Revert "Merge release-2.28.1 back into main (#455)"

This reverts commit 3e8efee.
nginx · Aug 30, 2023 · 4ac6653 · 4ac6653
1 parent 181b995
commit 4ac6653
Show file tree

Hide file tree

Showing 10 changed files with 454 additions and 493 deletions.
diff --git a/scripts/selinux/nginx_agent.pp b/scripts/selinux/nginx_agent.pp
diff --git a/scripts/selinux/nginx_agent.te b/scripts/selinux/nginx_agent.te
diff --git a/sdk/config_helpers.go b/sdk/config_helpers.go
@@ -10,10 +10,8 @@ package sdk
 import (
 	"crypto/sha256"
 	"encoding/hex"
-	"encoding/json"
 	"errors"
 	"fmt"
-	"io"
 	"io/fs"
 	"net"
 	"net/http"
@@ -671,46 +669,41 @@ func AddAuxfileToNginxConfig(
 
 func parseAddressesFromServerDirective(parent *crossplane.Directive) []string {
 	addresses := []string{}
-	hosts := []string{}
 	port := "80"
 
 	for _, dir := range parent.Block {
-		hostname := "127.0.0.1"
+		address := "127.0.0.1"
 
 		switch dir.Directive {
 		case "listen":
 			host, listenPort, err := net.SplitHostPort(dir.Args[0])
 			if err == nil {
 				if host == "*" || host == "" {
-					hostname = "127.0.0.1"
+					address = "127.0.0.1"
 				} else if host == "::" || host == "::1" {
-					hostname = "[::1]"
+					address = "[::1]"
 				} else {
-					hostname = host
+					address = host
 				}
 				port = listenPort
 			} else {
 				if isPort(dir.Args[0]) {
 					port = dir.Args[0]
 				} else {
-					hostname = dir.Args[0]
+					address = dir.Args[0]
 				}
 			}
-			hosts = append(hosts, hostname)
+			addresses = append(addresses, fmt.Sprintf("%s:%s", address, port))
 		case "server_name":
 			if dir.Args[0] == "_" {
 				// default server
 				continue
 			}
-			hostname = dir.Args[0]
-			hosts = append(hosts, hostname)
+			address = dir.Args[0]
+			addresses = append(addresses, fmt.Sprintf("%s:%s", address, port))
 		}
 	}
 
-	for _, host := range hosts {
-		addresses = append(addresses, fmt.Sprintf("%s:%s", host, port))
-	}
-
 	return addresses
 }
 
@@ -736,15 +729,15 @@ func statusAPICallback(parent *crossplane.Directive, current *crossplane.Directi
 	plusUrls := getUrlsForLocationDirective(parent, current, plusAPIDirective)
 
 	for _, url := range plusUrls {
-		if pingNginxPlusApiEndpoint(url) {
+		if pingStatusAPIEndpoint(url) {
 			log.Debugf("api at %q found", url)
 			return url
 		}
 		log.Debugf("api at %q is not reachable", url)
 	}
 
 	for _, url := range ossUrls {
-		if pingStubStatusApiEndpoint(url) {
+		if pingStatusAPIEndpoint(url) {
 			log.Debugf("stub_status at %q found", url)
 			return url
 		}
@@ -754,6 +747,16 @@ func statusAPICallback(parent *crossplane.Directive, current *crossplane.Directi
 	return ""
 }
 
+// pingStatusAPIEndpoint ensures the statusAPI is reachable from the agent
+func pingStatusAPIEndpoint(statusAPI string) bool {
+	client := http.Client{Timeout: 50 * time.Millisecond}
+
+	if _, err := client.Head(statusAPI); err != nil {
+		return false
+	}
+	return true
+}
+
 // Deprecated: use either GetStubStatusApiUrl or GetNginxPlusApiUrl
 func GetStatusApiInfoWithIgnoreDirectives(confFile string, ignoreDirectives []string) (statusApi string, err error) {
 	payload, err := crossplane.Parse(confFile,
@@ -831,7 +834,7 @@ func stubStatusApiCallback(parent *crossplane.Directive, current *crossplane.Dir
 	urls := getUrlsForLocationDirective(parent, current, stubStatusAPIDirective)
 
 	for _, url := range urls {
-		if pingStubStatusApiEndpoint(url) {
+		if pingStatusAPIEndpoint(url) {
 			log.Debugf("stub_status at %q found", url)
 			return url
 		}
@@ -845,7 +848,7 @@ func nginxPlusApiCallback(parent *crossplane.Directive, current *crossplane.Dire
 	urls := getUrlsForLocationDirective(parent, current, plusAPIDirective)
 
 	for _, url := range urls {
-		if pingNginxPlusApiEndpoint(url) {
+		if pingStatusAPIEndpoint(url) {
 			log.Debugf("plus API at %q found", url)
 			return url
 		}
@@ -855,56 +858,6 @@ func nginxPlusApiCallback(parent *crossplane.Directive, current *crossplane.Dire
 	return ""
 }
 
