sync code

components/security_apps/orchestration/downloader/downloader_ut/downloader_ut.cc

@@ -1,3 +1,7 @@
+#include <sstream>
+class Package;
+static std::ostream & operator<<(std::ostream &os, const Package &) { return os; }
+
 #include "cptest.h"
 #include "config.h"
 #include "config_component.h"

components/security_apps/orchestration/include/updates_process_event.h

@@ -35,6 +35,8 @@ enum class UpdatesFailureReason {
     INSTALL_PACKAGE,
     CHECKSUM_UNMATCHED,
     POLICY_CONFIGURATION,
+    SERVISE_CONFIGURATION,
+    SERVISE_CONFIGURATION_TIMEOUT,
     POLICY_FOG_CONFIGURATION,
     NONE
 
@@ -57,6 +59,8 @@ convertUpdatesFailureReasonToStr(UpdatesFailureReason reason)
         case UpdatesFailureReason::INSTALL_PACKAGE : return "INSTALL_PACKAGE";
         case UpdatesFailureReason::CHECKSUM_UNMATCHED : return "CHECKSUM_UNMATCHED";
         case UpdatesFailureReason::POLICY_CONFIGURATION : return "POLICY_CONFIGURATION";
+        case UpdatesFailureReason::SERVISE_CONFIGURATION : return "SERVISE_CONFIGURATION";
+        case UpdatesFailureReason::SERVISE_CONFIGURATION_TIMEOUT : return "SERVISE_CONFIGURATION_TIMEOUT";
         case UpdatesFailureReason::POLICY_FOG_CONFIGURATION : return "POLICY_FOG_CONFIGURATION";
         case UpdatesFailureReason::NONE : return "NONE";
     }

components/security_apps/orchestration/include/updates_process_reporter.h

@@ -21,20 +21,24 @@
 #include "config.h"
 #include "debug.h"
 #include "i_orchestration_status.h"
+#include "i_service_controller.h"
 #include "health_check_status/health_check_status.h"
 #include "updates_process_event.h"
 #include "updates_process_report.h"
 
-class UpdatesProcessReporter : public Listener<UpdatesProcessEvent>
+class UpdatesProcessReporter
+        :
+    public Listener<UpdatesProcessEvent>,
+    Singleton::Consume<I_ServiceController>
 {
 public:
     void upon(const UpdatesProcessEvent &event) override;
 
 private:
-    void sendReoprt();
+    void sendReoprt(const std::string &version);
 
     static std::vector<UpdatesProcessReport> reports;
-    uint report_failure_count = 0;
+    std::map<std::string, uint> report_failure_count_map;
 };
 
 #endif // __UPDATES_PROCESS_REPORTER_H__

components/security_apps/orchestration/manifest_controller/manifest_controller_ut/manifest_controller_ut.cc

@@ -1,3 +1,7 @@
+#include <sstream>
+class Package;
+static std::ostream & operator<<(std::ostream &os, const Package &) { return os; }
+
 #include "manifest_controller.h"
 
 #include <vector>

components/security_apps/orchestration/modules/modules_ut/orchestration_policy_ut.cc

@@ -43,8 +43,8 @@ TEST_F(PolicyTest, serialization)
         ASSERT_TRUE(false) << "Cereal threw an exception: " << e.what();
     }
 
-    EXPECT_EQ(15, orchestration_policy.getErrorSleepInterval());
-    EXPECT_EQ(20, orchestration_policy.getSleepInterval());
+    EXPECT_EQ(15u, orchestration_policy.getErrorSleepInterval());
+    EXPECT_EQ(20u, orchestration_policy.getSleepInterval());
     EXPECT_EQ("http://10.0.0.18:81/control/", orchestration_policy.getFogAddress());
 }
 
@@ -63,8 +63,8 @@ TEST_F(PolicyTest, noAgentType)
         ASSERT_TRUE(false) << "Cereal threw an exception: " << e.what();
     }
 
-    EXPECT_EQ(15, orchestration_policy.getErrorSleepInterval());
-    EXPECT_EQ(20, orchestration_policy.getSleepInterval());
+    EXPECT_EQ(15u, orchestration_policy.getErrorSleepInterval());
+    EXPECT_EQ(20u, orchestration_policy.getSleepInterval());
     EXPECT_EQ("http://10.0.0.18:81/control/", orchestration_policy.getFogAddress());
 }
 
