Merge pull request #3 from azak-azkaran/remove-token

Removes http communication in agent
azak-azkaran · Mar 12, 2021 · 09e5414 · 09e5414
2 parents 6bd2813 + f3919ea
commit 09e5414
Show file tree

Hide file tree

Showing 10 changed files with 397 additions and 574 deletions.
diff --git a/config.go b/config.go
@@ -292,6 +292,7 @@ func ParseConfiguration(confi *Configuration) {
 	} else {
 		confi.Address = "localhost:8081"
 	}
+	confi.useLogin = true
 
 	if viper.IsSet(MAIN_PATHDB) {
 		confi.PathDB = viper.GetString(MAIN_PATHDB)
@@ -334,10 +335,14 @@ func ParseConfiguration(confi *Configuration) {
 
 	if viper.IsSet(MAIN_VAULT_ROLE_ID) {
 		confi.RoleID = viper.GetString(MAIN_VAULT_ROLE_ID)
+	} else {
+		confi.useLogin = false
 	}
 
 	if viper.IsSet(MAIN_VAULT_SECRET_ID) {
 		confi.SecretID = viper.GetString(MAIN_VAULT_SECRET_ID)
+	} else {
+		confi.useLogin = false
 	}
 
 	Sugar.Warn("Agent initalzing on: ", confi.Hostname)
@@ -349,16 +354,7 @@ func ParseConfiguration(confi *Configuration) {
 		"\nVault KeyFile path: ", confi.VaultKeyFile,
 		"\nMount Duration: ", confi.MountDuration,
 		"\nMount AllowOther: ", confi.MountAllow,
+		"\nRoleID: ", confi.RoleID,
+		"\nSecretID: ", confi.SecretID,
 	)
-
-	if (confi.RoleID == "" && confi.SecretID == "") || (confi.RoleID == "" && confi.SecretID != "") || (confi.RoleID != "" && confi.SecretID == "") {
-		confi.RoleID = ""
-		confi.SecretID = ""
-		Sugar.Info("Secret ID and Role ID reset")
-		confi.useLogin = false
-	} else {
-		Sugar.Info("RoleID: ", confi.RoleID)
-		Sugar.Info("SecretID: ", confi.SecretID)
-		confi.useLogin = true
-	}
 }
diff --git a/handler.go b/handler.go
@@ -0,0 +1,227 @@
+package main
+
+import (
+	"bytes"
+	"errors"
+	"os/exec"
+	"strconv"
+)
+
+func handleError(job Job, err error, errMsg string, buffer bytes.Buffer) bool {
+	if err != nil {
+		m := errMsg + err.Error()
+		if job.Stderr != nil {
+			m = "\t" + job.Stderr.String()
+		}
+		Sugar.Error(m)
+		buffer.WriteString(m)
+		return false
+	}
+	return true
+}
+
+func HandleGit(mode string, v GitConfig, run bool, printOutput bool, home string) (bool, error) {
+	var job Job
+	switch mode {
+	case "clone":
+		job = CreateJobFromFunction(func() error {
+			return GitClone(v.Rep, v.Directory, home, v.PersonalToken)
+		}, mode+" "+v.Name)
+	case "pull":
+		job = CreateJobFromFunction(func() error {
+			err := GitCreateRemote(v.Directory, home, v.Rep)
+			if err != nil {
+				return err
+			} else {
+				return GitPull(v.Directory, home, v.PersonalToken)
+			}
+		}, mode+" "+v.Name)
+	default:
+		return false, errors.New("Not supported Mode: " + mode)
+	}
+
+	var err error
+
+	if run {
+		err = job.RunJob(printOutput)
+	} else {
+		err = job.RunJobBackground(printOutput)
+	}
+
+	return err == nil, err
+}
+func HandleBackup(cmd *exec.Cmd, name string, printOutput bool, test bool, run bool) error {
+	job := CreateJobFromCommand(cmd, name)
+	var err error
+	if test {
+		err = job.DontRun(printOutput)
+	} else {
+		if run {
+			err = job.RunJob(printOutput)
+		} else {
+			err = job.RunJobBackground(printOutput)
+		}
+	}
+
+	return err
+
+}
+
+func HandleMount(job Job, printOutput bool, test bool, run bool, buffer bytes.Buffer) bool {
+	var err error
+	if test {
+		err = job.DontRun(printOutput)
+		return handleError(job, err, ERROR_RUNMOUNT, buffer)
+	} else {
+		if run {
+			err = job.RunJob(printOutput)
+			return handleError(job, err, ERROR_RUNMOUNT, buffer)
+		} else {
+			err = job.RunJobBackground(printOutput)
+			return handleError(job, err, ERROR_RUNMOUNT, buffer)
+		}
+	}
+}
+
+func HandleMountFolders(cmds []*exec.Cmd, printOutput bool, test bool, run bool) (string, bool) {
+	ok := true
+	var buffer bytes.Buffer
+	for k, v := range cmds {
+		job := CreateJobFromCommand(v, "mount"+strconv.Itoa(k))
+		if !HandleMount(job, printOutput, test, run, buffer) {
+			ok = false
+		}
+	}
