Puppet Function: wmflib::service::probe::http_module_options

Defined in:
modules/wmflib/functions/service/probe/http_module_options.pp
Function type:
Puppet Language

Overview

wmflib::service::probe::http_module_options(String $service_name, Wmflib::Service $service_config)Hash

TODO support options for more than one probe if/when needed

Parameters:

  • service_name (String)
  • service_config (Wmflib::Service)

Returns:

  • (Hash) 


6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
 
# File 'modules/wmflib/functions/service/probe/http_module_options.pp', line 6

function wmflib::service::probe::http_module_options(
  String $service_name,
  Wmflib::Service $service_config,
) >> Hash {
  $common = { 'ip_protocol_fallback' => false }

  # Find out which SNI to send. Similar logic to
  # prometheus::targets::service_catalog for DNS names; in this case
  # try discovery since that is the standard going forward and
  # more likely for services to have it in SNI.

  # Offer users the option to override Host and SNI via probe 'host' field.
  if 'probes' in $service_config and 'host' in $service_config['probes'][0] {
    $tls_server_name = $service_config['probes'][0]['host']
  } elsif 'discovery' in $service_config {
    $disc_name = $service_config['discovery'][0]['dnsdisc']
    $tls_server_name = "${disc_name}.discovery.wmnet"
  } elsif 'aliases' in $service_config {
    $first_alias = $service_config['aliases'][0]
    $tls_server_name = "${first_alias}.svc.${::site}.wmnet"
  } else {
    $tls_server_name = "${service_name}.svc.${::site}.wmnet"
  }

  $tls_options = {
    'fail_if_ssl'     => !$service_config['encryption'],
    'fail_if_not_ssl' => $service_config['encryption'],
    'tls_config'      => { 'server_name' => $tls_server_name },
  }

  if 'probes' in $service_config {
    $probe = $service_config['probes'][0]
  } else {
    $probe = {}
  }

  if 'must_contain_regexp' in $probe {
    $match = {
      'fail_if_body_not_matches_regexp' => [ $probe['must_contain_regexp'] ],
    }
  } else {
    $match = {}
  }

  if 'post_json' in $probe {
    $post_json = {
      'method'  => 'POST',
      'body'    => $probe['post_json'],
      'headers' => {
        'Content-Type' => 'application/json',
      },
    }
  } else {
    $post_json = {}
  }

  if 'host' in $probe {
    $host_header = {
      'headers' => {
        'Host' => $probe['host'],
      },
    }
  } else {
    $host_header = {
      'headers' => {
        'Host' => $tls_server_name,
      },
    }
  }

  if 'valid_status_codes' in $probe {
    $valid_status_codes = {
      'valid_status_codes' => $probe['valid_status_codes'],
    }
  } else {
    $valid_status_codes = {}
  }

  if 'expect_sso' in $probe {
    $expect_sso = {
      'valid_status_codes'  => [ 302 ],
      'no_follow_redirects' => true,
    }
  } else {
    $expect_sso = {}
  }

  if 'expect_redirect' in $probe {
    $expect_redirect = {
      'valid_status_codes'  => [ 301, 302 ],
      'no_follow_redirects' => true,
    }
  } else {
    $expect_redirect = {}
  }

  return deep_merge($common, $match, $post_json, $host_header,
    $valid_status_codes, $expect_sso, $expect_redirect, $tls_options)
}