Sep_24_2023-Dev

components/security_apps/orchestration/update_communication/CMakeLists.txt

@@ -1,2 +1,2 @@
-add_library(update_communication update_communication.cc hybrid_communication.cc fog_communication.cc fog_authenticator.cc local_communication.cc declarative_policy_utils.cc)
+add_library(update_communication update_communication.cc hybrid_communication.cc fog_communication.cc fog_authenticator.cc local_communication.cc declarative_policy_utils.cc fog_helper_open_source.cc)
 #add_subdirectory(update_communication_ut)

components/security_apps/orchestration/update_communication/declarative_policy_utils.cc

@@ -16,6 +16,7 @@ USE_DEBUG_FLAG(D_ORCHESTRATOR);
 void
 DeclarativePolicyUtils::init()
 {
+    local_policy_path = getFilesystemPathConfig() + "/conf/local_policy.yaml";
     should_apply_policy = true;
     Singleton::Consume<I_RestApi>::by<DeclarativePolicyUtils>()->addRestCall<ApplyPolicyRest>(
         RestAction::SET, "apply-policy"
@@ -25,9 +26,10 @@ DeclarativePolicyUtils::init()
 
 // LCOV_EXCL_START Reason: no test exist
 void
-DeclarativePolicyUtils::upon(const ApplyPolicyEvent &)
+DeclarativePolicyUtils::upon(const ApplyPolicyEvent &event)
 {
     dbgTrace(D_ORCHESTRATOR) << "Apply policy event";
+    local_policy_path = event.getPolicyPath();
     should_apply_policy = true;
 }
 // LCOV_EXCL_STOP
@@ -54,11 +56,9 @@ DeclarativePolicyUtils::getLocalPolicyChecksum()
         return orchestration_tools->readFile("/etc/cp/conf/k8s-policy-check.trigger");
     }
 
-    string policy_path = Singleton::Consume<I_LocalPolicyMgmtGen>::by<DeclarativePolicyUtils>()->getLocalPolicyPath();
-
     Maybe<string> file_checksum = orchestration_tools->calculateChecksum(
         I_OrchestrationTools::SELECTED_CHECKSUM_TYPE,
-        policy_path
+        local_policy_path
     );
 
     if (!file_checksum.ok()) {
@@ -83,8 +83,11 @@ void
 DeclarativePolicyUtils::updateCurrentPolicy(const string &policy_checksum)
 {
     string clean_policy_checksum = getCleanChecksum(policy_checksum);
-    curr_policy = Singleton::Consume<I_LocalPolicyMgmtGen>::by<DeclarativePolicyUtils>()->parsePolicy(
-        clean_policy_checksum
+    auto env = Singleton::Consume<I_EnvDetails>::by<DeclarativePolicyUtils>()->getEnvType();
+    curr_policy = Singleton::Consume<I_LocalPolicyMgmtGen>::by<DeclarativePolicyUtils>()->generateAppSecLocalPolicy(
+        env,
+        clean_policy_checksum,
+        local_policy_path
     );
 }
 
@@ -94,7 +97,7 @@ DeclarativePolicyUtils::getPolicyChecksum()
     I_OrchestrationTools *orchestration_tools = Singleton::Consume<I_OrchestrationTools>::by<DeclarativePolicyUtils>();
     Maybe<string> file_checksum = orchestration_tools->calculateChecksum(
         I_OrchestrationTools::SELECTED_CHECKSUM_TYPE,
-        Singleton::Consume<I_LocalPolicyMgmtGen>::by<DeclarativePolicyUtils>()->getAgentPolicyPath()
+        "/tmp/local_appsec.policy"
     );
 
     if (!file_checksum.ok()) {

components/security_apps/orchestration/update_communication/fog_authenticator.cc

@@ -187,6 +187,8 @@ FogAuthenticator::registerAgent(
         request << make_pair("managedMode", "management");
     }
 
+    request << make_pair("userEdition", getUserEdition());
+
     if (details_resolver->isReverseProxy()) {
         request << make_pair("reverse_proxy", "true");
     }
@@ -207,6 +209,9 @@ FogAuthenticator::registerAgent(
     if (details_resolver->compareCheckpointVersion(8100, std::greater_equal<int>())) {
         request << make_pair("isCheckpointVersionGER81", "true");
     }
+    if (details_resolver->compareCheckpointVersion(8200, std::greater_equal<int>())) {
+        request << make_pair("isCheckpointVersionGER82", "true");
+    }
 #endif // gaia || smb
 
     auto fog_messaging = Singleton::Consume<I_Messaging>::by<FogAuthenticator>();

components/security_apps/orchestration/update_communication/fog_helper_open_source.cc

@@ -0,0 +1,9 @@
+#include "fog_authenticator.h"
+
+#include <string>
+
+std::string
+FogAuthenticator::getUserEdition() const
+{
+    return "community";
+}