diff --git a/.version b/.version index 5e57fb8..034552a 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -1.29.0 +1.30.0 diff --git a/CHANGELOG.md b/CHANGELOG.md index 4f99da9..ef95da0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -24,6 +24,12 @@ Fixed - for any bug fixes Security - in case of vulnerabilities --> +## [1.30.0] - 2021-11-19 + +### Added + +Support for HPE PDUs + ## [1.29.0] - 2021-10-28 ### Fixed @@ -258,12 +264,12 @@ Added TLS verification capability to Redfish HTTP transports. ## [1.18.4] - 2020-08-18 -### Added +### Added - CASMHMS-3809 - Added support for the CabinetPDUPowerConnector HMSType ## [1.18.3] - 2020-07-15 -### Changed +### Changed - CASMHMS-3771 - Increased the HTTP client timeout from 20 seconds to 3 minutes. ## [1.18.2] - 2020-07-09 @@ -400,7 +406,7 @@ Added TLS verification capability to Redfish HTTP transports. successful operations. Now the json return object returns 'e':0 on success to match the api documentation. -- CASMHMS-2584 - get_system_power_details was returning an error code on +- CASMHMS-2584 - get_system_power_details was returning an error code on all successful operations. Now the json return object returns 'e':0 on success to match the api documentation. @@ -408,8 +414,8 @@ Added TLS verification capability to Redfish HTTP transports. start time. If the user did not pass in a start time, it would query a time window that was arbitrarily large. -- CASMHMS-2577 - get_system_power_details was incorrectly calculating the - default start time. If the user did not pass in a start time, it would +- CASMHMS-2577 - get_system_power_details was incorrectly calculating the + default start time. If the user did not pass in a start time, it would query a time window that was arbitrarily large. # [1.15.4] - 2019-12-06 @@ -436,7 +442,7 @@ Added TLS verification capability to Redfish HTTP transports. # [1.15.3] - 2019-11-27 ### Fixed -- CASMHMS-2563 - Fixed the DoSystemPower function to not cause a +- CASMHMS-2563 - Fixed the DoSystemPower function to not cause a panic when making the query to the databse. The function now also correctly returns an error if there is no data present for the requested time interval. @@ -469,8 +475,8 @@ Added TLS verification capability to Redfish HTTP transports. # [1.14.5] - 2019-11-12 ### Changed -- CASMHMS-2327 - Use the HSM discovered Mountain EPO information - instead of hard coded paths to perform the EPO. +- CASMHMS-2327 - Use the HSM discovered Mountain EPO information + instead of hard coded paths to perform the EPO. # [1.14.4] - 2019-11-11 diff --git a/cmd/capmcd/bmcapi.go b/cmd/capmcd/bmcapi.go index 6ac8f29..254c29e 100644 --- a/cmd/capmcd/bmcapi.go +++ b/cmd/capmcd/bmcapi.go @@ -36,6 +36,7 @@ import ( "net/http" "path" "regexp" + "strings" "time" "github.com/Cray-HPE/hms-capmc/internal/capmc" @@ -315,13 +316,31 @@ func (d *CapmcD) doBmcPowerCall(call bmcCall) bmcPowerRc { } var body string + var sessionAuthPath = "" + var sessionAuthBody = "" switch ni.Type { // The CabinetPDUOutlet HMSType has been depricated in favor of // CabinetPDUPowerConnector. Support both for now. case "CabinetPDUOutlet": fallthrough case "CabinetPDUPowerConnector": - body = fmt.Sprintf(`{"PowerState": "%s"}`, resetType) + var HPEPDU = true + if strings.Contains(ni.BmcFQDN, "rts") { + HPEPDU = false + } + if HPEPDU { + outletNum := strings.Split(ni.Hostname, "v") + if len(outletNum) < 2 { + log.Printf("ERROR: Could not get outlet number") + // Just return because it will not work + return res + } + body = fmt.Sprintf(`{"OutletNumber":%s,"StartupState":"on","Outletname":"OUTLET%s","OnDelay":0,"OffDelay":0,"RebootDelay":5,"OutletStatus":"%s"}`, outletNum[1], outletNum[1], strings.ToLower(resetType)) + sessionAuthPath = "https://" + ni.BmcFQDN + "/redfish/v1/SessionService/Sessions" + sessionAuthBody = fmt.Sprintf(`{"username":"%s","password":"%s"}`, ni.BmcUser, ni.BmcPass) + } else { + body = fmt.Sprintf(`{"PowerState": "%s"}`, resetType) + } default: body = fmt.Sprintf(`{"ResetType": "%s"}`, resetType) } @@ -344,11 +363,35 @@ func (d *CapmcD) doBmcPowerCall(call bmcCall) bmcPowerRc { return res } } + + var sessionAuthToken string + if len(sessionAuthPath) > 0 { + req, err := http.NewRequest("POST", sessionAuthPath, bytes.NewBuffer([]byte(sessionAuthBody))) + req.SetBasicAuth(ni.BmcUser, ni.BmcPass) + req.Header.Set("Accept", "*/*") + req.Header.Set("Content-Type", "application/json") + // execute the request + rfClientLock.RLock() + rsp, err := d.rfClient.Do(req) + rfClientLock.RUnlock() + if err != nil { + log.Printf("POST %s\n%s Network Error: %s", + sessionAuthPath, ni.BmcType, err) + res.msg = fmt.Sprintf("%s Communication Error", ni.BmcType) + return res + } + defer rsp.Body.Close() + sessionAuthToken = rsp.Header.Get("X-Auth-Token") + } + log.Printf("doBmcPowerCall with: POST %s, Data: %s", actionPath, body) // create the request req, err := http.NewRequest("POST", actionPath, bytes.NewBuffer([]byte(body))) req.SetBasicAuth(ni.BmcUser, ni.BmcPass) req.Header.Set("Accept", "*/*") req.Header.Set("Content-Type", "application/json") + if len(sessionAuthToken) > 0 { + req.Header.Set("X-Auth-Token", sessionAuthToken) + } // execute the request rfClientLock.RLock() diff --git a/cmd/capmcd/capmcd.go b/cmd/capmcd/capmcd.go index b023467..15af36e 100644 --- a/cmd/capmcd/capmcd.go +++ b/cmd/capmcd/capmcd.go @@ -665,7 +665,11 @@ func main() { time.Sleep(backoff * time.Second) } else { log.Printf("Info: Connection to secure store (Vault) succeeded") - svc.ccs = compcreds.NewCompCredStore("secret/hms-creds", svc.ss) + vaultKeypath, ok := os.LookupEnv("VAULT_KEYPATH") + if !ok { + vaultKeypath = "secret/hms-creds" + } + svc.ccs = compcreds.NewCompCredStore(vaultKeypath, svc.ss) break } if backoff < maxBackoff {