Checkmk git commits September 2022

checkmk-commits@lists.checkmk.com

1 participants
607 discussions

[tribe29/checkmk] 34329c: Fix single timeseries graph dashlet after recent r...

by Lars

Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: 34329cb0d77340c15b258f0b1bde6b4a88ae1750 https://github.com/tribe29/checkmk/commit/34329cb0d77340c15b258f0b1bde6b4a8… Author: Lars Michelsen <lm(a)tribe29.com> Date: 2022-09-01 (Thu, 01 Sep 2022) Changed paths: M cmk/gui/plugins/dashboard/graph.py Log Message: ----------- Fix single timeseries graph dashlet after recent refactoring Change-Id: I63b6a002f93247dce3d14241bb0187268405df35

1 year, 10 months

[tribe29/checkmk] 866c43: Revert "Revert "Plugin architecture for update_con...

by Jörg Herbel

Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: 866c437b02f849737f049cc8f16fd25b09a48470 https://github.com/tribe29/checkmk/commit/866c437b02f849737f049cc8f16fd25b0… Author: Joerg Herbel <joerg.herbel(a)tribe29.com> Date: 2022-09-01 (Thu, 01 Sep 2022) Changed paths: M bin/cmk-update-config M cmk/.f12 A cmk/update_config/main.py A cmk/update_config/plugins/__init__.py A cmk/update_config/plugins/actions/__init__.py A cmk/update_config/registry.py M omd/packages/check_mk/check_mk.make M scripts/find-python-files A tests/unit/cmk/post_rename_site/__init__.py A tests/unit/cmk/update_config/__init__.py A tests/unit/cmk/update_config/test_main.py Log Message: ----------- Revert "Revert "Plugin architecture for update_config"" This reverts commit 6d500eec297eb0ba2c3c5ae5ba1a2d08ee43fae5. Change-Id: I2d1cc23ffbe92b399f3bc969fcb648f37c55bafb

1 year, 10 months

[tribe29/checkmk] a4595a: Add missing type hints to dashlets

by Lars

Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: a4595acd95737b617b0ec8c2bc25abf55dcfd0b1 https://github.com/tribe29/checkmk/commit/a4595acd95737b617b0ec8c2bc25abf55… Author: Lars Michelsen <lm(a)tribe29.com> Date: 2022-09-01 (Thu, 01 Sep 2022) Changed paths: M cmk/gui/plugins/dashboard/graph.py M tests/unit/cmk/gui/test_dashboard.py Log Message: ----------- Add missing type hints to dashlets Change-Id: I432a24beb86742c9e76a3b7e0dc95107c37a20bd Commit: 9c91b3a60bf7be2c879bf4ba90dfd6528d8aa52c https://github.com/tribe29/checkmk/commit/9c91b3a60bf7be2c879bf4ba90dfd6528… Author: Lars Michelsen <lm(a)tribe29.com> Date: 2022-09-01 (Thu, 01 Sep 2022) Changed paths: M cmk/gui/dashboard.py M cmk/gui/plugins/dashboard/custom_url.py M cmk/gui/plugins/dashboard/failed_notifications.py M cmk/gui/plugins/dashboard/graph.py M cmk/gui/plugins/dashboard/logo.py M cmk/gui/plugins/dashboard/overview.py M cmk/gui/plugins/dashboard/snapin.py M cmk/gui/plugins/dashboard/static_text.py M cmk/gui/plugins/dashboard/user_messages.py M cmk/gui/plugins/dashboard/utils.py M cmk/gui/plugins/dashboard/view.py M tests/unit/cmk/gui/test_dashboard.py Log Message: ----------- Prepare dashlet config for typing With this change we prepare for making DashletConfig a typed dict. We introduce a dashlet type specific dashlet config class which defines the attribute that can be configured for that dashlet while keeping DashletConfig a regular dict. This way we can prepare the code step py step for the final change. Change-Id: I6462076814df63371602a6ad45bc2412ba1db2dc Commit: 906e02adffbd6b7d619b652bd93ef64b0a643a37 https://github.com/tribe29/checkmk/commit/906e02adffbd6b7d619b652bd93ef64b0… Author: Lars Michelsen <lm(a)tribe29.com> Date: 2022-09-01 (Thu, 01 Sep 2022) Changed paths: M cmk/gui/plugins/dashboard/graph.py M cmk/gui/type_defs.py M tests/unit/cmk/gui/test_dashboard.py Log Message: ----------- Clean up graph dashlet hierarchy GraphDashlet was used as concrete class for template graphs and as base class for custom and single timeseries graph dashlets. Separated both into ABCGraphDashlet and TemplateGraphDashlet. Also clarified the DashletConfig and GraphIdentifier types for the different concrete graph dashlets. Change-Id: I8bcf51ecc7024512001b709174712e534cae914c Commit: bd0a39ba5b75a89a060e2b7820b388756f1b0ede https://github.com/tribe29/checkmk/commit/bd0a39ba5b75a89a060e2b7820b388756… Author: Lars Michelsen <lm(a)tribe29.com> Date: 2022-09-01 (Thu, 01 Sep 2022) Changed paths: M cmk/gui/plugins/dashboard/graph.py Log Message: ----------- Graph dashlets: Cleanup _graph_identification and _graph_title Move the dynamically computed attributes out of the GraphDashlet config and make it regular attributes. Change-Id: Ia4aca5cb4a6565ff3053219fb61ab171e4320470 Compare: https://github.com/tribe29/checkmk/compare/a62b28887943...bd0a39ba5b75

