mirror of
https://github.com/netbirdio/netbird.git
synced 2024-12-12 18:00:49 +01:00
51f133fdc6
* wip: add posture checks structs * add netbird version check * Refactor posture checks and add version checks * Add posture check activities (#1445) * Integrate Endpoints for Posture Checks (#1432) * wip: add posture checks structs * add netbird version check * Refactor posture checks and add version checks * Implement posture and version checks in API models * Refactor API models and enhance posture check functionality * wip: add posture checks endpoints * go mod tidy * Reference the posture checks by id's in policy * Add posture checks management to server * Add posture checks management mocks * implement posture checks handlers * Add posture checks to account copy and fix tests * Refactor posture checks validation * wip: Add posture checks handler tests * Add JSON encoding support to posture checks * Encode posture checks to correct api response object * Refactored posture checks implementation to align with the new API schema * Refactor structure of `Checks` from slice to map * Cleanup * Add posture check activities (#1445) * Revert map to use list of checks * Add posture check activity events * Refactor posture check initialization in account test * Improve the handling of version range in posture check * Fix tests and linter * Remove max_version from NBVersionCheck * Added unit tests for NBVersionCheck * go mod tidy * Extend policy endpoint with posture checks (#1450) * Implement posture and version checks in API models * go mod tidy * Allow attaching posture checks to policy * Update error message for linked posture check on deleting * Refactor PostureCheck and Checks structures * go mod tidy * Add validation for non-existing posture checks * fix unit tests * use Wt version * Remove the enabled field, as posture check will now automatically be activated by default when attaching to a policy * wip: add posture checks structs * add netbird version check * Refactor posture checks and add version checks * Add posture check activities (#1445) * Integrate Endpoints for Posture Checks (#1432) * wip: add posture checks structs * add netbird version check * Refactor posture checks and add version checks * Implement posture and version checks in API models * Refactor API models and enhance posture check functionality * wip: add posture checks endpoints * go mod tidy * Reference the posture checks by id's in policy * Add posture checks management to server * Add posture checks management mocks * implement posture checks handlers * Add posture checks to account copy and fix tests * Refactor posture checks validation * wip: Add posture checks handler tests * Add JSON encoding support to posture checks * Encode posture checks to correct api response object * Refactored posture checks implementation to align with the new API schema * Refactor structure of `Checks` from slice to map * Cleanup * Add posture check activities (#1445) * Revert map to use list of checks * Add posture check activity events * Refactor posture check initialization in account test * Improve the handling of version range in posture check * Fix tests and linter * Remove max_version from NBVersionCheck * Added unit tests for NBVersionCheck * go mod tidy * Extend policy endpoint with posture checks (#1450) * Implement posture and version checks in API models * go mod tidy * Allow attaching posture checks to policy * Update error message for linked posture check on deleting * Refactor PostureCheck and Checks structures * go mod tidy * Add validation for non-existing posture checks * fix unit tests * use Wt version * Remove the enabled field, as posture check will now automatically be activated by default when attaching to a policy * Extend network map generation with posture checks (#1466) * Apply posture checks to network map generation * run policy posture checks on peers to connect * Refactor and streamline policy posture check process for peers to connect. * Add posture checks testing in a network map * Remove redundant nil check in policy.go * Refactor peer validation check in policy.go * Update 'Check' function signature and use logger for version check * Refactor posture checks run on sources and updated the validation func * Update peer validation * fix tests * improved test coverage for policy posture check * Refactoring * Extend NetBird