and how that was implemented.

TODOs

Remove appliance based backup from PostgresAdmin restore specs
- Added in #385 (see PR for details)
Remove any references to ActiveRecord if they exist in PostgresAdmin (shouldn't, but we just want to rely on pg only
Remove awesome-spawn dependency?
- Mostly using it's command builder for this, and most of our execution is happening through Open3 or other stdlib methods.
- Unsure if we actually want to do this, but it would make this a little more focused on the Postgresql aspect of this gem, but up for discussion.
Roll in a few features that exist in manageiq-appliance_console, and have that call out to this
- The database configuration stuff that is done there could be useful in this lib
Make a wrapper class in manageiq for handling our specific issues
- I assume ideally we would have an easy enough to deal with DSL that would allow this to be pretty small. Maybe even only need a config file?
Make "said gem"

Updated thoughts: Looking at this again a few weeks later, I think the changes to the specs could possibly be done as part of creating the new gem, and possibly skipped being done here. Speaking personally, I might wait for the dust to settle on hammer before trying to tackle any of this, but we will see.

CVE-2024-26141 (Medium) detected in rack-3.0.8.gem - autoclosed

CVE-2024-26141 - Medium Severity Vulnerability

Vulnerable Library - rack-3.0.8.gem

Rack provides a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between (the so-called middleware) into a single method call.

Library home page: https://rubygems.org/gems/rack-3.0.8.gem

Path to dependency file: /Gemfile.lock

Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/rack-3.0.8.gem

Dependency Hierarchy:

manageiq-style-1.3.3.gem (Root Library)
- rubocop-rails-2.20.2.gem
  - ❌ rack-3.0.8.gem (Vulnerable Library)

Found in base branch: master

Vulnerability Details

Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Responding with such large responses could lead to a denial of service issue. Vulnerable applications will use the Rack::File middleware or the Rack::Utils.byte_ranges methods (this includes Rails applications). The vulnerability is fixed in 3.0.9.1 and 2.2.8.1.

Publish Date: 2024-02-29

URL: CVE-2024-26141

CVSS 3 Score Details (5.8)

Base Score Metrics:

Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Changed
Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: Low

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://www.cve.org/CVERecord?id=CVE-2024-26141

Release Date: 2024-02-29

Fix Resolution: rack - 2.2.8.1,3.0.9.1

Step up your Open Source Security Game with Mend here

Add GPT disk type support in SSA

Add the logic to parse GPT type of disk in smart state analysis.

gems/pending/util general cleanup

Delete

Completed

Dedicated gem/process/application

miq-password -> became ManageIQ::Password gem #417 + #424
duplicate_blocker/* + duplicate_blocker.rb (perhaps it should fork the original instead and re-release?)
MiqSshUtil -> became manageiq-ssh-util gem #470
- Host fleecing (is that even a thing, since the code says "not esxi"?)
- Automate can ssh exec a script on a host
- Host verify ssh creds (for what purpose, though?)
win32/wimparser #514

Move

Completed

miq_apache/* -> ManageIQ (for evmserver purposes) #235 + ManageIQ/manageiq#15548
miq-syntax-checker -> automation_engine / automation_models (MiqAeMethod) #237 + ManageIQ/manageiq-automation_engine#51 + ManageIQ/manageiq#15550
miq-unicode -> #509 + ManageIQ/manageiq-smartstate#149
miq_tempfile -> #469 + ManageIQ/manageiq-smartstate#124
system/evm_watchdog.rb -> manageiq-appliance #236 + ManageIQ/manageiq-appliance#128

Dependencies

Completed

log4r -> delete #295

Keep in core ^[ref]

core extensions

Completed

move to more_core_extensions
- miq-benchmark ManageIQ/more_core_extensions#65 + #419 + #495
- miq-deep#deep_clone/deep_delete ManageIQ/more_core_extensions#91 + #484
- miq-hash ManageIQ/more_core_extensions#46 + #242 + #493
- miq-module ManageIQ/more_core_extensions#51 + #251
- miq-object#deep_send ManageIQ/more_core_extensions#94 + #494
- miq-range ManageIQ/more_core_extensions#47 + #246
- miq-symbol ManageIQ/more_core_extensions#49 + #248
- miq-uuid ManageIQ/manageiq-smartstate#130 + ManageIQ/more_core_extensions#81 + #487
- to_i_with_method - ManageIQ/more_core_extensions#95 + #496
- miq-yaml (monkeypatch) - #342
- miq-stats (extension to Math module) ManageIQ/more_core_extensions#50 + #421
other
- to_miq_a (can we remove this or switch to Array.wrap) #483 + #489
- miq-file (delete the win32 stuff, see what's left) #284

cc @chessbyte

Fix RAILS_ROOT definitions

Many of these are relying on the old location of this code within the manageiq directory structure.

