Add process validation for peer metadata

management/server/posture/process.go

@@ -1,6 +1,9 @@
 package posture
 
 import (
+	"fmt"
+	"slices"
+
 	nbpeer "github.com/netbirdio/netbird/management/server/peer"
 )
 
@@ -16,8 +19,30 @@ type ProcessCheck struct {
 var _ Check = (*ProcessCheck)(nil)
 
 func (p *ProcessCheck) Check(peer nbpeer.Peer) (bool, error) {
+	peerActiveProcesses := make([]string, 0, len(peer.Meta.Processes))
+	for _, process := range peer.Meta.Processes {
+		peerActiveProcesses = append(peerActiveProcesses, process.Path)
+	}
+
+	switch peer.Meta.GoOS {
+	case "darwin", "linux":
+		for _, process := range p.Processes {
+			if !slices.Contains(peerActiveProcesses, process.Path) {
 				return false, nil
 			}
+		}
+		return true, nil
+	case "windows":
+		for _, process := range p.Processes {
+			if !slices.Contains(peerActiveProcesses, process.WindowsPath) {
+				return false, nil
+			}
+		}
+		return true, nil
+	default:
+		return false, fmt.Errorf("unsupported peer's operating system: %s", peer.Meta.GoOS)
+	}
+}
 
 func (p *ProcessCheck) Name() string {
 	return ProcessCheckName

management/server/posture/process_test.go

@@ -16,7 +16,137 @@ func TestProcessCheck_Check(t *testing.T) {
 		wantErr bool
 		isValid bool
 	}{
-		{},
+		{
+			name: "darwin with matching processes",
+			input: peer.Peer{
+				Meta: peer.PeerSystemMeta{
+					GoOS: "darwin",
+					Processes: []peer.Process{
+						{Path: "process1"},
+						{Path: "process2"}},
+				},
+			},
+			check: ProcessCheck{
+				Processes: []Process{
+					{Path: "process1"},
+					{Path: "process2"},
+				},
+			},
+			wantErr: false,
+			isValid: true,
+		},
+		{
+			name: "linux with matching processes",
+			input: peer.Peer{
+				Meta: peer.PeerSystemMeta{
+					GoOS: "linux",
+					Processes: []peer.Process{
+						{Path: "process1"},
+						{Path: "process2"},
+					},
+				},
+			},
+			check: ProcessCheck{
+				Processes: []Process{
+					{Path: "process1"},
+					{Path: "process2"},
+				},
+			},
+			wantErr: false,
+			isValid: true,
+		},
+		{
+			name: "linux with non-matching processes",
+			input: peer.Peer{
+				Meta: peer.PeerSystemMeta{
+					GoOS: "linux",
+					Processes: []peer.Process{
+						{Path: "process3"},
+						{Path: "process4"},
+					},
+				},
+			},
+			check: ProcessCheck{
+				Processes: []Process{
+					{Path: "process1"},
+					{Path: "process2"},
+				},
+			},
+			wantErr: false,
+			isValid: false,
+		},
+		{
+			name: "windows with matching processes",
+			input: peer.Peer{
+				Meta: peer.PeerSystemMeta{
+					GoOS: "windows",
+					Processes: []peer.Process{
+						{Path: "process1"},
+						{Path: "process2"},
+					},
+				},
+			},
+			check: ProcessCheck{
+				Processes: []Process{
+					{WindowsPath: "process1"},
+					{WindowsPath: "process2"},
+				},
+			},
+			wantErr: false,
+			isValid: true,
+		},
+		{
+			name: "windows with non-matching processes",
+			input: peer.Peer{
+				Meta: peer.PeerSystemMeta{
+					GoOS: "windows",
+					Processes: []peer.Process{
+						{Path: "process3"},
+						{Path: "process4"},
+					},
+				},
+			},
+			check: ProcessCheck{
+				Processes: []Process{
+					{WindowsPath: "process1"},
+					{WindowsPath: "process2"},
+				},
+			},
+			wantErr: false,
+			isValid: false,
+		},
+		{
+			name: "unsupported Ios operating system with matching processes",
+			input: peer.Peer{
+				Meta: peer.PeerSystemMeta{
+					GoOS: "ios",
+				},
+			},
+			check: ProcessCheck{
+				Processes: []Process{
+					{Path: "process1"},
+					{Path: "process2"},
+				},
+			},
+			wantErr: true,
+			isValid: false,
+		},
+		{
+			name: "unsupported android operating system with matching processes",
+			input: peer.Peer{
+				Meta: peer.PeerSystemMeta{
+					GoOS: "android",
+				},
+			},
+			check: ProcessCheck{
+				Processes: []Process{
+					{Path: "process1"},
+					{Path: "process2"},
+				},
+			},
+			wantErr: true,
+			isValid: false,
+		},
 	}
 
 	for _, tt := range tests {