Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
S
Security Assessment
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Model registry
Operate
Environments
Monitor
Incidents
Service Desk
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
MEDINA
Public
Security Assessment
Commits
57b0767b
Commit
57b0767b
authored
1 year ago
by
Kunz, Immanuel
Browse files
Options
Downloads
Patches
Plain Diff
final iteration of the MEDINA security assessment
parent
c61730b5
No related branches found
No related tags found
No related merge requests found
Changes
3
Expand all
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
cmd/assessment/assessment.go
+36
-57
36 additions, 57 deletions
cmd/assessment/assessment.go
go.mod
+88
-35
88 additions, 35 deletions
go.mod
go.sum
+263
-1174
263 additions, 1174 deletions
go.sum
with
387 additions
and
1266 deletions
cmd/assessment/assessment.go
+
36
−
57
View file @
57b0767b
...
...
@@ -25,31 +25,23 @@
//
// This file is part of the MEDINA Framework.
package
main
import
(
"assessment"
"context"
"errors"
"fmt"
"net"
"net/http"
"os"
api_assessment
"clouditor.io/clouditor/api/assessment"
"clouditor.io/clouditor/logging/formatter"
"clouditor.io/clouditor/rest"
"clouditor.io/clouditor/service"
server_clouditor
"clouditor.io/clouditor/server"
"clouditor.io/clouditor/server/rest"
"golang.org/x/oauth2/clientcredentials"
"google.golang.org/grpc"
"google.golang.org/grpc/reflection"
service_assessment
"clouditor.io/clouditor/service/assessment"
grpc_middleware
"github.com/grpc-ecosystem/go-grpc-middleware"
grpc_auth
"github.com/grpc-ecosystem/go-grpc-middleware/auth"
grpc_logrus
"github.com/grpc-ecosystem/go-grpc-middleware/logging/logrus"
grpc_ctxtags
"github.com/grpc-ecosystem/go-grpc-middleware/tags"
"github.com/sirupsen/logrus"
)
...
...
@@ -106,6 +98,10 @@ func init() {
}
func
main
()
{
var
(
err
error
)
log
.
Logger
.
Formatter
=
formatter
.
CapitalizeFormatter
{
Formatter
:
&
logrus
.
TextFormatter
{
ForceColors
:
false
,
...
...
@@ -128,30 +124,6 @@ func main() {
log
.
Infof
(
"Orchestrator URL is set to %s"
,
orchestratorUrl
)
log
.
Infof
(
"Evidence Store URL is set to %s"
,
evidenceStoreUrl
)
grpcLogger
:=
logrus
.
New
()
grpcLogger
.
Formatter
=
&
formatter
.
GRPCFormatter
{
TextFormatter
:
logrus
.
TextFormatter
{
ForceColors
:
true
}}
grpcLoggerEntry
:=
grpcLogger
.
WithField
(
"component"
,
"grpc"
)
// create a new socket for gRPC communication
sock
,
err
:=
net
.
Listen
(
"tcp"
,
fmt
.
Sprintf
(
":%d"
,
grpcPort
))
if
err
!=
nil
{
log
.
Errorf
(
"could not listen: %v"
,
err
)
}
authConfig
:=
service
.
ConfigureAuth
(
service
.
WithJWKSURL
(
jwksURL
))
defer
authConfig
.
Jwks
.
EndBackground
()
server
=
grpc
.
NewServer
(
grpc_middleware
.
WithUnaryServerChain
(
grpc_ctxtags
.
UnaryServerInterceptor
(
grpc_ctxtags
.
WithFieldExtractor
(
grpc_ctxtags
.
CodeGenRequestFieldExtractor
)),
grpc_logrus
.
UnaryServerInterceptor
(
grpcLoggerEntry
),
grpc_auth
.
UnaryServerInterceptor
(
authConfig
.
AuthFunc
),
),
grpc_middleware
.
WithStreamServerChain
(
grpc_ctxtags
.
StreamServerInterceptor
(
grpc_ctxtags
.
WithFieldExtractor
(
grpc_ctxtags
.
CodeGenRequestFieldExtractor
)),
grpc_logrus
.
