fix watchdog restarts

fix restarting agent
don't exit
2025-11-19 18:44:24 +03:00 · 2025-06-09 15:35:21 +03:00 · 2025-06-05 21:11:23 +03:00 · 2025-05-28 14:54:37 +03:00
29 changed files with 10 additions and 1047 deletions
--- a/build_system/docker/entry.sh
+++ b/build_system/docker/entry.sh
@@ -6,8 +6,6 @@ HTTP_TRANSACTION_HANDLER_SERVICE="install-cp-nano-service-http-transaction-handl
 ATTACHMENT_REGISTRATION_SERVICE="install-cp-nano-attachment-registration-manager.sh"
 ORCHESTRATION_INSTALLATION_SCRIPT="install-cp-nano-agent.sh"
 CACHE_INSTALLATION_SCRIPT="install-cp-nano-agent-cache.sh"
 PROMETHEUS_INSTALLATION_SCRIPT="install-cp-nano-service-prometheus.sh"
 NGINX_CENTRAL_MANAGER_INSTALLATION_SCRIPT="install-cp-nano-central-nginx-manager.sh"
 var_fog_address=
 var_proxy=
@@ -83,14 +81,6 @@ fi
 /nano-service-installers/$CACHE_INSTALLATION_SCRIPT --install
 /nano-service-installers/$HTTP_TRANSACTION_HANDLER_SERVICE --install
 if [ "$PROMETHEUS" == "true" ]; then
    /nano-service-installers/$PROMETHEUS_INSTALLATION_SCRIPT --install
 fi
 if [ "$CENTRAL_NGINX_MANAGER" == "true" ]; then
    /nano-service-installers/$NGINX_CENTRAL_MANAGER_INSTALLATION_SCRIPT --install
 fi
 if [ "$CROWDSEC_ENABLED" == "true" ]; then
    /nano-service-installers/$INTELLIGENCE_INSTALLATION_SCRIPT --install
    /nano-service-installers/$CROWDSEC_INSTALLATION_SCRIPT --install
--- a/components/attachment-intakers/nginx_attachment/nginx_parser.cc
+++ b/components/attachment-intakers/nginx_attachment/nginx_parser.cc
@@ -28,7 +28,6 @@ USE_DEBUG_FLAG(D_NGINX_ATTACHMENT_PARSER);
 Buffer NginxParser::tenant_header_key = Buffer();
 static const Buffer proxy_ip_header_key("X-Forwarded-For", 15, Buffer::MemoryType::STATIC);
 static const Buffer waf_tag_key("x-waf-tag", 9, Buffer::MemoryType::STATIC);
 static const Buffer source_ip("sourceip", 8, Buffer::MemoryType::STATIC);
 bool is_keep_alive_ctx = getenv("SAAS_KEEP_ALIVE_HDR_NAME") != nullptr;
@@ -232,20 +231,17 @@ NginxParser::parseRequestHeaders(const Buffer &data, const unordered_set<string>
            static_cast<string>(header.getKey()) + ": " + static_cast<string>(header.getValue()) + "\r\n"
        );
-        const auto &header_key = header.getKey();
+        if (NginxParser::tenant_header_key == header.getKey()) {
        if (NginxParser::tenant_header_key == header_key) {
            dbgDebug(D_NGINX_ATTACHMENT_PARSER)
                << "Identified active tenant header. Key: "
-                << dumpHex(header_key)
+                << dumpHex(header.getKey())
                << ", Value: "
                << dumpHex(header.getValue());
            auto active_tenant_and_profile = getActivetenantAndProfile(header.getValue());
            opaque.setSessionTenantAndProfile(active_tenant_and_profile[0], active_tenant_and_profile[1]);
-        } else if (proxy_ip_header_key == header_key) {
+        } else if (proxy_ip_header_key == header.getKey()) {
            source_identifiers.setXFFValuesToOpaqueCtx(header, UsersAllIdentifiersConfig::ExtractType::PROXYIP);
        } else if (waf_tag_key == header_key) {
            source_identifiers.setWafTagValuesToOpaqueCtx(header);
        }
    }
--- a/components/attachment-intakers/nginx_attachment/user_identifiers_config.cc
+++ b/components/attachment-intakers/nginx_attachment/user_identifiers_config.cc
@@ -366,24 +366,6 @@ UsersAllIdentifiersConfig::setCustomHeaderToOpaqueCtx(const HttpHeader &header)
    return;
 }
 void
 UsersAllIdentifiersConfig::setWafTagValuesToOpaqueCtx(const HttpHeader &header) const
 {
    auto i_transaction_table = Singleton::Consume<I_TableSpecific<SessionID>>::by<NginxAttachment>();
    if (!i_transaction_table || !i_transaction_table->hasState<NginxAttachmentOpaque>()) {
        dbgDebug(D_NGINX_ATTACHMENT_PARSER) << "Can't get the transaction table";
        return;
    }
    NginxAttachmentOpaque &opaque = i_transaction_table->getState<NginxAttachmentOpaque>();
    opaque.setSavedData(HttpTransactionData::waf_tag_ctx, static_cast<string>(header.getValue()));
    dbgDebug(D_NGINX_ATTACHMENT_PARSER)
        << "Added waf tag to context: "
        <<  static_cast<string>(header.getValue());
    return;
 }
 Maybe<string>
 UsersAllIdentifiersConfig::parseCookieElement(
    const string::const_iterator &start,
--- a/components/include/generic_rulebase/evaluators/http_transaction_data_eval.h
+++ b/components/include/generic_rulebase/evaluators/http_transaction_data_eval.h
@@ -45,19 +45,6 @@ private:
    std::string host;
 };
 class EqualWafTag : public EnvironmentEvaluator<bool>, Singleton::Consume<I_Environment>
 {
 public:
 EqualWafTag(const std::vector<std::string> &params);
    static std::string getName() { return "EqualWafTag"; }
    Maybe<bool, Context::Error> evalVariable() const override;
 private:
    std::string waf_tag;
 };
 class EqualListeningIP : public EnvironmentEvaluator<bool>, Singleton::Consume<I_Environment>
 {
 public:
--- a/components/include/http_transaction_data.h
+++ b/components/include/http_transaction_data.h
@@ -137,7 +137,6 @@ public:
    static const std::string source_identifier;
    static const std::string proxy_ip_ctx;
    static const std::string xff_vals_ctx;
    static const std::string waf_tag_ctx;
    static const CompressionType default_response_content_encoding;
--- a/components/include/prometheus_comp.h
+++ b/components/include/prometheus_comp.h
@@ -1,30 +0,0 @@
 #ifndef __PROMETHEUS_COMP_H__
 #define __PROMETHEUS_COMP_H__
 #include <memory>
 #include "component.h"
 #include "singleton.h"
 #include "i_rest_api.h"
 #include "i_messaging.h"
 #include "generic_metric.h"
 class PrometheusComp
        :
    public Component,
    Singleton::Consume<I_RestApi>,
    Singleton::Consume<I_Messaging>
 {
 public:
    PrometheusComp();
    ~PrometheusComp();
    void init() override;
 private:
    class Impl;
    std::unique_ptr<Impl> pimpl;
 };
 #endif // __PROMETHEUS_COMP_H__
--- a/components/include/user_identifiers_config.h
+++ b/components/include/user_identifiers_config.h
@@ -30,7 +30,6 @@ public:
    void parseRequestHeaders(const HttpHeader &header) const;
    std::vector<std::string> getHeaderValuesFromConfig(const std::string &header_key) const;
    void setXFFValuesToOpaqueCtx(const HttpHeader &header, ExtractType type) const;
    void setWafTagValuesToOpaqueCtx(const HttpHeader &header) const;
 private:
    class UsersIdentifiersConfig
--- a/components/security_apps/CMakeLists.txt
+++ b/components/security_apps/CMakeLists.txt
@@ -3,7 +3,6 @@ add_subdirectory(ips)
 add_subdirectory(layer_7_access_control)
 add_subdirectory(local_policy_mgmt_gen)
 add_subdirectory(orchestration)
 add_subdirectory(prometheus)
 add_subdirectory(rate_limit)
 add_subdirectory(waap)
