Skip to content

Commit

Permalink
Merge pull request #1202 from trimble-oss/trcshk_build
Browse files Browse the repository at this point in the history
Trcshk build
  • Loading branch information
meghan-bailey authored Aug 24, 2024
2 parents 6c20acc + b3fb095 commit 390c481
Show file tree
Hide file tree
Showing 17 changed files with 407 additions and 62 deletions.
6 changes: 6 additions & 0 deletions atrium/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,12 @@ trcshell: trcshellbuild trcshellsha
trcshellwin:
@GOPATH=$(GOPATH) GOBIN=$(GOBIN) GOOS=windows GOARCH=amd64 go build -tags "tc windows azrcr memonly" -o plugins/deploy/target/trcsh.exe github.com/trimble-oss/tierceron/atrium/vestibulum/shell/trcsh

trcshellkernelbuild:
@GOPATH=$(GOPATH) GOBIN=$(GOBIN) go build -o plugins/deploy/target/trcshk -trimpath -tags "tc azrcr memonly kernel" github.com/trimble-oss/tierceron/atrium/vestibulum/shell/trcsh
trcshellkernelsha:
sha256sum plugins/deploy/target/trcshk | cut -d' ' -f1 > plugins/deploy/target/trcshk.sha256
trcshellkernel: trcshellkernelbuild trcshellkernelsha

localtrcshell:
@GOPATH=$(GOPATH) GOBIN=$(GOBIN) GOOS=windows GOARCH=amd64 go build -tags "tc windows dockercr memonly" -o $(GOBIN)/trcsh.exe github.com/trimble-oss/tierceron/atrium/vestibulum/shell/trcsh

Expand Down
76 changes: 66 additions & 10 deletions atrium/vestibulum/trcdb/trcplgtoolbase/trcplgtoolbase.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ package trcplgtoolbase
import (
"bufio"
"crypto/sha256"
"encoding/hex"
"errors"
"flag"
"fmt"
Expand All @@ -17,10 +18,12 @@ import (

"github.com/trimble-oss/tierceron/buildopts"
"github.com/trimble-oss/tierceron/buildopts/coreopts"
"github.com/trimble-oss/tierceron/buildopts/memprotectopts"
"github.com/trimble-oss/tierceron/pkg/capauth"
"github.com/trimble-oss/tierceron/pkg/core"
trcvutils "github.com/trimble-oss/tierceron/pkg/core/util"
"github.com/trimble-oss/tierceron/pkg/core/util/docker"
"github.com/trimble-oss/tierceron/pkg/core/util/hive"
"github.com/trimble-oss/tierceron/pkg/core/util/repository"
eUtils "github.com/trimble-oss/tierceron/pkg/utils"

Expand All @@ -38,7 +41,8 @@ func CommonMain(envDefaultPtr *string,
regionPtr *string,
flagset *flag.FlagSet,
argLines []string,
trcshDriverConfig *capauth.TrcshDriverConfig) error {
trcshDriverConfig *capauth.TrcshDriverConfig,
pluginHandler ...*hive.PluginHandler) error {

var flagEnvPtr *string
// Main functions are as follows:
Expand All @@ -58,6 +62,8 @@ func CommonMain(envDefaultPtr *string,
defineServicePtr := flagset.Bool("defineService", false, "Service is defined.")
certifyImagePtr := flagset.Bool("certify", false, "Used to certifies vault plugin.")
// These functions only valid for pluginType trcshservice
pluginservicestartPtr := flagset.Bool("pluginservicestart", false, "To start a trcshell kernel service for a particular plugin.")
pluginservicestopPtr := flagset.Bool("pluginservicestop", false, "To stop a trcshell kernel service for a particular plugin.")
winservicestopPtr := flagset.Bool("winservicestop", false, "To stop a windows service for a particular plugin.")
winservicestartPtr := flagset.Bool("winservicestart", false, "To start a windows service for a particular plugin.")
codebundledeployPtr := flagset.Bool("codebundledeploy", false, "To deploy a code bundle.")
Expand Down Expand Up @@ -194,7 +200,7 @@ func CommonMain(envDefaultPtr *string,
return errors.New("-pathParam can only contain alphanumberic characters or underscores")
}
}
if *agentdeployPtr || *winservicestopPtr || *winservicestartPtr || *codebundledeployPtr {
if *agentdeployPtr || *winservicestopPtr || *winservicestartPtr || *codebundledeployPtr || *pluginservicestopPtr || *pluginservicestartPtr {
*pluginTypePtr = "trcshservice"
}

