Merge remote-tracking branch 'origin/main' into hl_sm_source

NetApp · Nov 4, 2024 · 6d70cb3 · 6d70cb3
2 parents 5cb1b2d + 01dcf9d
commit 6d70cb3
Show file tree

Hide file tree

Showing 113 changed files with 2,113 additions and 1,107 deletions.
diff --git a/.clabot b/.clabot
@@ -16,6 +16,7 @@
         "cordelster",
         "george-strother",
         "7840vz",
+        "embusalacchi",
         "$$$ Bots $$$",
         "dependabot",
         "dependabot[bot]",

diff --git a/.github/ISSUE_TEMPLATE/release-template.md b/.github/ISSUE_TEMPLATE/release-template.md
@@ -27,6 +27,7 @@ git push origin release/$RELEASE
 | DOCKER_PUBLISH              | false           |
 | RUN_TEST                    | true            |
 | OVERWRITE_DOCKER_LATEST_TAG | false           |
+| RUN_TRIVY_SCAN              | true            |
 
 - [ ] Create a release branch for the harvest-metrics repo like so:
 ```bash
@@ -76,6 +77,7 @@ bin/harvest generate metrics --poller POLLERNAME
 | DOCKER_PUBLISH              | true            |
 | RUN_TEST                    | true            |
 | OVERWRITE_DOCKER_LATEST_TAG | true            |
+| RUN_TRIVY_SCAN              | true            |
 
 - [ ] [Draft a new release](https://github.com/NetApp/harvest/releases). Use `v$RELEASE` for the tag and pick the release/$RELEASE branch.
 - [ ] Type `$RELEASE` in the `Release title` text input 

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -40,6 +40,8 @@ jobs:
     steps:
     - name: Checkout repository
       uses: actions/checkout@v4
+      with:
+        persist-credentials: false
 
     - name: read environment file
       run: cat .harvest.env >> "$GITHUB_ENV"

diff --git a/.github/workflows/commitlint.yml b/.github/workflows/commitlint.yml
@@ -6,4 +6,6 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
+        with:
+          persist-credentials: false
       - uses: wagoid/commitlint-github-action@v6
diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
@@ -15,6 +15,8 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v4
+      with:
+        persist-credentials: false
 
     - name: read environment file
       run: cat .harvest.env >> "$GITHUB_ENV"

diff --git a/.github/workflows/lint-pr.yml b/.github/workflows/lint-pr.yml
@@ -1,13 +1,18 @@
 name: "Lint PR"
 on:
-  pull_request_target:
+  pull_request:
     types:
       - opened
       - edited
       - synchronize
+      - reopened
+
+permissions:
+  pull-requests: read
 
 jobs:
   main:
+    name: Validate PR title
     runs-on: ubuntu-latest
     steps:
       - uses: amannn/action-semantic-pull-request@v5

diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml
@@ -0,0 +1,35 @@
+# https://github.com/woodruffw/zizmor
+name: GitHub Actions Security Analysis with Zizmor
+
+on:
+  push:
+    branches: ["main"]
+  pull_request:
+    branches: ["*"]
+
+jobs:
+  zizmor:
+    name: Zizmor latest via Cargo
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      security-events: write
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          persist-credentials: false
+      - name: Setup Rust
+        uses: actions-rust-lang/setup-rust-toolchain@v1
+      - name: Get zizmor
+        run: cargo install zizmor
+      - name: Run zizmor
+        run: zizmor --format sarif . > results.sarif
+      - name: Upload SARIF file
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          # Path to SARIF file relative to the root of the repository
+          sarif_file: results.sarif
+          # Optional category for the results
+          # Used to differentiate multiple results for one commit
+          category: zizmor
diff --git a/SUPPORT.md b/SUPPORT.md
@@ -1,12 +1,12 @@
