[sos-spyre] collect the non root spyre user to collect podman commands

sos-plugin/spyre-external.py

@@ -64,6 +64,9 @@ def setup(self):
             "/etc/security/limits.d/memlock.conf",
         ])
 
+        # collect podman data for non root spyre users
+        self.get_podman_data()
+
     def get_spyre_cards(self):
         context = pyudev.Context()
         spyre_cards_bus_ids = []
@@ -81,4 +84,86 @@ def get_spyre_cards(self):
 
         return spyre_cards_bus_ids
 
+    def get_podman_data(self):
+
+        # All spyre users must be part of sentient group
+        groupname = "sentient"
+        non_root_users = self.exec_cmd("getent group "+ groupname)
+        if non_root_users['status'] == 0:
+            users = [u.strip() for u in non_root_users['output'].split(':')[3].split(',') if u.strip()]
+            for user in users:
+                # since root user outputs are collected in podman plugin
+                # skipping here
+                if not user or user == 'root':
+                    continue
+                command = "sudo -u "+ user
+                validate_cmd = self.exec_cmd(f"{command} podman system df")
+                if validate_cmd['status'] != 0:
+                    continue
+
+                self.add_cmd_tags({
+                    f'{command} podman images': 'podman_list_images',
+                    f'{command} podman ps': 'podman_list_containers'
+                })
+
+                subcmds = [
+                    'info',
+                    'images',
+                    'image trust show',
+                    'images --digests',
+                    'pod ps',
+                    'port --all',
+                    'ps',
+                    'stats --no-stream --all',
+                    'version',
+                    'volume ls',
+                    'system df -v',
+                ]
+
+                self.add_cmd_output([f"{command} podman {s}" for s in subcmds],
+                    subdir=f'podman/{user}', tags='podman_commands')
+
+                # separately grab ps -s as this can take a *very* long time
+                self.add_cmd_output(f'{command} podman ps -as', subdir=f'podman/{user}', priority=100)
+
+                pnets = self.collect_cmd_output(f'{command} podman network ls',
+                                 subdir=f'podman/{user}', tags='podman_list_networks')
+                if pnets['status'] == 0:
+                    nets = [pn.split()[0] for pn in pnets['output'].splitlines()[1:] if pn.strip()]
+                    self.add_cmd_output([
+                        f"{command} podman network inspect {net}" for net in nets
+                    ], subdir=f'podman/{user}/networks', tags='podman_network_inspect')
+
+                containers = self.collect_cmd_output(f'{command} podman ps -a', subdir=f'podman/{user}')
+                if containers['status'] == 0:
+                    cids = [container.split()[0] for container in containers['output'].splitlines()[1:] if container.strip()]
+                    self.add_cmd_output([
+                        f"{command} podman inspect {cid}" for cid in cids
+                    ], subdir=f'podman/{user}/containers', tags='podman_container_inspect')
+                    self.add_cmd_output([f"{command} podman logs -t {cid}" for cid in cids],
+                                            subdir=f'podman/{user}/containers', priority=50)
+
+                images = self.collect_cmd_output(f'{command} podman images --no-trunc', subdir=f'podman/{user}')
+                if images['status'] == 0:
+                    imageids = [
+                        image.split()[2] if image.split()[0].lower() == 'none' else f"{image.split()[0]}:{image.split()[1]}"
+                        for image in images['output'].splitlines()[1:] if image.strip()
+                    ]
+                    self.add_cmd_output([
+                        f"{command} podman inspect {imageid}" for imageid in imageids
+                    ], subdir=f'podman/{user}/images', tags='podman_image_inspect')
+                    self.add_cmd_output(
+                        [f"{command} podman image tree {imageid}" for imageid in imageids],
+                        subdir=f'podman/{user}/images/tree',
+                        tags='podman_image_tree'
+                    )
+
+                volumes = self.collect_cmd_output(f'{command} podman volume ls --format "{{{{.Name}}}}"', subdir=f'podman/{user}')
+                if volumes['status'] == 0:
+                    vols = [v for v in volumes['output'].splitlines() if v.strip()]
+                    self.add_cmd_output([
+                        f"{command} podman volume inspect {vol}" for vol in vols
+                    ], subdir=f'podman/{user}/volumes', tags='podman_volume_inspect')
+
+
 # vim: set et ts=4 sw=4 :