From 6bbeacba99ad0ff3eda476b299a9e09e1866d573 Mon Sep 17 00:00:00 2001 From: Markus Opolka Date: Thu, 22 Feb 2024 10:42:15 +0100 Subject: [PATCH 1/6] Refactor ilo firmware tests to be table driven --- hp/ilo/firmware_test.go | 78 +++++++++++++++++++++++++++++------------ 1 file changed, 55 insertions(+), 23 deletions(-) diff --git a/hp/ilo/firmware_test.go b/hp/ilo/firmware_test.go index d347d38..e897174 100644 --- a/hp/ilo/firmware_test.go +++ b/hp/ilo/firmware_test.go @@ -7,36 +7,68 @@ import ( ) func TestIlo_GetNagiosStatus(t *testing.T) { - ilo := Ilo{ - Model: "pciIntegratedLightsOutRemoteInsight3", - ModelID: 9, - RomRevision: "1.40", + testcases := map[string]struct { + ilo Ilo + expectedState int + expectedOutput string + }{ + "too-old": { + ilo: Ilo{ + Model: "pciIntegratedLightsOutRemoteInsight3", + ModelID: 9, + RomRevision: "1.40", + }, + expectedState: check.Critical, + expectedOutput: "too old", + }, + "newer": { + ilo: Ilo{ + Model: "pciIntegratedLightsOutRemoteInsight3", + ModelID: 9, + RomRevision: "2.18", + }, + expectedState: check.OK, + expectedOutput: "2.18 - version newer than affected", + }, + "pretty-old": { + ilo: Ilo{ + Model: "pciIntegratedLightsOutRemoteInsight2", + ModelID: 7, + RomRevision: "2.18", + }, + expectedState: check.Critical, + expectedOutput: "is pretty old and likely unsafe", + }, + "unknown-new": { + ilo: Ilo{ + Model: "verynew", + ModelID: 12, + RomRevision: "2.18", + }, + expectedState: check.OK, + expectedOutput: "verynew (12) revision 2.18 not known for any issues", + }, } - state, output := ilo.GetNagiosStatus() - assert.Equal(t, check.Critical, state) - assert.Contains(t, output, "too old") - - ilo.RomRevision = "2.18" - state, output = ilo.GetNagiosStatus() - assert.Equal(t, check.OK, state) - assert.Contains(t, output, "2.18") - - ilo.Model = "pciIntegratedLightsOutRemoteInsight2" - ilo.ModelID = 7 - state, output = ilo.GetNagiosStatus() - assert.Equal(t, check.Critical, state) - assert.Contains(t, output, "pretty old") + for name, tc := range testcases { + t.Run(name, func(t *testing.T) { + state, output := tc.ilo.GetNagiosStatus() + assert.Equal(t, state, tc.expectedState) + assert.Contains(t, output, tc.expectedOutput) + }) + } - ilo.Model = "someNewerModel" - ilo.ModelID = 12 - state, output = ilo.GetNagiosStatus() - assert.Equal(t, check.OK, state) - assert.Contains(t, output, "not known") } func TestCompareVer(t *testing.T) { + // Compare required Version with current Version assert.True(t, CompareVersion("1.0", "1.0")) assert.True(t, CompareVersion("1.0", "1.1")) + assert.True(t, CompareVersion("1.0", "5")) + assert.True(t, CompareVersion("1.0", "10.1.0")) + + assert.False(t, CompareVersion("1.0", "0.9")) assert.False(t, CompareVersion("1.0", "0.9")) + assert.False(t, CompareVersion("1.0", "0.0")) + assert.False(t, CompareVersion("1.0", "0")) } From f763c961afda4255a98b08c736dc444f9e323277 Mon Sep 17 00:00:00 2001 From: Markus Opolka Date: Thu, 22 Feb 2024 11:31:11 +0100 Subject: [PATCH 2/6] Add comments and rename functions to improve readability --- hp/ilo/firmware.go | 10 ++++++++-- hp/ilo/firmware_test.go | 18 +++++++++--------- 2 files changed, 17 insertions(+), 11 deletions(-) diff --git a/hp/ilo/firmware.go b/hp/ilo/firmware.go index b74a382..a164690 100644 --- a/hp/ilo/firmware.go +++ b/hp/ilo/firmware.go @@ -15,6 +15,8 @@ type Ilo struct { RomRevision string } +// GetIloInformation retrieves the iLO's Model and Rom Revision via SNMP +// and returns an Ilo struct. func GetIloInformation(client gosnmp.Handler) (ilo *Ilo, err error) { oidModel := []string{mib.CpqSm2CntlrModel + ".0"} oidRev := []string{mib.CpqSm2CntlrRomRevision + ".0"} @@ -43,6 +45,8 @@ func GetIloInformation(client gosnmp.Handler) (ilo *Ilo, err error) { return } +// GetNagiosStatus validates the iLO's data against the known models +// in this plugin. func (ilo *Ilo) GetNagiosStatus() (state int, output string) { // nolint: ineffassign state = check.Unknown @@ -67,7 +71,7 @@ func (ilo *Ilo) GetNagiosStatus() (state int, output string) { output = fmt.Sprintf("Integrated Lights-Out %s revision %s ", modelInfo.Name, ilo.RomRevision) - if !CompareVersion(modelInfo.FixedRelease, ilo.RomRevision) { + if !isNewerVersion(modelInfo.FixedRelease, ilo.RomRevision) { state = check.Critical output += "- version too old, should be at least " + modelInfo.FixedRelease } else { @@ -78,7 +82,8 @@ func (ilo *Ilo) GetNagiosStatus() (state int, output string) { return } -func CompareVersion(required, current string) bool { +// isNewerVersion compares the current version against the required version +func isNewerVersion(required, current string) bool { v, err := version.NewVersion(current) if err != nil { return false @@ -86,6 +91,7 @@ func CompareVersion(required, current string) bool { c, err := version.NewConstraint(">=" + required) if err != nil { + // TODO remove panic panic(err) } diff --git a/hp/ilo/firmware_test.go b/hp/ilo/firmware_test.go index e897174..c93bc08 100644 --- a/hp/ilo/firmware_test.go +++ b/hp/ilo/firmware_test.go @@ -60,15 +60,15 @@ func TestIlo_GetNagiosStatus(t *testing.T) { } -func TestCompareVer(t *testing.T) { +func TestIsNewerVersion(t *testing.T) { // Compare required Version with current Version - assert.True(t, CompareVersion("1.0", "1.0")) - assert.True(t, CompareVersion("1.0", "1.1")) - assert.True(t, CompareVersion("1.0", "5")) - assert.True(t, CompareVersion("1.0", "10.1.0")) + assert.True(t, isNewerVersion("1.0", "1.0")) + assert.True(t, isNewerVersion("1.0", "1.1")) + assert.True(t, isNewerVersion("1.0", "5")) + assert.True(t, isNewerVersion("1.0", "10.1.0")) - assert.False(t, CompareVersion("1.0", "0.9")) - assert.False(t, CompareVersion("1.0", "0.9")) - assert.False(t, CompareVersion("1.0", "0.0")) - assert.False(t, CompareVersion("1.0", "0")) + assert.False(t, isNewerVersion("1.0", "0.9")) + assert.False(t, isNewerVersion("1.0", "0.9")) + assert.False(t, isNewerVersion("1.0", "0.0")) + assert.False(t, isNewerVersion("1.0", "0")) } From 3449d9e2910885c48254aec44955cdb6ea76afb2 Mon Sep 17 00:00:00 2001 From: Markus Opolka Date: Thu, 22 Feb 2024 11:35:13 +0100 Subject: [PATCH 3/6] Merge version.go into main.go - Only place it is used. No need for seperate files --- main.go | 64 +++++++++++++++--------------------------------------- version.go | 24 -------------------- 2 files changed, 17 insertions(+), 71 deletions(-) delete mode 100644 version.go diff --git a/main.go b/main.go index 1297d98..9789d43 100644 --- a/main.go +++ b/main.go @@ -13,58 +13,28 @@ import ( "github.com/gosnmp/gosnmp" ) -const Readme = ` -Icinga / Nagios check plugin to verify HPE controllers an SSD disks or ilo are not affected by certain vulnerabilities. - -**HPE Controllers** - - HPE Smart Array SR Gen10 Controller Firmware Version 2.65 (or later) provided in the (HPE document a00097210) is - required to prevent a potential data inconsistency on select RAID configurations with Smart Array Gen10 Firmware - Version 1.98 through 2.62, based on the following scenarios. HPE strongly recommends performing this upgrade at the - customer's earliest opportunity per the "Action Required" in the table located in the Resolution section. - Neglecting to perform the recommended resolution could result in potential subsequent errors and potential data - inconsistency. - -The