12:03:07:~/Source/manageiq-gems-pending/lib/gems/pending (master)$ git grep RAILS_ROOT
appliance_console.rb:10:RAILS_ROOT = [
appliance_console.rb:16:ENV['BUNDLE_GEMFILE'] ||= RAILS_ROOT.join("Gemfile").to_s
appliance_console.rb:50:VERSION_FILE  = RAILS_ROOT.join("VERSION")
appliance_console.rb:51:LOGFILE       = RAILS_ROOT.join("log", "appliance_console.log")
appliance_console.rb:59:MiqPassword.key_root = "#{RAILS_ROOT}/certs"
appliance_console/database_configuration.rb:11:RAILS_ROOT ||= Pathname.new(__dir__).join("../../..")
appliance_console/database_configuration.rb:20:    DB_YML      = RAILS_ROOT.join("config/database.yml")
appliance_console/database_configuration.rb:21:    DB_YML_TMPL = RAILS_ROOT.join("config/database.pg.yml")
appliance_console/external_auth_options.rb:7:RAILS_ROOT ||= Pathname.new(__dir__).join("../../..")
appliance_console/external_auth_options.rb:11:    # VMDB_YML      = RAILS_ROOT.join("config/vmdb.yml.db")
appliance_console/external_auth_options.rb:12:    # VMDB_YML_TMPL = RAILS_ROOT.join("config/vmdb.tmpl.yml")
appliance_console/internal_database_configuration.rb:7:RAILS_ROOT ||= Pathname.new(__dir__).join("../../../")
appliance_console/key_configuration.rb:6:RAILS_ROOT ||= Pathname.new(__dir__).join("../../..")
appliance_console/key_configuration.rb:10:  CERT_DIR = "#{RAILS_ROOT}/certs"
appliance_console/logging.rb:4:RAILS_ROOT ||= Pathname.new(__dir__).join("../../..")
appliance_console/logging.rb:8:    LOGFILE = File.join(RAILS_ROOT, "log", "appliance_console.log")
appliance_console/utilities.rb:14:      result = AwesomeSpawn.run("rake #{task}", :chdir => RAILS_ROOT, :params => params)
appliance_console/utilities.rb:22:                                :chdir  => RAILS_ROOT
appliance_console/utilities.rb:40:        :chdir  => RAILS_ROOT
postgres_ha_admin/failover_monitor.rb:10:    RAILS_ROOT = [
postgres_ha_admin/failover_monitor.rb:76:                       :chdir  => RAILS_ROOT,
util/postgres_admin.rb:5:RAILS_ROOT ||= Pathname.new(__dir__).join("../../../")
util/postgres_admin.rb:42:    RAILS_ROOT.join("certs")

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

This repository currently has no open or pending branches.

Detected dependencies

bundler

Gemfile

github-actions

.github/workflows/ci.yaml

actions/checkout v4

ruby/setup-ruby v1

paambaati/codeclimate-action v6

Check this box to trigger a request for Renovate to run again on this repository

`WriteVm/build_linux/init.rb` is broken based on paths

When this code (manageiq-gems-pending) was refactored out of the ManageIQ core repo, the path referenced here was removed, so this code does not, and can not work.

I'm not familiar enough with it's original purpose to remove it myself, but it hasn't been touched since at least 2009 ...

`--xlog-method=stream` causes `rake evm:db:backup` to break

Currently causes the following error:

$ pg_basebackup --no-password -z --format t --xlog-method stream --pgdata backup_dir
pg_basebackup exit code: 1
pg_basebackup: WAL streaming can only be used in plain mode

Tested on manageiq/gaprindashvili 7.4.0 Vagrant VM. Steps to reproduce:

$ cd my_vagrant_testing_dir
$ vagrant init -m --output - manageiq/gaprindashvili | awk -v c='  config.vm.provider "virtualbox"' "{ print } /^Vagrant.configure/ { print c }" > Vagrantfile
$ vagrant box update --box manageiq/gaprindashvili
$ vagrant up
$ vagrant ssh
vagrant@appliance $ vmdb
vagrant@appliance $ sudo --shell
root@appliance $ curl https://raw.githubusercontent.com/ManageIQ/manageiq-gems-pending/master/lib/gems/pending/util/postgres_admin.rb > $(ls -d /usr/local/lib/ruby/gems/2.3.0/bundler/gems/manageiq-gems-pending-* | tail -n 1)/lib/gems/pending/util/postgres_admin.rb
root@appliance $ bin/rails evm:db:backup:local -- --local-file my-backup.tar.gz
root@appliance $ grep -A1 AwesomeSpawn log/evm.log

cc @carbonin

CVE-2024-25126 (Medium) detected in rack-3.0.8.gem - autoclosed

CVE-2024-25126 - Medium Severity Vulnerability

Vulnerable Library - rack-3.0.8.gem

Library home page: https://rubygems.org/gems/rack-3.0.8.gem

Path to dependency file: /Gemfile.lock

Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/rack-3.0.8.gem

Dependency Hierarchy:

manageiq-style-1.3.3.gem (Root Library)
- rubocop-rails-2.20.2.gem
  - ❌ rack-3.0.8.gem (Vulnerable Library)

