diff --git a/deepfence_server/apiDocs/operation.go b/deepfence_server/apiDocs/operation.go index 45b1197878..a5525c2732 100644 --- a/deepfence_server/apiDocs/operation.go +++ b/deepfence_server/apiDocs/operation.go @@ -13,6 +13,7 @@ import ( "github.com/deepfence/ThreatMapper/deepfence_utils/controls" postgresqldb "github.com/deepfence/ThreatMapper/deepfence_utils/postgresql/postgresql-db" "github.com/deepfence/ThreatMapper/deepfence_utils/report" + "github.com/deepfence/ThreatMapper/deepfence_utils/setting" "github.com/deepfence/ThreatMapper/deepfence_utils/threatintel" "github.com/deepfence/ThreatMapper/deepfence_utils/utils" ingestersUtil "github.com/deepfence/ThreatMapper/deepfence_utils/utils/ingesters" @@ -806,10 +807,10 @@ func (d *OpenAPIDocs) AddSettingsOperations() { http.StatusOK, []string{tagSettings}, bearerToken, new(EmailConfigurationAdd), new(MessageResponse)) d.AddOperation("getSettings", http.MethodGet, "/deepfence/settings/global-settings", "Get settings", "Get all settings", - http.StatusOK, []string{tagSettings}, bearerToken, nil, new([]SettingsResponse)) + http.StatusOK, []string{tagSettings}, bearerToken, nil, new([]setting.SettingsResponse)) d.AddOperation("updateSetting", http.MethodPatch, "/deepfence/settings/global-settings/{id}", "Update setting", "Update setting", - http.StatusNoContent, []string{tagSettings}, bearerToken, new(SettingUpdateRequest), nil) + http.StatusNoContent, []string{tagSettings}, bearerToken, new(setting.SettingUpdateRequest), nil) d.AddOperation("getUserAuditLogs", http.MethodPost, "/deepfence/settings/user-audit-log", "Get user audit logs", "Get audit logs for all users", http.StatusOK, []string{tagSettings}, bearerToken, new(GetAuditLogsRequest), new([]postgresqldb.GetAuditLogsRow)) diff --git a/deepfence_server/constants/common/keys.go b/deepfence_server/constants/common/keys.go index afecb21ad6..4ade99bbc7 100644 --- a/deepfence_server/constants/common/keys.go +++ b/deepfence_server/constants/common/keys.go @@ -1,9 +1,5 @@ package common -const ( - AESSecret = "aes_secret" -) - var CSPMResources = map[string]string{ "aws_s3_bucket": "aws_s3", "aws_s3_account_settings": "aws_s3", diff --git a/deepfence_server/handler/auth.go b/deepfence_server/handler/auth.go index bed53ff1a9..f806f9a2c4 100644 --- a/deepfence_server/handler/auth.go +++ b/deepfence_server/handler/auth.go @@ -10,6 +10,7 @@ import ( "github.com/deepfence/ThreatMapper/deepfence_server/model" "github.com/deepfence/ThreatMapper/deepfence_utils/directory" "github.com/deepfence/ThreatMapper/deepfence_utils/log" + "github.com/deepfence/ThreatMapper/deepfence_utils/setting" "github.com/deepfence/ThreatMapper/deepfence_utils/utils" "github.com/go-chi/jwtauth/v5" httpext "github.com/go-playground/pkg/v5/net/http" @@ -196,11 +197,11 @@ func (h *Handler) LoginHandler(w http.ResponseWriter, r *http.Request) { } // If console URL setting is not set, set it now - consoleURL, err := model.GetManagementConsoleURL(ctx, pgClient) + consoleURL, err := setting.GetManagementConsoleURL(ctx, pgClient) if err != nil || consoleURL == "" { - consoleURLSetting := model.Setting{ - Key: model.ConsoleURLSettingKey, - Value: &model.SettingValue{ + consoleURLSetting := setting.Setting{ + Key: setting.ConsoleURLSettingKey, + Value: &setting.SettingValue{ Label: "Deepfence Console URL", Value: "https://" + h.GetHostURL(r), Description: "Deepfence Console URL used for sending emails with links to the console", diff --git a/deepfence_server/handler/scan_reports.go b/deepfence_server/handler/scan_reports.go index 399174e3df..abf5b2455c 100644 --- a/deepfence_server/handler/scan_reports.go +++ b/deepfence_server/handler/scan_reports.go @@ -229,7 +229,7 @@ func (h *Handler) StartVulnerabilityScanHandler(w http.ResponseWriter, r *http.R return } - binArgs := make(map[string]string, 0) + binArgs := make(map[string]string) if len(reqs.ScanConfigLanguages) != 0 { languages := []string{} for i := range reqs.ScanConfigLanguages { diff --git a/deepfence_server/handler/settings.go b/deepfence_server/handler/settings.go index b89b6fb75d..df382ff359 100644 --- a/deepfence_server/handler/settings.go +++ b/deepfence_server/handler/settings.go @@ -19,6 +19,7 @@ import ( "github.com/deepfence/ThreatMapper/deepfence_server/pkg/sendemail" "github.com/deepfence/ThreatMapper/deepfence_utils/directory" "github.com/deepfence/ThreatMapper/deepfence_utils/log" + "github.com/deepfence/ThreatMapper/deepfence_utils/setting" "github.com/deepfence/ThreatMapper/deepfence_utils/utils" "github.com/go-chi/chi/v5" httpext "github.com/go-playground/pkg/v5/net/http" @@ -263,7 +264,7 @@ func (h *Handler) GetGlobalSettings(w http.ResponseWriter, r *http.Request) { h.respondError(err, w) return } - settings, err := model.GetVisibleSettings(ctx, pgClient) + settings, err := setting.GetVisibleSettings(ctx, pgClient) if err != nil { h.respondError(err, w) return @@ -287,7 +288,7 @@ func (h *Handler) UpdateGlobalSettings(w http.ResponseWriter, r *http.Request) { return } defer r.Body.Close() - var req model.SettingUpdateRequest + var req setting.SettingUpdateRequest err = httpext.DecodeJSON(r, httpext.NoQueryParams, MaxPostRequestSize, &req) if err != nil { h.respondError(err, w) @@ -299,7 +300,7 @@ func (h *Handler) UpdateGlobalSettings(w http.ResponseWriter, r *http.Request) { h.respondError(&ValidatorError{err: err}, w) return } - currentSettings, err := model.GetSettingByKey(ctx, pgClient, req.Key) + currentSettings, err := setting.GetSettingByKey(ctx, pgClient, req.Key) if