 # Harvest Support and Getting Help
 
-Harvest is an open-source project developed and published by NetApp to collect performance, capacity and hardware metrics from ONTAP clusters. These metrics can then be delivered to a range of databases and displayed in Grafana dashboards. Harvest is not an officially supported NetApp product. NetApp maintains and updates Harvest with bug fixes, security updates, and feature development. For assistance refer [Getting Help](#getting-help)
+Harvest is an open-source project developed and published by NetApp to collect performance, capacity and hardware metrics from ONTAP clusters. These metrics can then be delivered to a range of databases and displayed in Grafana dashboards. Harvest is not an officially supported NetApp product. NetApp maintains and updates Harvest with bug fixes, security updates, and feature development. For assistance, refer to [Getting Help](#getting-help)
 
 This document describes Harvest's release and support lifecycle as well as places you can get help.
 
 ## Harvest's Release and Support Lifecycle
 
-Harvest's current release schedule is quarterly in January, April, July, and October, but it may change at our discretion. 
+Harvest's current release schedule is quarterly in February, May, August, and November, but it may change at our discretion. 
 
 Each release of Harvest supports the most recently released version of ONTAP. We try our best to also support earlier versions of ONTAP. When that's not possible, breaking changes will be outlined in the changelog.
 
@@ -16,7 +16,7 @@ Harvest is constantly being improved with new features and bug fixes. Customers
 
 For example, when `YY.MM` (ex: 21.04) is released, we intend to support it until `YY+1.MM` (ex: 22.04) is released. At the same time, `YY-1.MM` (ex: 20.04) and associated minor releases (ex: 20.04.1) move to limited or no support.
 
-If you are running a version of Harvest that’s more than 12 months old, you must upgrade to a newer version to receive any support then available from NetApp. We always recommend running the latest version.
+If you are running a version of Harvest that’s more than 12 months old, you must upgrade to a newer version to receive support from NetApp. We always recommend running the latest version.
 
 We use GitHub for tracking bugs and feature requests.
 

diff --git a/cmd/collectors/commonutils.go b/cmd/collectors/commonutils.go
@@ -1,6 +1,7 @@
 package collectors
 
 import (
+	"fmt"
 	"github.com/netapp/harvest/v2/cmd/tools/rest"
 	"github.com/netapp/harvest/v2/pkg/errs"
 	"github.com/netapp/harvest/v2/pkg/matrix"
@@ -60,7 +61,7 @@ func IsEmbedShelf(model string, moduleType string) bool {
 	return combinations[embedShelf{model, moduleType}]
 }
 
-func InvokeRestCallWithTestFile(client *rest.Client, href string, logger *slog.Logger, testFilePath string) ([]gjson.Result, error) {
+func InvokeRestCallWithTestFile(client *rest.Client, href string, testFilePath string) ([]gjson.Result, error) {
 	if testFilePath != "" {
 		b, err := os.ReadFile(testFilePath)
 		if err != nil {
@@ -69,19 +70,13 @@ func InvokeRestCallWithTestFile(client *rest.Client, href string, logger *slog.L
 		testData := gjson.Result{Type: gjson.JSON, Raw: string(b)}
 		return testData.Get("records").Array(), nil
 	}
-	return InvokeRestCall(client, href, logger)
+	return InvokeRestCall(client, href)
 }
 
-func InvokeRestCall(client *rest.Client, href string, logger *slog.Logger) ([]gjson.Result, error) {
+func InvokeRestCall(client *rest.Client, href string) ([]gjson.Result, error) {
 	result, err := rest.FetchAll(client, href)
 	if err != nil {
-		logger.Error(
-			"Failed to fetch data",
-			slogx.Err(err),
-			slog.String("href", href),
-			slog.Int("hrefLength", len(href)),
-		)
-		return []gjson.Result{}, err
+		return []gjson.Result{}, fmt.Errorf("failed to fetchAll href=%s, hrefLength=%d err=%w", TruncateURL(href), len(href), err)
 	}
 
 	if len(result) == 0 {
