Skip to content

Commit

Permalink
Merge from main, fixed 2 small issues potentially
Browse files Browse the repository at this point in the history
Inside boefjes/boefjes/plugins/kat_burpsuite/normalize.py `ip` was seen
as a non-OOI by pre-commit. This has been changed to `ip_ooi`

Inside rocky/onboarding/views.py had the same issue, `_url` got renamed
to `url`
  • Loading branch information
Souf149 committed Oct 3, 2024
1 parent 571036c commit 8e1b6f0
Show file tree
Hide file tree
Showing 830 changed files with 43,091 additions and 20,852 deletions.
2 changes: 2 additions & 0 deletions .env-dist
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,8 @@ BYTES_DB_URI=postgresql://${BYTES_DB_USER}:${BYTES_DB_PASSWORD}@postgres:5432/${
# --- Octopoes --- #
# See `octopoes/octopoes/config/settings.py`

# Number of Celery workers (for the Octopoes API worker) that need to be started
CELERY_WORKER_CONCURRENCY=${CELERY_WORKER_CONCURRENCY:-4}

# --- Mula --- #
# See `mula/scheduler/config/settings.py`
Expand Down
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -444,3 +444,4 @@ nl-kat-*
/boefjes/boefjes/plugins/kat_rpki/rpki-meta.json

*.pstat
**/.cache*
4 changes: 3 additions & 1 deletion .pre-commit-config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -91,11 +91,13 @@ repos:
- httpx
- types-python-dateutil
- types-requests
- types-croniter
exclude: |
(?x)(
^boefjes/tools |
^keiko/templates |
^mula/whitelist\.py$ |
^mula/scripts |
^octopoes/tools |
^rocky/whitelist\.py$ |
/tests/ |
Expand All @@ -108,7 +110,7 @@ repos:
hooks:
- id: codespell
additional_dependencies: ["tomli"]
args: [-L, lama]
args: ["-L", "lama", "--ignore-regex", ".{1024}|.*codespell-ignore.*"]
exclude: |
(?x)(
\.po$ |
Expand Down
37 changes: 34 additions & 3 deletions boefjes/.ci/.env.test
Original file line number Diff line number Diff line change
@@ -1,11 +1,42 @@
POSTGRES_USER=postgres
POSTGRES_PASSWORD=postgres
POSTGRES_DB=ci_katalogus
POSTGRES_DB=test

KATALOGUS_DB_URI=postgresql://postgres:postgres@ci_katalogus-db:5432/ci_katalogus
KATALOGUS_DB_URI=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@ci_katalogus-db:5432/${POSTGRES_DB}

CI=1

ENCRYPTION_MIDDLEWARE=NACL_SEALBOX
BOEFJES_ENCRYPTION_MIDDLEWARE=NACL_SEALBOX
KATALOGUS_PRIVATE_KEY_B64=Vpb0g34rGFbnoUuiSjkFr8TKh278AViSJEdjII5DvQY=
KATALOGUS_PUBLIC_KEY_B64=iR/vPrBVrx0LXOiwK6DMB3QCggjzQXDtj/hyVK7mpy8=
BOEFJES_API=http://placeholder:1234


# Benchmark setup
RABBITMQ_DEFAULT_VHOST=kat
RABBITMQ_DEFAULT_USER=ci_user
RABBITMQ_DEFAULT_PASS=ci_pass

QUEUE_URI=amqp://${RABBITMQ_DEFAULT_USER}:${RABBITMQ_DEFAULT_PASS}@ci_rabbitmq:5672/${RABBITMQ_DEFAULT_VHOST}

KATALOGUS_API=http://ci_katalogus:8080
OCTOPOES_API=http://ci_octopoes:80
XTDB_URI=http://ci_xtdb:3000
BYTES_API=http://ci_bytes:8000
SCHEDULER_API=http://placeholder:8000

CI=1

# CI Bytes configuration

BYTES_SECRET=3d54f6e4e65723aa678d17d8fd22aba5234136d3e44e5a77305dedaa8ce13f45
BYTES_ACCESS_TOKEN_EXPIRE_MINUTES=1000
BYTES_USERNAME=test
BYTES_PASSWORD=secret
BYTES_ENCRYPTION_MIDDLEWARE=IDENTITY

BYTES_DB_URI=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@ci_bytes-db:5432/${POSTGRES_DB}
BYTES_LOG_FILE=/var/log/bytes-test.log
BYTES_FILE_PERMISSION=555