1 year, 10 months

[tribe29/checkmk] 493c89: 13019 FIX Update requests module

by Konstantin Baikov

Branch: refs/heads/2.1.0 Home: https://github.com/tribe29/checkmk Commit: 493c89833c95c1305ba4811f945aca4fb5ed9061 https://github.com/tribe29/checkmk/commit/493c89833c95c1305ba4811f945aca4fb… Author: Konstantin Baikov <konstantin.baikov(a)tribe29.com> Date: 2022-09-01 (Thu, 01 Sep 2022) Changed paths: A .werks/13019 M Pipfile M Pipfile.lock Log Message: ----------- 13019 FIX Update requests module Change-Id: Idbabb9bdcf173f0e2c49d9509855a392c58fe443

1 year, 10 months

[tribe29/checkmk] 7749ff: Remove ununsed add_headers field

by Timotheus Bachinger

Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: 7749ffc51a7f90d76f6572fce62aca5430b62e77 https://github.com/tribe29/checkmk/commit/7749ffc51a7f90d76f6572fce62aca543… Author: Hannes Rantzsch <hannes.rantzsch(a)tribe29.com> Date: 2022-09-01 (Thu, 01 Sep 2022) Changed paths: M livestatus/api/python/livestatus.py Log Message: ----------- Remove ununsed add_headers field Change-Id: Ide8a9adbcb4e8b695ca4d676b93109b225e612d4 Commit: a62b2888794362d14cc25c38536d12cc2b516b1d https://github.com/tribe29/checkmk/commit/a62b2888794362d14cc25c38536d12cc2… Author: Timotheus Bachinger <timotheus.bachinger(a)tribe29.com> Date: 2022-09-01 (Thu, 01 Sep 2022) Changed paths: A buildscripts/infrastructure/build-nodes/aws/roles/add-localhost/files/perform_rest_action.py M buildscripts/infrastructure/build-nodes/aws/roles/add-localhost/tasks/main.yml Log Message: ----------- Provide a host with pre discovered services in AMI ... and use our REST API for that Change-Id: Icd990c97a16bfbf56bac64d567dbe442b51de9f7 Compare: https://github.com/tribe29/checkmk/compare/37c456556fc6...a62b28887943

1 year, 10 months

[tribe29/checkmk] f32935: 14748 FIX Fix flexible and plain email notifications

by rb

Branch: refs/heads/1.6.0 Home: https://github.com/tribe29/checkmk Commit: f32935b3b8f376443acfd7a59d22211f26dea0e0 https://github.com/tribe29/checkmk/commit/f32935b3b8f376443acfd7a59d22211f2… Author: Ronny Bruska <ronny.bruska(a)tribe29.com> Date: 2022-09-01 (Thu, 01 Sep 2022) Changed paths: A .werks/14748 M cmk_base/notify.py Log Message: ----------- 14748 FIX Fix flexible and plain email notifications SUP-11067 Change-Id: I69af7f7f5344a8520654dc82381e3b02c7452cc4

