diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 710d3c33..2f756b1d 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -128,7 +128,9 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v3 + with: + version: v0.29.1 - name: Login to Github Container Registry diff --git a/docs/swagger.yaml b/docs/swagger.yaml index de8343a3..2c62aac3 100755 --- a/docs/swagger.yaml +++ b/docs/swagger.yaml @@ -1,6 +1,6 @@ openapi : "3.0.0" info: - version: 3.5.9 + version: 3.5.10 title: Datasance PoT Controller paths: /status: diff --git a/package-lock.json b/package-lock.json index 98be5f2d..03cc3bc3 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "@datasance/iofogcontroller", - "version": "3.5.9", + "version": "3.5.10", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "@datasance/iofogcontroller", - "version": "3.5.9", + "version": "3.5.10", "hasInstallScript": true, "license": "EPL-2.0", "dependencies": { @@ -22,7 +22,6 @@ "axios": "1.12.2", "bignumber.js": "^9.3.0", "body-parser": "^1.20.3", - "child_process": "1.0.2", "command-line-args": "5.2.1", "command-line-usage": "7.0.3", "concurrent-queue": "7.0.2", @@ -35,36 +34,27 @@ "express-session": "1.18.2", "formidable": "3.5.4", "ftp": "0.3.10", - "globally": "^0.0.0", "helmet": "7.1.0", - "https": "1.0.0", "is-elevated": "3.0.0", "jose": "^4.15.9", "js-yaml": "4.1.1", "jsonschema": "1.4.1", "keycloak-connect": "^26.1.1", - "minimatch": "10.0.1", "moment": "2.30.1", - "moment-timezone": "0.5.45", "multer": "1.4.5-lts.1", "mysql2": "3.10.1", "nconf": "0.12.1", "node-fetch-npm": "^2.0.4", - "node-forge": "^1.3.1", - "os": "0.1.2", - "path": "0.12.7", + "node-forge": "^1.3.2", "pg": "8.12.0", "pino": "9.13.1", "pino-std-serializers": "7.0.0", "portscanner": "2.2.0", "qs": "6.12.1", - "retry-as-promised": "7.0.4", "rhea": "^3.0.4", "sequelize": "6.37.7", "sqlite3": "^5.1.7", "string-format": "2.0.0", - "umzug": "^3.7.0", - "underscore": "1.13.6", "uuid": "11.1.0", "ws": "^8.18.0", "xss-clean": "0.1.1" @@ -1030,35 +1020,6 @@ "url": "https://paulmillr.com/funding/" } }, - "node_modules/@nodelib/fs.scandir": { - "version": "2.1.5", - "license": "MIT", - "dependencies": { - "@nodelib/fs.stat": "2.0.5", - "run-parallel": "^1.1.9" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/@nodelib/fs.stat": { - "version": "2.0.5", - "license": "MIT", - "engines": { - "node": ">= 8" - } - }, - "node_modules/@nodelib/fs.walk": { - "version": "1.2.8", - "license": "MIT", - "dependencies": { - "@nodelib/fs.scandir": "2.1.5", - "fastq": "^1.6.0" - }, - "engines": { - "node": ">= 8" - } - }, "node_modules/@npmcli/fs": { "version": "1.1.1", "license": "ISC", @@ -1880,150 +1841,6 @@ "version": "1.1.0", "license": "BSD-3-Clause" }, - "node_modules/@rushstack/node-core-library": { - "version": "5.13.0", - "license": "MIT", - "dependencies": { - "ajv": "~8.13.0", - "ajv-draft-04": "~1.0.0", - "ajv-formats": "~3.0.1", - "fs-extra": "~11.3.0", - "import-lazy": "~4.0.0", - "jju": "~1.4.0", - "resolve": "~1.22.1", - "semver": "~7.5.4" - }, - "peerDependencies": { - "@types/node": "*" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - } - } - }, - "node_modules/@rushstack/node-core-library/node_modules/ajv": { - "version": "8.13.0", - "license": "MIT", - "dependencies": { - "fast-deep-equal": "^3.1.3", - "json-schema-traverse": "^1.0.0", - "require-from-string": "^2.0.2", - "uri-js": "^4.4.1" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" - } - }, - "node_modules/@rushstack/node-core-library/node_modules/ajv-draft-04": { - "version": "1.0.0", - "license": "MIT", - "peerDependencies": { - "ajv": "^8.5.0" - }, - "peerDependenciesMeta": { - "ajv": { - "optional": true - } - } - }, - "node_modules/@rushstack/node-core-library/node_modules/fs-extra": { - "version": "11.3.0", - "license": "MIT", - "dependencies": { - "graceful-fs": "^4.2.0", - "jsonfile": "^6.0.1", - "universalify": "^2.0.0" - }, - "engines": { - "node": ">=14.14" - } - }, - "node_modules/@rushstack/node-core-library/node_modules/json-schema-traverse": { - "version": "1.0.0", - "license": "MIT" - }, - "node_modules/@rushstack/node-core-library/node_modules/lru-cache": { - "version": "6.0.0", - "license": "ISC", - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/@rushstack/node-core-library/node_modules/semver": { - "version": "7.5.4", - "license": "ISC", - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/@rushstack/node-core-library/node_modules/universalify": { - "version": "2.0.1", - "license": "MIT", - "engines": { - "node": ">= 10.0.0" - } - }, - "node_modules/@rushstack/terminal": { - "version": "0.15.2", - "license": "MIT", - "dependencies": { - "@rushstack/node-core-library": "5.13.0", - "supports-color": "~8.1.1" - }, - "peerDependencies": { - "@types/node": "*" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - } - } - }, - "node_modules/@rushstack/terminal/node_modules/supports-color": { - "version": "8.1.1", - "license": "MIT", - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/@rushstack/ts-command-line": { - "version": "4.23.7", - "license": "MIT", - "dependencies": { - "@rushstack/terminal": "0.15.2", - "@types/argparse": "1.0.38", - "argparse": "~1.0.9", - "string-argv": "~0.3.1" - } - }, - "node_modules/@rushstack/ts-command-line/node_modules/argparse": { - "version": "1.0.10", - "license": "MIT", - "dependencies": { - "sprintf-js": "~1.0.2" - } - }, - "node_modules/@rushstack/ts-command-line/node_modules/sprintf-js": { - "version": "1.0.3", - "license": "BSD-3-Clause" - }, "node_modules/@sentry-internal/tracing": { "version": "7.120.3", "dev": true, @@ -2154,10 +1971,6 @@ "license": "MIT", "optional": true }, - "node_modules/@types/argparse": { - "version": "1.0.38", - "license": "MIT" - }, "node_modules/@types/chai": { "version": "4.3.20", "dev": true, @@ -2318,39 +2131,6 @@ "url": "https://github.com/sponsors/epoberezkin" } }, - "node_modules/ajv-formats": { - "version": "3.0.1", - "license": "MIT", - "dependencies": { - "ajv": "^8.0.0" - }, - "peerDependencies": { - "ajv": "^8.0.0" - }, - "peerDependenciesMeta": { - "ajv": { - "optional": true - } - } - }, - "node_modules/ajv-formats/node_modules/ajv": { - "version": "8.17.1", - "license": "MIT", - "dependencies": { - "fast-deep-equal": "^3.1.3", - "fast-uri": "^3.0.1", - "json-schema-traverse": "^1.0.0", - "require-from-string": "^2.0.2" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" - } - }, - "node_modules/ajv-formats/node_modules/json-schema-traverse": { - "version": "1.0.0", - "license": "MIT" - }, "node_modules/ajv-keywords": { "version": "3.5.2", "dev": true, @@ -2899,6 +2679,7 @@ }, "node_modules/braces": { "version": "3.0.3", + "dev": true, "license": "MIT", "dependencies": { "fill-range": "^7.1.1" @@ -3375,10 +3156,6 @@ "node": ">= 16" } }, - "node_modules/child_process": { - "version": "1.0.2", - "license": "ISC" - }, "node_modules/chokidar": { "version": "3.6.0", "dev": true, @@ -4273,16 +4050,6 @@ "minimalistic-crypto-utils": "^1.0.1" } }, - "node_modules/emittery": { - "version": "0.13.1", - "license": "MIT", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, "node_modules/emoji-regex": { "version": "8.0.0", "license": "MIT" @@ -5257,32 +5024,9 @@ }, "node_modules/fast-deep-equal": { "version": "3.1.3", + "dev": true, "license": "MIT" }, - "node_modules/fast-glob": { - "version": "3.3.3", - "license": "MIT", - "dependencies": { - "@nodelib/fs.stat": "^2.0.2", - "@nodelib/fs.walk": "^1.2.3", - "glob-parent": "^5.1.2", - "merge2": "^1.3.0", - "micromatch": "^4.0.8" - }, - "engines": { - "node": ">=8.6.0" - } - }, - "node_modules/fast-glob/node_modules/glob-parent": { - "version": "5.1.2", - "license": "ISC", - "dependencies": { - "is-glob": "^4.0.1" - }, - "engines": { - "node": ">= 6" - } - }, "node_modules/fast-json-stable-stringify": { "version": "2.1.0", "dev": true, @@ -5298,27 +5042,6 @@ "dev": true, "license": "MIT" }, - "node_modules/fast-uri": { - "version": "3.0.6", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/fastify" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fastify" - } - ], - "license": "BSD-3-Clause" - }, - "node_modules/fastq": { - "version": "1.19.1", - "license": "ISC", - "dependencies": { - "reusify": "^1.0.4" - } - }, "node_modules/fd-slicer": { "version": "1.1.0", "license": "MIT", @@ -5396,6 +5119,7 @@ }, "node_modules/fill-range": { "version": "7.1.1", + "dev": true, "license": "MIT", "dependencies": { "to-regex-range": "^5.0.1" @@ -5943,10 +5667,6 @@ "node": ">=10.0" } }, - "node_modules/globally": { - "version": "0.0.0", - "license": "MIT" - }, "node_modules/globals": { "version": "14.0.0", "dev": true, @@ -5985,6 +5705,7 @@ }, "node_modules/graceful-fs": { "version": "4.2.11", + "devOptional": true, "license": "ISC" }, "node_modules/handlebars": { @@ -6309,10 +6030,6 @@ "node": ">= 6.15.1" } }, - "node_modules/https": { - "version": "1.0.0", - "license": "ISC" - }, "node_modules/https-proxy-agent": { "version": "7.0.6", "license": "MIT", @@ -6430,13 +6147,6 @@ "node": ">=0.4.0" } }, - "node_modules/import-lazy": { - "version": "4.0.0", - "license": "MIT", - "engines": { - "node": ">=8" - } - }, "node_modules/imurmurhash": { "version": "0.1.4", "devOptional": true, @@ -6813,6 +6523,7 @@ }, "node_modules/is-extglob": { "version": "2.1.1", + "dev": true, "license": "MIT", "engines": { "node": ">=0.10.0" @@ -6858,6 +6569,7 @@ }, "node_modules/is-glob": { "version": "4.0.3", + "dev": true, "license": "MIT", "dependencies": { "is-extglob": "^2.1.1" @@ -6906,6 +6618,7 @@ }, "node_modules/is-number": { "version": "7.0.0", + "dev": true, "license": "MIT", "engines": { "node": ">=0.12.0" @@ -7352,10 +7065,6 @@ "node": "*" } }, - "node_modules/jju": { - "version": "1.4.0", - "license": "MIT" - }, "node_modules/jose": { "version": "4.15.9", "license": "MIT", @@ -7548,6 +7257,7 @@ }, "node_modules/jsonfile": { "version": "6.1.0", + "dev": true, "license": "MIT", "dependencies": { "universalify": "^2.0.0" @@ -7558,6 +7268,7 @@ }, "node_modules/jsonfile/node_modules/universalify": { "version": "2.0.1", + "dev": true, "license": "MIT", "engines": { "node": ">= 10.0.0" @@ -7985,13 +7696,6 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/merge2": { - "version": "1.4.1", - "license": "MIT", - "engines": { - "node": ">= 8" - } - }, "node_modules/methods": { "version": "1.1.2", "license": "MIT", @@ -7999,17 +7703,6 @@ "node": ">= 