Found in base branch: master

Vulnerability Details

Rack is a modular Ruby web server interface. Carefully crafted content type headers can cause Rack’s media type parser to take much longer than expected, leading to a possible denial of service vulnerability (ReDos 2nd degree polynomial). This vulnerability is patched in 3.0.9.1 and 2.2.8.1.

Publish Date: 2024-02-29

URL: CVE-2024-25126

CVSS 3 Score Details (5.3)

Base Score Metrics:

Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: Low

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-22f2-v57c-j9cx

Release Date: 2024-02-29

Fix Resolution: rack - 2.2.8.1,3.0.9.1

Step up your Open Source Security Game with Mend here

Can MiqProcess be dropped completely in favor of sys-proctable?

@NickLaMuro asked the question over at #458 (comment) as to whether or not we can drop MiqProcess completely in favor of sys-proctable.

I've created this issue to see if I can do a method by method comparison of how it would be done. I'm pretty sure most of it can.

Add missing features to appliance_console_cli

https://bugzilla.redhat.com/show_bug.cgi?id=1385697 was opened to request adding features to the appliance_console_cli that are currently only available in the interactive console.

It will be easier to add things here in a check list and track each missing feature separately.
Please add to this list if I missed any.

Prompt for and configure a disk when setting up a standby database

We should allow users to configure an attached disk when configuring a standby database. Right now we only do this when configuring a primary.

The result is we always configure the database on the root partition which isn't always ideal.

Removing miq-uuid.rb

The MiqUUID module has a single method called clean_guid. This method parses a string and returns a lowercased, canonical string if it can, or nil if it's given a nil, blank, or generally invalid argument.

Thinking that one of the existing uuid libraries might work, I started poking around the rubysphere to see what was available. What I found is that the current state of UUID libraries is generally terrible and/or isn't focused on parsing uuid strings. The current issues are:

The Digest::UUID in Rails only generates them, it doesn't parse them.
The uuidtools library (what we're using) hasn't been updated in 5 years, and its parse method cannot handle invalid formats.
Every other library I looked at (about a dozen) either focuses on uuid generation, strict validation, or cannot handle invalid, empty or nil arguments. The best one I could find was gn-uuid.
Most Ruby uuid libraries haven't been updated in years, which is problematic since UUID format evolves over time (v5 is out, v6 is under consideration).

Our current library is designed to be very flexible, presumably because we cannot anticipate what strange formatting any given provider might decide to do to their uuid strings, e.g. open and closing brackets in Microsoft uuid's. So, even if we found an up to date Ruby library, it still wouldn't do what we want.

Extracting this into its own library seems like overkill since it's only one method. My vote is to move this directly into the core 'lib' directly, possibly extending UUIDTools.

Win32Software failing on RollupFix's

When performing SmartState Analysis on a Windows 2012 VM the following error appears in the evm.log

