[pve-devel] [PATCH v6 pve-manager 05/30] api: apt: send notification via new notification module

Lukas Wagner l.wagner at proxmox.com
Thu Aug 3 14:16:54 CEST 2023 

... instead of using sendmail directly

If the new 'target-package-updates' is set, we send a notification to
this target. If not, we continue to send a mail to root at pam (if the
mail address is configured)

Signed-off-by: Lukas Wagner <l.wagner at proxmox.com>
---
 PVE/API2/APT.pm | 99 ++++++++++++++++++++++++++++++++++---------------
 1 file changed, 70 insertions(+), 29 deletions(-)

diff --git a/PVE/API2/APT.pm b/PVE/API2/APT.pm
index f73535e1..a213fc59 100644
--- a/PVE/API2/APT.pm
+++ b/PVE/API2/APT.pm
@@ -19,6 +19,7 @@ use PVE::DataCenterConfig;
 use PVE::SafeSyslog;
 use PVE::INotify;
 use PVE::Exception;
+use PVE::Notify;
 use PVE::RESTHandler;
 use PVE::RPCEnvironment;
 use PVE::API2Tools;
@@ -272,6 +273,12 @@ __PACKAGE__->register_method({
 	return $pkglist;
     }});
 
+my $updates_available_subject_template = "New software packages available ({{hostname}})";
+my $updates_available_body_template = <<EOT;
+The following updates are available:
+{{table updates}}
+EOT
+
 __PACKAGE__->register_method({
     name => 'update_database',
     path => 'update',
@@ -279,6 +286,8 @@ __PACKAGE__->register_method({
     description => "This is used to resynchronize the package index files from their sources (apt-get update).",
     permissions => {
 	check => ['perm', '/nodes/{node}', [ 'Sys.Modify' ]],
+	description => "If 'notify: target-package-updates' is set, then the user must have the "
+	    . "'Mapping.Use' permission on '/mapping/notification/<target>'",
     },
     protected => 1,
     proxyto => 'node',
@@ -307,6 +316,17 @@ __PACKAGE__->register_method({
 	my ($param) = @_;
 
 	my $rpcenv = PVE::RPCEnvironment::get();
+	my $dcconf = PVE::Cluster::cfs_read_file('datacenter.cfg');
+	my $target = $dcconf->{notify}->{'target-package-updates'} //
+	    PVE::Notify::default_target();
+
+	if ($param->{notify} && $target ne PVE::Notify::default_target()) {
+	    # If we notify via anything other than the default target (mail to root),
+	    # then the user must have the proper permissions for the target.
+	    # The mail-to-root target does not require these, as otherwise
+	    # we would break compatibility.
+	    PVE::Notify::check_may_use_target($target, $rpcenv);
+	}
 
 	my $authuser = $rpcenv->get_user();
 
@@ -314,7 +334,6 @@ __PACKAGE__->register_method({
 	    my $upid = shift;
 
 	    # setup proxy for apt
-	    my $dcconf = PVE::Cluster::cfs_read_file('datacenter.cfg');
 
 	    my $aptconf = "// no proxy configured\n";
 	    if ($dcconf->{http_proxy}) {
@@ -336,39 +355,59 @@ __PACKAGE__->register_method({
 	    my $pkglist = &$update_pve_pkgstatus();
 
 	    if ($param->{notify} && scalar(@$pkglist)) {
+		my $updates_table = {
+		    schema => {
+			columns => [
+			    {
+				label => "Package",
+				id    => "package",
+			    },
+			    {
+				label => "Old Version",
+				id    => "old-version",
+			    },
+			    {
+				label => "New Version",
+				id    => "new-version",
+			    }
+			]
+		    },
+		    data => []
+		};
+
+		my $hostname = `hostname -f` || PVE::INotify::nodename();
+		chomp $hostname;
+
+		my $count = 0;
+		foreach my $p (sort {$a->{Package} cmp $b->{Package} } @$pkglist) {
+		    next if $p->{NotifyStatus} && $p->{NotifyStatus} eq $p->{Version};
+		    $count++;
+
+		    push @{$updates_table->{data}}, {
+			"package"     => $p->{Package},
+			"old-version" => $p->{OldVersion},
+			"new-version" => $p->{Version}
+		    };
+		}
 
-		my $usercfg = PVE::Cluster::cfs_read_file("user.cfg");
-		my $rootcfg = $usercfg->{users}->{'root at pam'} || {};
-		my $mailto = $rootcfg->{email};
-
-		if ($mailto) {
-		    my $hostname = `hostname -f` || PVE::INotify::nodename();
-		    chomp $hostname;
-		    my $mailfrom = $dcconf->{email_from} || "root";
-		    my $subject = "New software packages available ($hostname)";
-
-		    my $data = "The following updates are available:\n\n";
-
-		    my $count = 0;
-		    foreach my $p (sort {$a->{Package} cmp $b->{Package} } @$pkglist) {
-			next if $p->{NotifyStatus} && $p->{NotifyStatus} eq $p->{Version};
-			$count++;
-			if ($p->{OldVersion}) {
-			    $data .= "$p->{Package}: $p->{OldVersion} ==> $p->{Version}\n";
-			} else {
-			    $data .= "$p->{Package}: $p->{Version} (new)\n";
-			}
-		    }
+		return if !$count;
 
-		    return if !$count;
+		my $properties = {
+		    updates  => $updates_table,
+		    hostname => $hostname,
+		};
 
-		    PVE::Tools::sendmail($mailto, $subject, $data, undef, $mailfrom, '');
+		PVE::Notify::info(
+		    $target,
+		    $updates_available_subject_template,
+		    $updates_available_body_template,
+		    $properties,
+		);
 
-		    foreach my $pi (@$pkglist) {
-			$pi->{NotifyStatus} = $pi->{Version};
-		    }
-		    PVE::Tools::file_set_contents($pve_pkgstatus_fn, encode_json($pkglist));
+		foreach my $pi (@$pkglist) {
+		    $pi->{NotifyStatus} = $pi->{Version};
 		}
+		PVE::Tools::file_set_contents($pve_pkgstatus_fn, encode_json($pkglist));
 	    }
 
 	    return;
@@ -378,6 +417,8 @@ __PACKAGE__->register_method({
 
     }});
 
+
+
 __PACKAGE__->register_method({
     name => 'changelog',
     path => 'changelog',
-- 
2.39.2

More information about the pve-devel mailing list