CHANGELOG.md

@@ -2,6 +2,19 @@
 
 All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org).
 
+## [v2.5.0](https://github.com/puppetlabs/puppetlabs-pe_status_check/tree/v2.5.0) (2022-11-09)
+
+[Full Changelog](https://github.com/puppetlabs/puppetlabs-pe_status_check/compare/v2.4.1...v2.5.0)
+
+### Added
+
+- \(\#172\) Improve query time on S0026 [\#173](https://github.com/puppetlabs/puppetlabs-pe_status_check/pull/173) ([seanmil](https://github.com/seanmil))
+
+### Fixed
+
+- \(SUP-3777\) Stop loop in S0039 if log is in unreadable format [\#174](https://github.com/puppetlabs/puppetlabs-pe_status_check/pull/174) ([elainemccloskey](https://github.com/elainemccloskey))
+- \(\#170\) Improve agent\_status\_check.AS002 performance [\#171](https://github.com/puppetlabs/puppetlabs-pe_status_check/pull/171) ([seanmil](https://github.com/seanmil))
+
 ## [v2.4.1](https://github.com/puppetlabs/puppetlabs-pe_status_check/tree/v2.4.1) (2022-10-14)
 
 [Full Changelog](https://github.com/puppetlabs/puppetlabs-pe_status_check/compare/v2.4.0...v2.4.1)

lib/facter/agent_status_check.rb

@@ -26,8 +26,23 @@
       result = Facter::Core::Execution.execute('netstat -np tcp', { timeout: PEStatusCheck.facter_timeout })
       { AS002: result.match?(%r{8142\s*ESTABLISHED}) }
     else
-      result = Facter::Core::Execution.execute("ss -onp state established '( dport = :8142 )' ", { timeout: PEStatusCheck.facter_timeout })
-      { AS002: result.include?('pxp-agent') }
+      # Obtain all inodes associated with any sockets established outbound to TCP/8142:
+      socket_state = Facter::Core::Execution.execute("ss -tone state established '( dport = :8142 )' ", { timeout: PEStatusCheck.facter_timeout })
+      socket_matches = Set.new(socket_state.scan(%r{ino:(\d+)}).flatten)
+
+      # Look for the pxp-agent process in the process table:
+      cmdline_path = Dir.glob('/proc/[0-9]*/cmdline').find { |path| File.read(path).split("\0").first == '/opt/puppetlabs/puppet/bin/pxp-agent' }
+
+      # If no match was found, then the connection to 8142 is not the pxp-agent process because it is not in the process table:
+      if cmdline_path.nil?
+        { AS002: false }
+      else
+        # Find all of the file descriptors associated with pxp-agent which are sockets, and extract just the associated inode number:
+        fd_path = File.join(File.dirname(cmdline_path), 'fd', '*')
+        pxp_socket_inodes = Set.new(Dir.glob(fd_path).map { |path| File.readlink(path) }.select { |t| t.start_with?('socket:') }.map { |str| str.tr('^0-9', '') })
+
+        { AS002: socket_matches.intersect?(pxp_socket_inodes) }
+      end
     end
   rescue Facter::Core::Execution::ExecutionFailure => e
     Facter.warn("agent_status_check.AS002 failed to get socket status: #{e.message}")

lib/facter/pe_status_check.rb

@@ -297,9 +297,9 @@
   chunk(:S0026) do
     next unless ['primary', 'legacy_primary', 'replica', 'pe_compiler', 'legacy_compiler'].include?(Facter.value('pe_status_check_role'))
 
-    response = PEStatusCheck.http_get('/status/v1/services?level=debug', 8140)
+    response = PEStatusCheck.http_get('/status/v1/services/status-service?level=debug', 8140)
     if response
-      heap_max = response.dig('status-service', 'status', 'experimental', 'jvm-metrics', 'heap-memory', 'init')
+      heap_max = response.dig('status', 'experimental', 'jvm-metrics', 'heap-memory', 'init')
       {
         S0026: if heap_max.nil?
                  false
@@ -467,6 +467,7 @@
     rescue StandardError => e
       Facter.warn("Error in fact 'pe_status_check.S0039' when querying puppetserver access logs: #{e.message}")
       Facter.debug(e.backtrace)
+      break
     end
 
     { S0039: !has_503 }

metadata.json

@@ -1,6 +1,6 @@
 {
   "name": "puppetlabs-pe_status_check",
-  "version": "2.4.1",
+  "version": "2.5.0",
   "author": "Marty Ewings",
   "summary": "A Puppet Enterprise Module to Promote Preventative Maintenance and Self Service",
   "license": "Apache-2.0",