@@ -83,8 +83,8 @@ TEST_F(PolicyTest, zeroSleepIntervels)
         ASSERT_TRUE(false) << "Cereal threw an exception: " << e.what();
     }
 
-    EXPECT_EQ(0, orchestration_policy.getErrorSleepInterval());
-    EXPECT_EQ(0, orchestration_policy.getSleepInterval());
+    EXPECT_EQ(0u, orchestration_policy.getErrorSleepInterval());
+    EXPECT_EQ(0u, orchestration_policy.getSleepInterval());
     EXPECT_EQ("http://10.0.0.18:81/control/", orchestration_policy.getFogAddress());
 }
 
@@ -152,7 +152,7 @@ TEST_F(PolicyTest, newOptionalFields)
         ASSERT_TRUE(false) << "Cereal threw an exception: " << e.what();
     }
 
-    EXPECT_EQ(10, orchestration_policy.getErrorSleepInterval());
-    EXPECT_EQ(30, orchestration_policy.getSleepInterval());
+    EXPECT_EQ(10u, orchestration_policy.getErrorSleepInterval());
+    EXPECT_EQ(30u, orchestration_policy.getSleepInterval());
     EXPECT_EQ("https://fog-api-gw-agents.cloud.ngen.checkpoint.com", orchestration_policy.getFogAddress());
 }

components/security_apps/orchestration/modules/modules_ut/orchestration_status_ut.cc

@@ -1,3 +1,7 @@
+#include <sstream>
+class Package;
+static std::ostream & operator<<(std::ostream &os, const Package &) { return os; }
+
 #include "orchestration_status.h"
 
 #include <string>

components/security_apps/orchestration/modules/modules_ut/url_parser_ut.cc

@@ -1,3 +1,7 @@
+#include <sstream>
+class Package;
+static std::ostream & operator<<(std::ostream &os, const Package &) { return os; }
+
 #include "url_parser.h"
 
 #include "cptest.h"

components/security_apps/orchestration/orchestration_ut/orchestration_multitenant_ut.cc

@@ -1,3 +1,7 @@
+#include <sstream>
+class Package;
+std::ostream & operator<<(std::ostream &os, const Package &) { return os; }
+
 #include "orchestration_comp.h"
 
 #include "cptest.h"
@@ -471,6 +475,9 @@ TEST_F(OrchestrationMultitenancyTest, handle_virtual_resource)
         )
     ).WillOnce(Return(Maybe<void>()));
 
+    string version = "1";
+    EXPECT_CALL(mock_service_controller, getUpdatePolicyVersion()).WillOnce(ReturnRef(version));
+
     EXPECT_CALL(
         mock_service_controller,
         updateServiceConfiguration(

components/security_apps/orchestration/orchestration_ut/orchestration_ut.cc

@@ -1,3 +1,7 @@
+#include <sstream>
+class Package;
+std::ostream & operator<<(std::ostream &os, const Package &) { return os; }
+
 #include "orchestration_comp.h"
 
 #include "cptest.h"
@@ -380,6 +384,10 @@ TEST_F(OrchestrationTest, hybridModeRegisterLocalAgentRoutine)
     EXPECT_CALL(mock_status, setLastUpdateAttempt());
     EXPECT_CALL(mock_status, setIsConfigurationUpdated(_));
 
+    string version = "1";
+    EXPECT_CALL(mock_service_controller, getUpdatePolicyVersion()).WillOnce(ReturnRef(version));
+
+
     EXPECT_CALL(mock_ml, yield(A<chrono::microseconds>()))
         .WillOnce(Return())
         .WillOnce(Invoke([] (chrono::microseconds) { throw invalid_argument("stop while loop"); }));
@@ -587,6 +595,9 @@ TEST_F(OrchestrationTest, check_sending_registration_data)
     EXPECT_CALL(mock_status, setLastUpdateAttempt());
     EXPECT_CALL(mock_status, setIsConfigurationUpdated(_));
 
