Merge pull request #3944 from reubenmiller/feat-truststore-diag

feat: add diag plugin to collect OS ca trust store info

Author: reubenmiller

configuration/contrib/diag-plugins/08_truststore.sh

@@ -0,0 +1,69 @@
+#!/bin/sh
+set -e
+
+OUTPUT_DIR=""
+TEDGE_CONFIG_DIR=${TEDGE_CONFIG_DIR:-/etc/tedge}
+COMMAND=""
+
+# Parse arguments
+while [ $# -gt 0 ]; do
+    case "$1" in
+        --output-dir)
+            OUTPUT_DIR="$2"
+            shift 2
+            ;;
+        --config-dir)
+            TEDGE_CONFIG_DIR="$2"
+            shift 2
+            ;;
+        collect)
+            COMMAND="collect"
+            shift
+            ;;
+        *)
+            shift
+            ;;
+    esac
+done
+
+# Check if the output directory exists
+if [ -n "$OUTPUT_DIR" ] && [ ! -d "$OUTPUT_DIR" ]; then
+    echo "Error: Output directory does not exist: $OUTPUT_DIR" >&2
+    exit 1
+fi
+
+collect() {
+    # Directory listing
+    if [ -d /etc/ssl/certs ]; then
+        # list certs and show symlinks
+        ls -l /etc/ssl/certs > "$OUTPUT_DIR/etc_ssl_certs.txt" ||:
+    else
+        echo "Directory /etc/ssl/certs does not exist" >&2
+    fi
+
+    if [ -f /etc/ssl/certs/ca-certificates.crt ]; then
+        echo "Copying /etc/ssl/certs/ca-certificates.crt" >&2
+        cp -a /etc/ssl/certs/ca-certificates.crt "$OUTPUT_DIR/"
+    else
+        echo "File /etc/ssl/certs/ca-certificates.crt does not exist" >&2
+    fi
+
+    # Check for ca-certificates package
+    if command -V dpkg >/dev/null 2>&1; then
+        echo "dpkg ca-certificates package" >&2
+        dpkg --list | grep ca-certificates >&2 ||:
+    fi
+}
+
+# Execute the specified command
+case "$COMMAND" in
+    collect)
+        collect
+        ;;
+    *)
+        echo "Unknown command" >&2
+        exit 1
+        ;;
+esac
+
+exit 0

configuration/package_manifests/nfpm.tedge.yaml

@@ -170,6 +170,11 @@ contents:
     file_info:
       mode: 0755
 
+  - src: ./configuration/contrib/diag-plugins/08_truststore.sh
+    dst: /usr/share/tedge/diag-plugins/
+    file_info:
+      mode: 0755
+
   - src: ./configuration/contrib/diag-plugins/template.sh.ignore
     dst: /usr/share/tedge/diag-plugins/
     file_info:

tests/RobotFramework/tests/tedge/diag/predefined_plugins.robot

@@ -79,6 +79,15 @@ Test Tags           theme:troubleshooting    theme:cli    theme:plugins
     Should Be True    int(${log_line_count}) <= 1000
     Execute Command    diff /var/log/mosquitto/mosquitto.log /results/test/07_mosquitto/mosquitto.log
 
+08_truststore
+    ${log_names}=    Create List
+    ...    output.log
+    ...    etc_ssl_certs.txt
+    ...    ca-certificates.crt
+    FOR    ${log_name}    IN    @{log_names}
+        File Size Is Not Zero    ${log_name}
+    END
+
 
 *** Keywords ***
 File Size Is Not Zero