 add_subdirectory(central_nginx_manager)
--- a/components/security_apps/prometheus/CMakeLists.txt
+++ b/components/security_apps/prometheus/CMakeLists.txt
@@ -1,2 +0,0 @@
 add_library(prometheus_comp prometheus_comp.cc)
 add_subdirectory(prometheus_ut)
--- a/components/security_apps/prometheus/prometheus_comp.cc
+++ b/components/security_apps/prometheus/prometheus_comp.cc
@@ -1,200 +0,0 @@
 #include "prometheus_comp.h"
 #include <string>
 #include <map>
 #include <vector>
 #include <cereal/archives/json.hpp>
 #include <cereal/types/map.hpp>
 #include <cereal/types/vector.hpp>
 #include <cereal/types/string.hpp>
 #include <iostream>
 #include <fstream>
 #include "common.h"
 #include "report/base_field.h"
 #include "report/report_enums.h"
 #include "log_generator.h"
 #include "debug.h"
 #include "rest.h"
 #include "customized_cereal_map.h"
 #include "i_messaging.h"
 #include "prometheus_metric_names.h"
 USE_DEBUG_FLAG(D_PROMETHEUS);
 using namespace std;
 using namespace ReportIS;
 struct ServiceData
 {
    template <typename Archive>
    void
    serialize(Archive &ar)
    {
        ar(cereal::make_nvp("Service port", service_port));
    }
    int service_port;
 };
 class PrometheusMetricData
 {
 public:
    PrometheusMetricData(const string &n, const string &t, const string &d) : name(n), type(t), description(d) {}
    void
    addElement(const string &labels, const string &value)
    {
        metric_labels_to_values[labels] = value;
    }
    ostream &
    print(ostream &os)
    {
        if (metric_labels_to_values.empty()) return os;
        string representative_name = "";
        if (!name.empty()) {
            auto metric_name = convertMetricName(name);
            !metric_name.empty() ? representative_name = metric_name : representative_name = name;
        }
        if (!description.empty()) os << "# HELP " << representative_name << ' ' << description << '\n';
        if (!name.empty()) os << "# TYPE " << representative_name << ' ' << type << '\n';
        for (auto &entry : metric_labels_to_values) {
            os << representative_name << entry.first << ' ' << entry.second << '\n';
        }
        os << '\n';
        metric_labels_to_values.clear();
        return os;
    }
 private:
    string name;
    string type;
    string description;
    map<string, string> metric_labels_to_values;
 };
 static ostream & operator<<(ostream &os, PrometheusMetricData &metric) { return metric.print(os); }
 class PrometheusComp::Impl
 {
 public:
    void
    init()
    {
        Singleton::Consume<I_RestApi>::by<PrometheusComp>()->addGetCall(
            "metrics",
            [&] () { return getFormatedPrometheusMetrics(); }
        );
    }
    void
    addMetrics(const vector<PrometheusData> &metrics)
    {
        for(auto &metric : metrics) {
            auto &metric_object = getDataObject(
                metric.name,
                metric.type,
                metric.description
            );
            metric_object.addElement(metric.label,  metric.value);
        }
    }
 private:
    PrometheusMetricData &
    getDataObject(const string &name, const string &type, const string &description)
    {
        auto elem = prometheus_metrics.find(name);
        if (elem == prometheus_metrics.end()) {
            elem = prometheus_metrics.emplace(name, PrometheusMetricData(name, type, description)).first;
        }
        return elem->second;
    }
    map<string, ServiceData>
    getServiceDetails()
    {
        map<string, ServiceData> registeredServices;
        auto registered_services_file = getConfigurationWithDefault<string>(
            getFilesystemPathConfig() + "/conf/orchestrations_registered_services.json",
            "orchestration",
            "Orchestration registered services"
        );
        ifstream file(registered_services_file);
        if (!file.is_open()) {
            dbgWarning(D_PROMETHEUS) << "Failed to open file: " << registered_services_file;
            return registeredServices;
        }
        stringstream buffer;
        buffer << file.rdbuf();
        try {
            cereal::JSONInputArchive archive(buffer);
            archive(cereal::make_nvp("Registered Services", registeredServices));
        } catch (const exception& e) {
            dbgWarning(D_PROMETHEUS) << "Error parsing Registered Services JSON file: " << e.what();
        }
        return registeredServices;
    }
    void
    getServicesMetrics()
    {
        dbgTrace(D_PROMETHEUS) << "Get all registered services metrics";
        map<string, ServiceData> service_names_to_ports = getServiceDetails();
        for (const auto &service : service_names_to_ports) {
            I_Messaging *messaging = Singleton::Consume<I_Messaging>::by<PrometheusComp>();
            MessageMetadata servie_metric_req_md("127.0.0.1", service.second.service_port);
            servie_metric_req_md.setConnectioFlag(MessageConnectionConfig::ONE_TIME_CONN);
            servie_metric_req_md.setConnectioFlag(MessageConnectionConfig::UNSECURE_CONN);
            auto res = messaging->sendSyncMessage(
                HTTPMethod::GET,
                "/service-metrics",
                string(""),
                MessageCategory::GENERIC,
                servie_metric_req_md
            );
            if (!res.ok()) {
                dbgWarning(D_PROMETHEUS) << "Failed to get service metrics. Service: " << service.first;
                continue;
            }
            stringstream buffer;
            buffer << res.unpack().getBody();
            cereal::JSONInputArchive archive(buffer);
            vector<PrometheusData> metrics;
            archive(cereal::make_nvp("metrics", metrics));
            addMetrics(metrics);
        }
    }
    string
    getFormatedPrometheusMetrics()
    {
        MetricScrapeEvent().notify();
        getServicesMetrics();
        stringstream result;
        for (auto &metric : prometheus_metrics) {
            result << metric.second;
        }
        dbgTrace(D_PROMETHEUS) << "Prometheus metrics: " << result.str();
        return result.str();
    }
    map<string, PrometheusMetricData> prometheus_metrics;
 };
 PrometheusComp::PrometheusComp() : Component("Prometheus"), pimpl(make_unique<Impl>()) {}
 PrometheusComp::~PrometheusComp() {}
 void
 PrometheusComp::init()
 {
    pimpl->init();
 }
--- a/components/security_apps/prometheus/prometheus_metric_names.h
+++ b/components/security_apps/prometheus/prometheus_metric_names.h
@@ -1,143 +0,0 @@
 #ifndef __PROMETHEUS_METRIC_NAMES_H__
 #define __PROMETHEUS_METRIC_NAMES_H__
 #include <string>
 #include <unordered_map>
 #include "debug.h"
 USE_DEBUG_FLAG(D_PROMETHEUS);
 std::string
 convertMetricName(const std::string &original_metric_name)
 {