+    string version = "1";
+    EXPECT_CALL(mock_service_controller, getUpdatePolicyVersion()).WillOnce(ReturnRef(version));
+
     EXPECT_CALL(mock_ml, yield(A<chrono::microseconds>()))
         .WillOnce(Return())
         .WillOnce(Invoke([] (chrono::microseconds) { throw invalid_argument("stop while loop"); }));
@@ -718,6 +729,9 @@ TEST_F(OrchestrationTest, orchestrationPolicyUpdatRollback)
     EXPECT_CALL(mock_status, setPolicyVersion(third_val));
     EXPECT_CALL(mock_status, setPolicyVersion(second_val));
 
+    string version = "1";
+    EXPECT_CALL(mock_service_controller, getUpdatePolicyVersion()).WillOnce(ReturnRef(version));
+
     string policy_versions;
     EXPECT_CALL(mock_service_controller, getPolicyVersions()).WillRepeatedly(ReturnRef(policy_versions));
     EXPECT_CALL(mock_update_communication, sendPolicyVersion("13", _)).Times(1).WillOnce(Return(Maybe<void>()));
@@ -895,6 +909,9 @@ TEST_F(OrchestrationTest, orchestrationPolicyUpdate)
     );
     EXPECT_CALL(mock_status, setPolicyVersion(third_val));
 
+    string version = "1";
+    EXPECT_CALL(mock_service_controller, getUpdatePolicyVersion()).WillOnce(ReturnRef(version));
+
     string policy_versions;
     EXPECT_CALL(mock_service_controller, getPolicyVersions()).WillRepeatedly(ReturnRef(policy_versions));
     EXPECT_CALL(mock_update_communication, sendPolicyVersion("13", _)).Times(1).WillOnce(Return(Maybe<void>()));
@@ -1112,6 +1129,9 @@ TEST_F(OrchestrationTest, manifestUpdate)
         )
     );
 
+    string version = "1";
+    EXPECT_CALL(mock_service_controller, getUpdatePolicyVersion()).WillOnce(ReturnRef(version));
+
     GetResourceFile manifest_file(GetResourceFile::ResourceFileType::MANIFEST);
     EXPECT_CALL(mock_downloader,
         downloadFile(
@@ -1150,6 +1170,8 @@ TEST_F(OrchestrationTest, manifestUpdate)
 
 TEST_F(OrchestrationTest, getBadPolicyUpdate)
 {
+    Debug::setUnitTestFlag(D_UPDATES_PROCESS_REPORTER, Debug::DebugLevel::NOISE);
+
     EXPECT_CALL(
         rest,
         mockRestCall(RestAction::ADD, "proxy", _)
@@ -1196,6 +1218,13 @@ TEST_F(OrchestrationTest, getBadPolicyUpdate)
     EXPECT_CALL(mock_orchestration_tools, calculateChecksum(Package::ChecksumTypes::SHA256, data_file_path))
         .WillOnce(Return(data_checksum));
 
+    string manifest = "";
+    string policy = "111111";
+    string setting = "";
+
+    string second_val = "12";
+    string third_val = "13";
+    EXPECT_CALL(mock_service_controller, getUpdatePolicyVersion()).WillRepeatedly(ReturnRef(third_val));
     Maybe<string> new_policy_checksum(string("111111"));
 
     GetResourceFile policy_file(GetResourceFile::ResourceFileType::POLICY);
@@ -1207,12 +1236,6 @@ TEST_F(OrchestrationTest, getBadPolicyUpdate)
             policy_file
         )
     ).WillOnce(Return(Maybe<std::string>(string(new_policy_path))));
-    string manifest = "";
-    string policy = "111111";
-    string setting = "";
-
-    string second_val = "12";
-    string third_val = "13";
     EXPECT_CALL(mock_service_controller, getPolicyVersion())
         .Times(4)
         .WillOnce(ReturnRef(first_policy_version))
@@ -1246,8 +1269,6 @@ TEST_F(OrchestrationTest, getBadPolicyUpdate)
         )
     );
 
-    EXPECT_CALL(mock_service_controller, getUpdatePolicyVersion()).WillRepeatedly(ReturnRef(third_val));
-
     EXPECT_CALL(
         mock_service_controller,
         updateServiceConfiguration(string("policy path"), "", expected_data_types, "", "", _)
@@ -1341,6 +1362,9 @@ TEST_F(OrchestrationTest, failedDownloadSettings)
 
