Posted May 19May 19 function check_updates() { local server="$1" local environment="$2" # Define environment-to-tag mapping declare -A env_tags=( [prod]="AMPROD EMPROD MONPA MONPE MONPO OCPROD OGGPA OGGPE OGGPO ORMsPA ORMsPE ORMsPO" [dev]="AMDEV EMDEV MONDA MONDE MONDO OCDEV OGGDA OGGDE OGGDO ORMsDA ORMsDE ORMsDO" [uat]="AMUAT EMUAT MONUA MONUE MONUO OCUAT OGGUA OGGUE OGGUO ORMsUA ORMsUE ORMsUO" ) # Define environment-to-tag mapping declare -A env_tags=( [prod]="AMPROD OCPROD EMPROD OGGPA MONAP MONEP MONOP" [dev]="OCDEV AMDEV EMDEV" [uat]="AMUAT OCUAT EMUAT MONOCU MONAMU MONEMU" ) case "$environment" in prod|PROD|Prod|production|Production) env="prod" ;; dev|DEV|Dev|development|Development) env="dev" ;; uat|UAT|Uat|test|Test) env="uat" ;; *) env="" ;; esac # Get the tags for the specified environment local tags="${env_tags[$env]}" if [ -z "$tags" ]; then echo -e "${light_red}Error:${default} Invalid or unspecified environment." return 1 fi # Fetch the server tag local server_tag=$(getJPTags "$server" "$env") # Get the tags for the specified environment local tags="${env_tags[$env]}" if [ -z "$tags" ]; then echo -e "${light_red}Error:${default} Invalid or unspecified environment." return 1 fi # Fetch the server tag local server_tag=$(getJPTags "$server" "$env") echo -en "${light_cyan}Checking ${white}$server (${dark_gray}${server_tag}${white})...${default} " # Get OS type OS_TYPE=$(ssh -o BatchMode=yes -o ConnectTimeout=${SSH_TIMEOUT} "$server" "awk -F= '/^ID=/{print \$2}' /etc/os-release" 2>/dev/null | tr -d '\"' | tr -d '[:space:]') SSH_EXIT_CODE=$? if [[ -z "$OS_TYPE" ]] || [[ $SSH_EXIT_CODE -ne 0 ]]; then note_color=${light_red} count_color=${light_red} COUNT="Error" OPERATING_SYS="Error: Unknown" count_note="Connection failed (or unexpected output) on ${white}$server${note_color}" log_note="Connection failed (or unexpected output)" echo -en "${count_color}Patches Needed: ${COUNT}${default} " echo -e "${light_yellow}[${default}NOTE${light_yellow}] ${light_blue}OS: ${light_cyan}${OPERATING_SYS} ${note_color}${count_note}${default}" echo "${SYS_DATE_TIME},${server},${OPERATING_SYS},${COUNT},${log_note}" >> "$LOGFILE" return fi case "$OS_TYPE" in rhel) OPERATING_SYS="RedHat Linux" ;; centos) OPERATING_SYS="CentOS Linux" ;; almalinux) OPERATING_SYS="Alma Linux" ;; rocky) OPERATING_SYS="Rocky Linux" ;; amazon) OPERATING_SYS="Amazon Linux" ;; oracle) OPERATING_SYS="Oracle Linux" ;; fedora) OPERATING_SYS="Fedora Linux" ;; ubuntu) OPERATING_SYS="Ubuntu" ;; kali) OPERATING_SYS="Kali Linux" ;; debian) OPERATING_SYS="Debian Linux" ;; arch) OPERATING_SYS="Arch Linux" ;; manjaro) OPERATING_SYS="Manjaro Linux" ;; opensuse) OPERATING_SYS="openSUSE Linux" ;; suse) OPERATING_SYS="SUSE Linux" ;; gentoo) OPERATING_SYS="Gentoo Linux" ;; slackware) OPERATING_SYS="Slackware" ;; alpine) OPERATING_SYS="Alpine Linux" ;; *) OPERATING_SYS="Unknown ${OS_TYPE} Linux Distro" ;; esac if [[ "$OS_TYPE" == "rhel" || "$OS_TYPE" == "centos" || "$OS_TYPE" == "fedora" || "$OS_TYPE" == "rocky" || "$OS_TYPE" == "almalinux" || "$OS_TYPE" == "oracle" ]]; then CMD_UPDATE_INFO="sudo yum -q --security updateinfo list | grep -v '^Update ID' | awk '{print \$1}' | sort -u | wc -l" CMD_UPDATE_SIZE="yes N | sudo yum update | awk -F\": \" '/^Total download size/{print $2}'" CMD_DISK_CHECK="df --output=avail /var | tail -n1 | awk '{print int(\$1/1024)}'" CMD_DISK_ROOT_CHECK="df --output=avail / | tail -n1 | awk '{print int(\$1/1024)}'" CLEAN_CMD="sudo yum clean all && sudo rm -rf /var/cache/dnf/*" elif [[ "$OS_TYPE" == "ubuntu" || "$OS_TYPE" == "debian" || "$OS_TYPE" == "kali" ]]; then CMD_UPDATE_INFO="sudo apt list --upgradable 2>/dev/null | grep -c 'security'" CMD_UPDATE_SIZE="sudo apt list --upgradeable 2>/dev/null | awk -F'[][]' '/security/ {sum+=$2} END {print int(sum/1024)}'" CMD_DISK_CHECK="df --output=avail /var | tail -n1 | awk '{print int(\$1/1024)}'" CMD_DISK_ROOT_CHECK="df --output=avail / | tail -n1 | awk '{print int(\$1/1024)}'" CLEAN_CMD="sudo apt clean" else return fi # Fetch update count COUNT=$(ssh -o LogLevel=Error -o BatchMode=yes -o ConnectTimeout=${SSH_TIMEOUT} "$server" "$CMD_UPDATE_INFO" 2>/dev/null | grep -E '^[0-9]+$' | head -n1) # Estimate update size UPDATE_SIZE_MB=$(ssh -o LogLevel=Error -o BatchMode=yes -o ConnectTimeout=${SSH_TIMEOUT} "$server" "$CMD_UPDATE_SIZE" 2>/dev/null | grep -E '^[0-9]+$' | head -n1) [[ -z "$UPDATE_SIZE_MB" ]] && UPDATE_SIZE_MB=1000 # Default to 1GB if unable to estimate # Check available disk space AVAILABLE_MB=$(ssh -o LogLevel=Error -o BatchMode=yes -o ConnectTimeout=${SSH_TIMEOUT} "$server" "$CMD_DISK_CHECK" 2>/dev/null | grep -E '^[0-9]+$' | head -n1) AVAILABLE_ROOT_MB=$(ssh -o LogLevel=Error -o BatchMode=yes -o ConnectTimeout=${SSH_TIMEOUT} "$server" "$CMD_DISK_ROOT_CHECK" 2>/dev/null | grep -E '^[0-9]+$' | head -n1) # Set required space (update size + safety buffer) REQUIRED_SPACE_MB=$((UPDATE_SIZE_MB + SAFETY_BUFFER_MB)) # Determine compliance SSH_EXIT_CODE=$? if [[ -z "$COUNT" ]] || [[ $SSH_EXIT_CODE -ne 0 ]]; then note_color=${light_red} count_color=${light_red} COUNT="Error" count_note="Connection failed (or unexpected output) on ${white}$server${note_color}" log_note="Connection failed (or unexpected output)" echo return elif [[ "$COUNT" -gt 5 ]]; then note_color=${light_red} count_color=${light_red} count_note="${white}$server${note_color} is out of Compliance" log_note="$server is out of Compliance" NON_COMPLIANT_SERVERS+=("$server") elif [[ "$COUNT" -gt 0 ]]; then note_color=${green} count_color=${light_yellow} count_note="${white}$server${note_color} is within Standard Compliance" log_note="$server is within Standard Compliance" elif [[ "$COUNT" -eq 0 ]]; then note_color=${light_green} count_color=${light_green} count_note="${white}$server${note_color} is Compliant" log_note="$server is Compliant" fi if [[ "$AVAILABLE_ROOT_MB" -lt "$REQUIRED_SPACE_MB" ]]; then note_color=${light_red} count="Error" count_note="Root folder did not meet space requirements, there is insufficient disk space on ${white}$server${note_color}. Space needed ${white}$(( REQUIRED_SPACE_MB - AVAILABLE_ROOT_MB ))${dark_gray}mb" log_note="Root folder did not meet space requirements: there is insufficient disk space on $server. Space needed $(( REQUIRED_SPACE_MB - AVAILABLE_ROOT_MB ))mb" else if [[ "$AVAILABLE_MB" -lt "$REQUIRED_SPACE_MB" ]]; then CLEAN_ATTEMPT=$(ssh -o LogLevel=Error -o BatchMode=yes -o ConnectTimeout=${SSH_TIMEOUT} "$server" "$CLEAN_CMD" 2>/dev/null) AVAILABLE_MB=$(ssh -o LogLevel=Error -o BatchMode=yes -o ConnectTimeout=${SSH_TIMEOUT} "$server" "$CMD_DISK_CHECK" 2>/dev/null | grep -E '^[0-9]+$' | head -n1) if [[ "$AVAILABLE_MB" -lt "$REQUIRED_SPACE_MB" ]]; then note_color=${light_red} count="Error" count_note="Clean up attempts did not meet space requirements, there is insufficient disk space on ${white}$server${note_color}. Space needed ${white}$(( REQUIRED_SPACE_MB - AVAILABLE_MB ))${dark_gray}mb" log_note="Clean up attempts did not meet space requirements: there is insufficient disk space on $server. Space needed $(( REQUIRED_SPACE_MB - AVAILABLE_MB ))mb" else note_color=${light_green} count_note="After clean up attempt, disk space was recovered on ${white}$server${note_color}. Space available $(( AVAILABLE_MB - REQUIRED_SPACE_MB + 1000 ))${dark_gray}mb" log_note="After clean up attempt: disk space was recovered on $server. Space available $(( AVAILABLE_MB - REQUIRED_SPACE_MB + 1000 ))mb" fi fi fi # Get system Date and Time: SYS_DATE_TIME="$(date +"%b %d %Y %I:%M%p")" echo -en "${count_color}Patches Needed: ${COUNT}${default} " echo -e "${light_yellow}[${default}NOTE${light_yellow}] ${light_blue}OS: ${light_cyan}${OPERATING_SYS} ${note_color}${count_note}${default}" echo "${SYS_DATE_TIME},${server},${server_tag},${OPERATING_SYS},${COUNT},${log_note},${AVAILABLE_ROOT_MB},${AVAILABLE_MB},${REQUIRED_SPACE_MB}" >> "$LOGFILE" }
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.