    static const std::unordered_map<std::string, std::string> original_to_representative_names = {
        // HybridModeMetric
        {"watchdogProcessStartupEventsSum", "nano_service_restarts_counter"},
        // nginxAttachmentMetric
        {"inspectVerdictSum", "traffic_inspection_verdict_inspect_counter"},
        {"acceptVeridctSum", "traffic_inspection_verdict_accept_counter"},
        {"dropVerdictSum", "traffic_inspection_verdict_drop_counter"},
        {"injectVerdictSum", "traffic_inspection_verdict_inject_counter"},
        {"irrelevantVerdictSum", "traffic_inspection_verdict_irrelevant_counter"},
        {"irrelevantVerdictSum", "traffic_inspection_verdict_irrelevant_counter"},
        {"reconfVerdictSum", "traffic_inspection_verdict_reconf_counter"},
        {"responseInspection", "response_body_inspection_counter"},
        // nginxIntakerMetric
        {"successfullInspectionTransactionsSum", "successful_Inspection_counter"},
        {"failopenTransactionsSum", "fail_open_Inspection_counter"},
        {"failcloseTransactionsSum", "fail_close_Inspection_counter"},
        {"transparentModeTransactionsSum", "transparent_mode_counter"},
        {"totalTimeInTransparentModeSum", "total_time_in_transparent_mode_counter"},
        {"reachInspectVerdictSum", "inspect_verdict_counter"},
        {"reachAcceptVerdictSum", "accept_verdict_counter"},
        {"reachDropVerdictSum", "drop_verdict_counter"},
        {"reachInjectVerdictSum", "inject_verdict_counter"},
        {"reachIrrelevantVerdictSum", "irrelevant_verdict_counter"},
        {"reachReconfVerdictSum", "reconf_verdict_counter"},
        {"requestCompressionFailureSum", "failed_requests_compression_counter"},
        {"responseCompressionFailureSum", "failed_response_compression_counter"},
        {"requestDecompressionFailureSum", "failed_requests_decompression_counter"},
        {"responseDecompressionFailureSum", "failed_response_decompression_counter"},
        {"requestCompressionSuccessSum", "successful_request_compression_counter"},
        {"responseCompressionSuccessSum", "successful_response_compression_counter"},
        {"requestDecompressionSuccessSum", "successful_request_decompression_counter"},
        {"responseDecompressionSuccessSum", "successful_response_decompression_counter"},
        {"skippedSessionsUponCorruptedZipSum", "corrupted_zip_skipped_session_counter"},
        {"attachmentThreadReachedTimeoutSum", "thread_exceeded_processing_time_counter"},
        {"registrationThreadReachedTimeoutSum", "failed_registration_thread_counter"},
        {"requestHeaderThreadReachedTimeoutSum", "request_headers_processing_thread_timeouts_counter"},
        {"requestBodyThreadReachedTimeoutSum", "request_body_processing_thread_timeouts_counter"},
        {"respondHeaderThreadReachedTimeoutSum", "response_headers_processing_thread_timeouts_counter"},
        {"respondBodyThreadReachedTimeoutSum", "response_body_processing_thread_timeouts_counter"},
        {"attachmentThreadFailureSum", "thread_failures_counter"},
        {"httpRequestProcessingReachedTimeoutSum", "request_processing_timeouts_counter"},
        {"httpRequestsSizeSum", "requests_total_size_counter"},
        {"httpResponsesSizeSum", "response_total_size_counter"},
        {"httpRequestFailedToReachWebServerUpstreamSum", "requests_failed_reach_upstram_counter"},
        {"overallSessionProcessTimeToVerdictAvgSample", "overall_processing_time_until_verdict_average"},
        {"overallSessionProcessTimeToVerdictMaxSample", "overall_processing_time_until_verdict_max"},
        {"overallSessionProcessTimeToVerdictMinSample", "overall_processing_time_until_verdict_min"},
        {"requestProcessTimeToVerdictAvgSample", "requests_processing_time_until_verdict_average"},
        {"requestProcessTimeToVerdictMaxSample", "requests_processing_time_until_verdict_max"},
        {"requestProcessTimeToVerdictMinSample", "requests_processing_time_until_verdict_min"},
        {"responseProcessTimeToVerdictAvgSample", "response_processing_time_until_verdict_average"},
        {"responseProcessTimeToVerdictMaxSample", "response_processing_time_until_verdict_max"},
        {"responseProcessTimeToVerdictMinSample", "response_processing_time_until_verdict_min"},
        {"requestBodySizeUponTimeoutAvgSample", "request_body_size_average"},
        {"requestBodySizeUponTimeoutMaxSample", "request_body_size_max"},
        {"requestBodySizeUponTimeoutMinSample", "request_body_size_min"},
        {"responseBodySizeUponTimeoutAvgSample", "response_body_size_average"},
        {"responseBodySizeUponTimeoutMaxSample", "response_body_size_max"},
        {"responseBodySizeUponTimeoutMinSample", "response_body_size_min"},
        // WaapTelemetrics
        {"reservedNgenA", "total_requests_counter"},
        {"reservedNgenB", "unique_sources_counter"},
        {"reservedNgenC", "requests_blocked_by_force_and_exception_counter"},
        {"reservedNgenD", "requests_blocked_by_waf_counter"},
        {"reservedNgenE", "requests_blocked_by_open_api_counter"},
        {"reservedNgenF", "requests_blocked_by_bot_protection_counter"},
        {"reservedNgenG", "requests_threat_level_info_and_no_threat_counter"},
        {"reservedNgenH", "requests_threat_level_low_counter"},
        {"reservedNgenI", "requests_threat_level_medium_counter"},
        {"reservedNgenJ", "requests_threat_level_high_counter"},
        // WaapTrafficTelemetrics
        {"reservedNgenA", "post_requests_counter"},
        {"reservedNgenB", "get_requests_counter"},
        {"reservedNgenC", "put_requests_counter"},
        {"reservedNgenD", "patch_requests_counter"},
        {"reservedNgenE", "delete_requests_counter"},
        {"reservedNgenF", "other_requests_counter"},
        {"reservedNgenG", "2xx_status_code_responses_counter"},
        {"reservedNgenH", "4xx_status_code_responses_counter"},
        {"reservedNgenI", "5xx_status_code_responses_counter"},
        {"reservedNgenJ", "requests_time_latency_average"},
        // WaapAttackTypesMetrics
        {"reservedNgenA", "sql_injection_attacks_type_counter"},
        {"reservedNgenB", "vulnerability_scanning_attacks_type_counter"},
        {"reservedNgenC", "path_traversal_attacks_type_counter"},
        {"reservedNgenD", "ldap_injection_attacks_type_counter"},
        {"reservedNgenE", "evasion_techniques_attacks_type_counter"},
        {"reservedNgenF", "remote_code_execution_attacks_type_counter"},
        {"reservedNgenG", "xml_extern_entity_attacks_type_counter"},
        {"reservedNgenH", "cross_site_scripting_attacks_type_counter"},
        {"reservedNgenI", "general_attacks_type_counter"},
        // AssetsMetric
        {"numberOfProtectedApiAssetsSample", "api_assets_counter"},