0.6" } }, - "node_modules/micromatch": { - "version": "4.0.8", - "license": "MIT", - "dependencies": { - "braces": "^3.0.3", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, "node_modules/mime": { "version": "1.6.0", "license": "MIT", @@ -8071,19 +7764,6 @@ "version": "1.0.1", "license": "MIT" }, - "node_modules/minimatch": { - "version": "10.0.1", - "license": "ISC", - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": "20 || >=22" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, "node_modules/minimist": { "version": "1.2.8", "license": "MIT", @@ -8622,8 +8302,9 @@ } }, "node_modules/node-forge": { - "version": "1.3.1", - "license": "(BSD-3-Clause OR GPL-2.0)", + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-1.3.2.tgz", + "integrity": "sha512-6xKiQ+cph9KImrRh0VsjH2d8/GXA4FIMlgU4B757iI1ApvcyA9VlouP0yZJha01V+huImO+kKMU7ih+2+E14fw==", "engines": { "node": ">= 6.13.0" } @@ -9176,10 +8857,6 @@ "node": ">= 0.8.0" } }, - "node_modules/os": { - "version": "0.1.2", - "license": "MIT" - }, "node_modules/os-tmpdir": { "version": "1.0.2", "dev": true, @@ -9366,14 +9043,6 @@ "node": ">= 0.8" } }, - "node_modules/path": { - "version": "0.12.7", - "license": "MIT", - "dependencies": { - "process": "^0.11.1", - "util": "^0.10.3" - } - }, "node_modules/path-exists": { "version": "4.0.0", "dev": true, @@ -9556,6 +9225,7 @@ }, "node_modules/picomatch": { "version": "2.3.1", + "dev": true, "license": "MIT", "engines": { "node": ">=8.6" @@ -9756,13 +9426,6 @@ "node": ">=4" } }, - "node_modules/pony-cause": { - "version": "2.1.11", - "license": "0BSD", - "engines": { - "node": ">=12.0.0" - } - }, "node_modules/portscanner": { "version": "2.2.0", "license": "MIT", @@ -10032,6 +9695,15 @@ "url": "https://github.com/sponsors/panva" } }, + "node_modules/postman-runtime/node_modules/node-forge": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-1.3.1.tgz", + "integrity": "sha512-dPEtOeMvF9VMcYV/1Wb8CPoVAXtp6MKMlcbAt4ddqmGqUJ6fQZFXkNZNkNlfevtNkGtaSoXf/vNNNSvgrdXwtA==", + "dev": true, + "engines": { + "node": ">= 6.13.0" + } + }, "node_modules/postman-runtime/node_modules/uuid": { "version": "8.3.2", "dev": true, @@ -10111,13 +9783,6 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/process": { - "version": "0.11.10", - "license": "MIT", - "engines": { - "node": ">= 0.6.0" - } - }, "node_modules/process-nextick-args": { "version": "2.0.1", "license": "MIT" @@ -10304,6 +9969,7 @@ }, "node_modules/punycode": { "version": "2.3.1", + "dev": true, "license": "MIT", "engines": { "node": ">=6" @@ -10329,6 +9995,7 @@ }, "node_modules/queue-microtask": { "version": "1.2.3", + "dev": true, "funding": [ { "type": "github", @@ -10634,13 +10301,6 @@ "node": ">=0.10.0" } }, - "node_modules/require-from-string": { - "version": "2.0.2", - "license": "MIT", - "engines": { - "node": ">=0.10.0" - } - }, "node_modules/require-in-the-middle": { "version": "7.5.2", "license": "MIT", @@ -10752,14 +10412,6 @@ "version": "7.0.4", "license": "MIT" }, - "node_modules/reusify": { - "version": "1.1.0", - "license": "MIT", - "engines": { - "iojs": ">=1.0.0", - "node": ">=0.10.0" - } - }, "node_modules/rfc4648": { "version": "1.5.4", "license": "MIT" @@ -10869,6 +10521,7 @@ }, "node_modules/run-parallel": { "version": "1.2.0", + "dev": true, "funding": [ { "type": "github", @@ -12348,13 +12001,6 @@ "version": "0.10.31", "license": "MIT" }, - "node_modules/string-argv": { - "version": "0.3.2", - "license": "MIT", - "engines": { - "node": ">=0.6.19" - } - }, "node_modules/string-format": { "version": "2.0.0", "license": "WTFPL