Skip to content

Commit

Permalink
Fix comments in the merge request
Browse files Browse the repository at this point in the history
  • Loading branch information
mcasas993 committed Oct 14, 2024
1 parent a97e2d6 commit 65f6f9d
Show file tree
Hide file tree
Showing 6 changed files with 79 additions and 80 deletions.
9 changes: 7 additions & 2 deletions plugins/command-manager/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -126,12 +126,17 @@ integTest {

testClusters.integTest {
testDistribution = "INTEG_TEST"

//testDistribution = "ARCHIVE"
// This installs our plugin into the testClusters
plugin(project.tasks.bundlePlugin.archiveFile)

// add customized keystore
keystore 'command.manager.access_key', new File("$projectDir/src/test/resources/", 'wazuh-indexer.keystore.json')
keystore 'command.manager.keystore', new File("$projectDir/src/test/resources/", 'wazuh-indexer.keystore.json')
//keystore 'command.manager.uri', 'http://localhost:9090'
//keystore 'command.manager.auth.type', 'basicauth'
keystore 'command.manager.auth.username', 'admin'
keystore 'command.manager.auth.password', 'type'

}

run {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,6 @@ public class CommandManagerPlugin extends Plugin implements ActionPlugin, Reload
public static final String COMMAND_MANAGER_INDEX_TEMPLATE_NAME = "index-template-commands";

private CommandIndex commandIndex;
private PluginSettings pluginSettings;

@Override
public Collection<Object> createComponents(
Expand All @@ -68,8 +67,7 @@ public Collection<Object> createComponents(
Supplier<RepositoriesService> repositoriesServiceSupplier
) {
this.commandIndex = new CommandIndex(client, clusterService, threadPool);
this.pluginSettings = PluginSettings.getPluginSettingsInstance();
pluginSettings.setEnv(environment);
PluginSettings.getInstance().setEnvironment(environment);

// HttpRestClient stuff
String uri = "https://httpbin.org/post";
Expand All @@ -93,12 +91,12 @@ public List<RestHandler> getRestHandlers(
@Override
public List<Setting<?>> getSettings() {
return Arrays.asList(
// Register EC2 discovery settings: discovery.ec2
CommandManagerSettings.ACCESS_KEY_SETTING,
CommandManagerSettings.SECRET_KEY_SETTING,
CommandManagerSettings.SESSION_TOKEN_SETTING,
CommandManagerSettings.PROXY_HOST_SETTING,
CommandManagerSettings.PROXY_PORT_SETTING
// Register API settings
CommandManagerSettings.KEYSTORE,
CommandManagerSettings.AUTH_USERNAME,
CommandManagerSettings.AUTH_PASSWORD,
CommandManagerSettings.URI,
CommandManagerSettings.AUTH_TYPE
);
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,73 +7,70 @@
*/
package com.wazuh.commandmanager.settings;
import org.opensearch.common.settings.Setting;
import org.opensearch.common.settings.Setting.Property;
import org.opensearch.common.settings.SecureSetting;
import org.opensearch.common.settings.Settings;
import org.opensearch.core.common.settings.SecureString;


public final class CommandManagerSettings {
//THE DEFINITIONS OF WHAT KEYS ARE NECESSARY ARE PENDING

/** The access key (ie login id) for connecting to ec2. */
public static final Setting<SecureString> ACCESS_KEY_SETTING = SecureSetting.secureString("command.manager.access_key", null);
/** The access key (ie login id) for connecting to api. */
public static final Setting<SecureString> KEYSTORE = SecureSetting.secureString("command.manager.keystore", null);

/** The secret key (ie password) for connecting to ec2. */
public static final Setting<SecureString> SECRET_KEY_SETTING = SecureSetting.secureString("command.manager.secret_key", null);
/** The access key (ie login username) for connecting to api. */
public static final Setting<SecureString> AUTH_USERNAME = SecureSetting.secureString("command.manager.auth.username", null);

/** The session token for connecting to ec2. */
public static final Setting<SecureString> SESSION_TOKEN_SETTING = SecureSetting.secureString("command.manager.session_token", null);
/** The secret key (ie password) for connecting to api. */
public static final Setting<SecureString> AUTH_PASSWORD = SecureSetting.secureString("command.manager.auth.password", null);

