CCSDK-3531 improve cmd-exec returned err msg

[ccsdk/cds.git] / ms / command-executor / src / main / python / command_executor_handler.py

#
# Copyright (C) 2019 - 2020 Bell Canada.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
from builtins import Exception, open, dict
from subprocess import CalledProcessError, PIPE, TimeoutExpired
from google.protobuf.json_format import MessageToJson
import tempfile
import logging
import os
import sys
import re
import subprocess
import venv
import utils
import proto.CommandExecutor_pb2 as CommandExecutor_pb2
from zipfile import ZipFile
import io
import time
import prometheus_client as prometheus

REQUIREMENTS_TXT = "requirements.txt"


class CommandExecutorHandler():
    BLUEPRINTS_DEPLOY_DIR = '/opt/app/onap/blueprints/deploy/'
    TOSCA_META_FILE = 'TOSCA-Metadata/TOSCA.meta'
    PROMETHEUS_METRICS_UPLOAD_CBA_LABEL = 'upload_cba'
    PROMETHEUS_METRICS_PREP_ENV_LABEL = 'prepare_env'
    PROMETHEUS_METRICS_EXEC_COMMAND_LABEL = 'execute_command'

    def __init__(self, request):
        self.request = request
        self.logger = logging.getLogger(self.__class__.__name__)
        self.blueprint_name = utils.get_blueprint_name(request)
        self.blueprint_version = utils.get_blueprint_version(request)
        self.uuid = utils.get_blueprint_uuid(request)
        self.request_id = utils.get_blueprint_requestid(request)
        self.sub_request_id = utils.get_blueprint_subRequestId(request)
        self.blueprint_name_version = utils.blueprint_name_version(request) #for legacy SR7 support
        self.blueprint_name_version_uuid = utils.blueprint_name_version_uuid(request)
        self.execution_timeout = utils.get_blueprint_timeout(request)
        # onap/blueprints/deploy will be ephemeral now
        self.blueprint_dir = self.BLUEPRINTS_DEPLOY_DIR + self.blueprint_name_version_uuid
        # if the command matches “/opt/app/onap/blueprints/deploy/$cba_name/$cba_version/stuff_that_is_not_cba_uuid/”
        # then prepend the $cba_uuid before “stuff_that_is_not_cba_uuid”
        self.blueprint_tosca_meta_file = self.blueprint_dir + '/' + self.TOSCA_META_FILE
        self.extra = utils.getExtraLogData(request)
        self.installed = self.blueprint_dir + '/.installed'
        self.prometheus_histogram = self.get_prometheus_histogram()
        self.prometheus_counter = self.get_prometheus_counter()
        self.start_prometheus_server()

    def get_prometheus_histogram(self):
        histogram = getattr(prometheus.REGISTRY, '_command_executor_histogram', None)
        if not histogram:
            histogram = prometheus.Histogram('cds_ce_execution_duration_seconds',
                             'How many times CE actions (upload, prepare env and execute) got executed and how long it took to complete for each CBA python script.',
                             ['step', 'blueprint_name', 'blueprint_version', 'script_name'])
            prometheus.REGISTRY._command_executor_histogram = histogram
        return histogram

    def get_prometheus_counter(self):
        counter = getattr(prometheus.REGISTRY, '_command_executor_counter', None)
        if not counter:
            counter = prometheus.Counter('cds_ce_execution_error_total',
                              'How many times CE actions (upload, prepare env and execute) got executed and failed for each CBA python script',
                              ['step', 'blueprint_name', 'blueprint_version', 'script_name'])
            prometheus.REGISTRY._command_executor_counter = counter
        return counter

    def start_prometheus_server(self):
        self.logger.info("PROMETHEUS_METRICS_ENABLED: {}".format(os.environ.get('PROMETHEUS_METRICS_ENABLED')), extra=self.extra)
        if (os.environ.get('PROMETHEUS_METRICS_ENABLED')):
           if not "PROMETHEUS_PORT" in os.environ:
              err_msg = "ERROR: failed to start prometheus server, PROMETHEUS_PORT env variable is not found."
              self.logger.error(err_msg, extra=self.extra)
              return utils.build_ret_data(False, results_log=[], error=err_msg)