        {"numberOfProtectedWebAppAssetsSample", "web_api_assets_counter"},
        {"numberOfProtectedAssetsSample", "all_assets_counter"},
        // IPSMetric
        {"preventEngineMatchesSample", "prevent_action_matches_counter"},
        {"detectEngineMatchesSample", "detect_action_matches_counter"},
        {"ignoreEngineMatchesSample", "ignore_action_matches_counter"},
        // CPUMetric
        {"cpuMaxSample", "cpu_usage_percentage_max"},
        {"cpuAvgSample", "cpu_usage_percentage_average"},
        {"cpuSample", "cpu_usage_percentage_last_value"},
        // LogMetric
        {"logQueueMaxSizeSample", "logs_queue_size_max"},
        {"logQueueAvgSizeSample", "logs_queue_size_average"},
        {"logQueueCurrentSizeSample", "logs_queue_size_last_value"},
        {"sentLogsSum", "logs_sent_counter"},
        {"sentLogsBulksSum", "bulk_logs_sent_counter"},
        // MemoryMetric
        {"serviceVirtualMemorySizeMaxSample", "service_virtual_memory_size_kb_max"},
        {"serviceVirtualMemorySizeMinSample", "service_virtual_memory_size_kb_min"},
        {"serviceVirtualMemorySizeAvgSample", "service_virtual_memory_size_kb_average"},
        {"serviceRssMemorySizeMaxSample", "service_physical_memory_size_kb_max"},
        {"serviceRssMemorySizeMinSample", "service_physical_memory_size_kb_min"},
        {"serviceRssMemorySizeAvgSample", "service_physical_memory_size_kb_average"},
        {"generalTotalMemorySizeMaxSample", "general_total_used_memory_max"},
        {"generalTotalMemorySizeMinSample", "general_total_used_memory_min"},
        {"generalTotalMemorySizeAvgSample", "general_total_used_memory_average"},
    };
    auto metric_names = original_to_representative_names.find(original_metric_name);
    if (metric_names != original_to_representative_names.end()) return metric_names->second;
    dbgDebug(D_PROMETHEUS)
        << "Metric don't have a representative name, originl name: "
        << original_metric_name;
    return "";
 }
 #endif // __PROMETHEUS_METRIC_NAMES_H__
--- a/components/security_apps/prometheus/prometheus_ut/CMakeLists.txt
+++ b/components/security_apps/prometheus/prometheus_ut/CMakeLists.txt
@@ -1,8 +0,0 @@
 link_directories(${BOOST_ROOT}/lib)
 link_directories(${BOOST_ROOT}/lib ${CMAKE_BINARY_DIR}/core/shmem_ipc)
 add_unit_test(
    prometheus_ut
    "prometheus_ut.cc"
    "prometheus_comp;logging;agent_details;waap_clib;table;singleton;time_proxy;metric;event_is;connkey;http_transaction_data;generic_rulebase;generic_rulebase_evaluators;ip_utilities;intelligence_is_v2;-lboost_regex;messaging;"
 )
--- a/components/security_apps/prometheus/prometheus_ut/prometheus_ut.cc
+++ b/components/security_apps/prometheus/prometheus_ut/prometheus_ut.cc
@@ -1,79 +0,0 @@
 #include "prometheus_comp.h"
 #include <sstream>
 #include <fstream>
 #include <vector>
 #include "cmock.h"
 #include "cptest.h"
 #include "maybe_res.h"
 #include "debug.h"
 #include "config.h"
 #include "environment.h"
 #include "config_component.h"
 #include "agent_details.h"
 #include "time_proxy.h"
 #include "mock/mock_mainloop.h"
 #include "mock/mock_rest_api.h"
 #include "mock/mock_messaging.h"
 using namespace std;
 using namespace testing;
 USE_DEBUG_FLAG(D_PROMETHEUS);
 class PrometheusCompTest : public Test
 {
 public:
    PrometheusCompTest()
    {
        EXPECT_CALL(mock_rest, mockRestCall(_, "declare-boolean-variable", _)).WillOnce(Return(false));
        env.preload();
        config.preload();
        env.init();
        EXPECT_CALL(
            mock_rest,
            addGetCall("metrics", _)
        ).WillOnce(DoAll(SaveArg<1>(&get_metrics_func), Return(true)));
        prometheus_comp.init();
    }
    ::Environment            env;
    ConfigComponent          config;
    PrometheusComp           prometheus_comp;
    StrictMock<MockRestApi>  mock_rest;
    StrictMock<MockMainLoop> mock_ml;
    NiceMock<MockMessaging>  mock_messaging;
    unique_ptr<ServerRest>   agent_uninstall;
    function<string()>       get_metrics_func;
    CPTestTempfile           status_file;
    string                   registered_services_file_path;
 };
 TEST_F(PrometheusCompTest, checkAddingMetric)
 {
    registered_services_file_path = cptestFnameInSrcDir(string("registered_services.json"));
    setConfiguration(registered_services_file_path, "orchestration", "Orchestration registered services");
    string metric_body = "{\n"
        "   \"metrics\": [\n"
        "       {\n"
        "           \"metric_name\": \"watchdogProcessStartupEventsSum\",\n"
        "           \"metric_type\": \"counter\",\n"
        "           \"metric_description\": \"\",\n"
        "           \"labels\": \"{method=\\\"post\\\",code=\\\"200\\\"}\",\n"
        "           \"value\": \"1534\"\n"
        "       }\n"
        "   ]\n"
        "}";
    string message_body;
    EXPECT_CALL(mock_messaging, sendSyncMessage(_, "/service-metrics", _, _, _))
        .Times(2).WillRepeatedly(Return(HTTPResponse(HTTPStatusCode::HTTP_OK, metric_body)));
    string metric_str = "# TYPE nano_service_restarts_counter counter\n"
        "nano_service_restarts_counter{method=\"post\",code=\"200\"} 1534\n\n";
    EXPECT_EQ(metric_str,  get_metrics_func());
 }
--- a/components/security_apps/prometheus/prometheus_ut/registered_services.json
+++ b/components/security_apps/prometheus/prometheus_ut/registered_services.json
@@ -1,32 +0,0 @@
 {
    "Registered Services": {
        "cp-nano-orchestration": {
            "Service name": "cp-nano-orchestration",
            "Service ID": "cp-nano-orchestration",
            "Service port": 7777,
            "Relevant configs": [
                "zones",
                "triggers",
                "rules",
                "registration-data",
                "parameters",
                "orchestration",
                "exceptions",
                "agent-intelligence"
            ]
        },
        "cp-nano-prometheus": {
            "Service name": "cp-nano-prometheus",
            "Service ID": "cp-nano-prometheus",
            "Service port": 7465,
            "Relevant configs": [
                "zones",
                "triggers",
                "rules",
                "parameters",
                "exceptions",
                "agent-intelligence"
            ]
        }
    }
 }
--- a/components/utils/generic_rulebase/evaluators/http_transaction_data_eval.cc
+++ b/components/utils/generic_rulebase/evaluators/http_transaction_data_eval.cc
@@ -103,35 +103,6 @@ WildcardHost::evalVariable() const
    return lower_host_ctx == lower_host;
 }
 EqualWafTag::EqualWafTag(const vector<string> &params)
 {
    if (params.size() != 1) reportWrongNumberOfParams("EqualWafTag", params.size(), 1, 1);