/** The host name of a proxy to connect to ec2 through. */
public static final Setting<String> PROXY_HOST_SETTING = Setting.simpleString("command.manager.proxy.host", Property.NodeScope);
/** The uri for connecting to api. */
public static final Setting<String> URI = SecureSetting.simpleString("command.manager.uri", Setting.Property.NodeScope);

/** The port of a proxy to connect to ec2 through. */
public static final Setting<Integer> PROXY_PORT_SETTING = Setting.intSetting("command.manager.proxy.port", 80, 0, 1 << 16, Property.NodeScope);
/** The auth type for connecting to api. */
public static final Setting<String> AUTH_TYPE = Setting.simpleString("command.manager.auth.type", Setting.Property.NodeScope);

/** An optional proxy host that requests to ec2 should be made through. */
final String accessKey;
/** The access key (ie login username) for connecting to api. */
final String keystore;

/** The secret key (ie password) for connecting to ec2. */
final String secretKey;
/** The access key (ie login username) for connecting to api. */
final String authUsername;

/** The session token for connecting to ec2. */
final String sessionToken;
/** The password for connecting to api. */
final String authPassword;

/** An optional proxy host that requests to ec2 should be made through. */
final String proxyHost;
/** The uri for connecting to api. */
final String uri;

/** The port number the proxy host should be connected on. */
final int proxyPort;
/** The auth type for connecting to api. */
final String authType;


protected CommandManagerSettings(
String accessKey,
String secretKey,
String sessionToken,
String proxyHost,
int proxyPort
String keystore,
String authUsername,
String authPassword,
String uri,
String authType
) {
this.accessKey = accessKey;
this.secretKey = secretKey;
this.sessionToken = sessionToken;
this.proxyHost = proxyHost;
this.proxyPort = proxyPort;}
this.keystore = keystore;
this.authUsername = authUsername;
this.authPassword = authPassword;
this.uri = uri;
this.authType = authType;}

/** Parse settings for a single client. */
public static CommandManagerSettings getClientSettings(Settings settings) {
//final AwsCredentials credentials = loadCredentials(settings); no estoy segura de si tendríamos que configurar algo asociado a AWS, supongo que no
try(
SecureString accessKey = ACCESS_KEY_SETTING.get(settings);
SecureString secretKey = SECRET_KEY_SETTING.get(settings);
SecureString sessionToken = SESSION_TOKEN_SETTING.get(settings);
SecureString keystore = KEYSTORE.get(settings);
SecureString authUsername = AUTH_USERNAME.get(settings);
SecureString authPassword = AUTH_PASSWORD.get(settings);
){
return new CommandManagerSettings(
accessKey.toString(),
secretKey.toString(),
sessionToken.toString(),
PROXY_HOST_SETTING.get(settings),
PROXY_PORT_SETTING.get(settings)
keystore.toString(),
authUsername.toString(),
authPassword.toString(),
URI.get(settings),
AUTH_TYPE.get(settings)
);
}
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,44 +25,43 @@ public class PluginSettings {

private static final String KEYSTORE_FILENAME = "wazuh-indexer.keystore";

private static KeyStoreWrapper keyStoreWrapper = KeyStoreWrapper.create();
private static Environment env;
private KeyStoreWrapper keyStoreWrapper = KeyStoreWrapper.create();
private Environment environment;

private PluginSettings() {
private PluginSettings(KeyStoreWrapper keyStoreWrapper) {
// Singleton class, use getPluginSettings method instead of constructor
this.keyStoreWrapper = keyStoreWrapper;
}

public static PluginSettings getPluginSettingsInstance() {
if (INSTANCE != null) {
return INSTANCE;
}
public static PluginSettings getInstance() {
synchronized (PluginSettings.class) {
if (INSTANCE != null) {
return INSTANCE;
}
INSTANCE = new PluginSettings();
KeyStoreWrapper keyStoreWrapper1 = KeyStoreWrapper.create();
INSTANCE = new PluginSettings(keyStoreWrapper1);
return INSTANCE;
}
}

