Merge pull request #40 from MaciejMis/integration-new-config-file

Integration with ODIM's services part #2

src/config/config.go

@@ -0,0 +1,105 @@
+package config
+
+import (
+	"fmt"
+	"github.com/google/uuid"
+	"github.com/sirupsen/logrus"
+	"gopkg.in/yaml.v3"
+	"io/ioutil"
+	"os"
+)
+
+// Config struct holds configuration of Device Manager
+type Config struct {
+	Host               string   `yaml:"Host"`
+	Port               string   `yaml:"Port"`
+	UserName           string   `yaml:"UserName"`
+	Password           string   `yaml:"Password"`
+	RootServiceUUID    string   `yaml:"RootServiceUUID"`
+	TLSConf            *TLSConf `yaml:"TLSConf"`
+	PKIRootCAPath      string   `yaml:"PKIRootCACertificatePath"`
+	PKIPrivateKeyPath  string   `yaml:"PKIPrivateKeyPath"`
+	PKICertificatePath string   `yaml:"PKICertificatePath"`
+	PKIRootCA          []byte
+	PKIPrivateKey      []byte
+	PKICertificate     []byte
+}
+
+// TLSConf holds TLS configuration
+type TLSConf struct {
+	MinVersion uint16 `yaml:"MinVersion"`
+	MaxVersion uint16 `yaml:"MaxVersion"`
+}
+
+// LoadConfiguration loads Device Manager configuration from env path variable DM_CONFIG_FILE_PATH
+func LoadConfiguration() (*Config, error) {
+	config := new(Config)
+
+	if configPath := os.Getenv("DM_CONFIG_FILE_PATH"); configPath != "" {
+		if configData, err := ioutil.ReadFile(configPath); err == nil {
+			_ = yaml.Unmarshal(configData, config)
+		} else {
+			logrus.Fatalf("cannot load configuration file: %s", err)
+		}
+	} else {
+		logrus.Fatal("missing DM_CONFIG_FILE_PATH env")
+	}
+
+	if err := loadCerts(config); err != nil {
+		return config, err
+	}
+
+	return config, validateConfig(config)
+}
+
+func loadCerts(config *Config) error {
+	var err error
+	if config.PKICertificate, err = ioutil.ReadFile(config.PKICertificatePath); err != nil {
+		return fmt.Errorf("value check failed for CertificatePath:%s with %v", config.PKICertificatePath, err)
+	}
+	if config.PKIPrivateKey, err = ioutil.ReadFile(config.PKIPrivateKeyPath); err != nil {
+		return fmt.Errorf("value check failed for PrivateKeyPath:%s with %v", config.PKIPrivateKeyPath, err)
+	}
+	if config.PKIRootCA, err = ioutil.ReadFile(config.PKIRootCAPath); err != nil {
+		return fmt.Errorf("value check failed for RootCACertificatePath:%s with %v", config.PKIRootCAPath, err)
+	}
+
+	return nil
+}
+
+func validateConfig(config *Config) error {
+	if config.Host == "" {
+		return fmt.Errorf("missing value for Host")
+	}
+
+	if config.Port == "" {
+		return fmt.Errorf("missing value for Port")
+	}
+
+	if config.UserName == "" {
+		return fmt.Errorf("missing value for Username")
+	}
+
+	if config.Password == "" {
+		return fmt.Errorf("missing value for Password")
+	}
+
+	if config.RootServiceUUID == "" {
+		return fmt.Errorf("missing value for RootServiceUUID")
+	} else if _, err := uuid.Parse(config.RootServiceUUID); err != nil {
+		return err
+	}
+
+	if config.TLSConf == nil {
+		return fmt.Errorf("missing TLSConf, setting default value")
+	}
+
+	if config.TLSConf.MinVersion == 0 || config.TLSConf.MinVersion == 0x0301 || config.TLSConf.MinVersion == 0x0302 {
+		return fmt.Errorf("configured TLSConf.MinVersion is wrong")
+	}
+	if config.TLSConf.MaxVersion == 0 || config.TLSConf.MaxVersion == 0x0301 || config.TLSConf.MaxVersion == 0x0302 {
+		return fmt.Errorf("configured TLSConf.MaxVersion is wrong")
+	}
+
+	return nil
+}

src/config/config.yml

@@ -0,0 +1,21 @@
+### Device Manager configuration file
+Host: odimra.local
+Port: 45003
+
+PKIRootCACertificatePath: "/etc/plugincert/rootCA.crt"
+PKIPrivateKeyPath: "/etc/plugincert/odimra_server.key"
+PKICertificatePath: "/etc/plugincert/odimra_server.crt"
+
+TLSConf:
+  ### Supported TLS versions:
+  #	VersionTLS12 = 0x0303
+  #	VersionTLS13 = 0x0304
+  MinVersion: 0x0303
+  MaxVersion: 0x0303
+
+### Basic Authentication
+UserName: admin
+Password: O01bKrP7Tzs7YoO3YvQt4pRa2J_R6HI34ZfP4MxbqNIYAVQVt2ewGXmhjvBfzMifM7bHFccXKGmdHvj3hY44Hw==
+
+### Redfish service root UUID for Device Manager
+RootServiceUUID: 99999999-9999-9999-9999-999999999999