[----] E, [2017-04-14T10:11:35.319528 #12806:3a398c] ERROR -- : MIQExtract.extract undefined method `split' for nil:NilClass
[----] E, [2017-04-14T10:11:35.319698 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/gems/pending/metadata/util/win32/Win32Software.rb:165:in `block in initialize'
[----] E, [2017-04-14T10:11:35.319729 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/gems/pending/util/xml/xml_hash.rb:116:in `block in each_element'
[----] E, [2017-04-14T10:11:35.319747 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/gems/pending/util/xml/xml_hash.rb:111:in `block in each'
[----] E, [2017-04-14T10:11:35.319763 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/gems/pending/util/xml/xml_hash.rb:111:in `each'
[----] E, [2017-04-14T10:11:35.319780 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/gems/pending/util/xml/xml_hash.rb:111:in `each'
[----] E, [2017-04-14T10:11:35.319795 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/gems/pending/util/xml/xml_hash.rb:116:in `each_element'
[----] E, [2017-04-14T10:11:35.319811 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/gems/pending/metadata/util/win32/Win32Software.rb:155:in `initialize'
[----] E, [2017-04-14T10:11:35.319827 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/gems/pending/metadata/MIQExtract/MIQExtract.rb:253:in `new'
[----] E, [2017-04-14T10:11:35.319842 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/gems/pending/metadata/MIQExtract/MIQExtract.rb:253:in `getSoftware'
[----] E, [2017-04-14T10:11:35.319859 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/gems/pending/metadata/MIQExtract/MIQExtract.rb:136:in `block in extract'
[----] E, [2017-04-14T10:11:35.319875 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/gems/pending/metadata/MIQExtract/MIQExtract.rb:131:in `each'
[----] E, [2017-04-14T10:11:35.319890 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/gems/pending/metadata/MIQExtract/MIQExtract.rb:131:in `extract'
[----] E, [2017-04-14T10:11:35.319906 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/mixins/scanning_mixin.rb:254:in `block in scan_via_miq_vm'
[----] E, [2017-04-14T10:11:35.319921 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/mixins/scanning_mixin.rb:250:in `each'
[----] E, [2017-04-14T10:11:35.319942 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/mixins/scanning_mixin.rb:250:in `scan_via_miq_vm'
[----] E, [2017-04-14T10:11:35.319960 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/manageiq/providers/vmware/infra_manager/vm_or_template_shared/scanning.rb:18:in `perform_metadata_scan'
[----] E, [2017-04-14T10:11:35.319975 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_server/server_smart_proxy.rb:125:in `scan_metadata'
[----] E, [2017-04-14T10:11:35.319991 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_queue.rb:345:in `block in deliver'
[----] E, [2017-04-14T10:11:35.320007 #12806:3a398c] ERROR -- : MIQExtract.extract /opt/rh/rh-ruby22/root/usr/share/ruby/timeout.rb:89:in `block in timeout'
[----] E, [2017-04-14T10:11:35.320022 #12806:3a398c] ERROR -- : MIQExtract.extract /opt/rh/rh-ruby22/root/usr/share/ruby/timeout.rb:34:in `block in catch'
[----] E, [2017-04-14T10:11:35.320038 #12806:3a398c] ERROR -- : MIQExtract.extract /opt/rh/rh-ruby22/root/usr/share/ruby/timeout.rb:34:in `catch'
[----] E, [2017-04-14T10:11:35.320087 #12806:3a398c] ERROR -- : MIQExtract.extract /opt/rh/rh-ruby22/root/usr/share/ruby/timeout.rb:34:in `catch'
[----] E, [2017-04-14T10:11:35.320106 #12806:3a398c] ERROR -- : MIQExtract.extract /opt/rh/rh-ruby22/root/usr/share/ruby/timeout.rb:104:in `timeout'
[----] E, [2017-04-14T10:11:35.320122 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_queue.rb:341:in `deliver'
[----] E, [2017-04-14T10:11:35.320138 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_queue_worker_base/runner.rb:106:in `deliver_queue_message'
[----] E, [2017-04-14T10:11:35.320154 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_queue_worker_base/runner.rb:134:in `deliver_message'
[----] E, [2017-04-14T10:11:35.320169 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_queue_worker_base/runner.rb:152:in `block in do_work'
[----] E, [2017-04-14T10:11:35.320184 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_queue_worker_base/runner.rb:146:in `loop'
[----] E, [2017-04-14T10:11:35.320199 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_queue_worker_base/runner.rb:146:in `do_work'
[----] E, [2017-04-14T10:11:35.320215 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_worker/runner.rb:334:in `block in do_work_loop'
[----] E, [2017-04-14T10:11:35.320244 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_worker/runner.rb:331:in `loop'
[----] E, [2017-04-14T10:11:35.320262 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_worker/runner.rb:331:in `do_work_loop'
[----] E, [2017-04-14T10:11:35.320278 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_worker/runner.rb:153:in `run'
[----] E, [2017-04-14T10:11:35.320293 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_worker/runner.rb:128:in `start'
[----] E, [2017-04-14T10:11:35.320309 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_worker/runner.rb:21:in `start_worker'
[----] E, [2017-04-14T10:11:35.320324 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_worker.rb:347:in `block in start'
[----] E, [2017-04-14T10:11:35.320340 #12806:3a398c] ERROR -- : MIQExtract.extract /opt/rh/cfme-gemset/gems/nakayoshi_fork-0.0.3/lib/nakayoshi_fork.rb:24:in `fork'
[----] E, [2017-04-14T10:11:35.320355 #12806:3a398c] ERROR -- : MIQExtract.extract /opt/rh/cfme-gemset/gems/nakayoshi_fork-0.0.3/lib/nakayoshi_fork.rb:24:in `fork'
[----] E, [2017-04-14T10:11:35.320374 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_worker.rb:345:in `start'
[----] E, [2017-04-14T10:11:35.320402 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_worker.rb:274:in `start_worker'
[----] E, [2017-04-14T10:11:35.320438 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_worker.rb:154:in `block in sync_workers'
[----] E, [2017-04-14T10:11:35.320470 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_worker.rb:154:in `times'
[----] E, [2017-04-14T10:11:35.320503 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_worker.rb:154:in `sync_workers'
[----] E, [2017-04-14T10:11:35.320526 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_server/worker_management/monitor.rb:52:in `block in sync_workers'
[----] E, [2017-04-14T10:11:35.320543 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_server/worker_management/monitor.rb:50:in `each'
[----] E, [2017-04-14T10:11:35.320598 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_server/worker_management/monitor.rb:50:in `sync_workers'
[----] E, [2017-04-14T10:11:35.320616 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_server/worker_management/monitor.rb:22:in `monitor_workers'
[----] E, [2017-04-14T10:11:35.320632 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_server.rb:362:in `block in monitor'
[----] E, [2017-04-14T10:11:35.320647 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/gems/pending/util/extensions/miq-benchmark.rb:11:in `realtime_store'
[----] E, [2017-04-14T10:11:35.320663 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/gems/pending/util/extensions/miq-benchmark.rb:30:in `realtime_block'
[----] E, [2017-04-14T10:11:35.320678 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_server.rb:362:in `monitor'
[----] E, [2017-04-14T10:11:35.320703 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_server.rb:382:in `block (2 levels) in monitor_loop'
[----] E, [2017-04-14T10:11:35.320728 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/gems/pending/util/extensions/miq-benchmark.rb:11:in `realtime_store'
[----] E, [2017-04-14T10:11:35.320744 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/gems/pending/util/extensions/miq-benchmark.rb:30:in `realtime_block'
[----] E, [2017-04-14T10:11:35.320760 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_server.rb:382:in `block in monitor_loop'
[----] E, [2017-04-14T10:11:35.320776 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_server.rb:381:in `loop'
[----] E, [2017-04-14T10:11:35.320791 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_server.rb:381:in `monitor_loop'
[----] E, [2017-04-14T10:11:35.320807 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/app/models/miq_server.rb:266:in `start'
[----] E, [2017-04-14T10:11:35.320822 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/lib/workers/evm_server.rb:65:in `start'
[----] E, [2017-04-14T10:11:35.320838 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/lib/workers/evm_server.rb:92:in `start'
[----] E, [2017-04-14T10:11:35.320854 #12806:3a398c] ERROR -- : MIQExtract.extract /var/www/miq/vmdb/lib/workers/bin/evm_server.rb:4:in `<main>'

