From 89c44bbff7dcfd824c328cecc839f15f508a3356 Mon Sep 17 00:00:00 2001
From: Phillipe Smith <phsmithcc@gmail.com>
Date: Sat, 31 Aug 2024 12:56:01 -0300
Subject: [PATCH 1/3] chore: update docker-compose example

---
 README.md                                     | 30 ++++-----
 charts/values.yaml                            |  7 +-
 .../configs/rundeck/etc/exporter.aclpolicy    | 64 +++++++++++++++++++
 .../configs/rundeck/etc/realm.properties      | 12 ++++
 .../configs/rundeck/etc/tokens.properties     |  2 +
 examples/docker-compose/docker-compose.yml    | 14 ++--
 6 files changed, 106 insertions(+), 23 deletions(-)
 create mode 100644 examples/docker-compose/configs/rundeck/etc/exporter.aclpolicy
 create mode 100644 examples/docker-compose/configs/rundeck/etc/realm.properties
 create mode 100644 examples/docker-compose/configs/rundeck/etc/tokens.properties

diff --git a/README.md b/README.md
index 4de45b1..430558a 100644
--- a/README.md
+++ b/README.md
@@ -61,20 +61,20 @@ The ACL associated with the token/user must have the following policy rules as a
 Example ACL Policy allowing a user named "exporter" to get system metrics as well as execution metrics for any project:
 
 ```yaml
-by:
-  username: exporter
-description: system:read
-for:
-  resource:
-  - allow:
-    - read
-    equals:
-      kind: system
-context:
-  application: rundeck
+  by:
+    username: user
+  description: system:read
+  for:
+    resource:
+    - allow:
+      - read
+      equals:
+        kind: system
+  context:
+    application: rundeck
 ---
 by:
-  username: exporter
+  username: user
 description: project:read
 for:
   project:
@@ -86,7 +86,7 @@ context:
   application: rundeck
 ---
 by:
-  username: exporter
+  username: user
 description: events:read
 for:
   resource:
@@ -102,7 +102,7 @@ context:
   project: .*
 ---
 by:
-  username: exporter
+  username: user
 description: Allow [read] for node
 for:
   node:
@@ -115,7 +115,7 @@ context:
 
 ---
 by:
-  username: exporter
+  username: user
 description: Allow [read] for (All) node
 for:
   resource:
diff --git a/charts/values.yaml b/charts/values.yaml
index 20e0c10..e850e3e 100644
--- a/charts/values.yaml
+++ b/charts/values.yaml
@@ -9,8 +9,8 @@ env:
   RUNDECK_EXPORTER_DEBUG: true
   RUNDECK_EXPORTER_HOST: 0.0.0.0
   RUNDECK_EXPORTER_PORT: 9620
-  RUNDECK_URL: "your-rundeck-url"
-  RUNDECK_TOKEN: "your-rundeck-token"
+  RUNDECK_URL: "http://localhost:4440"
+  RUNDECK_TOKEN: "exporter_auth_token"
   # RUNDECK_USERNAME: "your-rundeck-username"
   # RUNDECK_USERPASSWORD: "your-rundeck-password"
   RUNDECK_API_VERSION: 40
@@ -80,9 +80,8 @@ serviceMonitor:
   enabled: true
   # name: <defaults to rundeck-exporter-monitor>
   # namespace: <defaults to helm release namespace>
-  interval: 30s
-
   path: /
+  interval: 30s
   scrapeTimeout: 10s
 
 resources: {}
diff --git a/examples/docker-compose/configs/rundeck/etc/exporter.aclpolicy b/examples/docker-compose/configs/rundeck/etc/exporter.aclpolicy
new file mode 100644
index 0000000..d69d838
--- /dev/null
+++ b/examples/docker-compose/configs/rundeck/etc/exporter.aclpolicy
@@ -0,0 +1,64 @@
+  by:
+    username: exporter
+  description: system:read
+  for:
+    resource:
+    - allow:
+      - read
+      equals:
+        kind: system
+  context:
+    application: rundeck
+---
+by:
+  username: exporter
+description: project:read
+for:
+  project:
+  - allow:
+    - read
+    match:
+      name: .*
+context:
+  application: rundeck
+---
+by:
+  username: exporter
+description: events:read
+for:
+  resource:
+  - allow:
+    - read
+    equals:
+      kind: event
+  job:
+  - allow:
+    - read
+    - view
+context:
+  project: .*
+---
+by:
+  username: exporter
+description: Allow [read] for node
+for:
+  node:
+  - allow:
+    - read
+    match:
+      nodename: .*
+context:
+  project: .*