    waf_tag = params[0];
 }
 Maybe<bool, Context::Error>
 EqualWafTag::evalVariable() const
 {
    I_Environment *env = Singleton::Consume<I_Environment>::by<EqualWafTag>();
    auto maybe_waf_tag_ctx = env->get<string>(HttpTransactionData::waf_tag_ctx);
    if (!maybe_waf_tag_ctx.ok())
    {
        dbgTrace(D_RULEBASE_CONFIG) << "didnt find waf tag in current context";
        return false;
    }
    auto waf_tag_ctx = maybe_waf_tag_ctx.unpack();
    dbgTrace(D_RULEBASE_CONFIG)
        << "trying to match waf tag context with its corresponding waf tag: "
        << waf_tag_ctx
        << ". Matcher waf tag: "
        << waf_tag;
    return waf_tag_ctx == waf_tag;
 }
 EqualListeningIP::EqualListeningIP(const vector<string> &params)
 {
    if (params.size() != 1) reportWrongNumberOfParams("EqualListeningIP", params.size(), 1, 1);
--- a/components/utils/generic_rulebase/generic_rulebase.cc
+++ b/components/utils/generic_rulebase/generic_rulebase.cc
@@ -80,7 +80,6 @@ GenericRulebase::Impl::preload()
    addMatcher<IpProtocolMatcher>();
    addMatcher<UrlMatcher>();
    addMatcher<EqualHost>();
    addMatcher<EqualWafTag>();
    addMatcher<WildcardHost>();
    addMatcher<EqualListeningIP>();
    addMatcher<EqualListeningPort>();
--- a/components/utils/http_transaction_data/http_transaction_data.cc
+++ b/components/utils/http_transaction_data/http_transaction_data.cc
@@ -53,7 +53,6 @@ const string HttpTransactionData::req_body           = "transaction_request_body
 const string HttpTransactionData::source_identifier  = "sourceIdentifiers";
 const string HttpTransactionData::proxy_ip_ctx       = "proxy_ip";
 const string HttpTransactionData::xff_vals_ctx       = "xff_vals";
 const string HttpTransactionData::waf_tag_ctx       = "waf_tag";
 const CompressionType HttpTransactionData::default_response_content_encoding = CompressionType::NO_COMPRESSION;
--- a/components/utils/utilities/nginx_conf_collector/nginx_conf_collector.cc
+++ b/components/utils/utilities/nginx_conf_collector/nginx_conf_collector.cc
@@ -13,11 +13,9 @@
 #include <iostream>
 #include <unistd.h>
 #include <sstream>
 #include "agent_core_utilities.h"
 #include "debug.h"
 #include "getopt.h"
 #include "internal/shell_cmd.h"
 #include "mainloop.h"
 #include "nginx_utils.h"
@@ -45,7 +43,6 @@ public:
        environment.fini();
        time_proxy.fini();
    }
 private:
    ShellCmd shell_cmd;
    MainloopComponent mainloop;
@@ -53,153 +50,6 @@ private:
    TimeProxyComponent time_proxy;
 };
 class FogConnection
 {
 public:
    FogConnection(const std::string& token, const std::string& fog)
        : var_token(token), var_fog(fog) {}
    bool registerAgent() {
        std::string curl_cmd = "curl -s --noproxy \"*\" "
                            "--header \"User-Agent: Infinity Next (a7030abf93a4c13)\" "
                            "--header \"Content-Type: application/json\" "
                            "--request POST "
                            "--data '{\"authenticationData\": [{\"authenticationMethod\": \"token\", \"data\": \""
                            + var_token + "\"}], "
                            "\"metaData\": {\"agentName\": \"ConfCollector\", \"agentType\":"
                            "\"Embedded\", \"platform\": \"linux\", "
                            "\"architecture\": \"x86\", \"additionalMetaData\": {\"agentVendor\": \"python\"}}}' "
                            + var_fog + "/agents";
        std::string response = executeCommand(curl_cmd);
        std::string error_check = "echo '" + response + "' | grep referenceId";
        std::string error_result = executeCommand(error_check);
        if (!error_result.empty()) {
            std::cerr << "Couldn't register to the FOG" << std::endl;
            return false;
        }
        agent_id = extractJsonValue(response, "agentId");
        clientId = extractJsonValue(response, "clientId");
        clientSecret = extractJsonValue(response, "clientSecret");
        tenant_id = extractJsonValue(response, "tenantId");
        profile_id = extractJsonValue(response, "profileId");
        removeNewlines(agent_id);
        removeNewlines(clientId);
        removeNewlines(clientSecret);
        removeNewlines(tenant_id);
        removeNewlines(profile_id);
        return true;
    }
    bool getJWT() {
        std::string curl_cmd = "curl -s --noproxy \"*\" "
                            "--header \"User-Agent: Infinity Next (a7030abf93a4c13)\" "
                            "--header \"Content-Type: application/json\" "
                            "-d '{\"login\":\"" + clientId + "\", \"password\":\"" + clientSecret + "\"}' "
                            "--user \"" + clientId + ":" + clientSecret + "\" "
                            "--request POST "
                            "--data '{}' "
                            + var_fog + "/oauth/token?grant_type=client_credentials";
        std::string response = executeCommand(curl_cmd);
        std::string error_check = "echo '" + response + "' | grep referenceId";
        std::string error_result = executeCommand(error_check);
        if (!error_result.empty()) {
            std::cerr << "Couldn't receive JWT" << std::endl;
            return false;
        }
        ra_token = extractJsonValue(response, "access_token");
        removeNewlines(ra_token);
        return true;
    }
    bool uploadNginxConfig(const std::string& config_file_path)
    {
        if (tenant_id.empty() || profile_id.empty() || ra_token.empty()) {
            std::cerr << "Missing required data for upload (tenant_id, profile_id, or JWT token)" << std::endl;
            return false;
        }
        std::ifstream file_check(config_file_path);
        if (!file_check.is_open()) {
            std::cerr << "Cannot open config file for upload: " << config_file_path << std::endl;
            return false;
        }
        file_check.close();
        std::string upload_url = var_fog + "/agents-core/storage/" + tenant_id + "/" + "nginx/" + profile_id +
            "/1/nginx.conf";
        std::string curl_cmd = "curl -s --noproxy \"*\" "
                            "--header \"User-Agent: Infinity Next (a7030abf93a4c13)\" "
                            "--header \"Authorization: Bearer " + ra_token + "\" "
                            "--header \"Content-Type: text/plain\" "
                            "--request PUT "
                            "--data-binary @" + config_file_path + " "
                            "-w \"%{http_code}\" "
                            + upload_url;
        std::string response = executeCommand(curl_cmd);
        std::string status_code = "";
        if (response.length() >= 3) {
            status_code = response.substr(response.length() - 3);