check will alert you with a CRITICAL when the firmware is in the affected range with: - -* "if you have RAID 1/10/ADM - update immediately!" -* "if you have RAID 5/6/50/60 - update immediately!" - -And it will add a short note when "firmware older than affected" or "firmware has been updated". At the moment the -plugin does not verify configured logical drives, but we believe you should update in any case. - -**HPE SSD SAS disks** - - HPE SAS Solid State Drives - Critical Firmware Upgrade Required for Certain HPE SAS Solid State Drive Models to - Prevent Drive Failure at 32,768 or 40,000 Hours of Operation - -The check will raise a CRITICAL when the drive needs to be updated with the note "affected by FW bug", and when -the drive is patched with "firmware update applied". - -**HPE Integrated Lights-Out** - Multiple security vulnerabilities have been identified in Integrated Lights-Out 3 (iLO 3), - Integrated Lights-Out 4 (iLO 4), and Integrated Lights-Out 5 (iLO 5) firmware. The vulnerabilities could be remotely - exploited to execute code, cause denial of service, and expose sensitive information. HPE has released updated - firmware to mitigate these vulnerabilities. +var ( + // These get filled at build time with the proper vaules + version = "development" + commit = "HEAD" + date = "latest" +) - The check will raise a CRITICAL when the Integrated Lights-Out needs to be updated. Below you will find a list with - the least version of each Integrated Lights-Out version: - - HPE Integrated Lights-Out 3 (iLO 3) firmware v1.93 or later. - - HPE Integrated Lights-Out 4 (iLO 4) firmware v2.75 or later - - HPE Integrated Lights-Out 5 (iLO 5) firmware v2.18 or later. +func buildVersion() string { + result := version + if commit != "" { + result = fmt.Sprintf("%s\ncommit: %s", result, commit) + } -Please see support documents from HPE: -* https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=emr_na-a00092491en_us -* https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00097382en_us -* https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00097210en_us -* https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbhf04012en_us + if date != "" { + result = fmt.Sprintf("%s\ndate: %s", result, date) + } -**IMPORTANT:** Read the documentation for HPE! The plugin and its documentation is a best effort to find and detect -affected hardware. There is ABSOLUTELY NO WARRANTY, see the license! + return result +} -**Note:** This plugin was initially named check_hp_disk_firmware -` +const Readme = "Monitoring plugin to verify HPE controllers an SSD disks or iLO are not affected by certain vulnerabilities." // Check for HP Controller CVEs via SNMP func main() { diff --git a/version.go b/version.go deleted file mode 100644 index 9f91d77..0000000 --- a/version.go +++ /dev/null @@ -1,24 +0,0 @@ -package main - -import "fmt" - -var ( - // These get filled at build time with the proper vaules - version = "development" - commit = "HEAD" - date = "latest" -) - -func buildVersion() string { - result := version - - if commit != "" { - result = fmt.Sprintf("%s\ncommit: %s", result, commit) - } - - if date != "" { - result = fmt.Sprintf("%s\ndate: %s", result, date) - } - - return result -} From c27adca43768554409d927b47d59819414cdd020 Mon Sep 17 00:00:00 2001 From: Markus Opolka Date: Thu, 22 Feb 2024 11:43:05 +0100 Subject: [PATCH 4/6] Update README.md --- README.md | 97 ++++++++++++++++++++----------------------------------- 1 file changed, 35 insertions(+), 62 deletions(-) diff --git a/README.md b/README.md index ac7d0fe..e30e83f 100644 --- a/README.md +++ b/README.md @@ -1,13 +1,14 @@ -check_hp_firmware -================= +# check_hp_firmware -![Go build](https://github.com/NETWAYS/check_hp_firmware/workflows/Go/badge.svg?branch=master) +Monitoring check plugin to verify HPE controllers an SSD disks are not affected by certain vulnerabilities. - +*Note:* This plugin was initially named `check_hp_disk_firmware`. -Icinga / Nagios check plugin to verify HPE controllers an SSD disks are not affected by certain vulnerabilities. +Current Limitations: -**HPE Controllers** +* No SNMPv3 support is implemented + +## HPE Controllers > HPE Smart Array SR Gen10 Controller Firmware Version 2.65 (or later) provided in the (HPE document a00097210) is > required to prevent a potential data inconsistency on select RAID configurations with Smart Array Gen10 Firmware @@ -24,7 +25,7 @@ The check will alert you with a CRITICAL when the firmware is in the affected ra And it will add a short note when `firmware older than affected` or `firmware has been updated`. At the moment the plugin does not verify configured logical drives, but we believe you should update in any case. -**HPE SSD SAS disks** +## HPE SSD SAS disks > HPE SAS Solid State Drives - Critical Firmware Upgrade Required for Certain HPE SAS Solid State Drive Models to > Prevent Drive Failure at 32,768 or 40,000 Hours of Operation @@ -32,7 +33,7 @@ plugin does not verify configured logical drives, but we believe you should upda The check will raise a CRITICAL when the drive needs to be updated with the note `affected by FW bug`, and when the drive is patched with `firmware update applied`. -**HPE Integrated Lights-Out** +## HPE Integrated Lights-Out Multiple security vulnerabilities have been identified in Integrated Lights-Out 3 (iLO 3), Integrated Lights-Out 4 (iLO 4), and Integrated Lights-Out 5 (iLO 5) firmware. The vulnerabilities could be remotely @@ -41,41 +42,39 @@ firmware to mitigate these vulnerabilities. The check will raise a CRITICAL when the Integrated Lights-Out needs to be updated. Below you will find a list with the least version of each Integrated Lights-Out version: + - HPE Integrated Lights-Out 3 (iLO 3) firmware v1.93 or later. - HPE Integrated Lights-Out 4 (iLO 4) firmware v2.75 or later - HPE Integrated Lights-Out 5 (iLO 5) firmware v2.18 or later. -Please see support documents from HPE: -* [a00092491](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=emr_na-a00092491en_us) -* [a00097382](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00097382en_us) -* [a00097210](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00097210en_us) -* [HPESBHF04012](https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbhf04012en_us) - -**IMPORTANT:** Read the documentation for HPE! The plugin and its documentation is a best effort to find and detect -affected hardware. There is ABSOLUTELY NO WARRANTY, see the license! +**IMPORTANT:** Always read the latest HPE Security Bulletins. https://support.hpe.com/connect/s/securitybulletinlibrary -> **Note:** This plugin was initially named check_hp_disk_firmware +The plugin and its documentation is a best effort to find and detect affected hardware. There is no warranty, see the license. ## Usage Arguments: - -H, --hostname string SNMP host (default "localhost") - -c, --community string SNMP community (default "public") - -P, --protocol string SNMP protocol (default "2c") - --timeout int SNMP timeout in seconds (default 15) - --snmpwalk-file string Read output from snmpwalk - --ignore-ilo-version Don't check the ILO version - -4, --ipv4 Use IPv4 - -6, --ipv6 Use IPv6 - -V, --version Show version - --debug Enable debug output +``` +-H, --hostname string SNMP host (default "localhost") +-c, --community