Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improvement on upgrade mechanism #1732

Merged
merged 1 commit into from
Nov 15, 2023
Merged

Improvement on upgrade mechanism #1732

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 9 additions & 6 deletions .github/workflows/build-publish-binaries.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ on:

env:
DF_BIN_VER: ${{ inputs.ver }}
VERSION: ${{ inputs.ver }}

jobs:
docker:
Expand All @@ -35,12 +36,14 @@ jobs:
mkdir -p /tmp/binaries/$DF_BIN_VER
cd /tmp/binaries/$DF_BIN_VER
id=$(docker create deepfenceio/deepfence_agent_ce:latest)
docker cp $id:/usr/local/bin/syft - > syft
docker cp $id:/home/deepfence/bin/yara-hunter/YaraHunter - > YaraHunter
docker cp $id:/home/deepfence/bin/secret-scanner/SecretScanner - > SecretScanner
docker cp $id:/usr/local/discovery/deepfence-discovery - > deepfence-discovery
docker cp $id:/opt/td-agent-bit/bin/fluent-bit - > fluent-bit
docker cp $id:/usr/local/bin/compliance_check/compliance - > compliance
docker cp $id:/bin/deepfenced self
docker cp $id:/home/deepfence/bin/package-scanner package_scanner
docker cp $id:/home/deepfence/bin/yara-hunter/YaraHunter malware_scanner
docker cp $id:/home/deepfence/bin/secret-scanner/SecretScanner secret_scanner
docker cp $id:/usr/local/discovery/deepfence-discovery discovery
docker cp $id:/opt/td-agent-bit/bin/fluent-bit fluentbit
docker cp $id:/usr/local/bin/syft syft
docker cp $id:/usr/local/bin/compliance_check/compliance compliance
tar zcvf binaries.tar.gz ./*
docker rm -v $id

Expand Down
2 changes: 1 addition & 1 deletion deepfence_agent/plugins/SecretScanner
Open in desktop
Submodule SecretScanner updated 1 files
+3 −3 Dockerfile
2 changes: 1 addition & 1 deletion deepfence_agent/plugins/YaraHunter
Open in desktop
Submodule YaraHunter updated 1 files
+2 −2 docs/yara-rules/listing.json
2 changes: 1 addition & 1 deletion deepfence_agent/plugins/package-scanner
Open in desktop
Submodule package-scanner updated 2 files
+1 −1 tools/grype-bin/get_grype.sh
+1 −1 tools/syft-bin/get_syft.sh
16 changes: 8 additions & 8 deletions deepfence_agent/run_discovery.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ PROBE_TRACKDEPLOADS=${DF_ENABLE_TRACKDEPLOADS:-"false"}
PROBE_LOG_LEVEL=${LOG_LEVEL:-info}

if [[ "$DF_CLUSTER_AGENT" == "true" ]]; then
/home/deepfence/deepfence_exe \
exec /home/deepfence/deepfence_exe \
--mode=probe \
--probe.kubernetes.role=cluster \
--probe.log.level="$PROBE_LOG_LEVEL" \
Expand Down Expand Up @@ -41,20 +41,20 @@ fi

if [[ "$DF_KUBERNETES_ON" == "Y" ]]; then
if [[ "$CONTAINER_RUNTIME" == "containerd" ]] || [[ "$CONTAINER_RUNTIME" = "crio" ]]; then
env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=false --probe.podman=false --probe.cri=true --probe.cri.endpoint="$CRI_ENDPOINT" --probe.kubernetes="true" --probe.kubernetes.role=host --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
exec env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=false --probe.podman=false --probe.cri=true --probe.cri.endpoint="$CRI_ENDPOINT" --probe.kubernetes="true" --probe.kubernetes.role=host --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
elif [[ "$CONTAINER_RUNTIME" == "podman" ]]; then
env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=false --probe.podman=true --probe.podman.endpoint="$CRI_ENDPOINT" --probe.cri=false --probe.kubernetes="true" --probe.kubernetes.role=host --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
exec env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=false --probe.podman=true --probe.podman.endpoint="$CRI_ENDPOINT" --probe.cri=false --probe.kubernetes="true" --probe.kubernetes.role=host --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
else
env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=true --probe.podman=false --probe.cri=false --probe.kubernetes="true" --probe.kubernetes.role=host --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
exec env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=true --probe.podman=false --probe.cri=false --probe.kubernetes="true" --probe.kubernetes.role=host --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
fi
else
if [[ "$DF_SERVERLESS" == "true" ]]; then
env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=false --probe.podman=false --probe.cri=false --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.conntrack=false --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
exec env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=false --probe.podman=false --probe.cri=false --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.conntrack=false --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
elif [[ "$CONTAINER_RUNTIME" == "podman" ]]; then
env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=false --probe.podman=true --probe.podman.endpoint="$CRI_ENDPOINT" --probe.cri=false --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.conntrack=false --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
exec env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=false --probe.podman=true --probe.podman.endpoint="$CRI_ENDPOINT" --probe.cri=false --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.conntrack=false --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
elif [[ "$CONTAINER_RUNTIME" == "unknown" ]]; then
env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=false --probe.podman=false --probe.cri=false --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.conntrack=false --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
exec env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=false --probe.podman=false --probe.cri=false --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.conntrack=false --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
else
env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=true --probe.podman=false --probe.cri=false --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
exec env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=true --probe.podman=false --probe.cri=false --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
fi
fi
4 changes: 2 additions & 2 deletions deepfence_bootstrapper/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
VERSION=`git describe --tags`
VERSION?=`git describe --tags`

