harvest yml changes

deb/rpm harvest.example changes

Handle special characters in passwords

This change only addresses passwords in Pollers and Defaults. The bigger
refactor is to use HarvestConfig through out the codebase, but that was too
big a change at the moment. That change touches a lot more code.

When that change is made, the code in conf.LoadConfig can be removed.

fix remaining merge

Enable GitHub code scanning

Remove extra fmt workflow action

Remove redundant Slack section and polish

Add Dev team to clabot

Add license check and GitHub action

add zerolog pretty print for console

InsecureSkipVerify with basicauth

Correct httpd logging pattern

Replace snake case with camel

Fix mistyped package

Shelf purges instances too soon

Fixes #75

update clabot

allow user-defined URL for the influxDB server

update conf tests, move allow_addrs_regex: not influxdb parameter

auth test cases

Change triage label

Replace CCLA.pdf with online link to CCLA

Remove CONTRIBUTING_CCLA.pdf

uniform structure of collector doc, add explanation about metric collection/calculation

add known issue on WSL

update toc

add rename example, remove tabs disliked by markdown

removed allow_addrs_regex, not a parameter

tab to space

tab to space

remove redundant TOC; spelling

typos in docs

support/hacks for workload objects

templates for 4 workload objects

re-add earlier removed disk counters

chrishenzie has signed the CCLA

Make vendored copy of dependencies

handle panic in collector

Allow insecure Grafana TLS connections

`harvest/grafana` should not rewrite https connections into http

Fixes #111

enable caller for zerolog

Remove buildmode=plugin

Add support for cluster simulator
WIP Implement Caddy style plugins for collectors
Fix go vet warnings in node.go

enable stacktrace during errors

InfluxDB exporter should pass url unchanged

Thanks to @steverweber for the suggestion
Fixes #63

Add unique prom ports and export type

checks to doctor

Prometheus dashboards don't load when exemplar = true

Fixes #96

Don't run harvest as root on RHEL/Deb

See also #122

Improve harvest start behavior

Two cases are improved here:
1) Harvest detects when there is a stale pidfile and correctly restarts the poller process. A stale pidfile is when the pidfile exists in `/var/run/harvest` but there is no running process associated with that pid.

1) Harvest no longer suggests killing an already running poller when you try to start it. This is a a no-op.

Fixes #123

stop renamed pollers

resolved comments for stop pollers in case of rename

Addressed review comments Fixes #20

Restore Zapiperf support workload changes

add missing tag for labels pseudometric

cache ZAPI counters to distinct from own metircs

Update needs triage label

rpb deb bugs Fixes #50 Fixes #129

Auth_style should not be redacted

Run workflows on release branch

Remove unused graphite_leaves

PrometheusPort should be int

Trim absolute file system paths

Add -trimpath to go build so errors and stacktraces print
with module path@version instead of this

{"level":"info","Poller":"infinity","collector":"ZapiPerf:WAFLAggr","caller":"/var/jenkins_home/workspace/BuildHarvestArtifacts/harvest/cmd/poller/collector/collector.go:318","time":"2021-06-11T13:40:03-04:00","message":"recovered from standby mode, back to normal schedule"}

correct ghost poll kill

Sridevi has signed CCLA

Update README.md

Added Upgrade steps to README file
Removed specific links in the Installation steps
Overall updated format

Polish README.md

Reduce redundant information
Make tar gz example copy pasteable

Fix panic in unix.go

When a poller in harvest.yml is changed while a unix collector is running it panics

Fixes #160

Remove pidfiles

- Improve poller detection by injecting IS_HARVEST into exec-ed process's
environment.
- Simplify management code and improve accuracy
- Remove /var/run logic from RPM and Deb

script to validate metrics at runtime

typo

update changelog

update support md

update readme

run ghost kill poller during harvest start

Store reason as a label for disk.yaml so

that disk status is correctly reported

Fixes #182

check trailing newline needs to be done before splitlines

make sure stream trails with newline

label value can be empty

fix mistake in label regex

include empty keys, to make sure label set is consistent

fix export options, to avoid duplicate labels

properly parse boolean parameters

avoid metric name conflict

fix return value when nothing is scraped

drop using lib alias

typo in plugin params

Correcting Grafana Cluster Dashboard Typo plus other same typos

port range changes

resolved merge commits

port range review comments

Encapsulate port mapping

port range changes

Reduce the amount of time and attempts spinning

for status checks

Makes a big difference on Mac when process is not found
Goes from 19.5 seconds to (not) start 27 pollers to
1.9 seconds

Add README on how to setup per poller systemd

services.