StreamServerInterceptor
(
grpcLoggerEntry
),
grpc_auth
.
StreamServerInterceptor
(
authConfig
.
AuthFunc
),
))
// Create security assessment service with orchestrator and evidence store URL
assessmentService
=
service_assessment
.
NewService
(
service_assessment
.
WithOAuth2Authorizer
(
&
config
),
...
...
@@ -159,30 +131,37 @@ func main() {
service_assessment
.
WithEvidenceStoreAddress
(
evidenceStoreUrl
),
)
log
.
Debugf
(
"AssessmentService: %v"
,
assessmentService
)
api_assessment
.
RegisterAssessmentServer
(
server
,
assessmentService
)
// enable reflection, primary for testing in early stages
reflection
.
Register
(
server
)
// start the gRPC-HTTP gateway
go
func
()
{
err
=
rest
.
RunServer
(
context
.
Background
(),
grpcPort
,
httpPort
)
if
errors
.
Is
(
err
,
http
.
ErrServerClosed
)
{
os
.
Exit
(
0
)
return
}
log
.
Infof
(
"Starting gRPC endpoint on :%d"
,
grpcPort
)
// Add grpc opts
grpcOpts
:=
[]
grpc
.
ServerOption
{
// Add max grpc message sizes
grpc
.
MaxRecvMsgSize
(
1024
*
1024
*
20
),
grpc
.
MaxSendMsgSize
(
1024
*
1024
*
20
)}
// Start the gRPC server
_
,
server
,
err
=
server_clouditor
.
StartGRPCServer
(
fmt
.
Sprintf
(
"0.0.0.0:%d"
,
grpcPort
),
server_clouditor
.
WithJWKS
(
jwksURL
),
server_clouditor
.
WithAssessment
(
assessmentService
),
server_clouditor
.
WithReflection
(),
server_clouditor
.
WithAdditionalGRPCOpts
(
grpcOpts
),
)
if
err
!=
nil
{
log
.
Fatalf
(
"failed to serve gRPC-HTTP gateway: %v"
,
err
)
log
.
Errorf
(
"Failed to serve gRPC endpoint: %s"
,
err
)
return
}
}()
log
.
Infof
(
"Starting gRPC endpoint on :%d"
,
grpcPort
)
// serve the gRPC socket
if
err
:=
server
.
Serve
(
sock
);
err
!=
nil
{
log
.
Infof
(
"failed to serve gRPC endpoint: %s"
,
err
)
// Start the gRPC-HTTP gateway
err
=
rest
.
RunServer
(
context
.
Background
(),
grpcPort
,
httpPort
,
)
if
err
!=
nil
&&
err
!=
http
.
ErrServerClosed
{
log
.
Errorf
(
"failed to serve gRPC-HTTP gateway: %v"
,
err
)
return
}
log
.
Infof
(
"Stopping gRPC endpoint"
)
server
.
GracefulStop
()
}
This diff is collapsed.
Click to expand it.
go.mod
+
88
−
35
View file @
57b0767b
module assessment
go 1.1
8
go 1.1
9
require (
clouditor.io/clouditor
v1.
4.16
-0.202
20525122939-20845eab52da
github.com/grpc-ecosystem/go-grpc-middleware
v1.
3
.0
github.com/sirupsen/logrus
v1.
8.1
golang.org/x/oauth2
v0.
0.0-20220411215720-9780585627b5
google.golang.org/grpc
v1.4
6
.0
clouditor.io/clouditor
v1.
7.8
-0.202
30427074119-b75643ac8ace
github.com/grpc-ecosystem/go-grpc-middleware
v1.
4
.0
github.com/sirupsen/logrus
v1.
9.0
golang.org/x/oauth2
v0.
7.0
google.golang.org/grpc
v1.
5
4.0
)
require (
cloud.google.com/go/compute
v1.
5
.0 // indirect
github.com/MicahParks/keyfunc
v1.1.0
// indirect
github.com/MicahParks/keyfunc
v1.