all: deepfence_bootstrapper

local: deepfence_bootstrapper

prepare:
docker run --rm -i -v $(ROOT_MAKEFILE_DIR):/src:rw -v /tmp/go:/go:rw deepfenceio/deepfence_builder_ce:$(DF_IMG_TAG) bash -c 'cd /src/deepfence_bootstrapper && make deepfence_bootstrapper'
docker run --rm -i -e VERSION=${VERSION} -v $(ROOT_MAKEFILE_DIR):/src:rw -v /tmp/go:/go:rw deepfenceio/deepfence_builder_ce:$(DF_IMG_TAG) bash -c 'cd /src/deepfence_bootstrapper && make deepfence_bootstrapper'

vendor: go.mod $(shell find ../deepfence_utils -path ../deepfence_utils/vendor -prune -o -name '*.go')
go mod tidy -v
Expand Down
8 changes: 4 additions & 4 deletions deepfence_bootstrapper/assets/config.ini
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ maxcpu = 10
maxmem = 100000

[process:fluentbit]
command=/bin/bash -c "$DF_INSTALL_DIR/opt/td-agent-bit/bin/fluent-bit -c $DF_INSTALL_DIR/etc/td-agent-bit/fluentbit-agent.conf"
command=/bin/bash -c "exec $DF_INSTALL_DIR/opt/td-agent-bit/bin/fluent-bit -c $DF_INSTALL_DIR/etc/td-agent-bit/fluentbit-agent.conf"
path=$DF_INSTALL_DIR/opt/td-agent-bit/bin/fluent-bit
autostart=true
autorestart=true
Expand All @@ -15,19 +15,19 @@ autostart=true
autorestart=true

[process:package_scanner]
command=/bin/bash -c "rm -f $DF_INSTALL_DIR/tmp/package-scanner.sock && $DF_INSTALL_DIR/home/deepfence/bin/package-scanner -socket-path $DF_INSTALL_DIR/tmp/package-scanner.sock -mode grpc-server"
command=/bin/bash -c "rm -f $DF_INSTALL_DIR/tmp/package-scanner.sock && exec $DF_INSTALL_DIR/home/deepfence/bin/package-scanner -socket-path $DF_INSTALL_DIR/tmp/package-scanner.sock -mode grpc-server"
path=$DF_INSTALL_DIR/home/deepfence/bin/package-scanner
autostart=true
autorestart=true

[process:secret_scanner]
command=/bin/bash -c "rm -f $DF_INSTALL_DIR/tmp/secret-scanner.sock && $DF_INSTALL_DIR/home/deepfence/bin/secret-scanner/SecretScanner --config-path $DF_INSTALL_DIR/home/deepfence/bin/secret-scanner --socket-path=$DF_INSTALL_DIR/tmp/secret-scanner.sock"
command=/bin/bash -c "rm -f $DF_INSTALL_DIR/tmp/secret-scanner.sock && exec $DF_INSTALL_DIR/home/deepfence/bin/secret-scanner/SecretScanner --config-path $DF_INSTALL_DIR/home/deepfence/bin/secret-scanner --socket-path=$DF_INSTALL_DIR/tmp/secret-scanner.sock"
path=$DF_INSTALL_DIR/home/deepfence/bin/secret-scanner/SecretScanner
autostart=true
autorestart=true

