Jul 31st update

2025-09-29 19:24:26 +03:00 · 2024-07-31 17:15:35 +00:00
parent 705a5e6061
commit 384b59cc87
39 changed files with 1026 additions and 74 deletions
--- a/nodes/orchestration/CMakeLists.txt
+++ b/nodes/orchestration/CMakeLists.txt
@@ -30,7 +30,7 @@ target_link_libraries(
    env_details
    local_policy_mgmt_gen
    curl
-
+    external_sdk_server
    -Wl,--end-group
 )

--- a/nodes/orchestration/main.cc
+++ b/nodes/orchestration/main.cc
@@ -51,6 +51,7 @@
 #include "generic_metric.h"
 #include "tenant_manager.h"
 #include "local_policy_mgmt_gen.h"
+#include "external_sdk_server.h"

 using namespace std;

@@ -72,7 +73,8 @@ main(int argc, char **argv)
        OrchestrationTools,
        HealthChecker,
        HealthCheckManager,
-        LocalPolicyMgmtGenerator
+        LocalPolicyMgmtGenerator,
+        ExternalSdkServer
    > comps;

    comps.registerGlobalValue<uint>("Nano service API Port Primary", 7777);
--- a/nodes/orchestration/package/open-appsec-cloud-mgmt-k8s
+++ b/nodes/orchestration/package/open-appsec-cloud-mgmt-k8s
@@ -13,6 +13,10 @@ profile_id=
 cluster_id=
 latest_policy_version=1

+if [ -f $POLICY_CRDS_PATH ]; then
+    chmod 644 $POLICY_CRDS_PATH
+fi
+
 load_agent_details()
 {
    tenant_id=$(awk -F\" '/Tenant ID/{print $4}' /etc/cp/conf/agent_details.json)
@@ -29,7 +33,7 @@ get_latest_policy_version()
    bucket_list=$(curl -s -w "%{http_code}\n" --request GET \
        -H "user-agent: Infinity Next (a7030abf93a4c13)" -H "Authorization: Bearer ${ra_token}" \
        "$var_fog/agents-core/storage/?list-type=2&prefix=${tenant_id}/${profile_id}")
-    paths_list=$(echo $bucket_list  | /etc/cp/bin/yq -p xml | grep "/policy")
+    paths_list=$(echo $bucket_list  | awk -F'<Key>|</Key>' '/policy-/ {for (i = 1; i <= NF; i++) if ($i ~ /policy/) print $i}')

    prefix="${tenant_id}/${profile_id}"
    paths=$(echo $paths_list | tr " " "\n" | grep / )
@@ -257,6 +261,7 @@ usage()
    echo "Options:"
    echo "    --fog       <fog address>          : Namespace with the relevant Helm Chart"
    echo "    --upload_policy_only               : Upload policy to the fog, withput changing agent mode"
+    echo "    --debug                            : Keep the debuging files"
    exit 255
 }

@@ -277,6 +282,8 @@ validate_arg_value_exists()
    fi
 }

+debug_mode="false"
+
 while true; do
    if [ "$1" = "--token" ]; then
        validate_arg_value_exists "$1" "$#"
@@ -290,6 +297,8 @@ while true; do
        validate_arg_value_exists "$1" "$#"
        shift
        ra_token="$1"
+    elif [ "$1" = "--debug" ]; then
+        debug_mode="true"
    elif [ -z "$1" ]; then
        break
    fi
@@ -305,5 +314,8 @@ upload_crds_to_the_cloud
 if [ "$?" = "0" ]; then
    echo "SUCCESS"
 fi
+if [ "$debug_mode" = "false" ]; then
+    rm $POLICY_CRDS_PATH
+fi

 exit 0