/
main.go
200 lines (178 loc) · 4.48 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
// Copyright 2012-2014 Canonical Ltd.
// Licensed under the AGPLv3, see LICENCE file for details.
package main
import (
"crypto/tls"
"crypto/x509"
"io"
"math/rand"
"os"
"path/filepath"
"runtime"
"time"
"github.com/juju/cmd/v3"
"github.com/juju/errors"
"github.com/juju/featureflag"
"github.com/juju/loggo"
"github.com/juju/names/v5"
"github.com/juju/utils/v3/exec"
"github.com/juju/juju/juju/osenv"
"github.com/juju/juju/juju/sockets"
)
var logger = loggo.GetLogger("juju.cmd.jujud")
func init() {
rand.Seed(time.Now().UTC().UnixNano())
featureflag.SetFlagsFromEnvironment(osenv.JujuFeatureFlagEnvKey)
}
const (
// exit_err is the value that is returned when the user has run juju in an invalid way.
exit_err = 2
// exit_panic is the value that is returned when we exit due to an unhandled panic.
exit_panic = 3
)
func getenv(name string) (string, error) {
value := os.Getenv(name)
if value == "" {
return "", errors.Errorf("%s not set", name)
}
return value, nil
}
func getwd() (string, error) {
dir, err := os.Getwd()
if err != nil {
return "", err
}
abs, err := filepath.Abs(dir)
if err != nil {
return "", err
}
return abs, nil
}
func getSocket() (sockets.Socket, error) {
var err error
socket := sockets.Socket{}
socket.Address, err = getenv("JUJU_AGENT_SOCKET_ADDRESS")
if err != nil {
return sockets.Socket{}, err
}
socket.Network, err = getenv("JUJU_AGENT_SOCKET_NETWORK")
if err != nil {
return sockets.Socket{}, err
}
// If we are not connecting over tcp, no need for TLS.
if socket.Network != "tcp" {
return socket, nil
}
caCertFile, err := getenv("JUJU_AGENT_CA_CERT")
if err != nil {
return sockets.Socket{}, err
}
caCert, err := os.ReadFile(caCertFile)
if err != nil {
return sockets.Socket{}, errors.Annotatef(err, "reading %s", caCertFile)
}
rootCAs := x509.NewCertPool()
if ok := rootCAs.AppendCertsFromPEM(caCert); ok == false {
return sockets.Socket{}, errors.Errorf("invalid ca certificate")
}
unitName, err := getenv("JUJU_UNIT_NAME")
if err != nil {
return sockets.Socket{}, err
}
application, err := names.UnitApplication(unitName)
if err != nil {
return sockets.Socket{}, errors.Trace(err)
}
socket.TLSConfig = &tls.Config{
RootCAs: rootCAs,
ServerName: application,
}
return socket, nil
}
type Request struct {
ContextId string
Dir string
CommandName string
Args []string
// StdinSet indicates whether or not the client supplied stdin. This is
// necessary as Stdin will be nil if the client supplied stdin but it
// is empty.
StdinSet bool
Stdin []byte
Token string
}
var ErrNoStdinStr = "hook tool requires stdin, none supplied"
// hookToolMain uses JUJU_CONTEXT_ID and JUJU_AGENT_SOCKET_ADDRESS to ask a running unit agent
// to execute a Command on our behalf. Individual commands should be exposed
// by symlinking the command name to this executable.
func hookToolMain(commandName string, ctx *cmd.Context, args []string) (code int, err error) {
code = 1
contextID, err := getenv("JUJU_CONTEXT_ID")
if err != nil {
return
}
dir, err := getwd()
if err != nil {
return
}
req := Request{
ContextId: contextID,
Dir: dir,
CommandName: commandName,
Args: args[1:],
Token: os.Getenv("JUJU_AGENT_TOKEN"),
}
socket, err := getSocket()
if err != nil {
return
}
client, err := sockets.Dial(socket)
if err != nil {
return code, err
}
defer client.Close()
var resp exec.ExecResponse
err = client.Call("Jujuc.Main", req, &resp)
if err != nil && err.Error() == ErrNoStdinStr {
req.Stdin, err = io.ReadAll(os.Stdin)
if err != nil {
err = errors.Annotate(err, "cannot read stdin")
return
}
req.StdinSet = true
err = client.Call("Jujuc.Main", req, &resp)
}
if err != nil {
return
}
os.Stdout.Write(resp.Stdout)
os.Stderr.Write(resp.Stderr)
return resp.Code, nil
}
func main() {
os.Exit(Main(os.Args))
}
// Main is not redundant with main(), because it provides an entry point
// for testing with arbitrary command line arguments.
func Main(args []string) int {
defer func() {
if r := recover(); r != nil {
buf := make([]byte, 4096)
buf = buf[:runtime.Stack(buf, false)]
logger.Criticalf("Unhandled panic: \n%v\n%s", r, buf)
os.Exit(exit_panic)
}
}()
ctx, err := cmd.DefaultContext()
if err != nil {
cmd.WriteError(os.Stderr, err)
os.Exit(exit_err)
}
var code int
commandName := filepath.Base(args[0])
code, err = hookToolMain(commandName, ctx, args)
if err != nil {
cmd.WriteError(ctx.Stderr, err)
}
return code
}