Update centrally managed files

.github/workflows/check.yaml

@@ -25,7 +25,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        python-version: ["3.8", "3.10"]
+        python-version: ['3.8', '3.10']
     runs-on: ubuntu-22.04
     steps:
     - uses: actions/checkout@v4
@@ -52,7 +52,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        python-version: ["3.8", "3.10"]
+        python-version: ['3.8', '3.10']
     runs-on: ubuntu-22.04
     steps:
     - uses: actions/checkout@v4

actions/ack-reboot.py

@@ -26,8 +26,6 @@
 if hookenv.config("reboot"):
     reboot_time = nrpe_helpers.set_known_reboot_time()
     services.get_manager().reconfigure_services("nrpe-config")
-    hookenv.action_set(
-        {"message": "known reboot time updated to {}".format(reboot_time)}
-    )
+    hookenv.action_set({"message": "known reboot time updated to {}".format(reboot_time)})
 else:
     hookenv.action_fail("reboot check is not enabled, this action has no effect")

files/plugins/check_arp_cache.py

@@ -45,14 +45,10 @@ def check_arp_cache(warn, crit):
     crit_threshold = gc_thresh3 * crit / 100
 
     if arp_cache >= crit_threshold:
-        message = "CRITICAL: arp cache is more than {} of limit, {}".format(
-            crit, extra_info
-        )
+        message = "CRITICAL: arp cache is more than {} of limit, {}".format(crit, extra_info)
         raise CriticalError(message)
     if arp_cache >= warn_threshold:
-        message = "WARNING: arp cache is more than {} of limit, {}".format(
-            warn, extra_info
-        )
+        message = "WARNING: arp cache is more than {} of limit, {}".format(warn, extra_info)
         raise WarnError(message)
 
     print("OK: arp cache is healthy: {}".format(extra_info))

files/plugins/check_cis_audit.py

@@ -125,9 +125,7 @@ def check_cis_audit(target_profile, max_age, tailoring, warning, critical):
             msg.format("CRITICAL", score, critical, warning, profile, results_filepath)
         )
     if score < warning:
-        raise WarnError(
-            msg.format("WARNING", score, critical, warning, profile, results_filepath)
-        )
+        raise WarnError(msg.format("WARNING", score, critical, warning, profile, results_filepath))
 
     if target_profile != "" and target_profile != profile:
         msg = (
@@ -170,7 +168,7 @@ def parse_args(args):
         "-t",
         action="store_true",
         default=False,
-        help="Whether is using the default tailoring file or not."
+        help="Whether is using the default tailoring file or not.",
     )
     parser.add_argument(
         "--warn",

files/plugins/check_lacp_bond.py

@@ -115,10 +115,7 @@ def parse_args():
 
     if not args.iface:
         ifaces = map(os.path.basename, glob.glob("/sys/class/net/bond?"))
-        print(
-            "UNKNOWN: Please specify one of these bond "
-            "ifaces: {}".format(",".join(ifaces))
-        )
+        print("UNKNOWN: Please specify one of these bond " "ifaces: {}".format(",".join(ifaces)))
         sys.exit(1)
     return args
 

files/plugins/check_netlinks.py

@@ -58,15 +58,12 @@ def check_iface(iface, skiperror, crit_thr):
                 continue
             else:
                 raise CriticalError(
-                    "CRITICAL: {} ({} returns "
-                    "invalid argument)".format(iface, metric_key)
+                    "CRITICAL: {} ({} returns " "invalid argument)".format(iface, metric_key)
                 )
 
         if metric_key == "operstate" and metric_value != "up":
             if metric_value != crit_thr["operstate"]:
-                raise CriticalError(
-                    "CRITICAL: {} link state is {}".format(iface, metric_value)
-                )
+                raise CriticalError("CRITICAL: {} link state is {}".format(iface, metric_value))
 
         if metric_value != crit_thr[metric_key]:
             raise CriticalError(
@@ -79,8 +76,7 @@ def check_iface(iface, skiperror, crit_thr):
             crit_thr[metric] = "n/a"
     crit_thr["iface"] = iface
     print(
-        "OK: {iface} matches thresholds: "
-        "o:{operstate}, m:{mtu}, s:{speed}".format(**crit_thr)
+        "OK: {iface} matches thresholds: " "o:{operstate}, m:{mtu}, s:{speed}".format(**crit_thr)
     )
 