string SNMP community (default "public") +-P, --protocol string SNMP protocol (default "2c") + --timeout int SNMP timeout in seconds (default 15) + --snmpwalk-file string Read output from snmpwalk + --ignore-ilo-version Don't check the ILO version +-4, --ipv4 Use IPv4 +-6, --ipv6 Use IPv6 +-V, --version Show version + --debug Enable debug output +``` Simply run the command: - $ ./check_hp_firmware -H localhost -c public +```bash +check_hp_firmware -H localhost -c public +``` -## Installation +# Installation This is a Golang project, either download the binary from the releases: @@ -85,11 +84,11 @@ Also see the included [CheckCommand for Icinga 2](icinga2.conf). You can download or build the project locally with go: - $ go get github.com/NETWAYS/check_hp_cve - - $ git clone https://github.com/NETWAYS/check_hp_firmware - $ cd check_hp_firmware/ - $ go build -o check_hp_firmware . +```bash +git clone https://github.com/NETWAYS/check_hp_firmware +cd check_hp_firmware/ +make build +``` ## Example @@ -99,43 +98,17 @@ You can download or build the project locally with go: [OK] controller (4) model=p408e-p serial=XXX firmware=1.65 - firmware older than affected [OK] (0.9 ) model=MO003200JWFWR serial=XXX firmware=HPD2 hours=8086 [OK] (0.11) model=EK000400GWEPE serial=XXX firmware=HPG0 hours=8086 - [OK] (0.12) model=EK000400GWEPE serial=XXX firmware=HPG0 hours=8086 [OK] (0.14) model=MO003200JWFWR serial=XXX firmware=HPD2 hours=8086 [OK] (4.0 ) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied - [OK] (4.1 ) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied - [OK] (4.2 ) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied - [OK] (4.3 ) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied - [OK] (4.4 ) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied - [OK] (4.5 ) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied - [OK] (4.6 ) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied - [OK] (4.24) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied - [OK] (4.25) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied - [OK] (4.26) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied - [OK] (4.27) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied - [OK] (4.28) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied - [OK] (4.29) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied - [OK] (4.30) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied [OK] (4.31) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied [OK] (4.50) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied [OK] (4.51) model=MO003200JWFWR serial=XXX firmware=HPD2 hours=7568 [OK] (4.52) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied - [OK] (4.53) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied - [OK] (4.54) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied - [OK] (4.55) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied - [OK] (4.56) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied - [OK] (4.75) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied - [OK] (4.76) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied - [OK] (4.77) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied [OK] (4.78) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied - [OK] (4.79) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied - [OK] (4.80) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied [OK] (4.81) model=MO3200JFFCL serial=XXX firmware=HPD8 hours=7568 - firmware update applied -## Limitations - -* No SNMPv3 support is implemented -## Contribute +# Contribute If you find bugs or want to add features, please open an issue or pull-request on GitHub. @@ -158,7 +131,7 @@ the accompanying firmware and status functions. The check reads the `cpqDaCntlrTable` and `cpqDaPhyDrvTable` tables from SNMP, which should be available over the IPMI agent or the locally installed HP tools, hooked into the SNMP daemon of the operating system. -## License +# License Copyright (C) 2020 NETWAYS From 5d3ea361c436adeea3fa6d083ee9e5d839d69a70 Mon Sep 17 00:00:00 2001 From: Markus Opolka Date: Thu, 22 Feb 2024 11:47:03 +0100 Subject: [PATCH 5/6] Fix various golint issues --- .golangci.yml | 4 +++- README.md | 2 +- hp/cntlr/controller.go | 6 +++--- hp/cntlr/firmware_test.go | 3 ++- hp/{phy_drv => drive}/drive.go | 8 ++++---- hp/{phy_drv => drive}/drive_test.go | 7 ++++--- hp/{phy_drv => drive}/drives.go | 2 +- hp/{phy_drv => drive}/firmware.go | 2 +- hp/{phy_drv => drive}/firmware_data.go | 2 +- hp/{phy_drv => drive}/firmware_test.go | 5 +++-- hp/ilo/firmware_test.go | 3 ++- main.go | 12 ++++++------ snmp/file_handler_test.go | 3 ++- snmp/snmpwalk_test.go | 3 ++- snmp/util_test.go | 5 +++-- 15 files changed, 38 insertions(+), 29 deletions(-) rename hp/{phy_drv => drive}/drive.go (96%) rename hp/{phy_drv => drive}/drive_test.go (97%) rename hp/{phy_drv => drive}/drives.go (98%) rename hp/{phy_drv => drive}/firmware.go (98%) rename hp/{phy_drv => drive}/firmware_data.go (99%) rename hp/{phy_drv => drive}/firmware_test.go (98%) diff --git a/.golangci.yml b/.golangci.yml index dbef21e..d8984ab 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -18,11 +18,13 @@ issues: - path: 'snmp/snmpwalk.go' linters: - funlen + - path: 'hp/mib/cpq_sm_cntrl.go' + linters: + - golint linters: enable-all: true disable: - - golint # TODO fix - revive - cyclop - depguard diff --git a/README.md b/README.md index e30e83f..a6dc117 100644 --- a/README.md +++ b/README.md @@ -121,7 +121,7 @@ so we can provide you with a secure upload link, that won't be shared with publi ## Technical Details -Supported hardware is split into modules: [hp/cntlr](hp/cntlr) [hp/phy_drv](hp/phy_drv) [hp/ilo](hp/ilo) +Supported hardware is split into modules: [hp/cntlr](hp/cntlr) [hp/drive](hp/drive) [hp/ilo](hp/ilo) Known models and affected firmware is documented in: [hp/cntlr/firmware_data.go](hp/cntlr/firmware_data.go) [hp/phy_drv/firmware_data.go](hp/phy_drv/firmware_data.go) [hp/ilo/firmware_data.go](hp/ilo/firmware_data.go) diff --git a/hp/cntlr/controller.go b/hp/cntlr/controller.go index 0cca4b5..ed94fae 100644 --- a/hp/cntlr/controller.go +++ b/hp/cntlr/controller.go @@ -9,7 +9,7 @@ import ( ) type Controller struct { - Id string + ID string Model string FwRev string Serial string @@ -24,7 +24,7 @@ func NewControllerFromTable(t *CpqDaCntlrTable, id string) (*Controller, error) var err error controller := &Controller{} - controller.Id = id + controller.ID = id modelI, err := t.GetIntValue(id, mib.CpqDaCntlrModel) if err != nil { @@ -78,7 +78,7 @@ func GetControllersFromTable(t *CpqDaCntlrTable) ([]*Controller, error) { func (d *Controller) GetNagiosStatus() (int, string) { description := fmt.Sprintf("controller (%s) model=%s serial=%s firmware=%s", - d.Id, d.Model, strings.TrimSpace(d.Serial), d.FwRev) + d.ID, d.Model, strings.TrimSpace(d.Serial), d.FwRev) if d.Status != "ok" { return check.Critical, description + " - status: " + d.Status diff --git a/hp/cntlr/firmware_test.go b/hp/cntlr/firmware_test.go index 4dc5210..f9244e9 100644 --- a/hp/cntlr/firmware_test.go +++ b/hp/cntlr/firmware_test.go @@ -1,8 +1,9 @@ package cntlr import ( - "github.com/stretchr/testify/assert" "testing" + + "github.com/stretchr/testify/assert" ) type testInfo struct { diff --git a/hp/phy_drv/drive.go b/hp/drive/drive.go similarity