err != nil { h.respondError(err, w) return @@ -310,7 +311,7 @@ func (h *Handler) UpdateGlobalSettings(w http.ResponseWriter, r *http.Request) { } var value interface{} switch currentSettings.Key { - case model.ConsoleURLSettingKey: + case setting.ConsoleURLSettingKey: var parsedURL *url.URL if parsedURL, err = url.ParseRequestURI(strings.TrimSpace(req.Value)); err != nil { h.respondError(&errInvalidURL, w) @@ -321,7 +322,7 @@ func (h *Handler) UpdateGlobalSettings(w http.ResponseWriter, r *http.Request) { return } value = parsedURL.Scheme + "://" + parsedURL.Host - case model.InactiveNodesDeleteScanResultsKey: + case setting.InactiveNodesDeleteScanResultsKey: value, err = strconv.ParseInt(strings.TrimSpace(req.Value), 10, 64) if err != nil { h.respondError(&errInvalidInteger, w) @@ -330,22 +331,22 @@ func (h *Handler) UpdateGlobalSettings(w http.ResponseWriter, r *http.Request) { default: value = req.Value } - setting := model.Setting{ + s := setting.Setting{ ID: req.ID, Key: req.Key, - Value: &model.SettingValue{ + Value: &setting.SettingValue{ Label: currentSettings.Value.Label, Value: value, Description: currentSettings.Value.Description, }, IsVisibleOnUI: currentSettings.IsVisibleOnUI, } - err = setting.Update(ctx, pgClient) + err = s.Update(ctx, pgClient) if err != nil { h.respondError(err, w) return } - h.AuditUserActivity(r, EventSettings, ActionUpdate, setting, true) + h.AuditUserActivity(r, EventSettings, ActionUpdate, s, true) w.WriteHeader(http.StatusNoContent) } diff --git a/deepfence_server/handler/user.go b/deepfence_server/handler/user.go index 72bb9726e8..64b9368c2c 100644 --- a/deepfence_server/handler/user.go +++ b/deepfence_server/handler/user.go @@ -16,6 +16,7 @@ import ( "github.com/deepfence/ThreatMapper/deepfence_utils/directory" "github.com/deepfence/ThreatMapper/deepfence_utils/log" postgresql_db "github.com/deepfence/ThreatMapper/deepfence_utils/postgresql/postgresql-db" + "github.com/deepfence/ThreatMapper/deepfence_utils/setting" "github.com/deepfence/ThreatMapper/deepfence_utils/utils" "github.com/go-chi/chi/v5" "github.com/go-chi/jwtauth/v5" @@ -100,9 +101,9 @@ func (h *Handler) RegisterUser(w http.ResponseWriter, r *http.Request) { h.respondError(err, w) return } - consoleURLSetting := model.Setting{ - Key: model.ConsoleURLSettingKey, - Value: &model.SettingValue{ + consoleURLSetting := setting.Setting{ + Key: setting.ConsoleURLSettingKey, + Value: &setting.SettingValue{ Label: "Deepfence Console URL", Value: consoleURL, Description: "Deepfence Console URL used for sending emails with links to the console", @@ -382,7 +383,7 @@ func (h *Handler) InviteUser(w http.ResponseWriter, r *http.Request) { return } } - consoleURL, err := model.GetManagementConsoleURL(ctx, pgClient) + consoleURL, err := setting.GetManagementConsoleURL(ctx, pgClient) if err != nil { h.respondError(err, w) return @@ -744,7 +745,7 @@ func (h *Handler) ResetPasswordRequest(w http.ResponseWriter, r *http.Request) { h.respondError(err, w) return } - consoleURL, err := model.GetManagementConsoleURL(ctx, pgClient) + consoleURL, err := setting.GetManagementConsoleURL(ctx, pgClient) if err != nil { h.respondError(err, w) return diff --git a/deepfence_server/model/registry.go b/deepfence_server/model/registry.go index e49470fea3..a2272ade15 100644 --- a/deepfence_server/model/registry.go +++ b/deepfence_server/model/registry.go @@ -9,12 +9,12 @@ import ( "strings" "time" - commonConstants "github.com/deepfence/ThreatMapper/deepfence_server/constants/common" "github.com/deepfence/ThreatMapper/deepfence_server/ingesters" pkgConst "github.com/deepfence/ThreatMapper/deepfence_server/pkg/constants" "github.com/deepfence/ThreatMapper/deepfence_server/reporters" "github.com/deepfence/ThreatMapper/deepfence_utils/directory" postgresqlDb "github.com/deepfence/ThreatMapper/deepfence_utils/postgresql/postgresql-db" + "github.com/deepfence/ThreatMapper/deepfence_utils/setting" "github.com/deepfence/ThreatMapper/deepfence_utils/telemetry" "github.com/deepfence/ThreatMapper/deepfence_utils/utils" "github.com/neo4j/neo4j-go-driver/v5/neo4j" @@ -388,7 +388,7 @@ func GetAESValueForEncryption(ctx context.Context, ctx, span := telemetry.NewSpan(ctx, "registry", "get-aes-value-for-encryption") defer span.End() - aes, err := GetSettingByKey(ctx, pgClient, commonConstants.AESSecret) + aes, err := setting.GetSettingByKey(ctx, pgClient, utils.AESSecret) if err != nil { return nil, err } diff --git a/deepfence_server/model/setting.go b/deepfence_server/model/setting.go index 1041c50137..d6fedf0dc8 100644 --- a/deepfence_server/model/setting.go +++ b/deepfence_server/model/setting.go @@ -1,66 +1,12 @@ package model -import ( - "context" - "crypto/aes" - "crypto/rand" - "database/sql" - "encoding/hex" - "encoding/json" - "errors" - "fmt" - "time" - - "github.com/deepfence/ThreatMapper/deepfence_server/constants/common" - postgresqlDb "github.com/deepfence/ThreatMapper/deepfence_utils/postgresql/postgresql-db" - "github.com/deepfence/ThreatMapper/deepfence_utils/telemetry" - "github.com/deepfence/ThreatMapper/deepfence_utils/utils" -) - const ( - ConsoleURLSettingKey = "console_url" - FileServerURLSettingKey = "file_server_url" - EmailConfigurationKey = "email_configuration" - EmailSettingSES = "amazon_ses" - EmailSettingSMTP = "smtp" - EmailSettingSendGrid = "sendgrid" - InactiveNodesDeleteScanResultsKey = "inactive_delete_scan_results" - ConsoleIDKey = "console_id" + EmailConfigurationKey = "email_configuration" + EmailSettingSES = "amazon_ses" + EmailSettingSMTP = "smtp" + EmailSettingSendGrid = "sendgrid" ) -type GetAuditLogsRow struct { - Event string `json:"event"` - Action string `json:"action"` - Resources string `json:"resources"` - Success bool `json:"success"` - UserID int32 `json:"user_id"` - UserRoleID int32 `json:"user_role_id"` - CreatedAt time.Time `json:"created_at"` - Role string `json:"role"` - Email string `json:"email"` -} - -type SettingValue struct { - Label string `json:"label"` - Value interface{} `json:"value"` - Description string `json:"description"` -} - -type Setting struct { - ID int64 `json:"id"` - Key string `json:"key"` - Value *SettingValue `json:"value"` - IsVisibleOnUI bool `json:"is_visible_on_ui"` -} - -type SettingsResponse struct { - ID int64 `json:"id" required:"true"` - Key string `json:"key" required:"true"` - Label string `json:"label" required:"true"` - Value interface{} `json:"value" required:"true"` - Description string `json:"description" required:"true"` -} - type GetAuditLogsRequest struct { Window FetchWindow `json:"window" required:"true"` } @@ -71,203 +17,3 @@ type GetAgentBinaryDownloadURLResponse struct { StartAgentScriptDownloadURL string `json:"start_agent_script_download_url"` UninstallAgentScriptDownloadURL string `json:"uninstall_agent_script_download_url"` } - -type SettingUpdateRequest struct { - ID int64 `path:"id" validate:"required" required:"true"` - Key string `json:"key" validate:"required,oneof=console_url file_server_url inactive_delete_scan_results" required:"true" enum:"console_url,file_server_url,inactive_delete_scan_results"` - Value string `json:"value" validate:"required" required:"true"` -} - -func (s *Setting) Create(ctx context.Context, pgClient *postgresqlDb.Queries) (*postgresqlDb.Setting, error) { - settingVal, err := json.Marshal(s.Value) - if err != nil { - return nil, err - } - setting, err := pgClient.CreateSetting(ctx, postgresqlDb.CreateSettingParams{ - Key: s.Key, - Value: settingVal, - IsVisibleOnUi: s.IsVisibleOnUI, - }) - if err != nil { - return nil, err - } - return &setting, nil -} - -func (s *Setting) Update(ctx context.Context, pgClient *postgresqlDb.Queries) error { - settingVal, err := json.Marshal(s.Value) - if err != nil { - return err - } - return pgClient.UpdateSettingById(ctx, postgresqlDb.UpdateSettingByIdParams{ - ID: s.ID, - Value: settingVal, - IsVisibleOnUi: s.IsVisibleOnUI, - }) -} - -func (s *Setting) Delete(ctx context.Context, pgClient *postgresqlDb.Queries) error { - return pgClient.DeleteSettingByID(ctx, s.ID) -} - -func GetManagementConsoleURL(ctx context.Context, pgClient *postgresqlDb.Queries) (string, error) { - setting, err := pgClient.GetSetting(ctx, ConsoleURLSettingKey) - if err != nil { - return "", err - } - var settingVal SettingValue - err = json.Unmarshal(setting.Value, &settingVal) - if err != nil { - return "", err - } - return fmt.Sprintf("%v", settingVal.Value), nil -} - -func GetVisibleSettings(ctx context.Context, pgClient *postgresqlDb.Queries) ([]SettingsResponse, error) { - visibleSettings, err := pgClient.GetVisibleSettings(ctx) - if err != nil { - return nil, err - } - settings := make([]SettingsResponse, len(visibleSettings)) - for i, s := range visibleSettings { - var sValue SettingValue - err = json.Unmarshal(s.Value, &sValue) - if err != nil { - continue - } - settings[i] = SettingsResponse{ - ID: s.ID, - Key: s.Key, - Value: sValue.Value, - Label: sValue.Label, - Description: sValue.Description, - } - } - return settings, nil -} - -func GetSettingByKey(ctx context.Context, pgClient *postgresqlDb.Queries, key string) (*Setting, error) { - - ctx, span := telemetry.NewSpan(ctx, "setting", "get-setting-by-key") - defer span.End() - - setting, err := pgClient.GetSetting(ctx, key) - if err != nil { - return nil, err - } - var sValue SettingValue - err = json.Unmarshal(setting.Value, &sValue) - if err != nil { - return nil, err - } - return &Setting{ - ID: setting.ID, - Key: setting.Key, - Value: &sValue, - IsVisibleOnUI: setting.IsVisibleOnUi, - }, nil -} - -func SetScanResultsDeletionSetting(ctx context.Context, pgClient *postgresqlDb.Queries) error { - ctx, span := telemetry.NewSpan(ctx, "cronjobs", "set-scan-results-deletion-setting") - defer span.End() - - _, err := pgClient.GetSetting(ctx, InactiveNodesDeleteScanResultsKey) - if errors.Is(err, sql.ErrNoRows) { - s := Setting{ - Key: InactiveNodesDeleteScanResultsKey, - Value: &SettingValue{ - Label: "Inactive Nodes Scan Results Deletion Interval (in days)", - Value: 30, // 30 days - Description: "Scan results deletion interval (in days) for nodes that are not active", - }, - IsVisibleOnUI: true, - } - _, err = s.Create(ctx, pgClient) - if err != nil { - return err - } - return nil - } else if err != nil { - return err - } - return nil -} - -func SetConsoleIDSetting(ctx context.Context, pgClient *postgresqlDb.Queries) error { - ctx, span := telemetry.NewSpan(ctx, "cronjobs", "set-console-id-setting") - defer span.End() - - _, err := pgClient.GetSetting(ctx, ConsoleIDKey) - if errors.Is(err, sql.ErrNoRows) { - randomInt, err := utils.GenerateRandomNumber(13) - if err != nil { - return err - } - s := Setting{ - Key: ConsoleIDKey, - Value: &SettingValue{ - Label: "Console ID", - Value: randomInt, - Description: "Unique ID for console", - }, - IsVisibleOnUI: false, - } - _, err = s.Create(ctx, pgClient) - if err != nil { - return err - } - return nil - } else if err != nil { - return err - } - return nil -} - -func InitializeAESSetting(ctx