Skip to content

Commit c6eade3

Browse files
mbreitungmbreitung
authored
Merge pull request #237 from draios/support-bundle-v6-apiurl-fix
chore(support-bundle): Added readme, fix api_url retrieval (for >= 6.9), fixed a regex for detect double digit version
2 parents fc4d6c9 + 26abbb6 commit c6eade3

File tree

2 files changed

+104
-11
lines changed

2 files changed

+104
-11
lines changed

support_bundle/README.md

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
# On-Premise Support Bundle script
2+
3+
## Usage example
4+
Specify your current namespace with `-n` flag.
5+
6+
```
7+
export API_TOKEN="xxxxx-xxxxx-xxxx-xxxxx"
8+
9+
./get_support_bundle.sh -a $API_TOKEN -n sysdigcloud
10+
```
11+
12+
*NOTE:* For cases where the access to the API endpoint is limited/restricted use `-la` or `--local-api` flag.

support_bundle/get_support_bundle.sh

Lines changed: 92 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ catch() {
88

99
#generate sysdigcloud support bundle on kubernetes
1010

11+
API_LOCAL=""
1112
LABELS=""
1213
CONTEXT=""
1314
CONTEXT_OPTS=""
@@ -26,6 +27,7 @@ print_help() {
2627
printf "\t%s\n" "-c,--context: Specify the kubectl context. If not set, the current context will be used."
2728
printf "\t%s\n" "-d,--debug: Enables Debug"
2829
printf "\t%s\n" "-l,--labels: Specify Sysdig pod role label to collect (e.g. api,collector,worker)"
30+
printf "\t%s\n" "-la,--local-api: Uses kubectl port-forward feature for being able to access APIs for advanced data collection (for env that cannot reach APIs via domain/FQDN)"
2931
printf "\t%s\n" "-n,--namespace: Specify the Sysdig namespace. (default: ${NAMESPACE})"
3032
printf "\t%s\n" "-s,--since: Specify the timeframe of logs to collect (e.g. -s 1h)"
3133
printf "\t%s\n" "-sa,--secure-api-key: Provide the Secure Superuser API key for advanced data collection"
@@ -59,6 +61,9 @@ parse_commandline() {
5961
LABELS="$2"
6062
shift
6163
;;
64+
-la|--local-api)
65+
API_LOCAL="true"
66+
;;
6267
-n|--namespace)
6368
test $# -lt 2 && die "Missing value for the optional argument '$_key'." 1
6469
NAMESPACE="$2"
@@ -146,21 +151,60 @@ main() {
146151
exit 1
147152
fi
148153

