#!/usr/bin/env python3
# -*- coding: utf-8; py-indent-offset: 4 -*-
#
# Author:  Linuxfabrik GmbH, Zurich, Switzerland
# Contact: info (at) linuxfabrik (dot) ch
#          https://www.linuxfabrik.ch/
# License: The Unlicense, see LICENSE file.

# https://github.com/Linuxfabrik/monitoring-plugins/blob/main/CONTRIBUTING.md

"""See the check's README for more details.
"""

import argparse  # pylint: disable=C0413
import base64  # pylint: disable=C0413
import sys  # pylint: disable=C0413
import xml.etree.ElementTree as ET  # pylint: disable=C0413

import lib.args  # pylint: disable=C0413
import lib.base  # pylint: disable=C0413
import lib.lftest  # pylint: disable=C0413
import lib.txt  # pylint: disable=C0413
import lib.url  # pylint: disable=C0413
from lib.globals import (STATE_UNKNOWN, STATE_OK)  # pylint: disable=C0413

__author__ = 'Linuxfabrik GmbH, Zurich/Switzerland'
__version__ = '2025021501'

DESCRIPTION = '''Warns if virtual services provided by a kemp loadbalancer appliance are down.'''

DEFAULT_INSECURE = False
DEFAULT_NO_PROXY = False
DEFAULT_PORT = 443
DEFAULT_SEVERITY = 'warn'
DEFAULT_TIMEOUT = 3


def parse_args():
    """Parse command line arguments using argparse.
    """
    parser = argparse.ArgumentParser(description=DESCRIPTION)

    parser.add_argument(
        '-V', '--version',
        action='version',
        version='%(prog)s: v{} by {}'.format(__version__, __author__)
    )

    parser.add_argument(
        '--always-ok',
        help='Always returns OK.',
        dest='ALWAYS_OK',
        action='store_true',
        default=False,
    )

    parser.add_argument(
        '--filter',
        help='Only check services that contain this string in their NickName.',
        dest='FILTER',
        type=str,
    )

    parser.add_argument(
        '-H', '--hostname',
        help='KEMP Appliance address.',
        dest='HOSTNAME',
        required=True,
    )

    parser.add_argument(
        '--insecure',
        help='This option explicitly allows to perform "insecure"'
        ' SSL connections. Default: %(default)s',
        dest='INSECURE',
        action='store_true',
        default=DEFAULT_INSECURE,
    )

    parser.add_argument(
        '--no-proxy',
        help='Do not use a proxy. Default: %(default)s',
        dest='NO_PROXY',
        action='store_true',
        default=DEFAULT_NO_PROXY,
    )

    parser.add_argument(
        '--password',
        help='API Password.',
        dest='PASSWORD',
        required=True,
    )

    parser.add_argument(
        '--port',
        help='KEMP Appliance port.',
        dest='PORT',
        default=DEFAULT_PORT,
    )

    parser.add_argument(
        '--severity',
        help='Severity for alerting. Default: %(default)s',
        dest='SEVERITY',
        default=DEFAULT_SEVERITY,
        choices=['warn', 'crit'],
    )

    parser.add_argument(
        '--test',
        help='For unit tests. Needs "path-to-stdout-file,path-to-stderr-file,expected-retc".',
        dest='TEST',
        type=lib.args.csv,
    )

    parser.add_argument(
        '--timeout',
        help='Network timeout in seconds. Default: %(default)s (seconds)',
        dest='TIMEOUT',
        type=int,
        default=DEFAULT_TIMEOUT,
    )

    parser.add_argument(
        '-u', '--username',
        help='API Username.',
        dest='USERNAME',
        required=True,
    )

    return parser.parse_args()


def main():
    """The main function. Hier spielt die Musik.
    """

    # parse the command line, exit with UNKNOWN if it fails
    try:
        args = parse_args()
    except SystemExit:
        sys.exit(STATE_UNKNOWN)

    # fetch data
    if args.TEST is None:
        # https://support.kemptechnologies.com/hc/en-us/articles/10113769677581-RESTful-API-Programmer-Guide
        # get the values the normal way
        url = 'https://{}:{}/access/listvs'.format(args.HOSTNAME, args.PORT)

        # authorization
        auth = '{}:{}'.format(args.USERNAME, args.PASSWORD)
        encoded_auth = lib.txt.to_text(base64.b64encode(lib.txt.to_bytes(auth)))

        result = lib.base.coe(lib.url.fetch(
            url,
            insecure=args.INSECURE,
            no_proxy=args.NO_PROXY,
            timeout=args.TIMEOUT,
            header={'Authorization': 'Basic {}'.format(encoded_auth)},
        ))
    else:
        # do not call the command, put in test data
        result, stderr, retc = lib.lftest.test(args.TEST)

    # init some vars
    state = STATE_OK
    perfdata = ''
    count = 0
    table = []

    # analyze data
    for service in ET.fromstring(result).findall('.Success/Data/VS'):
        name = service.find('NickName').text
        if not args.FILTER or args.FILTER in name:
            count += 1
            status = service.find('Status').text  # = Up, Down, Unchecked
            if status.lower() == 'down':
                service_state = lib.base.str2state(args.SEVERITY)
                status = '{}{}'.format(status, lib.base.state2str(service_state, prefix=' '))
                state = lib.base.get_worst(state, service_state)
            table.append({
                'name': name,
                'status': status,
            })

    # build the message
    msg = '{} {} checked. '.format(count,lib.txt.pluralize('service', count))
    if len(table) > 0:
        msg += '\n\n' + lib.base.get_table(
            table,
            ['name', 'status'],
            header=['NickName', 'Status'],
        )
    perfdata += lib.base.get_perfdata('services', count, None, None, None, 0, None)

    # over and out
    lib.base.oao(msg, state, perfdata, always_ok=args.ALWAYS_OK)


if __name__ == '__main__':
    try:
        main()
    except Exception:   # pylint: disable=W0703
        lib.base.cu()
