From 906d836cd6b3b0c310006b3dd7325992917f87e2 Mon Sep 17 00:00:00 2001 From: Christina Ying Wang Date: Thu, 17 Aug 2023 15:38:02 -0700 Subject: [PATCH] Add /os/v2/config endpoint for config.json migration See: https://balena.fibery.io/Work/Improvement/os-config-improving-the-interface-for-config.json-modification-901 Change-type: minor Signed-off-by: Christina Ying Wang --- src/features/os-config/index.ts | 48 ++++++++++++++++++++++----------- test/22_os-config.ts | 35 ++++++++++++++++++++++++ 2 files changed, 68 insertions(+), 15 deletions(-) create mode 100644 test/22_os-config.ts diff --git a/src/features/os-config/index.ts b/src/features/os-config/index.ts index 4885a972b0..3cd2ab1dfd 100644 --- a/src/features/os-config/index.ts +++ b/src/features/os-config/index.ts @@ -1,27 +1,45 @@ -import type { Application, RequestHandler } from 'express'; +import type { Application } from 'express'; import { DEVICE_CONFIG_OPENVPN_CA, DEVICE_CONFIG_OPENVPN_CONFIG, DEVICE_CONFIG_SSH_AUTHORIZED_KEYS, + LOGS_HOST, } from '../../lib/config'; import { b64decode } from '../../lib/utils'; -const getOsConfiguration: RequestHandler = (_req, res) => { - res.json({ - services: { - openvpn: { - config: DEVICE_CONFIG_OPENVPN_CONFIG, - ca: b64decode(DEVICE_CONFIG_OPENVPN_CA), - }, - ssh: { - authorized_keys: DEVICE_CONFIG_SSH_AUTHORIZED_KEYS, - }, - }, - schema_version: '1.0.0', - }); +// OS service configurations +const services = { + openvpn: { + config: DEVICE_CONFIG_OPENVPN_CONFIG, + ca: b64decode(DEVICE_CONFIG_OPENVPN_CA), + }, + ssh: { + authorized_keys: DEVICE_CONFIG_SSH_AUTHORIZED_KEYS, + }, +}; + +// Config.json migrations: changes should be evaluated for security risks before applying. +const config = { + // config.json fields to add or change + update: { + logsEndpoint: LOGS_HOST != null ? `https://${LOGS_HOST}` : undefined, + }, + // config.json fields to delete + delete: [], }; export const setup = (app: Application) => { - app.get('/os/v1/config/', getOsConfiguration); + app.get('/os/v1/config/', (_req, res) => { + res.json({ + services, + schema_version: '1.0.0', + }); + }); + app.get('/os/v2/config', (_req, res) => { + res.json({ + services, + config, + }); + }); }; diff --git a/test/22_os-config.ts b/test/22_os-config.ts new file mode 100644 index 0000000000..908f4b67fc --- /dev/null +++ b/test/22_os-config.ts @@ -0,0 +1,35 @@ +import { expect } from 'chai'; + +import { supertest } from './test-lib/supertest'; +import { LOGS_HOST } from '../src/lib/config'; + +describe('OS configuration endpoints', () => { + describe('/os/v1/config', () => { + it('should return a valid JSON response', async () => { + const { body } = await supertest().get('/os/v1/config').expect(200); + + expect(body) + .to.have.property('services') + .that.has.all.keys('openvpn', 'ssh'); + expect(body).to.have.property('schema_version').that.equals('1.0.0'); + }); + }); + + describe('/os/v2/config', () => { + it('should return a valid JSON response', async () => { + const { body } = await supertest().get('/os/v2/config').expect(200); + + expect(body) + .to.have.property('services') + .that.has.all.keys('openvpn', 'ssh'); + expect(body) + .to.have.property('config') + .that.deep.equals({ + update: { + logsEndpoint: LOGS_HOST ? `https://${LOGS_HOST}` : undefined, + }, + delete: [], + }); + }); + }); +});