context.Context, pgClient *postgresqlDb.Queries) error { - ctx, span := telemetry.NewSpan(ctx, "cronjobs", "init-aes-setting") - defer span.End() - - // set aes_secret in setting table, if !exists - // TODO - // generate aes and aes-iv - _, err := pgClient.GetSetting(ctx, common.AESSecret) - if err != nil { - key := make([]byte, 32) // 32 bytes for AES-256 - iv := make([]byte, aes.BlockSize) - _, err = rand.Read(key) - if err != nil { - return err - } - - _, err = rand.Read(iv) - if err != nil { - return err - } - - aesValue := &SettingValue{ - Label: "AES Encryption Setting", - Description: "AES Encryption Key-IV pair", - Value: map[string]string{ - "aes_iv": hex.EncodeToString(iv), - "aes_key": hex.EncodeToString(key), - }, - } - - rawAES, err := json.Marshal(aesValue) - if err != nil { - return err - } - rawMessageAES := json.RawMessage(rawAES) - - _, err = pgClient.CreateSetting(ctx, postgresqlDb.CreateSettingParams{ - Key: common.AESSecret, - Value: rawMessageAES, - IsVisibleOnUi: false, - }) - if err != nil { - return err - } - } - return nil -} diff --git a/deepfence_utils/go.mod b/deepfence_utils/go.mod index a45d5a4a12..dcf026540d 100644 --- a/deepfence_utils/go.mod +++ b/deepfence_utils/go.mod @@ -33,7 +33,6 @@ require ( github.com/goccy/go-json v0.10.2 // indirect github.com/golang/protobuf v1.5.4 // indirect github.com/google/go-cmp v0.6.0 // indirect - github.com/json-iterator/go v1.1.12 // indirect github.com/klauspost/compress v1.17.8 // indirect github.com/klauspost/cpuid/v2 v2.2.7 // indirect github.com/lestrrat-go/blackmagic v1.0.2 // indirect @@ -44,15 +43,11 @@ require ( github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.20 // indirect github.com/minio/md5-simd v1.1.2 // indirect - github.com/minio/sha256-simd v1.0.1 // indirect - github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect - github.com/modern-go/reflect2 v1.0.2 // indirect github.com/pierrec/lz4/v4 v4.1.21 // indirect github.com/pkg/errors v0.9.1 // indirect github.com/robfig/cron/v3 v3.0.1 // indirect github.com/rs/xid v1.5.0 // indirect github.com/segmentio/asm v1.2.0 // indirect - github.com/sirupsen/logrus v1.9.3 // indirect github.com/spf13/cast v1.6.0 // indirect github.com/twmb/franz-go/pkg/kmsg v1.7.0 // indirect go.opentelemetry.io/otel/metric v1.26.0 // indirect diff --git a/deepfence_utils/go.sum b/deepfence_utils/go.sum index af618ff4b7..b6fe294b59 100644 --- a/deepfence_utils/go.sum +++ b/deepfence_utils/go.sum @@ -1,16 +1,13 @@ -github.com/XSAM/otelsql v0.27.0 h1:i9xtxtdcqXV768a5C6SoT/RkG+ue3JTOgkYInzlTOqs= -github.com/XSAM/otelsql v0.27.0/go.mod h1:0mFB3TvLa7NCuhm/2nU7/b2wEtsczkj8Rey8ygO7V+A= github.com/XSAM/otelsql v0.31.0 h1:AcWI+/BW4ANKyAybZmU9g9kjjSIcDEOFw96ybyM4cDo= github.com/XSAM/otelsql v0.31.0/go.mod h1:iCkLyB/me+QC4yjymXjLimJiX0oklymiKeGxeGDTW24= github.com/bsm/ginkgo/v2 v2.7.0/go.mod h1:AiKlXPm7ItEHNc/2+OkrNG4E0ITzojb9/xWzvQ9XZ9w= github.com/bsm/ginkgo/v2 v2.12.0 h1:Ny8MWAHyOepLGlLKYmXG4IEkioBysk6GpaRTLC8zwWs= +github.com/bsm/ginkgo/v2 v2.12.0/go.mod h1:SwYbGRRDovPVboqFv0tPTcG1sN61LM1Z4ARdbAV9g4c= github.com/bsm/gomega v1.26.0/go.mod h1:JyEr/xRbxbtgWNi8tIEVPUYZ5Dzef52k01W3YH0H+O0= github.com/bsm/gomega v1.27.10 h1:yeMWxP2pV2fG3FgAODIY8EiRE3dy0aeFYt4l7wh6yKA= -github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM= -github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= +github.com/bsm/gomega v1.27.10/go.mod h1:JyEr/xRbxbtgWNi8tIEVPUYZ5Dzef52k01W3YH0H+O0= github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= -github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= @@ -18,23 +15,19 @@ github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSV github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/decred/dcrd/crypto/blake256 v1.0.1/go.mod h1:2OfgNZ5wDpcsFmHmCK5gZTPcCXqlm2ArzUIkw9czNJo= -github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 h1:8UrgZ3GkP4i/CLijOJx79Yu+etlyjdBU4sfcs2WYQMs= -github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0/go.mod h1:v57UDF4pDQJcEfFUCRop3lJL149eHGSe9Jvczhzjo/0= github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0 h1:rpfIENRNNilwHwZeG5+P150SMrnNEcHYvcCuK6dPZSg= github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0/go.mod h1:v57UDF4pDQJcEfFUCRop3lJL149eHGSe9Jvczhzjo/0= github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78= github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc= github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= +github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8= +github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= github.com/go-chi/chi/v5 v5.0.7 h1:rDTPXLDHGATaeHvVlLcR4Qe0zftYethFucbjVQ1PxU8= -github.com/go-chi/jwtauth/v5 v5.3.0 h1:X7RKGks1lrVeIe2omGyz47pNaNjG2YmwlRN5UKhN8qg= -github.com/go-chi/jwtauth/v5 v5.3.0/go.mod h1:2PoGm/KbnzRN9ILY6HFZAI6fTnb1gEZAKogAyqkd6fY= +github.com/go-chi/chi/v5 v5.0.7/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8= github.com/go-chi/jwtauth/v5 v5.3.1 h1:1ePWrjVctvp1tyBq5b/2ER8Th/+RbYc7x4qNsc5rh5A= github.com/go-chi/jwtauth/v5 v5.3.1/go.mod h1:6Fl2RRmWXs3tJYE1IQGX81FsPoGqDwq9c15j52R5q80= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.3.0 h1:2y3SDp0ZXuc6/cjLSZ+Q3ir+QB9T/iG5yYRXqsagWSY= -github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= @@ -43,7 +36,6 @@ github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU= github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= @@ -51,45 +43,35 @@ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.5.0 h1:1p67kYwdtXjb0gL0BPiP1Av9wiZPo5A8z2cWkTZ+eyU= -github.com/google/uuid v1.5.