[process:malware_scanner]
command=/bin/bash -c "rm -f $DF_INSTALL_DIR/tmp/yara-hunter.sock && $DF_INSTALL_DIR/home/deepfence/bin/yara-hunter/YaraHunter --config-path $DF_INSTALL_DIR/home/deepfence/bin/yara-hunter --rules-path $DF_INSTALL_DIR/home/deepfence/bin/yara-hunter/yara-rules --socket-path=$DF_INSTALL_DIR/tmp/yara-hunter.sock --enable-updater=false"
command=/bin/bash -c "rm -f $DF_INSTALL_DIR/tmp/yara-hunter.sock && exec $DF_INSTALL_DIR/home/deepfence/bin/yara-hunter/YaraHunter --config-path $DF_INSTALL_DIR/home/deepfence/bin/yara-hunter --rules-path $DF_INSTALL_DIR/home/deepfence/bin/yara-hunter/yara-rules --socket-path=$DF_INSTALL_DIR/tmp/yara-hunter.sock --enable-updater=false"
path=$DF_INSTALL_DIR/home/deepfence/bin/yara-hunter/YaraHunter
autostart=true
autorestart=true
3 changes: 3 additions & 0 deletions deepfence_bootstrapper/controls/controls.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ func SetClusterAgentControls(k8sClusterName string) {
func(req ctl.StartAgentUpgradeRequest) error {
log.Info().Msg("Start Cluster Agent Upgrade")
router.SetUpgrade()
defer router.UnsetUpgrade()
return StartClusterAgentUpgrade(req)
})
if err != nil {
Expand Down Expand Up @@ -110,6 +111,7 @@ func SetAgentControls() {
func(req ctl.StartAgentUpgradeRequest) error {
log.Info().Msg("Start Agent Upgrade")
router.SetUpgrade()
defer router.UnsetUpgrade()
return router.StartAgentUpgrade(req)
})
if err != nil {
Expand All @@ -119,6 +121,7 @@ func SetAgentControls() {
func(req ctl.EnableAgentPluginRequest) error {
log.Info().Msg("Start & download Agent Plugin")
router.SetUpgrade()
defer router.UnsetUpgrade()
err = supervisor.UpgradeProcessFromURL(req.PluginName, req.BinUrl)
if err != nil {
return err
Expand Down
4 changes: 4 additions & 0 deletions deepfence_bootstrapper/router/openapi_client_controls.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -134,6 +134,10 @@ func SetUpgrade() {
upgrade.Store(true)
}

func UnsetUpgrade() {
upgrade.Store(false)
}

func getUpgradeWorkload() int32 {
if upgrade.Load() {
return MAX_AGENT_WORKLOAD
Expand Down
26 changes: 25 additions & 1 deletion deepfence_bootstrapper/router/upgrade.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (
"os"
"os/exec"
"path/filepath"
"syscall"

"github.com/deepfence/ThreatMapper/deepfence_bootstrapper/supervisor"
ctl "github.com/deepfence/ThreatMapper/deepfence_utils/controls"
Expand Down Expand Up @@ -49,6 +50,9 @@ func StartAgentUpgrade(req ctl.StartAgentUpgradeRequest) error {
if err != nil {
return err
}
if info.IsDir() {
return nil
}
plugins = append(plugins, NamePath{name: filepath.Base(path), path: path})
return nil
})
Expand All @@ -57,16 +61,36 @@ func StartAgentUpgrade(req ctl.StartAgentUpgradeRequest) error {
return err
}

restart := false
for _, plugin := range plugins {
err = supervisor.UpgradeProcessFromFile(plugin.name, plugin.path)
if err != nil {
log.Error().Msg(err.Error())
log.Error().Msgf("plugin: %v, path: %v, err: %v", plugin.name, plugin.path, err)
} else if plugin.name == supervisor.Self_id {
restart = true
}
}

if restart {
log.Info().Msgf("Restart self")
restartSelf()
}

return nil
}

func restartSelf() error {
errs := supervisor.StopAllProcesses()
for i := range errs {
log.Error().Msg(errs[i].Error())
}
argv0, err := exec.LookPath(os.Args[0])
if err != nil {
return err
}
return syscall.Exec(argv0, os.Args, os.Environ())
}

func downloadFile(filepath string, url string) (err error) {

// Create the file
Expand Down
21 changes: 18 additions & 3 deletions deepfence_bootstrapper/supervisor/process.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ import (
)

const (
self_id = "self"
Self_id = "self"
log_root_env = "${DF_INSTALL_DIR}/var/log/deepfenced/"
EXIT_CODE_BASH_NOT_FOUND = 127
)
Expand Down Expand Up @@ -288,7 +288,7 @@ func WriteTo(dst, org string) error {
}

func UpgradeProcessFromFile(name, path string) error {
if name == self_id {
if name == Self_id {
return selfUpgradeFromFile(path)
}

Expand Down Expand Up @@ -325,7 +325,7 @@ func UpgradeProcessFromFile(name, path string) error {
}

func UpgradeProcessFromURL(name, url string) error {
if name == self_id {
if name == Self_id {
return selfUpgradeFromUrl(url)
}

Expand Down Expand Up @@ -393,6 +393,21 @@ func StopProcess(name string) error {
return process.stop()
}

func StopAllProcesses() []error {

access.RLock()
defer access.RUnlock()

errs := []error{}
for _, process := range processes {
err := process.stop()
if err != nil {
errs = append(errs, err)
}
}
return errs
}

func LoadProcess(name, path, command, env string, autorestart bool, cgroup string) {
access.Lock()
defer access.Unlock()
Expand Down
2 changes: 1 addition & 1 deletion deepfence_ctl/cmd/graph.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,7 @@ var graphTopologySubCmd = &cobra.Command{

root, _ := cmd.Flags().GetString("root")

var res *deepfence_server_client.ApiDocsGraphResult
var res *deepfence_server_client.ModelGraphResult
var rh *stdhttp.Response
switch root {
case "":
Expand Down
Loading