            response = response.substr(0, response.length() - 3);
        }
        if (status_code.empty() || status_code[0] != '2') {
            std::cerr << "Upload failed with HTTP status code: " << status_code << std::endl;
            return false;
        }
        std::cout << "Successfully uploaded nginx config to: " << upload_url << " (HTTP " << status_code << ")"
            << std::endl;
        return true;
    }
 private:
    std::string var_token;
    std::string var_fog;
    std::string agent_id;
    std::string tenant_id;
    std::string profile_id;
    std::string ra_token;
    std::string clientId;
    std::string clientSecret;
    std::string executeCommand(const std::string& command) {
        std::string result;
        FILE* pipe = popen(command.c_str(), "r");
        if (!pipe) {
            throw std::runtime_error("popen() failed!");
        }
        char buffer[128];
        while (fgets(buffer, sizeof(buffer), pipe) != nullptr) {
            result += buffer;
        }
        pclose(pipe);
        return result;
    }
    std::string extractJsonValue(const std::string& response, const std::string& key) {
        std::string command = "echo '" + response + "' | grep -o '\"" + key + "\":\"[^\"]*' | grep -o '[^\"]*$'";
        return executeCommand(command);
    }
    void removeNewlines(std::string& str) {
        str.erase(std::remove(str.begin(), str.end(), '\n'), str.end());
        str.erase(std::remove(str.begin(), str.end(), '\r'), str.end());
    }
 };
 void
 printVersion()
 {
@@ -213,16 +63,12 @@ printVersion()
 void
 printUsage(const char *prog_name)
 {
-    cout << "Usage: " << prog_name << " [-v] [-i /path/to/nginx.conf] [-o /path/to/output.conf]" <<
+    cout << "Usage: " << prog_name << " [-v] [-i /path/to/nginx.conf] [-o /path/to/output.conf]" << '\n';
        "[--upload --token <token> [--fog <address>]]" << '\n';
    cout << "  -V              Print version" << '\n';
    cout << "  -v              Enable verbose output" << '\n';
    cout << "  -i input_file   Specify input file (default is /etc/nginx/nginx.conf)" << '\n';
    cout << "  -o output_file  Specify output file (default is ./full_nginx.conf)" << '\n';
    cout << "  -h              Print this help message" << '\n';
    cout << "  --upload        Upload configuration to FOG (requires --token)" << '\n';
    cout << "  --token <token> profile token for FOG upload" << '\n';
    cout << "  --fog <address> FOG server address (default: inext-agents.cloud.ngen.checkpoint.com)" << '\n';
 }
 int
@@ -230,19 +76,9 @@ main(int argc, char *argv[])
 {
    string nginx_input_file = "/etc/nginx/nginx.conf";
    string nginx_output_file = "full_nginx.conf";
-    string fog_address = "inext-agents.cloud.ngen.checkpoint.com";
+
    string token;
    bool upload_flag = false;
    int opt;
-
+    while ((opt = getopt(argc, argv, "Vvhi:o:h")) != -1) {
    static struct option long_options[] = {
        {"upload", no_argument, 0, 'u'},
        {"token", required_argument, 0, 1001},
        {"fog", required_argument, 0, 1002},
        {0, 0, 0, 0}
    };
    while ((opt = getopt_long(argc, argv, "Vvhi:o:", long_options, nullptr)) != -1) {
        switch (opt) {
            case 'V':
                printVersion();
@@ -259,33 +95,18 @@ main(int argc, char *argv[])
            case 'h':
                printUsage(argv[0]);
                return 0;
            case 'u':
                upload_flag = true;
                break;
            case 1001: // --token
                token = optarg;
                break;
            case 1002: // --fog
                fog_address = optarg;
                break;
            default:
                printUsage(argv[0]);
                return 1;
        }
    }
-    for (int i = optind; i < argc; i++) {
+    for (int i = optind; i < argc;) {
        cerr << "Unknown argument: " << argv[i] << '\n';
        printUsage(argv[0]);
        return 1;
    }
    if (upload_flag && token.empty()) {
        cerr << "Error: --upload requires --token to be specified" << '\n';
        printUsage(argv[0]);
        return 1;
    }
    dbgTrace(D_NGINX_MANAGER) << "Starting nginx configuration collector";
    MainComponent main_component;
@@ -323,30 +144,5 @@ main(int argc, char *argv[])
    cout << "Full nginx configuration file was successfully generated: " << result.unpack() << '\n';
    if (upload_flag) {
        cout << "Uploading configuration to FOG server: " << fog_address << '\n';
        string full_fog_url = fog_address;
        if (fog_address.find("http://") != 0 && fog_address.find("https://") != 0) {
            full_fog_url = "https://" + fog_address;
        }
        FogConnection fog_connection(token, full_fog_url);
        if (!fog_connection.registerAgent()) {
            cerr << "Failed to register agent with the FOG." << '\n';
            return 1;
        }
        if (!fog_connection.getJWT()) {
            cerr << "Failed to get JWT token." << '\n';
            return 1;
        }
        if (!fog_connection.uploadNginxConfig(result.unpack())) {
            cerr << "Failed to upload nginx config file to FOG." << '\n';
            return 1;
        }
    }
    return 0;
 }
--- a/core/metric/generic_metric.cc
+++ b/core/metric/generic_metric.cc
@@ -332,17 +332,7 @@ vector<PrometheusData>
 GenericMetric::getPromMetricsData()
 {
    vector<PrometheusData> all_metrics;
-    bool enable_prometheus = false;
+    if (!getProfileAgentSettingWithDefault(false, "prometheus")) return all_metrics;
    auto prometheus_settings = getProfileAgentSetting<bool>("prometheus");
    if (prometheus_settings.ok()) {
        enable_prometheus = prometheus_settings.unpack();
    } else {
        const char *prometheus_env = getenv("PROMETHEUS");
        if (prometheus_env != nullptr) {
            enable_prometheus = string(prometheus_env) == "true";
        }
    }
    if (!enable_prometheus) return all_metrics;
    dbgTrace(D_METRICS) << "Get prometheus metrics";
    for (auto &calc : prometheus_calcs) {
--- a/nodes/CMakeLists.txt
+++ b/nodes/CMakeLists.txt
@@ -11,7 +11,6 @@ set(COMMON_LIBRARIES "-lngen_core;-lcompression_utils;-lssl;-lcrypto;-lz;-lboost
 include(packaging.cmake)
 add_subdirectory(orchestration)
 add_subdirectory(prometheus)
 add_subdirectory(agent_cache)
 add_subdirectory(http_transaction_handler)
 add_subdirectory(attachment_registration_manager)
--- a/nodes/orchestration/package/cp-nano-package-list
+++ b/nodes/orchestration/package/cp-nano-package-list
@@ -29,5 +29,4 @@ cpview_metric_provider="cpviewMetricProvider 8282"
 hello_world="hello_world"
 crowdsec_aux="crowdsecAux 8081"
 central_nginx_manager="centralNginxManager 7555"
 prometheus="prometheus 7465"
