Merge branch 'topic/christian/management-cluster-dirs'

* topic/christian/management-cluster-dirs: Management framework: bump zeek-client to pull in instance serialization fixes Management framework: bump external cluster testsuite Management framework: update agent-checkin test to reflect recent changes Management framework: place each Zeek process in its own working dir Management framework: set defaults for log rotation and persistent state Management framework: add spool and state directory config settings Management framework: establish stdout/stderr files also for cluster nodes Management framework: default to having agents check in with the (local) controller Management framework: move role variable from logging into framework-wide config Management framework: distinguish supervisor/supervisee when loading agent/controller Management framework: simplify agent and controller stdout/stderr files Management framework: prefix the management logs with "management-" Management framework: comment and layouting tweaks, no functional change Management framework: rename env var that labels agents/controllers Management framework: increase robustness of agent/controller naming
2025-10-08 01:28:20 +00:00 · 2022-05-26 16:07:48 -07:00 · 2022-05-26 16:07:48 -07:00 · 415bbe17d6
commit 415bbe17d6
parent bc90cc0003 1165193df8
25 changed files with 333 additions and 101 deletions
--- a/testing/btest/Baseline/coverage.bare-mode-errors/errors
+++ b/testing/btest/Baseline/coverage.bare-mode-errors/errors
@ -2,8 +2,8 @@
 ### NOTE: This file has been sorted with diff-sort.
 warning in <...>/extract-certs-pem.zeek, line 1: deprecated script loaded from <...>/__load__.zeek:15 "Remove in v5.1. Use log-certs-base64.zeek instead."
 warning in <...>/extract-certs-pem.zeek, line 1: deprecated script loaded from command line arguments "Remove in v5.1. Use log-certs-base64.zeek instead."
-warning in <...>/log-ocsp.zeek, line 1: deprecated script loaded from <...>/test-all-policy.zeek:65 ("Remove in v5.1. OCSP logging is now enabled by default")
-warning in <...>/log-ocsp.zeek, line 1: deprecated script loaded from <...>/test-all-policy.zeek:65 ("Remove in v5.1. OCSP logging is now enabled by default")
+warning in <...>/log-ocsp.zeek, line 1: deprecated script loaded from <...>/test-all-policy.zeek:66 ("Remove in v5.1. OCSP logging is now enabled by default")
+warning in <...>/log-ocsp.zeek, line 1: deprecated script loaded from <...>/test-all-policy.zeek:66 ("Remove in v5.1. OCSP logging is now enabled by default")
 warning in <...>/log-ocsp.zeek, line 1: deprecated script loaded from command line arguments ("Remove in v5.1. OCSP logging is now enabled by default")
 warning in <...>/notary.zeek, line 1: deprecated script loaded from <...>/__load__.zeek:5 ("Remove in v5.1. Please switch to other more modern approaches like SCT validation (validate-sct.zeek).")
 warning in <...>/notary.zeek, line 1: deprecated script loaded from command line arguments ("Remove in v5.1. Please switch to other more modern approaches like SCT validation (validate-sct.zeek).")
--- a/testing/btest/Baseline/scripts.policy.frameworks.management.controller.agent-checkin/zeek.nodes.controller.stdout
+++ b/testing/btest/Baseline/scripts.policy.frameworks.management.controller.agent-checkin/zeek.nodes.controller.stdout
--- a/testing/btest/scripts/policy/frameworks/management/controller/agent-checkin.zeek
+++ b/testing/btest/scripts/policy/frameworks/management/controller/agent-checkin.zeek
@ -1,16 +1,15 @@
 # This test verifies basic agent-controller communication in the Management
 # framework. We launch agent and controller via the supervisor, add an extra
 # handler for the notify_agent_hello event that travels agent -> controller, and
-# verify its print output in the controller's stdout log.
+# verify that it prints receipt of the event to stdout.

-# The following env vars is known to the controller framework
+# The following environment variables are known to the controller framework:
 # @TEST-PORT: ZEEK_CONTROLLER_PORT
 # @TEST-PORT: BROKER_PORT

-# A bit of a detour to get the port number into the agent configuration
-# @TEST-EXEC: btest-bg-run zeek zeek -j %INPUT
+# @TEST-EXEC: ZEEK_MANAGEMENT_TESTING=1 btest-bg-run zeek zeek -j %INPUT
 # @TEST-EXEC: btest-bg-wait 10
-# @TEST-EXEC: btest-diff zeek/controller.stdout
+# @TEST-EXEC: btest-diff zeek/nodes/controller/stdout

@load policy/frameworks/management/agent
@load policy/frameworks/management/controller
@ -34,7 +33,7 @@ event zeek_init()
 	# We're using the controller to shut everything down once the
 	# notify_agent_hello event has arrived. The controller doesn't normally
 	# talk to the supervisor, so connect to it.
-	if ( Supervisor::node()$name == "controller" )
+	if ( Management::role == Management::CONTROLLER )
 		{
 		Broker::peer(getenv("ZEEK_DEFAULT_LISTEN_ADDRESS"), Broker::default_port, Broker::default_listen_retry);
 		Broker::auto_publish(SupervisorControl::topic_prefix, SupervisorControl::stop_request);
@ -43,7 +42,7 @@ event zeek_init()

 event Management::Agent::API::notify_agent_hello(instance: string, host: addr, api_version: count)
 	{
-	if ( Supervisor::node()$name == "controller" )
+	if ( Management::role == Management::CONTROLLER )
 		{
 		# On rare occasion it can happen that we log this twice, which'll need
 		# investigating. For now we ensure we only do so once.
--- a/testing/external/commit-hash.zeek-testing-cluster
+++ b/testing/external/commit-hash.zeek-testing-cluster
@ -1 +1 @@
-fa9e808baedfeb23b4125f390cb3021c535a7d2b
+01e1d1ad94cea81091c74e829d86815fdef0dd62