     EXPECT_CALL(mock_status, setLastUpdateAttempt());
 
+    string version = "1";
+    EXPECT_CALL(mock_service_controller, getUpdatePolicyVersion()).WillOnce(ReturnRef(version));
+
     string manifest_err =
         "Critical Error: Agent/Gateway was not fully deployed on host 'hostname' "
         "and is not enforcing a security policy. Retry installation or contact Check Point support.";
@@ -1456,6 +1480,10 @@ TEST_P(OrchestrationTest, orchestrationFirstRun)
             }
         )
     );
+
+    string version = "1";
+    EXPECT_CALL(mock_service_controller, getUpdatePolicyVersion()).WillOnce(ReturnRef(version));
+
     EXPECT_CALL(mock_service_controller, getPolicyVersion()).WillRepeatedly(ReturnRef(first_policy_version));
     EXPECT_CALL(mock_update_communication, getUpdate(_)).WillOnce(
         Invoke(
@@ -1654,6 +1682,10 @@ TEST_F(OrchestrationTest, dataUpdate)
         .WillOnce(Return(data_instance_checksum));
 
     EXPECT_CALL(mock_service_controller, getPolicyVersion()).WillRepeatedly(ReturnRef(first_policy_version));
+
+    string version = "1";
+    EXPECT_CALL(mock_service_controller, getUpdatePolicyVersion()).WillOnce(ReturnRef(version));
+
     EXPECT_CALL(mock_update_communication, getUpdate(_)).WillOnce(
         Invoke(
             [&](CheckUpdateRequest &req)

components/security_apps/orchestration/package_handler/package_handler_ut/package_handler_ut.cc

@@ -1,3 +1,7 @@
+#include <sstream>
+class Package;
+static std::ostream & operator<<(std::ostream &os, const Package &) { return os; }
+
 #include "package_handler.h"
 
 #include "cptest.h"

components/security_apps/orchestration/service_controller/service_controller.cc

@@ -29,6 +29,7 @@
 #include "i_orchestration_tools.h"
 #include "customized_cereal_map.h"
 #include "declarative_policy_utils.h"
+#include "updates_process_event.h"
 
 using namespace std;
 using namespace ReportIS;
@@ -65,6 +66,13 @@ public:
         }
         if (error.get()) {
             service_controller->updateReconfStatus(id.get(), service_name.get(), ReconfStatus::FAILED);
+            UpdatesProcessEvent(
+                UpdatesProcessResult::FAILED,
+                UpdatesConfigType::GENERAL,
+                UpdatesFailureReason::SERVISE_CONFIGURATION,
+                string(service_name.get() + ", ID: " + to_string(id.get())),
+                (error_message.isActive() ? " Error: " + error_message.get() : "")
+            ).notify();
             dbgError(D_SERVICE_CONTROLLER)
                 << "Request for service reconfiguration failed to complete. ID: "
                 << id.get()
@@ -1028,6 +1036,12 @@ ServiceController::Impl::sendSignalForServices(
     }
 
     dbgDebug(D_SERVICE_CONTROLLER) << "The reconfiguration has reached a timeout";
+    UpdatesProcessEvent(
+        UpdatesProcessResult::FAILED,
+        UpdatesConfigType::GENERAL,
+        UpdatesFailureReason::SERVISE_CONFIGURATION_TIMEOUT,
+        "The reconfiguration has reached a timeout"
+    ).notify();
     services_reconf_status.clear();
     services_reconf_names.clear();
     return genError("The reconfiguration has reached a timeout");

components/security_apps/orchestration/service_controller/service_controller_ut/service_controller_ut.cc

@@ -1,3 +1,7 @@
+#include <sstream>
+class Package;
+static std::ostream & operator<<(std::ostream &os, const Package &) { return os; }
+
 #include "cptest.h"
 #include <string>
 #include "orchestration_tools.h"

components/security_apps/orchestration/update_communication/hybrid_communication.cc

@@ -120,10 +120,9 @@ HybridCommunication::downloadAttributeFile(const GetResourceFile &resourse_file,
 }
 
