This is an automated email from the ASF dual-hosted git repository. ocket8888 pushed a commit to branch 5.0.x in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git
commit 6e10068698bd6fccf421f2c839631d23307c2027 Author: jpappa200 <[email protected]> AuthorDate: Mon Nov 9 17:36:26 2020 -0500 Dnssec refresh (#5122) * initial add of config.go for dnssec refresh * initial add of ToDnssecRefresh.go * removed extra import block * fix a couple typos * Fixed formatting issues. * Fixed formatting issues. * Fixed formatting issues. * Fixed more formatting issues. * Changed a couple variable names for readability. * Fixed change in variable name line 48. * Added check for non 200 response. * Removed blank line and log error instead of print. * Made requested changes. will document in PR * removed leftover debug statement in ErrCheck (cherry picked from commit c0a76571a26cc28dff1de81390720014c8f6d6e7) --- .../bin/checks/DnssecRefresh/ToDnssecRefresh.go | 81 +++++++++++ .../app/bin/checks/DnssecRefresh/config/config.go | 157 +++++++++++++++++++++ 2 files changed, 238 insertions(+) diff --git a/traffic_ops/app/bin/checks/DnssecRefresh/ToDnssecRefresh.go b/traffic_ops/app/bin/checks/DnssecRefresh/ToDnssecRefresh.go new file mode 100644 index 0000000..7ed89e3 --- /dev/null +++ b/traffic_ops/app/bin/checks/DnssecRefresh/ToDnssecRefresh.go @@ -0,0 +1,81 @@ +package main + +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import ( + "bytes" + "encoding/json" + "io/ioutil" + "net/http" + "net/http/cookiejar" + "os" + "time" + + "github.com/apache/trafficcontrol/lib/go-log" + "github.com/apache/trafficcontrol/traffic_ops/app/bin/checks/DnssecRefresh/config" +) + +func main() { + cfg, err := config.GetCfg() + config.ErrCheck(err) + //for the -h --help option + if cfg == (config.Cfg{}) { + os.Exit(0) + } + log.Debugln("Including DEBUG messages in output. Config is:") + config.PrintConfig(cfg) // only if DEBUG logging is set. + body := &config.Creds{ + User: cfg.TOUser, + Password: cfg.TOPass, + } + loginUrl := cfg.TOUrl + "/api/2.0/user/login" + buf := &bytes.Buffer{} + err = json.NewEncoder(buf).Encode(body) + config.ErrCheck(err) + req, err := http.NewRequest(http.MethodPost, loginUrl, buf) + config.ErrCheck(err) + jar, err := cookiejar.New(nil) + config.ErrCheck(err) + client := &http.Client{Jar: jar, Transport: cfg.Transport, Timeout: 5 * time.Second} + + log.Debugf("Posting to: %s", loginUrl) + + res, err := client.Do(req) + config.ErrCheck(err) + defer config.Dclose(res.Body) + refreshUrl := cfg.TOUrl + "/api/2.0/cdns/dnsseckeys/refresh" + resp, err := http.NewRequest(http.MethodGet, refreshUrl, buf) + config.ErrCheck(err) + log.Debugf("Get req to: %s", refreshUrl) + + refresh, err := client.Do(resp) + config.ErrCheck(err) + respData, err := ioutil.ReadAll(refresh.Body) + config.ErrCheck(err) + defer config.Dclose(refresh.Body) + + if refresh.StatusCode != 200 { + log.Errorln(string(respData)) + os.Exit(1) + } + response := config.ToResponse{} + config.ErrCheck(json.Unmarshal(respData, &response)) + log.Debugln(response.Response) +} diff --git a/traffic_ops/app/bin/checks/DnssecRefresh/config/config.go b/traffic_ops/app/bin/checks/DnssecRefresh/config/config.go new file mode 100644 index 0000000..6c5039b --- /dev/null +++ b/traffic_ops/app/bin/checks/DnssecRefresh/config/config.go @@ -0,0 +1,157 @@ +package config + +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import ( + "crypto/tls" + "errors" + "fmt" + "io" + "net/http" + "os" + "strings" + + "github.com/apache/trafficcontrol/lib/go-log" + "github.com/pborman/getopt/v2" +) + +type Creds struct { + User string `json:"u"` + Password string `json:"p"` +} + +type Cfg struct { + LogLocationErr string + LogLocationInfo string + LogLocationWarn string + LogLocationDebug string + TOInsecure bool + TOUser string + TOPass string + TOUrl string + Transport *http.Transport +} + +type ToResponse struct { + Response string `json:"response"` +} + +func Dclose(c io.Closer) { + if err := c.Close(); err != nil { + log.Errorln(err) + } +} + +func ErrCheck(err error) { + if err != nil { + log.Errorln(err) + os.Exit(1) + } +} + +func (cfg Cfg) ErrorLog() log.LogLocation { return log.LogLocation(cfg.LogLocationErr) } +func (cfg Cfg) WarningLog() log.LogLocation { return log.LogLocation(cfg.LogLocationWarn) } +func (cfg Cfg) InfoLog() log.LogLocation { return log.LogLocation(cfg.LogLocationInfo) } +func (cfg Cfg) DebugLog() log.LogLocation { return log.LogLocation(cfg.LogLocationDebug) } +func (cfg Cfg) EventLog() log.LogLocation { return log.LogLocation(log.LogLocationNull) } // event logging not used. + +func GetCfg() (Cfg, error) { + var err error + logLocationDebugPtr := getopt.StringLong("log-location-debug", 'd', "", "Where to log debugs. May be a file path, stdout, stderr, or null, default ''") + logLocationErrorPtr := getopt.StringLong("log-location-error", 'e', "stderr", "Where to log errors. May be a file path, stdout, stderr, or null, default stderr") + logLocationInfoPtr := getopt.StringLong("log-location-info", 'i', "stderr", "Where to log info. May be a file path, stdout, stderr, or null, default stderr") + logLocationWarnPtr := getopt.StringLong("log-location-warning", 'w', "stderr", "Where to log warnings. May be a file path, stdout, stderr, or null, default stderr") + toInsecurePtr := getopt.BoolLong("traffic-ops-insecure", 'I', "[true | false] ignore certificate errors from Traffic Ops") + toUserPtr := getopt.StringLong("traffic-ops-user", 'u', "", "Traffic Ops username. Required.") + toPassPtr := getopt.StringLong("traffic-ops-password", 'p', "", "Traffic Ops Password. Required") + toUrlPtr := getopt.StringLong("traffic-ops-url", 'U', "", "Traffic ops base URL. Required.") + helpPtr := getopt.BoolLong("help", 'h', "Print usage information and exit") + getopt.ParseV2() + + logLocationDebug := *logLocationDebugPtr + logLocationError := *logLocationErrorPtr + logLocationInfo := *logLocationInfoPtr + logLocationWarn := *logLocationWarnPtr + toInsecure := *toInsecurePtr + toURL := *toUrlPtr + toUser := *toUserPtr + toPass := *toPassPtr + transport := &http.Transport{TLSClientConfig: &tls.Config{InsecureSkipVerify: toInsecure}} + help := *helpPtr + + cfg := Cfg{ + LogLocationDebug: logLocationDebug, + LogLocationErr: logLocationError, + LogLocationInfo: logLocationInfo, + LogLocationWarn: logLocationWarn, + TOInsecure: toInsecure, + Transport: transport, + TOUrl: toURL, + TOUser: toUser, + TOPass: toPass, + } + + if help { + Usage() + return Cfg{}, nil + } + if err = log.InitCfg(cfg); err != nil { + return Cfg{}, errors.New("Initializing loggers: " + err.Error() + "\n") + } + + missingArgStr := "Missing required argument" + usageStr := "\nBasic usage: ToDnssecRefresh --traffic-ops-url=myurl --traffic-ops-user=myuser --traffic-ops-password=mypass\n" + if strings.TrimSpace(toURL) == "" { + return Cfg{}, errors.New(missingArgStr + " --traffic-ops-url\n" + usageStr) + } + if strings.TrimSpace(toUser) == "" { + return Cfg{}, errors.New(missingArgStr + " --traffic-ops-user\n" + usageStr) + } + if strings.TrimSpace(toPass) == "" { + return Cfg{}, errors.New(missingArgStr + " --traffic-ops-password\n" + usageStr) + } + + return cfg, nil +} + +func PrintConfig(cfg Cfg) { + log.Debugf("TOUrl: %s\n", cfg.TOUrl) + log.Debugf("TOUser: %s\n", cfg.TOUser) + log.Debugf("TOPass: Pass len: %d\n", len(cfg.TOPass)) + log.Debugf("TOInsecure: %t\n", cfg.TOInsecure) + log.Debugf("LogLocationDebug: %s\n", cfg.LogLocationDebug) + log.Debugf("LogLocationErr: %s\n", cfg.LogLocationErr) + log.Debugf("LogLocationInfo: %s\n", cfg.LogLocationInfo) + log.Debugf("LogLocationWarn: %s\n", cfg.LogLocationWarn) +} + +func Usage() { + usageStr := `Usage: ToDnssecRefresh -u <url> -U <to_user> -p <to_password> [-d|-e|-w <log_location>] [-I] + --log-location-debug=[value] | -d [value], Where to log debugs. May be a file path, stdout, stderr, or null, default stderr + --log-location-error=[value] | -e [value], Where to log errors. May be a file path, stdout, stderr, or null, default stderr + --log-location-info=[value] | -i [value], Where to log info. May be a file path, stdout, stderr, or null, default stderr + --log-location-warning=[value] | -w [value], Where to log warnings. May be a file path, stdout, stderr, or null, default stderr + --traffic-ops-url=[url] | -u [url], Traffic Ops URL. Must be the full URL, including the scheme. Required. + --traffic-ops-insecure=[true|false] -I [true | false] Whether to ignore HTTPS certificate errors from Traffic Ops. It is HIGHLY RECOMMENDED to never use this in a production environment, but only for debugging, default = false + --traffic-ops-user=[username] | -U [username], Traffic Ops username. Required. + --traffic-ops-password=[password] | -P [password], Traffic Ops password. Required. + --help | -h, Print usage information and exit` + fmt.Println(usageStr) +}
