Ejemplo n.º 1
0
func getRedisEndpoint(endpoint plugin.ShieldEndpoint) (RedisEndpoint, error) {
	mode, err := endpoint.StringValue("redis_type")
	if err != nil {
		return RedisEndpoint{}, err
	}
	return RedisEndpoint{Mode: mode}, nil
}
Ejemplo n.º 2
0
// Called when you want to restore data Examine the ShieldEndpoint passed in, and perform actions accordingly
func (p DummyPlugin) Restore(endpoint plugin.ShieldEndpoint) error {
	file, err := endpoint.StringValue("file")
	if err != nil {
		return err
	}

	return plugin.Exec(fmt.Sprintf("/bin/sh -c \"/bin/cat > %s\"", file), plugin.STDIN)
}
Ejemplo n.º 3
0
// Called when you want to back data up. Examine the ShieldEndpoint passed in, and perform actions accordingly
func (p DummyPlugin) Backup(endpoint plugin.ShieldEndpoint) error {
	data, err := endpoint.StringValue("data")
	if err != nil {
		return err
	}

	return plugin.Exec(fmt.Sprintf("/bin/echo %s", data), plugin.STDOUT)
}
Ejemplo n.º 4
0
// Called when you want to retreive backup data. Examine the ShieldEndpoint passed in, and perform actions accordingly
func (p DummyPlugin) Retrieve(endpoint plugin.ShieldEndpoint, file string) error {
	directory, err := endpoint.StringValue("directory")
	if err != nil {
		return err
	}

	return plugin.Exec(fmt.Sprintf("/bin/cat %s/%s", directory, file), plugin.STDOUT)
}
Ejemplo n.º 5
0
// Called when you want to store backup data. Examine the ShieldEndpoint passed in, and perform actions accordingly
func (p DummyPlugin) Store(endpoint plugin.ShieldEndpoint) (string, error) {
	directory, err := endpoint.StringValue("directory")
	if err != nil {
		return "", err
	}

	file := plugin.GenUUID()

	err = plugin.Exec(fmt.Sprintf("/bin/sh -c \"/bin/cat > %s/%s\"", directory, file), plugin.STDIN)
	return file, err
}
Ejemplo n.º 6
0
func getFSConfig(endpoint plugin.ShieldEndpoint) (*FSConfig, error) {
	include, err := endpoint.StringValueDefault("include", "")
	if err != nil {
		return nil, err
	}

	exclude, err := endpoint.StringValueDefault("exclude", "")
	if err != nil {
		return nil, err
	}

	bsdtar, err := endpoint.StringValueDefault("bsdtar", DefaultBsdTar)
	if err != nil {
		return nil, err
	}

	base_dir, err := endpoint.StringValue("base_dir")
	if err != nil {
		return nil, err
	}

	return &FSConfig{
		Include:  include,
		Exclude:  exclude,
		BasePath: base_dir,
		BsdTar:   bsdtar,
	}, nil
}
Ejemplo n.º 7
0
func getRabbitMQEndpoint(endpoint plugin.ShieldEndpoint) (RabbitMQEndpoint, error) {
	url, err := endpoint.StringValue("rmq_url")
	if err != nil {
		return RabbitMQEndpoint{}, err
	}

	user, err := endpoint.StringValue("rmq_username")
	if err != nil {
		return RabbitMQEndpoint{}, err
	}

	passwd, err := endpoint.StringValue("rmq_password")
	if err != nil {
		return RabbitMQEndpoint{}, err
	}

	sslValidate, err := endpoint.BooleanValue("skip_ssl_validation")
	if err != nil {
		return RabbitMQEndpoint{}, err
	}

	return RabbitMQEndpoint{
		Username:          user,
		Password:          passwd,
		URL:               url,
		SkipSSLValidation: sslValidate,
	}, nil
}
Ejemplo n.º 8
0
func (p RedisBrokerPlugin) Validate(endpoint plugin.ShieldEndpoint) error {
	var (
		s    string
		err  error
		fail bool
	)

