func getRedisEndpoint(endpoint plugin.ShieldEndpoint) (RedisEndpoint, error) {
mode, err := endpoint.StringValue("redis_type")
if err != nil {
return RedisEndpoint{}, err
}
return RedisEndpoint{Mode: mode}, nil
}
// Called when you want to restore data Examine the ShieldEndpoint passed in, and perform actions accordingly
func (p DummyPlugin) Restore(endpoint plugin.ShieldEndpoint) error {
file, err := endpoint.StringValue("file")
if err != nil {
return err
}
return plugin.Exec(fmt.Sprintf("/bin/sh -c \"/bin/cat > %s\"", file), plugin.STDIN)
}
// Called when you want to back data up. Examine the ShieldEndpoint passed in, and perform actions accordingly
func (p DummyPlugin) Backup(endpoint plugin.ShieldEndpoint) error {
data, err := endpoint.StringValue("data")
if err != nil {
return err
}
return plugin.Exec(fmt.Sprintf("/bin/echo %s", data), plugin.STDOUT)
}
// Called when you want to retreive backup data. Examine the ShieldEndpoint passed in, and perform actions accordingly
func (p DummyPlugin) Retrieve(endpoint plugin.ShieldEndpoint, file string) error {
directory, err := endpoint.StringValue("directory")
if err != nil {
return err
}
return plugin.Exec(fmt.Sprintf("/bin/cat %s/%s", directory, file), plugin.STDOUT)
}
// Called when you want to store backup data. Examine the ShieldEndpoint passed in, and perform actions accordingly
func (p DummyPlugin) Store(endpoint plugin.ShieldEndpoint) (string, error) {
directory, err := endpoint.StringValue("directory")
if err != nil {
return "", err
}
file := plugin.GenUUID()
err = plugin.Exec(fmt.Sprintf("/bin/sh -c \"/bin/cat > %s/%s\"", directory, file), plugin.STDIN)
return file, err
}
func getFSConfig(endpoint plugin.ShieldEndpoint) (*FSConfig, error) {
include, err := endpoint.StringValueDefault("include", "")
if err != nil {
return nil, err
}
exclude, err := endpoint.StringValueDefault("exclude", "")
if err != nil {
return nil, err
}
bsdtar, err := endpoint.StringValueDefault("bsdtar", DefaultBsdTar)
if err != nil {
return nil, err
}
base_dir, err := endpoint.StringValue("base_dir")
if err != nil {
return nil, err
}
return &FSConfig{
Include: include,
Exclude: exclude,
BasePath: base_dir,
BsdTar: bsdtar,
}, nil
}
func getRabbitMQEndpoint(endpoint plugin.ShieldEndpoint) (RabbitMQEndpoint, error) {
url, err := endpoint.StringValue("rmq_url")
if err != nil {
return RabbitMQEndpoint{}, err
}
user, err := endpoint.StringValue("rmq_username")
if err != nil {
return RabbitMQEndpoint{}, err
}
passwd, err := endpoint.StringValue("rmq_password")
if err != nil {
return RabbitMQEndpoint{}, err
}
sslValidate, err := endpoint.BooleanValue("skip_ssl_validation")
if err != nil {
return RabbitMQEndpoint{}, err
}
return RabbitMQEndpoint{
Username: user,
Password: passwd,
URL: url,
SkipSSLValidation: sslValidate,
}, nil
}
func (p RedisBrokerPlugin) Validate(endpoint plugin.ShieldEndpoint) error {
var (
s string
err error
fail bool
)
s, err = endpoint.StringValue("redis_type")
if err != nil {
ansi.Printf("@R{\u2717 redis_type %s}\n", err)
fail = true
} else {
ansi.Printf("@G{\u2713 redis_type} @C{%s}\n", s)
}
if fail {
return fmt.Errorf("postgres: invalid configuration")
}
return nil
}
// Called to validate endpoints from the command line
func (p DummyPlugin) Validate(endpoint plugin.ShieldEndpoint) error {
var (
s string
err error
fail bool
)
s, err = endpoint.StringValue("data")
if err != nil {
ansi.Printf("@R{\u2717 data %s}\n", err)
fail = true
} else {
ansi.Printf("@G{\u2713 data} @C{%s}\n", s)
}
if fail {
return fmt.Errorf("dummy: invalid configuration")
}
return nil
}
func (p FSPlugin) Validate(endpoint plugin.ShieldEndpoint) error {
var (
s string
err error
fail bool
)
