2515 Added import/export

openziti · Dec 3, 2024 · 8d9034e · 8d9034e
1 parent 9a83ca8
commit 8d9034e
Show file tree

Hide file tree

Showing 38 changed files with 4,165 additions and 42 deletions.
diff --git a/go.mod b/go.mod
@@ -102,6 +102,8 @@ require (
 	github.com/MichaelMure/go-term-text v0.3.1 // indirect
 	github.com/alecthomas/chroma v0.10.0 // indirect
 	github.com/andybalholm/brotli v1.1.0 // indirect
+	github.com/antchfx/jsonquery v1.3.6 // indirect
+	github.com/antchfx/xpath v1.3.2 // indirect
 	github.com/antlr4-go/antlr/v4 v4.13.1 // indirect
 	github.com/armon/go-metrics v0.4.1 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
@@ -124,6 +126,7 @@ require (
 	github.com/go-openapi/analysis v0.23.0 // indirect
 	github.com/go-openapi/jsonpointer v0.21.0 // indirect
 	github.com/go-openapi/jsonreference v0.21.0 // indirect
+	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/gomarkdown/markdown v0.0.0-20230922112808-5421fefb8386 // indirect
 	github.com/gorilla/schema v1.4.1 // indirect
@@ -137,6 +140,7 @@ require (
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/josharian/native v1.1.0 // indirect
+	github.com/judedaryl/go-arrayutils v0.0.1 // indirect
 	github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect
 	github.com/kr/pty v1.1.8 // indirect
 	github.com/kyokomi/emoji/v2 v2.2.12 // indirect
@@ -159,6 +163,7 @@ require (
 	github.com/openziti-incubator/cf v0.0.3 // indirect
 	github.com/openziti/dilithium v0.3.5 // indirect
 	github.com/parallaxsecond/parsec-client-go v0.0.0-20221025095442-f0a77d263cf9 // indirect
+	github.com/patrickmn/go-cache v2.1.0+incompatible // indirect
 	github.com/pelletier/go-toml/v2 v2.2.2 // indirect
 	github.com/pion/dtls/v3 v3.0.4 // indirect
 	github.com/pion/logging v0.2.2 // indirect

diff --git a/go.sum b/go.sum
@@ -80,6 +80,10 @@ github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRF
 github.com/andybalholm/brotli v1.1.0 h1:eLKJA0d02Lf0mVpIDgYnqXcUn0GqVmEFny3VuID1U3M=
 github.com/andybalholm/brotli v1.1.0/go.mod h1:sms7XGricyQI9K10gOSf56VKKWS4oLer58Q+mhRPtnY=
 github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c=
+github.com/antchfx/jsonquery v1.3.6 h1:TaSfeAh7n6T11I74bsZ1FswreIfrbJ0X+OyLflx6mx4=
+github.com/antchfx/jsonquery v1.3.6/go.mod h1:fGzSGJn9Y826Qd3pC8Wx45avuUwpkePsACQJYy+58BU=
+github.com/antchfx/xpath v1.3.2 h1:LNjzlsSjinu3bQpw9hWMY9ocB80oLOWuQqFvO6xt51U=
+github.com/antchfx/xpath v1.3.2/go.mod h1:i54GszH55fYfBmoZXapTHN8T8tkcHfRgLyVwwqzXNcs=
 github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
 github.com/antlr4-go/antlr/v4 v4.13.1 h1:SqQKkuVZ+zWkMMNkjy5FZe5mr5WURWnlpmOuzYWrPrQ=
 github.com/antlr4-go/antlr/v4 v4.13.1/go.mod h1:GKmUxMtwp6ZgGwZSva4eWPC5mS6vUAmOABFgjdkM7Nw=
@@ -256,6 +260,8 @@ github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4er
 github.com/golang/groupcache v0.0.0-20191027212112-611e8accdfc9/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
+github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:tluoj9z5200jBnyusfRPU2LqT6J+DAorxEvtC7LHB+E=
 github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
 github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
@@ -427,6 +433,8 @@ github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/
 github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
 github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
 github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
+github.com/judedaryl/go-arrayutils v0.0.1 h1:89rWXRVp1c1gcE1UEWvFuohVMeYwfA0y4TMZtE8dS58=
+github.com/judedaryl/go-arrayutils v0.0.1/go.mod h1:vqtnlEkOBpDGHS3U3kQtMJZGTOC+SBFAQYj2KcxLf1A=
 github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
 github.com/kataras/go-events v0.0.3 h1:o5YK53uURXtrlg7qE/vovxd/yKOJcLuFtPQbf1rYMC4=
 github.com/kataras/go-events v0.0.3/go.mod h1:bFBgtzwwzrag7kQmGuU1ZaVxhK2qseYPQomXoVEMsj4=
@@ -610,6 +618,8 @@ github.com/parallaxsecond/parsec-client-go v0.0.0-20221025095442-f0a77d263cf9/go
 github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
 github.com/pascaldekloe/goe v0.1.0 h1:cBOtyMzM9HTpWjXfbbunk26uA6nG3a8n06Wieeh0MwY=
 github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
+github.com/patrickmn/go-cache v2.1.0+incompatible h1:HRMgzkcYKYpi3C8ajMPV8OFXaaRUnok+kx1WdO15EQc=
+github.com/patrickmn/go-cache v2.1.0+incompatible/go.mod h1:3Qf8kWWT7OJRJbdiICTKqZju1ZixQ/KpMGzzAfe6+WQ=
 github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
 github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c=
 github.com/pelletier/go-toml/v2 v2.2.2 h1:aYUidT7k73Pcl9nb2gScu7NSrKCSHIDE89b3+6Wq+LM=