Add generate systemd subcommand

check for duplicate metatags, since telegraf complains about this as well

ugly temporary solution against duplicate metatags

temporary fix to duplicate node labels, until fixed in Aggregator plugin

resolve conflicting names with system_node.yaml, to prevent label inconsistency

shelf dashboard: adding ovverride option for shelf field

Node Dashboard Bugs

.clabot

@@ -0,0 +1,19 @@
+{
+    "message": "Thank you for your interest in contributing to the Harvest project! We require contributors to sign our [Corporate contributor license agreement (CCLA)](https://github.com/NetApp/harvest/blob/main/CONTRIBUTING.md#creating-a-pull-request), and we don\"t have the user(s) {{usersWithoutCLA}} on file. In order for us to review and merge your code, please follow the instructions in step 6 of [creating a pull request](https://github.com/NetApp/harvest/blob/main/CONTRIBUTING.md#creating-a-pull-request). \nAfter signing the CCLA, you can ask us to recheck this PR by posting `@cla-bot check` as a comment to the PR.",
+    "label": "cla-signed",
+    "contributors": [
+        "$$$ Harvest Dev $$$",
+        "ybizeul",
+        "cgrinds",
+        "georgmey",
+        "schmots1",
+        "vgratian",
+        "rahulguptajss",
+        "mrydeen",
+        "ruanruijuan",
+        "hardikl",
+        "sridevimm",
+        "$$$ External $$$",
+        "chrishenzie"
+    ]
+}

.github/ISSUE_TEMPLATE/bug_report.md

@@ -2,7 +2,7 @@
 name: Bug report
 about: Create a report to help us improve
 title: ''
-labels: needs-triage
+labels: status/needs-triage
 assignees: ''
 
 ---

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,71 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ main ]
+  schedule:
+    - cron: '36 11 * * 6'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'go' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
+        # Learn more:
+        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v1
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+
+    #- run: |
+    #   make bootstrap
+    #   make release
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

.github/workflows/go.yml

@@ -1,10 +1,14 @@
-name: Build and Test
+name: Build, Test, License
 
 on:
   push:
-    branches: [ main ]
+    branches: 
+    - main
+    - 'release/**'
   pull_request:
-    branches: [ main ]
+    branches: 
+    - main
+    - 'release/**'
 
 jobs:
 
@@ -27,3 +31,23 @@ jobs:
     - name: Check code formatting using gofmt
       uses: Jerome1337/[email protected]
 
+  license_check:
+      name: License check
+      if: '!github.event.deleted'
+      runs-on: ubuntu-latest
+      steps:
+      - uses: actions/checkout@v2
+      - name: Install Go
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.15
+      - name: Install wwhrd
+        env:
+          GO111MODULE: 'off'
+        run: go get -u github.com/frapposelli/wwhrd
+      - name: go mod vendor
+        env:
+          GO111MODULE: 'on'
+        run: go mod vendor
+      - name: wwhrd check
+        run: wwhrd check

.gitignore

@@ -17,4 +17,5 @@
 
 # build directories
 bin/
-dist/
+dist/
+cert/

.wwhrd.yml

@@ -0,0 +1,9 @@
+# https://github.com/frapposelli/wwhrd
+# Check vendored licenses in your Go project
+---
+allowlist:
+  - Apache-2.0
+  - MIT
+  - BSD-2-Clause
+  - BSD-3-Clause
+  - MPL-2.0

ARCHITECTURE.md

@@ -2,15 +2,15 @@
 
 This document describes the high-level architecture of Harvest. If you want to familiarize yourself with the code base, you're in the right place!
 
-Harvest has a strong emphasize modular design, the core code-base is isolated from the code-base of secondary components - the philosophy is: adding new collectors, exporters or plugins should be simple.
+Harvest has a strong emphasis on modular design, the core code-base is isolated from the code-base of secondary components - the philosophy is: adding new collectors, exporters or plugins should be simple.
 