s, err = endpoint.StringValue("base_dir")
if err != nil {
ansi.Printf("@R{\u2717 base_dir %s}\n", err)
fail = true
} else {
ansi.Printf("@G{\u2713 base_dir} files in @C{%s} will be backed up\n", s)
}
s, err = endpoint.StringValueDefault("include", "")
if err != nil {
ansi.Printf("@R{\u2717 include %s}\n", err)
fail = true
} else if s == "" {
ansi.Printf("@G{\u2713 include} all files will be included\n")
} else {
ansi.Printf("@G{\u2713 include} only files matching @C{%s} will be backed up\n", s)
}
s, err = endpoint.StringValueDefault("exclude", "")
if err != nil {
ansi.Printf("@R{\u2717 base_dir %s}\n", err)
fail = true
} else if s == "" {
ansi.Printf("@G{\u2713 exclude} no files will be excluded\n")
} else {
ansi.Printf("@G{\u2713 exclude} files matching @C{%s} will be skipped\n", s)
}
s, err = endpoint.StringValueDefault("bsdtar", "")
if err != nil {
ansi.Printf("@R{\u2717 bsdtar %s}\n", err)
fail = true
} else if s == "" {
ansi.Printf("@G{\u2713 bsdtar} using default @C{%s}\n", DefaultBsdTar)
} else {
ansi.Printf("@G{\u2713 bsdtar} @C{%s}\n", s)
}
if fail {
return fmt.Errorf("fs: invalid configuration")
}
return nil
}
func (p RabbitMQBrokerPlugin) Validate(endpoint plugin.ShieldEndpoint) error {
var (
s string
err error
fail bool
)
s, err = endpoint.StringValue("rmq_url")
if err != nil {
ansi.Printf("@R{\u2717 rmq_url %s}\n", err)
fail = true
} else {
ansi.Printf("@G{\u2713 rmq_url} @C{%s}\n", s)
}
s, err = endpoint.StringValue("rmq_username")
if err != nil {
ansi.Printf("@R{\u2717 rmq_username %s}\n", err)
fail = true
} else {
ansi.Printf("@G{\u2713 rmq_username} @C{%s}\n", s)
}
s, err = endpoint.StringValue("rmq_password")
if err != nil {
ansi.Printf("@R{\u2717 rmq_password %s}\n", err)
fail = true
} else {
ansi.Printf("@G{\u2713 rmq_password} @C{%s}\n", s)
}
tf, err := endpoint.BooleanValueDefault("skip_ssl_validation", false)
if err != nil {
ansi.Printf("@R{\u2717 skip_ssl_validation %s}\n", err)
fail = true
} else {
if tf {
ansi.Printf("@G{\u2713 skip_ssl_validation} @C{yes}, SSL will @Y{NOT} be validated\n")
} else {
ansi.Printf("@G{\u2713 skip_ssl_validation} @C{no}, SSL @Y{WILL} be validated\n")
}
}
if fail {
return fmt.Errorf("rabbitmq-broker: invalid configuration")
}
return nil
}
func getS3ConnInfo(e plugin.ShieldEndpoint) (S3ConnectionInfo, error) {
host, err := e.StringValueDefault("s3_host", DefaultS3Host)
if err != nil {
return S3ConnectionInfo{}, err
}
insecure_ssl, err := e.BooleanValueDefault("skip_ssl_validation", DefaultSkipSSLValidation)
if err != nil {
return S3ConnectionInfo{}, err
}
key, err := e.StringValue("access_key_id")
if err != nil {
return S3ConnectionInfo{}, err
}
secret, err := e.StringValue("secret_access_key")
if err != nil {
return S3ConnectionInfo{}, err
}
bucket, err := e.StringValue("bucket")
if err != nil {
return S3ConnectionInfo{}, err
}
prefix, err := e.StringValueDefault("prefix", DefaultPrefix)
if err != nil {
return S3ConnectionInfo{}, err
}
sigVer, err := e.StringValueDefault("signature_version", DefaultSigVersion)
if !validSigVersion(sigVer) {
return S3ConnectionInfo{}, fmt.Errorf("Invalid `signature_version` specified (`%s`). Expected `2` or `4`", sigVer)
}
proxy, err := e.StringValueDefault("socks5_proxy", "")
if err != nil {
return S3ConnectionInfo{}, err
}
return S3ConnectionInfo{
Host: host,
SkipSSLValidation: insecure_ssl,
AccessKey: key,
SecretKey: secret,
Bucket: bucket,
PathPrefix: prefix,
SignatureVersion: sigVer,
SOCKS5Proxy: proxy,
}, nil
}
func (p S3Plugin) Validate(endpoint plugin.ShieldEndpoint) error {
var (
s string
err error
fail bool
)
s, err = endpoint.StringValueDefault("s3_host", DefaultS3Host)
if err != nil {
ansi.Printf("@R{\u2717 s3_host %s}\n", err)
fail = true