OR MIT" @@ -12947,6 +12593,7 @@ }, "node_modules/to-regex-range": { "version": "5.0.1", + "dev": true, "license": "MIT", "dependencies": { "is-number": "^7.0.0" @@ -13139,30 +12786,6 @@ "node": ">= 0.8" } }, - "node_modules/umzug": { - "version": "3.8.2", - "license": "MIT", - "dependencies": { - "@rushstack/ts-command-line": "^4.12.2", - "emittery": "^0.13.0", - "fast-glob": "^3.3.2", - "pony-cause": "^2.1.4", - "type-fest": "^4.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/umzug/node_modules/type-fest": { - "version": "4.41.0", - "license": "(MIT OR CC0-1.0)", - "engines": { - "node": ">=16" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, "node_modules/unbox-primitive": { "version": "1.1.0", "dev": true, @@ -13180,10 +12803,6 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/underscore": { - "version": "1.13.6", - "license": "MIT" - }, "node_modules/undici-types": { "version": "7.8.0", "license": "MIT" @@ -13255,6 +12874,7 @@ }, "node_modules/uri-js": { "version": "4.4.1", + "dev": true, "license": "BSD-2-Clause", "dependencies": { "punycode": "^2.1.0" @@ -13269,21 +12889,10 @@ "requires-port": "^1.0.0" } }, - "node_modules/util": { - "version": "0.10.4", - "license": "MIT", - "dependencies": { - "inherits": "2.0.3" - } - }, "node_modules/util-deprecate": { "version": "1.0.2", "license": "MIT" }, - "node_modules/util/node_modules/inherits": { - "version": "2.0.3", - "license": "ISC" - }, "node_modules/utils-merge": { "version": "1.0.1", "license": "MIT", diff --git a/package.json b/package.json index 3d8e4ce8..7924c1fb 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@datasance/iofogcontroller", - "version": "3.5.9", + "version": "3.5.10", "description": "ioFog Controller project for Datasance PoT @ datasance.com \\nCopyright (c) 2023 Datasance Teknoloji A.S.", "main": "./src/main.js", "author": "Emirhan Durmus", @@ -67,7 +67,6 @@ "axios": "1.12.2", "bignumber.js": "^9.3.0", "body-parser": "^1.20.3", - "child_process": "1.0.2", "command-line-args": "5.2.1", "command-line-usage": "7.0.3", "concurrent-queue": "7.0.2", @@ -80,36 +79,27 @@ "express-session": "1.18.2", "formidable": "3.5.4", "ftp": "0.3.10", - "globally": "^0.0.0", "helmet": "7.1.0", - "https": "1.0.0", "is-elevated": "3.0.0", "jose": "^4.15.9", "js-yaml": "4.1.1", "jsonschema": "1.4.1", "keycloak-connect": "^26.1.1", - "minimatch": "10.0.1", "moment": "2.30.1", - "moment-timezone": "0.5.45", "multer": "1.4.5-lts.1", "mysql2": "3.10.1", "nconf": "0.12.1", "node-fetch-npm": "^2.0.4", - "node-forge": "^1.3.1", - "os": "0.1.2", - "path": "0.12.7", + "node-forge": "^1.3.2", "pg": "8.12.0", "pino": "9.13.1", "pino-std-serializers": "7.0.0", "portscanner": "2.2.0", "qs": "6.12.1", "rhea": "^3.0.4", - "retry-as-promised": "7.0.4", "sequelize": "6.37.7", "sqlite3": "^5.1.7", "string-format": "2.0.0", - "umzug": "^3.7.0", - "underscore": "1.13.6", "uuid": "11.1.0", "ws": "^8.18.0", "xss-clean": "0.1.1" diff --git a/src/config/controller.yaml b/src/config/controller.yaml index 252c752b..1e842b7c 100644 --- a/src/config/controller.yaml +++ b/src/config/controller.yaml @@ -51,7 +51,7 @@ settings: fogStatusUpdateInterval: 30 # Fog status update interval in seconds fogStatusUpdateTolerance: 3 # Fog status update tolerance fogExpiredTokenCleanupInterval: 300 # Fog expired token cleanup interval in seconds - eventRetentionDays: 