diff --git a/internal/ascode/cache_util.go b/internal/ascode/cache_util.go
@@ -0,0 +1,32 @@
+package common
+
+import (
+	"errors"
+	"github.com/patrickmn/go-cache"
+	"log/slog"
+)
+
+type CacheGetter func(id string) (interface{}, error)
+
+func GetItemFromCache(c *cache.Cache, key string, fn CacheGetter) (interface{}, error) {
+	if key == "" {
+		return nil, errors.New("key is null, can't resolve from cache or get it from source")
+	}
+	detail, found := c.Get(key)
+	if !found {
+		slog.
+			With("key", key).
+			Debug("Item not in cache, getting from source")
+		var err error
+		detail, err = fn(key)
+		if err != nil {
+			return nil, errors.Join(errors.New("error reading: "+key), err)
+		}
+		c.Set(key, detail, cache.NoExpiration)
+		return detail, nil
+	}
+	slog.
+		With("key", key).
+		Debug("Item found in cache")
+	return detail, nil
+}
diff --git a/ziti/cmd/verify/common.go → internal/log_format.go b/ziti/cmd/verify/common.go → internal/log_format.go
@@ -1,26 +1,26 @@
 /*
-	Copyright NetFoundry Inc.
+Copyright NetFoundry Inc.
 
-	Licensed under the Apache License, Version 2.0 (the "License");
-	you may not use this file except in compliance with the License.
-	You may obtain a copy of the License at
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
 
-	https://www.apache.org/licenses/LICENSE-2.0
+https://www.apache.org/licenses/LICENSE-2.0
 
-	Unless required by applicable law or agreed to in writing, software
-	distributed under the License is distributed on an "AS IS" BASIS,
-	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-	See the License for the specific language governing permissions and
-	limitations under the License.
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
 */
-package verify
+package internal
 
 import (
 	"github.com/sirupsen/logrus"
 	"runtime"
 )
 
-func configureLogFormat(level logrus.Level) {
+func ConfigureLogFormat(level logrus.Level) {
 	logrus.SetLevel(level)
 	logrus.SetFormatter(&logrus.TextFormatter{
 		ForceColors:               true,

diff --git a/internal/rest/mgmt/helpers.go b/internal/rest/mgmt/helpers.go
@@ -1,17 +1,17 @@
 /*
-	Copyright NetFoundry Inc.
+Copyright NetFoundry Inc.
 
-	Licensed under the Apache License, Version 2.0 (the "License");
-	you may not use this file except in compliance with the License.
-	You may obtain a copy of the License at
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
 
-	https://www.apache.org/licenses/LICENSE-2.0
+https://www.apache.org/licenses/LICENSE-2.0
 
-	Unless required by applicable law or agreed to in writing, software
-	distributed under the License is distributed on an "AS IS" BASIS,
-	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-	See the License for the specific language governing permissions and
-	limitations under the License.
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
 */
 package mgmt
 
