-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathmain.go
238 lines (218 loc) · 8.93 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
package main
import (
"flag"
"fmt"
"github.com/cheshir/go-mq"
"github.com/uselagoon/lagoon/services/insights-handler/internal/handler"
"log/slog"
"os"
"strconv"
"time"
)
var (
httpListenPort = os.Getenv("HTTP_LISTEN_PORT")
mqUser string
mqPass string
mqHost string
mqPort string
mqWorkers int
rabbitReconnectRetryInterval int
startupConnectionAttempts int
startupConnectionInterval int
lagoonAPIHost string
lagoonAppID string
jwtTokenSigningKey string
jwtAudience string
insightsQueueName string
insightsExchange string
jwtSubject string
jwtIssuer string
s3SecretAccessKey string
s3Origin string
s3Bucket string
s3Region string
s3AccessKeyID string
filterTransformerFile string
s3useSSL bool
disableS3Upload bool
disableAPIIntegration bool
enableDebug bool
problemsFromSBOM bool
trivyServerEndpoint string
)
func main() {
flag.StringVar(&lagoonAppID, "lagoon-app-id", "insights-handler", "The appID to use that will be sent with messages.")
flag.StringVar(&mqUser, "rabbitmq-username", "guest", "The username of the rabbitmq user.")
flag.StringVar(&mqPass, "rabbitmq-password", "guest", "The password for the rabbitmq user.")
flag.StringVar(&mqHost, "rabbitmq-hostname", "localhost", "The hostname for the rabbitmq host.")
flag.StringVar(&mqPort, "rabbitmq-port", "5672", "The port for the rabbitmq host.")
flag.IntVar(&mqWorkers, "rabbitmq-queue-workers", 1, "The number of workers to start with.")
flag.IntVar(&rabbitReconnectRetryInterval, "rabbitmq-reconnect-retry-interval", 30, "The retry interval for rabbitmq.")
flag.IntVar(&startupConnectionAttempts, "startup-connection-attempts", 10, "The number of startup attempts before exiting.")
flag.IntVar(&startupConnectionInterval, "startup-connection-interval-seconds", 30, "The duration between startup attempts.")
flag.StringVar(&lagoonAPIHost, "lagoon-api-host", "http://localhost:3000/graphql", "The host for the lagoon api.")
flag.StringVar(&jwtTokenSigningKey, "jwt-token-signing-key", "super-secret-string", "The jwt signing token key or secret.")
flag.StringVar(&jwtAudience, "jwt-audience", "api.dev", "The jwt audience.")
flag.StringVar(&jwtSubject, "jwt-subject", "insights-handler", "The jwt audience.")
flag.StringVar(&jwtIssuer, "jwt-issuer", "insights-handler", "The jwt issuer.")
flag.StringVar(&insightsQueueName, "insights-queue-name", "lagoon-insights:items", "The name of the queue in rabbitmq to use.")
flag.StringVar(&insightsExchange, "insights-exchange", "lagoon-insights", "The name of the exchange in rabbitmq to use.")
flag.StringVar(&s3SecretAccessKey, "secret-access-key", "minio123", "s3 secret access key to use.")
flag.StringVar(&s3Origin, "s3-host", "localhost:9000", "The s3 host/origin to use.")
flag.StringVar(&s3AccessKeyID, "access-key-id", "minio", "The name of the s3Bucket to use.")
flag.StringVar(&s3Bucket, "s3-bucket", "lagoon-insights", "The s3 bucket name.")
flag.StringVar(&s3Region, "s3-region", "", "The s3 region.")
flag.BoolVar(&s3useSSL, "s3-usessl", true, "Use SSL with S3")
flag.StringVar(&filterTransformerFile, "filter-transformer-file", "./default_filter_transformers.yaml", "The filter/transformers to load.")