 
@@ -107,9 +103,7 @@ def parse_args():
         type=str,
         help="operstate: up, down, unknown (default: up)",
     )
-    parser.add_argument(
-        "--mtu", "-m", default="1500", type=str, help="mtu size (default: 1500)"
-    )
+    parser.add_argument("--mtu", "-m", default="1500", type=str, help="mtu size (default: 1500)")
     parser.add_argument(
         "--speed",
         "-s",
@@ -121,10 +115,7 @@ def parse_args():
 
     if not args.iface:
         ifaces = map(os.path.basename, glob.glob("/sys/class/net/*"))
-        print(
-            "UNKNOWN: Please specify one of these "
-            "ifaces: {}".format(",".join(ifaces))
-        )
+        print("UNKNOWN: Please specify one of these " "ifaces: {}".format(",".join(ifaces)))
         sys.exit(1)
     return args
 

files/plugins/check_reboot.py

@@ -77,9 +77,7 @@ def main():
     parser.add_argument(
         "known_reboot_time",
         type=convert_time,
-        help="in format {}, same as output from `uptime --since`".format(
-            UPTIME_FORMAT_HUMAN
-        ),
+        help="in format {}, same as output from `uptime --since`".format(UPTIME_FORMAT_HUMAN),
     )
 
     args = parser.parse_args()
@@ -90,13 +88,9 @@ def main():
     # `uptime --since` output maybe flapping because ntp is changing sytem time
     # here we allow 5s gap to avoid fake alert
     if delta.total_seconds() > 5.0:
-        nagios_exit(
-            NAGIOS_STATUS_CRITICAL, "unknown reboot at {}".format(current_reboot_time)
-        )
+        nagios_exit(NAGIOS_STATUS_CRITICAL, "unknown reboot at {}".format(current_reboot_time))
     else:
-        nagios_exit(
-            NAGIOS_STATUS_OK, "system is up since {}".format(current_reboot_time)
-        )
+        nagios_exit(NAGIOS_STATUS_OK, "system is up since {}".format(current_reboot_time))
 
 
 if __name__ == "__main__":

files/plugins/check_ro_filesystem.py

@@ -44,9 +44,7 @@ def check_ro_filesystem(excludes=""):
         # if current fs matches EXCLUDE_FS then next, else check it's not readonly
         if fs in EXCLUDE_FS:
             continue
-        if not any(
-            mount_point.startswith(exclusion.strip()) for exclusion in exclude_mounts
-        ):
+        if not any(mount_point.startswith(exclusion.strip()) for exclusion in exclude_mounts):
             mount_options = mount_options.split(",")
             if "ro" in mount_options:
                 ro_filesystems.append(mount_point)

files/plugins/check_status_file.py

@@ -36,9 +36,7 @@ def parse_args():
         default="WARNING",
         help="String indicating warning status",
     )
-    parser.add_argument(
-        "-o", "--ok-text", default="OK", help="String indicating OK status"
-    )
+    parser.add_argument("-o", "--ok-text", default="OK", help="String indicating OK status")
     parser.add_argument(
         "-u",
         "--unknown-text",

files/plugins/check_systemd.py

@@ -23,9 +23,7 @@
     try:
         service_unit = manager.LoadUnit(service_name)
         service_proxy = bus.get_object("org.freedesktop.systemd1", str(service_unit))
-        service = dbus.Interface(
-            service_proxy, dbus_interface="org.freedesktop.systemd1.Unit"
-        )
+        service = dbus.Interface(service_proxy, dbus_interface="org.freedesktop.systemd1.Unit")
         service_res = service_proxy.Get(
             "org.freedesktop.systemd1.Unit",
             "SubState",