+	return buffer.String(), ok
+
+}
+
+func DoSeal(token string) error{
+	err := Seal(AgentConfiguration.VaultConfig, token)
+	if err != nil {
+		return err
+	}
+	b, err := IsSealed(AgentConfiguration.VaultConfig)
+	if err != nil {
+		return err
+	}
+
+	if b{
+		return nil
+	} else{
+		return errors.New(ERROR_VAULT_NOT_SEALED)
+	}
+}
+
+func DoUnseal(token string) (bool,error ) {
+	resp, err := Unseal(AgentConfiguration.VaultConfig, token)
+	if err != nil {
+		return false,err
+	}
+	Sugar.Info(REST_VAULT_SEAL_MESSAGE, resp.Sealed)
+	return resp.Sealed, nil
+}
+
+func DoMountVerbose(token string) (string, error) {
+	return DoMount(token,false,true,false,true)
+}
+
+func DoMount(token string, debug bool, printOutput bool, test bool, run bool) (string, error) {
+	config, err := CreateConfigFromVault(token, AgentConfiguration.Hostname, AgentConfiguration.VaultConfig)
+	if err != nil {
+		return "", err
+	}
+
+	err = config.GetGocryptConfig()
+	if err != nil {
+		return "", err
+	}
+	out := MountFolders(config.Agent.HomeFolder, config.Gocrypt)
+
+	if debug {
+		Sugar.Debug("Config", config.Gocrypt)
+		for k, v := range out {
+			Sugar.Info("Command", k, ": ", v.String())
+		}
+	}
+	str, ok := HandleMountFolders(out, printOutput, test, run)
+	if ok {
+		return str, nil
+	} else {
+		return str, errors.New(ERROR_RUNMOUNT)
+	}
+}
+
+func DoBackupVerbose(token string, mode string) error {
+	return DoBackup(token, mode, true, false,false,true)
+}
+
+func DoBackup(token string, mode string, printOutput bool, debug bool, test bool, run bool) error {
+	config, err := CreateConfigFromVault(token, AgentConfiguration.Hostname, AgentConfiguration.VaultConfig)
+	if err != nil {
+		return err
+	}
+
+	err = config.GetResticConfig()
+	if err != nil {
+		return err
+	}
+
+	var cmd *exec.Cmd
+	switch mode {
+	case "init":
+		cmd = InitRepo(config.Restic.Environment, config.Agent.HomeFolder)
+	case "exist":
+		cmd = ExistsRepo(config.Restic.Environment, config.Agent.HomeFolder)
+	case "check":
+		cmd = CheckRepo(config.Restic.Environment, config.Agent.HomeFolder)
+	case "backup":
+		cmd = Backup(
+			config.Restic.Path,
+			config.Restic.Environment,
+			config.Agent.HomeFolder,
+			config.Restic.ExcludePath,
+			2000,
+			2000)
+	case "unlock":
+		cmd = UnlockRepo(config.Restic.Environment, config.Agent.HomeFolder)
+	case "list":
+		cmd = ListRepo(config.Restic.Environment, config.Agent.HomeFolder)
+		printOutput = true
+	case "forget":
+		cmd = ForgetRep(config.Restic.Environment, config.Agent.HomeFolder)
+	default:
+		return errors.New("Not supported Mode: " + mode)
+	}
+	if debug {
+		Sugar.Debug("Command: ", cmd.String())
+		Sugar.Info("Config", config.Restic)
+	}
+	return HandleBackup(cmd, mode, printOutput, test, run)
+}
+
+func DoGitVerbose(token string, mode string)( string,bool,error ){
+	return DoGit(token,mode, true,true)
+}
+
+func DoGit(token string, mode string, run bool, printOutput bool) ( string,bool,error ){
+	config, err := CreateConfigFromVault(token, AgentConfiguration.Hostname, AgentConfiguration.VaultConfig)
+	if err != nil {
+		return "",false,err
+	}
+
+	err = config.GetGitConfig()
+	if err != nil {
+		return "", false,err
+	}
+
+	var buffer bytes.Buffer
+	ok := true
+	for _, v := range config.Git {
+		ok, err = HandleGit(mode, v, run, printOutput, config.Agent.HomeFolder)
+		if !ok && err != nil {
+			buffer.WriteString("\nJob: " + v.Name + " " + err.Error())
+		}
+	}
+	return buffer.String(), ok,nil
+}
diff --git a/handler_test.go b/handler_test.go
@@ -0,0 +1,19 @@
+package main
+
+import (
+	"fmt"
+	"testing"
+	"bytes"
+	"os/exec"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestHandleMount(t *testing.T) {
+	fmt.Println("running: TestHandleMount")
+
+	cmd := exec.Command("return -1")
+	job := CreateJobFromCommand(cmd, "test")
+	var buffer bytes.Buffer
+	assert.False(t,HandleMount(job, true, false, true, buffer))
+}