bitbucket.org/Aishee/synsec@v0.0.0-20210414005726-236fc01a153d/pkg/csconfig/api.go

bitbucket.org/Aishee/synsec@v0.0.0-20210414005726-236fc01a153d/pkg/csconfig/api.go (about)

     1  package csconfig
     2  
     3  import (
     4  	"fmt"
     5  	"io/ioutil"
     6  	"strings"
     7  
     8  	"bitbucket.org/Aishee/synsec/pkg/apiclient"
     9  	"github.com/pkg/errors"
    10  	log "github.com/sirupsen/logrus"
    11  	"gopkg.in/yaml.v2"
    12  )
    13  
    14  type APICfg struct {
    15  	Client *LocalApiClientCfg `yaml:"client"`
    16  	Server *LocalApiServerCfg `yaml:"server"`
    17  }
    18  
    19  type ApiCredentialsCfg struct {
    20  	URL      string `yaml:"url,omitempty" json:"url,omitempty"`
    21  	Login    string `yaml:"login,omitempty" json:"login,omitempty"`
    22  	Password string `yaml:"password,omitempty" json:"-"`
    23  }
    24  
    25  /*global api config (for lapi->oapi)*/
    26  type OnlineApiClientCfg struct {
    27  	CredentialsFilePath string             `yaml:"credentials_path,omitempty"` //credz will be edited by software, store in diff file
    28  	Credentials         *ApiCredentialsCfg `yaml:"-"`
    29  }
    30  
    31  /*local api config (for synsec/ccscli->lapi)*/
    32  type LocalApiClientCfg struct {
    33  	CredentialsFilePath string             `yaml:"credentials_path,omitempty"` //credz will be edited by software, store in diff file
    34  	Credentials         *ApiCredentialsCfg `yaml:"-"`
    35  	InsecureSkipVerify  *bool              `yaml:"insecure_skip_verify"` // check if api certificate is bad or not
    36  }
    37  
    38  func (o *OnlineApiClientCfg) Load() error {
    39  	o.Credentials = new(ApiCredentialsCfg)
    40  	fcontent, err := ioutil.ReadFile(o.CredentialsFilePath)
    41  	if err != nil {
    42  		return errors.Wrapf(err, "failed to read api server credentials configuration file '%s'", o.CredentialsFilePath)
    43  	}
    44  	err = yaml.UnmarshalStrict(fcontent, o.Credentials)
    45  	if err != nil {
    46  		return errors.Wrapf(err, "failed unmarshaling api server credentials configuration file '%s'", o.CredentialsFilePath)
    47  	}
    48  	if o.Credentials.Login == "" || o.Credentials.Password == "" || o.Credentials.URL == "" {
    49  		log.Warningf("can't load CAPI credentials from '%s' (missing field)", o.CredentialsFilePath)
    50  		o.Credentials = nil
    51  	}
    52  	return nil
    53  }
    54  
    55  func (l *LocalApiClientCfg) Load() error {
    56  	fcontent, err := ioutil.ReadFile(l.CredentialsFilePath)
    57  	if err != nil {
    58  		return errors.Wrapf(err, "failed to read api client credential configuration file '%s'", l.CredentialsFilePath)
    59  	}
    60  	err = yaml.UnmarshalStrict(fcontent, &l.Credentials)
    61  	if err != nil {
    62  		return errors.Wrapf(err, "failed unmarshaling api client credential configuration file '%s'", l.CredentialsFilePath)
    63  	}
    64  	if l.Credentials != nil && l.Credentials.URL != "" {
    65  		if !strings.HasSuffix(l.Credentials.URL, "/") {
    66  			l.Credentials.URL = l.Credentials.URL + "/"
    67  		}
    68  	} else {
    69  		log.Warningf("no credentials or URL found in api client configuration '%s'", l.CredentialsFilePath)
    70  	}
    71  	if l.InsecureSkipVerify == nil {
    72  		apiclient.InsecureSkipVerify = false
    73  	} else {
    74  		apiclient.InsecureSkipVerify = *l.InsecureSkipVerify
    75  	}
    76  	return nil
    77  }
    78  
    79  /*local api service configuration*/
    80  type LocalApiServerCfg struct {
    81  	ListenURI              string              `yaml:"listen_uri,omitempty"` //127.0.0.1:8080
    82  	TLS                    *TLSCfg             `yaml:"tls"`
    83  	DbConfig               *DatabaseCfg        `yaml:"-"`
    84  	LogDir                 string              `yaml:"-"`
    85  	LogMedia               string              `yaml:"-"`
    86  	OnlineClient           *OnlineApiClientCfg `yaml:"online_client"`
    87  	ProfilesPath           string              `yaml:"profiles_path,omitempty"`
    88  	Profiles               []*ProfileCfg       `yaml:"-"`
    89  	LogLevel               *log.Level          `yaml:"log_level"`
    90  	UseForwardedForHeaders bool                `yaml:"use_forwarded_for_headers,omitempty"`
    91  }
    92  
    93  type TLSCfg struct {
    94  	CertFilePath string `yaml:"cert_file"`
    95  	KeyFilePath  string `yaml:"key_file"`
    96  }
    97  
    98  func (c *Config) LoadAPIServer() error {
    99  	if c.API.Server != nil && !c.DisableAPI {
   100  		if err := c.LoadCommon(); err != nil {
   101  			return fmt.Errorf("loading common configuration: %s", err.Error())
   102  		}
   103  		c.API.Server.LogDir = c.Common.LogDir
   104  		c.API.Server.LogMedia = c.Common.LogMedia
   105  		if err := c.API.Server.LoadProfiles(); err != nil {
   106  			return errors.Wrap(err, "while loading profiles for LAPI")
   107  		}
   108  		if c.API.Server.OnlineClient != nil && c.API.Server.OnlineClient.CredentialsFilePath != "" {
   109  			if err := c.API.Server.OnlineClient.Load(); err != nil {
   110  				return errors.Wrap(err, "loading online client credentials")
   111  			}
   112  		}
   113  		if c.API.Server.OnlineClient == nil || c.API.Server.OnlineClient.Credentials == nil {
   114  			log.Printf("push and pull to synsec API disabled")
   115  		}
   116  		if err := c.LoadDBConfig(); err != nil {
   117  			return err
   118  		}
   119  	} else {
   120  		log.Warningf("synsec local API is disabled")
   121  		c.DisableAPI = true
   122  	}
   123  
   124  	return nil
   125  }
   126  
   127  func (c *Config) LoadAPIClient() error {
   128  	if c.API != nil && c.API.Client != nil && c.API.Client.CredentialsFilePath != "" && !c.DisableAgent {
   129  		if err := c.API.Client.Load(); err != nil {
   130  			return err
   131  		}
   132  	} else {
   133  		return fmt.Errorf("no API client section in configuration")
   134  	}
   135  
   136  	return nil
   137  }