9
.0 // indirect
github.com/MicahParks/keyfunc
/v2
v2.0.1
// indirect
github.com/OneOfOne/xxhash
v1.2.8 // indirect
github.com/agnivade/levenshtein
v1.1.1 // indirect
github.com/beorn7/perks
v1.0.1 // indirect
github.com/bmatcuk/doublestar/v4
v4.6.0 // indirect
github.com/bytecodealliance/wasmtime-go/v3
v3.0.2 // indirect
github.com/cenkalti/backoff/v4
v4.2.0 // indirect
github.com/cespare/xxhash
v1.1.0 // indirect
github.com/cespare/xxhash/v2
v2.2.0 // indirect
github.com/containerd/containerd
v1.6.19 // indirect
github.com/dgraph-io/badger/v3
v3.2103.5 // indirect
github.com/dgraph-io/ristretto
v0.1.1 // indirect
github.com/dustin/go-humanize
v1.0.1 // indirect
github.com/envoyproxy/protoc-gen-validate
v1.0.0 // indirect
github.com/fatih/structtag
v1.2.0 // indirect
github.com/felixge/httpsnoop
v1.0.3 // indirect
github.com/fsnotify/fsnotify
v1.6.0 // indirect
github.com/ghodss/yaml
v1.0.0 // indirect
github.com/go-ini/ini
v1.67.0 // indirect
github.com/go-logr/logr
v1.2.4 // indirect
github.com/go-logr/stdr
v1.2.2 // indirect
github.com/gobwas/glob
v0.2.3 // indirect
github.com/golang-jwt/jwt/v4
v4.4.1 // indirect
github.com/golang/protobuf
v1.5.2 // indirect
github.com/gogo/protobuf
v1.3.2 // indirect
github.com/golang-jwt/jwt/v4
v4.5.0 // indirect
github.com/golang-jwt/jwt/v5
v5.0.0 // indirect
github.com/golang/glog
v1.1.1 // indirect
github.com/golang/groupcache
v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/golang/protobuf
v1.5.3 // indirect
github.com/golang/snappy
v0.0.4 // indirect
github.com/google/addlicense
v1.1.1 // indirect
github.com/google/flatbuffers
v1.12.1 // indirect
github.com/google/gnostic
v0.6.9 // indirect
github.com/google/uuid
v1.3.0 // indirect
github.com/grpc-ecosystem/grpc-gateway/v2
v2.10.0 // indirect
github.com/jackc/chunkreader/v2
v2.0.1 // indirect
github.com/jackc/pgconn
v1.10.1 // indirect
github.com/jackc/pgio
v1.0.0 // indirect
github.com/jackc/pgpassfile
v1.0.0 // indirect
github.com/jackc/pgproto3/v2
v2.2.0 // indirect
github.com/jackc/pgservicefile
v0.0.0-20200714003250-2b9c44734f2b // indirect
github.com/jackc/pgtype
v1.9.1 // indirect
github.com/jackc/pgx/v4
v4.14.1 // indirect
github.com/jinzhu/inflection
v1.0.0 // indirect
github.com/jinzhu/now
v1.1.4 // indirect
github.com/gorilla/mux
v1.8.0 // indirect
github.com/grpc-ecosystem/grpc-gateway/v2
v2.15.2 // indirect
github.com/iancoleman/strcase
v0.2.0 // indirect
github.com/inconshreveable/mousetrap
v1.1.0 // indirect
github.com/klauspost/compress
v1.13.6 // indirect
github.com/kr/pretty
v0.3.1 // indirect
github.com/kr/text
v0.2.0 // indirect
github.com/logrusorgru/aurora/v3
v3.0.0 // indirect
github.com/mattn/go-sqlite3
v1.14.9 // indirect
github.com/open-policy-agent/opa
v0.40.0 // indirect
github.com/oxisto/oauth2go
v0.5.12 // indirect
github.com/lyft/protoc-gen-star
v0.6.2 // indirect
github.com/lyft/protoc-gen-star/v2
v2.0.3 // indirect
github.com/mattn/go-runewidth
v0.0.9 // indirect
github.com/matttproud/golang_protobuf_extensions
v1.0.4 // indirect
github.com/moby/locker
v1.0.1 // indirect
github.com/olekukonko/tablewriter
v0.0.5 // indirect
github.com/open-policy-agent/opa