           server_started = getattr(prometheus.REGISTRY, '_command_executor_prometheus_server_started', None)
           if not server_started:
               self.logger.info("PROMETHEUS_PORT: {}".format(os.environ.get('PROMETHEUS_PORT')), extra=self.extra)
               prometheus.start_http_server(int(os.environ.get('PROMETHEUS_PORT')))
               prometheus.REGISTRY._command_executor_prometheus_server_started = True

    def is_installed(self):
        return os.path.exists(self.installed)

    def blueprint_dir_exists(self):
        return os.path.exists(self.blueprint_dir)

    # used to validate if the blueprint actually had a chace of getting uploaded
    def blueprint_tosca_meta_file_exists(self):
        return os.path.exists(self.blueprint_tosca_meta_file)

    def err_exit(self, msg):
        self.logger.error(msg, extra=self.extra)
        return utils.build_ret_data(False, error=msg)
    
    def is_valid_archive_type(self, archiveType):
        return archiveType=="CBA_ZIP" or archiveType=="CBA_GZIP"

    # Handle uploading blueprint request
    # accept UploadBlueprintInput (CommandExecutor.proto) struct
    # create dir blueprintName/BlueprintVersion/BlueprintUUID, and extract binData as either ZIP file or GZIP
    # based on archiveType field...
    def uploadBlueprint(self, request):
        start_time = time.time()
        archive_type = request.archiveType
        compressed_cba_stream = io.BytesIO(request.binData)
        ### request_copy = request.pop("binData") # Do not show binData of the uploaded compressed CBA in the log
        ### self.logger.info("uploadBlueprint request\n{}".format(request_copy), extra=self.extra)
        self.logger.info("uploadBlueprint request\n{}".format(request), extra=self.extra)
        if not self.is_valid_archive_type(archive_type):
            self.prometheus_counter.labels(self.PROMETHEUS_METRICS_UPLOAD_CBA_LABEL, self.blueprint_name, self.blueprint_version, None).inc()
            return utils.build_grpc_blueprint_upload_response(self.request_id, self.sub_request_id, False, ["Archive type {} is not valid.".format(archive_type)])
        
        # create the BP dir self.blueprint_dir
        try:
            os.makedirs(name=self.blueprint_dir, mode=0o755, exist_ok=True)
        except OSError as ex:
            self.prometheus_counter.labels(self.PROMETHEUS_METRICS_UPLOAD_CBA_LABEL, self.blueprint_name, self.blueprint_version, None).inc()
            err_msg = "Failed to create blueprint dir: {} exception message: {}".format(self.blueprint_dir, ex.strerror)
            self.logger.error(err_msg, extra=self.extra)
            return utils.build_grpc_blueprint_upload_response(self.request_id, self.sub_request_id, False, [err_msg])
        if archive_type=="CBA_ZIP":
            self.logger.info("Extracting ZIP data to dir {}".format(self.blueprint_dir), extra=self.extra)
            try:
                with ZipFile(compressed_cba_stream,'r') as zipfile:
                    zipfile.extractall(self.blueprint_dir)                    
                self.logger.info("Done extracting ZIP data to dir {}".format(self.blueprint_dir), extra=self.extra)
            except (IOError, zipfile.error) as e:
                self.prometheus_counter.labels(self.PROMETHEUS_METRICS_UPLOAD_CBA_LABEL, self.blueprint_name, self.blueprint_version, None).inc()
                err_msg = "Error extracting ZIP data to dir {} exception: {}".format(self.blueprint_dir, e)
                self.logger.error(err_msg, extra=self.extra)
                return utils.build_grpc_blueprint_upload_response(self.request_id, self.sub_request_id, False, [err_msg])
        # TODO with an actual test gzip cba...
        elif archive_type=="CBA_GZIP":
            self.prometheus_counter.labels(self.PROMETHEUS_METRICS_UPLOAD_CBA_LABEL, self.blueprint_name, self.blueprint_version, None).inc()
            self.logger.error("CBA_GZIP TODO", extra=self.extra)
            return utils.build_grpc_blueprint_upload_response(self.request_id, self.sub_request_id, False, ["Error extracting GZIP data to {} GZIP todo!".format(self.blueprint_dir)])
        # Finally, everything is ok!
        self.prometheus_histogram.labels(self.PROMETHEUS_METRICS_UPLOAD_CBA_LABEL, self.blueprint_name, self.blueprint_version, None).observe(time.time() - start_time)
        return utils.build_grpc_blueprint_upload_response(self.request_id, self.sub_request_id, True, [])