public void setEnv(Environment env) {
PluginSettings.env = env;
public void setEnvironment(Environment environment) {
this.environment = environment;
}

static SecureSettings loadSecureSettings(SecureString secureSettingsPassword) throws CommandManagerSettingsException, GeneralSecurityException {
public SecureSettings loadSecureSettings(SecureString secureSettingsPassword) throws CommandManagerSettingsException, GeneralSecurityException {
try {
//Open the keystore file
keyStoreWrapper = KeyStoreWrapper.load(env.configFile(),KEYSTORE_FILENAME);
if (keyStoreWrapper == null) {
logger.info(CommandManagerSettingsException.keystoreNotExist(env.configFile().toString()).getMessage());
this.keyStoreWrapper = KeyStoreWrapper.load( this.environment.configFile(),KEYSTORE_FILENAME);
if ( this.keyStoreWrapper == null) {
logger.info(CommandManagerSettingsException.keystoreNotExist( this.environment.configFile().toString()).getMessage());

//Create keystore file if it doesn't exist
keyStoreWrapper = KeyStoreWrapper.create();
keyStoreWrapper.save(env.configFile(), new char[0]);
this.keyStoreWrapper = KeyStoreWrapper.create();
this.keyStoreWrapper.save( this.environment.configFile(), new char[0]);

} else {
// Decrypt the keystore using the password from the request
keyStoreWrapper.decrypt(secureSettingsPassword.getChars());
this.keyStoreWrapper.decrypt(secureSettingsPassword.getChars());
//Here TransportNodesReloadSecureSettingsAction reload the plugins, but our PLugin isn't ReloadablePlugin
// final Settings settingsWithKeystore = Settings.builder().setSecureSettings(keyStoreWrapper).build();
}
Expand All @@ -73,16 +72,16 @@ static SecureSettings loadSecureSettings(SecureString secureSettingsPassword) th
} finally {
secureSettingsPassword.close();
}
return keyStoreWrapper;
return this.keyStoreWrapper;
}

public SecureSettings upgradeKeyStore( char[] password){
try {
KeyStoreWrapper.upgrade(keyStoreWrapper, env.configFile(), password);
KeyStoreWrapper.upgrade( this.keyStoreWrapper, this.environment.configFile(), password);
} catch (Exception e) {
throw new RuntimeException(e);
}
return keyStoreWrapper;
return this.keyStoreWrapper;
}

}
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,8 @@ public void setUp() {
// Create a mock Environment
mockEnvironment = mock(Environment.class);
// Instantiate PluginSettings
pluginSettings = PluginSettings.getPluginSettingsInstance();
pluginSettings.setEnv(mockEnvironment);
pluginSettings = PluginSettings.getInstance();
pluginSettings.setEnvironment(mockEnvironment);
}

@After
Expand All @@ -51,7 +51,7 @@ public void testLoadSecureSettings_keystoreNotExist() throws Exception {
when(KeyStoreWrapper.load(any(), any())).thenReturn(null);

// Check that the keystore is created
SecureSettings result = PluginSettings.loadSecureSettings(secureString);
SecureSettings result = this.pluginSettings.loadSecureSettings(secureString);

assertNotNull(result);
verify(keyStoreWrapperMock, times(1)).save(any(), any());
Expand All @@ -70,7 +70,7 @@ public void testLoadSecureSettings_keystoreExists() throws Exception {
keyStoreWrapperMock.decrypt(passToTest);

// Load secure settings
SecureSettings result = PluginSettings.loadSecureSettings(secureString);
SecureSettings result = this.pluginSettings.loadSecureSettings(secureString);

assertNotNull(result);
verify(keyStoreWrapperMock, times(1)).decrypt(secureString.getChars());
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,10 @@
{
"name" : "wazuh-api",
"properties" : {
"prometheus.uri" : "http://localhost:9090",
"prometheus.auth.type" : "basicauth",
"prometheus.auth.username" : "admin",
"prometheus.auth.password" : "type"
"uri" : "http://localhost:9090",
"auth.type" : "basicauth",
"auth.username" : "admin",
"auth.password" : "type"
}
}
]

0 comments on commit 65f6f9d

Please sign in to comment.