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/hibiken/asynq v0.24.1 h1:+5iIEAyA9K/lcSPvx3qoPtsKJeKI5u9aOIvUmSsazEw= github.com/hibiken/asynq v0.24.1/go.mod h1:u5qVeSbrnfT+vtG5Mq8ZPzQu/BmCKMHvTGb91uy9Tts= github.com/jellydator/ttlcache/v3 v3.2.0 h1:6lqVJ8X3ZaUwvzENqPAobDsXNExfUJd61u++uW8a3LE= github.com/jellydator/ttlcache/v3 v3.2.0/go.mod h1:hi7MGFdMAwZna5n2tuvh63DvFLzVKySzCVW6+0gA2n4= -github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= -github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/klauspost/compress v1.17.4 h1:Ej5ixsIri7BrIjBkRZLTo6ghwrEtHFk7ijlczPW4fZ4= -github.com/klauspost/compress v1.17.4/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM= github.com/klauspost/compress v1.17.8 h1:YcnTYrq7MikUT7k0Yb5eceMmALQPYBW/Xltxn0NAMnU= github.com/klauspost/compress v1.17.8/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw= github.com/klauspost/cpuid/v2 v2.0.1/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= -github.com/klauspost/cpuid/v2 v2.2.6 h1:ndNyv040zDGIDh8thGkXYjnFtiN02M1PVVF+JE/48xc= -github.com/klauspost/cpuid/v2 v2.2.6/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= github.com/klauspost/cpuid/v2 v2.2.7 h1:ZWSB3igEs+d0qvnxR/ZBzXVmxkgt8DdzP6m9pfuVLDM= github.com/klauspost/cpuid/v2 v2.2.7/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/lestrrat-go/blackmagic v1.0.2 h1:Cg2gVSc9h7sz9NOByczrbUvLopQmXrfFx//N+AkAr5k= github.com/lestrrat-go/blackmagic v1.0.2/go.mod h1:UrEqBzIR2U6CnzVyUtfM6oZNMt/7O7Vohk2J0OGSAtU= github.com/lestrrat-go/httpcc v1.0.1 h1:ydWCStUeJLkpYyjLDHihupbn2tYmZ7m22BGkcvZZrIE= github.com/lestrrat-go/httpcc v1.0.1/go.mod h1:qiltp3Mt56+55GPVCbTdM9MlqhvzyuL6W/NMDA8vA5E= -github.com/lestrrat-go/httprc v1.0.4 h1:bAZymwoZQb+Oq8MEbyipag7iSq6YIga8Wj6GOiJGdI8= -github.com/lestrrat-go/httprc v1.0.4/go.mod h1:mwwz3JMTPBjHUkkDv/IGJ39aALInZLrhBp0X7KGUZlo= github.com/lestrrat-go/httprc v1.0.5 h1:bsTfiH8xaKOJPrg1R+E3iE/AWZr/x0Phj9PBTG/OLUk= github.com/lestrrat-go/httprc v1.0.5/go.mod h1:mwwz3JMTPBjHUkkDv/IGJ39aALInZLrhBp0X7KGUZlo= github.com/lestrrat-go/iter v1.0.2 h1:gMXo1q4c2pHmC3dn8LzRhJfP1ceCbgSiT9lUydIzltI= github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4= -github.com/lestrrat-go/jwx/v2 v2.0.18 h1:HHZkYS5wWDDyAiNBwztEtDoX07WDhGEdixm8G06R50o= -github.com/lestrrat-go/jwx/v2 v2.0.18/go.mod h1:fAJ+k5eTgKdDqanzCuK6DAt3W7n3cs2/FX7JhQdk83U= github.com/lestrrat-go/jwx/v2 v2.0.21 h1:jAPKupy4uHgrHFEdjVjNkUgoBKtVDgrQPB/h55FHrR0= github.com/lestrrat-go/jwx/v2 v2.0.21/go.mod h1:09mLW8zto6bWL9GbwnqAli+ArLf+5M33QLQPDggkUWM= -github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I= github.com/lestrrat-go/option v1.0.1 h1:oAzP2fvZGQKWkvHa1/SAcFolBEca1oN+mQ7eooNBEYU= github.com/lestrrat-go/option v1.0.1/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I= github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw= @@ -97,129 +79,80 @@ github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/minio/md5-simd v1.1.2 h1:Gdi1DZK69+ZVMoNHRXJyNcxrMA4dSxoYHZSQbirFg34= github.com/minio/md5-simd v1.1.2/go.mod h1:MzdKDxYpY2BT9XQFocsiZf/NKVtR7nkE4RoEpN+20RM= -github.com/minio/minio-go/v7 v7.0.66 h1:bnTOXOHjOqv/gcMuiVbN9o2ngRItvqE774dG9nq0Dzw= -github.com/minio/minio-go/v7 v7.0.66/go.mod h1:DHAgmyQEGdW3Cif0UooKOyrT3Vxs82zNdV6tkKhRtbs= github.com/minio/minio-go/v7 v7.0.70 h1:1u9NtMgfK1U42kUxcsl5v0yj6TEOPR497OAQxpJnn2g= github.com/minio/minio-go/v7 v7.0.70/go.mod h1:4yBA8v80xGA30cfM3fz0DKYMXunWl/AV/6tWEs9ryzo= -github.com/minio/sha256-simd v1.0.1 h1:6kaan5IFmwTNynnKKpDHe6FWHohJOHhCPchzK49dzMM= -github.com/minio/sha256-simd v1.0.1/go.mod h1:Pz6AKMiUdngCLpeTL/RJY1M9rUuPMYujV5xJjtbRSN8= -github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= -github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= -github.com/neo4j/neo4j-go-driver/v5 v5.17.0 h1:Bdqg1Y8Hd3uLYToXtBjysDYXTdMiP7zeUNUEwfbJkSo= -github.com/neo4j/neo4j-go-driver/v5 v5.17.0/go.mod h1:Vff8OwT7QpLm7L2yYr85XNWe9Rbqlbeb9asNXJTHO4k= github.com/neo4j/neo4j-go-driver/v5 v5.20.0 h1:XnoAi6g6XRkX+wxWa3yM+f7PT2VUkGQfBGtGuJL4fsM= github.com/neo4j/neo4j-go-driver/v5 v5.20.0/go.mod h1:Vff8OwT7QpLm7L2yYr85XNWe9Rbqlbeb9asNXJTHO4k= -github.com/pierrec/lz4/v4 v4.1.19 h1:tYLzDnjDXh9qIxSTKHwXwOYmm9d887Y7Y1ZkyXYHAN4= -github.com/pierrec/lz4/v4 v4.1.19/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4= github.com/pierrec/lz4/v4 v4.1.21 h1:yOVMLb6qSIDP67pl/5F7RepeKYu/VmTyEXvuMI5d9mQ= github.com/pierrec/lz4/v4 v4.1.21/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/raito-io/neo4j-tracing v0.0.4 h1:AWOyQZBi88Y+R/uo7KVYmwahpJlrW5R23tLQUbz+BQY= -github.com/raito-io/neo4j-tracing v0.0.4/go.mod h1:LUnzWuLKUvlTw5Wdm/6oylH75tZYtOOIKjvK7KfEnVc= github.com/raito-io/neo4j-tracing v0.0.5 h1:Z1eEQl1Imm0DFkR2yfMc7jVW+ix4oZxAVOAWPQBgI2Q= github.com/raito-io/neo4j-tracing v0.0.5/go.mod h1:m0utJXW1BPoBdKZ1cVhpyVZ1ChWttj8pSVtka/5j63s= github.com/redis/go-redis/v9 v9.0.3/go.mod h1:WqMKv5vnQbRuZstUwxQI195wHy+t4PuXDOjzMvcuQHk= -github.com/redis/go-redis/v9 v9.4.0 h1:Yzoz33UZw9I/mFhx4MNrB6Fk+XHO1VukNcCa1+lwyKk= -github.com/redis/go-redis/v9 v9.4.0/go.mod h1:hdY0cQFCN4fnSYT6TkisLufl/4W5UIXyv0b/CLO2V2M= github.com/redis/go-redis/v9 v9.5.1 h1:H1X4D3yHPaYrkL5X06Wh6xNVM/pX0Ft4RV0vMGvLBh8= github.com/redis/go-redis/v9 v9.5.1/go.mod h1:hdY0cQFCN4fnSYT6TkisLufl/4W5UIXyv0b/CLO2V2M= github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs= github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro= +github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= +github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= github.com/rs/xid v1.5.0 h1:mKX4bl4iPYJtEIxp6CYiUuLQ/8DYMoz0PUdtGgMFRVc= github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg= -github.com/rs/zerolog v1.31.0 h1:FcTR3NnLWW+NnTwwhFWiJSZr4ECLpqCm6QsEnyvbV4A= -github.com/rs/zerolog v1.31.