Support for HPE PDUs (#55)

* Support for HPE PDUs * Updated outlet control packet for HPE PDUs * Version to 1.30.0 * Version to 1.30.0 * Restored nobody user in Dockerfile * Restored Dockerfile to same as master * Update for changes requested - removed chart.yaml
Cray-HPE · Nov 22, 2021 · 120fa23 · 120fa23
1 parent 81130cb
commit 120fa23
Show file tree

Hide file tree

Showing 4 changed files with 64 additions and 11 deletions.
diff --git a/.version b/.version
@@ -1 +1 @@
-1.29.0
+1.30.0
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -24,6 +24,12 @@ Fixed - for any bug fixes
 Security - in case of vulnerabilities
 -->
 
+## [1.30.0] - 2021-11-19
+
+### Added
+
+Support for HPE PDUs
+
 ## [1.29.0] - 2021-10-28
 
 ### Fixed
@@ -258,12 +264,12 @@ Added TLS verification capability to Redfish HTTP transports.
 
 ## [1.18.4] - 2020-08-18
 
-### Added 
+### Added
 - CASMHMS-3809 - Added support for the CabinetPDUPowerConnector HMSType
 
 ## [1.18.3] - 2020-07-15
 
-### Changed 
+### Changed
 - CASMHMS-3771 - Increased the HTTP client timeout from 20 seconds to 3 minutes.
 
 ## [1.18.2] - 2020-07-09
@@ -400,16 +406,16 @@ Added TLS verification capability to Redfish HTTP transports.
  successful operations. Now the json return object returns 'e':0
  on success to match the api documentation.
 
-- CASMHMS-2584 - get_system_power_details was returning an error code on 
+- CASMHMS-2584 - get_system_power_details was returning an error code on
  all successful operations. Now the json return object returns 'e':0
  on success to match the api documentation.
 
 - CASMHMS-2577 - get_system_power was incorrectly calculating the default
  start time. If the user did not pass in a start time, it would query
  a time window that was arbitrarily large.
 
-- CASMHMS-2577 - get_system_power_details was incorrectly calculating the 
- default start time. If the user did not pass in a start time, it would 
+- CASMHMS-2577 - get_system_power_details was incorrectly calculating the
+ default start time. If the user did not pass in a start time, it would
  query a time window that was arbitrarily large.
 
 # [1.15.4] - 2019-12-06
@@ -436,7 +442,7 @@ Added TLS verification capability to Redfish HTTP transports.
 # [1.15.3] - 2019-11-27
 
 ### Fixed
-- CASMHMS-2563 - Fixed the DoSystemPower function to not cause a 
+- CASMHMS-2563 - Fixed the DoSystemPower function to not cause a
  panic when making the query to the databse. The function now
  also correctly returns an error if there is no data present for
  the requested time interval.
@@ -469,8 +475,8 @@ Added TLS verification capability to Redfish HTTP transports.
 # [1.14.5] - 2019-11-12
 
 ### Changed
-- CASMHMS-2327 - Use the HSM discovered Mountain EPO information 
- instead of hard coded paths to perform the EPO. 
+- CASMHMS-2327 - Use the HSM discovered Mountain EPO information
+ instead of hard coded paths to perform the EPO.
 
 # [1.14.4] - 2019-11-11
 

diff --git a/cmd/capmcd/bmcapi.go b/cmd/capmcd/bmcapi.go
@@ -36,6 +36,7 @@ import (
  "net/http"
  "path"
  "regexp"
+ "strings"
  "time"
 
  "github.com/Cray-HPE/hms-capmc/internal/capmc"
@@ -315,13 +316,31 @@ func (d *CapmcD) doBmcPowerCall(call bmcCall) bmcPowerRc {
  }
 
  var body string
+ var sessionAuthPath = ""
+ var sessionAuthBody = ""
  switch ni.Type {
  // The CabinetPDUOutlet HMSType has been depricated in favor of
  // CabinetPDUPowerConnector. Support both for now.
  case "CabinetPDUOutlet":
  fallthrough
  case "CabinetPDUPowerConnector":
- body = fmt.Sprintf(`{"PowerState": "%s"}`, resetType)
+ var HPEPDU = true
+ if strings.Contains(ni.BmcFQDN, "rts") {
+ HPEPDU = false
+ }
+ if HPEPDU {
+ outletNum := strings.Split(ni.Hostname, "v")
+ if len(outletNum) < 2 {
+ log.Printf("ERROR: Could not get outlet number")
+ // Just return because it will not work
+ return res
+ }
+ body = fmt.Sprintf(`{"OutletNumber":%s,"StartupState":"on","Outletname":"OUTLET%s","OnDelay":0,"OffDelay":0,"RebootDelay":5,"OutletStatus":"%s"}`, outletNum[1], outletNum[1], strings.ToLower(resetType))
+ sessionAuthPath = "https://" + ni.BmcFQDN + "/redfish/v1/SessionService/Sessions"
+ sessionAuthBody = fmt.Sprintf(`{"username":"%s","password":"%s"}`, ni.BmcUser, ni.BmcPass)
+ } else {
+ body = fmt.Sprintf(`{"PowerState": "%s"}`, resetType)
+ }
  default:
  body = fmt.Sprintf(`{"ResetType": "%s"}`, resetType)
  }
@@ -344,11 +363,35 @@ func (d *CapmcD) doBmcPowerCall(call bmcCall) bmcPowerRc {
  return res
  }
  }
+
+ var sessionAuthToken string
+ if len(sessionAuthPath) > 0 {
+ req, err := http.NewRequest("POST", sessionAuthPath, bytes.NewBuffer([]byte(sessionAuthBody)))
+ req.SetBasicAuth(ni.BmcUser, ni.BmcPass)
+ req.Header.Set("Accept", "*/*")
+ req.Header.Set("Content-Type", "application/json")
+ // execute the request
+ rfClientLock.RLock()
+ rsp, err := d.rfClient.Do(req)
+ rfClientLock.RUnlock()
+ if err != nil {
+ log.Printf("POST %s\n%s Network Error: %s",
+ sessionAuthPath, ni.BmcType, err)
+ res.msg = fmt.Sprintf("%s Communication Error", ni.BmcType)
+ return res
+ }
+ defer rsp.Body.Close()
+ sessionAuthToken = rsp.Header.Get("X-Auth-Token")
+ }
+ log.Printf("doBmcPowerCall with: POST %s, Data: %s", actionPath, body)
  // create the request
  req, err := http.NewRequest("POST", actionPath, bytes.NewBuffer([]byte(body)))
  req.SetBasicAuth(ni.BmcUser, ni.BmcPass)
  req.Header.Set("Accept", "*/*")
  req.Header.Set("Content-Type", "application/json")
+ if len(sessionAuthToken) > 0 {
+ req.Header.Set("X-Auth-Token", sessionAuthToken)
+ }
 
  // execute the request
  rfClientLock.RLock()

diff --git a/cmd/capmcd/capmcd.go b/cmd/capmcd/capmcd.go
@@ -665,7 +665,11 @@ func main() {
  time.Sleep(backoff * time.Second)
  } else {
  log.Printf("Info: Connection to secure store (Vault) succeeded")
- svc.ccs = compcreds.NewCompCredStore("secret/hms-creds", svc.ss)
+ vaultKeypath, ok := os.LookupEnv("VAULT_KEYPATH")
+ if !ok {
+ vaultKeypath = "secret/hms-creds"
+ }
+ svc.ccs = compcreds.NewCompCredStore(vaultKeypath, svc.ss)
  break
  }
  if backoff < maxBackoff {