} else {
ansi.Printf("@G{\u2713 s3_host} @C{%s}\n", s)
}
s, err = endpoint.StringValue("access_key_id")
if err != nil {
ansi.Printf("@R{\u2717 access_key_id %s}\n", err)
fail = true
} else {
ansi.Printf("@G{\u2713 access_key_id} @C{%s}\n", s)
}
s, err = endpoint.StringValue("secret_access_key")
if err != nil {
ansi.Printf("@R{\u2717 secret_access_key %s}\n", err)
fail = true
} else {
ansi.Printf("@G{\u2713 secret_access_key} @C{%s}\n", s)
}
s, err = endpoint.StringValue("bucket")
if err != nil {
ansi.Printf("@R{\u2717 bucket %s}\n", err)
fail = true
} else {
ansi.Printf("@G{\u2713 bucket} @C{%s}\n", s)
}
s, err = endpoint.StringValueDefault("prefix", DefaultPrefix)
if err != nil {
ansi.Printf("@R{\u2717 prefix %s}\n", err)
fail = true
} else if s == "" {
ansi.Printf("@G{\u2713 prefix} (none)\n")
} else {
ansi.Printf("@G{\u2713 prefix} @C{%s}\n", s)
}
s, err = endpoint.StringValueDefault("signature_version", DefaultSigVersion)
if err != nil {
ansi.Printf("@R{\u2717 signature_version %s}\n", err)
fail = true
} else if !validSigVersion(s) {
ansi.Printf("@R{\u2717 signature_version Unexpected signature version '%s' found (expecting '2' or '4')}\n", s)
fail = true
} else {
ansi.Printf("@G{\u2713 signature_version} @C{%s}\n", s)
}
s, err = endpoint.StringValueDefault("socks5_proxy", "")
if err != nil {
ansi.Printf("@R{\u2717 socks5_proxy %s}\n", err)
fail = true
} else if s == "" {
ansi.Printf("@G{\u2713 socks5_proxy} (no proxy will be used)\n")
} else {
ansi.Printf("@G{\u2713 socks5_proxy} @C{%s}\n", s)
}
tf, err := endpoint.BooleanValueDefault("skip_ssl_validation", DefaultSkipSSLValidation)
if err != nil {
ansi.Printf("@R{\u2717 skip_ssl_validation %s}\n", err)
fail = true
} else if tf {
ansi.Printf("@G{\u2713 skip_ssl_validation} @C{yes}, SSL will @Y{NOT} be validated\n")
} else {
ansi.Printf("@G{\u2713 skip_ssl_validation} @C{no}, SSL @Y{WILL} be validated\n")
}
if fail {
return fmt.Errorf("s3: invalid configuration")
}
return nil
}
func getScalityConnInfo(e plugin.ShieldEndpoint) (ScalityConnectionInfo, error) {
host, err := e.StringValue("scality_host")
if err != nil {
return ScalityConnectionInfo{}, err
}
insecure_ssl, err := e.BooleanValueDefault("skip_ssl_validation", DefaultSkipSSLValidation)
if err != nil {
return ScalityConnectionInfo{}, err
}
key, err := e.StringValue("access_key_id")
if err != nil {
return ScalityConnectionInfo{}, err
}
secret, err := e.StringValue("secret_access_key")
if err != nil {
return ScalityConnectionInfo{}, err
}
bucket, err := e.StringValue("bucket")
if err != nil {
return ScalityConnectionInfo{}, err
}
prefix, err := e.StringValueDefault("prefix", DefaultPrefix)
if err != nil {
return ScalityConnectionInfo{}, err
}
proxy, err := e.StringValueDefault("socks5_proxy", "")
if err != nil {
return ScalityConnectionInfo{}, err
}
return ScalityConnectionInfo{
Host: host,
SkipSSLValidation: insecure_ssl,
AccessKey: key,
SecretKey: secret,
Bucket: bucket,
PathPrefix: prefix,
SOCKS5Proxy: proxy,
}, nil
}
import (
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
"github.com/starkandwayne/shield/plugin"
)
var _ = Describe("ShieldEndpoint", func() {
endpoint := plugin.ShieldEndpoint{
"stringVal": "asdf",
"intVal": 1234,
"floatVal": 1234.1234,
"boolVal": true,
"arrayVal": []interface{}{
"asdf",
"fdsa",
},
"mapVal": map[string]interface{}{
"key": "value",
},
}
Describe("ArrayVal", func() {
It("returns an array from the endpoint, when provided the right key", func() {
expected := []interface{}{"asdf", "fdsa"}
got, err := endpoint.ArrayValue("arrayVal")
Expect(got).Should(BeEquivalentTo(expected))
Expect(err).ShouldNot(HaveOccurred())
})
It("errors out when not pointed at an array", func() {