From 49b9f1669c4fb99ba25baf8aad81a59121e617dc Mon Sep 17 00:00:00 2001 From: Christian Kreibich Date: Mon, 30 May 2022 12:53:27 -0700 Subject: [PATCH] Management framework: move to ResultVec in agent's set_configuration response We so far reported one result record per agent, which made it hard to report per-node outcomes for the new configuration. Agents now report one result record per node they're responsible for. --- .../frameworks/management/agent/api.zeek | 2 +- .../frameworks/management/agent/main.zeek | 31 +++++++++++++------ .../management/controller/main.zeek | 9 ++++-- 3 files changed, 29 insertions(+), 13 deletions(-) diff --git a/scripts/policy/frameworks/management/agent/api.zeek b/scripts/policy/frameworks/management/agent/api.zeek index f8dc1239a7..9fddaa44f1 100644 --- a/scripts/policy/frameworks/management/agent/api.zeek +++ b/scripts/policy/frameworks/management/agent/api.zeek @@ -38,7 +38,7 @@ export { ## result: the result record. ## global set_configuration_response: event(reqid: string, - result: Management::Result); + result: Management::ResultVec); ## The controller sends this event to request a list of diff --git a/scripts/policy/frameworks/management/agent/main.zeek b/scripts/policy/frameworks/management/agent/main.zeek index 5b6338f62a..9a0cb72f57 100644 --- a/scripts/policy/frameworks/management/agent/main.zeek +++ b/scripts/policy/frameworks/management/agent/main.zeek @@ -96,21 +96,34 @@ function agent_topic(): string function send_set_configuration_response(req: Management::Request::Request) { - local res = Management::Result( - $reqid = req$id, - $instance = Management::Agent::get_name()); + local node: string; + local res: Management::Result; - if ( |req$set_configuration_state$nodes_pending| > 0 ) + # Put together the results vector for the response event. + for ( node in g_nodes ) { - res$success = F; - res$error = "some nodes failed to start"; - res$data = req$set_configuration_state$nodes_pending; + res = Management::Result( + $reqid = req$id, + $instance = Management::Agent::get_name(), + $node = node); + + if ( node in req$set_configuration_state$nodes_pending ) + { + # This node failed. Pull in any stdout/stderr context + # we might have. + res$success = F; + + # XXX fill in stdout/stderr here if possible + } + + # Add this result to the overall response + req$results[|req$results|] = res; } Management::Log::info(fmt("tx Management::Agent::API::set_configuration_response %s", Management::result_to_string(res))); Broker::publish(agent_topic(), - Management::Agent::API::set_configuration_response, req$id, res); + Management::Agent::API::set_configuration_response, req$id, req$results); Management::Request::finish(req$id); @@ -215,7 +228,7 @@ event Management::Agent::API::set_configuration_request(reqid: string, config: M Management::Log::info(fmt("tx Management::Agent::API::set_configuration_response %s", Management::result_to_string(res))); Broker::publish(agent_topic(), - Management::Agent::API::set_configuration_response, reqid, res); + Management::Agent::API::set_configuration_response, reqid, vector(res)); return; } diff --git a/scripts/policy/frameworks/management/controller/main.zeek b/scripts/policy/frameworks/management/controller/main.zeek index f83644313e..468cc71bab 100644 --- a/scripts/policy/frameworks/management/controller/main.zeek +++ b/scripts/policy/frameworks/management/controller/main.zeek @@ -346,7 +346,7 @@ event Management::Agent::API::notify_log(instance: string, msg: string, node: st # XXX TODO } -event Management::Agent::API::set_configuration_response(reqid: string, result: Management::Result) +event Management::Agent::API::set_configuration_response(reqid: string, results: Management::ResultVec) { Management::Log::info(fmt("rx Management::Agent::API::set_configuration_response %s", reqid)); @@ -363,8 +363,11 @@ event Management::Agent::API::set_configuration_response(reqid: string, result: if ( Management::Request::is_null(req) ) return; - # Add this result to the overall response - req$results[|req$results|] = result; + # XXX the usual "any" handling needs to happen here if data is filled in + + # Add this agent's results to the overall response + for ( i in results ) + req$results[|req$results|] = results[i]; # Mark this request as done by removing it from the table of pending # ones. The following if-check should always be true.