Skip to main content

Main Function Flow

In this document, we will explain the process of the main function. The process involves initializing module parameters, setting up the working directory, installing the FLRTVC script, running the script to generate a report, parsing the report, downloading and checking efixes, and finally installing the efixes.

The flow starts with initializing the necessary parameters for the module to function correctly. Then, it sets up a working directory and installs the FLRTVC script. After that, it runs the script to generate a vulnerabilities report. The report is then parsed to build a list of URLs to download. The next step involves downloading and checking efixes. If the download-only parameter is set, the process exits after downloading the efixes. Finally, the efixes are installed, and if successful, the process logs a completion message and exits.

Flow drill down

Initializing Module Parameters

First, the main function initializes the module parameters using AnsibleModule. This sets up the necessary parameters for the module to function correctly, such as apar, filesets, csv, path, and others.

def main():
    global module
    global results
    global workdir

    module = AnsibleModule(
        argument_spec=dict(
            apar=dict(required=False, type='str', choices=['sec', 'hiper', 'all', None], default=None),
            filesets=dict(required=False, type='str'),
            csv=dict(required=False, type='str'),
            path=dict(required=False, type='str', default='/var/adm/ansible'),
            save_report=dict(required=False, type='bool', default=False),
            verbose=dict(required=False, type='bool', default=False),
            force=dict(required=False, type='bool', default=False),
            clean=dict(required=False, type='bool', default=False),
            check_only=dict(required=False, type='bool', default=False),
            download_only=dict(required=False, type='bool', default=False),
            extend_fs=dict(required=False, type='bool', default=True),
            protocol=dict(required=False, type='str', choices=['https', 'http', 'ftp']),
            localpatchserver=dict(required=False, type='str', default=""),
            localpatchpath=dict(required=False, type='str', default=""),

Setting Up Working Directory

Next, the main function sets up the working directory. If the directory does not exist, it creates it with the appropriate permissions.

    # Create working directory if needed
    workdir = os.path.abspath(os.path.join(flrtvc_params['dst_path'], 'work'))
    if not os.path.exists(workdir):
        os.makedirs(workdir, mode=0o744)

Installing FLRTVC Script

Then, the main function installs the FLRTVC script. It downloads the script, unzips it, and ensures it is executable. If any step fails, it cleans up the working directory and exits with an error.

    module.debug('*** INSTALL ***')
    flrtvc_dir = os.path.abspath(os.path.join('usr', 'bin'))
    flrtvc_path = os.path.abspath(os.path.join(flrtvc_dir, 'flrtvc.ksh'))

    if os.path.exists(flrtvc_path):
        try:
            os.remove(flrtvc_path)
        except OSError as exc:
            msg = f'Exception removing {flrtvc_path}, exception={exc}'
            module.log(msg)
            results['meta']['messages'].append(msg)

    flrtvc_dst = os.path.abspath(os.path.join(workdir, 'FLRTVC-latest.zip'))
    if not download(flrtvczip, flrtvc_dst, resize_fs):
        if clean and os.path.exists(workdir):
            shutil.rmtree(workdir, ignore_errors=True)
        results['msg'] = 'Failed to download FLRTVC-latest.zip'
        module.fail_json(**results)

    if not unzip(flrtvc_dst, flrtvc_dir, resize_fs):
        if clean and os.path.exists(workdir):

Running FLRTVC Script

Moving to the next step, the main function runs the FLRTVC script to generate a vulnerabilities report. If the script fails, it cleans up the working directory and exits with an error.

    module.debug('*** REPORT ***')
    if not run_flrtvc(flrtvc_path, flrtvc_params, force):
        msg = 'Failed to get vulnerabilities report, system will not be updated'
        results['msg'] = msg
        if clean and os.path.exists(workdir):
            shutil.rmtree(workdir, ignore_errors=True)
        module.fail_json(**results)

Parsing FLRTVC Report

Next, the main function parses the FLRTVC report using the run_parser function. This step builds the list of URLs to download.

    module.debug('*** PARSE ***')
    run_parser(results['meta']['0.report'], localpatchserver, localpatchpath)

Downloading and Checking Efixes

Then, the main function downloads and checks efixes using the run_downloader function. If the download_only parameter is set, it exits after downloading the efixes.

    module.debug('*** DOWNLOAD ***')
    run_downloader(results['meta']['1.parse'], workdir, resize_fs)

    if download_only:
        if clean and os.path.exists(workdir):
            shutil.rmtree(workdir, ignore_errors=True)
        results['msg'] = 'exit on download only'
        module.exit_json(**results)

Installing Efixes

Finally, the main function installs the efixes using the run_installer function. If the installation fails, it cleans up the working directory and exits with an error. If successful, it logs the completion message and exits.

    module.debug('*** UPDATE ***')
    if not run_installer(results['meta']['4.2.check'], workdir, resize_fs):
        msg = 'Failed to install fixes, please check meta and log data.'
        results['msg'] = msg
        if clean and os.path.exists(workdir):
            shutil.rmtree(workdir, ignore_errors=True)
        module.fail_json(**results)

    if clean and os.path.exists(workdir):
        shutil.rmtree(workdir, ignore_errors=True)

    results['msg'] = 'FLRTVC completed successfully'
    module.log(results['msg'])
    module.exit_json(**results)

 

This is an auto-generated document by Swimm 🌊 and has not yet been verified by a human