    def prepare_env(self, request):
        results_log = []
        start_time = time.time()

        self.logger.info("prepare_env request {}".format(request), extra=self.extra)
        # validate that the blueprint name in the request exists, if not, notify the caller
        if not self.blueprint_dir_exists():
            self.prometheus_counter.labels(self.PROMETHEUS_METRICS_PREP_ENV_LABEL, self.blueprint_name, self.blueprint_version, None).inc()
            err_msg = "CBA directory {} not found on cmd-exec. CBA will be uploaded by BP proc.".format(self.blueprint_name_version_uuid)
            self.logger.info(err_msg, extra=self.extra)
            return utils.build_ret_data(False, results_log=results_log, error=err_msg, reupload_cba=True)
        if not self.blueprint_tosca_meta_file_exists():
            self.prometheus_counter.labels(self.PROMETHEUS_METRICS_PREP_ENV_LABEL, self.blueprint_name, self.blueprint_version, None).inc()
            err_msg = "CBA directory {} exists on cmd-exec, but TOSCA meta file is not found!!! Returning (null) as UUID. CBA will be uploaded by BP proc.".format(self.blueprint_name_version_uuid)
            self.logger.info(err_msg, extra=self.extra)
            return utils.build_ret_data(False, results_log=results_log, error=err_msg, reupload_cba=True)
        self.logger.info("CBA directory {} exists on cmd-exec.".format(self.blueprint_name_version_uuid), extra=self.extra)

        if not self.is_installed():
            create_venv_status = self.create_venv()
            if not create_venv_status[utils.CDS_IS_SUCCESSFUL_KEY]:
                self.prometheus_counter.labels(self.PROMETHEUS_METRICS_PREP_ENV_LABEL, self.blueprint_name, self.blueprint_version, None).inc()
                return self.err_exit("ERROR: failed to prepare environment for request {} due to error in creating virtual Python env. Original error {}".format(self.blueprint_name_version_uuid, create_venv_status[utils.ERR_MSG_KEY]))

            # Upgrade pip - venv comes with PIP 18.1, which is too old.
            if not self.upgrade_pip(results_log):
                self.prometheus_counter.labels(self.PROMETHEUS_METRICS_PREP_ENV_LABEL, self.blueprint_name, self.blueprint_version, None).inc()
                err_msg = "ERROR: failed to prepare environment for request {} due to error in upgrading pip.".format(self.blueprint_name_version_uuid)
                return utils.build_ret_data(False, results_log=results_log, error=err_msg)