v0.52.0 // indirect
github.com/opencontainers/go-digest
v1.0.0 // indirect
github.com/opencontainers/image-spec
v1.1.0-rc2 // indirect
github.com/oxisto/oauth2go
v0.9.0 // indirect
github.com/peterh/liner
v1.2.2 // indirect
github.com/pkg/errors
v0.9.1 // indirect
github.com/prometheus/client_golang
v1.15.0 // indirect
github.com/prometheus/client_model
v0.3.0 // indirect
github.com/prometheus/common
v0.42.0 // indirect
github.com/prometheus/procfs
v0.9.0 // indirect
github.com/rcrowley/go-metrics
v0.0.0-20201227073835-cf1acfcdf475 // indirect
github.com/rogpeppe/go-internal
v1.9.0 // indirect
github.com/spf13/afero
v1.9.5 // indirect
github.com/spf13/cobra
v1.7.0 // indirect
github.com/spf13/pflag
v1.0.5 // indirect
github.com/srikrsna/protoc-gen-gotag
v0.6.2 // indirect
github.com/tchap/go-patricia/v2
v2.3.1 // indirect
github.com/xeipuuv/gojsonpointer
v0.0.0-20190905194746-02993c407bfb // indirect
github.com/xeipuuv/gojsonreference
v0.0.0-20180127040603-bd5ef7bd5415 // indirect
github.com/yashtewari/glob-intersection
v0.1.0 // indirect
golang.org/x/crypto
v0.0.0-20220411220226-7b82a4e95df4 // indirect
golang.org/x/exp
v0.0.0-20220414153411-bcd21879b8fd // indirect
golang.org/x/net
v0.0.0-20220412020605-290c469a71a5 // indirect
golang.org/x/sys
v0.0.0-20220412211240-33da011f77ad // indirect
golang.org/x/text
v0.3.7 // indirect
golang.org/x/xerrors
v0.0.0-20220411194840-2f41105eb62f // indirect
go.opencensus.io
v0.23.0 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
v0.37.0 // indirect
go.opentelemetry.io/otel
v1.14.0 // indirect
go.opentelemetry.io/otel/exporters/otlp/internal/retry
v1.14.0 // indirect
go.opentelemetry.io/otel/exporters/otlp/otlptrace
v1.14.0 // indirect
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
v1.14.0 // indirect
go.opentelemetry.io/otel/metric
v0.34.0 // indirect
go.opentelemetry.io/otel/sdk
v1.14.0 // indirect
go.opentelemetry.io/otel/trace
v1.14.0 // indirect
go.opentelemetry.io/proto/otlp
v0.19.0 // indirect
go.uber.org/automaxprocs
v1.5.2 // indirect
golang.org/x/crypto
v0.8.0 // indirect
golang.org/x/exp
v0.0.0-20230425010034-47ecfdc1ba53 // indirect
golang.org/x/lint
v0.0.0-20210508222113-6edffad5e616 // indirect
golang.org/x/mod
v0.10.0 // indirect
golang.org/x/net
v0.9.0 // indirect
golang.org/x/sync
v0.1.0 // indirect
golang.org/x/sys
v0.7.0 // indirect
golang.org/x/text
v0.9.0 // indirect
golang.org/x/time
v0.3.0 // indirect
golang.org/x/tools
v0.8.0 // indirect
google.golang.org/appengine
v1.6.7 // indirect
google.golang.org/genproto
v0.0.0-202
2
04
07144326-9054f6ed7bac
// indirect
google.golang.org/protobuf
v1.
28
.0 // indirect
google.golang.org/genproto
v0.0.0-202
3
04
10155749-daa745c078e1
// indirect
google.golang.org/protobuf
v1.
30
.0 // indirect
gopkg.in/yaml.v2
v2.4.0 // indirect
gorm.io/driver/postgres
v1.3.1 // indirect
gorm.io/driver/sqlite
v1.3.1 // indirect
gorm.io/gorm
v1.23.2 // indirect
gopkg.in/yaml.v3
v3.0.1 // indirect
oras.land/oras-go/v2
v2.0.2 // indirect
)
This diff is collapsed.
Click to expand it.
go.sum
+
263
−
1174
View file @
57b0767b
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment