Cocos 209

cli/sdk.go

@@ -5,6 +5,7 @@ package cli
 import (
 	"context"
 
+	"github.com/spf13/cobra"
 	"github.com/ultravioletrs/cocos/pkg/clients/grpc"
 	"github.com/ultravioletrs/cocos/pkg/clients/grpc/agent"
 	"github.com/ultravioletrs/cocos/pkg/sdk"
@@ -14,23 +15,24 @@ var Verbose bool
 
 type CLI struct {
 	agentSDK   sdk.SDK
-	config     grpc.Config
+	config     grpc.AgentClientConfig
 	client     grpc.Client
 	connectErr error
 }
 
-func New(config grpc.Config) *CLI {
+func New(config grpc.AgentClientConfig) *CLI {
 	return &CLI{
 		config: config,
 	}
 }
 
-func (c *CLI) InitializeSDK() error {
+func (c *CLI) InitializeSDK(cmd *cobra.Command) error {
 	agentGRPCClient, agentClient, err := agent.NewAgentClient(context.Background(), c.config)
 	if err != nil {
 		c.connectErr = err
 		return err
 	}
+	cmd.Println("🔗 Connected to agent using ", agentGRPCClient.Secure())
 	c.client = agentGRPCClient
 
 	c.agentSDK = sdk.NewAgentSDK(agentClient)

cmd/agent/main.go

@@ -97,14 +97,18 @@ func main() {
 
 	svc := newService(ctx, logger, eventSvc, cfg, qp)
 
-	grpcServerConfig := server.Config{
-		Port:         cfg.AgentConfig.Port,
-		Host:         cfg.AgentConfig.Host,
-		CertFile:     cfg.AgentConfig.CertFile,
-		KeyFile:      cfg.AgentConfig.KeyFile,
-		ServerCAFile: cfg.AgentConfig.ServerCAFile,
-		ClientCAFile: cfg.AgentConfig.ClientCAFile,
-		AttestedTLS:  cfg.AgentConfig.AttestedTls,
+	agentGrpcServerConfig := server.AgentConfig{
+		ServerConfig: server.ServerConfig{
+			BaseConfig: server.BaseConfig{
+				Host:         cfg.AgentConfig.Host,
+				Port:         cfg.AgentConfig.Port,
+				CertFile:     cfg.AgentConfig.CertFile,
+				KeyFile:      cfg.AgentConfig.KeyFile,
+				ServerCAFile: cfg.AgentConfig.ServerCAFile,
+				ClientCAFile: cfg.AgentConfig.ClientCAFile,
+			},
+		},
+		AttestedTLS: cfg.AgentConfig.AttestedTls,
 	}
 
 	registerAgentServiceServer := func(srv *grpc.Server) {
@@ -119,7 +123,7 @@ func main() {
 		return
 	}
 
-	gs := grpcserver.New(ctx, cancel, svcName, grpcServerConfig, registerAgentServiceServer, logger, qp, authSvc)
+	gs := grpcserver.New(ctx, cancel, svcName, agentGrpcServerConfig, registerAgentServiceServer, logger, qp, authSvc)
 
 	g.Go(func() error {
 		for {

cmd/cli/main.go

@@ -91,7 +91,7 @@ func main() {
 		return
 	}
 
-	agentGRPCConfig := grpc.Config{}
+	agentGRPCConfig := grpc.AgentClientConfig{}
 	if err := env.ParseWithOptions(&agentGRPCConfig, env.Options{Prefix: envPrefixAgentGRPC}); err != nil {
 		message := color.New(color.FgRed).Sprintf("failed to load %s gRPC client configuration : %s", svcName, err)
 		rootCmd.Println(message)
@@ -100,7 +100,7 @@ func main() {
 
 	cliSVC := cli.New(agentGRPCConfig)
 
-	if err := cliSVC.InitializeSDK(); err == nil {
+	if err := cliSVC.InitializeSDK(rootCmd); err == nil {
 		defer cliSVC.Close()
 	}
 

cmd/manager/main.go

@@ -25,7 +25,7 @@ import (
 	"github.com/ultravioletrs/cocos/manager/events"
 	"github.com/ultravioletrs/cocos/manager/qemu"
 	"github.com/ultravioletrs/cocos/manager/tracing"
-	"github.com/ultravioletrs/cocos/pkg/clients/grpc"
+	pkggrpc "github.com/ultravioletrs/cocos/pkg/clients/grpc"
 	managergrpc "github.com/ultravioletrs/cocos/pkg/clients/grpc/manager"
 	"go.opentelemetry.io/otel/trace"
 	"golang.org/x/sync/errgroup"
@@ -92,7 +92,7 @@ func main() {
 	args := qemuCfg.ConstructQemuArgs()
 	logger.Info(strings.Join(args, " "))
 
-	managerGRPCConfig := grpc.Config{}
+	managerGRPCConfig := pkggrpc.ManagerClientConfig{}
 	if err := env.ParseWithOptions(&managerGRPCConfig, env.Options{Prefix: envPrefixGRPC}); err != nil {
 		logger.Error(fmt.Sprintf("failed to load %s gRPC client configuration : %s", svcName, err))
 		exitCode = 1

go.mod

@@ -1,8 +1,6 @@
 module github.com/ultravioletrs/cocos
 
-go 1.22.7
-
-toolchain go1.23.1
+go 1.23.0
 
 require (
 	github.com/absmach/magistrala v0.14.1-0.20240709113739-04c359462746

internal/server/grpc/grpc.go

@@ -60,8 +60,9 @@ type serviceRegister func(srv *grpc.Server)
 
 var _ server.Server = (*Server)(nil)
 
-func New(ctx context.Context, cancel context.CancelFunc, name string, config server.Config, registerService serviceRegister, logger *slog.Logger, qp client.QuoteProvider, authSvc auth.Authenticator) server.Server {
-	listenFullAddress := fmt.Sprintf("%s:%s", config.Host, config.Port)
+func New(ctx context.Context, cancel context.CancelFunc, name string, config server.ServerConfiguration, registerService serviceRegister, logger *slog.Logger, qp client.QuoteProvider, authSvc auth.Authenticator) server.Server {
+	base := config.GetBaseConfig()
+	listenFullAddress := fmt.Sprintf("%s:%s", base.Host, base.Port)
 	return &Server{
 		BaseServer: server.BaseServer{
 			Ctx:     ctx,
@@ -91,96 +92,98 @@ func (s *Server) Start() error {
 
 	creds := grpc.Creds(insecure.NewCredentials())
 	var listener net.Listener = nil
+	switch c := s.Config.(type) {
+	case server.AgentConfig:
+		switch {
+		case c.AttestedTLS:
+			certificateBytes, privateKeyBytes, err := generateCertificatesForATLS()
+			if err != nil {
+				return fmt.Errorf("failed to create certificate: %w", err)
+			}
 
-	switch {
-	case s.Config.AttestedTLS:
-		certificateBytes, privateKeyBytes, err := generateCertificatesForATLS()
-		if err != nil {
-			return fmt.Errorf("failed to create certificate: %w", err)
-		}
-
-		certificate, err := tls.X509KeyPair(certificateBytes, privateKeyBytes)
-		if err != nil {
-			return fmt.Errorf("falied due to invalid key pair: %w", err)
-		}
+			certificate, err := tls.X509KeyPair(certificateBytes, privateKeyBytes)
+			if err != nil {
+				return fmt.Errorf("falied due to invalid key pair: %w", err)
+			}
 
-		tlsConfig := &tls.Config{
-			ClientAuth:   tls.NoClientCert,
-			Certificates: []tls.Certificate{certificate},
-		}
+			tlsConfig := &tls.Config{
+				ClientAuth:   tls.NoClientCert,
+				Certificates: []tls.Certificate{certificate},
+			}
 
-		creds = grpc.Creds(credentials.NewTLS(tlsConfig))
+			creds = grpc.Creds(credentials.NewTLS(tlsConfig))
 
-		listener, err = atls.Listen(
-			s.Address,
-			certificateBytes,
-			privateKeyBytes,
-		)
-		if err != nil {
-			return fmt.Errorf("failed to create Listener for aTLS: %w", err)
-		}
-		s.Logger.Info(fmt.Sprintf("%s service gRPC server listening at %s with Attested TLS", s.Name, s.Address))
+			listener, err = atls.Listen(
+				s.Address,
+				certificateBytes,
+				privateKeyBytes,
+			)
+			if err != nil {
+				return fmt.Errorf("failed to create Listener for aTLS: %w", err)
+			}
+			s.Logger.Info(fmt.Sprintf("%s service gRPC server listening at %s with Attested TLS", s.Name, s.Address))
 
-	case s.Config.CertFile != "" || s.Config.KeyFile != "":
-		certificate, err := loadX509KeyPair(s.Config.CertFile, s.Config.KeyFile)
-		if err != nil {
-			return fmt.Errorf("failed to load auth certificates: %w", err)
-		}
-		tlsConfig := &tls.Config{
-			ClientAuth:   tls.RequireAndVerifyClientCert,
-			Certificates: []tls.Certificate{certificate},
-		}
+		case c.CertFile != "" || c.KeyFile != "":
+			certificate, err := loadX509KeyPair(c.CertFile, c.KeyFile)
+			if err != nil {
+				return fmt.Errorf("failed to load auth certificates: %w", err)
+			}
+			tlsConfig := &tls.Config{
+				ClientAuth:   tls.RequireAndVerifyClientCert,
+				Certificates: []tls.Certificate{certificate},
+			}
 
-		var mtlsCA string
-		// Loading Server CA file
-		rootCA, err := loadCertFile(s.Config.ServerCAFile)
-		if err != nil {
-			return fmt.Errorf("failed to load root ca file: %w", err)
-		}
-		if len(rootCA) > 0 {
-			if tlsConfig.RootCAs == nil {
-				tlsConfig.RootCAs = x509.NewCertPool()
+			var mtlsCA string
+			// Loading Server CA file
+			rootCA, err := loadCertFile(c.ServerCAFile)
+			if err != nil {
+				return fmt.Errorf("failed to load root ca file: %w", err)
 			}
-			if !tlsConfig.RootCAs.AppendCertsFromPEM(rootCA) {
-				return fmt.Errorf("failed to append root ca to tls.Config")
+			if len(rootCA) > 0 {
+				if tlsConfig.RootCAs == nil {
+					tlsConfig.RootCAs = x509.NewCertPool()
+				}
+				if !tlsConfig.RootCAs.AppendCertsFromPEM(rootCA) {
+					return fmt.Errorf("failed to append root ca to tls.Config")
+				}
+				mtlsCA = fmt.Sprintf("root ca %s", c.ServerCAFile)
 			}
-			mtlsCA = fmt.Sprintf("root ca %s", s.Config.ServerCAFile)
-		}
 
