mirror of
https://github.com/fleetdm/fleet
synced 2026-04-27 16:37:55 +00:00
8509b18c46
**Related issue:** Resolves #42754 # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files) for more information. - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements), JS inline code is prevented especially for url redirects, and untrusted data interpolated into shell scripts/commands is validated against shell metacharacters. ## Testing - [x] Added/updated automated tests - [x] QA'd all new/changed functionality manually <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Bug Fixes** * Improved app manifest retrieval with automatic fallback to hosted copies when the primary source is unavailable, reducing sync failures. * **Documentation** * Clarified that Fleet will fall back to hosted manifest copies if the new manifest site is inaccessible. * **New Features** * Streamlined maintained-app synchronization to use a simpler sync entrypoint and unified primary/fallback fetch logic. * **Tests** * Added comprehensive tests for primary/fallback fetch flows, error handling, large-response truncation, and environment-based overrides. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
138 lines
4.5 KiB
Go
138 lines
4.5 KiB
Go
package maintained_apps
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"os"
|
|
"path/filepath"
|
|
"runtime"
|
|
"testing"
|
|
|
|
"github.com/fleetdm/fleet/v4/server/dev_mode"
|
|
"github.com/fleetdm/fleet/v4/server/fleet"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
// SyncApps ingests the maintained apps from the apps list manifest
|
|
// to fill the library of maintained apps with valid data for tests.
|
|
// It returns the results of the ingestion as a slice of
|
|
// fleet.MaintainedApps.
|
|
func SyncApps(t *testing.T, ds fleet.Datastore) []fleet.MaintainedApp {
|
|
_, filename, _, _ := runtime.Caller(0)
|
|
base := filepath.Dir(filepath.Dir(filepath.Dir(filepath.Dir(filename))))
|
|
outputsDir := filepath.Join(base, "ee/maintained-apps/outputs")
|
|
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
b, err := os.ReadFile(filepath.Join(outputsDir, r.URL.Path))
|
|
if err != nil {
|
|
if os.IsNotExist(err) {
|
|
w.WriteHeader(http.StatusNotFound)
|
|
return
|
|
}
|
|
w.WriteHeader(http.StatusInternalServerError)
|
|
_, _ = w.Write([]byte(err.Error()))
|
|
return
|
|
}
|
|
_, _ = w.Write(b)
|
|
}))
|
|
defer srv.Close()
|
|
|
|
// not using t.Setenv because we want the env var to be unset on return of
|
|
// this call
|
|
dev_mode.SetOverride("FLEET_DEV_MAINTAINED_APPS_BASE_URL", srv.URL)
|
|
defer dev_mode.ClearOverride("FLEET_DEV_MAINTAINED_APPS_BASE_URL")
|
|
dev_mode.SetOverride("FLEET_DEV_MAINTAINED_APPS_FALLBACK_BASE_URL", srv.URL)
|
|
defer dev_mode.ClearOverride("FLEET_DEV_MAINTAINED_APPS_FALLBACK_BASE_URL")
|
|
|
|
err := SyncAppsList(context.Background(), ds)
|
|
require.NoError(t, err)
|
|
|
|
apps, _, err := ds.ListAvailableFleetMaintainedApps(context.Background(), nil, fleet.ListOptions{
|
|
OrderKey: "slug",
|
|
})
|
|
require.NoError(t, err)
|
|
return apps
|
|
}
|
|
|
|
// ExpectedAppSlugs returns the list of app slugs (unique identifier) that are
|
|
// expected to be in the maintained apps library after ingestion. The slugs are
|
|
// taken from the apps.json list.
|
|
func ExpectedAppSlugs(t *testing.T) []string {
|
|
_, filename, _, _ := runtime.Caller(0)
|
|
base := filepath.Dir(filepath.Dir(filepath.Dir(filepath.Dir(filename))))
|
|
outputsDir := filepath.Join(base, "ee/maintained-apps/outputs")
|
|
b, err := os.ReadFile(filepath.Join(outputsDir, "apps.json"))
|
|
require.NoError(t, err)
|
|
|
|
var appsList AppsList
|
|
err = json.Unmarshal(b, &appsList)
|
|
require.NoError(t, err)
|
|
|
|
slugs := make([]string, len(appsList.Apps))
|
|
for i, app := range appsList.Apps {
|
|
slugs[i] = app.Slug
|
|
}
|
|
return slugs
|
|
}
|
|
|
|
func SyncAndRemoveApps(t *testing.T, ds fleet.Datastore) {
|
|
_, filename, _, _ := runtime.Caller(0)
|
|
base := filepath.Dir(filepath.Dir(filepath.Dir(filepath.Dir(filename))))
|
|
outputsDir := filepath.Join(base, "ee/maintained-apps/outputs")
|
|
|
|
b, err := os.ReadFile(filepath.Join(outputsDir, "apps.json"))
|
|
require.NoError(t, err)
|
|
var appsFile AppsList
|
|
require.NoError(t, json.Unmarshal(b, &appsFile))
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
data, err := json.Marshal(&appsFile)
|
|
if err != nil {
|
|
w.WriteHeader(http.StatusInternalServerError)
|
|
_, _ = w.Write([]byte(err.Error()))
|
|
return
|
|
}
|
|
_, _ = w.Write(data)
|
|
}))
|
|
defer srv.Close()
|
|
|
|
// not using t.Setenv because we want the env var to be unset on return of
|
|
// this call
|
|
dev_mode.SetOverride("FLEET_DEV_MAINTAINED_APPS_BASE_URL", srv.URL)
|
|
defer dev_mode.ClearOverride("FLEET_DEV_MAINTAINED_APPS_BASE_URL")
|
|
|
|
err = SyncAppsList(context.Background(), ds)
|
|
require.NoError(t, err)
|
|
|
|
originalApps, _, err := ds.ListAvailableFleetMaintainedApps(context.Background(), nil, fleet.ListOptions{})
|
|
require.NoError(t, err)
|
|
|
|
require.Equal(t, len(appsFile.Apps), len(originalApps))
|
|
|
|
// Modify the apps list to simulate removing an app from upstream
|
|
removedApp := appsFile.Apps[0]
|
|
appsFile.Apps = appsFile.Apps[1:]
|
|
|
|
err = SyncAppsList(context.Background(), ds)
|
|
require.NoError(t, err)
|
|
|
|
modifiedApps, _, err := ds.ListAvailableFleetMaintainedApps(context.Background(), nil, fleet.ListOptions{})
|
|
require.NoError(t, err)
|
|
|
|
require.Equal(t, len(appsFile.Apps), len(modifiedApps))
|
|
require.Equal(t, len(originalApps)-1, len(modifiedApps))
|
|
for _, a := range modifiedApps {
|
|
require.NotEqual(t, removedApp.Slug, a.Slug)
|
|
}
|
|
|
|
// remove all apps from upstream.
|
|
appsFile.Apps = []appListing{}
|
|
|
|
err = SyncAppsList(context.Background(), ds)
|
|
require.NoError(t, err)
|
|
|
|
modifiedApps, _, err = ds.ListAvailableFleetMaintainedApps(context.Background(), nil, fleet.ListOptions{})
|
|
require.ErrorIs(t, err, &fleet.NoMaintainedAppsInDatabaseError{})
|
|
require.Empty(t, modifiedApps)
|
|
}
|