Connect to the test cluster using configuration.

xmidt-org · Oct 4, 2023 · 4328bc4 · 4328bc4
1 parent 98c5d8e
commit 4328bc4
Show file tree

Hide file tree

Showing 6 changed files with 200 additions and 16 deletions.
diff --git a/.gitignore b/.gitignore
@@ -26,4 +26,7 @@ internal/jwtxt/cmd/example/*
 internal/credentials/cmd/example/*
 
 *.dot
-*.pem
+*.pem
+*.yml
+
+.storage
diff --git a/config.go b/config.go
@@ -5,6 +5,7 @@ package main
 
 import (
 	"fmt"
+	"io/fs"
 	"os"
 	"time"
 
@@ -19,7 +20,9 @@ type Config struct {
 	Identity         Identity
 	OperationalState OperationalState
 	XmidtCredentials XmidtCredentials
+	XmidtService     XmidtService
 	Logger           sallust.Config
+	Storage          Storage
 }
 
 type Identity struct {
@@ -37,9 +40,11 @@ type OperationalState struct {
 }
 
 type XmidtCredentials struct {
-	URL            string
-	HTTPClient     arrangehttp.ClientConfig
-	RefetchPercent float64
+	URL             string
+	HTTPClient      arrangehttp.ClientConfig
+	RefetchPercent  float64
+	FileName        string
+	FilePermissions fs.FileMode
 }
 
 type XmidtService struct {
@@ -64,6 +69,11 @@ type Backoff struct {
 	MaxDelay time.Duration
 }
 
+type Storage struct {
+	Temporary string
+	Durable   string
+}
+
 // Collect and process the configuration files and env vars and
 // produce a configuration object.
 func provideConfig(cli *CLI) (*goschtalt.Config, error) {
@@ -125,4 +135,22 @@ func provideConfig(cli *CLI) (*goschtalt.Config, error) {
 // see what the default configuration is.
 // -----------------------------------------------------------------------------
 
-var defaultConfig = Config{}
+var defaultConfig = Config{
+	XmidtCredentials: XmidtCredentials{
+		RefetchPercent:  90.0,
+		FileName:        "credentials.msgpack",
+		FilePermissions: fs.FileMode(0600),
+	},
+	XmidtService: XmidtService{
+		JwtTxtRedirector: JwtTxtRedirector{
+			Required: true,
+			Timeout:  10 * time.Second,
+			AllowedAlgorithms: []string{
+				"EdDSA",
+				"ES256", "ES384", "ES512",
+				"PS256", "PS384", "PS512",
+				"RS256", "RS384", "RS512",
+			},
+		},
+	},
+}
diff --git a/credentials.go b/credentials.go
@@ -0,0 +1,97 @@
+// SPDX-FileCopyrightText: 2023 Comcast Cable Communications Management, LLC
+// SPDX-License-Identifier: Apache-2.0
+
+package main
+
+import (
+	"context"
+	"time"
+
+	"github.com/xmidt-org/xmidt-agent/internal/credentials"
+	"github.com/xmidt-org/xmidt-agent/internal/credentials/event"
+	"github.com/xmidt-org/xmidt-agent/internal/fs"
+	"go.uber.org/fx"
+	"go.uber.org/zap"
+)
+
+const (
+	xmidtProtocol = "protocol"
+)
+
+type credsIn struct {
+	fx.In
+	Creds   XmidtCredentials
+	ID      Identity
+	Ops     OperationalState
+	Durable fs.FS `name:"durable_fs" optional:"true"`
+	LC      fx.Lifecycle
+	Logger  *zap.Logger
+}
+
+func credentialsModule() fx.Option {
+	return fx.Module(
+		"credentials",
+		fx.Provide(
+			func(in credsIn) (*credentials.Credentials, error) {
+				client, err := in.Creds.HTTPClient.NewClient()
+				if err != nil {
+					return nil, err
+				}
+
+				logger := in.Logger.Named("credentials")
+
+				opts := []credentials.Option{
+					credentials.URL(in.Creds.URL),
+					credentials.HTTPClient(client),
+					credentials.MacAddress(in.ID.DeviceID),
+					credentials.SerialNumber(in.ID.SerialNumber),
+					credentials.HardwareModel(in.ID.HardwareModel),
+					credentials.HardwareManufacturer(in.ID.HardwareManufacturer),
+					credentials.FirmwareVersion(in.ID.FirmwareVersion),
+					credentials.PartnerID(func() string { return in.ID.PartnerID }),
+					credentials.LastRebootReason(in.Ops.LastRebootReason),
+					credentials.XmidtProtocol(xmidtProtocol),
+					credentials.BootRetryWait(time.Second),
+					credentials.RefetchPercent(in.Creds.RefetchPercent),
+					credentials.AddFetchListener(event.FetchListenerFunc(
+						func(e event.Fetch) {
+							logger.Info("fetch",
+								zap.String("origin", e.Origin),
+								zap.Time("at", e.At),
+								zap.Duration("duration", e.Duration),
+								zap.String("uuid", e.UUID.String()),
+								zap.Int("status_code", e.StatusCode),
+								zap.Duration("retry_in", e.RetryIn),
+								zap.Time("expiration", e.Expiration),
+								zap.Error(e.Err),
+							)
+						})),
+				}
+
+				if in.Durable != nil {
+					opts = append(opts,
+						credentials.LocalStorage(in.Durable, in.Creds.FileName, in.Creds.FilePermissions),
+					)
+				}
+
+				creds, err := credentials.New(opts...)
+
+				in.LC.Append(fx.Hook{
+					OnStart: func(context.Context) error {
+						creds.Start()
+						return nil
+					},
+					OnStop: func(context.Context) error {
+						creds.Stop()
+						return nil
+					},
+				})
+
+				return creds, err
+			},
+		),
+		fx.Invoke(
+			func(*credentials.Credentials) error { return nil },
+		),
+	)
+}
diff --git a/fs.go b/fs.go
@@ -0,0 +1,34 @@
+// SPDX-FileCopyrightText: 2023 Comcast Cable Communications Management, LLC
+// SPDX-License-Identifier: Apache-2.0
+
+package main
+
+import (
+	"errors"
+
+	"github.com/xmidt-org/xmidt-agent/internal/fs"
+	"github.com/xmidt-org/xmidt-agent/internal/fs/os"
+	"go.uber.org/fx"
+)
+
+func fsProvide() fx.Option {
+	return fx.Provide(
+		fx.Annotate(
+			func(s Storage) (fs.FS, fs.FS, error) {
+				var tmp, durable fs.FS
+				var err, errs error
+
+				if s.Temporary != "" {
+					tmp, err = os.New(s.Temporary)
+					errs = errors.Join(errs, err)
+				}
+				if s.Durable != "" {
+					durable, err = os.New(s.Durable)
+					errs = errors.Join(errs, err)
+				}
+				return tmp, durable, errs
+			},
+			fx.ResultTags(`name:"temporary_fs"`, `name:"durable_fs"`),
+		),
+	)
+}
diff --git a/internal/fs/os/os.go b/internal/fs/os/os.go
@@ -6,33 +6,47 @@ package os
 import (
 	iofs "io/fs"
 	"os"
+	"path/filepath"
 