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss= github.com/rs/zerolog v1.32.0 h1:keLypqrlIjaFsbmJOBdB/qvyF8KEtCWHwobLp5l/mQ0= github.com/rs/zerolog v1.32.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss= github.com/segmentio/asm v1.2.0 h1:9BQrFxC+YOHJlTlHGkTrFWf59nbL3XnCoFLTwDCI7ys= github.com/segmentio/asm v1.2.0/go.mod h1:BqMnlJP91P8d+4ibuonYZw9mfnzI9HfxselHZr5aAcs= -github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= -github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= -github.com/spf13/cast v1.3.1 h1:nFm6S0SMdyzrzcmThSipiEubIDy8WEXKNZ0UOgiRpng= github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cast v1.6.0 h1:GEiTHELF+vaR5dhz3VqZfFSzZjYbgeKDpBxQVS4GYJ0= github.com/spf13/cast v1.6.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= -github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -github.com/twmb/franz-go v1.15.4 h1:qBCkHaiutetnrXjAUWA99D9FEcZVMt2AYwkH3vWEQTw= -github.com/twmb/franz-go v1.15.4/go.mod h1:rC18hqNmfo8TMc1kz7CQmHL74PLNF8KVvhflxiiJZCU= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/twmb/franz-go v1.16.1 h1:rpWc7fB9jd7TgmCyfxzenBI+QbgS8ZfJOUQE+tzPtbE= github.com/twmb/franz-go v1.16.1/go.mod h1:/pER254UPPGp/4WfGqRi+SIRGE50RSQzVubQp6+N4FA= -github.com/twmb/franz-go/pkg/kadm v1.10.0 h1:3oYKNP+e3HGo4GYadrDeRxOaAIsOXmX6LBVMz9PxpCU= -github.com/twmb/franz-go/pkg/kadm v1.10.0/go.mod h1:hUMoV4SRho+2ij/S9cL39JaLsr+XINjn0ZkCdBY2DXc= github.com/twmb/franz-go/pkg/kadm v1.11.0 h1:FfeWJ0qadntFpAcQt8JzNXW4dijjytZNLrzJuzzzuxA= github.com/twmb/franz-go/pkg/kadm v1.11.0/go.mod h1:qrhkdH+SWS3ivmbqOgHbpgVHamhaKcjH0UM+uOp0M1A= github.com/twmb/franz-go/pkg/kmsg v1.7.0 h1:a457IbvezYfA5UkiBvyV3zj0Is3y1i8EJgqjJYoij2E= github.com/twmb/franz-go/pkg/kmsg v1.7.0/go.mod h1:se9Mjdt0Nwzc9lnjJ0HyDtLyBnaBDAd7pCje47OhSyw= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -go.opentelemetry.io/otel v1.21.0 h1:hzLeKBZEL7Okw2mGzZ0cc4k/A7Fta0uoPgaJCr8fsFc= -go.opentelemetry.io/otel v1.21.0/go.mod h1:QZzNPQPm1zLX4gZK4cMi+71eaorMSGT3A4znnUvNNEo= go.opentelemetry.io/otel v1.26.0 h1:LQwgL5s/1W7YiiRwxf03QGnWLb2HW4pLiAhaA5cZXBs= go.opentelemetry.io/otel v1.26.0/go.mod h1:UmLkJHUAidDval2EICqBMbnAd0/m2vmpf/dAM+fvFs4= -go.opentelemetry.io/otel/metric v1.21.0 h1:tlYWfeo+Bocx5kLEloTjbcDwBuELRrIFxwdQ36PlJu4= -go.opentelemetry.io/otel/metric v1.21.0/go.mod h1:o1p3CA8nNHW8j5yuQLdc1eeqEaPfzug24uvsyIEJRWM= go.opentelemetry.io/otel/metric v1.26.0 h1:7S39CLuY5Jgg9CrnA9HHiEjGMF/X2VHvoXGgSllRz30= go.opentelemetry.io/otel/metric v1.26.0/go.mod h1:SY+rHOI4cEawI9a7N1A4nIg/nTQXe1ccCNWYOJUrpX4= -go.opentelemetry.io/otel/sdk v1.21.0 h1:FTt8qirL1EysG6sTQRZ5TokkU8d0ugCj8htOgThZXQ8= -go.opentelemetry.io/otel/sdk/metric v1.21.0 h1:smhI5oD714d6jHE6Tie36fPx4WDFIg+Y6RfAY4ICcR0= +go.opentelemetry.io/otel/sdk v1.26.0 h1:Y7bumHf5tAiDlRYFmGqetNcLaVUZmh4iYfmGxtmz7F8= +go.opentelemetry.io/otel/sdk v1.26.0/go.mod h1:0p8MXpqLeJ0pzcszQQN4F0S5FVjBLgypeGSngLsmirs= go.opentelemetry.io/otel/sdk/metric v1.26.0 h1:cWSks5tfriHPdWFnl+qpX3P681aAYqlZHcAyHw5aU9Y= -go.opentelemetry.io/otel/trace v1.21.0 h1:WD9i5gzvoUPuXIXH24ZNBudiarZDKuekPqi/E8fpfLc= -go.opentelemetry.io/otel/trace v1.21.0/go.mod h1:LGbsEB0f9LGjN+OZaQQ26sohbOmiMR+BaslueVtS/qQ= +go.opentelemetry.io/otel/sdk/metric v1.26.0/go.mod h1:ClMFFknnThJCksebJwz7KIyEDHO+nTB6gK8obLy8RyE= go.opentelemetry.io/otel/trace v1.26.0 h1:1ieeAUb4y0TE26jUFrCIXKpTuVK7uJGN9/Z/2LP5sQA= go.opentelemetry.io/otel/trace v1.26.0/go.mod h1:4iDxvGDQuUkHve82hJJ8UqrwswHYsZuWCBllGV2U2y0= go.uber.org/goleak v1.1.12/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= +go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= -golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k= -golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30= golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M= golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= -golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= -golang.org/x/net v0.19.0 h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c= -golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w= golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o= -golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -227,36 +160,18 @@ golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= -golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y= golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= -golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= -golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk= golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 h1:SvFZT6jyqRaOeXpc5h/JSfZenJ2O330aBsf7JfSUXmQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= @@ -264,14 +179,11 @@ golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGm golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0 h1:bxAC2xTBsZGibn2RTntX0oH50xLsqy1OxA9tTL3p/lk= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.34.0 h1:Qo/qEd2RZPCf2nKuorzksSknv0d3ERwp1vFG38gSmH4= google.golang.org/protobuf v1.34.