+
+---
+by:
+  username: exporter
+description: Allow [read] for (All) node
+for:
+  resource:
+  - allow:
+    - read
+    equals:
+      kind: node
+context:
+  project: .*
diff --git a/examples/docker-compose/configs/rundeck/etc/realm.properties b/examples/docker-compose/configs/rundeck/etc/realm.properties
new file mode 100644
index 0000000..37ed888
--- /dev/null
+++ b/examples/docker-compose/configs/rundeck/etc/realm.properties
@@ -0,0 +1,12 @@
+#
+# This file defines users passwords and roles for a HashUserRealm
+#
+# The format is
+#  <username>: <password>[,<rolename> ...]
+#
+# Passwords may be clear text, obfuscated or checksummed.
+#
+# This sets the default user accounts for the Rundeck apps
+#
+admin:admin,user,admin
+exporter:exporter,user
diff --git a/examples/docker-compose/configs/rundeck/etc/tokens.properties b/examples/docker-compose/configs/rundeck/etc/tokens.properties
new file mode 100644
index 0000000..8eeabee
--- /dev/null
+++ b/examples/docker-compose/configs/rundeck/etc/tokens.properties
@@ -0,0 +1,2 @@
+admin: exporter_admin_auth_token, admin
+exporter: exporter_auth_token, user
diff --git a/examples/docker-compose/docker-compose.yml b/examples/docker-compose/docker-compose.yml
index 17af31b..ef7f3a9 100644
--- a/examples/docker-compose/docker-compose.yml
+++ b/examples/docker-compose/docker-compose.yml
@@ -1,15 +1,20 @@
 version: "3"
 services:
   rundeck:
-    image: rundeck/rundeck:4.6.1
+    image: rundeck/rundeck:4.8.0
     ports:
       - 4440:4440
     environment:
       RUNDECK_GRAILS_URL: http://localhost:4440
+      RUNDECK_SERVER_ADDRESS: 0.0.0.0
+      RUNDECK_TOKENS_FILE: /home/rundeck/etc/tokens.properties
+      RUNDECK_METRICS_ENABLED: true
     tty: true
     volumes:
       - ./data/rundeck:/home/rundeck/server/data
-      - ./configs/rundeck/remco/templates/rundeck-config.properties:/etc/remco/templates/rundeck-config.properties
+      - ./configs/rundeck/etc/exporter.aclpolicy:/home/rundeck/etc/exporter.aclpolicy
+      - ./configs/rundeck/etc/realm.properties:/home/rundeck/etc/realm.properties
+      - ./configs/rundeck/etc/tokens.properties:/home/rundeck/etc/tokens.properties
     healthcheck:
       test: ["CMD", "curl", "-f", "http://localhost:4440"]
       interval: 30s
@@ -20,11 +25,11 @@ services:
     ports:
       - 9620:9620
     environment:
-      RUNDECK_EXPORTER_DEBUG: "False"
+      RUNDECK_EXPORTER_DEBUG: "True"
       RUNDECK_EXPORTER_HOST: 0.0.0.0
       RUNDECK_EXPORTER_PORT: 9620
       RUNDECK_URL: "http://rundeck:4440"
-      RUNDECK_TOKEN: "PLACE_RUNDECK_API_TOKEN_HERE"
+      RUNDECK_TOKEN: "exporter_auth_token"
       RUNDECK_API_VERSION: 40
       RUNDECK_SKIP_SSL: "False"
       RUNDECK_PROJECTS_EXECUTIONS: "True"
@@ -33,6 +38,7 @@ services:
       # RUNDECK_CACHED_REQUESTS_TTL: 120
       RUNDECK_CPU_STATS: "True"
       RUNDECK_MEMORY_STATS: "True"
+      RUNDECK_PROJECTS_NODES_INFO: "True"
     depends_on:
       rundeck:
         condition: service_healthy

From ebbccf7971f6bd46d47257ad0284096fda3df3c5 Mon Sep 17 00:00:00 2001
From: Phillipe Smith <phsmithcc@gmail.com>
Date: Sat, 31 Aug 2024 13:00:06 -0300
Subject: [PATCH 2/3] fix(#98): move metrics variable for correct permission
 issue message.

---
 rundeck_exporter.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/rundeck_exporter.py b/rundeck_exporter.py
index dfd9fd3..0bd62d9 100755
--- a/rundeck_exporter.py
+++ b/rundeck_exporter.py
@@ -443,6 +443,7 @@ def collect(self):
         """
         Rundeck system info
         """
+        metrics = self.request('/metrics/metrics')
         system_info = self.request('/system/info')
         api_version = int(system_info['system']['rundeck']['apiversion'])
         execution_mode = system_info['system'].get('executions', {}).get('executionMode')
@@ -477,8 +478,6 @@ def collect(self):
