mirror of
https://github.com/fleetdm/fleet
synced 2026-05-24 09:28:54 +00:00
d4f48b6f9c
<!-- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> **Related issue:** The entire ACME feature branch merge # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files) for more information. - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements), JS inline code is prevented especially for url redirects, and untrusted data interpolated into shell scripts/commands is validated against shell metacharacters. - [x] Timeouts are implemented and retries are limited to avoid infinite loops ## Testing - [x] Added/updated automated tests - [x] Where appropriate, [automated tests simulate multiple hosts and test for host isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing) (updates to one hosts's records do not affect another) - [x] QA'd all new/changed functionality manually --------- Co-authored-by: Jordan Montgomery <elijah.jordan.montgomery@gmail.com> Co-authored-by: Martin Angers <martin.n.angers@gmail.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Co-authored-by: Gabriel Hernandez <ghernandez345@gmail.com> Co-authored-by: Sarah Gillespie <73313222+gillespi314@users.noreply.github.com>
42 lines
1.3 KiB
Go
42 lines
1.3 KiB
Go
// Package bootstrap provides the public entry point for the ACME service module.
|
|
// It wires together internal components and exposes them for use in serve.go.
|
|
package bootstrap
|
|
|
|
import (
|
|
"crypto/x509"
|
|
"log/slog"
|
|
|
|
"github.com/fleetdm/fleet/v4/server/mdm/acme"
|
|
"github.com/fleetdm/fleet/v4/server/mdm/acme/api"
|
|
"github.com/fleetdm/fleet/v4/server/mdm/acme/internal/mysql"
|
|
"github.com/fleetdm/fleet/v4/server/mdm/acme/internal/service"
|
|
eu "github.com/fleetdm/fleet/v4/server/platform/endpointer"
|
|
platform_mysql "github.com/fleetdm/fleet/v4/server/platform/mysql"
|
|
"github.com/go-kit/kit/endpoint"
|
|
)
|
|
|
|
type ServiceOption = service.ServiceOption
|
|
|
|
// New creates a new ACME service module and returns its service and route handler.
|
|
func New(
|
|
dbConns *platform_mysql.DBConnections,
|
|
redisPool acme.RedisPool,
|
|
providers acme.DataProviders,
|
|
logger *slog.Logger,
|
|
opts ...ServiceOption,
|
|
) (api.Service, func(authMiddleware endpoint.Middleware) eu.HandlerRoutesFunc) {
|
|
ds := mysql.NewDatastore(dbConns, logger)
|
|
svc := service.NewService(ds, redisPool, providers, logger, opts...)
|
|
|
|
routesFn := func(authMiddleware endpoint.Middleware) eu.HandlerRoutesFunc {
|
|
return service.GetRoutes(svc, authMiddleware)
|
|
}
|
|
|
|
return svc, routesFn
|
|
}
|
|
|
|
func WithTestAppleRootCAs(rootCAs *x509.CertPool) ServiceOption {
|
|
return func(svc *service.Service) {
|
|
svc.TestAppleRootCAs = rootCAs
|
|
}
|
|
}
|