30 # Days to retain events (default: 30) + eventRetentionDays: 7 # Days to retain events (default: 7) eventCleanupInterval: 86400 # Cleanup job interval in seconds (default: 24 hours) eventAuditEnabled: true # Enable/disable event auditing eventCaptureIpAddress: true # Capture IP address (default: true, set false for privacy compliance) diff --git a/src/jobs/event-cleanup-job.js b/src/jobs/event-cleanup-job.js index 7b9f0907..7ff0b74e 100644 --- a/src/jobs/event-cleanup-job.js +++ b/src/jobs/event-cleanup-job.js @@ -31,7 +31,7 @@ async function run () { async function cleanupOldEvents () { try { // Read retention days from config - const retentionDays = process.env.EVENT_RETENTION_DAYS || Config.get('settings.eventRetentionDays', 30) + const retentionDays = process.env.EVENT_RETENTION_DAYS || Config.get('settings.eventRetentionDays', 7) logger.debug(`Starting cleanup of events older than ${retentionDays} days`) const count = await EventManager.deleteEventsOlderThanDays(retentionDays, { fakeTransaction: true }) diff --git a/src/middlewares/event-audit-middleware.js b/src/middlewares/event-audit-middleware.js index 24b3e75a..af1a9892 100644 --- a/src/middlewares/event-audit-middleware.js +++ b/src/middlewares/event-audit-middleware.js @@ -34,7 +34,8 @@ function eventAuditMiddleware (req, res, next) { } // Check if auditing is enabled (reads from YAML or env var) - const auditEnabled = process.env.EVENT_AUDIT_ENABLED || config.get('settings.eventAuditEnabled', true) + // Use config.get() which properly parses boolean strings from env vars + const auditEnabled = config.get('settings.eventAuditEnabled', true) if (!auditEnabled) { return next() } diff --git a/src/services/event-service.js b/src/services/event-service.js index 56fdd5d8..08dbc101 100644 --- a/src/services/event-service.js +++ b/src/services/event-service.js @@ -366,7 +366,8 @@ async function createEvent (eventData, transaction) { */ async function createHttpEvent (req, res, startTime) { // Check if auditing is enabled - const auditEnabled = process.env.EVENT_AUDIT_ENABLED || config.get('settings.eventAuditEnabled', true) + // Use config.get() which properly parses boolean strings from env vars + const auditEnabled = config.get('settings.eventAuditEnabled', true) if (!auditEnabled) { return } @@ -381,7 +382,7 @@ async function createHttpEvent (req, res, startTime) { return } - const captureIp = process.env.EVENT_CAPTURE_IP_ADDRESS || config.get('settings.eventCaptureIpAddress', true) + const captureIp = config.get('settings.eventCaptureIpAddress', true) const endpointType = req.path.startsWith('/api/v3/agent/') ? 'agent' : 'user' const actorId = extractActorId(req) const resourceType = extractResourceType(req.path) @@ -417,12 +418,13 @@ async function createHttpEvent (req, res, startTime) { */ async function createWsConnectEvent (connectionData) { // Check if auditing is enabled - const auditEnabled = process.env.EVENT_AUDIT_ENABLED || config.get('settings.eventAuditEnabled', true) + // Use config.get() which properly parses boolean strings from env vars + const auditEnabled = config.get('settings.eventAuditEnabled', true) if (!auditEnabled) { return } - const captureIp = process.env.EVENT_CAPTURE_IP_ADDRESS || config.get('settings.eventCaptureIpAddress', true) + const captureIp = config.get('settings.eventCaptureIpAddress', true) const endpointType = connectionData.endpointType || 'user' // Sanitize path to remove sensitive query parameters (e.g., token) const sanitizedPath = sanitizeEndpointPath(connectionData.path) @@ -457,12 +459,13 @@ async function createWsConnectEvent (connectionData) { */ async function createWsDisconnectEvent (connectionData) { // Check if auditing is enabled - const auditEnabled = process.env.EVENT_AUDIT_ENABLED || config.get('settings.eventAuditEnabled', true) + // Use config.get() which properly parses boolean strings from env vars + const auditEnabled = config.get('settings.eventAuditEnabled', true) if (!auditEnabled) { return } - const captureIp = process.env.EVENT_CAPTURE_IP_ADDRESS || config.get('settings.eventCaptureIpAddress', true) + const captureIp = config.get('settings.eventCaptureIpAddress', true) const endpointType = connectionData.endpointType || 'user' // Sanitize path to remove sensitive query parameters (e.g., token) const sanitizedPath = sanitizeEndpointPath(connectionData.path) @@ -642,7 +645,8 @@ async function deleteEvents (params = {}, context = {}, transaction) { setImmediate(async () => { try { - const captureIp = process.env.EVENT_CAPTURE_IP_ADDRESS || config.get('settings.eventCaptureIpAddress', true) + // Use config.get() which properly parses boolean strings from env vars + const captureIp = config.get('settings.eventCaptureIpAddress', true) const endpointType = request.path && request.path.startsWith('/api/v3/agent/') ? 'agent' : 'user' const actorId = extractActorId(request) diff --git a/src/services/iofog-service.js b/src/services/iofog-service.js index b6ef2dc1..c9a30d05 100644 --- a/src/services/iofog-service.js +++ b/src/services/iofog-service.js @@ -55,14 +55,21 @@ async function checkKubernetesEnvironment () { return controlPlane && controlPlane.toLowerCase() === 'kubernetes' } -async function getLocalCertificateHosts (isKubernetes, namespace) { - if (isKubernetes) { - return `router-local,router-local.${namespace},router-local.${namespace}.svc.cluster.local,127.0.0.1,localhost,host.docker.internal,host.containers.internal` - } - return '127.0.0.1,localhost,host.docker.internal,host.containers.internal,iofog,service.local' +async function getLocalCertificateHosts (fogData) { + const hosts = new Set() + const defaultHost = ['localhost', '127.0.0.1', 'host.docker.internal', 'host.containers.internal', 'iofog', 'service.local'] + // Add default hosts individually + defaultHost.forEach(host => hosts.add(host)) + if (fogData.host) hosts.add(fogData.host) + if (fogData.ipAddress) hosts.add(fogData.ipAddress) + if (fogData.ipAddressExternal) hosts.add(fogData.ipAddressExternal) + // if (isKubernetes) { + // return `router-local,router-local.${namespace},router-local.${namespace}.svc.cluster.local,127.0.0.1,localhost,host.docker.internal,host.containers.internal` + // } + return Array.from(hosts).join(',') || 'localhost' } -async function getSiteCertificateHosts (fogData, fogUuid, transaction) { +async function getSiteCertificateHosts (fogData) { const hosts = new Set() // const defaultRouter = await RouterManager.findOne({ isDefault: true }, transaction) // const isFogDefaultRouter = fogUuid === defaultRouter.iofogUuid @@ -97,7 +104,7 @@ async function _handleRouterCertificates (fogData, uuid, isRouterModeChanged, tr // Check if we're in Kubernetes environment const isKubernetes = await checkKubernetesEnvironment() - const namespace = isKubernetes ? process.env.CONTROLLER_NAMESPACE : null + // const namespace = isKubernetes ? process.env.CONTROLLER_NAMESPACE : null // Helper to check CA existence async function ensureCA (name, subject) { @@ -185,14 +192,24 @@ async function _handleRouterCertificates (fogData, uuid, isRouterModeChanged, tr // If routerMode is 'none', only ensure DEFAULT_ROUTER_LOCAL_CA and its signed certificate if (fogData.routerMode === 'none') { logger.debug('Router mode is none, ensuring DEFAULT_ROUTER_LOCAL_CA exists') - await ensureCA(DEFAULT_ROUTER_LOCAL_CA, DEFAULT_ROUTER_LOCAL_CA) + if (isKubernetes) { + await ensureCA(DEFAULT_ROUTER_LOCAL_CA, DEFAULT_ROUTER_LOCAL_CA) + } logger.debug('Ensuring local-agent certificate signed by DEFAULT_ROUTER_LOCAL_CA') - const localHosts = await getLocalCertificateHosts(isKubernetes, namespace) + const localHosts = await getLocalCertificateHosts(fogData) + let defaultRouterLocalCA + if (isKubernetes) { + defaultRouterLocalCA = DEFAULT_ROUTER_LOCAL_CA + } else { + const defaultRouter = await RouterManager.findOne({ isDefault: true }, transaction) + defaultRouterLocalCA = `${defaultRouter.iofogUuid}-local-ca` + } + await ensureCert( `${uuid}-local-agent`, `${uuid}-local-agent`, localHosts, - { type: 'direct', secretName: DEFAULT_ROUTER_LOCAL_CA }, + { type: 'direct', secretName: defaultRouterLocalCA }, isRouterModeChanged ) logger.debug('Successfully completed _handleRouterCertificates for routerMode none') @@ -202,7 +219,7 @@ async function _handleRouterCertificates (fogData, uuid, isRouterModeChanged, tr // For other router modes, ensure all other certificates // Always ensure site-server cert exists logger.debug('Ensuring site-server certificate exists') - const siteHosts = await getSiteCertificateHosts(fogData, uuid, transaction) + const siteHosts = await getSiteCertificateHosts(fogData) await ensureCert( `${uuid}-site-server`, `${uuid}-site-server`, @@ -217,7 +234,7 @@ async function _handleRouterCertificates (fogData, uuid, isRouterModeChanged, tr // Always ensure local-server cert exists logger.debug('Ensuring local-server certificate exists') - const localHosts = await getLocalCertificateHosts(isKubernetes, namespace) + const localHosts = await getLocalCertificateHosts(fogData) await ensureCert( `${uuid}-local-server`, `${uuid}-local-server`, diff --git a/src/services/router-connection-service.js b/src/services/router-connection-service.js index 724e9fc3..38d110c3 100644 --- a/src/services/router-connection-service.js +++ b/src/services/router-connection-service.js @@ -6,7 +6,10 @@ const CertificateService = require('./certificate-service') const SecretService = require('./secret-service') const os = require('os') -const CONTROLLER_CERT_NAME = 'controller-exec-session-client' +const CONTROLLER_CERT_PREFIX = 'controller-exec-session-client' +const hostname = process.env.HOSTNAME || os.hostname() +const CONTROLLER_CERT_NAME = hostname ? `${CONTROLLER_CERT_PREFIX}-${hostname}` : CONTROLLER_CERT_PREFIX + const DEFAULT_ROUTER_SERVICE = 'router' const AMQP_DEFAULT_PORT = 5671 @@ -264,8 +267,10 @@ class RouterConnectionService { _buildControllerHosts () { const hosts = new Set(['localhost', '127.0.0.1']) - const hostname = process.env.HOSTNAME || os.hostname() if (hostname) hosts.add(hostname) + if (this._isKubernetes() && (process.env.CONTROLLER_NAMESPACE != null && process.env.CONTROLLER_NAMESPACE !== '')) { + hosts.add(`controller.${process.env.CONTROLLER_NAMESPACE}.svc.cluster.local`) + } if (process.env.CONTROLLER_HOST) hosts.add(process.env.CONTROLLER_HOST) return Array.from(hosts) }