                             + ' Some metrics like rundeck_scheduler_quartz_* will not be available.'
                             + ' Use Username and Password options to get the metrics.')
         else:
-            metrics = self.request('/metrics/metrics')
-
             for counters in self.get_counters(metrics):
                 yield counters
 

From 208893cff42d5b9bd000fd9d7301605e8b3f8f87 Mon Sep 17 00:00:00 2001
From: Phillipe Smith <phsmithcc@gmail.com>
Date: Sat, 31 Aug 2024 13:16:09 -0300
Subject: [PATCH 3/3] feat(#97): add rundeck_execution_mode_<active/passive>
 metrics

---
 CHANGELOG.md        | 17 ++++++++++++++++-
 charts/values.yaml  |  2 +-
 docs/METRICS.md     | 20 ++++++++++++++++++++
 rundeck_exporter.py | 28 +++++++++++++++++++++++++---
 4 files changed, 62 insertions(+), 5 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 1d01033..3dd764a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,20 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [2.8.0] - 2024-08-31
+### Added
+
+- Issue [#97](https://github.com/phsmith/rundeck_exporter/issues/97), new rundeck_execution_mode_<active/passive> metrics.
+
+### Changed
+
+- Update Docker Compose example files.
+
+## Fixed
+
+- Issue [#95](https://github.com/phsmith/rundeck_exporter/issues/95), improved and fixed the exporter helm chart.
+- Issue [#98](https://github.com/phsmith/rundeck_exporter/issues/98), fixed exception errors when the user does not have the required permissions.
+
 ## [2.7.1] - 2024-05-30
 ### Added
 
@@ -284,7 +298,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Added
 - Initial release
 
-[unreleased]: https://github.com/phsmith/rundeck_exporter/compare/v2.7.1...HEAD
+[unreleased]: https://github.com/phsmith/rundeck_exporter/compare/v2.8.0...HEAD
+[2.8.0]: https://github.com/phsmith/rundeck_exporter/compare/v2.7.1...v2.8.0
 [2.7.1]: https://github.com/phsmith/rundeck_exporter/compare/v2.7.0...v2.7.1
 [2.7.0]: https://github.com/phsmith/rundeck_exporter/compare/v2.6.5...v2.7.0
 [2.6.5]: https://github.com/phsmith/rundeck_exporter/compare/v2.6.4...v2.6.5
diff --git a/charts/values.yaml b/charts/values.yaml
index e850e3e..7f459e6 100644
--- a/charts/values.yaml
+++ b/charts/values.yaml
@@ -3,7 +3,7 @@ replicaCount: 1
 image:
   repository: phsmith/rundeck-exporter
   pullPolicy: IfNotPresent
-  tag: 2.7.1
+  tag: 2.8.0
 
 env:
   RUNDECK_EXPORTER_DEBUG: true
diff --git a/docs/METRICS.md b/docs/METRICS.md
index 5abdd66..1c7bf13 100644
--- a/docs/METRICS.md
+++ b/docs/METRICS.md
@@ -229,3 +229,23 @@ rundeck_project_execution_status{execution_id="2016583",job_id="39156aa3-978d-43
 rundeck_project_execution_status{execution_id="2016583",job_id="39156aa3-978d-43d3-a642-1fb217b5822f",job_name="rundeck_job",project_name="rundeck_project",status="aborted"} 0.0
 rundeck_project_execution_status{execution_id="2016583",job_id="39156aa3-978d-43d3-a642-1fb217b5822f",job_name="rundeck_job",project_name="rundeck_project",status="unknown"} 0.0
 ```
+
+## rundeck_execution_mode_active
+
+Rundeck active execution mode status.
+
+```
+# HELP rundeck_execution_mode_active Rundeck Active Execution Mode Status
+# TYPE rundeck_execution_mode_active gauge
+rundeck_execution_mode_active{instance_address="rundeck:4440"} 1.0
+```
+
+## rundeck_execution_mode_passive
+
+Rundeck passive execution mode status.
+
+```
+# HELP rundeck_execution_mode_passive Rundeck Passive Execution Mode Status
+# TYPE rundeck_execution_mode_passive gauge
+rundeck_execution_mode_passive{instance_address="rundeck:4440"} 0.0
+```
diff --git a/rundeck_exporter.py b/rundeck_exporter.py
index 0bd62d9..0e37dcf 100755
--- a/rundeck_exporter.py
+++ b/rundeck_exporter.py
@@ -27,7 +27,7 @@
 __author__ = 'Phillipe Smith'
 __author_email__ = 'phsmithcc@gmail.com'
 __app__ = 'rundeck_exporter'
-__version__ = '2.7.1'
+__version__ = '2.8.0'
 