-func pingStubStatusApiEndpoint(statusAPI string) bool {
-	client := http.Client{Timeout: 50 * time.Millisecond}
-	resp, err := client.Get(statusAPI)
-	if err != nil {
-		return false
-	}
-
-	if resp.StatusCode != 200 {
-		return false
-	}
-
-	bodyBytes, err := io.ReadAll(resp.Body)
-	if err != nil {
-		return false
-	}
-
-	// Expecting API to return data like this:
-	//
-	// Active connections: 2
-	// server accepts handled requests
-	//  18 18 3266
-	// Reading: 0 Writing: 1 Waiting: 1
-	body := string(bodyBytes)
-	return strings.Contains(body, "Active connections") && strings.Contains(body, "server accepts handled requests")
-}
-
-func pingNginxPlusApiEndpoint(statusAPI string) bool {
-	client := http.Client{Timeout: 50 * time.Millisecond}
-	resp, err := client.Get(statusAPI)
-	if err != nil {
-		return false
-	}
-
-	if resp.StatusCode != 200 {
-		return false
-	}
-
-	bodyBytes, err := io.ReadAll(resp.Body)
-	if err != nil {
-		return false
-	}
-
-	// Expecting API to return the api versions in an array of positive integers
-	// subset example: [ ... 6,7,8,9 ...]
-	var responseBody []int
-	err = json.Unmarshal(bodyBytes, &responseBody)
-
-	return err == nil
-}
-
 func getUrlsForLocationDirective(parent *crossplane.Directive, current *crossplane.Directive, locationDirectiveName string) []string {
 	var urls []string
 	// process from the location block

diff --git a/sdk/config_helpers_test.go b/sdk/config_helpers_test.go
@@ -779,16 +779,12 @@ func TestGetStatusApiInfo(t *testing.T) {
 
 	server := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
 		if req.URL.String() == "/privateapi" {
-			data := []byte("[1,2,3,4,5,6,7,8]")
+			data := []byte("api OK")
 			_, err := rw.Write(data)
 			assert.Nil(t, err)
 		} else if req.URL.String() == "/stub_status" {
-			data := []byte(`
-Active connections: 2
-server accepts handled requests
-	18 18 3266
-Reading: 0 Writing: 1 Waiting: 1
-					`)
+			rw.WriteHeader(http.StatusInternalServerError)
+			data := []byte("stub_status OK")
 			_, err := rw.Write(data)
 			assert.Nil(t, err)
 		}
@@ -1168,22 +1164,6 @@ server {
         allow 127.0.0.1;
         deny all;
     }
-}
-		`,
-		},
-		{
-			plus: []string{
-				"http://127.0.0.1:49151/api",
-				"http://127.0.0.1:49151/api",
-			},
-			conf: `
-server {
-	server_name 127.0.0.1;
-	listen 127.0.0.1:49151;
-	access_log off;
-	location /api {
-		api;
-	}
 }
 		`,
 		},
@@ -1804,106 +1784,3 @@ func TestGetAppProtectPolicyAndSecurityLogFiles(t *testing.T) {
 		})
 	}
 }
-
-func TestPingNginxPlusApiEndpoint(t *testing.T) {
-	server := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
-		if req.URL.String() == "/good_api" {
-			data := []byte("[1,2,3,4,5,6,7,8]")
-			_, err := rw.Write(data)
-			assert.Nil(t, err)
-		} else if req.URL.String() == "/invalid_body_api" {
-			data := []byte("Invalid")
-			_, err := rw.Write(data)
-			assert.Nil(t, err)
-		} else {
-			rw.WriteHeader(http.StatusInternalServerError)
-			data := []byte("")
-			_, err := rw.Write(data)
-			assert.Nil(t, err)
-		}
-	}))
-	defer server.Close()
-
-	testCases := []struct {
-		name     string
-		endpoint string
-		expected bool
-	}{
-		{
-			name:     "valid API",
-			endpoint: "/good_api",
-			expected: true,
-		},
-		{
-			name:     "invalid response status code",
-			endpoint: "/bad_api",
-			expected: false,
-		},
-		{
-			name:     "invalid response body",
-			endpoint: "/invalid_body_api",
-			expected: false,
-		},
-	}
-
-	for _, testCase := range testCases {
-		t.Run(testCase.name, func(t *testing.T) {
-			result := pingNginxPlusApiEndpoint(fmt.Sprintf("%s%s", server.URL, testCase.endpoint))
-			assert.Equal(t, testCase.expected, result)
-		})
-	}
-}
-
-func TestPingStubStatusApiEndpoint(t *testing.T) {
-	server := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
-		if req.URL.String() == "/good_api" {
-			data := []byte(`
-Active connections: 2
-server accepts handled requests
-	18 18 3266
-Reading: 0 Writing: 1 Waiting: 1
-			`)
-			_, err := rw.Write(data)
-			assert.Nil(t, err)
-		} else if req.URL.String() == "/invalid_body_api" {
-			data := []byte("Invalid")
-			_, err := rw.Write(data)
-			assert.Nil(t, err)
-		} else {
-			rw.WriteHeader(http.StatusInternalServerError)
-			data := []byte("")
-			_, err := rw.Write(data)
-			assert.Nil(t, err)
-		}
-	}))
-	defer server.Close()
-
-	testCases := []struct {
-		name     string
-		endpoint string
-		expected bool
-	}{
-		{
-			name:     "valid API",
-			endpoint: "/good_api",
-			expected: true,
-		},
-		{
-			name:     "invalid response status code",
-			endpoint: "/bad_api",
-			expected: false,
-		},
-		{
-			name:     "invalid response body",
-			endpoint: "/invalid_body_api",
-			expected: false,
-		},
-	}
-
-	for _, testCase := range testCases {
-		t.Run(testCase.name, func(t *testing.T) {
-			result := pingStubStatusApiEndpoint(fmt.Sprintf("%s%s", server.URL, testCase.endpoint))
-			assert.Equal(t, testCase.expected, result)
-		})
-	}
-}
diff --git a/src/core/environment.go b/src/core/environment.go
@@ -509,9 +509,8 @@ func (env *EnvironmentType) Processes() (result []*Process) {
 
 		p, _ := process.NewProcessWithContext(ctx, pid)
 		name, _ := p.NameWithContext(ctx)
-		cmd, _ := p.CmdlineWithContext(ctx)
 
-		if name == "nginx" && !strings.Contains(cmd, "upgrade") {
+		if name == "nginx" {
 			nginxProcesses[pid] = p
 		}
 	}