Merge pull request #2 from sensu/feature/annotations-override

Annotations override
sensu · Feb 11, 2020 · 500e8a7 · 500e8a7
2 parents 48c14de + ab81f04
commit 500e8a7
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 10 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,6 +7,9 @@ Versioning](http://semver.org/spec/v2.0.0.html).
 
 ## Unreleased
 
+### Changed
+- The Puppet node name can now be overridden using entities annotations
+
 ## [0.1.0] - 2020-02-11
 
 ### Added

diff --git a/README.md b/README.md
@@ -29,12 +29,13 @@ Available Commands:
   version     Print the version number of this plugin
 
 Flags:
-      --cacert string              path to the site's Puppet CA certificate PEM file
+      --ca-cert string             path to the site's Puppet CA certificate PEM file
       --cert string                path to the SSL certificate PEM file signed by your site's Puppet CA
   -e, --endpoint string            the PuppetDB API endpoint (URL). If an API path is not specified, /pdb/query/v4/nodes/ will be used
   -h, --help                       help for sensu-puppet-handler
       --insecure-skip-tls-verify   skip SSL verification
       --key string                 path to the private key PEM file for that certificate
+      --node-name string           node name to use for the entity when querying PuppetDB
   -a, --sensu-api-key string       The Sensu API key
   -u, --sensu-api-url string       The Sensu API URL (default "http://localhost:8080")
   -c, --sensu-ca-cert string       The Sensu Go CA Certificate
@@ -96,12 +97,23 @@ spec:
   type: set
 ```
 
-
 ### Check definition
 
 No check definition is needed. This handler will only trigger on keepalive
 events after it is added to the keepalive handler set.
 
+### Puppet node name
+
+When querying PuppetDB for a node, by default, Sensu will use the Sensu entity’s
+name for the Puppet node name. Individual Sensu entities can override the name
+of their corresponding Puppet node, using annotations:
+
+```yml
+# /etc/sensu/agent.yml example
+annotations:
+  sensu.io/plugins/sensu-puppet-handler/config/node-name: webserver01.example.com
+```
+
 ## Installing from source and contributing
 
 Download the latest version of the sensu-puppet-handler from [releases][4],

diff --git a/main.go b/main.go
@@ -26,14 +26,14 @@ type Handler struct {
 	puppetKey                string
 	puppetCACert             string
 	puppetInsecureSkipVerify bool
+	puppetNodeName           string
 	sensuAPIURL              string
 	sensuAPIKey              string
 	sensuCACert              string
 }
 
 const (
-	defaultAPIPath      = "pdb/query/v4/nodes"
-	labelPuppetNodeName = "puppet_node_name"
+	defaultAPIPath = "pdb/query/v4/nodes"
 )
 
 var (
@@ -82,6 +82,13 @@ var (
 			Usage:    "skip SSL verification",
 			Value:    &handler.puppetInsecureSkipVerify,
 		},
+		&sensu.PluginConfigOption{
+			Path:     "node-name",
+			Env:      "PUPPET_NODE_NAME",
+			Argument: "node-name",
+			Usage:    "node name to use for the entity when querying PuppetDB",
+			Value:    &handler.puppetNodeName,
+		},
 		{
 			Path:      "sensu-api-url",
 			Env:       "SENSU_API_URL",
@@ -196,13 +203,13 @@ func puppetHTTPClient() (*http.Client, error) {
 	// Load the public/private key pair
 	cert, err := tls.LoadX509KeyPair(handler.puppetCert, handler.puppetKey)
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("could not read the certificate/key: %s", err)
 	}
 
 	// Load the CA certificate
 	caCert, err := ioutil.ReadFile(handler.puppetCACert)
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("could not read the CA certificate: %s", err)
 	}
 	caCertPool := x509.NewCertPool()
 	caCertPool.AppendCertsFromPEM(caCert)
@@ -223,10 +230,11 @@ func puppetHTTPClient() (*http.Client, error) {
 // encountered. The Puppet node name defaults to the entity name but can be
 // overriden through the entity label "puppet_node_name"
 func puppetNodeExists(client *http.Client, event *types.Event) (bool, error) {
-	// Determine the Puppet node name
-	name := event.Entity.Name
-	if event.Entity.Labels[labelPuppetNodeName] != "" {
-		name = event.Entity.Labels[labelPuppetNodeName]
+	// Determine the Puppet node name via the annotations and fallback to the
+	// entity name
+	name := handler.puppetNodeName
+	if handler.puppetNodeName == "" {
+		name = event.Entity.Name
 	}
 
 	// Get the puppet node