files/plugins/check_systemd_scopes.py

@@ -51,9 +51,7 @@ def count_systemd_scopes_state(state):
         )
     except ValueError:
         # ideally, this should never occur
-        raise UnknownError(
-            "UNKNOWN: Counting systemd abandoned state scopes returns non-integer"
-        )
+        raise UnknownError("UNKNOWN: Counting systemd abandoned state scopes returns non-integer")
 
 
 def check_systemd_scopes(args):
@@ -65,23 +63,17 @@ def check_systemd_scopes(args):
             "CRITICAL: System has {} systemd scopes in error state".format(error_count)
         )
     elif error_count >= args.warn_error:
-        raise WarnError(
-            "WARNING: System has {} systemd scopes in error state".format(error_count)
-        )
+        raise WarnError("WARNING: System has {} systemd scopes in error state".format(error_count))
 
     # Check scopes in 'abandoned' state
     abandoned_count = count_systemd_scopes_state("abandoned")
     if error_count >= args.crit_abandoned:
         raise CriticalError(
-            "CRITICAL: System has {} systemd scopes in abandoned state".format(
-                error_count
-            )
+            "CRITICAL: System has {} systemd scopes in abandoned state".format(error_count)
         )
     elif error_count >= args.warn_abandoned:
         raise WarnError(
-            "WARNING: System has {} systemd scopes in abandoned state".format(
-                error_count
-            )
+            "WARNING: System has {} systemd scopes in abandoned state".format(error_count)
         )
 
     # With no nagios errors raised, we are in an "OK" state
@@ -107,9 +99,7 @@ def positive_int(value):
 
 def parse_args(args=None):
     """Parse command-line options."""
-    parser = ArgumentParser(
-        description=__doc__, formatter_class=ArgumentDefaultsHelpFormatter
-    )
+    parser = ArgumentParser(description=__doc__, formatter_class=ArgumentDefaultsHelpFormatter)
 
     # Thresholds for the scopes in 'error' state
     parser.add_argument(

files/plugins/check_xfs_errors.py

@@ -35,9 +35,7 @@
 # dmesg -T formatted timestamps are inside [], so we need to add them
 datetime_delta = datetime.now() - timedelta(minutes=check_delta)
 
-recent_logs = [
-    i for i in err_results if datetime.strptime(i[1:25], "%c") >= datetime_delta
-]
+recent_logs = [i for i in err_results if datetime.strptime(i[1:25], "%c") >= datetime_delta]
 
 if recent_logs:
     print("CRITICAL: Recent XFS errors in kern.log." + "\n" + "{}".format(recent_logs))

files/plugins/cron_cis_audit.py

@@ -126,8 +126,7 @@ def run_audit(profile):
     try:
         print("Run cis-audit: {}".format(cmd_run_audit), flush=True)
         subprocess.run(
-            cmd_run_audit, stdout=subprocess.DEVNULL,
-            stderr=subprocess.DEVNULL, check=True
+            cmd_run_audit, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL, check=True
         )
         _set_permissions()
     except subprocess.CalledProcessError as e:
@@ -170,7 +169,7 @@ def parse_args(args):
         "-t",
         action="store_true",
         default=False,
-        help="Whether is using the default tailoring file or not."
+        help="Whether is using the default tailoring file or not.",
     )
 
     args = parser.parse_args(args)
@@ -188,9 +187,7 @@ def main():
     # folder does not exist - usg-cisbenchmark likely not installed
     if not os.path.exists(AUDIT_FOLDER) and DISTRO_VERSION < 20:
         raise FileNotFoundError(
-            "Folder {} does not exist, is usg-cisbenchmark installed?".format(
-                AUDIT_FOLDER
-            )
+            "Folder {} does not exist, is usg-cisbenchmark installed?".format(AUDIT_FOLDER)
         )
 
     # Ensure a single instance via a simple pidfile