	s, err = endpoint.StringValue("redis_type")
	if err != nil {
		ansi.Printf("@R{\u2717 redis_type  %s}\n", err)
		fail = true
	} else {
		ansi.Printf("@G{\u2713 redis_type}  @C{%s}\n", s)
	}

	if fail {
		return fmt.Errorf("postgres: invalid configuration")
	}
	return nil
}
Ejemplo n.º 9
0
// Called to validate endpoints from the command line
func (p DummyPlugin) Validate(endpoint plugin.ShieldEndpoint) error {
	var (
		s    string
		err  error
		fail bool
	)

	s, err = endpoint.StringValue("data")
	if err != nil {
		ansi.Printf("@R{\u2717 data   %s}\n", err)
		fail = true
	} else {
		ansi.Printf("@G{\u2713 data}  @C{%s}\n", s)
	}

	if fail {
		return fmt.Errorf("dummy: invalid configuration")
	}
	return nil
}
Ejemplo n.º 10
0
func (p FSPlugin) Validate(endpoint plugin.ShieldEndpoint) error {
	var (
		s    string
		err  error
		fail bool
	)

	s, err = endpoint.StringValue("base_dir")
	if err != nil {
		ansi.Printf("@R{\u2717 base_dir  %s}\n", err)
		fail = true
	} else {
		ansi.Printf("@G{\u2713 base_dir}  files in @C{%s} will be backed up\n", s)
	}

	s, err = endpoint.StringValueDefault("include", "")
	if err != nil {
		ansi.Printf("@R{\u2717 include   %s}\n", err)
		fail = true
	} else if s == "" {
		ansi.Printf("@G{\u2713 include}   all files will be included\n")
	} else {
		ansi.Printf("@G{\u2713 include}   only files matching @C{%s} will be backed up\n", s)
	}

	s, err = endpoint.StringValueDefault("exclude", "")
	if err != nil {
		ansi.Printf("@R{\u2717 base_dir  %s}\n", err)
		fail = true
	} else if s == "" {
		ansi.Printf("@G{\u2713 exclude}   no files will be excluded\n")
	} else {
		ansi.Printf("@G{\u2713 exclude}   files matching @C{%s} will be skipped\n", s)
	}

	s, err = endpoint.StringValueDefault("bsdtar", "")
	if err != nil {
		ansi.Printf("@R{\u2717 bsdtar    %s}\n", err)
		fail = true
	} else if s == "" {
		ansi.Printf("@G{\u2713 bsdtar}    using default @C{%s}\n", DefaultBsdTar)
	} else {
		ansi.Printf("@G{\u2713 bsdtar}    @C{%s}\n", s)
	}

	if fail {
		return fmt.Errorf("fs: invalid configuration")
	}
	return nil
}
Ejemplo n.º 11
0
func (p RabbitMQBrokerPlugin) Validate(endpoint plugin.ShieldEndpoint) error {
	var (
		s    string
		err  error
		fail bool
	)

	s, err = endpoint.StringValue("rmq_url")
	if err != nil {
		ansi.Printf("@R{\u2717 rmq_url              %s}\n", err)
		fail = true
	} else {
		ansi.Printf("@G{\u2713 rmq_url}              @C{%s}\n", s)
	}

	s, err = endpoint.StringValue("rmq_username")
	if err != nil {
		ansi.Printf("@R{\u2717 rmq_username         %s}\n", err)
		fail = true
	} else {
		ansi.Printf("@G{\u2713 rmq_username}         @C{%s}\n", s)
	}

	s, err = endpoint.StringValue("rmq_password")
	if err != nil {
		ansi.Printf("@R{\u2717 rmq_password         %s}\n", err)
		fail = true
	} else {
		ansi.Printf("@G{\u2713 rmq_password}         @C{%s}\n", s)
	}