            try:
                # NOTE: pip or ansible selection is done later inside 'install_packages'
                with open(self.installed, "w+") as f:
                    if not self.install_packages(request, CommandExecutor_pb2.pip, f, results_log):
                        self.prometheus_counter.labels(self.PROMETHEUS_METRICS_PREP_ENV_LABEL, self.blueprint_name, self.blueprint_version, None).inc()
                        err_msg = "ERROR: failed to prepare environment for request {} during pip package install.".format(self.blueprint_name_version_uuid)
                        return utils.build_ret_data(False, results_log=results_log, error=err_msg)
                    f.write("\r\n") # TODO: is \r needed?
                    results_log.append("\n")
                    if not self.install_packages(request, CommandExecutor_pb2.ansible_galaxy, f, results_log):
                        self.prometheus_counter.labels(self.PROMETHEUS_METRICS_PREP_ENV_LABEL, self.blueprint_name, self.blueprint_version, None).inc()
                        err_msg = "ERROR: failed to prepare environment for request {} during Ansible install.".format(self.blueprint_name_version_uuid)
                        return utils.build_ret_data(False, results_log=results_log, error=err_msg)
            except Exception as ex:
                self.prometheus_counter.labels(self.PROMETHEUS_METRICS_PREP_ENV_LABEL, self.blueprint_name, self.blueprint_version, None).inc()
                err_msg = "ERROR: failed to prepare environment for request {} during installing packages. Exception: {}".format(self.blueprint_name_version_uuid, ex)
                self.logger.error(err_msg, extra=self.extra)
                return utils.build_ret_data(False, error=err_msg)
        else:
            try:
                self.logger.info(".installed file was found for request {}".format(self.blueprint_name_version_uuid), extra=self.extra)
                with open(self.installed, "r") as f:
                    results_log.append(f.read())
            except Exception as ex:
                self.prometheus_counter.labels(self.PROMETHEUS_METRICS_PREP_ENV_LABEL, self.blueprint_name, self.blueprint_version, None).inc()
                err_msg="ERROR: failed to prepare environment during reading 'installed' file {}. Exception: {}".format(self.installed, ex)
                return utils.build_ret_data(False, error=err_msg)

        # deactivate_venv(blueprint_id)
        self.prometheus_histogram.labels(self.PROMETHEUS_METRICS_PREP_ENV_LABEL, self.blueprint_name, self.blueprint_version, None).observe(time.time() - start_time)
        return utils.build_ret_data(True, results_log=results_log)

    def execute_command(self, request):
        start_time = time.time()
        # STDOUT/STDERR output of the process
        results_log = []
        # encoded payload returned by the process
        result = {}
        script_err_msg = []

        self.logger.info("execute_command request {}".format(request), extra=self.extra)
        # workaround for when packages are not specified, we may not want to go through the install step
        # can just call create_venv from here.
        if not self.is_installed():
            self.create_venv()
        try:
            if not self.is_installed():
                create_venv_status = self.create_venv
                if not create_venv_status[utils.CDS_IS_SUCCESSFUL_KEY]:
                    self.prometheus_counter.labels(self.PROMETHEUS_METRICS_EXEC_COMMAND_LABEL, self.blueprint_name, self.blueprint_version, request.command).inc()
                    err_msg = "{} - Failed to execute command during venv creation. Original error: {}".format(self.blueprint_name_version_uuid, create_venv_status[utils.ERR_MSG_KEY])
                    return utils.build_ret_data(False, error=err_msg)

            # touch blueprint dir to indicate this CBA was used recently
            os.utime(self.blueprint_dir)

            cmd = "cd " + self.blueprint_dir

            ### if properties are defined we add them to the command
            properties = ""
            if request.properties is not None and len(request.properties) > 0:
                properties = " " + re.escape(MessageToJson(request.properties)).replace('"','\\"')

            # SR7/SR10 compatibility hack
            # check if the path for the request.command does not contain UUID, then add it after cba_name/cba_version path.
            updated_request_command = request.command
            if self.blueprint_name_version in updated_request_command and self.blueprint_name_version_uuid not in updated_request_command:
                updated_request_command = updated_request_command.replace(self.blueprint_name_version, self.blueprint_name_version_uuid)

            if "ansible-playbook" in updated_request_command:
                cmd = cmd + "; " + updated_request_command + " -e 'ansible_python_interpreter=" + self.blueprint_dir + "/bin/python'"
            else:
                cmd = cmd + "; " + updated_request_command + properties