 # ## Please do not remove this comment - newline at end of file required.
--- a/nodes/orchestration/package/orchestration_package.sh
+++ b/nodes/orchestration/package/orchestration_package.sh
@@ -647,9 +647,6 @@ install_watchdog()
                echo "ExecStart=ip netns exec CTX0000${VS_ID} ${FILESYSTEM_PATH}/${WATCHDOG_PATH}/cp-nano-watchdog" >> /etc/systemd/system/${NANO_AGENT_SERVICE_FILE}
            fi
            echo "Environment=\"FILESYSTEM_PATH=${FILESYSTEM_PATH}\"" >> /etc/systemd/system/${NANO_AGENT_SERVICE_FILE}
            if [ -n "${PROMETHEUS}" ] ; then
                echo "Environment=\"PROMETHEUS=${PROMETHEUS}\"" >> /etc/systemd/system/${NANO_AGENT_SERVICE_FILE}
            fi
            cp_exec "systemctl daemon-reload"
            cp_exec "systemctl enable nano_agent"
--- a/nodes/prometheus/CMakeLists.txt
+++ b/nodes/prometheus/CMakeLists.txt
@@ -1,30 +0,0 @@
 add_subdirectory(package)
 add_executable(prometheus main.cc)
 target_link_libraries(prometheus
    -Wl,--start-group
    ${COMMON_LIBRARIES}
    generic_rulebase
    generic_rulebase_evaluators
    ip_utilities
    version
    signal_handler
 	prometheus_comp
 	http_transaction_data
    -Wl,--end-group
 )
 add_dependencies(prometheus ngen_core)
 install(TARGETS prometheus DESTINATION bin)
 install(TARGETS prometheus DESTINATION prometheus_service/bin)
 gen_package(
 	install-cp-nano-service-prometheus.sh
 	prometheus_service
    ./install-cp-nano-prometheus.sh
 	Check Point Prometheus Agent Version ${PACKAGE_VERSION} Install Package
 )
--- a/nodes/prometheus/main.cc
+++ b/nodes/prometheus/main.cc
@@ -1,15 +0,0 @@
 #include "components_list.h"
 #include "prometheus_comp.h"
 int
 main(int argc, char **argv)
 {
    NodeComponents<PrometheusComp> comps;
    comps.registerGlobalValue<bool>("Is Rest primary routine", true);
    comps.registerGlobalValue<uint>("Nano service API Port Primary", 7465);
    comps.registerGlobalValue<uint>("Nano service API Port Alternative", 7466);
    comps.registerGlobalValue<bool>("Nano service API Allow Get From External IP", true);
    return comps.run("Prometheus Service", argc, argv);
 }
--- a/nodes/prometheus/package/CMakeLists.txt
+++ b/nodes/prometheus/package/CMakeLists.txt
@@ -1,4 +0,0 @@
 install(FILES install-cp-nano-prometheus.sh  DESTINATION prometheus_service/ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
 install(FILES cp-nano-prometheus.cfg  DESTINATION prometheus_service/conf PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
 install(FILES cp-nano-prometheus-conf.json  DESTINATION prometheus_service/conf PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
 install(FILES cp-nano-prometheus-debug-conf.json  DESTINATION prometheus_service/conf PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
--- a/nodes/prometheus/package/cp-nano-prometheus-conf.json
+++ b/nodes/prometheus/package/cp-nano-prometheus-conf.json
@@ -1,21 +0,0 @@
 {
    "connection": {
        "Nano service API Port Primary": [
            {
                "value": 7465
            }
        ],
        "Nano service API Port Alternative": [
            {
                "value": 7466
            }
        ]
    },
    "message": {
        "Connection timeout": [
            {
                "value": 10000000
            }
        ]
    }
 }
--- a/nodes/prometheus/package/cp-nano-prometheus-debug-conf.json
+++ b/nodes/prometheus/package/cp-nano-prometheus-debug-conf.json
@@ -1,11 +0,0 @@
 {
    "Debug": [
        {
            "Streams": [
                {
                    "Output": "nano_agent/cp-nano-prometheus.dbg"
                }
            ]
        }
    ]
 }
--- a/nodes/prometheus/package/cp-nano-prometheus.cfg
+++ b/nodes/prometheus/package/cp-nano-prometheus.cfg
--- a/nodes/prometheus/package/install-cp-nano-prometheus.sh
+++ b/nodes/prometheus/package/install-cp-nano-prometheus.sh
@@ -1,164 +0,0 @@
 #!/bin/sh
 #Nano Service Details
 NANO_SERVICE_NAME="prometheus"
 NANO_SERVICE_BIN_NAME="cp-nano-prometheus"
 NANO_SERVICE_INSTALLATION_FOLDER="prometheus"
 ATTACHMENT_BIN_NAME="cp-nano-prometheus"
 #Installable Names
 CFG_FILE_NAME="cp-nano-prometheus.cfg"
 DBG_CONF_FILE_NAME="cp-nano-prometheus-debug-conf.json"
 SERVICE_CONF_FILE_NAME="cp-nano-prometheus-conf.json"
 NANO_SERVICE_BIN="prometheus"
 ATTACHMENT_BIN="prometheus_attachment"
 #Const variables
 FORCE_STDOUT=true
 INSTALLATION_TIME=$(date)
 CP_NANO_LOG_PATH="/var/log/nano_agent"
 CP_NANO_CONF_PATH="/etc/cp/conf"
 NANO_SERVICE_INSTALLATION_PATH="/etc/cp/${NANO_SERVICE_INSTALLATION_FOLDER}"
 NANO_SERVICE_BIN_PATH=${NANO_SERVICE_INSTALLATION_PATH}/${NANO_SERVICE_BIN_NAME}
 NANO_SERVICE_CFG_PATH=${NANO_SERVICE_BIN_PATH}.cfg
 ATTACHMENT_BIN_PATH=${NANO_SERVICE_INSTALLATION_PATH}/${ATTACHMENT_BIN_NAME}
 DBG_CONF_PATH=${CP_NANO_CONF_PATH}/${NANO_SERVICE_BIN_NAME}-debug-conf.json
 SERVICE_CONF_PATH=${CP_NANO_CONF_PATH}/${NANO_SERVICE_BIN_NAME}-conf.json