154+
echo "$(kubectl ${CONTEXT_OPTS} ${KUBE_OPTS} get deployment sysdigcloud-api -ojsonpath='{.spec.template.spec.containers[0].image}' | awk -F: '{ print $2 }')" > ${LOG_DIR}/backend_version.txt
155+
BACKEND_VERSION=$(kubectl ${CONTEXT_OPTS} ${KUBE_OPTS} get deployment sysdigcloud-api -ojsonpath='{.spec.template.spec.containers[0].image}' | awk -F: '{ print $2 }' | awk -F. '{ print $1 }') || true
156+
149157
# If API key is supplied, check the backend version, and send a GET to the relevant endpoints.
150158
if [[ ! -z ${API_KEY} ]]; then
151-
BACKEND_VERSION=$(kubectl ${CONTEXT_OPTS} ${KUBE_OPTS} get deployment sysdigcloud-api -ojsonpath='{.spec.template.spec.containers[0].image}' | awk 'match($0, /[0-9]\.[0-9]\.[0-9](\.[0-9]+)?/) {print substr($0, RSTART, RLENGTH)}') || true
152-
echo ${BACKEND_VERSION} > ${LOG_DIR}/backend_version.txt
153-
if [[ "$BACKEND_VERSION" =~ ^(6) ]]; then
154-
API_URL=$(kubectl ${CONTEXT_OPTS} ${KUBE_OPTS} get cm sysdigcloud-collector-config -ojsonpath='{.data.collector-config\.conf}' | awk 'p&&$0~/"/{gsub("\"","");print} /{/{p=0} /sso/{p=1}' | grep serverName | awk '{print $3}')
159+
if [[ "$BACKEND_VERSION" =~ ^(7|6)$ ]]; then
160+
if [[ "$API_LOCAL" == "true" ]]; then
161+
kubectl ${CONTEXT_OPTS} ${KUBE_OPTS} port-forward service/sysdigcloud-api 8080 > /dev/null 2>&1 &
162+
163+
# Store the port-forward pid in order to kill the process once we finish
164+
pid=$!
165+
166+
# kill the port-forward regardless of how this script exits
167+
trap '{
168+
# echo killing $pid
169+
kill $pid
170+
}' EXIT
171+
172+
# wait for port-forward to become available
173+
while ! curl -s localhost:8080 > /dev/null 2>&1 ; do
174+
sleep 0.2
175+
done
176+
API_URL="http://127.0.0.1:8080"
177+
else
178+
API_URL=$(kubectl ${CONTEXT_OPTS} ${KUBE_OPTS} get cm sysdigcloud-collector-config -ojsonpath='{.data.collector-config\.conf}' | grep serverName | head -1 | awk '{print $3}' | sed 's/"//g')
179+
fi
155180
# Check that the API_KEY for the Super User is valid and exit
156181
CURL_OUT=$(curl -fks -H "Authorization: Bearer ${API_KEY}" -H "Content-Type: application/json" "${API_URL}/api/license" >/dev/null 2>&1) && RETVAL=$? && error=0 || { RETVAL=$? && error=1; }
157182
if [[ ${error} -eq 1 ]]; then
158183
echo "The API_KEY supplied is Unauthorized. Please check and try again. Return Code: ${RETVAL}"
159184
exit 1
160185
fi
161186
curl -ks -H "Authorization: Bearer ${API_KEY}" -H "Content-Type: application/json" "${API_URL}/api/admin/customer/1/meerkatSettings" >> ${LOG_DIR}/meerkat_settings.json
162-
elif [[ "$BACKEND_VERSION" =~ ^(5) ]] || [[ "$BACKEND_VERSION" =~ ^(4) ]] || [[ "$BACKEND_VERSION" =~ ^(3) ]]; then
163-
API_URL=$(kubectl ${CONTEXT_OPTS} ${KUBE_OPTS} get cm sysdigcloud-config -o yaml | grep -i api.url: | head -1 | awk '{print $2}')
187+
elif [[ "$BACKEND_VERSION" =~ ^(5|4|3)$ ]]; then
188+
if [[ "$API_LOCAL" == "true" ]]; then
189+
kubectl ${KUBE_OPTS} port-forward service/sysdigcloud-api 8080 > /dev/null 2>&1 &
190+
191+
# Store the port-forward pid in order to kill the process once we finish
192+
pid=$!
193+
194+
# kill the port-forward regardless of how this script exits
195+
trap '{
196+
# echo killing $pid
197+
kill $pid
198+
}' EXIT
199+
200+
# wait for port-forward to become available
201+
while ! curl -s localhost:8080 > /dev/null 2>&1 ; do
202+
sleep 0.2
203+
done
204+
API_URL="http://127.0.0.1:8080"
205+
else
206+
API_URL=$(kubectl ${CONTEXT_OPTS} ${KUBE_OPTS} get cm sysdigcloud-config -o yaml | grep -i api.url: | head -1 | awk '{print $2}')
207+
fi
164208
# Check that the API_KEY for the Super User is valid and exit
165209
CURL_OUT=$(curl -fks -H "Authorization: Bearer ${API_KEY}" -H "Content-Type: application/json" "${API_URL}/api/license" >/dev/null 2>&1) && RETVAL=$? && error=0 || { RETVAL=$? && error=1; }
166210
if [[ ${error} -eq 1 ]]; then
@@ -189,17 +233,54 @@ main() {
189233