            ### extract the original header request into sys-env variables
            # OriginatorID
            originator_id = request.originatorId
            # CorrelationID
            correlation_id = request.correlationId
            request_id_map = {'CDS_REQUEST_ID':self.request_id, 'CDS_SUBREQUEST_ID':self.sub_request_id, 'CDS_ORIGINATOR_ID': originator_id, 'CDS_CORRELATION_ID': correlation_id}
            updated_env =  { **os.environ, **request_id_map }
            # Prepare PATH and VENV_HOME
            updated_env['PATH'] = self.blueprint_dir + "/bin/:" + os.environ['PATH']
            updated_env['VIRTUAL_ENV'] = self.blueprint_dir
            self.logger.info("Running blueprint {} with timeout: {}".format(self.blueprint_name_version_uuid, self.execution_timeout), extra=self.extra)
            with tempfile.TemporaryFile(mode="w+") as tmp:
                try:
                    completed_subprocess = subprocess.run(cmd, stdout=tmp, stderr=subprocess.STDOUT, shell=True,
                                                          env=updated_env, timeout=self.execution_timeout)
                except TimeoutExpired as timeout_ex:
                    self.prometheus_counter.labels(self.PROMETHEUS_METRICS_EXEC_COMMAND_LABEL, self.blueprint_name, self.blueprint_version, request.command).inc()
                    timeout_err_msg = "Running command {} failed due to timeout of {} seconds.".format(self.blueprint_name_version_uuid, self.execution_timeout)
                    self.logger.error(timeout_err_msg, extra=self.extra)
                    # In the time-out case, we will never get CBA's script err msg string.
                    utils.parse_cmd_exec_output(outputfile=tmp, logger=self.logger, payload_result=result, err_msg_result=script_err_msg, results_log=results_log, extra=self.extra)
                    return utils.build_ret_data(False, results_log=results_log, error=timeout_err_msg)
                utils.parse_cmd_exec_output(outputfile=tmp, logger=self.logger, payload_result=result, err_msg_result=script_err_msg, results_log=results_log, extra=self.extra)
                rc = completed_subprocess.returncode
        except Exception as e:
            self.prometheus_counter.labels(self.PROMETHEUS_METRICS_EXEC_COMMAND_LABEL, self.blueprint_name, self.blueprint_version, request.command).inc()
            err_msg = "{} - Failed to execute command. Error: {}".format(self.blueprint_name_version_uuid, e)
            result.update(utils.build_ret_data(False, results_log=results_log, error=err_msg))
            return result

        # Since return code is only used to check if it's zero (success), we can just return success flag instead.
        is_execution_successful = rc == 0
        # Propagate error message in case rc is not 0
        ret_err_msg = None if is_execution_successful or not script_err_msg else script_err_msg
        result.update(utils.build_ret_data(is_execution_successful, results_log=results_log, error=ret_err_msg))
        self.prometheus_histogram.labels(self.PROMETHEUS_METRICS_EXEC_COMMAND_LABEL, self.blueprint_name, self.blueprint_version, request.command).observe(time.time() - start_time)

        return result

    def install_packages(self, request, type, f, results):
        success = self.install_python_packages('UTILITY', results)
        if not success:
            self.logger.error("Error installing 'UTILITY (cds_utils) package to CBA python environment!!!", extra=self.extra)
            return False

        for package in request.packages:
            if package.type == type:
                f.write("Installed %s packages:\r\n" % CommandExecutor_pb2.PackageType.Name(type))
                for p in package.package:
                    f.write("   %s\r\n" % p)
                    if package.type == CommandExecutor_pb2.pip:
                        success = self.install_python_packages(p, results)
                    else:
                        success = self.install_ansible_packages(p, results)
                    if not success:
                        f.close()
                        os.remove(self.installed)
                        return False
        return True

    def upgrade_pip(self, results):
        self.logger.info("{} - updating PIP (venv supplied pip is too old...)".format(self.blueprint_name_version_uuid), extra=self.extra)
        full_path_to_pip = self.blueprint_dir + "/bin/pip"
        command = [full_path_to_pip,"install","--upgrade","pip"]
        env = dict(os.environ)
        if "https_proxy" in os.environ:
            env['https_proxy'] = os.environ['https_proxy']
            self.logger.info("Using https_proxy: {}".format(env['https_proxy']), extra=self.extra)
        try:
            results.append(subprocess.run(command, check=True, stdout=PIPE, stderr=PIPE, env=env).stdout.decode())
            results.append("\n")
            self.logger.info("upgrade_pip succeeded", extra=self.extra)
            return True
        except CalledProcessError as e:
            results.append(e.stderr.decode())
            self.logger.error("upgrade_pip failed", extra=self.extra)
            return False