I instrumented the code to print out the element details prior to the failure

[----] I, [2017-04-14T10:11:35.317155 #12806:3a398c]  INFO -- : Win32Software::initialize() - Element's keyname starts with Package_, element:
 key {:keyname=>"Package_for_KB3184122_RTM~31bf3856ad364e35~amd64~~6.3.1.1", :fqname=>"software\\Microsoft\\Windows\\CurrentVersion\\Component Based Servicing\\Packages\\Package_for_KB3184122_RTM~31bf3856ad364e35~amd64~~6.3.1.1"}
  value {:type=>:REG_SZ, :name=>"InstallLocation"} \\?\C:\Windows\SoftwareDistribution\Download\c2ea7323991a16f3cf1465dec49374e5\
  value {:type=>:REG_DWORD, :name=>"CurrentState"} 112
  value {:type=>:REG_DWORD, :name=>"Visibility"} 2
  value {:type=>:REG_DWORD, :name=>"InstallTimeHigh"} 30543713
  value {:type=>:REG_DWORD, :name=>"InstallTimeLow"} 1199975721
  key {:keyname=>"Owners", :fqname=>"software\\Microsoft\\Windows\\CurrentVersion\\Component Based Servicing\\Packages\\Package_for_KB3184122_RTM~31bf3856ad364e35~amd64~~6.3.1.1\\Owners"}
[----] I, [2017-04-14T10:11:35.317185 #12806:3a398c]  INFO -- : Win32Software::initialize() - Element's package = ["Package", "for", "KB3184122", "RTM~31bf3856ad364e35~amd64~~6.3.1.1"]
[----] I, [2017-04-14T10:11:35.319416 #12806:3a398c]  INFO -- : Win32Software::initialize() - Element's keyname starts with Package_, element:
 key {:keyname=>"Package_for_RollupFix~31bf3856ad364e35~amd64~~9600.18528.1.5", :fqname=>"software\\Microsoft\\Windows\\CurrentVersion\\Component Based Servicing\\Packages\\Package_for_RollupFix~31bf3856ad364e35~amd64~~9600.18528.1.5"} 
  value {:type=>:REG_SZ, :name=>"InstallLocation"} \\?\C:\Windows\SoftwareDistribution\Download\ba69d3dba8e87f642b7551de27f41459\windows8.1-kb3197874-x64-express.cab
  value {:type=>:REG_DWORD, :name=>"CurrentState"} 112
  value {:type=>:REG_DWORD, :name=>"Visibility"} 1
  value {:type=>:REG_DWORD, :name=>"InstallTimeHigh"} 30559260
  value {:type=>:REG_DWORD, :name=>"InstallTimeLow"} 1808991745
  key {:keyname=>"Owners", :fqname=>"software\\Microsoft\\Windows\\CurrentVersion\\Component Based Servicing\\Packages\\Package_for_RollupFix~31bf3856ad364e35~amd64~~9600.18528.1.5\\Owners"} 