flag.BoolVar(&disableS3Upload, "disable-s3-upload", false, "Disable uploading insights data to an s3 s3Bucket")
flag.BoolVar(&disableAPIIntegration, "disable-api-integration", false, "Disable insights data integration for the Lagoon API")
flag.BoolVar(&enableDebug, "debug", false, "Enable debugging output")
flag.BoolVar(&problemsFromSBOM, "problems-from-sbom", false, "Pass any SBOM through Trivy")
flag.StringVar(&trivyServerEndpoint, "trivy-server-location", "http://localhost:4954", "Trivy server endpoint")
flag.Parse()
handler.EnableDebug = enableDebug
// get overrides from environment variables
mqUser = getEnv("RABBITMQ_USERNAME", mqUser)
mqPass = getEnv("RABBITMQ_PASSWORD", mqPass)
mqHost = getEnv("RABBITMQ_ADDRESS", mqHost)
mqPort = getEnv("RABBITMQ_PORT", mqPort)
lagoonAPIHost = getEnv("GRAPHQL_ENDPOINT", lagoonAPIHost)
jwtTokenSigningKey = getEnv("JWT_SECRET", jwtTokenSigningKey)
jwtAudience = getEnv("JWT_AUDIENCE", jwtAudience)
jwtSubject = getEnv("JWT_SUBJECT", jwtSubject)
jwtIssuer = getEnv("JWT_ISSUER", jwtIssuer)
insightsQueueName = getEnv("INSIGHTS_QUEUE_NAME", insightsQueueName)
insightsExchange = getEnv("INSIGHTS_EXCHANGE", insightsExchange)
s3Origin = getEnv("S3_FILES_HOST", s3Origin)
s3AccessKeyID = getEnv("S3_FILES_ACCESS_KEY_ID", s3AccessKeyID)
s3SecretAccessKey = getEnv("S3_FILES_SECRET_ACCESS_KEY", s3SecretAccessKey)
s3Bucket = getEnv("S3_FILES_BUCKET", s3Bucket)
s3Region = getEnv("S3_FILES_REGION", s3Region)
filterTransformerFile = getEnv("FILTER_TRANSFORMER_FILE", filterTransformerFile)
s3useSSL = getEnvBool("S3_USESSL", s3useSSL)
disableAPIIntegration = getEnvBool("INSIGHTS_DISABLE_API_INTEGRATION", disableAPIIntegration)
disableS3Upload = getEnvBool("INSIGHTS_DISABLE_S3_UPLOAD", disableS3Upload)
problemsFromSBOM = getEnvBool("PROBLEMS_FROM_SBOM", problemsFromSBOM)
trivyServerEndpoint = getEnv("TRIVY_SERVER_ENDPOINT", trivyServerEndpoint)
enableDebug = getEnvBool("ENABLE_DEBUG", enableDebug)
// First we set up the default logger for the project
// If we enable debugging, we set the logging level to output debug for the default logger.
// This means we don't need to wrap debug info, simply log it at the right level
debugLevel := slog.LevelInfo
if enableDebug {
debugLevel = slog.LevelDebug
}
slog.SetDefault(slog.New(slog.NewJSONHandler(os.Stdout, &slog.HandlerOptions{
Level: debugLevel,
})))
slog.Debug("problemsFromSBOM", "status", problemsFromSBOM)
if problemsFromSBOM == true {
if trivyServerEndpoint == "" {
slog.Error("NO TRIVY SERVER ENDPOINT SET - exiting")
os.Exit(1)
}
}
// We begin by setting up the handler's broker connection
broker := handler.RabbitBroker{
Hostname: fmt.Sprintf("%s:%s", mqHost, mqPort),
Username: mqUser,
Password: mqPass,
QueueName: insightsQueueName,
ExchangeName: insightsExchange,
}
// graphQLConfig details how we connect to the Lagoon API
graphQLConfig := handler.LagoonAPI{
Endpoint: lagoonAPIHost,
TokenSigningKey: jwtTokenSigningKey,
JWTAudience: jwtAudience,
JWTSubject: jwtSubject,
JWTIssuer: jwtIssuer,
Disabled: disableAPIIntegration,
}
// s3Config details how we connect to the s3 buckets - these are used to upload files
s3Config := handler.S3{
SecretAccessKey: s3SecretAccessKey,
S3Origin: s3Origin,
AccessKeyId: s3AccessKeyID,
Bucket: s3Bucket,
Region: s3Region,
UseSSL: s3useSSL,
Disabled: disableS3Upload,
}
slog.Debug("disableS3Upload", "status", disableS3Upload)
// Here we look at the filter json/yaml and attempt to load up the filter descriptions
err := handler.RegisterFiltersFromDisk(filterTransformerFile)
if err != nil {
slog.Error("Unable to register filters from disk", "Error", err)
os.Exit(1)
}
config := mq.Config{
ReconnectDelay: time.Duration(rabbitReconnectRetryInterval) * time.Second,
Exchanges: mq.Exchanges{
{
Name: "lagoon-insights",
Type: "direct",
Options: mq.Options{
"durable": true,
"delivery_mode": "2",
"headers": "",
"content_type": "",
},
},
},
Consumers: mq.Consumers{
{
Name: "items-queue",
Queue: "lagoon-insights:items",
Workers: mqWorkers,
Options: mq.Options{
"durable": true,
"delivery_mode": "2",
"headers": "",
"content_type": "",
},
},
},
Queues: mq.Queues{
{
Name: "lagoon-insights:items",
Exchange: "lagoon-insights",
Options: mq.Options{
"durable": true,
"delivery_mode": "2",
"headers": "",
"content_type": "",
},
},
},
DSN: fmt.Sprintf("amqp://%s:%s@%s/", broker.Username, broker.Password, broker.Hostname),
}
messaging := handler.NewMessaging(config,
graphQLConfig,
s3Config,
startupConnectionAttempts,
startupConnectionInterval,
enableDebug,
problemsFromSBOM,
trivyServerEndpoint,
)
// start the consumer
slog.Info("insights-handler has started-up")
messaging.Consumer()
}
func getEnv(key, fallback string) string {
if value, ok := os.LookupEnv(key); ok {
return value
}
return fallback
}
// accepts fallback values 1, t, T, TRUE, true, True, 0, f, F, FALSE, false, False
// anything else is false.
func getEnvBool(key string, fallback bool) bool {
if value, ok := os.LookupEnv(key); ok {
rVal, _ := strconv.ParseBool(value)
return rVal
}
return fallback
}
//go:generate go run github.com/Khan/genqlient internal/lagoonclient/genqlient.yaml