@@ -20,10 +20,19 @@ import (
 	"crypto/tls"
 	"crypto/x509"
 	"errors"
+	"fmt"
 	"github.com/openziti/edge-api/rest_management_api_client"
+	"github.com/openziti/edge-api/rest_management_api_client/auth_policy"
+	"github.com/openziti/edge-api/rest_management_api_client/certificate_authority"
+	"github.com/openziti/edge-api/rest_management_api_client/config"
 	rest_mgmt "github.com/openziti/edge-api/rest_management_api_client/current_api_session"
+	"github.com/openziti/edge-api/rest_management_api_client/edge_router"
+	"github.com/openziti/edge-api/rest_management_api_client/edge_router_policy"
+	"github.com/openziti/edge-api/rest_management_api_client/external_jwt_signer"
 	"github.com/openziti/edge-api/rest_management_api_client/identity"
+	"github.com/openziti/edge-api/rest_management_api_client/posture_checks"
 	"github.com/openziti/edge-api/rest_management_api_client/service"
+	"github.com/openziti/edge-api/rest_management_api_client/service_edge_router_policy"
 	"github.com/openziti/edge-api/rest_management_api_client/service_policy"
 	"github.com/openziti/edge-api/rest_model"
 	"github.com/openziti/edge-api/rest_util"
@@ -77,7 +86,157 @@ func ServicePolicyFromFilter(client *rest_management_api_client.ZitiEdgeManageme
 	params.SetTimeout(5 * time.Second)
 	resp, err := client.ServicePolicy.ListServicePolicies(params, nil)
 	if err != nil {
-		log.Errorf("Could not obtain an ID for the service with filter %s: %v", filter, err)
+		log.Errorf("Could not obtain an ID for the service policy with filter %s: %v", filter, err)
+		return nil
+	}
+	if resp == nil || resp.Payload == nil || resp.Payload.Data == nil || len(resp.Payload.Data) == 0 {
+		return nil
+	}
+	return resp.Payload.Data[0]
+}
+
+func AuthPolicyFromFilter(client *rest_management_api_client.ZitiEdgeManagement, filter string) *rest_model.AuthPolicyDetail {
+	params := &auth_policy.ListAuthPoliciesParams{
+		Filter:  &filter,
+		Context: context.Background(),
+	}
+	params.SetTimeout(5 * time.Second)
+	resp, err := client.AuthPolicy.ListAuthPolicies(params, nil)
+	if err != nil {
+		log.Errorf("Could not obtain an ID for the auth policy with filter %s: %v", filter, err)
+		return nil
+	}
+	if resp == nil || resp.Payload == nil || resp.Payload.Data == nil || len(resp.Payload.Data) == 0 {
+		return nil
+	}
+	return resp.Payload.Data[0]
+}
+
+func CertificateAuthorityFromFilter(client *rest_management_api_client.ZitiEdgeManagement, filter string) *rest_model.CaDetail {
+	params := &certificate_authority.ListCasParams{
+		Filter:  &filter,
+		Context: context.Background(),
+	}
+	params.SetTimeout(5 * time.Second)
+	resp, err := client.CertificateAuthority.ListCas(params, nil)
+	if err != nil {
+		log.Errorf("Could not obtain an ID for the certificate authority with filter %s: %v", filter, err)
+		return nil
+	}
+	if resp == nil || resp.Payload == nil || resp.Payload.Data == nil || len(resp.Payload.Data) == 0 {
+		return nil
+	}
+	return resp.Payload.Data[0]
+}
+
+func ConfigTypeFromFilter(client *rest_management_api_client.ZitiEdgeManagement, filter string) *rest_model.ConfigTypeDetail {
+	params := &config.ListConfigTypesParams{
+		Filter:  &filter,
+		Context: context.Background(),
+	}
+	params.SetTimeout(5 * time.Second)
+	resp, err := client.Config.ListConfigTypes(params, nil)
+	if err != nil {
+		log.Errorf("Could not obtain an ID for the config type with filter %s: %v", filter, err)
+		return nil
+	}
+	if resp == nil || resp.Payload == nil || resp.Payload.Data == nil || len(resp.Payload.Data) == 0 {
+		return nil
+	}
+	return resp.Payload.Data[0]
+}
+
+func ConfigFromFilter(client *rest_management_api_client.ZitiEdgeManagement, filter string) *rest_model.ConfigDetail {
+	params := &config.ListConfigsParams{
+		Filter:  &filter,
+		Context: context.Background(),
+	}
+	params.SetTimeout(5 * time.Second)
+	resp, err := client.Config.ListConfigs(params, nil)
+	if err != nil {
+		log.Errorf("Could not obtain an ID for the config with filter %s: %v", filter, err)
+		return nil
+	}
+	if resp == nil || resp.Payload == nil || resp.Payload.Data == nil || len(resp.Payload.Data) == 0 {
+		return nil
+	}
+	return resp.Payload.Data[0]
+}
+
