Skip to content

Update moroz based on latest santa client #32

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jun 7, 2023
Merged

Update moroz based on latest santa client #32

merged 3 commits into from
Jun 7, 2023

Conversation

@bfreezy
Copy link
Collaborator

@bfreezy bfreezy commented Jun 7, 2023
edited
Loading

Bringing in the latest changes based on https://santa.dev/development/sync-protocol.html

Removals on Rule type:

  • removes sha256 field, seems to be deprecated? Going forward, all rules will use the identifier field for the sha256, team id, or signing id value.

Additions to Rule type:

  • adds team id rule type
  • adds signing id rule type

Additions to Preflight response:

  • adds full_sync_interval. This is a required in the response from the server

Additions to Policy type:

  • adds REMOVE policy for instances that an admin wants the santa client to remove a rule

Updates all tests.

Local test (client):

❯ sudo santactl sync --debug
SyncBaseURL is not over HTTPS!
Preflight starting
Performing request, attempt 1
Clean sync requested by server
Preflight complete
Event upload starting
Event upload complete
Rule download starting
Performing request, attempt 1
Received 8 rules
Processed 8 rules
Rule download complete
Postflight starting
Performing request, attempt 1
Postflight complete
Sync completed successfully
❯ santactl status
>>> Daemon Info
  Mode                      | Monitor
  Log Type                  | syslog
  File Logging              | Yes
  USB Blocking              | No
  Watchdog CPU Events       | 0  (Peak: 11.77%)
  Watchdog RAM Events       | 0  (Peak: 233.80MB)
>>> Cache Info
  Root cache count          | 146
  Non-root cache count      | 0
>>> Database Info
  Binary Rules              | 5
  Certificate Rules         | 0
  TeamID Rules              | 1
  SigningID Rules           | 2
  Compiler Rules            | 4
  Transitive Rules          | 0
  Events Pending Upload     | 42
>>> Watch Items
  Enabled                   | No
>>> Sync Info
  Sync Server               | http://santa/v1/santa/
  Clean Sync Required       | No
  Last Successful Full Sync | 2023/06/07 13:03:21 -0500
  Last Successful Rule Sync | 2023/06/07 13:03:21 -0500
  Push Notifications        | Disconnected
  Bundle Scanning           | No
  Transitive Rules          | Yes

Server side logs:

❯ ./build/darwin/moroz -configs ./configs/global.toml -http-addr=:80 -tls-cert ./server.crt -tls-key ./server.key -use-tls=false -debug
{"addr":":80","caller":"main.go:109","msg":"serve http","severity":"debug","tls":false,"ts":"2023-06-07T18:02:56.845724Z"}
{"caller":"svc_preflight.go:75","err":null,"machine_id":"eng","method":"Preflight","severity":"info","took":"297.75µs","ts":"2023-06-07T18:02:59.787469Z"}
{"caller":"svc_rule_download.go:69","err":null,"machine_id":"eng","method":"RuleDownload","severity":"info","took":"235.208µs","ts":"2023-06-07T18:02:59.791313Z"}
{"caller":"svc_preflight.go:75","err":null,"machine_id":"eng","method":"Preflight","severity":"info","took":"509.875µs","ts":"2023-06-07T18:03:21.625395Z"}
{"caller":"svc_rule_download.go:69","err":null,"machine_id":"eng","method":"RuleDownload","severity":"info","took":"336.667µs","ts":"2023-06-07T18:03:21.632821Z"}

Local test log:

go test -cover -race -v github.com/groob/moroz/cmd/moroz github.com/groob/moroz/moroz github.com/groob/moroz/santa github.com/groob/moroz/santaconfig
?   	github.com/groob/moroz/cmd/moroz	[no test files]
?   	github.com/groob/moroz/moroz	[no test files]
=== RUN   TestConfigMarshalUnmarshal
--- PASS: TestConfigMarshalUnmarshal (0.00s)
PASS
coverage: 77.1% of statements
ok  	github.com/groob/moroz/santa	(cached)	coverage: 77.1% of statements
?   	github.com/groob/moroz/santaconfig	[no test files]

@bfreezy bfreezy requested a review from weswhet June 7, 2023 18:21
wesw-stripe
wesw-stripe approved these changes Jun 7, 2023
View reviewed changes
Copy link

@wesw-stripe wesw-stripe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🥳

@bfreezy bfreezy merged commit 4e25732 into groob:master Jun 7, 2023
This was referenced Jun 7, 2023
Open
Closed
Closed
virtualpeter pushed a commit to virtualpeter/moroz that referenced this pull request Jun 28, 2023
@bfreezy @brandonfriess-stripe @virtualpeter
Update moroz based on latest santa client (groob#32)
44eb2b8 
* update santa config with upstream

* update tests and configs

* tweak to print output; don't return new line

---------

Co-authored-by: Brandon Friess <brandonfriess@stripe.com>
virtualpeter pushed a commit to virtualpeter/moroz that referenced this pull request Jun 28, 2023
@bfreezy @brandonfriess-stripe @virtualpeter
Update moroz based on latest santa client (groob#32)
fd9f341 
* update santa config with upstream

* update tests and configs

* tweak to print output; don't return new line

---------

Co-authored-by: Brandon Friess <brandonfriess@stripe.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@weswhet weswhet weswhet approved these changes

+1 more reviewer

@wesw-stripe wesw-stripe wesw-stripe approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@bfreezy @weswhet @wesw-stripe @brandonfriess-stripe