risuorg
diff --git a/‎CONTRIBUTING.md
Lines changed: 40 additions & 1 deletion b/‎CONTRIBUTING.md
Lines changed: 40 additions & 1 deletion
diff --git a/‎risuclient/common.d/00-core.sh
Lines changed: 91 additions & 4 deletions b/‎risuclient/common.d/00-core.sh
Lines changed: 91 additions & 4 deletions
diff --git a/‎risuclient/extensions/node-problem-detector.py
Lines changed: 2 additions & 1 deletion b/‎risuclient/extensions/node-problem-detector.py
Lines changed: 2 additions & 1 deletion
diff --git a/‎risuclient/plugins/core/CCN-STIC/610A22/cryptopolicieslevel.sh
Lines changed: 1 addition & 1 deletion b/‎risuclient/plugins/core/CCN-STIC/610A22/cryptopolicieslevel.sh
Lines changed: 1 addition & 1 deletion
@@ -4,6 +4,7 @@
 
 - [How to file a bug report](#how-to-file-a-bug-report)
 - [How to contribute code](#how-to-contribute-code)
+- [Plugin Priority System](#plugin-priority-system)
 - [How to write tests](#how-to-write-tests)
 - [How to debug your test](#how-to-debug-your-test)
 
@@ -70,6 +71,44 @@ to request changes; when this happens:
 
 4) Once the new plugin has been submitted you'll see some GitHub actions feedback (similars to the ones that you run with `tox`)
 
+## Plugin Priority System
+
+Plugin priorities are assigned based on system stability and operational continuity impact. **999 is the maximum criticality** (system can break at any moment) and **1 is the lowest priority** (informational only).
+
+### Priority Categories
+
+| Priority Range | Category               | Impact Level                   | Description                                                 | Examples                                                                |
+| -------------- | ---------------------- | ------------------------------ | ----------------------------------------------------------- | ----------------------------------------------------------------------- |
+| **900-999**    | Maximum Criticality    | System can break at any moment | Critical system components that can cause immediate failure | Filesystem corruption (950), etcd health (980), API server health (970) |
+| **800-899**    | High Criticality       | System services at risk        | Core system services and infrastructure                     | Network issues (870), systemd problems (890), node health (880)         |
+| **600-799**    | Medium Criticality     | Applications & Services        | Platform services and applications                          | OpenStack (750), OpenShift (740), databases (700)                       |
+| **400-599**    | Medium-Low Criticality | Middleware & Support           | Supporting services and middleware                          | Web servers (580), load balancers, caching                              |
+| **200-399**    | Low Criticality        | Monitoring & Logging           | Observability and monitoring systems                        | Monitoring (350), logging (330), performance (280)                      |
+| **100-199**    | Very Low Criticality   | Informational                  | Informational and compliance checks                         | Informative plugins (150), compliance (130)                             |
+| **1-99**       | Lowest Priority        | Metadata & Development         | Metadata collection and development tools                   | Metadata (70), development tools (50)                                   |
+
+### Priority Assignment Guidelines
+
+When creating or updating plugins, assign priorities based on:
+
+1. **System Stability Impact**: How quickly could this issue cause system failure?
+2. **Operational Continuity**: How much would this affect ongoing operations?
+3. **Recovery Difficulty**: How hard would it be to recover from this issue?
+4. **Blast Radius**: How many systems/users would be affected?
+
+### Examples by Priority
+
+- **980**: etcd cluster health - etcd failure breaks the entire cluster
+- **950**: Filesystem corruption - can cause immediate data loss
+- **940**: Disk space full - system can become unresponsive
+- **880**: Node health issues - affects workload scheduling
+- **870**: Network connectivity problems - affects all communications
+- **750**: OpenStack service issues - affects cloud operations
+- **400**: General system configuration issues
+- **350**: Monitoring system problems - affects observability
+- **150**: Informational system inventory
+- **70**: Metadata collection - purely informational
+
 ## How to write tests
 