 ## Bird's Eye View
 
 Harvest consists of several processes/packages. All, except Poller, are short-lived processes. Here is an overview of the important ones:
 
 <center><img src="docs/harvest.png" width="50%"></center>
 
-* **harvest**: the main executable and entry-point for the user, it's task is mainly to trigger the other processes
+* **harvest**: the main executable and entry-point for the user, its task is mainly to trigger the other processes
 * **manager**: starts, stops and shows the status of pollers
 * **poller**: daemon process that polls a target system
 * **config**: helps to validate and configure harvest
@@ -44,7 +44,7 @@ One of the tasks of the Poller is to parse CLI flags and configuration files and
 
 For exporters, *Params*, is the exact parameters of the exporter as defined in `harvest.yml`. For collectors, *Params*, is a top-down merge of:
 * poller parameters from `harvest.yml` (can include `addr`, `auth_style`, etc.)
-* collector default template (can include poll frequency, list of counters, etc)
+* collector default template (can include poll frequency, list of counters, etc.)
 * collector custom template (same)
 
 Since the Poller is agnostic about the system collectors will poll, it is the user's (and developer's) responsibility to make sure required parameters are available in their right place.
@@ -53,7 +53,7 @@ Since the Poller is agnostic about the system collectors will poll, it is the us
 
 Collectors are responsible for collecting metrics from a data source and writing them into a Matrix instance.
 
-Collectors are "object-oriented", which means that metrics are grouped together by the logical unit that they describe (such as volume, node, process, file). If there are more than one objects defined for a collector, then for each object a new instance of the collector will be created (example of such "multi-object" collectors are [Zapi](cmd/collectors/zapi/) and [ZapiPerf](cmd/collectors/zapiperf/). This means that the user only needs to add a new template file if they want to collector a new object.
+Collectors are "object-oriented", which means that metrics are grouped together by the logical unit that they describe (such as volume, node, process, file). If there are more than one objects defined for a collector, then for each object a new instance of the collector will be created (example of such "multi-object" collectors are [Zapi](cmd/collectors/zapi/) and [ZapiPerf](cmd/collectors/zapiperf/). This means that the user only needs to add a new template file if they want to collect a new object.
 
 Most of the auxiliary jobs that a collector needs to do (such as initializing, running on scheduled time, reporting status to Poller, updating metadata and handling errors) are implemented by the AbstractCollector. Writing a new collector, most of the times, only requires implementing the `PollData()` method.
 
@@ -82,7 +82,7 @@ This package is in a semi-frozen, stable state and will not change (much) in the
 
 ### Tree
 
-The Tree data structure ([*node.Node](pkg/tree/node/node.go)) is used for unstructured and untyped data. It provides read/write methods that are independent of the underlaying data format (`xml`, `yaml`, `json`). It is mainly used for API calls and for storing configuration files. 
+The Tree data structure ([*node.Node](pkg/tree/node/node.go)) is used for unstructured and untyped data. It provides read/write methods that are independent of the underlying data format (`xml`, `yaml`, `json`). It is mainly used for API calls and for storing configuration files. 
 
 Often collectors will receive an XML from their target system, parse it into a Tree, then extract meaningful information and write it into the Matrix.
 
@@ -93,7 +93,7 @@ Unlike, the Matrix, this package is not in a stable state and will likely need a
 This section describes the directories of the project and how source files are organized:
 
 ### `/` 
-The root directories contains scripts for building Harvest:
+The root directories contain scripts for building Harvest:
 * `MakeFile` - script for building and installing Harvest
 * `package` - script for building distribution packages (uses the subdirectories `deb/` and `rpm/`)
 * `harvest.yml` - main configuration file

