From 1e2731e5e8c2121ef9c921d4aff5df2c3f7ed0bc Mon Sep 17 00:00:00 2001 From: Rebecca Mahany-Horton Date: Fri, 12 May 2023 11:25:06 -0400 Subject: [PATCH 1/3] Include arch in release file path and download file path --- pkg/autoupdate/tuf/autoupdate.go | 3 ++- pkg/autoupdate/tuf/autoupdate_test.go | 4 ++-- pkg/autoupdate/tuf/ci/tuf_server.go | 24 +++++++++++----------- pkg/autoupdate/tuf/library_manager.go | 4 +++- pkg/autoupdate/tuf/library_manager_test.go | 8 ++++---- 5 files changed, 23 insertions(+), 20 deletions(-) diff --git a/pkg/autoupdate/tuf/autoupdate.go b/pkg/autoupdate/tuf/autoupdate.go index eaadd455b..dff54e44a 100644 --- a/pkg/autoupdate/tuf/autoupdate.go +++ b/pkg/autoupdate/tuf/autoupdate.go @@ -9,6 +9,7 @@ import ( "fmt" "net/http" "os" + "path" "path/filepath" "runtime" "strconv" @@ -256,7 +257,7 @@ func (ta *TufAutoupdater) downloadUpdate(binary autoupdatableBinary, targets dat func (ta *TufAutoupdater) findRelease(binary autoupdatableBinary, targets data.TargetFiles) (string, data.TargetFileMeta, error) { // First, find the target that the channel release file is pointing to var releaseTarget string - targetReleaseFile := fmt.Sprintf("%s/%s/%s/release.json", binary, runtime.GOOS, ta.channel) + targetReleaseFile := path.Join(string(binary), runtime.GOOS, runtime.GOARCH, ta.channel, "release.json") for targetName, target := range targets { if targetName != targetReleaseFile { continue diff --git a/pkg/autoupdate/tuf/autoupdate_test.go b/pkg/autoupdate/tuf/autoupdate_test.go index ab279580b..0576689f8 100644 --- a/pkg/autoupdate/tuf/autoupdate_test.go +++ b/pkg/autoupdate/tuf/autoupdate_test.go @@ -94,9 +94,9 @@ func TestExecute(t *testing.T) { // Get metadata for each release _, err = autoupdater.metadataClient.Update() require.NoError(t, err, "could not update metadata client to fetch target metadata") - osquerydMetadata, err := autoupdater.metadataClient.Target(fmt.Sprintf("%s/%s/%s-%s.tar.gz", binaryOsqueryd, runtime.GOOS, binaryOsqueryd, testReleaseVersion)) + osquerydMetadata, err := autoupdater.metadataClient.Target(fmt.Sprintf("%s/%s/%s/%s-%s.tar.gz", binaryOsqueryd, runtime.GOOS, runtime.GOARCH, binaryOsqueryd, testReleaseVersion)) require.NoError(t, err, "could not get test metadata for osqueryd") - launcherMetadata, err := autoupdater.metadataClient.Target(fmt.Sprintf("%s/%s/%s-%s.tar.gz", binaryLauncher, runtime.GOOS, binaryLauncher, testReleaseVersion)) + launcherMetadata, err := autoupdater.metadataClient.Target(fmt.Sprintf("%s/%s/%s/%s-%s.tar.gz", binaryLauncher, runtime.GOOS, runtime.GOARCH, binaryLauncher, testReleaseVersion)) require.NoError(t, err, "could not get test metadata for launcher") // Expect that we attempt to update the library diff --git a/pkg/autoupdate/tuf/ci/tuf_server.go b/pkg/autoupdate/tuf/ci/tuf_server.go index d56d19f92..d2a71f8fa 100644 --- a/pkg/autoupdate/tuf/ci/tuf_server.go +++ b/pkg/autoupdate/tuf/ci/tuf_server.go @@ -52,7 +52,7 @@ func InitRemoteTufServer(t *testing.T, testReleaseVersion string) (tufServerURL // and evaluated. if v == testReleaseVersion { // Create test binary and copy it to the staged targets directory - stagedTargetsDir := filepath.Join(tufDir, "staged", "targets", b, runtime.GOOS) + stagedTargetsDir := filepath.Join(tufDir, "staged", "targets", b, runtime.GOOS, runtime.GOARCH) executablePath := executableLocation(stagedTargetsDir, b) require.NoError(t, os.MkdirAll(filepath.Dir(executablePath), 0777), "could not make staging directory") CopyBinary(t, executablePath) @@ -62,13 +62,13 @@ func InitRemoteTufServer(t *testing.T, testReleaseVersion string) (tufServerURL compress(t, binaryFileName, stagedTargetsDir, stagedTargetsDir, b) } else { // Create and commit a test binary - require.NoError(t, os.MkdirAll(filepath.Join(tufDir, "staged", "targets", b, runtime.GOOS), 0777), "could not make staging directory") - err = os.WriteFile(filepath.Join(tufDir, "staged", "targets", b, runtime.GOOS, binaryFileName), []byte("I am a test target"), 0777) + require.NoError(t, os.MkdirAll(filepath.Join(tufDir, "staged", "targets", b, runtime.GOOS, runtime.GOARCH), 0777), "could not make staging directory") + err = os.WriteFile(filepath.Join(tufDir, "staged", "targets", b, runtime.GOOS, runtime.GOARCH, binaryFileName), []byte("I am a test target"), 0777) require.NoError(t, err, "could not write test target binary to temp dir") } // Add the target - require.NoError(t, repo.AddTarget(fmt.Sprintf("%s/%s/%s", b, runtime.GOOS, binaryFileName), nil), "could not add test target binary to tuf") + require.NoError(t, repo.AddTarget(fmt.Sprintf("%s/%s/%s/%s", b, runtime.GOOS, runtime.GOARCH, binaryFileName), nil), "could not add test target binary to tuf") // Commit require.NoError(t, repo.Snapshot(), "could not take snapshot") @@ -81,11 +81,11 @@ func InitRemoteTufServer(t *testing.T, testReleaseVersion string) (tufServerURL // If this is our release version, also create and commit a test release file for _, c := range []string{"stable", "beta", "nightly"} { - require.NoError(t, os.MkdirAll(filepath.Join(tufDir, "staged", "targets", b, runtime.GOOS, c), 0777), "could not make staging directory") - err = os.WriteFile(filepath.Join(tufDir, "staged", "targets", b, runtime.GOOS, c, "release.json"), []byte("{}"), 0777) + require.NoError(t, os.MkdirAll(filepath.Join(tufDir, "staged", "targets", b, runtime.GOOS, runtime.GOARCH, c), 0777), "could not make staging directory") + err = os.WriteFile(filepath.Join(tufDir, "staged", "targets", b, runtime.GOOS, runtime.GOARCH, c, "release.json"), []byte("{}"), 0777) require.NoError(t, err, "could not write test target release file to temp dir") - customMetadata := fmt.Sprintf("{\"target\":\"%s/%s/%s\"}", b, runtime.GOOS, binaryFileName) - require.NoError(t, repo.AddTarget(fmt.Sprintf("%s/%s/%s/release.json", b, runtime.GOOS, c), []byte(customMetadata)), "could not add test target release file to tuf") + customMetadata := fmt.Sprintf("{\"target\":\"%s/%s/%s/%s\"}", b, runtime.GOOS, runtime.GOARCH, binaryFileName) + require.NoError(t, repo.AddTarget(fmt.Sprintf("%s/%s/%s/%s/release.json", b, runtime.GOOS, runtime.GOARCH, c), []byte(customMetadata)), "could not add test target release file to tuf") // Commit require.NoError(t, repo.Snapshot(), "could not take snapshot") @@ -106,10 +106,10 @@ func InitRemoteTufServer(t *testing.T, testReleaseVersion string) (tufServerURL require.FileExists(t, filepath.Join(tufDir, "repository", "snapshot.json")) require.FileExists(t, filepath.Join(tufDir, "repository", "timestamp.json")) require.FileExists(t, filepath.Join(tufDir, "repository", "targets.json")) - require.FileExists(t, filepath.Join(tufDir, "repository", "targets", "launcher", runtime.GOOS, "stable", "release.json")) - require.FileExists(t, filepath.Join(tufDir, "repository", "targets", "launcher", runtime.GOOS, fmt.Sprintf("launcher-%s.tar.gz", testReleaseVersion))) - require.FileExists(t, filepath.Join(tufDir, "repository", "targets", "osqueryd", runtime.GOOS, "stable", "release.json")) - require.FileExists(t, filepath.Join(tufDir, "repository", "targets", "osqueryd", runtime.GOOS, fmt.Sprintf("osqueryd-%s.tar.gz", testReleaseVersion))) + require.FileExists(t, filepath.Join(tufDir, "repository", "targets", "launcher", runtime.GOOS, runtime.GOARCH, "stable", "release.json")) + require.FileExists(t, filepath.Join(tufDir, "repository", "targets", "launcher", runtime.GOOS, runtime.GOARCH, fmt.Sprintf("launcher-%s.tar.gz", testReleaseVersion))) + require.FileExists(t, filepath.Join(tufDir, "repository", "targets", "osqueryd", runtime.GOOS, runtime.GOARCH, "stable", "release.json")) + require.FileExists(t, filepath.Join(tufDir, "repository", "targets", "osqueryd", runtime.GOOS, runtime.GOARCH, fmt.Sprintf("osqueryd-%s.tar.gz", testReleaseVersion))) // Set up a test server to serve these files testMetadataServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { diff --git a/pkg/autoupdate/tuf/library_manager.go b/pkg/autoupdate/tuf/library_manager.go index bcee5920f..61bcf79f6 100644 --- a/pkg/autoupdate/tuf/library_manager.go +++ b/pkg/autoupdate/tuf/library_manager.go @@ -8,6 +8,7 @@ import ( "io" "net/http" "os" + "path" "path/filepath" "runtime" "sort" @@ -144,7 +145,8 @@ func (ulm *updateLibraryManager) stageAndVerifyUpdate(binary autoupdatableBinary stagedUpdatePath := filepath.Join(ulm.stagingDir, targetFilename) // Request download from mirror - resp, err := ulm.mirrorClient.Get(ulm.mirrorUrl + fmt.Sprintf("/kolide/%s/%s/%s", binary, runtime.GOOS, targetFilename)) + downloadPath := path.Join("/", "kolide", string(binary), runtime.GOOS, runtime.GOARCH, targetFilename) + resp, err := ulm.mirrorClient.Get(ulm.mirrorUrl + downloadPath) if err != nil { return stagedUpdatePath, fmt.Errorf("could not make request to download target %s: %w", targetFilename, err) } diff --git a/pkg/autoupdate/tuf/library_manager_test.go b/pkg/autoupdate/tuf/library_manager_test.go index ec99bac07..cf8d48abc 100644 --- a/pkg/autoupdate/tuf/library_manager_test.go +++ b/pkg/autoupdate/tuf/library_manager_test.go @@ -81,9 +81,9 @@ func TestAddToLibrary(t *testing.T) { require.NoError(t, err, "could not update metadata client") // Get the target metadata - launcherTargetMeta, err := metadataClient.Target(fmt.Sprintf("%s/%s/%s-%s.tar.gz", binaryLauncher, runtime.GOOS, binaryLauncher, testReleaseVersion)) + launcherTargetMeta, err := metadataClient.Target(fmt.Sprintf("%s/%s/%s/%s-%s.tar.gz", binaryLauncher, runtime.GOOS, runtime.GOARCH, binaryLauncher, testReleaseVersion)) require.NoError(t, err, "could not get test metadata for launcher target") - osquerydTargetMeta, err := metadataClient.Target(fmt.Sprintf("%s/%s/%s-%s.tar.gz", binaryOsqueryd, runtime.GOOS, binaryOsqueryd, testReleaseVersion)) + osquerydTargetMeta, err := metadataClient.Target(fmt.Sprintf("%s/%s/%s/%s-%s.tar.gz", binaryOsqueryd, runtime.GOOS, runtime.GOARCH, binaryOsqueryd, testReleaseVersion)) require.NoError(t, err, "could not get test metadata for launcher target") testCases := []struct { @@ -256,9 +256,9 @@ func TestAddToLibrary_verifyStagedUpdate_handlesInvalidFiles(t *testing.T) { require.NoError(t, err, "could not update metadata client") // Get the target metadata - launcherTargetMeta, err := metadataClient.Target(fmt.Sprintf("%s/%s/%s-%s.tar.gz", binaryLauncher, runtime.GOOS, binaryLauncher, testReleaseVersion)) + launcherTargetMeta, err := metadataClient.Target(fmt.Sprintf("%s/%s/%s/%s-%s.tar.gz", binaryLauncher, runtime.GOOS, runtime.GOARCH, binaryLauncher, testReleaseVersion)) require.NoError(t, err, "could not get test metadata for launcher target") - osquerydTargetMeta, err := metadataClient.Target(fmt.Sprintf("%s/%s/%s-%s.tar.gz", binaryOsqueryd, runtime.GOOS, binaryOsqueryd, testReleaseVersion)) + osquerydTargetMeta, err := metadataClient.Target(fmt.Sprintf("%s/%s/%s/%s-%s.tar.gz", binaryOsqueryd, runtime.GOOS, runtime.GOARCH, binaryOsqueryd, testReleaseVersion)) require.NoError(t, err, "could not get test metadata for launcher target") testCases := []struct { From 3443ed0d7f169e2d38b7f5dd81261d2198c12359 Mon Sep 17 00:00:00 2001 From: Rebecca Mahany-Horton Date: Fri, 12 May 2023 13:59:33 -0400 Subject: [PATCH 2/3] Add arch to kolide_tuf_release_version table too --- pkg/osquery/tables/tufinfo/release_version.go | 17 +++++++++++++---- .../tables/tufinfo/release_version_test.go | 4 ++-- 2 files changed, 15 insertions(+), 6 deletions(-) diff --git a/pkg/osquery/tables/tufinfo/release_version.go b/pkg/osquery/tables/tufinfo/release_version.go index 98593633b..9c8cb4092 100644 --- a/pkg/osquery/tables/tufinfo/release_version.go +++ b/pkg/osquery/tables/tufinfo/release_version.go @@ -5,6 +5,7 @@ import ( "encoding/json" "fmt" "os" + "path" "path/filepath" "strings" @@ -21,6 +22,7 @@ func TufReleaseVersionTable(flags types.Flags) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("binary"), table.TextColumn("operating_system"), + table.TextColumn("architecture"), table.TextColumn("channel"), table.TextColumn("target"), } @@ -57,7 +59,7 @@ func generateTufReleaseVersionTable(flags types.Flags) table.GenerateFunc { } parts := strings.Split(targetFileName, "/") - if len(parts) != 4 { + if len(parts) != 5 { // Shouldn't happen given the check above, but just in case continue } @@ -70,7 +72,8 @@ func generateTufReleaseVersionTable(flags types.Flags) table.GenerateFunc { results = append(results, map[string]string{ "binary": binary, "operating_system": parts[1], - "channel": parts[2], + "architecture": parts[2], + "channel": parts[3], "target": metadata.Target, }) } @@ -83,9 +86,15 @@ func generateTufReleaseVersionTable(flags types.Flags) table.GenerateFunc { func expectedReleaseTargets(binary string) map[string]bool { targets := make(map[string]bool, 0) for _, operatingSystem := range []string{"darwin", "windows", "linux"} { - for _, channel := range []string{"stable", "beta", "nightly"} { - targets[fmt.Sprintf("%s/%s/%s/release.json", binary, operatingSystem, channel)] = true + for _, arch := range []string{"universal", "arm64", "amd64"} { + if operatingSystem != "darwin" && arch == "universal" { + continue + } + for _, channel := range []string{"stable", "beta", "alpha", "nightly"} { + targets[path.Join(binary, operatingSystem, arch, channel, "release.json")] = true + } } + } return targets diff --git a/pkg/osquery/tables/tufinfo/release_version_test.go b/pkg/osquery/tables/tufinfo/release_version_test.go index 5621b4624..26c0235b4 100644 --- a/pkg/osquery/tables/tufinfo/release_version_test.go +++ b/pkg/osquery/tables/tufinfo/release_version_test.go @@ -26,8 +26,8 @@ func TestTufReleaseVersionTable(t *testing.T) { testRootDir := t.TempDir() v := randomSemver() - expectedResults["launcher"] = fmt.Sprintf("launcher/%s/launcher-%s.tar.gz", runtime.GOOS, v) - expectedResults["osqueryd"] = fmt.Sprintf("osqueryd/%s/osqueryd-%s.tar.gz", runtime.GOOS, v) + expectedResults["launcher"] = fmt.Sprintf("launcher/%s/%s/launcher-%s.tar.gz", runtime.GOOS, runtime.GOARCH, v) + expectedResults["osqueryd"] = fmt.Sprintf("osqueryd/%s/%s/osqueryd-%s.tar.gz", runtime.GOOS, runtime.GOARCH, v) tufci.SeedLocalTufRepo(t, v, testRootDir) mockFlags := mocks.NewFlags(t) From 5acad29087c3179e3537bcb63baff8ad7f958346 Mon Sep 17 00:00:00 2001 From: Rebecca Mahany-Horton Date: Thu, 29 Jun 2023 12:02:14 -0400 Subject: [PATCH 3/3] Universal for darwin for now --- pkg/autoupdate/tuf/autoupdate.go | 12 +++++++- pkg/autoupdate/tuf/autoupdate_test.go | 4 +-- pkg/autoupdate/tuf/ci/tuf_server.go | 29 +++++++++++-------- pkg/autoupdate/tuf/library_manager.go | 2 +- pkg/autoupdate/tuf/library_manager_test.go | 8 ++--- .../tables/tufinfo/release_version_test.go | 5 ++-- 6 files changed, 38 insertions(+), 22 deletions(-) diff --git a/pkg/autoupdate/tuf/autoupdate.go b/pkg/autoupdate/tuf/autoupdate.go index 6458866a8..dc44a9515 100644 --- a/pkg/autoupdate/tuf/autoupdate.go +++ b/pkg/autoupdate/tuf/autoupdate.go @@ -328,7 +328,7 @@ func (ta *TufAutoupdater) downloadUpdate(binary autoupdatableBinary, targets dat func findRelease(binary autoupdatableBinary, targets data.TargetFiles, channel string) (string, data.TargetFileMeta, error) { // First, find the target that the channel release file is pointing to var releaseTarget string - targetReleaseFile := path.Join(string(binary), runtime.GOOS, runtime.GOARCH, channel, "release.json") + targetReleaseFile := path.Join(string(binary), runtime.GOOS, PlatformArch(), channel, "release.json") for targetName, target := range targets { if targetName != targetReleaseFile { continue @@ -361,6 +361,16 @@ func findRelease(binary autoupdatableBinary, targets data.TargetFiles, channel s return "", data.TargetFileMeta{}, fmt.Errorf("could not find metadata for release target %s for binary %s", releaseTarget, binary) } +// PlatformArch returns the correct arch for the runtime OS. For now, since osquery doesn't publish an arm64 release, +// we use the universal binaries for darwin. +func PlatformArch() string { + if runtime.GOOS == "darwin" { + return "universal" + } + + return runtime.GOARCH +} + // storeError saves errors that occur during the periodic check for updates, so that they // can be queryable via the `kolide_tuf_autoupdater_errors` table. func (ta *TufAutoupdater) storeError(autoupdateErr error) { diff --git a/pkg/autoupdate/tuf/autoupdate_test.go b/pkg/autoupdate/tuf/autoupdate_test.go index 1d042f4f3..224a95900 100644 --- a/pkg/autoupdate/tuf/autoupdate_test.go +++ b/pkg/autoupdate/tuf/autoupdate_test.go @@ -97,9 +97,9 @@ func TestExecute(t *testing.T) { // Get metadata for each release _, err = autoupdater.metadataClient.Update() require.NoError(t, err, "could not update metadata client to fetch target metadata") - osquerydMetadata, err := autoupdater.metadataClient.Target(fmt.Sprintf("%s/%s/%s/%s-%s.tar.gz", binaryOsqueryd, runtime.GOOS, runtime.GOARCH, binaryOsqueryd, testReleaseVersion)) + osquerydMetadata, err := autoupdater.metadataClient.Target(fmt.Sprintf("%s/%s/%s/%s-%s.tar.gz", binaryOsqueryd, runtime.GOOS, PlatformArch(), binaryOsqueryd, testReleaseVersion)) require.NoError(t, err, "could not get test metadata for osqueryd") - launcherMetadata, err := autoupdater.metadataClient.Target(fmt.Sprintf("%s/%s/%s/%s-%s.tar.gz", binaryLauncher, runtime.GOOS, runtime.GOARCH, binaryLauncher, testReleaseVersion)) + launcherMetadata, err := autoupdater.metadataClient.Target(fmt.Sprintf("%s/%s/%s/%s-%s.tar.gz", binaryLauncher, runtime.GOOS, PlatformArch(), binaryLauncher, testReleaseVersion)) require.NoError(t, err, "could not get test metadata for launcher") // Expect that we attempt to tidy the library first before running execute loop diff --git a/pkg/autoupdate/tuf/ci/tuf_server.go b/pkg/autoupdate/tuf/ci/tuf_server.go index d2a71f8fa..02e95af63 100644 --- a/pkg/autoupdate/tuf/ci/tuf_server.go +++ b/pkg/autoupdate/tuf/ci/tuf_server.go @@ -41,6 +41,11 @@ func InitRemoteTufServer(t *testing.T, testReleaseVersion string) (tufServerURL // Sign the root metadata file require.NoError(t, repo.Sign("root.json"), "could not sign root metadata file") + arch := runtime.GOARCH + if runtime.GOOS == "darwin" { + arch = "universal" + } + // Create test binaries and release files per binary and per release channel for _, b := range []string{"osqueryd", "launcher"} { for _, v := range []string{"0.1.1", "0.12.3-deadbeef", testReleaseVersion} { @@ -52,7 +57,7 @@ func InitRemoteTufServer(t *testing.T, testReleaseVersion string) (tufServerURL // and evaluated. if v == testReleaseVersion { // Create test binary and copy it to the staged targets directory - stagedTargetsDir := filepath.Join(tufDir, "staged", "targets", b, runtime.GOOS, runtime.GOARCH) + stagedTargetsDir := filepath.Join(tufDir, "staged", "targets", b, runtime.GOOS, arch) executablePath := executableLocation(stagedTargetsDir, b) require.NoError(t, os.MkdirAll(filepath.Dir(executablePath), 0777), "could not make staging directory") CopyBinary(t, executablePath) @@ -62,13 +67,13 @@ func InitRemoteTufServer(t *testing.T, testReleaseVersion string) (tufServerURL compress(t, binaryFileName, stagedTargetsDir, stagedTargetsDir, b) } else { // Create and commit a test binary - require.NoError(t, os.MkdirAll(filepath.Join(tufDir, "staged", "targets", b, runtime.GOOS, runtime.GOARCH), 0777), "could not make staging directory") - err = os.WriteFile(filepath.Join(tufDir, "staged", "targets", b, runtime.GOOS, runtime.GOARCH, binaryFileName), []byte("I am a test target"), 0777) + require.NoError(t, os.MkdirAll(filepath.Join(tufDir, "staged", "targets", b, runtime.GOOS, arch), 0777), "could not make staging directory") + err = os.WriteFile(filepath.Join(tufDir, "staged", "targets", b, runtime.GOOS, arch, binaryFileName), []byte("I am a test target"), 0777) require.NoError(t, err, "could not write test target binary to temp dir") } // Add the target - require.NoError(t, repo.AddTarget(fmt.Sprintf("%s/%s/%s/%s", b, runtime.GOOS, runtime.GOARCH, binaryFileName), nil), "could not add test target binary to tuf") + require.NoError(t, repo.AddTarget(fmt.Sprintf("%s/%s/%s/%s", b, runtime.GOOS, arch, binaryFileName), nil), "could not add test target binary to tuf") // Commit require.NoError(t, repo.Snapshot(), "could not take snapshot") @@ -81,11 +86,11 @@ func InitRemoteTufServer(t *testing.T, testReleaseVersion string) (tufServerURL // If this is our release version, also create and commit a test release file for _, c := range []string{"stable", "beta", "nightly"} { - require.NoError(t, os.MkdirAll(filepath.Join(tufDir, "staged", "targets", b, runtime.GOOS, runtime.GOARCH, c), 0777), "could not make staging directory") - err = os.WriteFile(filepath.Join(tufDir, "staged", "targets", b, runtime.GOOS, runtime.GOARCH, c, "release.json"), []byte("{}"), 