1 year, 10 months

[tribe29/checkmk] 4d17e9: fixes xss-crawl job to use the right artifact name...

by racicLuka

Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: 4d17e9bb61de78833601e432cf9a496508586f20 https://github.com/tribe29/checkmk/commit/4d17e9bb61de78833601e432cf9a49650… Author: Frans Fürst <frans.fuerst(a)tribe29.com> Date: 2022-09-01 (Thu, 01 Sep 2022) Changed paths: M buildscripts/scripts/test-xss-crawl.groovy Log Message: ----------- fixes xss-crawl job to use the right artifact name component Change-Id: Ia1f9b2c2187c3adc7bba9dd3f08221356bf88393 Commit: 6d500eec297eb0ba2c3c5ae5ba1a2d08ee43fae5 https://github.com/tribe29/checkmk/commit/6d500eec297eb0ba2c3c5ae5ba1a2d08e… Author: Alex Zurhake <alex.zurhake(a)tribe29.com> Date: 2022-09-01 (Thu, 01 Sep 2022) Changed paths: M bin/cmk-update-config M cmk/.f12 R cmk/update_config/main.py R cmk/update_config/plugins/__init__.py R cmk/update_config/plugins/actions/__init__.py R cmk/update_config/registry.py M omd/packages/check_mk/check_mk.make M scripts/find-python-files R tests/unit/cmk/post_rename_site/__init__.py R tests/unit/cmk/update_config/__init__.py R tests/unit/cmk/update_config/test_main.py Log Message: ----------- Revert "Plugin architecture for update_config" This reverts commit 522e954ab01af61f30eb6771e86cc2de8ad6d55c. Commit: 8610e0e5cb9b8b0ec0f3aaeca35b5c97c6e18882 https://github.com/tribe29/checkmk/commit/8610e0e5cb9b8b0ec0f3aaeca35b5c97c… Author: LukaRacic <luka.racic(a)tribe29.com> Date: 2022-09-01 (Thu, 01 Sep 2022) Changed paths: A .werks/14433 Log Message: ----------- 14433 KUBE: New workload resource: CronJobs Change-Id: Id2d2dce746142f0002021887730e39c130697225 Commit: 37c456556fc6a62857a4b0e4b4d09cb9cca9790d https://github.com/tribe29/checkmk/commit/37c456556fc6a62857a4b0e4b4d09cb9c… Author: LukaRacic <luka.racic(a)tribe29.com> Date: 2022-09-01 (Thu, 01 Sep 2022) Changed paths: M .werks/14433 M cmk/special_agents/agent_kube.py Log Message: ----------- KUBE: Added pod_resources to CronJob hosts Change-Id: Id4a13cb710fbb9e87cd8febdb96083854a47e094 Compare: https://github.com/tribe29/checkmk/compare/2e8cf315be26...37c456556fc6

1 year, 10 months

[tribe29/checkmk] cbf930: test_config_sync: expected paths: use cmk_version

by Lisa Pichler

Branch: refs/heads/refs7for/master Home: https://github.com/tribe29/checkmk Commit: cbf930023e4e75654d6cfe5acf3f4096ab7ea2a0 https://github.com/tribe29/checkmk/commit/cbf930023e4e75654d6cfe5acf3f4096a… Author: Lisa Pichler <lisa.pichler(a)tribe29.com> Date: 2022-09-01 (Thu, 01 Sep 2022) Changed paths: M tests/unit/cmk/gui/watolib/test_config_sync.py Log Message: ----------- test_config_sync: expected paths: use cmk_version instead of patched functions Change-Id: Ibe525d124e5ec39083e2729c40c00ccf2c040994 Commit: 6998248e266bf4f4b8eead3b279498159f19d6a5 https://github.com/tribe29/checkmk/commit/6998248e266bf4f4b8eead3b279498159… Author: Lisa Pichler <lisa.pichler(a)tribe29.com> Date: 2022-09-01 (Thu, 01 Sep 2022) Changed paths: M tests/unit/cmk/gui/watolib/test_config_sync.py Log Message: ----------- test_config_sync: expected paths: consolidate conditions Change-Id: I990481d2d8eacc4b7f3dfbc961082f309259453b Commit: a748595b4ada800b47c2a8ba5b3ec8a62b88af2f https://github.com/tribe29/checkmk/commit/a748595b4ada800b47c2a8ba5b3ec8a62… Author: Lisa Pichler <lisa.pichler(a)tribe29.com> Date: 2022-09-01 (Thu, 01 Sep 2022) Changed paths: M tests/unit/cmk/gui/watolib/test_config_sync.py Log Message: ----------- test_config_sync: expected paths: simplify order of operations Change-Id: Ifee84ad61b6122dd5e4db1f8b887dc7b7f79f348 Compare: https://github.com/tribe29/checkmk/compare/cbf930023e4e%5E...a748595b4ada