+func ExternalJWTSignerFromFilter(client *rest_management_api_client.ZitiEdgeManagement, filter string) *rest_model.ExternalJWTSignerDetail {
+	params := &external_jwt_signer.ListExternalJWTSignersParams{
+		Filter:  &filter,
+		Context: context.Background(),
+	}
+	params.SetTimeout(5 * time.Second)
+	resp, err := client.ExternalJWTSigner.ListExternalJWTSigners(params, nil)
+	if err != nil {
+		log.Errorf("Could not obtain an ID for the external jwt signer with filter %s: %v", filter, err)
+		return nil
+	}
+	if resp == nil || resp.Payload == nil || resp.Payload.Data == nil || len(resp.Payload.Data) == 0 {
+		return nil
+	}
+	return resp.Payload.Data[0]
+}
+
+func PostureCheckFromFilter(client *rest_management_api_client.ZitiEdgeManagement, filter string) *rest_model.PostureCheckDetail {
+	params := &posture_checks.ListPostureChecksParams{
+		Filter:  &filter,
+		Context: context.Background(),
+	}
+	params.SetTimeout(5 * time.Second)
+	resp, err := client.PostureChecks.ListPostureChecks(params, nil)
+	if err != nil {
+		log.Errorf("Could not obtain an ID for the posture check with filter %s: %v", filter, err)
+		return nil
+	}
+	if resp == nil || resp.Payload == nil || resp.Payload.Data == nil || len(resp.Payload.Data()) == 0 {
+		return nil
+	}
+	return &resp.Payload.Data()[0]
+}
+
+func EdgeRouterPolicyFromFilter(client *rest_management_api_client.ZitiEdgeManagement, filter string) *rest_model.EdgeRouterPolicyDetail {
+	params := &edge_router_policy.ListEdgeRouterPoliciesParams{
+		Filter: &filter,
+	}
+	params.SetTimeout(5 * time.Second)
+	resp, err := client.EdgeRouterPolicy.ListEdgeRouterPolicies(params, nil)
+	if err != nil {
+		log.Errorf("Could not obtain an ID for the edge router policies with filter %s: %v", filter, err)
+		return nil
+	}
+	if resp == nil || resp.Payload == nil || resp.Payload.Data == nil || len(resp.Payload.Data) == 0 {
+		return nil
+	}
+	return resp.Payload.Data[0]
+}
+
+func EdgeRouterFromFilter(client *rest_management_api_client.ZitiEdgeManagement, filter string) *rest_model.EdgeRouterDetail {
+	params := &edge_router.ListEdgeRoutersParams{
+		Filter: &filter,
+	}
+	params.SetTimeout(5 * time.Second)
+	resp, err := client.EdgeRouter.ListEdgeRouters(params, nil)
+	if err != nil {
+		log.Errorf("Could not obtain an ID for the edge routers with filter %s: %v", filter, err)
+		return nil
+	}
+	if resp == nil || resp.Payload == nil || resp.Payload.Data == nil || len(resp.Payload.Data) == 0 {
+		return nil
+	}
+	return resp.Payload.Data[0]
+}
+
+func ServiceEdgeRouterPolicyFromFilter(client *rest_management_api_client.ZitiEdgeManagement, filter string) *rest_model.ServiceEdgeRouterPolicyDetail {
+	params := &service_edge_router_policy.ListServiceEdgeRouterPoliciesParams{
+		Filter: &filter,
+	}
+	params.SetTimeout(5 * time.Second)
+	resp, err := client.ServiceEdgeRouterPolicy.ListServiceEdgeRouterPolicies(params, nil)
+	if err != nil {
+		log.Errorf("Could not obtain an ID for the ServiceEdgeRouterPolicy routers with filter %s: %v", filter, err)
 		return nil
 	}
 	if resp == nil || resp.Payload == nil || resp.Payload.Data == nil || len(resp.Payload.Data) == 0 {
@@ -87,7 +246,7 @@ func ServicePolicyFromFilter(client *rest_management_api_client.ZitiEdgeManageme
 }
 
 func NameFilter(name string) string {
-	return `name="` + name + `"`
+	return fmt.Sprintf("name = \"%s\"", name)
 }
 
 func NewClient() (*rest_management_api_client.ZitiEdgeManagement, error) {
@@ -100,7 +259,7 @@ func NewClient() (*rest_management_api_client.ZitiEdgeManagement, error) {
 	if cachedId == nil {
 		return nil, errors.New("no identity found")
 	}
-	
+
 	caPool := x509.NewCertPool()
 	if _, cacertErr := os.Stat(cachedId.CaCert); cacertErr == nil {
 		rootPemData, err := os.ReadFile(cachedId.CaCert)
@@ -111,7 +270,7 @@ func NewClient() (*rest_management_api_client.ZitiEdgeManagement, error) {
 	} else {
 		return nil, errors.New("CA cert file not found in config file")
 	}
-	
+
 	tlsConfig := &tls.Config{
 		RootCAs: caPool,
 	}
@@ -137,4 +296,4 @@ func NewClient() (*rest_management_api_client.ZitiEdgeManagement, error) {
 		return nil, errors.New("client not authenticated. login with 'ziti edge login' before executing")
 	}
 	return c, nil
-}
+}