Expand Down Expand Up @@ -223,8 +229,10 @@ func CommonMain(envDefaultPtr *string,
fmt.Printf("codebundledeploy not supported for plugin type %s in trcsh\n", *pluginTypePtr)
return fmt.Errorf("codebundledeploy not supported for plugin type %s in trcsh", *pluginTypePtr)
}
case "trccmdtool": // A trc command line tool.
case "trcshservice": // A trcshservice managed microservice
case "trcshkubeservice":
case "trcshpluginservice":
default:
if !*agentdeployPtr {
fmt.Println("Unsupported plugin type: " + *pluginTypePtr)
Expand Down Expand Up @@ -289,6 +297,9 @@ func CommonMain(envDefaultPtr *string,
eUtils.LogErrorMessage(&trcshDriverConfigBase.DriverConfig.CoreConfig, "Auth failure: "+autoErr.Error(), false)
return errors.New("auth failure")
}
if len(*tokenPtr) > 0 {
trcshDriverConfigBase.DriverConfig.CoreConfig.Token = *tokenPtr
}
}
if logger != nil {
logger.Printf("Certify begin gathering certify configs\n")
Expand Down Expand Up @@ -330,8 +341,12 @@ func CommonMain(envDefaultPtr *string,
config.StartDir = []string{*startDirPtr}
if *pluginNameAliasPtr != "" {
trcshDriverConfigBase.DriverConfig.SubSectionValue = *pluginNameAliasPtr
} else {
} else if *pluginNamePtr != "" {
trcshDriverConfigBase.DriverConfig.SubSectionValue = strings.Split(*pluginNamePtr, ":")[0]
} else if deploy_plugin, ok := trcshDriverConfigBase.DriverConfig.DeploymentConfig["trcplugin"]; ok {
if subsv, k := deploy_plugin.(string); k {
trcshDriverConfigBase.DriverConfig.SubSectionValue = subsv
}
}
mod.Env = *envDefaultPtr
if logger != nil {
Expand Down Expand Up @@ -432,7 +447,7 @@ func CommonMain(envDefaultPtr *string,
if *defineServicePtr {
pluginToolConfig["trcplugin"] = pluginToolConfig["pluginNamePtr"].(string)
}
if _, ok := pluginToolConfig["serviceNamePtr"].(string); ok {
if _, ok := pluginToolConfig["serviceNamePtr"].(string); ok && len(pluginToolConfig["serviceNamePtr"].(string)) > 0 {
pluginToolConfig["trcservicename"] = pluginToolConfig["serviceNamePtr"].(string)
}
if *certifyImagePtr {
Expand Down Expand Up @@ -593,6 +608,7 @@ func CommonMain(envDefaultPtr *string,
pluginToolConfig["trcsha256"] = trcshDriverConfigBase.DriverConfig.DeploymentConfig["trcsha256"]
}
}

if pluginToolConfig["trcsha256"] != nil && len(pluginToolConfig["trcsha256"].(string)) > 0 {
err := repository.GetImageAndShaFromDownload(&trcshDriverConfigBase.DriverConfig, pluginToolConfig)
if err != nil {
Expand Down Expand Up @@ -643,12 +659,13 @@ func CommonMain(envDefaultPtr *string,
return err
}
}

err = os.WriteFile(deployPath, pluginToolConfig["rawImageFile"].([]byte), 0644)
if err != nil {
fmt.Println(err.Error())
fmt.Println("Image write failure.")
return err
if rif, ok := pluginToolConfig["rawImageFile"]; ok {
err = os.WriteFile(deployPath, rif.([]byte), 0644)
if err != nil {
fmt.Println(err.Error())
fmt.Println("Image write failure.")
return err
}
}