 # Disable InsecureRequestWarning
 requests.urllib3.disable_warnings()
@@ -223,6 +223,7 @@ def request(self, endpoint: str) -> dict:
                 session.post(
                     f'{self.args.rundeck_url}/j_security_check',
                     data={"j_username": self.args.rundeck_username, "j_password": self.rundeck_userpassword},
+                    allow_redirects=True,
                     verify=not self.args.rundeck_skip_ssl
                 )
 
@@ -454,12 +455,33 @@ def collect(self):
         )
         rundeck_system_info.add_metric(self.default_labels_values, {x: str(y) for x, y in system_info['system']['rundeck'].items()})
 
+        """
+        Rundeck server execution mode
+        """
         logging.debug(f'Rundeck execution mode: {execution_mode}.')
 
-        if self.args.no_checks_in_passive_mode and execution_mode == 'passive':
-            return
+        rundeck_execution_mode_active = GaugeMetricFamily(
+            'rundeck_execution_mode_active',
+            f'Rundeck Active Execution Mode Status',
+            labels=self.default_labels
+        )
+
+        rundeck_execution_mode_passive = GaugeMetricFamily(
+            'rundeck_execution_mode_passive',
+            f'Rundeck Passive Execution Mode Status',
+            labels=self.default_labels
+        )
+
+        if execution_mode == 'passive':
+            rundeck_execution_mode_active.add_metric(self.default_labels_values, 0)
+            rundeck_execution_mode_passive.add_metric(self.default_labels_values, 1)
+        else:
+            rundeck_execution_mode_active.add_metric(self.default_labels_values, 1)
+            rundeck_execution_mode_passive.add_metric(self.default_labels_values, 0)
 
         yield rundeck_system_info
+        yield rundeck_execution_mode_active
+        yield rundeck_execution_mode_passive
 
         """
         Rundeck system stats