From ea88257d4dc6ff5114b9582f36a95355ce3a5844 Mon Sep 17 00:00:00 2001
From: Christian Kreibich <christian@corelight.com>
Date: Thu, 30 Jan 2025 16:36:14 -0800
Subject: [PATCH] Management framework: move up addition of agent IPs into
 deployable cluster configs

Since the changes to port autoassignment in the preceding commits leverage agent
IP address information, we need to ensure that this information is available at
the time of autoassignment. The controller learns IP addresses from connecting
agents, and previously used that information at deploy time. This moves the
augmentation of the cluster config up to port autoassignment time.
---
 .../management/controller/main.zeek           | 39 ++++++++++---------
 1 file changed, 21 insertions(+), 18 deletions(-)

diff --git a/scripts/policy/frameworks/management/controller/main.zeek b/scripts/policy/frameworks/management/controller/main.zeek
index 4a342fe02b..b2407d532f 100644
--- a/scripts/policy/frameworks/management/controller/main.zeek
+++ b/scripts/policy/frameworks/management/controller/main.zeek
@@ -186,24 +186,6 @@ global g_configs: table[ConfigState] of Management::Configuration
 
 function config_deploy_to_agents(config: Management::Configuration, req: Management::Request::Request)
 	{
-	# Make any final changes to the configuration we send off.
-
-	# If needed, fill in agent IP address info as learned from their peerings.
-	# XXX this will need revisiting when we support host names.
-	local instances: set[Management::Instance];
-
-	for ( inst in config$instances )
-		{
-		if ( inst$name in g_instances_known
-		    && inst$host == 0.0.0.0
-		    && g_instances_known[inst$name]$host != 0.0.0.0 )
-			inst$host = g_instances_known[inst$name]$host;
-
-		add instances[inst];
-		}
-
-	config$instances = instances;
-
 	for ( name in g_instances )
 		{
 		if ( name !in g_instances_ready )
@@ -1037,6 +1019,27 @@ event Management::Controller::API::stage_configuration_request(reqid: string, co
 	g_configs[STAGED] = config;
 	config_copy = copy(config);
 
+	# The staged config is preserved as the client sent it to us. For the
+	# ready-to-deploy version we fill in additional details here.
+	#
+	# One such bit of information is that we know the IP addresses of
+	# instances that connected to the controller from their Broker peering.
+	#
+	# XXX this will need revisiting when we support host names.
+	local instances: set[Management::Instance];
+
+	for ( inst in config_copy$instances )
+		{
+		if ( inst$name in g_instances_known
+		    && inst$host == 0.0.0.0
+		    && g_instances_known[inst$name]$host != 0.0.0.0 )
+			inst$host = g_instances_known[inst$name]$host;
+
+		add instances[inst];
+		}
+
+	config_copy$instances = instances;
+
 	if ( Management::Controller::auto_assign_broker_ports )
 		config_assign_broker_ports(config_copy);
 	if ( Management::Controller::auto_assign_metrics_ports )