CHANGELOG.md

@@ -1,16 +1,49 @@
 # Change Log
 
 [Releases](https://github.com/NetApp/harvest/releases)
+
+## 21.05.2 / 2021-06-14
+
+This release adds support for user-defined URLs for InfluxDB exporter, a new command to validate your `harvest.yml` file, improved logging, panic handling, and collector documentation. We also enabled GitHub security code scanning for the Harvest repo to catch issues sooner. These scans happen on every push.
+
+There are also several quality-of-life bug fixes listed below.
+
+### Fixes
+- Handle special characters in cluster credentials [#79](https://github.com/NetApp/harvest/pull/79)
+- TLS server verification works with basic auth [#51](https://github.com/NetApp/harvest/issues/51)
+- Collect metrics from all disk shelves instead of one [#75](https://github.com/NetApp/harvest/issues/75)
+- Disk serial number and is-failed are missing from cdot query [#60](https://github.com/NetApp/harvest/issues/60)
+- Ensure collectors and pollers recover from panics [#105](https://github.com/NetApp/harvest/issues/105)
+- Cluster status is initially reported, but then stops being reported [#66](https://github.com/NetApp/harvest/issues/66)
+- Performance metrics don't display volume names [#40](https://github.com/NetApp/harvest/issues/40)
+- Allow insecure Grafana TLS connections `--insecure` and honor requested transport. See `harvest grafana --help` for details [#111](https://github.com/NetApp/harvest/issues/111)
+- Prometheus dashboards don't load when `exemplar` is true. Thanks to @sevenval-admins, @florianmulatz, and @unbreakabl3 for their help tracking this down and suggesting a fix. [#96](https://github.com/NetApp/harvest/issues/96)
+- `harvest stop` does not stop pollers that have been renamed [#20](https://github.com/NetApp/harvest/issues/20)
+- Harvest stops working after reboot on rpm/deb [#50](https://github.com/NetApp/harvest/issues/50)
+- `harvest start` shall start as harvest user in rpm/deb [#129](https://github.com/NetApp/harvest/issues/129)
+- `harvest start` detects stale pidfiles and makes start idempotent [#123](https://github.com/NetApp/harvest/issues/123)
+- Don't include unknown metrics when talking with older versions of ONTAP [#116](https://github.com/NetApp/harvest/issues/116)
+### Enhancements
+- InfluxDB exporter supports [user-defined URLs](https://github.com/NetApp/harvest/blob/main/cmd/exporters/influxdb/README.md#parameters)
+- Add workload counters to ZapiPerf [#9](https://github.com/NetApp/harvest/issues/9)
+- Add new command to validate `harvest.yml` file and optionally redact sensitive information [#16](https://github.com/NetApp/harvest/issues/16) e.g. `harvest doctor --config ./harvest.yml`
+- Improve documentation for [Unix](https://github.com/NetApp/harvest/tree/main/cmd/collectors/unix), [Zapi](https://github.com/NetApp/harvest/tree/main/cmd/collectors/zapi), and [ZapiPerf](https://github.com/NetApp/harvest/tree/main/cmd/collectors/zapiperf) collectors
+- Add Zerolog framework for structured logging [#61](https://github.com/NetApp/harvest/issues/61)
+- Vendor 3rd party code to increase reliability and make it easier to build in air-gapped environments [#26](https://github.com/NetApp/harvest/pull/26)
+- Make contributing easier with a digital CCLA instead of 1970's era PDF :)
+- Enable GitHub security code scanning
+- InfluxDB exporter provides the option to pass the URL end-point unchanged. Thanks to @steverweber for their suggestion and validation. [#63](https://github.com/NetApp/harvest/issues/63)
+
 ## 21.05.1 / 2021-05-20
 
-Announcing the release of Harvest2. With this release the core of Harvest has been completely rewritten in Go. Harvest2 is a replacement for the older versions of Harvest 1.6 and below. 
+Announcing the release of Harvest2. With this release the core of Harvest has been completely rewritten in Go. Harvest2 is a replacement for the older versions of Harvest 1.6 and below.
 
-If you're using one of the Harvest 2.x release candidates, you can do a direct upgrade. 
+If you're using one of the Harvest 2.x release candidates, you can do a direct upgrade.
 
 Going forward Harvest2 will follow a `year.month.fix` release naming convention with the first release being 21.05.0. See [SUPPORT.md](SUPPORT.md) for details.
 