 DBG_FILE_PATH=${CP_NANO_LOG_PATH}/${NANO_SERVICE_BIN_NAME}.dbg
 INSTALLATION_LOG_FILE=${CP_NANO_LOG_PATH}/${NANO_SERVICE_BIN_NAME}-install.log
 mkdir -p ${CP_NANO_LOG_PATH}
 touch ${DBG_FILE_PATH}
 cp_print()
 {
    var_text=$1
    var_std_out=$2
    touch $INSTALLATION_LOG_FILE
    if [ -n "$var_std_out" ]; then
        if [ "$var_std_out" = "true" ]; then
            printf "%b\n" "$var_text"
        fi
    fi
    printf "%b\n" "$var_text" >> $INSTALLATION_LOG_FILE
 }
 cp_exec()
 {
    var_cmd=$1
    var_std_out=$2
    # Send exec output to RES
    RES=$($var_cmd 2>&1)
    if [ -n "$RES" ]; then
        cp_print "$RES" "$var_std_out"
    fi
 }
 set_configuration()
 {
    cp_exec "cp -n conf/${DBG_CONF_FILE_NAME} $DBG_CONF_PATH"
    cp_exec "/etc/cp/scripts/cpnano_debug --default --service prometheus"
    cp_exec "cp -n conf/${SERVICE_CONF_FILE_NAME} $SERVICE_CONF_PATH"
 }
 run_installation()
 {
    cp_print "Starting installation of Check Point ${NANO_SERVICE_NAME} Nano service [$INSTALLATION_TIME]\n" $FORCE_STDOUT
    cp_exec "/etc/cp/watchdog/cp-nano-watchdog --un-register ${ATTACHMENT_BIN_PATH}"
    cp_exec "/etc/cp/watchdog/cp-nano-watchdog --un-register ${NANO_SERVICE_BIN_PATH}"
    att_path=$ATTACHMENT_BIN_PATH
    cmd_pid_att=$(ps -eo pid,cmd,args | awk -v srv=${att_path} '{if($2 ~ srv || $3 ~ srv) print $1}')
    srv_path=$NANO_SERVICE_BIN_NAME
    cmd_pid_srv=$(ps -eo pid,cmd,args | awk -v srv=${srv_path} '{if($2 ~ srv || $3 ~ srv) print $1}')
    if [ -n "$cmd_pid_att"  ]; then
        cp_print "Killing running instance(pid=$cmd_pid_att) of the prometheus attachment on installation"
        kill -9 "$cmd_pid_att"
    fi
    if [ -n "$cmd_pid_srv"  ]; then
        cp_print "Killing running instance(pid=$cmd_pid_srv) of the prometheus service on installation"
        kill -9 "$cmd_pid_srv"
    fi
    cp_exec "mkdir -p ${NANO_SERVICE_INSTALLATION_PATH}"
    cp_exec "cp -f bin/${NANO_SERVICE_BIN} ${NANO_SERVICE_BIN_PATH}"
    cp_exec "chmod +x ${NANO_SERVICE_BIN_PATH}"
    cp_exec "cp -f conf/${CFG_FILE_NAME} ${NANO_SERVICE_CFG_PATH}"
    cp_exec "chmod 600 ${NANO_SERVICE_CFG_PATH}"
    set_configuration
    cp_exec "/etc/cp/watchdog/cp-nano-watchdog --register ${NANO_SERVICE_BIN_PATH}"
    cp_exec "/etc/cp/watchdog/cp-nano-watchdog --register ${ATTACHMENT_BIN_PATH}"
    cp_print "Installation completed successfully." $FORCE_STDOUT
 }
 usage()
 {
    echo "Check Point: available flags are"
    echo "--install           : install ${NANO_SERVICE_NAME} Nano Service"
    echo "--uninstall         : remove ${NANO_SERVICE_NAME} Nano Service"
    echo "--pre_install_test  : run Pre-installation test for ${NANO_SERVICE_NAME} Nano Service install package"
    echo "--post_install_test : run Post-installation test for ${NANO_SERVICE_NAME} Nano Service install package"
    exit 255
 }
 run_uninstall()
 {
    cp_exec "/etc/cp/watchdog/cp-nano-watchdog --un-register ${ATTACHMENT_BIN_PATH}"
    cp_exec "/etc/cp/watchdog/cp-nano-watchdog --un-register ${NANO_SERVICE_BIN_PATH}"
    cp_exec "rm -rf ${NANO_SERVICE_INSTALLATION_PATH}"
    cp_exec "rm -rf ${NANO_SERVICE_CONF_DIR}"
 }
 run_pre_install_test()
 {
    cp_print "Starting Pre-installation test of Check Point ${NANO_SERVICE_NAME} Nano service installation package [$INSTALLATION_TIME]\n" $FORCE_STDOUT
    cp_print "Successfully finished pre-installation test for Check Point ${NANO_SERVICE_NAME} Nano service installation package [$INSTALLATION_TIME]\n" $FORCE_STDOUT
    exit 0
 }
 run_post_install_test()
 {
    cp_print "Starting Post-installation test of Check Point ${NANO_SERVICE_NAME} Nano service installation package [$INSTALLATION_TIME]\n" $FORCE_STDOUT
    if ! cat /etc/cp/watchdog/wd.services | grep -q ${NANO_SERVICE_BIN_PATH}; then
    	    cp_print "Failed to register ${NANO_SERVICE_NAME} Nano service to the watchdog\n" $FORCE_STDOUT
    	    exit 255
    fi
    cp_print "Successfully finished post-installation test for Check Point ${NANO_SERVICE_NAME} Nano service installation package [$INSTALLATION_TIME]\n" $FORCE_STDOUT
    exit 0
 }
 run()
 {
    if [ '--install' = "$1" ]; then
        run_installation "${@}"
    elif [ '--uninstall' = "$1" ]; then
        run_uninstall
    elif [ '--pre_install_test' = "$1" ]; then
        run_pre_install_test
    elif [ '--post_install_test' = "$1" ]; then
        run_post_install_test
    else
        usage
        exit 1
    fi
 }
 if [ "$(id -u)" != "0" ]; then
    echo "Administrative privileges required for this Package (use su or sudo)"
    exit 1
 fi
 shift
 run "${@}"
 exit 0
Author	SHA1	Message	Date
wiaamm	1f80b79bd0	fix watchdog restarts	2025-06-09 15:35:21 +03:00
wiaamm	59da201d5c	fix restarting agent	2025-06-05 21:11:23 +03:00
wiaamm	8edb695346	don't exit	2025-05-28 14:54:37 +03:00
		`@@ -1,2 +0,0 @@`
			`add_library(prometheus_comp prometheus_comp.cc)`
			`add_subdirectory(prometheus_ut)`