if expandTarget, ok := pluginToolConfig["trcexpandtarget"].(string); ok && expandTarget == "true" {
Expand Down Expand Up @@ -697,6 +714,33 @@ func CommonMain(envDefaultPtr *string,
}
return errors.New(errMessage)
}
if ptcsha256, ok := pluginToolConfig["trcsha256"]; ok && coreopts.BuildOptions.IsKernel() {
h := sha256.New()
pathToSO := hive.LoadPluginPath(&trcshDriverConfigBase.DriverConfig)
f, err := os.OpenFile(pathToSO, os.O_RDONLY, 0666)
if err != nil {
return err
}
defer f.Close()
err = memprotectopts.SetChattr(f)
if err != nil {
fmt.Println(err)
return err
}
if _, err := io.Copy(h, f); err != nil {
fmt.Printf("Unable to copy file: %s\n", err)
logger.Printf("Unable to copy file: %s\n", err)
return err
}
sha := hex.EncodeToString(h.Sum(nil))
if ptcsha256.(string) == sha {
err = memprotectopts.UnsetChattr(f)
if err != nil {
return err
}
hive.PluginMod = hive.LoadPluginMod(&trcshDriverConfigBase.DriverConfig, pathToSO)
}
}
} else if *certifyImagePtr {
//Certify Image
carrierCertify := false
Expand Down Expand Up @@ -800,6 +844,18 @@ func CommonMain(envDefaultPtr *string,
fmt.Println("Incorrect trcplgtool utilization")
return err
}
} else if *pluginservicestartPtr && coreopts.BuildOptions.IsKernel() {
if len(pluginHandler) > 0 {
pluginHandler[0].PluginserviceStart(&trcshDriverConfigBase.DriverConfig, pluginToolConfig)
} else {
fmt.Println("No handler provided for plugin service startup.")
}
} else if *pluginservicestopPtr && coreopts.BuildOptions.IsKernel() {
if len(pluginHandler) > 0 {
pluginHandler[0].PluginserviceStop(&trcshDriverConfigBase.DriverConfig)
} else {
fmt.Println("No handler provided for plugin service startup.")
}
}
//Checks if image has been copied & deployed
if *checkDeployedPtr {
Expand Down
7 changes: 6 additions & 1 deletion atrium/vestibulum/trcsh/deployutil/deployutil.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import (
"fmt"
"strings"

"github.com/trimble-oss/tierceron/buildopts/coreopts"
"github.com/trimble-oss/tierceron/buildopts/memonly"
"github.com/trimble-oss/tierceron/buildopts/memprotectopts"
"github.com/trimble-oss/tierceron/pkg/capauth"
Expand Down Expand Up @@ -125,7 +126,11 @@ func GetDeployers(trcshDriverConfig *capauth.TrcshDriverConfig) ([]string, error
continue
}

if deploymentConfig["trctype"].(string) == "trcshservice" {
if coreopts.BuildOptions.IsKernel() {
if deploymentConfig["trctype"].(string) == "trcshpluginservice" {
deploymentList = append(deploymentList, deployment)
}
} else if deploymentConfig["trctype"].(string) == "trcshservice" {
deploymentList = append(deploymentList, deployment)
}
}
Expand Down
12 changes: 3 additions & 9 deletions atrium/vestibulum/trcsh/trcshauth/auth.go
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,6 @@ import (
"strings"
"time"

eUtils "github.com/trimble-oss/tierceron/pkg/utils"

"github.com/trimble-oss/tierceron-hat/cap"
"github.com/trimble-oss/tierceron/buildopts/memprotectopts"
"github.com/trimble-oss/tierceron/pkg/capauth"
Expand Down Expand Up @@ -231,8 +229,10 @@ func TrcshAuth(featherCtx *cap.FeatherContext, agentConfigs *capauth.AgentConfig

func ValidateTrcshPathSha(mod *kv.Modifier, pluginConfig map[string]interface{}, logger *log.Logger) (bool, error) {
certifyPath := "super-secrets/Index/TrcVault/trcplugin/trcsh/Certify"
var pluginName string
if plugin, ok := pluginConfig["plugin"].(string); ok {
certifyPath = "super-secrets/Index/TrcVault/trcplugin/" + plugin + "/Certify"
pluginName = plugin
}
certifyMap, err := mod.ReadData(certifyPath)
if err != nil {
Expand All @@ -249,11 +249,7 @@ func ValidateTrcshPathSha(mod *kv.Modifier, pluginConfig map[string]interface{},
}
exPath := filepath.Dir(ex)
trcshaPath := exPath + string(os.PathSeparator)
if eUtils.IsWindows() {
trcshaPath = trcshaPath + "trcsh.exe"
} else {
trcshaPath = trcshaPath + "trcsh"
}
trcshaPath = trcshaPath + pluginName

if _, ok := certifyMap["trcsha256"]; ok {
peerExe, err := os.Open(trcshaPath)
Expand All @@ -265,8 +261,6 @@ func ValidateTrcshPathSha(mod *kv.Modifier, pluginConfig map[string]interface{},

defer peerExe.Close()

// TODO: Check previous 10 versions? If any match, then
// return ok....
h := sha256.New()
if _, err := io.Copy(h, peerExe); err != nil {
fmt.Printf("Unable to copy file: %s\n", err)
Expand Down
Loading

0 comments on commit 390c481

Please sign in to comment.