 Maybe<void>
-HybridCommunication::sendPolicyVersion(const string &policy_version, const string &) const
+HybridCommunication::sendPolicyVersion(const string &, const string &) const
 {
     dbgFlow(D_ORCHESTRATOR);
-    policy_version.empty();
     return Maybe<void>();
 }
 

components/security_apps/orchestration/updates_process_reporter/updates_process_event.cc

@@ -111,6 +111,18 @@ UpdatesProcessEvent::parseDescription() const
             err << "Failed to configure the fog address: " << detail << ". Error: " << description;
             break;
         }
+        case UpdatesFailureReason::SERVISE_CONFIGURATION : {
+            err
+                << "Request for service reconfiguration failed to complete. Service name: "
+                << detail
+                << ". Error: "
+                << description;
+            break;
+        }
+        case UpdatesFailureReason::SERVISE_CONFIGURATION_TIMEOUT : {
+            err << detail;
+            break;
+        }
         case UpdatesFailureReason::ORCHESTRATION_SELF_UPDATE : {
             err << description;
             break;
@@ -170,6 +182,14 @@ UpdatesProcessEvent::getDescriptionWithoutErrors() const
             err << "Failed to configure the fog address: " << detail;
             break;
         }
+        case UpdatesFailureReason::SERVISE_CONFIGURATION : {
+            err << "Request for service reconfiguration failed to complete. Service name: " << detail;
+            break;
+        }
+        case UpdatesFailureReason::SERVISE_CONFIGURATION_TIMEOUT : {
+            err << detail;
+            break;
+        }
         case UpdatesFailureReason::ORCHESTRATION_SELF_UPDATE : {
             err << description;
             break;

components/security_apps/orchestration/updates_process_reporter/updates_process_reporter.cc

@@ -29,14 +29,21 @@ void
 UpdatesProcessReporter::upon(const UpdatesProcessEvent &event)
 {
     if (event.getReason() == UpdatesFailureReason::CHECK_UPDATE) {
+        auto i_controller = Singleton::Consume<I_ServiceController>::by<UpdatesProcessReporter>();
+        string version = i_controller->getUpdatePolicyVersion();
         if (event.getResult() == UpdatesProcessResult::SUCCESS && reports.empty()) {
             dbgTrace(D_UPDATES_PROCESS_REPORTER) << "Update proccess finished successfully";
-            report_failure_count = 0;
+            report_failure_count_map.erase(version);
             return;
         }
-        dbgTrace(D_UPDATES_PROCESS_REPORTER) << "Update proccess finished with errors";
-        report_failure_count++;
-        if (report_failure_count <= 1) {
+        if (report_failure_count_map.find(version) == report_failure_count_map.end()) {
+            report_failure_count_map[version] = 0;
+        }
+        report_failure_count_map[version]++;
+        dbgTrace(D_UPDATES_PROCESS_REPORTER)
+            << "Update proccess finished with errors. Count: "
+            << report_failure_count_map[version];
+        if (report_failure_count_map[version] <= 1) {
             reports.clear();
             return;
         }
@@ -48,7 +55,7 @@ UpdatesProcessReporter::upon(const UpdatesProcessEvent &event)
                 event.parseDescription()
             )
         );
-        sendReoprt();
+        sendReoprt(version);
         return;
     }
     if (event.getResult() == UpdatesProcessResult::SUCCESS || event.getResult() == UpdatesProcessResult::UNSET) return;
@@ -58,12 +65,13 @@ UpdatesProcessReporter::upon(const UpdatesProcessEvent &event)
 }
 
 void
-UpdatesProcessReporter::sendReoprt()
+UpdatesProcessReporter::sendReoprt(const string &version)
 {
     stringstream full_reports;
     UpdatesFailureReason failure_reason = UpdatesFailureReason::NONE;
     full_reports << "Updates process reports:" << endl;
-    full_reports << "report failure count:" << report_failure_count << endl;
+    full_reports << "Policy version: " << version << endl;
+    full_reports << "report failure count:" << report_failure_count_map[version] << endl;
     for (const auto &report : reports) {
         if (report.getReason() != UpdatesFailureReason::CHECK_UPDATE) {
             failure_reason = report.getReason();