Extend management to sync meta and posture checks with peer #1727
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…te posture changes on syncResponse
pappz
reviewed
Apr 10, 2024
# Conflicts: # management/server/peer.go
pappz
approved these changes
Apr 15, 2024
* implement server and client sync peer meta alongside mocks * wip: add check file and process * Add files to peer metadata for process check * wip: update peer meta on first sync * Add files to peer's metadata * Evaluate process check using files from peer metadata * Fix panic and append windows path to files * Fix check network address and files equality * Evaluate active process on darwin * Evaluate active process on linux * Skip processing processes if no paths are set * Return network map on peer meta-sync and update account peer's * Update client network map on meta sync * Get system info with applied checks * Add windows package * Remove a network map from sync meta-response * Update checks proto message * Keep client checks state and sync meta on checks change * Evaluate a running process * skip build for android and ios * skip check file and process for android and ios * bump gopsutil version * fix tests * move process check to separate os file * refactor * evaluate info with checks on receiving management events * skip meta-update for an old client with no meta-sync support * Check if peer meta is empty without reflection
bcmmbaga
added a commit
that referenced
this pull request
Jun 10, 2024
* wip: add process check posture * add process posture check to posture checks handlers * Extend peer metadata with processes * Add process validation for peer metadata * fix tests * Allow set of single unix or windows path check * Add single Unix/Windows path check in process tests * Refactor * Fix tests * Fix linters * Refactor posture check validations (#1705) * Add posture checks validation * Refactor code to incorporate posture checks validation directly into management. * Add posture checks validation for geolocation, OS version, network, process, and NB-version * Fix tests * Extend management to sync meta and posture checks with peer (#1727) * Add method to retrieve peer's applied posture checks * Add posture checks in server response and update proto messages * Refactor * Extends peer metadata synchronization through SyncRequest and propagate posture changes on syncResponse * Remove account lock * Pass system info on sync * Fix tests * Refactor * resolve merge * Evaluate process check on client (#1749) * implement server and client sync peer meta alongside mocks * wip: add check file and process * Add files to peer metadata for process check * wip: update peer meta on first sync * Add files to peer's metadata * Evaluate process check using files from peer metadata * Fix panic and append windows path to files * Fix check network address and files equality * Evaluate active process on darwin * Evaluate active process on linux * Skip processing processes if no paths are set * Return network map on peer meta-sync and update account peer's * Update client network map on meta sync * Get system info with applied checks * Add windows package * Remove a network map from sync meta-response * Update checks proto message * Keep client checks state and sync meta on checks change * Evaluate a running process * skip build for android and ios * skip check file and process for android and ios * bump gopsutil version * fix tests * move process check to separate os file * refactor * evaluate info with checks on receiving management events * skip meta-update for an old client with no meta-sync support * Check if peer meta is empty without reflection * fix merge conflicts * go mod tidy * split unix path into a linux and mac path (#1893) * Fix peer sync metadata * go mod tidy * remove comment from merge * Fix SonarCloud issues (#2096) * Fix posture check sonar lint errors * Refactor error handling and streamline connection process in grpc client * Refactor GRPC server code for improved readability * Refactoring * Remove duplicate GetPeerAppliedPostureChecks method * Regenerate mgmnt protocol messages --------- Co-authored-by: Pascal Fischer <pascal@netbird.io>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Describe your changes
Extends the management behavior as follows:
Issue ticket number and link
Checklist