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= diff --git a/deepfence_utils/setting/setting.go b/deepfence_utils/setting/setting.go new file mode 100644 index 0000000000..e2f5b8786a --- /dev/null +++ b/deepfence_utils/setting/setting.go @@ -0,0 +1,271 @@ +package setting + +import ( + "context" + "crypto/aes" + "crypto/rand" + "database/sql" + "encoding/hex" + "encoding/json" + "errors" + "fmt" + "strings" + + postgresqlDb "github.com/deepfence/ThreatMapper/deepfence_utils/postgresql/postgresql-db" + "github.com/deepfence/ThreatMapper/deepfence_utils/telemetry" + "github.com/deepfence/ThreatMapper/deepfence_utils/utils" +) + +const ( + ConsoleURLSettingKey = "console_url" + InactiveNodesDeleteScanResultsKey = "inactive_delete_scan_results" + ConsoleIDKey = "console_id" + Port443 = "443" + Port80 = "80" +) + +type SettingValue struct { + Label string `json:"label"` + Value interface{} `json:"value"` + Description string `json:"description"` +} + +type Setting struct { + ID int64 `json:"id"` + Key string `json:"key"` + Value *SettingValue `json:"value"` + IsVisibleOnUI bool `json:"is_visible_on_ui"` +} + +type SettingsResponse struct { + ID int64 `json:"id" required:"true"` + Key string `json:"key" required:"true"` + Label string `json:"label" required:"true"` + Value interface{} `json:"value" required:"true"` + Description string `json:"description" required:"true"` +} + +type SettingUpdateRequest struct { + ID int64 `path:"id" validate:"required" required:"true"` + Key string `json:"key" validate:"required,oneof=console_url file_server_url inactive_delete_scan_results" required:"true" enum:"console_url,file_server_url,inactive_delete_scan_results"` + Value string `json:"value" validate:"required" required:"true"` +} + +func (s *Setting) Create(ctx context.Context, pgClient *postgresqlDb.Queries) (*postgresqlDb.Setting, error) { + settingVal, err := json.Marshal(s.Value) + if err != nil { + return nil, err + } + setting, err := pgClient.CreateSetting(ctx, postgresqlDb.CreateSettingParams{ + Key: s.Key, + Value: settingVal, + IsVisibleOnUi: s.IsVisibleOnUI, + }) + if err != nil { + return nil, err + } + return &setting, nil +} + +func (s *Setting) Update(ctx context.Context, pgClient *postgresqlDb.Queries) error { + settingVal, err := json.Marshal(s.Value) + if err != nil { + return err + } + return pgClient.UpdateSettingById(ctx, postgresqlDb.UpdateSettingByIdParams{ + ID: s.ID, + Value: settingVal, + IsVisibleOnUi: s.IsVisibleOnUI, + }) +} + +func (s *Setting) Delete(ctx context.Context, pgClient *postgresqlDb.Queries) error { + return pgClient.DeleteSettingByID(ctx, s.ID) +} + +func GetManagementConsoleURL(ctx context.Context, pgClient *postgresqlDb.Queries) (string, error) { + setting, err := pgClient.GetSetting(ctx, ConsoleURLSettingKey) + if err != nil { + return "", err + } + var settingVal SettingValue + err = json.Unmarshal(setting.Value, &settingVal) + if err != nil { + return "", err + } + return fmt.Sprintf("%v", settingVal.Value), nil +} + +func GetManagementConsoleURLandPort(ctx context.Context, pgClient *postgresqlDb.Queries) (string, string, error) { + url, err := GetManagementConsoleURL(ctx, pgClient) + if err != nil { + return "", "", err + } + + if strings.HasPrefix(url, "http://") { + urlSplit := strings.Split(url[7:], ":") + if len(urlSplit) == 1 { + return urlSplit[0], Port80, nil + } else { + return urlSplit[0], urlSplit[1], nil + } + } else if strings.HasPrefix(url, "https://") { + urlSplit := strings.Split(url[8:], ":") + if len(urlSplit) == 1 { + return urlSplit[0], Port443, nil + } else { + return urlSplit[0], urlSplit[1], nil + } + } + + return url, Port443, nil +} + +func GetVisibleSettings(ctx context.Context, pgClient *postgresqlDb.Queries) ([]SettingsResponse, error) { + visibleSettings, err := pgClient.GetVisibleSettings(ctx) + if err != nil { + return nil, err + } + settings := make([]SettingsResponse, len(visibleSettings)) + for i, s := range visibleSettings { + var sValue SettingValue + err = json.Unmarshal(s.Value, &sValue) + if err != nil { + continue + } + settings[i] = SettingsResponse{ + ID: s.ID, + Key: s.Key, + Value: sValue.Value, + Label: sValue.Label, + Description: sValue.Description, + } + } + return settings, nil +} + +func GetSettingByKey(ctx context.Context, pgClient *postgresqlDb.Queries, key string) (*Setting, error) { + + ctx, span := telemetry.NewSpan(ctx, "setting", "get-setting-by-key") + defer span.End() + + setting, err := pgClient.GetSetting(ctx, key) + if err != nil { + return nil, err + } + var sValue SettingValue + err = json.Unmarshal(setting.Value, &sValue) + if err != nil { + return nil, err + } + return &Setting{ + ID: setting.ID, + Key: setting.Key, + Value: &sValue, + IsVisibleOnUI: setting.IsVisibleOnUi, + }, nil +} + +func SetScanResultsDeletionSetting(ctx context.Context, pgClient *postgresqlDb.Queries) error { + ctx, span := telemetry.NewSpan(ctx, "cronjobs", "set-scan-results-deletion-setting") + defer span.End() + + _, err := pgClient.GetSetting(ctx, InactiveNodesDeleteScanResultsKey) + if errors.Is(err, sql.ErrNoRows) { + s := Setting{ + Key: InactiveNodesDeleteScanResultsKey, + Value: &SettingValue{ + Label: "Inactive Nodes Scan Results Deletion Interval (in days)", + Value: 30, // 30 days + Description: "Scan results deletion interval (in days) for nodes that are not active", + }, + IsVisibleOnUI: true, + } + _, err = s.Create(ctx, pgClient) + if err != nil { + return err + } + return nil + } else if err != nil { + return err + } + return nil +} + +func SetConsoleIDSetting(ctx context.Context, pgClient *postgresqlDb.Queries) error { + ctx, span := telemetry.NewSpan(ctx, "cronjobs", "set-console-id-setting") + defer span.End() + + _, err := pgClient.GetSetting(ctx, ConsoleIDKey) + if errors.Is(err, sql.ErrNoRows) { + randomInt, err := utils.GenerateRandomNumber(13) + if err != nil { + return err + } + s := Setting{ + Key: ConsoleIDKey, + Value: &SettingValue{ + Label: "Console ID", + Value: randomInt, + Description: "Unique ID for console", + }, + IsVisibleOnUI: false, + } + _, err = s.Create(ctx, pgClient) + if err != nil { + return err + } + return nil + } else if err != nil { + return err + } + return nil +} + +func InitializeAESSetting(ctx context.Context, pgClient *postgresqlDb.Queries) error { + ctx, span := telemetry.NewSpan(ctx, "cronjobs", "init-aes-setting") + defer span.End() + + // set aes_secret in setting table, if !exists + // TODO + // generate aes and aes-iv + _, err := pgClient.GetSetting(ctx, utils.AESSecret) + if err != nil { + key := make([]byte, 32) // 32 bytes for AES-256 + iv := make([]byte, aes.BlockSize) + _, err = rand.Read(key) + if err != nil { + return err + } + + _, err = rand.Read(iv) + if err != nil { + return err + } + + aesValue := &SettingValue{ + Label: "AES Encryption Setting", + Description: "AES Encryption Key-IV pair", + Value: map[string]string{ + "aes_iv": hex.EncodeToString(iv), + "aes_key": hex.EncodeToString(key), + }, + } + + rawAES, err := json.Marshal(aesValue) + if err != nil { + return err + } + rawMessageAES := json.RawMessage(rawAES) + + _, err = pgClient.CreateSetting(ctx, postgresqlDb.CreateSettingParams{ + Key: utils.AESSecret, + Value: rawMessageAES, + IsVisibleOnUi: false, + }) + if err != nil { + return err + } + } + return nil +} diff --git a/deepfence_utils/utils/constants.go b/deepfence_utils/utils/constants.go index b66002ab91..c45e53a2fd 100644 --- a/deepfence_utils/utils/constants.go +++ b/deepfence_utils/utils/constants.go @@ -267,3 +267,7 @@ const ( const ( FileServerPathAgentBinary = "agent-binary" ) + +const ( + AESSecret = "aes_secret" +) diff --git a/deepfence_worker/cronjobs/license.go b/deepfence_worker/cronjobs/license.go index 94ed508d9b..3180ca1a14 100644 --- a/deepfence_worker/cronjobs/license.go +++ b/deepfence_worker/cronjobs/license.go @@ -14,6 +14,7 @@ import ( "github.com/deepfence/ThreatMapper/deepfence_server/model" "github.com/deepfence/ThreatMapper/deepfence_utils/directory" "github.com/deepfence/ThreatMapper/deepfence_utils/log" + "github.com/deepfence/ThreatMapper/deepfence_utils/setting" "github.com/deepfence/ThreatMapper/deepfence_utils/utils" "github.com/hibiken/asynq" "github.com/neo4j/neo4j-go-driver/v5/neo4j" @@ -108,7 +109,7 @@ func publishLicenseUsageToLicenseServer(ctx context.Context) error { activeAgentNodes = rec.Values[0].(int64) } - consoleIDSetting, err := model.GetSettingByKey(ctx, pgClient, model.ConsoleIDKey) + consoleIDSetting, err := setting.GetSettingByKey(ctx, pgClient, setting.ConsoleIDKey) if err != nil { return err } diff --git a/deepfence_worker/cronjobs/neo4j.go b/deepfence_worker/cronjobs/neo4j.go index 8b10da8cf2..1479f7470c 100644 --- a/deepfence_worker/cronjobs/neo4j.go +++ b/deepfence_worker/cronjobs/neo4j.go @@ -5,9 +5,9 @@ import ( "sync/atomic" "time" + "github.com/deepfence/ThreatMapper/deepfence_utils/setting" "github.com/hibiken/asynq" - "github.com/deepfence/ThreatMapper/deepfence_server/model" "github.com/deepfence/ThreatMapper/deepfence_utils/directory" "github.com/deepfence/ThreatMapper/deepfence_utils/log" "github.com/deepfence/ThreatMapper/deepfence_utils/utils" @@ -48,7 +48,7 @@ func getResourceCleanUpTimeout(ctx context.Context) time.Duration { if err != nil { return defaultDBScannedResourceCleanUpTimeout } - timeoutSetting, err := model.GetSettingByKey(ctx, pgClient, model.InactiveNodesDeleteScanResultsKey) + timeoutSetting, err := setting.GetSettingByKey(ctx, pgClient, setting.InactiveNodesDeleteScanResultsKey) if err != nil { return defaultDBScannedResourceCleanUpTimeout } diff --git a/deepfence_worker/cronscheduler/init_db.go b/deepfence_worker/cronscheduler/init_db.go index ea14f7bb53..9d0184e92d 100644 --- a/deepfence_worker/cronscheduler/init_db.go +++ b/deepfence_worker/cronscheduler/init_db.go @@ -10,6 +10,7 @@ import ( "github.com/deepfence/ThreatMapper/deepfence_server/model" "github.com/deepfence/ThreatMapper/deepfence_utils/directory" "github.com/deepfence/ThreatMapper/deepfence_utils/log" + "github.com/deepfence/ThreatMapper/deepfence_utils/setting" "github.com/deepfence/ThreatMapper/deepfence_utils/telemetry" "github.com/deepfence/ThreatMapper/deepfence_utils/utils" "github.com/minio/minio-go/v7" @@ -70,30 +71,22 @@ func initSqlDatabase(ctx context.Context) error { return err } - fileServerURLSetting, err := model.GetSettingByKey(ctx, pgClient, model.FileServerURLSettingKey) - if err == nil { - err = fileServerURLSetting.Delete(ctx, pgClient) - if err != nil { - log.Error().Err(err).Msg("failed to delete FileServerURLSettingKey") - } - } - err = model.InitializeScheduledTasks(ctx, pgClient) if err != nil { log.Error().Err(err).Msg("failed to initialize scheduled tasks") } - err = model.SetScanResultsDeletionSetting(ctx, pgClient) + err = setting.SetScanResultsDeletionSetting(ctx, pgClient) if err != nil { log.Error().Err(err).Msg("failed to update settings") } - err = model.SetConsoleIDSetting(ctx, pgClient) + err = setting.SetConsoleIDSetting(ctx, pgClient) if err != nil { log.Error().Err(err).Msg("failed to initialize console id") } - err = model.InitializeAESSetting(ctx, pgClient) + err = setting.InitializeAESSetting(ctx, pgClient) if err != nil { log.Error().Err(err).Msg("failed to initialize aes") }