go.chromium.org/luci@v0.0.0-20240309015107-7cdc2e660f33/cipd/appengine/impl/monitoring/config.go

go.chromium.org/luci@v0.0.0-20240309015107-7cdc2e660f33/cipd/appengine/impl/monitoring/config.go (about)

     1  // Copyright 2019 The LUCI Authors.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //      http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package monitoring
    16  
    17  import (
    18  	"context"
    19  
    20  	"go.chromium.org/luci/common/errors"
    21  	"go.chromium.org/luci/common/logging"
    22  	"go.chromium.org/luci/common/retry/transient"
    23  	"go.chromium.org/luci/config"
    24  	"go.chromium.org/luci/config/server/cfgcache"
    25  	"go.chromium.org/luci/gae/service/datastore"
    26  	"go.chromium.org/luci/server/auth"
    27  
    28  	api "go.chromium.org/luci/cipd/api/config/v1"
    29  )
    30  
    31  var cachedCfg = cfgcache.Register(&cfgcache.Entry{
    32  	Path: "monitoring.cfg",
    33  	Type: (*api.ClientMonitoringWhitelist)(nil),
    34  })
    35  
    36  // ImportConfig is called from a cron to import monitoring.cfg into datastore.
    37  func ImportConfig(ctx context.Context) error {
    38  	_, err := cachedCfg.Update(ctx, nil)
    39  	if errors.Unwrap(err) == config.ErrNoConfig {
    40  		logging.Warningf(ctx, "No monitoring.cfg config file")
    41  		return nil
    42  	}
    43  	return err
    44  }
    45  
    46  // monitoringConfig returns the *api.ClientMonitoringConfig which applies to the
    47  // current auth.State, or nil if there isn't one.
    48  func monitoringConfig(ctx context.Context) (*api.ClientMonitoringConfig, error) {
    49  	cfg, err := cachedCfg.Get(ctx, nil)
    50  	if err != nil {
    51  		if errors.Contains(err, datastore.ErrNoSuchEntity) {
    52  			return nil, nil
    53  		}
    54  		return nil, errors.Annotate(err, "failed to fetch client monitoring config").Tag(transient.Tag).Err()
    55  	}
    56  	for _, e := range cfg.(*api.ClientMonitoringWhitelist).ClientMonitoringConfig {
    57  		switch ok, err := auth.IsAllowedIP(ctx, e.IpWhitelist); {
    58  		case err != nil:
    59  			return nil, err
    60  		case ok:
    61  			return e, nil
    62  		}
    63  	}
    64  	return nil, nil
    65  }