BYTES_METRICS_TTL_SECONDS=0
99 changes: 99 additions & 0 deletions boefjes/.ci/docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ services:
command: sh -c 'python -m pytest -v tests/integration'
depends_on:
- ci_katalogus-db
- ci_katalogus
env_file:
- .ci/.env.test
volumes:
Expand All @@ -17,3 +18,101 @@ services:
image: docker.io/library/postgres:15
env_file:
- .ci/.env.test

migration_bench:
build:
context: ..
dockerfile: boefjes/Dockerfile
args:
- ENVIRONMENT=dev
command: bash -c "python -m cProfile -o .ci/bench_$(date +%Y_%m_%d-%H:%M:%S).pstat -m pytest -v -m slow tests/integration"
depends_on:
- ci_bytes
- ci_octopoes
- ci_katalogus-db
env_file:
- .ci/.env.test
volumes:
- .:/app/boefjes
environment:
- DATABASE_MIGRATION=1

ci_bytes:
build:
context: ../bytes
args:
ENVIRONMENT: dev
command: uvicorn bytes.api:app --host 0.0.0.0
depends_on:
ci_rabbitmq:
condition: service_healthy
ci_bytes-db:
condition: service_started
env_file:
- .ci/.env.test
environment:
- DATABASE_MIGRATION=1

ci_bytes-db:
image: docker.io/library/postgres:15
env_file:
- .ci/.env.test

ci_octopoes:
build:
context: ../octopoes
command: uvicorn octopoes.api.api:app --host 0.0.0.0 --port 80
depends_on:
ci_rabbitmq:
condition: service_healthy
ci_xtdb:
condition: service_started
ci_katalogus:
condition: service_started
ci_octopoes_api_worker:
condition: service_started
env_file:
- .ci/.env.test

ci_rabbitmq:
restart: on-failure
image: "docker.io/library/rabbitmq:3.12-management"
healthcheck:
test: ["CMD", "rabbitmqctl", "status"]
interval: 5s
retries: 4
env_file:
- .ci/.env.test

ci_xtdb:
image: "ghcr.io/dekkers/xtdb-http-multinode:v1.1.0"

ci_octopoes_api_worker:
build:
context: ../octopoes
command: celery -A octopoes.tasks.tasks worker -E --loglevel=INFO
depends_on:
ci_rabbitmq:
condition: service_healthy
ci_xtdb:
condition: service_started
env_file:
- .ci/.env.test
ulimits:
nofile:
soft: 262144
hard: 262144

ci_katalogus:
build:
context: ..
dockerfile: boefjes/Dockerfile
args:
- ENVIRONMENT=dev
command: uvicorn boefjes.katalogus.root:app --host 0.0.0.0 --port 8080
depends_on:
- ci_katalogus-db
env_file:
- .ci/.env.test
volumes:
- .:/app/boefjes
4 changes: 2 additions & 2 deletions boefjes/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -20,10 +20,10 @@ RUN --mount=type=cache,target=/root/.cache \
pip install --upgrade pip \
&& if [ "$ENVIRONMENT" = "dev" ]; \
then \
grep -v git+https:// requirements-dev.txt | pip install -r /dev/stdin ; \
grep -v git+https:// requirements-dev.txt | pip install -r /dev/stdin && \
grep git+https:// requirements-dev.txt | pip install -r /dev/stdin ; \
else \
grep -v git+https:// requirements.txt | pip install -r /dev/stdin ;\
grep -v git+https:// requirements.txt | pip install -r /dev/stdin && \
grep git+https:// requirements.txt | pip install -r /dev/stdin ; \
fi

Expand Down
6 changes: 6 additions & 0 deletions boefjes/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,12 @@ itest: ## Run the integration tests.
$(ci-docker-compose) run --rm katalogus_integration
$(ci-docker-compose) down

bench: ## Run the report benchmark.
$(ci-docker-compose) build
$(ci-docker-compose) down --remove-orphans
$(ci-docker-compose) run --rm migration_bench
$(ci-docker-compose) stop

debian12:
docker run --rm \
--env PKG_NAME=kat-boefjes \
Expand Down
23 changes: 22 additions & 1 deletion boefjes/boefjes/__main__.py
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
import logging.config

import click
import structlog

from boefjes.app import get_runtime_manager
from boefjes.config import settings
Expand All @@ -10,7 +11,27 @@
with settings.log_cfg.open() as f:
logging.config.dictConfig(json.load(f))

logger = logging.getLogger(__name__)
structlog.configure(
processors=[
structlog.contextvars.merge_contextvars,
structlog.processors.add_log_level,
structlog.processors.StackInfoRenderer(),
structlog.dev.set_exc_info,
structlog.stdlib.PositionalArgumentsFormatter(),
structlog.processors.TimeStamper("iso", utc=False),
(
structlog.dev.ConsoleRenderer(colors=True, pad_level=False)
if settings.logging_format == "text"
else structlog.processors.JSONRenderer()
),
],
context_class=dict,
logger_factory=structlog.stdlib.LoggerFactory(),
wrapper_class=structlog.stdlib.BoundLogger,
cache_logger_on_first_use=True,
)

logger = structlog.get_logger(__name__)