	tf, err := endpoint.BooleanValueDefault("skip_ssl_validation", false)
	if err != nil {
		ansi.Printf("@R{\u2717 skip_ssl_validation  %s}\n", err)
		fail = true
	} else {
		if tf {
			ansi.Printf("@G{\u2713 skip_ssl_validation}  @C{yes}, SSL will @Y{NOT} be validated\n")
		} else {
			ansi.Printf("@G{\u2713 skip_ssl_validation}  @C{no}, SSL @Y{WILL} be validated\n")
		}
	}

	if fail {
		return fmt.Errorf("rabbitmq-broker: invalid configuration")
	}
	return nil
}
Ejemplo n.º 12
0
func getS3ConnInfo(e plugin.ShieldEndpoint) (S3ConnectionInfo, error) {
	host, err := e.StringValueDefault("s3_host", DefaultS3Host)
	if err != nil {
		return S3ConnectionInfo{}, err
	}

	insecure_ssl, err := e.BooleanValueDefault("skip_ssl_validation", DefaultSkipSSLValidation)
	if err != nil {
		return S3ConnectionInfo{}, err
	}

	key, err := e.StringValue("access_key_id")
	if err != nil {
		return S3ConnectionInfo{}, err
	}

	secret, err := e.StringValue("secret_access_key")
	if err != nil {
		return S3ConnectionInfo{}, err
	}

	bucket, err := e.StringValue("bucket")
	if err != nil {
		return S3ConnectionInfo{}, err
	}

	prefix, err := e.StringValueDefault("prefix", DefaultPrefix)
	if err != nil {
		return S3ConnectionInfo{}, err
	}

	sigVer, err := e.StringValueDefault("signature_version", DefaultSigVersion)
	if !validSigVersion(sigVer) {
		return S3ConnectionInfo{}, fmt.Errorf("Invalid `signature_version` specified (`%s`). Expected `2` or `4`", sigVer)
	}

	proxy, err := e.StringValueDefault("socks5_proxy", "")
	if err != nil {
		return S3ConnectionInfo{}, err
	}

	return S3ConnectionInfo{
		Host:              host,
		SkipSSLValidation: insecure_ssl,
		AccessKey:         key,
		SecretKey:         secret,
		Bucket:            bucket,
		PathPrefix:        prefix,
		SignatureVersion:  sigVer,
		SOCKS5Proxy:       proxy,
	}, nil
}
Ejemplo n.º 13
0
func (p S3Plugin) Validate(endpoint plugin.ShieldEndpoint) error {
	var (
		s    string
		err  error
		fail bool
	)

	s, err = endpoint.StringValueDefault("s3_host", DefaultS3Host)
	if err != nil {
		ansi.Printf("@R{\u2717 s3_host              %s}\n", err)
		fail = true
	} else {
		ansi.Printf("@G{\u2713 s3_host}              @C{%s}\n", s)
	}

	s, err = endpoint.StringValue("access_key_id")
	if err != nil {
		ansi.Printf("@R{\u2717 access_key_id        %s}\n", err)
		fail = true
	} else {
		ansi.Printf("@G{\u2713 access_key_id}        @C{%s}\n", s)
	}

	s, err = endpoint.StringValue("secret_access_key")
	if err != nil {
		ansi.Printf("@R{\u2717 secret_access_key    %s}\n", err)
		fail = true
	} else {
		ansi.Printf("@G{\u2713 secret_access_key}    @C{%s}\n", s)
	}

	s, err = endpoint.StringValue("bucket")
	if err != nil {
		ansi.Printf("@R{\u2717 bucket               %s}\n", err)
		fail = true
	} else {
		ansi.Printf("@G{\u2713 bucket}               @C{%s}\n", s)
	}

	s, err = endpoint.StringValueDefault("prefix", DefaultPrefix)
	if err != nil {
		ansi.Printf("@R{\u2717 prefix               %s}\n", err)
		fail = true
	} else if s == "" {
		ansi.Printf("@G{\u2713 prefix}               (none)\n")
	} else {
		ansi.Printf("@G{\u2713 prefix}               @C{%s}\n", s)
	}