 	xafs "github.com/xmidt-org/xmidt-agent/internal/fs"
 )
 
 // Provide the os implementation of the internal FS interface.
-type fs struct{}
+type fs struct {
+	base string
+}
+
+// New creates a new fs struct with the specified base directory.  If the
+// directory does not exist, it is created with 0755 permissions.
+func New(base string) (*fs, error) {
+	tmp := fs{}
+
+	err := xafs.Operate(&tmp, xafs.WithDirs(base, 0755))
+	if err != nil {
+		return nil, err
+	}
 
-func New() *fs {
-	return &fs{}
+	return &fs{
+		base: base,
+	}, nil
 }
 
 // Ensure that the fs struct implements the internal and fs.FS interfaces.
 var _ iofs.FS = (*fs)(nil)
 var _ xafs.FS = (*fs)(nil)
 
-func (*fs) Open(name string) (iofs.File, error) {
-	return os.Open(name)
+func (f *fs) Open(name string) (iofs.File, error) {
+	return os.Open(filepath.Join(f.base, name))
 }
 
-func (*fs) Mkdir(path string, perm iofs.FileMode) error {
-	return os.Mkdir(path, perm)
+func (f *fs) Mkdir(path string, perm iofs.FileMode) error {
+	return os.Mkdir(filepath.Join(f.base, path), perm)
 }
 
-func (*fs) ReadFile(name string) ([]byte, error) {
-	return os.ReadFile(name)
+func (f *fs) ReadFile(name string) ([]byte, error) {
+	return os.ReadFile(filepath.Join(f.base, name))
 }
 
-func (*fs) WriteFile(name string, data []byte, perm iofs.FileMode) error {
-	return os.WriteFile(name, data, perm)
+func (f *fs) WriteFile(name string, data []byte, perm iofs.FileMode) error {
+	return os.WriteFile(filepath.Join(f.base, name), data, perm)
 }
diff --git a/main.go b/main.go
@@ -69,8 +69,16 @@ func xmidtAgent(args []string) (*fx.App, error) {
 			provideConfig,
 
 			goschtalt.UnmarshalFunc[sallust.Config]("logger", goschtalt.Optional()),
+			goschtalt.UnmarshalFunc[Identity]("identity"),
+			goschtalt.UnmarshalFunc[OperationalState]("operational_state"),
+			goschtalt.UnmarshalFunc[XmidtCredentials]("xmidt_credentials"),
+			goschtalt.UnmarshalFunc[XmidtService]("xmidt_service"),
+			goschtalt.UnmarshalFunc[Storage]("storage"),
 		),
 
+		credentialsModule(),
+		fsProvide(),
+
 		fx.Invoke(),
 	)
-Original file line number
+Diff line change
@@ Expand Up / @@ -26,4 +26,7 @@ internal/jwtxt/cmd/example/* @@
     internal/credentials/cmd/example/*
     *.dot
-    *.pem
+    *.pem
+    *.yml
+    .storage