diff --git a/scripts/selinux/nginx_agent.pp b/scripts/selinux/nginx_agent.pp index b946eadb0..52d59797e 100644 Binary files a/scripts/selinux/nginx_agent.pp and b/scripts/selinux/nginx_agent.pp differ diff --git a/scripts/selinux/nginx_agent.te b/scripts/selinux/nginx_agent.te index f0b1af5b8..8b70a1b19 100644 --- a/scripts/selinux/nginx_agent.te +++ b/scripts/selinux/nginx_agent.te @@ -408,3 +408,14 @@ require { #============= nginx_agent_t ============== files_rw_etc_files(nginx_agent_t) + + +require { + type nginx_agent_t; + type dosfs_t; +} + +#============= nginx_agent_t ============== +files_read_var_lib_files(nginx_agent_t) +allow nginx_agent_t var_lib_t:file write; +allow nginx_agent_t dosfs_t:filesystem getattr; diff --git a/src/plugins/commander.go b/src/plugins/commander.go index 975f75927..460e38774 100644 --- a/src/plugins/commander.go +++ b/src/plugins/commander.go @@ -163,27 +163,19 @@ func (c *Commander) agentRegistered(cmd *proto.Command) { } } - for index, feature := range agtCfg.Details.Features { - agtCfg.Details.Features[index] = strings.Replace(feature, "features_", "", 1) - } + if agtCfg.Details != nil && agtCfg.Details.Features != nil { + for index, feature := range agtCfg.Details.Features { + agtCfg.Details.Features[index] = strings.Replace(feature, "features_", "", 1) + } - sort.Strings(agtCfg.Details.Features) - sort.Strings(c.config.Features) + sort.Strings(agtCfg.Details.Features) - synchronizedFeatures := reflect.DeepEqual(agtCfg.Details.Features, c.config.Features) + sort.Strings(c.config.Features) - if !synchronizedFeatures { - for _, feature := range c.config.Features { - if feature != agent_config.FeatureRegistration { - c.deRegisterPlugin(feature) - } + synchronizedFeatures := reflect.DeepEqual(agtCfg.Details.Features, c.config.Features) - } - } - - if agtCfg.Details != nil && agtCfg.Details.Features != nil && !synchronizedFeatures { - for _, feature := range agtCfg.Details.Features { - c.pipeline.Process(core.NewMessage(core.EnableFeature, feature)) + if !synchronizedFeatures { + c.synchronizeFeatures(agtCfg) } } } @@ -193,6 +185,22 @@ func (c *Commander) agentRegistered(cmd *proto.Command) { } } +func (c *Commander) synchronizeFeatures(agtCfg *proto.AgentConfig) { + if c.config != nil { + for _, feature := range c.config.Features { + if feature != agent_config.FeatureRegistration { + c.deRegisterPlugin(feature) + } + } + } + + if agtCfg.Details != nil { + for _, feature := range agtCfg.Details.Features { + c.pipeline.Process(core.NewMessage(core.EnableFeature, feature)) + } + } +} + func (c *Commander) deRegisterPlugin(data string) { if data == agent_config.FeatureFileWatcher { diff --git a/src/plugins/commander_test.go b/src/plugins/commander_test.go index a1f8a44b8..1c863e5ec 100644 --- a/src/plugins/commander_test.go +++ b/src/plugins/commander_test.go @@ -109,6 +109,26 @@ func TestCommander_Process(t *testing.T) { config: nil, msgTopics: []string{}, }, + { + name: "test agent config during registration", + cmd: &proto.Command{ + Meta: &proto.Metadata{}, + Type: proto.Command_NORMAL, + Data: &proto.Command_NginxConfigResponse{ + NginxConfigResponse: &proto.NginxConfigResponse{ + Status: newOKStatus("config applied successfully").CmdStatus, + Action: proto.NginxConfigAction_APPLY, + ConfigData: &proto.ConfigDescriptor{ + NginxId: "12345", + }, + }, + }, + }, + topic: core.CommNginxConfig, + nginxId: "12345", + systemId: "67890", + msgTopics: []string{}, + }, { name: "test agent register", cmd: &proto.Command{ @@ -129,25 +149,178 @@ func TestCommander_Process(t *testing.T) { msgTopics: []string{}, }, { - name: "test agent config apply", + name: "test agent register with no details and config", cmd: &proto.Command{ Meta: &proto.Metadata{}, Type: proto.Command_NORMAL, - Data: &proto.Command_NginxConfigResponse{ - NginxConfigResponse: &proto.NginxConfigResponse{ - Status: newOKStatus("config applied successfully").CmdStatus, - Action: proto.NginxConfigAction_APPLY, - ConfigData: &proto.ConfigDescriptor{ - NginxId: "12345", + Data: &proto.Command_AgentConnectResponse{ + AgentConnectResponse: &proto.AgentConnectResponse{ + AgentConfig: &proto.AgentConfig{}, + }, + }, + }, + topic: core.AgentConnected, + nginxId: "12345", + systemId: "67890", + msgTopics: []string{}, + }, + { + name: "test agent register with only configs", + cmd: &proto.Command{ + Meta: &proto.Metadata{}, + Type: proto.Command_NORMAL, + Data: &proto.Command_AgentConnectResponse{ + AgentConnectResponse: &proto.AgentConnectResponse{ + AgentConfig: &proto.AgentConfig{ + Configs: &proto.ConfigReport{ + Configs: []*proto.ConfigDescriptor{ + { + Checksum: "", + NginxId: "12345", + SystemId: "6789", + }, + }, + }, }, }, }, }, - topic: core.CommNginxConfig, + topic: core.AgentConnected, + nginxId: "12345", + systemId: "67890", + msgTopics: []string{core.NginxConfigUpload}, + }, + { + name: "test agent register with only agent details", + cmd: &proto.Command{ + Meta: &proto.Metadata{}, + Type: proto.Command_NORMAL, + Data: &proto.Command_AgentConnectResponse{ + AgentConnectResponse: &proto.AgentConnectResponse{ + AgentConfig: &proto.AgentConfig{ + Details: &proto.AgentDetails{ + Tags: []string{"new-tag1:one"}, + Features: []string{"nginx-config-async"}, + }, + }, + }, + }, + }, + topic: core.AgentConnected, + nginxId: "12345", + systemId: "67890", + msgTopics: []string{}, + }, + { + name: "test agent register with empty features in agent details", + cmd: &proto.Command{ + Meta: &proto.Metadata{}, + Type: proto.Command_NORMAL, + Data: &proto.Command_AgentConnectResponse{ + AgentConnectResponse: &proto.AgentConnectResponse{ + AgentConfig: &proto.AgentConfig{ + Details: &proto.AgentDetails{ + Tags: []string{"new-tag1:one"}, + Features: []string{}, + }, + }, + }, + }, + }, + topic: core.AgentConnected, nginxId: "12345", systemId: "67890", msgTopics: []string{}, }, + { + name: "test agent register with nil features in agent details", + cmd: &proto.Command{ + Meta: &proto.Metadata{}, + Type: proto.Command_NORMAL, + Data: &proto.Command_AgentConnectResponse{ + AgentConnectResponse: &proto.AgentConnectResponse{ + AgentConfig: &proto.AgentConfig{ + Details: &proto.AgentDetails{ + Tags: []string{"new-tag1:one"}, + Features: nil, + }, + }, + }, + }, + }, + topic: core.AgentConnected, + nginxId: "12345", + systemId: "67890", + msgTopics: []string{}, + }, + { + name: "test agent register with extension and configs", + cmd: &proto.Command{ + Meta: &proto.Metadata{}, + Type: proto.Command_NORMAL, + Data: &proto.Command_AgentConnectResponse{ + AgentConnectResponse: &proto.AgentConnectResponse{ + AgentConfig: &proto.AgentConfig{ + Details: &proto.AgentDetails{ + Tags: []string{"new-tag1:one"}, + Extensions: []string{"advanced-metrics"}, + }, + Configs: &proto.ConfigReport{ + Configs: []*proto.ConfigDescriptor{ + { + Checksum: "", + NginxId: "12345", + SystemId: "6789", + }, + }, + }, + }, + }, + }, + }, + topic: core.AgentConnected, + nginxId: "12345", + systemId: "67890", + msgTopics: []string{ + core.AgentConfigChanged, + core.NginxConfigUpload, + core.EnableExtension, + }, + }, + { + name: "test agent register with features and configs", + cmd: &proto.Command{ + Meta: &proto.Metadata{}, + Type: proto.Command_NORMAL, + Data: &proto.Command_AgentConnectResponse{ + AgentConnectResponse: &proto.AgentConnectResponse{ + AgentConfig: &proto.AgentConfig{ + Details: &proto.AgentDetails{ + Tags: []string{"new-tag1:one"}, + Features: []string{"nginx-config-async"}, + }, + Configs: &proto.ConfigReport{ + Configs: []*proto.ConfigDescriptor{ + { + Checksum: "", + NginxId: "12345", + SystemId: "6789", + }, + }, + }, + }, + }, + }, + }, + topic: core.AgentConnected, + nginxId: "12345", + systemId: "67890", + msgTopics: []string{ + core.AgentConfigChanged, + core.NginxConfigUpload, + core.EnableFeature, + }, + }, { name: "test agent config force", cmd: &proto.Command{ diff --git a/test/performance/vendor/github.com/nginx/agent/v2/src/plugins/commander.go b/test/performance/vendor/github.com/nginx/agent/v2/src/plugins/commander.go index 975f75927..460e38774 100644 --- a/test/performance/vendor/github.com/nginx/agent/v2/src/plugins/commander.go +++ b/test/performance/vendor/github.com/nginx/agent/v2/src/plugins/commander.go @@ -163,27 +163,19 @@ func (c *Commander) agentRegistered(cmd *proto.Command) { } } - for index, feature := range agtCfg.Details.Features { - agtCfg.Details.Features[index] = strings.Replace(feature, "features_", "", 1) - } + if agtCfg.Details != nil && agtCfg.Details.Features != nil { + for index, feature := range agtCfg.Details.Features { + agtCfg.Details.Features[index] = strings.Replace(feature, "features_", "", 1) + } - sort.Strings(agtCfg.Details.Features) - sort.Strings(c.config.Features) + sort.Strings(agtCfg.Details.Features) - synchronizedFeatures := reflect.DeepEqual(agtCfg.Details.Features, c.config.Features) + sort.Strings(c.config.Features) - if !synchronizedFeatures { - for _, feature := range c.config.Features { - if feature != agent_config.FeatureRegistration { - c.deRegisterPlugin(feature) - } + synchronizedFeatures := reflect.DeepEqual(agtCfg.Details.Features, c.config.Features) - } - } - - if agtCfg.Details != nil && agtCfg.Details.Features != nil && !synchronizedFeatures { - for _, feature := range agtCfg.Details.Features { - c.pipeline.Process(core.NewMessage(core.EnableFeature, feature)) + if !synchronizedFeatures { + c.synchronizeFeatures(agtCfg) } } } @@ -193,6 +185,22 @@ func (c *Commander) agentRegistered(cmd *proto.Command) { } } +func (c *Commander) synchronizeFeatures(agtCfg *proto.AgentConfig) { + if c.config != nil { + for _, feature := range c.config.Features { + if feature != agent_config.FeatureRegistration { + c.deRegisterPlugin(feature) + } + } + } + + if agtCfg.Details != nil { + for _, feature := range agtCfg.Details.Features { + c.pipeline.Process(core.NewMessage(core.EnableFeature, feature)) + } + } +} + func (c *Commander) deRegisterPlugin(data string) { if data == agent_config.FeatureFileWatcher {