	s, err = endpoint.StringValueDefault("signature_version", DefaultSigVersion)
	if err != nil {
		ansi.Printf("@R{\u2717 signature_version    %s}\n", err)
		fail = true
	} else if !validSigVersion(s) {
		ansi.Printf("@R{\u2717 signature_version    Unexpected signature version '%s' found (expecting '2' or '4')}\n", s)
		fail = true
	} else {
		ansi.Printf("@G{\u2713 signature_version}    @C{%s}\n", s)
	}

	s, err = endpoint.StringValueDefault("socks5_proxy", "")
	if err != nil {
		ansi.Printf("@R{\u2717 socks5_proxy         %s}\n", err)
		fail = true
	} else if s == "" {
		ansi.Printf("@G{\u2713 socks5_proxy}         (no proxy will be used)\n")
	} else {
		ansi.Printf("@G{\u2713 socks5_proxy}         @C{%s}\n", s)
	}

	tf, err := endpoint.BooleanValueDefault("skip_ssl_validation", DefaultSkipSSLValidation)
	if err != nil {
		ansi.Printf("@R{\u2717 skip_ssl_validation  %s}\n", err)
		fail = true
	} else if tf {
		ansi.Printf("@G{\u2713 skip_ssl_validation}  @C{yes}, SSL will @Y{NOT} be validated\n")
	} else {
		ansi.Printf("@G{\u2713 skip_ssl_validation}  @C{no}, SSL @Y{WILL} be validated\n")
	}

	if fail {
		return fmt.Errorf("s3: invalid configuration")
	}
	return nil
}
Ejemplo n.º 14
0
func getScalityConnInfo(e plugin.ShieldEndpoint) (ScalityConnectionInfo, error) {
	host, err := e.StringValue("scality_host")
	if err != nil {
		return ScalityConnectionInfo{}, err
	}

	insecure_ssl, err := e.BooleanValueDefault("skip_ssl_validation", DefaultSkipSSLValidation)
	if err != nil {
		return ScalityConnectionInfo{}, err
	}

	key, err := e.StringValue("access_key_id")
	if err != nil {
		return ScalityConnectionInfo{}, err
	}

	secret, err := e.StringValue("secret_access_key")
	if err != nil {
		return ScalityConnectionInfo{}, err
	}

	bucket, err := e.StringValue("bucket")
	if err != nil {
		return ScalityConnectionInfo{}, err
	}

	prefix, err := e.StringValueDefault("prefix", DefaultPrefix)
	if err != nil {
		return ScalityConnectionInfo{}, err
	}

	proxy, err := e.StringValueDefault("socks5_proxy", "")
	if err != nil {
		return ScalityConnectionInfo{}, err
	}

	return ScalityConnectionInfo{
		Host:              host,
		SkipSSLValidation: insecure_ssl,
		AccessKey:         key,
		SecretKey:         secret,
		Bucket:            bucket,
		PathPrefix:        prefix,
		SOCKS5Proxy:       proxy,
	}, nil
}
Ejemplo n.º 15
0
import (
	. "github.com/onsi/ginkgo"
	. "github.com/onsi/gomega"

	"github.com/starkandwayne/shield/plugin"
)

var _ = Describe("ShieldEndpoint", func() {
	endpoint := plugin.ShieldEndpoint{
		"stringVal": "asdf",
		"intVal":    1234,
		"floatVal":  1234.1234,
		"boolVal":   true,
		"arrayVal": []interface{}{
			"asdf",
			"fdsa",
		},
		"mapVal": map[string]interface{}{
			"key": "value",
		},
	}
	Describe("ArrayVal", func() {
		It("returns an array from the endpoint, when provided the right key", func() {
			expected := []interface{}{"asdf", "fdsa"}

			got, err := endpoint.ArrayValue("arrayVal")
			Expect(got).Should(BeEquivalentTo(expected))
			Expect(err).ShouldNot(HaveOccurred())
		})
		It("errors out when not pointed at an array", func() {