 **IMPORTANT** v21.05 increased Harvest's out-of-the-box security posture - self-signed certificates are rejected by default. You have two options:
- 
+
  1. [Setup client certificates for each cluster](https://github.com/NetApp/harvest-private/blob/main/cmd/collectors/zapi/README.md)
  2. Disable the TLS check in Harvest. To disable, you need to edit `harvest.yml` and add `use_insecure_tls=true` to each poller or add it to the `Defaults` section. Doing so tells Harvest to ignore invalid TLS certificates.
 
@@ -33,8 +66,17 @@ Changes since rc2
 - RPM install should create required directories
 - Collector now warns if it falls behind schedule
 - package.sh fails without internet connection
-- Version flag is missing new line on some shells [#4](https://github.com/NetApp/harvest/issues/4) 
+- Version flag is missing new line on some shells [#4](https://github.com/NetApp/harvest/issues/4)
 - Poller should not ignore --config [#28](https://github.com/NetApp/harvest/issues/28)
+- Handle special characters in cluster credentials [#79](https://github.com/NetApp/harvest/pull/79)
+- TLS server verification works with basic auth [#51](https://github.com/NetApp/harvest/issues/51)
+- Collect metrics from all disk shelves instead of one [#75](https://github.com/NetApp/harvest/issues/75)
+- Disk serial number and is-failed are missing from cdot query [#60](https://github.com/NetApp/harvest/issues/60)
+- Ensure collectors and pollers recover from panics [#105](https://github.com/NetApp/harvest/issues/105)
+- Cluster status is initially reported, but then stops being reported [#66](https://github.com/NetApp/harvest/issues/66)
+- Performance metrics don't display volume names [#40](https://github.com/NetApp/harvest/issues/40)
+- Allow insecure Grafana TLS connections `--insecure` and honor requested transport. See `harvest grafana --help` for details [#111](https://github.com/NetApp/harvest/issues/111)
+- Prometheus dashboards don't load when `exemplar` is true. Thanks to @sevenval-admins, @florianmulatz, and @unbreakabl3 for their help tracking this down and suggesting a fix. [#96](https://github.com/NetApp/harvest/issues/96)
 
 ### Enhancements
 - Add new exporter for InfluxDB
@@ -46,6 +88,14 @@ Changes since rc2
 - Add per-poller Prometheus end-point support with `promPort`
 - The release, commit and build date information are baked into the release executables
 - You can pick a subset of pollers to manage by passing the name of the poller to harvest. e.g. `harvest start|stop|restart POLLERS`
+- InfluxDB exporter supports [user-defined URLs](https://github.com/NetApp/harvest/blob/main/cmd/exporters/influxdb/README.md#parameters)
+- Add workload counters to ZapiPerf [#9](https://github.com/NetApp/harvest/issues/9)
+- Add new command to validate `harvest.yml` file and optionally redact sensitive information [#16](https://github.com/NetApp/harvest/issues/16) e.g. `harvest doctor --config ./harvest.yml`
+- Improve documentation for [Unix](https://github.com/NetApp/harvest/tree/main/cmd/collectors/unix), [Zapi](https://github.com/NetApp/harvest/tree/main/cmd/collectors/zapi), and [ZapiPerf](https://github.com/NetApp/harvest/tree/main/cmd/collectors/zapiperf) collectors
+- Add Zerolog framework for structured logging [#61](https://github.com/NetApp/harvest/issues/61)
+- Vendor 3rd party code to increase reliability and make it easier to build in air-gapped environments [#26](https://github.com/NetApp/harvest/pull/26)
+- Make contributing easier with a digital CCLA instead of 1970's era PDF :)
+- Enable GitHub security code scanning
 
 ## rc2
 
@@ -66,7 +116,7 @@ Changes since rc2
 - [New plugin architecture](cmd/poller/plugin/README.md) - creating new plugins is easier and existing plugins made more generic
     - You can use built-in plugins by adding rules to a collector's template. RC2 includes two built-in plugins:
       - **Aggregator**: Aggregates metrics for a given label, e.g. volume data can be used to create an aggregation at the node or SVM-level
-       - **LabelAgent**: Defines rules for rewriting instance labels, creating new labels or create ignore-lists based on regular expressions  
+       - **LabelAgent**: Defines rules for rewriting instance labels, creating new labels or create ignore-lists based on regular expressions
 ## rc1
 
  **IMPORTANT** Harvest has been rewritten in Go