-		// Loading Client CA File
-		clientCA, err := loadCertFile(s.Config.ClientCAFile)
-		if err != nil {
-			return fmt.Errorf("failed to load client ca file: %w", err)
-		}
-		if len(clientCA) > 0 {
-			if tlsConfig.ClientCAs == nil {
-				tlsConfig.ClientCAs = x509.NewCertPool()
+			// Loading Client CA File
+			clientCA, err := loadCertFile(c.ClientCAFile)
+			if err != nil {
+				return fmt.Errorf("failed to load client ca file: %w", err)
 			}
-			if !tlsConfig.ClientCAs.AppendCertsFromPEM(clientCA) {
-				return fmt.Errorf("failed to append client ca to tls.Config")
+			if len(clientCA) > 0 {
+				if tlsConfig.ClientCAs == nil {
+					tlsConfig.ClientCAs = x509.NewCertPool()
+				}
+				if !tlsConfig.ClientCAs.AppendCertsFromPEM(clientCA) {
+					return fmt.Errorf("failed to append client ca to tls.Config")
+				}
+				mtlsCA = fmt.Sprintf("%s client ca %s", mtlsCA, c.ClientCAFile)
+			}
+			creds = grpc.Creds(credentials.NewTLS(tlsConfig))
+			switch {
+			case mtlsCA != "":
+				s.Logger.Info(fmt.Sprintf("%s service gRPC server listening at %s with TLS/mTLS cert %s , key %s and %s", s.Name, s.Address, c.CertFile, c.KeyFile, mtlsCA))
+			default:
+				s.Logger.Info(fmt.Sprintf("%s service gRPC server listening at %s with TLS cert %s and key %s", s.Name, s.Address, c.CertFile, c.KeyFile))
 			}
-			mtlsCA = fmt.Sprintf("%s client ca %s", mtlsCA, s.Config.ClientCAFile)
-		}
-		creds = grpc.Creds(credentials.NewTLS(tlsConfig))
-		switch {
-		case mtlsCA != "":
-			s.Logger.Info(fmt.Sprintf("%s service gRPC server listening at %s with TLS/mTLS cert %s , key %s and %s", s.Name, s.Address, s.Config.CertFile, s.Config.KeyFile, mtlsCA))
-		default:
-			s.Logger.Info(fmt.Sprintf("%s service gRPC server listening at %s with TLS cert %s and key %s", s.Name, s.Address, s.Config.CertFile, s.Config.KeyFile))
-		}
 
-		listener, err = net.Listen("tcp", s.Address)
-		if err != nil {
-			return fmt.Errorf("failed to listen on port %s: %w", s.Address, err)
-		}
-	default:
-		var err error
+			listener, err = net.Listen("tcp", s.Address)
+			if err != nil {
+				return fmt.Errorf("failed to listen on port %s: %w", s.Address, err)
+			}
+		default:
+			var err error
 
-		listener, err = net.Listen("tcp", s.Address)
-		if err != nil {
-			return fmt.Errorf("failed to listen on port %s: %w", s.Address, err)
+			listener, err = net.Listen("tcp", s.Address)
+			if err != nil {
+				return fmt.Errorf("failed to listen on port %s: %w", s.Address, err)
+			}
+			s.Logger.Info(fmt.Sprintf("%s service gRPC server listening at %s without TLS", s.Name, s.Address))
 		}
-		s.Logger.Info(fmt.Sprintf("%s service gRPC server listening at %s without TLS", s.Name, s.Address))
 	}
 
 	grpcServerOptions = append(grpcServerOptions, creds)
@@ -223,31 +226,28 @@ func (s *Server) Stop() error {
 
 func loadCertFile(certFile string) ([]byte, error) {
 	if certFile != "" {
-		return os.ReadFile(certFile)
+		return readFileOrData(certFile)
 	}
 	return []byte{}, nil
 }
 
-func loadX509KeyPair(certfile, keyfile string) (tls.Certificate, error) {
-	var cert, key []byte
-	var err error
-
-	readFileOrData := func(input string) ([]byte, error) {
-		if len(input) < 1000 && !strings.Contains(input, "\n") {
-			data, err := os.ReadFile(input)
-			if err == nil {
-				return data, nil
-			}
+func readFileOrData(input string) ([]byte, error) {
+	if len(input) < 1000 && !strings.Contains(input, "\n") {
+		data, err := os.ReadFile(input)
+		if err == nil {
+			return data, nil
 		}
-		return []byte(input), nil
 	}
+	return []byte(input), nil
+}
 
-	cert, err = readFileOrData(certfile)
+func loadX509KeyPair(certfile, keyfile string) (tls.Certificate, error) {
+	cert, err := readFileOrData(certfile)
 	if err != nil {
 		return tls.Certificate{}, fmt.Errorf("failed to read cert: %v", err)
 	}
 
-	key, err = readFileOrData(keyfile)
+	key, err := readFileOrData(keyfile)
 	if err != nil {
 		return tls.Certificate{}, fmt.Errorf("failed to read key: %v", err)
 	}