 Please refer to the
@@ -82,7 +121,7 @@ Specially remember about the headers:
 # long_name: plug long name for webui
 # description: plug description
 # bugzilla: bz url
-# priority: 0<>1000 for likelihood to break your environment if this test reports fail
+# priority: 1-999 (999=max criticality, 1=lowest priority)
 # kb: url-to-kbase
 ```
 
 
@@ -29,7 +29,7 @@ first_file_available() {
             if [[ $flag -eq 0 ]]; then
                 if [[ -f ${file} ]]; then
                     flag=1
-                    echo ${file}
+                    echo "${file}"
                 fi
             fi
         done
@@ -46,9 +46,9 @@ if [ "x$RISU_LIVE" = "x0" ]; then
     systemctl_list_units_service_running=("${RISU_ROOT}/sos_commands/systemd/systemctl_list-units" "${RISU_ROOT}/sos_commands/systemd/systemctl_list-units_--all")
 
     # find available one and use it, the ones at back with highest priority
-    systemctl_list_units_active_file=$(first_file_available ${systemctl_list_units_active[@]})
-    systemctl_list_units_enabled_file=$(first_file_available ${systemctl_list_units_enabled[@]})
-    systemctl_list_units_service_running_file=$(first_file_available ${systemctl_list_units_service_running[@]})
+    systemctl_list_units_active_file=$(first_file_available "${systemctl_list_units_active[@]}")
+    systemctl_list_units_enabled_file=$(first_file_available "${systemctl_list_units_enabled[@]}")
+    systemctl_list_units_service_running_file=$(first_file_available "${systemctl_list_units_service_running[@]}")
 
     # List of logs/journalctl files
     journalctl_file=$(first_file_available "${RISU_ROOT}/sos_commands/logs/journalctl_--no-pager_--boot" "${RISU_ROOT}/sos_commands/logs/journalctl_--all_--this-boot_--no-pager")
@@ -323,3 +323,90 @@ is_higher() {
     fi
     return 0
 }
+
+# Function to get sysctl parameter value from configuration
+# Works for both LIVE and sosreport/mustgather mode transparently
+get_sysctl_value() {
+    local param="$1"
+    local value=""
+
+    # Check main sysctl.conf first
+    if [[ -f "${RISU_ROOT}/etc/sysctl.conf" ]]; then
+        value=$(grep "^${param}[[:space:]]*=" "${RISU_ROOT}/etc/sysctl.conf" | tail -1 | cut -d'=' -f2 | tr -d ' ')
+    fi
+
+    # Check sysctl.d directory (later files override earlier ones)
+    if [[ -d "${RISU_ROOT}/etc/sysctl.d" ]]; then
+        local override_value
+        override_value=$(find "${RISU_ROOT}/etc/sysctl.d" -name "*.conf" -type f -exec grep "^${param}[[:space:]]*=" {} \; | tail -1 | cut -d'=' -f2 | tr -d ' ')
+        if [[ -n ${override_value} ]]; then
+            value="${override_value}"
+        fi
+    fi
+
+    echo "${value}"
+}
+
+# Note: is_active() function already exists above and provides service status checking
+
+# Function to find configuration files
+# Usage: find_config_files FILENAME [SEARCH_PATHS...]
+# Returns: List of found files
+find_config_files() {
+    local filename="$1"
+    shift
+    local search_paths=("$@")
+
+    # Default search paths if none provided
+    if [[ ${#search_paths[@]} -eq 0 ]]; then
+        search_paths=("/etc" "/opt" "/usr/local/etc")
+    fi
+
+    # Add RISU_ROOT prefix for sosreport/mustgather mode
+    if [[ "x$RISU_LIVE" == "x0" ]]; then
+        local prefixed_paths=()
+        for path in "${search_paths[@]}"; do
+            prefixed_paths+=("${RISU_ROOT}${path}")
+        done
+        search_paths=("${prefixed_paths[@]}")
+    fi
+
+    # Execute find command
+    find "${search_paths[@]}" -name "$filename" -type f 2>/dev/null
+}
+
+# Function to count recent errors in log files
+# Usage: count_recent_log_errors LOGFILE [LINES] [PATTERNS...]
+# Returns: Number of matching error lines
+count_recent_log_errors() {
+    local logfile="$1"
+    local lines="${2:-100}"
+    shift 2
+    local patterns=("$@")
+
+    # Default error patterns if none provided
+    if [[ ${#patterns[@]} -eq 0 ]]; then
+        patterns=("error" "ERROR" "critical" "CRITICAL" "alert" "ALERT" "emergency" "EMERGENCY" "FATAL" "FAILED")
+    fi
+
+    # Join patterns with |
+    local pattern_string=""
+    for i in "${!patterns[@]}"; do
+        if [[ $i -gt 0 ]]; then
+            pattern_string="${pattern_string}|"
+        fi
+        pattern_string="${pattern_string}${patterns[$i]}"
+    done
+
+    # Add RISU_ROOT prefix for sosreport/mustgather mode
+    if [[ "x$RISU_LIVE" == "x0" ]]; then
+        logfile="${RISU_ROOT}${logfile}"
+    fi
+
+    # Check if log file exists and count errors
+    if [[ -f $logfile ]]; then
+        tail -"$lines" "$logfile" | grep -c "$pattern_string" || echo "0"
+    else
+        echo "0"
+    fi
+}
@@ -61,7 +61,8 @@ def listplugins(options=None):
         options=options,
     ):
         filename = plugin["plugin"]
-        data = json.load(open(filename, "r"))
+        with open(filename, "r") as f:
+            data = json.load(f)
         if "logPath" in data and "rules" in data:
             path = data["logPath"]
 
 
@@ -16,7 +16,7 @@
 
 # long_name: Check crypto policies applied
 # description: Cheks applied crypto policies level
-# priority: 900
+# priority: 130
 # bugzilla: https://www.ccn-cert.cni.es/pdf/guias/series-ccn-stic/guias-de-acceso-publico-ccn-stic/6768-ccn-stic-610a22-perfilado-de-seguridad-red-hat-enterprise-linux-9-0/file.html
 
 # Load common functions