    def install_python_packages(self, package, results):
        self.logger.info( "{} - Install Python package({}) in Python Virtual Environment".format(self.blueprint_name_version_uuid, package), extra=self.extra)
        pip_install_user_flag = 'PIP_INSTALL_USER_FLAG' in os.environ

        if pip_install_user_flag:
            self.logger.info("Note: PIP_INSTALL_USER_FLAG is set, 'pip install' will use '--user' flag.", extra=self.extra)

        if REQUIREMENTS_TXT == package:
            full_path_to_pip = self.blueprint_dir + "/bin/pip"
            full_path_to_requirements_txt = self.blueprint_dir + "/Environments/" + REQUIREMENTS_TXT
            command = [full_path_to_pip, "install", "--user", "-r", full_path_to_requirements_txt] if pip_install_user_flag else [full_path_to_pip, "install", "-r", full_path_to_requirements_txt]
        elif package == 'UTILITY':
            py_ver_maj = sys.version_info.major
            py_ver_min = sys.version_info.minor
            command = ["cp", "-r", "./cds_utils", "{}/lib/python{}.{}/site-packages/".format(self.blueprint_dir, py_ver_maj,py_ver_min)]
        else:
            command = ["pip", "install", "--user", package] if pip_install_user_flag else ["pip", "install", package]

        env = dict(os.environ)
        if "https_proxy" in os.environ:
            env['https_proxy'] = os.environ['https_proxy']
            self.logger.info("Using https_proxy: {}".format(env['https_proxy']), extra=self.extra)
        try:
            results.append(subprocess.run(command, check=True, stdout=PIPE, stderr=PIPE, env=env).stdout.decode())
            results.append("\n")
            self.logger.info("install_python_packages {} succeeded".format(package), extra=self.extra)
            return True
        except CalledProcessError as e:
            results.append(e.stderr.decode())
            self.logger.error("install_python_packages {} failed".format(package), extra=self.extra)
            return False

    def install_ansible_packages(self, package, results):
        self.logger.info( "{} - Install Ansible Role package({}) in Python Virtual Environment".format(self.blueprint_name_version_uuid, package), extra=self.extra)
        command = ["ansible-galaxy", "install", package, "-p", self.blueprint_dir + "/Scripts/ansible/roles"]

        env = dict(os.environ)
        if "http_proxy" in os.environ:
            # ansible galaxy uses https_proxy environment variable, but requires it to be set with http proxy value.
            env['https_proxy'] = os.environ['http_proxy']
        try:
            results.append(subprocess.run(command, check=True, stdout=PIPE, stderr=PIPE, env=env).stdout.decode())
            results.append("\n")
            return True
        except CalledProcessError as e:
            results.append(e.stderr.decode())
            return False

    # Returns a map with 'status' and 'err_msg'.
    # 'status' True indicates success.
    # 'err_msg' indicates an error occurred. The presence of err_msg may not be fatal,
    # status should be set to False for fatal errors.
    def create_venv(self):
        self.logger.info("{} - Create Python Virtual Environment".format(self.blueprint_name_version_uuid), extra=self.extra)
        try:
            bin_dir = self.blueprint_dir + "/bin"
            # check if CREATE_VENV_DISABLE_SITE_PACKAGES is set
            venv_system_site_packages_disabled = 'CREATE_VENV_DISABLE_SITE_PACKAGES' in os.environ
            if (venv_system_site_packages_disabled):
                self.logger.info("Note: CREATE_VENV_DISABLE_SITE_PACKAGES env var is set - environment creation will have site packages disabled.", extra=self.extra)
            venv.create(self.blueprint_dir, with_pip=True, system_site_packages=not venv_system_site_packages_disabled)
            self.logger.info("{} - Creation of Python Virtual Environment finished.".format(self.blueprint_name_version_uuid), extra=self.extra)
            return utils.build_ret_data(True)
        except Exception as err:
            err_msg = "{} - Failed to provision Python Virtual Environment. Error: {}".format(self.blueprint_name_version_uuid, err)
            self.logger.info(err_msg, extra=self.extra)
            return utils.build_ret_data(False, error=err_msg)