index 96% rename from hp/phy_drv/drive.go rename to hp/drive/drive.go index cdd27e3..67ae5e0 100644 --- a/hp/phy_drv/drive.go +++ b/hp/drive/drive.go @@ -1,4 +1,4 @@ -package phy_drv +package drive import ( "fmt" @@ -8,7 +8,7 @@ import ( ) type PhysicalDrive struct { - Id string + ID string Model string FwRev string Serial string @@ -24,7 +24,7 @@ func NewPhysicalDriveFromTable(t *CpqDaPhyDrvTable, id string) (*PhysicalDrive, var err error drive := &PhysicalDrive{ - Id: id, + ID: id, } drive.Model, err = t.GetStringValue(id, mib.CpqDaPhyDrvModel) @@ -78,7 +78,7 @@ func GetPhysicalDrivesFromTable(t *CpqDaPhyDrvTable) ([]*PhysicalDrive, error) { func (d *PhysicalDrive) GetNagiosStatus() (int, string) { description := fmt.Sprintf("physical drive (%-4s) model=%s serial=%s firmware=%s hours=%d", - d.Id, d.Model, d.Serial, d.FwRev, d.Hours) + d.ID, d.Model, d.Serial, d.FwRev, d.Hours) if d.Status != "ok" { return check.Critical, description + " - status: " + d.Status diff --git a/hp/phy_drv/drive_test.go b/hp/drive/drive_test.go similarity index 97% rename from hp/phy_drv/drive_test.go rename to hp/drive/drive_test.go index 186ed2e..48ef3ff 100644 --- a/hp/phy_drv/drive_test.go +++ b/hp/drive/drive_test.go @@ -1,9 +1,10 @@ -package phy_drv +package drive import ( + "testing" + "github.com/NETWAYS/go-check" "github.com/stretchr/testify/assert" - "testing" ) const affectedDrive = "VO0480JFDGT" @@ -11,7 +12,7 @@ const affectedDriveFixed = "HPD8" func TestPhysicalDrive_GetNagiosStatus(t *testing.T) { drive := &PhysicalDrive{ - Id: "1.1", + ID: "1.1", Model: "OTHERDRIVE", FwRev: "HPD1", Serial: "ABC123", diff --git a/hp/phy_drv/drives.go b/hp/drive/drives.go similarity index 98% rename from hp/phy_drv/drives.go rename to hp/drive/drives.go index c51ce43..1715dd7 100644 --- a/hp/phy_drv/drives.go +++ b/hp/drive/drives.go @@ -1,4 +1,4 @@ -package phy_drv +package drive import ( "github.com/NETWAYS/check_hp_firmware/hp/mib" diff --git a/hp/phy_drv/firmware.go b/hp/drive/firmware.go similarity index 98% rename from hp/phy_drv/firmware.go rename to hp/drive/firmware.go index 2a0a046..c9eaa6c 100644 --- a/hp/phy_drv/firmware.go +++ b/hp/drive/firmware.go @@ -1,4 +1,4 @@ -package phy_drv +package drive import ( "fmt" diff --git a/hp/phy_drv/firmware_data.go b/hp/drive/firmware_data.go similarity index 99% rename from hp/phy_drv/firmware_data.go rename to hp/drive/firmware_data.go index d26cdd9..61d2cc0 100644 --- a/hp/phy_drv/firmware_data.go +++ b/hp/drive/firmware_data.go @@ -1,4 +1,4 @@ -package phy_drv +package drive // Source A: https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00092491en_us // Version: 2 diff --git a/hp/phy_drv/firmware_test.go b/hp/drive/firmware_test.go similarity index 98% rename from hp/phy_drv/firmware_test.go rename to hp/drive/firmware_test.go index fc45eb4..c415b3c 100644 --- a/hp/phy_drv/firmware_test.go +++ b/hp/drive/firmware_test.go @@ -1,8 +1,9 @@ -package phy_drv +package drive import ( - "github.com/stretchr/testify/assert" "testing" + + "github.com/stretchr/testify/assert" ) const testModelA = "VO0480JFDGT" diff --git a/hp/ilo/firmware_test.go b/hp/ilo/firmware_test.go index c93bc08..7408cce 100644 --- a/hp/ilo/firmware_test.go +++ b/hp/ilo/firmware_test.go @@ -1,9 +1,10 @@ package ilo import ( + "testing" + "github.com/NETWAYS/go-check" "github.com/stretchr/testify/assert" - "testing" ) func TestIlo_GetNagiosStatus(t *testing.T) { diff --git a/main.go b/main.go index 9789d43..3d5339a 100644 --- a/main.go +++ b/main.go @@ -5,8 +5,8 @@ import ( "time" "github.com/NETWAYS/check_hp_firmware/hp/cntlr" + "github.com/NETWAYS/check_hp_firmware/hp/drive" "github.com/NETWAYS/check_hp_firmware/hp/ilo" - "github.com/NETWAYS/check_hp_firmware/hp/phy_drv" "github.com/NETWAYS/check_hp_firmware/snmp" "github.com/NETWAYS/go-check" "github.com/NETWAYS/go-check/result" @@ -63,7 +63,7 @@ func main() { var ( client gosnmp.Handler cntlrTable *cntlr.CpqDaCntlrTable - driveTable *phy_drv.CpqDaPhyDrvTable + driveTable *drive.CpqDaPhyDrvTable ) var err error @@ -112,7 +112,7 @@ func main() { } // Load drive data - driveTable, err = phy_drv.GetCpqDaPhyDrvTable(client) + driveTable, err = drive.GetCpqDaPhyDrvTable(client) if err != nil { check.ExitError(err) } @@ -130,7 +130,7 @@ func main() { check.ExitRaw(3, "No HP drive data found!") } - drives, err := phy_drv.GetPhysicalDrivesFromTable(driveTable) + drives, err := drive.GetPhysicalDrivesFromTable(driveTable) if err != nil { check.ExitError(err) } @@ -154,7 +154,7 @@ func main() { overall.Add(controllerStatus, desc) - countControllers += 1 + countControllers++ } countDrives := 0 @@ -164,7 +164,7 @@ func main() { overall.Add(driveStatus, desc) - countDrives += 1 + countDrives++ } var summary string diff --git a/snmp/file_handler_test.go b/snmp/file_handler_test.go index e152927..8d00f93 100644 --- a/snmp/file_handler_test.go +++ b/snmp/file_handler_test.go @@ -1,9 +1,10 @@ package snmp import ( + "testing" + "github.com/gosnmp/gosnmp" "github.com/stretchr/testify/assert" - "testing" ) func TestNewFileHandlerFromFile(t *testing.T) { diff --git a/snmp/snmpwalk_test.go b/snmp/snmpwalk_test.go index b0e3e51..9742e15 100644 --- a/snmp/snmpwalk_test.go +++ b/snmp/snmpwalk_test.go @@ -1,8 +1,9 @@ package snmp import ( - "github.com/stretchr/testify/assert" "testing" + + "github.com/stretchr/testify/assert" ) const testWalkLength = 242 diff --git a/snmp/util_test.go b/snmp/util_test.go index 0a27a70..48fa950 100644 --- a/snmp/util_test.go +++ b/snmp/util_test.go @@ -1,10 +1,11 @@ package snmp import ( - "github.com/gosnmp/gosnmp" - "github.com/stretchr/testify/assert" "os" "testing" + + "github.com/gosnmp/gosnmp" + "github.com/stretchr/testify/assert" ) func TestIsOid(t *testing.T) { From 1e05ffa9fee5ad10478c0161fbdf46403005e318 Mon Sep 17 00:00:00 2001 From: Markus Opolka Date: Thu, 22 Feb 2024 12:05:22 +0100 Subject: [PATCH 6/6] Refactor iLo version compare to be more readable --- hp/ilo/firmware.go | 14 +++++--------- hp/ilo/firmware_test.go | 4 ++++ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/hp/ilo/firmware.go b/hp/ilo/firmware.go index a164690..5521923 100644 --- a/hp/ilo/firmware.go +++ b/hp/ilo/firmware.go @@ -84,16 +84,12 @@ func (ilo *Ilo) GetNagiosStatus() (state int, output string) { // isNewerVersion compares the current version against the required version func isNewerVersion(required, current string) bool { - v, err := version.NewVersion(current) - if err != nil { - return false - } + currentVersion, cErr := version.NewVersion(current) + requiredVersion, rErr := version.NewVersion(required) - c, err := version.NewConstraint(">=" + required) - if err != nil { - // TODO remove panic - panic(err) + if cErr != nil || rErr != nil { + return false } - return c.Check(v) + return currentVersion.GreaterThanOrEqual(requiredVersion) } diff --git a/hp/ilo/firmware_test.go b/hp/ilo/firmware_test.go index 7408cce..21a0933 100644 --- a/hp/ilo/firmware_test.go +++ b/hp/ilo/firmware_test.go @@ -72,4 +72,8 @@ func TestIsNewerVersion(t *testing.T) { assert.False(t, isNewerVersion("1.0", "0.9")) assert.False(t, isNewerVersion("1.0", "0.0")) assert.False(t, isNewerVersion("1.0", "0")) + + assert.False(t, isNewerVersion("1.0", "foobar")) + assert.False(t, isNewerVersion("foobar", "1.0")) + assert.False(t, isNewerVersion("xxx", "xxx")) }