190234
# If Secure API key is supplied, collect settings
191235
if [[ ! -z ${SECURE_API_KEY} ]]; then
192-
BACKEND_VERSION=$(kubectl ${CONTEXT_OPTS} ${KUBE_OPTS} get deployment sysdigcloud-api -ojsonpath='{.spec.template.spec.containers[0].image}' | awk 'match($0, /[0-9]\.[0-9]\.[0-9](\.[0-9]+)?/) {print substr($0, RSTART, RLENGTH)}') || true
193-
if [[ "$BACKEND_VERSION" =~ ^(6) ]]; then
194-
API_URL=$(kubectl ${CONTEXT_OPTS} ${KUBE_OPTS} get cm sysdigcloud-collector-config -ojsonpath='{.data.collector-config\.conf}' | awk 'p&&$0~/"/{gsub("\"","");print} /{/{p=0} /sso/{p=1}' | grep serverName | awk '{print $3}')
236+
if [[ "$BACKEND_VERSION" =~ ^(7|6)$ ]]; then
237+
if [[ "$API_LOCAL" == "true" ]]; then
238+
kubectl ${CONTEXT_OPTS} ${KUBE_OPTS} port-forward service/sysdigcloud-api 8080 > /dev/null 2>&1 &
239+
240+
# Store the port-forward pid in order to kill the process once we finish
241+
pid=$!
242+
243+
# kill the port-forward regardless of how this script exits
244+
trap '{
245+
# echo killing $pid
246+
kill $pid
247+
}' EXIT
248+
249+
# wait for port-forward to become available
250+
while ! curl -s localhost:8080 > /dev/null 2>&1 ; do
251+
sleep 0.2
252+
done
253+
API_URL="http://127.0.0.1:8080"
254+
else
255+
API_URL=$(kubectl ${CONTEXT_OPTS} ${KUBE_OPTS} get cm sysdigcloud-collector-config -ojsonpath='{.data.collector-config\.conf}' | grep serverName | head -1 | awk '{print $3}' | sed 's/"//g')
256+
fi
195257
# Check that the SECURE_API_KEY for the Super User is valid and exit
196258
CURL_OUT=$(curl -fks -H "Authorization: Bearer ${SECURE_API_KEY}" -H "Content-Type: application/json" "${API_URL}/api/license" >/dev/null 2>&1) && RETVAL=$? && error=0 || { RETVAL=$? && error=1; }
197259
if [[ ${error} -eq 1 ]]; then
198260
echo "The SECURE_API_KEY supplied is Unauthorized. Please check and try again. Return Code: ${RETVAL}"
199261
exit 1
200262
fi
201-
elif [[ "$BACKEND_VERSION" =~ ^(5) ]] || [[ "$BACKEND_VERSION" =~ ^(4) ]] || [[ "$BACKEND_VERSION" =~ ^(3) ]]; then
202-
API_URL=$(kubectl ${CONTEXT_OPTS} ${KUBE_OPTS} get cm sysdigcloud-config -o yaml | grep -i api.url: | head -1 | awk '{print $2}')
263+
elif [[ "$BACKEND_VERSION" =~ ^(5|4|3)$ ]]; then
264+
if [[ "$API_LOCAL" == "true" ]]; then
265+
kubectl ${CONTEXT_OPTS} ${KUBE_OPTS} port-forward service/sysdigcloud-api 8080 > /dev/null 2>&1 &
266+
267+
# Store the port-forward pid in order to kill the process once we finish
268+
pid=$!
269+
270+
# kill the port-forward regardless of how this script exits
271+
trap '{
272+
# echo killing $pid
273+
kill $pid
274+
}' EXIT
275+
276+
# wait for port-forward to become available
277+
while ! curl -s localhost:8080 > /dev/null 2>&1 ; do
278+
sleep 0.2
279+
done
280+
API_URL="http://127.0.0.1:8080"
281+
else
282+
API_URL=$(kubectl ${CONTEXT_OPTS} ${KUBE_OPTS} get cm sysdigcloud-config -o yaml | grep -i api.url: | head -1 | awk '{print $2}')
283+
fi
203284
# Check that the API_KEY for the Super User is valid and exit
204285
CURL_OUT=$(curl -fks -H "Authorization: Bearer ${API_KEY}" -H "Content-Type: application/json" "${API_URL}/api/license" >/dev/null 2>&1) && RETVAL=$? && error=0 || { RETVAL=$? && error=1; }
205286
if [[ ${error} -eq 1 ]]; then

0 commit comments

Comments
 (0)