src/go.mod

@@ -5,11 +5,13 @@ go 1.13
 require (
 	github.com/Shopify/sarama v1.28.0
 	github.com/golang/protobuf v1.4.3
+	github.com/google/uuid v1.1.2
 	github.com/jessevdk/go-flags v1.4.0
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/sirupsen/logrus v1.8.0
 	golang.org/x/net v0.0.0-20210226172049-e18ecbb05110
 	google.golang.org/grpc v1.36.0
-	google.golang.org/protobuf v1.25.0
+	google.golang.org/protobuf v1.25.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0
+	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b
 )

src/go.sum

@@ -45,6 +45,7 @@ github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
 github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.4 h1:L8R9j+yAqZuZjsqh/z+F1NCffTKKLShY6zXTItVIZ8M=
 github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/uuid v1.1.2 h1:EVhdT+1Kseyi1/pUmXKaFxYsDNy9RQYkMWRH68J/W7Y=
 github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
 github.com/gorilla/sessions v1.2.1/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
@@ -72,6 +73,7 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/magefile/mage v1.10.0 h1:3HiXzCUY12kh9bIuyXShaVe529fJfyqoVM42o/uom2g=
 github.com/magefile/mage v1.10.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A=
 github.com/pierrec/lz4 v2.6.0+incompatible h1:Ix9yFKn1nSPBLFl/yZknTp8TU5G4Ps0JDmguYK6iH1A=
 github.com/pierrec/lz4 v2.6.0+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY=

src/main.go

@@ -21,12 +21,8 @@
 package main
 
 import (
-	"crypto/tls"
-	"sync"
-
-	"io/ioutil"
+	"devicemanager/config"
 	"net"
-	"net/http"
 	"os"
 	"os/signal"
 	"strconv"
@@ -35,15 +31,11 @@ import (
 
 	manager "devicemanager/proto"
 
-	"github.com/Shopify/sarama"
-
 	logrus "github.com/sirupsen/logrus"
 	"google.golang.org/grpc"
 )
 
 var (
-	//lock ...
-	lock sync.Mutex
 	//managerTopic ...
 	managerTopic = "manager"
 )
@@ -70,33 +62,6 @@ func (s *Server) startGrpcServer() {
 	}
 }
 
-func (s *Server) handleEvents(w http.ResponseWriter, r *http.Request) {
-	signals := make(chan os.Signal, 1)
-	signal.Notify(signals, os.Interrupt)
-	logrus.Info(" IN Handle Event  ")
-	if r.Method == "POST" {
-		Body, err := ioutil.ReadAll(r.Body)
-		if err != nil {
-			logrus.Errorf("Error getting HTTP data %s", err)
-		}
-		defer r.Body.Close()
-		message := &sarama.ProducerMessage{
-			Topic: managerTopic,
-			Value: sarama.StringEncoder(Body),
-		}
-		s.dataproducer.Input() <- message
-	}
-}
-
-func (s *Server) runServer() {
-	logrus.Info("Starting HTTP Server")
-	http.HandleFunc("/", s.handleEvents)
-	err := http.ListenAndServeTLS(GlobalConfig.Local, "https-server.crt", "https-server.key", nil)
-	if err != nil {
-		panic(err)
-	}
-}
-
 func (s *Server) vlidateDeviceRegistered(deviceIPAddress string) bool {
 	if len(s.devicemap) != 0 {
 		for device := range s.devicemap {
@@ -163,24 +128,29 @@ func init() {
 	Formatter.TimestampFormat = "02-01-2006 15:04:05.000000"
 	Formatter.FullTimestamp = true
 	logrus.SetFormatter(Formatter)
-	logrus.Info("log Connecting to broker:")
-	logrus.Info("log Listening to  http server ")
-	//sarama.Logger = log.New()
+	logrus.SetLevel(logrus.DebugLevel)
 }
 
 func main() {
-	logrus.Info("Starting Device-management Container")
-	ParseCommandLine()
-	ProcessGlobalOptions()
-	ShowGlobalOptions()
-	http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
-	s := Server{
-		devicemap: make(map[string]*device),
+	// Verify user ID.
+	if os.Geteuid() == 0 {
+		logrus.Fatal("Device Manager should not run with root privileges")
+	}
+	logrus.Info("Starting Device Manager")
+
+	if _, err := config.LoadConfiguration(); err != nil {
+		logrus.Fatal("error while loading config", err)
+	} else {
+		ParseCommandLine()
+		ProcessGlobalOptions()
+		ShowGlobalOptions()
+		s := Server{
+			devicemap: make(map[string]*device),
+		}
+		go s.startGrpcServer()
+		quit := make(chan os.Signal, 10)
+		signal.Notify(quit, os.Interrupt)
+		sig := <-quit
+		logrus.Infof("Shutting down:%d", sig)
 	}
-	go s.runServer()
-	go s.startGrpcServer()
-	quit := make(chan os.Signal, 10)
-	signal.Notify(quit, os.Interrupt)
-	sig := <-quit
-	logrus.Infof("Shutting down:%d", sig)
 }