@@ -91,6 +86,14 @@ func InvokeRestCall(client *rest.Client, href string, logger *slog.Logger) ([]gj
 	return result, nil
 }
 
+func TruncateURL(href string) string {
+	indexOfQuestionMark := strings.Index(href, "?")
+	if indexOfQuestionMark == -1 {
+		return href
+	}
+	return href[:indexOfQuestionMark] + "..."
+}
+
 func GetClusterTime(client *rest.Client, returnTimeOut *int, logger *slog.Logger) (time.Time, error) {
 	var (
 		err         error

diff --git a/cmd/collectors/ems/ems.go b/cmd/collectors/ems/ems.go
@@ -124,8 +124,8 @@ func (e *Ems) InitMatrix() error {
 	// overwrite from abstract collector
 	mat.Object = e.Object
 	// Add system (cluster) name
-	mat.SetGlobalLabel("cluster", e.Client.Cluster().Name)
-	mat.SetGlobalLabel("cluster_uuid", e.Client.Cluster().UUID)
+	mat.SetGlobalLabel("cluster", e.Client.Remote().Name)
+	mat.SetGlobalLabel("cluster_uuid", e.Client.Remote().UUID)
 
 	if e.Params.HasChildS("labels") {
 		for _, l := range e.Params.GetChildS("labels").GetChildren() {

diff --git a/cmd/collectors/keyperf/keyperf.go b/cmd/collectors/keyperf/keyperf.go
@@ -65,6 +65,8 @@ func (kp *KeyPerf) Init(a *collector.AbstractCollector) error {
 		return err
 	}
 
+	kp.Remote = kp.Client.Remote()
+
 	if kp.Prop.TemplatePath, err = kp.LoadTemplate(); err != nil {
 		return err
 	}
@@ -105,7 +107,7 @@ func (kp *KeyPerf) InitMatrix() error {
 	// overwrite from abstract collector
 	mat.Object = kp.Prop.Object
 	// Add system (cluster) name
-	mat.SetGlobalLabel("cluster", kp.Client.Cluster().Name)
+	mat.SetGlobalLabel("cluster", kp.Remote.Name)
 	if kp.Params.HasChildS("labels") {
 		for _, l := range kp.Params.GetChildS("labels").GetChildren() {
 			mat.SetGlobalLabel(l.GetNameS(), l.GetContentS())
@@ -140,7 +142,7 @@ func (kp *KeyPerf) loadParamInt(name string, defaultValue int) int {
 }
 
 func (kp *KeyPerf) buildCounters() {
-	staticCounterDef, err := loadStaticCounterDefinitions(kp.Prop.Object, "cmd/collectors/keyperf/static_counter_definitions.yaml", kp.Logger)
+	staticCounterDef, err := loadStaticCounterDefinitions(kp.Prop.Object, "conf/keyperf/static_counter_definitions.yaml", kp.Logger)
 	if err != nil {
 		// It's acceptable to continue even if there are errors, as the remaining counters will still be processed.
 		// Any counters that require counter metadata will be skipped.

diff --git a/cmd/collectors/power.go b/cmd/collectors/power.go
@@ -50,7 +50,7 @@ func collectChassisFRU(client *rest.Client, logger *slog.Logger) (map[string]int
 		if !cn.Exists() {
 			logger.Warn(
 				"fru has no connected nodes",
-				slog.String("cluster", client.Cluster().Name),
+				slog.String("cluster", client.Remote().Name),
 				slog.String("fru", r.Get("fru_name").String()),
 			)
 			continue

diff --git a/cmd/collectors/rest/plugins/aggregate/aggregate.go b/cmd/collectors/rest/plugins/aggregate/aggregate.go
@@ -177,5 +177,5 @@ func (a *Aggregate) getObjectStoreData() ([]gjson.Result, error) {
 		Filter([]string{`tier_name=!" "|""`}).
 		Build()
 
-	return collectors.InvokeRestCall(a.client, href, a.SLogger)
+	return collectors.InvokeRestCall(a.client, href)
 }
diff --git a/cmd/collectors/rest/plugins/certificate/certificate.go b/cmd/collectors/rest/plugins/certificate/certificate.go
@@ -200,7 +200,7 @@ func (c *Certificate) GetAdminVserver() (string, error) {
 		Filter([]string{"type=admin"}).
 		Build()
 
-	if result, err = collectors.InvokeRestCall(c.client, href, c.SLogger); err != nil {
+	if result, err = collectors.InvokeRestCall(c.client, href); err != nil {
 		return "", err
 	}
 
@@ -227,7 +227,7 @@ func (c *Certificate) GetSecuritySsl(adminSvm string) (string, error) {
 		Filter([]string{"vserver=" + adminSvm}).
 		Build()
 
-	if result, err = collectors.InvokeRestCall(c.client, href, c.SLogger); err != nil {
+	if result, err = collectors.InvokeRestCall(c.client, href); err != nil {
 		return "", err
 	}