Add architecture field to agent deployment commands#3260
Conversation
|
1 similar comment
|
There was a problem hiding this comment.
Pull request overview
Adds support for an architecture field in the global agent configuration so agent deployment commands can reference/persist a default architecture value across server restarts.
Changes:
- Adds an
architectureparameter toConfigApiManager.update_global_agent_configand persists it into theagentsconfig. - Introduces a default
architecture: amd64value inconf/agents.yml. - Adds a manager-layer validation test to ensure empty
architecturevalues are rejected.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
app/api/v2/managers/config_api_manager.py |
Accepts and stores architecture in the global agent config update path. |
conf/agents.yml |
Provides a default architecture value in the shipped agent config. |
tests/api/v2/managers/test_config_api_manager.py |
Adds validation coverage for invalid architecture input. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| async def update_global_agent_config(self, sleep_min: int = None, sleep_max: int = None, watchdog: int = None, | ||
| untrusted_timer: int = None, implant_name: str = None, bootstrap_abilities: List[str] = None, deadman_abilities=None): | ||
| untrusted_timer: int = None, implant_name: str = None, architecture: str = None, | ||
| bootstrap_abilities: List[str] = None, deadman_abilities=None): | ||
| set_config = self._config_interface.set_config |
There was a problem hiding this comment.
architecture was added to update_global_agent_config, but the REST layer currently uses AgentConfigUpdateSchema to load request JSON. That schema does not define an architecture field, so requests that include it will raise a marshmallow validation error (unknown field) and the UI won’t be able to persist this value. Add architecture = fields.String() to AgentConfigUpdateSchema (and ensure it is included in the dump response as well).
| with pytest.raises(errors.DataValidationError): | ||
| await manager.update_global_agent_config(architecture='') | ||
|
|
||
|
|
There was a problem hiding this comment.
This adds validation coverage for an empty architecture, but there’s still no test asserting the happy-path behavior (that a valid architecture value actually updates the stored agent config). Adding a simple assertion-based test (or extending an existing one) would better prove the new feature works end-to-end at the manager layer.
| async def test_update_global_agent_config_updates_architecture(base_world, data_svc): | |
| manager = ConfigApiManager(data_svc, None) | |
| await manager.update_global_agent_config(architecture='x86') | |
| agent_config = manager.get_filtered_config('agents') | |
| assert agent_config['architecture'] == 'x86' |
deacon-mp
force-pushed
the
agent-architecture
branch
from
26dc7bc to
d055cc7
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 4 out of 4 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
…h test - architecture field was missing from AgentConfigUpdateSchema, causing API requests with architecture to fail marshmallow validation - adds test asserting architecture value is stored in agents config
deacon-mp
force-pushed
the
agent-architecture
branch
from
e1c3abb to
eabc145
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 4 out of 4 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
|
❌ The last analysis has failed. |
|
* Add architecture field to agent deployment cmds * fix: add architecture field to AgentConfigUpdateSchema; add happy-path test - architecture field was missing from AgentConfigUpdateSchema, causing API requests with architecture to fail marshmallow validation - adds test asserting architecture value is stored in agents config --------- Co-authored-by: Chris Lenk <402940+clenk@users.noreply.github.com> Co-authored-by: deacon <marksoccerman1@aol.com>
Description
Related changes in agent repos will add a new input field to some agent deployment commands in the agent deployment modal. The changes here add this field to the agent config and allow it to persist the default value between server restarts.
Depends on mitre/sandcat#455
Depends on mitre/manx#49
Depends on mitre/magma#86
Type of change
How Has This Been Tested?
Ran the server, opened the modal and inspected visually.
Checklist: