Send dataYaml updates to bundle (#86)

Author: yashtewari

beater/bundle/bundle.go

@@ -18,18 +18,19 @@
 package bundle
 
 import (
+	"fmt"
 	"net/http"
 	"time"
 
 	"github.com/elastic/beats/v7/libbeat/logp"
 	csppolicies "github.com/elastic/csp-security-policies/bundle"
 )
 
-var address = "127.0.0.1:18080"
+var (
+	address = "127.0.0.1:18080"
 
-var ServerAddress = "http://" + address
-
-var Config = `{
+	ServerAddress = fmt.Sprintf("http://%s", address)
+	Config        = `{
         "services": {
             "test": {
                 "url": %q
@@ -44,16 +45,16 @@ var Config = `{
             "console": true
         }
     }`
+)
 
 func StartServer() (*http.Server, error) {
 	policies, err := csppolicies.CISKubernetes()
 	if err != nil {
 		return nil, err
 	}
 
-	bundleServer := csppolicies.NewServer()
-	err = bundleServer.HostBundle("bundle.tar.gz", policies)
-	if err != nil {
+	h := csppolicies.NewServer()
+	if err := csppolicies.HostBundle("bundle.tar.gz", policies); err != nil {
 		return nil, err
 	}
 
@@ -62,7 +63,7 @@ func StartServer() (*http.Server, error) {
 		WriteTimeout: time.Second * 15,
 		ReadTimeout:  time.Second * 15,
 		IdleTimeout:  time.Second * 60,
-		Handler:      bundleServer,
+		Handler:      h,
 	}
 
 	go func() {

beater/cloudbeat.go

@@ -21,18 +21,20 @@ import (
 	"context"
 	"fmt"
 
+	"github.com/elastic/cloudbeat/config"
 	"github.com/elastic/cloudbeat/evaluator"
+	_ "github.com/elastic/cloudbeat/processor" // Add cloudbeat default processors.
+	"github.com/elastic/cloudbeat/resources/manager"
+	"github.com/elastic/cloudbeat/transformer"
 
 	"github.com/elastic/beats/v7/libbeat/beat"
 	"github.com/elastic/beats/v7/libbeat/common"
 	"github.com/elastic/beats/v7/libbeat/logp"
 	"github.com/elastic/beats/v7/libbeat/processors"
-	"github.com/elastic/cloudbeat/config"
-	_ "github.com/elastic/cloudbeat/processor" // Add cloudbeat default processors.
-	"github.com/elastic/cloudbeat/resources/manager"
-	"github.com/elastic/cloudbeat/transformer"
+	csppolicies "github.com/elastic/csp-security-policies/bundle"
 
 	"github.com/gofrs/uuid"
+	"gopkg.in/yaml.v3"
 )
 
 // cloudbeat configuration.
@@ -153,9 +155,39 @@ func (bt *cloudbeat) Run(b *beat.Beat) error {
 
 		case update := <-bt.configUpdates:
 			if err := bt.config.Update(update); err != nil {
-				logp.L().Errorf("could not update cloudbeat config: %v", err)
+				logp.L().Errorf("Could not update cloudbeat config: %v", err)
+				break
+			}
+
+			policies, err := csppolicies.CISKubernetes()
+			if err != nil {
+				logp.L().Errorf("Could not load CIS Kubernetes policies: %v", err)
+				break
+			}
+
+			if len(bt.config.Streams) == 0 {
+				logp.L().Infof("Did not receive any input stream, skipping.")
+				break
+			}
+
+			// TODO(yashtewari): Figure out the scenarios in which the integration sends
+			// multiple input streams. Since only one instance of our integration is allowed per
+			// agent policy, is it even possible that multiple input streams are received?
+			y, err := yaml.Marshal(bt.config.Streams[0].DataYaml)
+			if err != nil {
+				logp.L().Errorf("Could not marshal to YAML: %v", err)
+				break
 			}
 
+			s := string(y)
+
+			if err := csppolicies.HostBundleWithDataYaml("bundle.tar.gz", policies, s); err != nil {
+				logp.L().Errorf("Could not update bundle with dataYaml: %v", err)
+				break
+			}
+
+			logp.L().Infof("Bundle updated with dataYaml: %s", s)
+
 		case fetchedResources := <-output:
 			cycleId, _ := uuid.NewV4()
 			bt.log.Debugf("Cycle % has started", cycleId)

go.mod

@@ -54,7 +54,7 @@ require (
 	github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21 // indirect
 	github.com/eapache/queue v1.1.0 // indirect
 	github.com/elastic/beats/v7 v7.0.0-alpha2.0.20220413140705-d101ba1d2ae5
-	github.com/elastic/csp-security-policies v0.0.16-go-lib
+	github.com/elastic/csp-security-policies v1.0.0
 	github.com/ghodss/yaml v1.0.0 // indirect
 	github.com/go-ini/ini v1.66.4 // indirect
 	github.com/go-logr/logr v1.2.2 // indirect
@@ -102,7 +102,7 @@ require (
 	golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b // indirect
 	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
-	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
+	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b
 	k8s.io/klog/v2 v2.30.0 // indirect
 	k8s.io/kube-openapi v0.0.0-20211115234752-e816edb12b65 // indirect
 	k8s.io/utils v0.0.0-20211116205334-6203023598ed // indirect

go.sum

@@ -517,6 +517,10 @@ github.com/elastic/beats/v7 v7.0.0-alpha2.0.20220413140705-d101ba1d2ae5 h1:kINUJ
 github.com/elastic/beats/v7 v7.0.0-alpha2.0.20220413140705-d101ba1d2ae5/go.mod h1:PhsCH91qJN33+rN/L8q2jWILmswlezJ6T+MMM6EDc8g=
 github.com/elastic/csp-security-policies v0.0.16-go-lib h1:i6Ugg9cKiOTPnVThTDVq2O7MNn2Ek/c45Wc+GsOVYtE=
 github.com/elastic/csp-security-policies v0.0.16-go-lib/go.mod h1:24NNr0b/5HTGtndJOmhrefb59rd7NjuqI/To39tgn+w=
+github.com/elastic/csp-security-policies v0.0.16-go-lib.0.20220504114158-205dfe129772 h1:PAK98qZAMAtQENpc8JBbbUC2zqkQhW+SSbsS7/HxVHo=
+github.com/elastic/csp-security-policies v0.0.16-go-lib.0.20220504114158-205dfe129772/go.mod h1:24NNr0b/5HTGtndJOmhrefb59rd7NjuqI/To39tgn+w=
+github.com/elastic/csp-security-policies v1.0.0 h1:6/jgO5C+EeDH5Wb73ojA8dgA4EDXMYO3vcYGGPtrn1A=
+github.com/elastic/csp-security-policies v1.0.0/go.mod h1:24NNr0b/5HTGtndJOmhrefb59rd7NjuqI/To39tgn+w=
 github.com/elastic/elastic-agent-client/v7 v7.0.0-20210727140539-f0905d9377f6 h1:nFvXHBjYK3e9+xF0WKDeAKK4aOO51uC28s+L9rBmilo=
 github.com/elastic/elastic-agent-client/v7 v7.0.0-20210727140539-f0905d9377f6/go.mod h1:uh/Gj9a0XEbYoM4NYz4LvaBVARz3QXLmlNjsrKY9fTc=
 github.com/elastic/elastic-agent-libs v0.1.1/go.mod h1:h8K/f7RcdxM2f19VahcS1jeco170ItqV9N7HyYsn9Ss=