[----] I, [2017-04-14T10:11:35.319446 #12806:3a398c]  INFO -- : Win32Software::initialize() - Element's package = ["Package", "for", "RollupFix~31bf3856ad364e35~amd64~~9600.18528.1.5"]
[----] E, [2017-04-14T10:11:35.319528 #12806:3a398c] ERROR -- : MIQExtract.extract undefined method `split' for nil:NilClass

It appears that https://github.com/ManageIQ/manageiq-gems-pending/blob/master/lib/gems/pending/metadata/util/win32/Win32Software.rb#L159-L161 is assuming that the Package_ string has a minimum of 4 components after splitting by '_'. However, in this case of a "RollupFix" the string only has 3 elements, so when it accesses packages[3] a nil is returned.

Log failure when ReFS is detected during SSA.

Add a FS probe routine for ReFS that logs a message indicating ReFS isn't supported.

Verify/cleanup the REXML monkey patch in lib/util/xml/miq_rexml.rb

Is it still needed with ruby 2.0 and beyond?

https://github.com/ManageIQ/manageiq/blob/f1325ba2c6c70cc6214729873e6724e555078935/lib/util/xml/miq_rexml.rb#L110

This issue was moved to this repository from ManageIQ/manageiq#856, originally opened by @lfu

Verify/cleanup the Logger monkey patch in lib/util/miq-logger.rb

Is it still needed with ruby 2.0 and beyond?

https://github.com/ManageIQ/manageiq/blob/f1325ba2c6c70cc6214729873e6724e555078935/lib/util/miq-logger.rb#L123

This issue was moved to this repository from ManageIQ/manageiq#859, originally opened by @lfu

IPv6 in applicance_console -- tracking status

appliance_console

Other extra commands

rake evm:db:backup:remote -- --uri nfs://[2620:52:0:2804:3fec:900f:ca31:a115]/export/backup --remote-file-name myfile

Other features

An IPv6-only appliance (without db) successfully connect to another (IPv6-only) appliance with db
An IPv6-only appliance (represents region 1) successfully replicates to master region (IPv6-only)

Needs new .rubocop files

Move MiqFileStorage into core and provider specific gems

Related to the large issue, #231 (the mount/* checkbox), though has grown in scope since that issue was created do to the addition of the following classes/libs being created/reworked:

lib/gems/pending/util/miq_file_storage.rb
lib/gems/pending/util/miq_object_storage.rb
lib/gems/pending/util/miq_ftp_lib.rb
lib/gems/pending/util/object_storage/*.rb
- miq_ftp_storage.rb
- miq_s3_storage.rb
- miq_swift_storage.rb

Really, this is all manageiq related, and should just live there in lib/ (or a core gem... if we ever go that route). The provider specific ones should live in their respective provider repos, and get loaded in as part of the rake tasks to determine what functionality is available then (instead of the hard coding that is done currently).

Task items

Move into "core" ( ManageIQ/manageiq#19547 , #454 )
Create a plugin system for providers
Extract provider code to their respective repos

FYI, you may have to re-record cassettes with psych 2.1.0+

See ghempton/camcorder#13. Already fixed for miq_disk_spec.rb in the Fine branch.

Make the appliance console file a class that we can run

Right now the console is a big script which is run when it is required.

We would rather make it a class or module that has a .run method which can take parameters instead of relying on environment variables such as RAILS_ROOT.

Split Appliance Console into separate Repo

Make Benchmark Timing output more sensible

The current Benchmark timings do a good job of capturing the time it took to do various blocks, but one of the things that it's missing is the ability to group, or nest, timings the same way we're nesting the calls to Benchmark.realtime_block in the code.