1 year, 10 months

[tribe29/checkmk] 1a5feb: 14384 SEC Fix command injection in livestatus quer...

by Hannes Rantzsch

Branch: refs/heads/2.1.0 Home: https://github.com/tribe29/checkmk Commit: 1a5feb45c9ea39f9d9f769d77d14467302288c0d https://github.com/tribe29/checkmk/commit/1a5feb45c9ea39f9d9f769d77d1446730… Author: Hannes Rantzsch <hannes.rantzsch(a)tribe29.com> Date: 2022-09-01 (Thu, 01 Sep 2022) Changed paths: A .werks/14384 M livestatus/api/python/livestatus.py M tests/unit/livestatus/test_livestatus_unit.py Log Message: ----------- 14384 SEC Fix command injection in livestatus query headers Prior to this Werk it was possible to inject livestatus commands in Checkmk's livestatus wrapper and python API. Attackers could add additional commands in the AuthUser query header using newline characters. This allowed running arbitrary livestatus commands, including external commands to the core. The issue could only be exploited by attackers from localhost, where the tampered header could be injected in a request to graph data. We thank Stefan Schiller (SonarSource) for reporting this issue. Affected Versions: All currently supported versions are affected: 1.6, 2.0, and 2.1. Mitigations: Immediate mitigations are not available. Indicators of Compromise: Review the logs of Nagios / CMC for suspicious commands. Vulnerability Management: We have rated the issue with a CVSS Score of 6.8 (Medium) with the following CVSS vector: <tt>CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L</tt>. A CVE has been requested. Changes: This Werk adds sanitization for the AuthUser header field. CMK-11203 Change-Id: Ie34b324ab57e84df03fd0ecbf54d22804d101723

1 year, 10 months

[tribe29/checkmk] 16cea8: 14384 SEC Fix command injection in livestatus quer...

by Hannes Rantzsch

Branch: refs/heads/1.6.0 Home: https://github.com/tribe29/checkmk Commit: 16cea8572bd3ff594110b97e12408fcb939c487b https://github.com/tribe29/checkmk/commit/16cea8572bd3ff594110b97e12408fcb9… Author: Hannes Rantzsch <hannes.rantzsch(a)tribe29.com> Date: 2022-09-01 (Thu, 01 Sep 2022) Changed paths: A .werks/14384 M livestatus/api/python/livestatus.py M tests/unit/livestatus/test_livestatus_unit.py Log Message: ----------- 14384 SEC Fix command injection in livestatus query headers Prior to this Werk it was possible to inject livestatus commands in Checkmk's livestatus wrapper and python API. Attackers could add additional commands in the AuthUser query header using newline characters. This allowed running arbitrary livestatus commands, including external commands to the core. The issue could only be exploited by attackers from localhost, where the tampered header could be injected in a request to graph data. We thank Stefan Schiller (SonarSource) for reporting this issue. Affected Versions: All currently supported versions are affected: 1.6, 2.0, and 2.1. Mitigations: Immediate mitigations are not available. Indicators of Compromise: Review the logs of Nagios / CMC for suspicious commands. Vulnerability Management: We have rated the issue with a CVSS Score of 6.8 (Medium) with the following CVSS vector: <tt>CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L</tt>. A CVE has been requested. Changes: This Werk adds sanitization for the AuthUser header field. CMK-11203 Change-Id: Ie34b324ab57e84df03fd0ecbf54d22804d101723

1 year, 10 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

Checkmk git commits September 2022