@click.command()
Expand Down
50 changes: 25 additions & 25 deletions boefjes/boefjes/api.py
Original file line number Diff line number Diff line change
@@ -1,10 +1,11 @@
import base64
import logging
import multiprocessing
from datetime import datetime, timezone
from enum import Enum
from multiprocessing.context import ForkContext, ForkProcess
from uuid import UUID

import structlog
from fastapi import Depends, FastAPI, HTTPException, Response
from httpx import HTTPError, HTTPStatusError
from pydantic import BaseModel, ConfigDict, Field
Expand All @@ -13,18 +14,20 @@
from boefjes.clients.bytes_client import BytesAPIClient
from boefjes.clients.scheduler_client import SchedulerAPIClient, TaskStatus
from boefjes.config import settings
from boefjes.job_handler import get_environment_settings, get_octopoes_api_connector, serialize_ooi
from boefjes.dependencies.plugins import PluginService, get_plugin_service
from boefjes.job_handler import get_environment_settings, get_octopoes_api_connector
from boefjes.job_models import BoefjeMeta
from boefjes.local_repository import LocalPluginRepository, get_local_repository
from boefjes.models import PluginType
from boefjes.plugins.models import _default_mime_types
from octopoes.models import Reference
from octopoes.models.exception import ObjectNotFoundException

app = FastAPI(title="Boefje API")
logger = logging.getLogger(__name__)
logger = structlog.get_logger(__name__)
ctx: ForkContext = multiprocessing.get_context("fork")


class UvicornServer(multiprocessing.Process):
class UvicornServer(ForkProcess):
def __init__(self, config: Config):
super().__init__()
self.server = Server(config=config)
Expand Down Expand Up @@ -58,7 +61,7 @@ class StatusEnum(str, Enum):

class File(BaseModel):
name: str | None = None
content: str = Field(..., contentEncoding="base64")
content: str = Field(json_schema_extra={"contentEncoding": "base64"})
tags: list[str] | None = None


Expand All @@ -85,44 +88,46 @@ async def root():


@app.get("/api/v0/tasks/{task_id}", response_model=BoefjeInput)
async def boefje_input(
def boefje_input(
task_id: UUID,
scheduler_client: SchedulerAPIClient = Depends(get_scheduler_client),
local_repository: LocalPluginRepository = Depends(get_local_repository),
plugin_service: PluginService = Depends(get_plugin_service),
):
task = get_task(task_id, scheduler_client)

if task.status is not TaskStatus.RUNNING:
raise HTTPException(status_code=403, detail="Task does not have status running")

boefje_meta = create_boefje_meta(task, local_repository)
plugin = plugin_service.by_plugin_id(task.data.boefje.id, task.data.organization)
boefje_meta = create_boefje_meta(task, plugin)

output_url = str(settings.api).rstrip("/") + f"/api/v0/tasks/{task_id}"
return BoefjeInput(task_id=task_id, output_url=output_url, boefje_meta=boefje_meta)


@app.post("/api/v0/tasks/{task_id}")
async def boefje_output(
def boefje_output(
task_id: UUID,
boefje_output: BoefjeOutput,
scheduler_client: SchedulerAPIClient = Depends(get_scheduler_client),
bytes_client: BytesAPIClient = Depends(get_bytes_client),
local_repository: LocalPluginRepository = Depends(get_local_repository),
plugin_service: PluginService = Depends(get_plugin_service),
):
task = get_task(task_id, scheduler_client)

if task.status is not TaskStatus.RUNNING:
raise HTTPException(status_code=403, detail="Task does not have status running")

boefje_meta = create_boefje_meta(task, local_repository)
plugin = plugin_service.by_plugin_id(task.data.boefje.id, task.data.organization)
boefje_meta = create_boefje_meta(task, plugin)
boefje_meta.started_at = task.modified_at
boefje_meta.ended_at = datetime.now(timezone.utc)

bytes_client.login()
bytes_client.save_boefje_meta(boefje_meta)

if boefje_output.files:
mime_types = _default_mime_types(task.p_item.data.boefje)
mime_types = _default_mime_types(boefje_meta.boefje)
for file in boefje_output.files:
raw = base64.b64decode(file.content)
# when supported, also save file.name to Bytes
Expand All @@ -148,15 +153,10 @@ def get_task(task_id, scheduler_client):
return task


def create_boefje_meta(task, local_repository):
boefje = task.p_item.data.boefje
boefje_resource = local_repository.by_id(boefje.id)
env_keys = boefje_resource.environment_keys
environment = get_environment_settings(task.p_item.data, env_keys) if env_keys else {}

organization = task.p_item.data.organization
input_ooi = task.p_item.data.input_ooi
arguments = {"oci_arguments": boefje_resource.oci_arguments}
def create_boefje_meta(task, plugin: PluginType) -> BoefjeMeta:
organization = task.data.organization
input_ooi = task.data.input_ooi
arguments = {"oci_arguments": plugin.oci_arguments}

if input_ooi:
reference = Reference.from_str(input_ooi)
Expand All @@ -165,14 +165,14 @@ def create_boefje_meta(task, local_repository):
except ObjectNotFoundException as e:
raise ObjectNotFoundException(f"Object {reference} not found in Octopoes") from e

arguments["input"] = serialize_ooi(ooi)
arguments["input"] = ooi.serialize()

boefje_meta = BoefjeMeta(
id=task.id,
boefje=boefje,
boefje=task.data.boefje,
input_ooi=input_ooi,
arguments=arguments,
organization=organization,
environment=environment,
environment=get_environment_settings(task.data, plugin.boefje_schema),
)
return boefje_meta
Loading

0 comments on commit 8e1b6f0

Please sign in to comment.