For instance, in the VMWare EMS Refresh process, we have several calls to Benchmark.realtime_block. If I grouped the timing keys together to represent their call stack, it would look like:

- ems_refresh
| - collect_inventory_for_targets
  | - get_ems_data
  | - get_vc_data
  | - get_vc_data_ems_customization_specs (optional)
  | - filter_vc_data
  | - get_vc_data_host_scsi
| - parse_targeted_inventory
  | - parse_vc_data
| - save_inventory
  | - db_save_inventory

However, this is what we currently output when we capture the Benchmark.realtime_block:

[----] I, [2016-09-25T20:29:39.651349 #30193:ea3990] INFO -- : 
MIQ(ManageIQ::Providers::Vmware::InfraManager::Refresher#refresh) 
EMS: [EMS NAME], id: [50000000000004] Refreshing targets for EMS...Complete - 
Timings {:server_dequeue=>0.0058367252349853516, :get_ems_data=>9.814793109893799, 
:get_vc_data=>89.20815706253052, :filter_vc_data=>0.020371675491333008, 
:get_vc_data_host_scsi=>16.73558282852173, 
:collect_inventory_for_targets=>115.83132314682007, :parse_vc_data=>0.729074239730835, 
:parse_targeted_inventory=>0.729581356048584, :db_save_inventory=>32.98734211921692, 
:save_inventory=>32.98742628097534, :ems_refresh=>149.55086016654968}

If I scale that back to just the hash of timings, it looks like (newlines and formatting added):

{
 :server_dequeue                => 0.0058367252349853516, 
 :get_ems_data                  => 9.814793109893799, 
 :get_vc_data                   => 89.20815706253052, 
 :filter_vc_data                => 0.020371675491333008, 
 :get_vc_data_host_scsi         => 16.73558282852173, 
 :collect_inventory_for_targets => 115.83132314682007, 
 :parse_vc_data                 => 0.729074239730835, 
 :parse_targeted_inventory      => 0.729581356048584, 
 :db_save_inventory             => 32.98734211921692, 
 :save_inventory                => 32.98742628097534, 
 :ems_refresh                   => 149.55086016654968
}

There's no organization to this data. Instead, it's just a collection of numbers without any context. If this hash represented the nested nature of these calls, it could look like (newlines and formatting added):

{
  :server_dequeue => 0.0058367252349853516, 
  :ems_refresh => 149.55086016654968,
  :ems_refresh_timings => { 
    :collect_inventory_for_targets => 115.83132314682007, 
    :collect_inventory_for_targets_timings => {
      :get_ems_data => 9.814793109893799, 
      :get_vc_data => 89.20815706253052, 
      :filter_vc_data => 0.020371675491333008, 
      :get_vc_data_host_scsi => 16.73558282852173, 
    },
    :parse_targeted_inventory => 0.729581356048584, 
    :parse_targeted_inventory_timings => {
      :parse_vc_data => 0.729074239730835,
    },
    :save_inventory => 32.98742628097534,
    :save_inventory_timings => {
      :db_save_inventory => 32.98734211921692,
    }
  }
}

This gives a much clearer view, imo, of how these numbers actually compose a larger refresh timing.

I would love to see other examples of nested Benchmark.realtime_block log output that either corroborates or disproves the need for better timing grouping.

This issue was moved to this repository from ManageIQ/manageiq#11692, originally opened by @blomquisg

CVE-2024-26146 (Medium) detected in rack-3.0.8.gem - autoclosed

CVE-2024-26146 - Medium Severity Vulnerability

Vulnerable Library - rack-3.0.8.gem

Library home page: https://rubygems.org/gems/rack-3.0.8.gem

Path to dependency file: /Gemfile.lock

Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/rack-3.0.8.gem

Dependency Hierarchy:

manageiq-style-1.3.3.gem (Root Library)
- rubocop-rails-2.20.2.gem
  - ❌ rack-3.0.8.gem (Vulnerable Library)

Found in base branch: master

Vulnerability Details

Rack is a modular Ruby web server interface. Carefully crafted headers can cause header parsing in Rack to take longer than expected resulting in a possible denial of service issue. Accept and Forwarded headers are impacted. Ruby 3.2 has mitigations for this problem, so Rack applications using Ruby 3.2 or newer are unaffected. This vulnerability is fixed in 2.0.9.4, 2.1.4.4, 2.2.8.1, and 3.0.9.1.

Publish Date: 2024-02-29

URL: CVE-2024-26146

CVSS 3 Score Details (5.3)

Base Score Metrics:

Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: Low

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://www.cve.org/CVERecord?id=CVE-2024-26146

Release Date: 2024-02-29

Fix Resolution: rack - 2.0.9.4,2.1.4.4,2.2.8.1,3.0.9.1

Step up your Open Source Security Game with Mend here

Split PostrgreSQL HA Admin into separate Repo

RabbitMQ durable queues lead to fail of event handler for OpenStack AMQP

Hi Guys.