agent to collect kernel version (#1495) * Add KernelVersion field to LoginRequest * Add KernelVersion to system info retrieval * Fix tests * Remove Core field from system info * Replace Core field with new OSVersion field in system info * Added WMI dependency to info_windows.go * Add OS Version posture checks (#1479) * Initial support of Geolocation service (#1491) * Add Geo Location posture check (#1500) * wip: implement geolocation check * add geo location posture checks to posture api * Merge branch 'feature/posture-checks' into geo-posture-check * Remove CityGeoNameID and update required fields in API * Add geoLocation checks to posture checks handler tests * Implement geo location-based checks for peers * Update test values and embed location struct in peer system * add support for country wide checks * initialize country code regex once * Fix peer meta core compability with older clients (#1515) * Refactor extraction of OSVersion in grpcserver * Ignore lint check * Fix peer meta core compability with older management (#1532) * Revert core field deprecation * fix tests * Extend peer meta with location information (#1517) This PR uses the geolocation service to resolve IP to location. The lookup happens once on the first connection - when a client calls the Sync func. The location is stored as part of the peer: * Add Locations endpoints (#1516) * add locations endpoints * Add sqlite3 check and database generation in geolite script * Add SQLite storage for geolocation data * Refactor file existence check into a separate function * Integrate geolocation services into management application * Refactoring * Refactor city retrieval to include Geonames ID * Add signature verification for GeoLite2 database download * Change to in-memory database for geolocation store * Merge manager to geolocation * Update GetAllCountries to return Country name and iso code * fix tests * Add reload to SqliteStore * Add geoname indexes * move db file check to connectDB * Add concurrency safety to SQL queries and database reloading The commit adds mutex locks to the GetAllCountries and GetCitiesByCountry functions to ensure thread-safety during database queries. Additionally, it introduces a mechanism to safely close the old database connection before a new connection is established upon reloading, which improves the reliability of database operations. Lastly, it moves the checking of database file existence to the connectDB function. * Add sha256 sum check to geolocation store before reload * Use read lock * Check SHA256 twice when reload geonames db --------- Co-authored-by: Yury Gargay <yury.gargay@gmail.com> * Add tests and validation for empty peer location in GeoLocationCheck (#1546) * Disallow Geo check creation/update without configured Geo DB (#1548) * Fix shared access to in memory copy of geonames.db (#1550) * Trim suffix in when evaluate Min Kernel Version in OS check * Add Valid Peer Windows Kernel version test * Add Geolocation handler tests (#1556) * Implement user admin checks in posture checks * Add geolocation handler tests * Mark initGeolocationTestData as helper func * Add error handling to geolocation database closure * Add cleanup function to close geolocation resources * Simplify checks definition serialisation (#1555) * Regenerate network map on posture check update (#1563) * change network state and generate map on posture check update * Refactoring * Make city name optional (#1575) * Do not return empty city name * Validate action param of geo location checks (#1577) We only support allow and deny * Switch realip middleware to upstream (#1578) * Be more silent in download-geolite2.sh script * Fix geonames db reload (#1580) * Ensure posture check name uniqueness when create (#1594) * Enhance the management of posture checks (#1595) * add a correct min version and kernel for os posture check example * handle error when geo or location db is nil * expose all peer location details in api response * Check for nil geolocation manager only * Validate posture check before save * bump open api version * add peer location fields to toPeerListItemResponse * Feautre/extend sys meta (#1536) * Collect network addresses * Add Linux sys product info * Fix peer meta comparison * Collect sys info on mac * Add windows sys info * Fix test * Fix test * Fix grpc client * Ignore test * Fix test * Collect IPv6 addresses * Change the IP to IP + net * fix tests * Use netip on server side * Serialize netip to json * Extend Peer metadata with cloud detection (#1552) * add cloud detection + test binary * test windows exe * Collect IPv6 addresses * Change the IP to IP + net * switch to forked cloud detect lib * new test builds * new GCE build * discontinue using library but local copy instead * fix imports * remove openstack check * add hierarchy to cloud check * merge IBM and SoftLayer * close resp bodies and use os lib for file reading * close more resp bodies * fix error check logic * parallelize IBM checks * fix response value * go mod tidy * include context + change kubernetes detection * add context in info functions * extract platform into separate field * fix imports * add missing wmi import --------- Co-authored-by: Zoltan Papp <zoltan.pmail@gmail.com> --------- Co-authored-by: pascal-fischer <32096965+pascal-fischer@users.noreply.github.com> * generate proto * remove test binaries --------- Co-authored-by: bcmmbaga <bethuelmbaga12@gmail.com> Co-authored-by: Yury Gargay <yury.gargay@gmail.com> Co-authored-by: Zoltan Papp <zoltan.pmail@gmail.com>
125 lines
2.9 KiB
Go
125 lines
2.9 KiB
Go
//go:build !android
|
|
// +build !android
|
|
|
|
package system
|
|
|
|
import (
|
|
"bytes"
|
|
"context"
|
|
"os"
|
|
"os/exec"
|
|
"runtime"
|
|
"strings"
|
|
"time"
|
|
|
|
log "github.com/sirupsen/logrus"
|
|
"github.com/zcalusic/sysinfo"
|
|
|
|
"github.com/netbirdio/netbird/client/system/detect_cloud"
|
|
"github.com/netbirdio/netbird/client/system/detect_platform"
|
|
"github.com/netbirdio/netbird/version"
|
|
)
|
|
|
|
// GetInfo retrieves and parses the system information
|
|
func GetInfo(ctx context.Context) *Info {
|
|
info := _getInfo()
|
|
for strings.Contains(info, "broken pipe") {
|
|
info = _getInfo()
|
|
time.Sleep(500 * time.Millisecond)
|
|
}
|
|
|
|
releaseInfo := _getReleaseInfo()
|
|
for strings.Contains(info, "broken pipe") {
|
|
releaseInfo = _getReleaseInfo()
|
|
time.Sleep(500 * time.Millisecond)
|
|
}
|
|
|
|
osRelease := strings.Split(releaseInfo, "\n")
|
|
var osName string
|
|
var osVer string
|
|
for _, s := range osRelease {
|
|
if strings.HasPrefix(s, "NAME=") {
|
|
osName = strings.Split(s, "=")[1]
|
|
osName = strings.ReplaceAll(osName, "\"", "")
|
|
} else if strings.HasPrefix(s, "VERSION_ID=") {
|
|
osVer = strings.Split(s, "=")[1]
|
|
osVer = strings.ReplaceAll(osVer, "\"", "")
|
|
}
|
|
}
|
|
|
|
osStr := strings.ReplaceAll(info, "\n", "")
|
|
osStr = strings.ReplaceAll(osStr, "\r\n", "")
|
|
osInfo := strings.Split(osStr, " ")
|
|
if osName == "" {
|
|
osName = osInfo[3]
|
|
}
|
|
|
|
systemHostname, _ := os.Hostname()
|
|
|
|
addrs, err := networkAddresses()
|
|
if err != nil {
|
|
log.Warnf("failed to discover network addresses: %s", err)
|
|
}
|
|
|
|
serialNum, prodName, manufacturer := sysInfo()
|
|
|
|
env := Environment{
|
|
Cloud: detect_cloud.Detect(ctx),
|
|
Platform: detect_platform.Detect(ctx),
|
|
}
|
|
|
|
gio := &Info{
|
|
Kernel: osInfo[0],
|
|
Platform: osInfo[2],
|
|
OS: osName,
|
|
OSVersion: osVer,
|
|
Hostname: extractDeviceName(ctx, systemHostname),
|
|
GoOS: runtime.GOOS,
|
|
CPUs: runtime.NumCPU(),
|
|
WiretrusteeVersion: version.NetbirdVersion(),
|
|
UIVersion: extractUserAgent(ctx),
|
|
KernelVersion: osInfo[1],
|
|
NetworkAddresses: addrs,
|
|
SystemSerialNumber: serialNum,
|
|
SystemProductName: prodName,
|
|
SystemManufacturer: manufacturer,
|
|
Environment: env,
|
|
}
|
|
|
|
return gio
|
|
}
|
|
|
|
func _getInfo() string {
|
|
cmd := exec.Command("uname", "-srio")
|
|
cmd.Stdin = strings.NewReader("some")
|
|
var out bytes.Buffer
|
|
var stderr bytes.Buffer
|
|
cmd.Stdout = &out
|
|
cmd.Stderr = &stderr
|
|
err := cmd.Run()
|
|
if err != nil {
|
|
log.Warnf("getInfo: %s", err)
|
|
}
|
|
return out.String()
|
|
}
|
|
|
|
func _getReleaseInfo() string {
|
|
cmd := exec.Command("cat", "/etc/os-release")
|
|
cmd.Stdin = strings.NewReader("some")
|
|
var out bytes.Buffer
|
|
var stderr bytes.Buffer
|
|
cmd.Stdout = &out
|
|
cmd.Stderr = &stderr
|
|
err := cmd.Run()
|
|
if err != nil {
|
|
log.Warnf("geucwReleaseInfo: %s", err)
|
|
}
|
|
return out.String()
|
|
}
|
|
|
|
func sysInfo() (serialNumber string, productName string, manufacturer string) {
|
|
var si sysinfo.SysInfo
|
|
si.GetSysInfo()
|
|
return si.Product.Version, si.Product.Name, si.Product.Vendor
|
|
}
|