0777) + require.NoError(t, os.MkdirAll(filepath.Join(tufDir, "staged", "targets", b, runtime.GOOS, arch, c), 0777), "could not make staging directory") + err = os.WriteFile(filepath.Join(tufDir, "staged", "targets", b, runtime.GOOS, arch, c, "release.json"), []byte("{}"), 0777) require.NoError(t, err, "could not write test target release file to temp dir") - customMetadata := fmt.Sprintf("{\"target\":\"%s/%s/%s/%s\"}", b, runtime.GOOS, runtime.GOARCH, binaryFileName) - require.NoError(t, repo.AddTarget(fmt.Sprintf("%s/%s/%s/%s/release.json", b, runtime.GOOS, runtime.GOARCH, c), []byte(customMetadata)), "could not add test target release file to tuf") + customMetadata := fmt.Sprintf("{\"target\":\"%s/%s/%s/%s\"}", b, runtime.GOOS, arch, binaryFileName) + require.NoError(t, repo.AddTarget(fmt.Sprintf("%s/%s/%s/%s/release.json", b, runtime.GOOS, arch, c), []byte(customMetadata)), "could not add test target release file to tuf") // Commit require.NoError(t, repo.Snapshot(), "could not take snapshot") @@ -106,10 +111,10 @@ func InitRemoteTufServer(t *testing.T, testReleaseVersion string) (tufServerURL require.FileExists(t, filepath.Join(tufDir, "repository", "snapshot.json")) require.FileExists(t, filepath.Join(tufDir, "repository", "timestamp.json")) require.FileExists(t, filepath.Join(tufDir, "repository", "targets.json")) - require.FileExists(t, filepath.Join(tufDir, "repository", "targets", "launcher", runtime.GOOS, runtime.GOARCH, "stable", "release.json")) - require.FileExists(t, filepath.Join(tufDir, "repository", "targets", "launcher", runtime.GOOS, runtime.GOARCH, fmt.Sprintf("launcher-%s.tar.gz", testReleaseVersion))) - require.FileExists(t, filepath.Join(tufDir, "repository", "targets", "osqueryd", runtime.GOOS, runtime.GOARCH, "stable", "release.json")) - require.FileExists(t, filepath.Join(tufDir, "repository", "targets", "osqueryd", runtime.GOOS, runtime.GOARCH, fmt.Sprintf("osqueryd-%s.tar.gz", testReleaseVersion))) + require.FileExists(t, filepath.Join(tufDir, "repository", "targets", "launcher", runtime.GOOS, arch, "stable", "release.json")) + require.FileExists(t, filepath.Join(tufDir, "repository", "targets", "launcher", runtime.GOOS, arch, fmt.Sprintf("launcher-%s.tar.gz", testReleaseVersion))) + require.FileExists(t, filepath.Join(tufDir, "repository", "targets", "osqueryd", runtime.GOOS, arch, "stable", "release.json")) + require.FileExists(t, filepath.Join(tufDir, "repository", "targets", "osqueryd", runtime.GOOS, arch, fmt.Sprintf("osqueryd-%s.tar.gz", testReleaseVersion))) // Set up a test server to serve these files testMetadataServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { diff --git a/pkg/autoupdate/tuf/library_manager.go b/pkg/autoupdate/tuf/library_manager.go index b8fd1e277..3e57c6bf0 100644 --- a/pkg/autoupdate/tuf/library_manager.go +++ b/pkg/autoupdate/tuf/library_manager.go @@ -122,7 +122,7 @@ func (ulm *updateLibraryManager) stageAndVerifyUpdate(binary autoupdatableBinary stagedUpdatePath := filepath.Join(ulm.stagingDir, targetFilename) // Request download from mirror - downloadPath := path.Join("/", "kolide", string(binary), runtime.GOOS, runtime.GOARCH, targetFilename) + downloadPath := path.Join("/", "kolide", string(binary), runtime.GOOS, PlatformArch(), targetFilename) resp, err := ulm.mirrorClient.Get(ulm.mirrorUrl + downloadPath) if err != nil { return stagedUpdatePath, fmt.Errorf("could not make request to download target %s: %w", targetFilename, err) diff --git a/pkg/autoupdate/tuf/library_manager_test.go b/pkg/autoupdate/tuf/library_manager_test.go index 29386956c..70ae7df20 100644 --- a/pkg/autoupdate/tuf/library_manager_test.go +++ b/pkg/autoupdate/tuf/library_manager_test.go @@ -102,9 +102,9 @@ func TestAddToLibrary(t *testing.T) { require.NoError(t, err, "could not update metadata client") // Get the target metadata - launcherTargetMeta, err := metadataClient.Target(fmt.Sprintf("%s/%s/%s/%s-%s.tar.gz", binaryLauncher, runtime.GOOS, runtime.GOARCH, binaryLauncher, testReleaseVersion)) + launcherTargetMeta, err := metadataClient.Target(fmt.Sprintf("%s/%s/%s/%s-%s.tar.gz", binaryLauncher, runtime.GOOS, PlatformArch(), binaryLauncher, testReleaseVersion)) require.NoError(t, err, "could not get test metadata for launcher target") - osquerydTargetMeta, err := metadataClient.Target(fmt.Sprintf("%s/%s/%s/%s-%s.tar.gz", binaryOsqueryd, runtime.GOOS, runtime.GOARCH, binaryOsqueryd, testReleaseVersion)) + osquerydTargetMeta, err := metadataClient.Target(fmt.Sprintf("%s/%s/%s/%s-%s.tar.gz", binaryOsqueryd, runtime.GOOS, PlatformArch(), binaryOsqueryd, testReleaseVersion)) require.NoError(t, err, "could not get test metadata for launcher target") testCases := []struct { @@ -263,9 +263,9 @@ func TestAddToLibrary_verifyStagedUpdate_handlesInvalidFiles(t *testing.T) { require.NoError(t, err, "could not update metadata client") // Get the target metadata - launcherTargetMeta, err := metadataClient.Target(fmt.Sprintf("%s/%s/%s/%s-%s.tar.gz", binaryLauncher, runtime.GOOS, runtime.GOARCH, binaryLauncher, testReleaseVersion)) + launcherTargetMeta, err := metadataClient.Target(fmt.Sprintf("%s/%s/%s/%s-%s.tar.gz", binaryLauncher, runtime.GOOS, PlatformArch(), binaryLauncher, testReleaseVersion)) require.NoError(t, err, "could not get test metadata for launcher target") - osquerydTargetMeta, err := metadataClient.Target(fmt.Sprintf("%s/%s/%s/%s-%s.tar.gz", binaryOsqueryd, runtime.GOOS, runtime.GOARCH, binaryOsqueryd, testReleaseVersion)) + osquerydTargetMeta, err := metadataClient.Target(fmt.Sprintf("%s/%s/%s/%s-%s.tar.gz", binaryOsqueryd, runtime.GOOS, PlatformArch(), binaryOsqueryd, testReleaseVersion)) require.NoError(t, err, "could not get test metadata for launcher target") testCases := []struct { diff --git a/pkg/osquery/tables/tufinfo/release_version_test.go b/pkg/osquery/tables/tufinfo/release_version_test.go index 26c0235b4..ecc1861a1 100644 --- a/pkg/osquery/tables/tufinfo/release_version_test.go +++ b/pkg/osquery/tables/tufinfo/release_version_test.go @@ -10,6 +10,7 @@ import ( "github.com/google/uuid" "github.com/kolide/launcher/pkg/agent/types/mocks" + "github.com/kolide/launcher/pkg/autoupdate/tuf" tufci "github.com/kolide/launcher/pkg/autoupdate/tuf/ci" "github.com/osquery/osquery-go/gen/osquery" @@ -26,8 +27,8 @@ func TestTufReleaseVersionTable(t *testing.T) { testRootDir := t.TempDir() v := randomSemver() - expectedResults["launcher"] = fmt.Sprintf("launcher/%s/%s/launcher-%s.tar.gz", runtime.GOOS, runtime.GOARCH, v) - expectedResults["osqueryd"] = fmt.Sprintf("osqueryd/%s/%s/osqueryd-%s.tar.gz", runtime.GOOS, runtime.GOARCH, v) + expectedResults["launcher"] = fmt.Sprintf("launcher/%s/%s/launcher-%s.tar.gz", runtime.GOOS, tuf.PlatformArch(), v) + expectedResults["osqueryd"] = fmt.Sprintf("osqueryd/%s/%s/osqueryd-%s.tar.gz", runtime.GOOS, tuf.PlatformArch(), v) tufci.SeedLocalTufRepo(t, v, testRootDir) mockFlags := mocks.NewFlags(t)