OpenStack HA guide have recommendation to set durable queues/exchanges for rabbitmq:

https://docs.openstack.org/ha-guide/shared-messaging.html

But currently MIQ cannot use these queues/exchanges because there is no options to configure such connection:

[----] E, [2018-01-13T00:38:19.931742 #16419:a6516c] ERROR -- : MIQ(ManageIQ::Providers::Openstack::CloudManager::EventCatcher::Runner#start_event_monitor) EMS [miq] as [openstackadmin] Event Monitor Thread aborted because [PRECONDITION_FAILED - inequivalent arg 'durable' for exchange 'nova' in vhost '/': received 'false' but current is 'true']
[----] E, [2018-01-13T00:38:19.931950 #16419:a6516c] ERROR -- : [Bunny::PreconditionFailed]: PRECONDITION_FAILED - inequivalent arg 'durable' for exchange 'nova' in vhost '/': received 'false' but current is 'true'  Method:[rescue in block in start_event_monitor]
[----] E, [2018-01-13T00:38:19.932041 #16419:a6516c] ERROR -- : /opt/rh/cfme-gemset/gems/bunny-2.1.0/lib/bunny/channel.rb:1946:in `raise_if_continuation_resulted_in_a_channel_error!'
/opt/rh/cfme-gemset/gems/bunny-2.1.0/lib/bunny/channel.rb:1179:in `exchange_declare'
/opt/rh/cfme-gemset/gems/bunny-2.1.0/lib/bunny/exchange.rb:245:in `declare!'
/opt/rh/cfme-gemset/gems/bunny-2.1.0/lib/bunny/exchange.rb:83:in `initialize'
/opt/rh/cfme-gemset/gems/bunny-2.1.0/lib/bunny/channel.rb:344:in `new'
/opt/rh/cfme-gemset/gems/bunny-2.1.0/lib/bunny/channel.rb:344:in `topic'
/opt/rh/cfme-gemset/bundler/gems/manageiq-gems-pending-dd41a2772297/lib/gems/pending/openstack/events/openstack_rabbit_event_monitor.rb:111:in `block in initialize_queues'
/opt/rh/cfme-gemset/bundler/gems/manageiq-gems-pending-dd41a2772297/lib/gems/pending/openstack/events/openstack_rabbit_event_monitor.rb:110:in `each'
/opt/rh/cfme-gemset/bundler/gems/manageiq-gems-pending-dd41a2772297/lib/gems/pending/openstack/events/openstack_rabbit_event_monitor.rb:110:in `initialize_queues'
/opt/rh/cfme-gemset/bundler/gems/manageiq-gems-pending-dd41a2772297/lib/gems/pending/openstack/events/openstack_rabbit_event_monitor.rb:77:in `start'
/var/www/miq/vmdb/app/models/manageiq/providers/openstack/event_catcher_mixin.rb:38:in `monitor_events'
/var/www/miq/vmdb/app/models/manageiq/providers/base_manager/event_catcher/runner.rb:164:in `block in start_event_monitor'

From the source code I have found that queues initialization does not use any settings for durable exchange initialization:

https://github.com/ManageIQ/manageiq-gems-pending/blob/fine/lib/gems/pending/openstack/events/openstack_rabbit_event_monitor.rb#L111

But Ruby Bunny have such ability:

http://rubybunny.info/articles/durability.html

I have tested the following and it's work as expected with durable exchanges for nova/neutron etc..:

  def initialize_queues(channel)
    remove_legacy_queues
    @queues = {}
    if @options[:topics]
      @options[:topics].each do |exchange, topic|
        amqp_exchange = channel.topic(exchange, :durable => @options.fetch(:amqp_durable, false))
        queue_name = "miq-#{@client_ip}-#{exchange}"
        @queues[exchange] = channel.queue(queue_name, :auto_delete => true, :exclusive => true)
                                   .bind(amqp_exchange, :routing_key => topic)
      end
    end
  end

In MIQ Advanced settings should be parameter to enable this.

manageiq / manageiq-gems-pending Goto Github PK

manageiq-gems-pending's Introduction

ManageIQ::Gems::Pending

Installation

Development

Contributing

License

manageiq-gems-pending's People

Contributors

Stargazers

Watchers

Forkers

manageiq-gems-pending's Issues

TODOs

CVE-2024-26141 - Medium Severity Vulnerability

Delete

Dedicated gem/process/application

Move

Dependencies

Keep in core [ref]

core extensions

Detected dependencies

CVE-2024-25126 - Medium Severity Vulnerability

appliance_console

Other extra commands

Other features

Task items

CVE-2024-26146 - Medium Severity Vulnerability

Recommend Projects

Recommend Topics

Recommend Org

Keep in core ^[ref]