Class: Immunio::Agent

Inherits:

Object

• Object
• Immunio::Agent

Includes:

ActiveSupport::Configurable

Defined in:

lib/immunio/agent.rb

Instance Method Summary

• #environment=(environment) ⇒ Object
• #finish_request(*args) ⇒ Object
• #initialize ⇒ Agent constructor

  A new instance of Agent.

• #load_config ⇒ Object
• #new_request(*args) ⇒ Object
• #plugin_enabled?(plugin) ⇒ Boolean
• #run_hook(*args) ⇒ Object
• #run_hook!(*args) ⇒ Object

Constructor Details

#initialize ⇒ Agent

Returns a new instance of Agent.

# File 'lib/immunio/agent.rb', line 75

def initialize
  Immunio.logger.info { "Initializing agent version #{VERSION} for process #{Process.pid}" }

  config.key = config.secret = "-default-"
  config.hello_url = "https://agent.immun.io/"
  config.log_file = "log/immunio.log"
  config.log_level = "info"
  config.log_timings = false
  config.log_context_data = false
  config.http_timeout = 30 # seconds
  config.max_send_queue_size = 500 # messages
  config.max_report_interval = 10 # seconds
  config.min_report_size = 25 # messages
  config.max_report_size = 50 # messages
  config.max_report_bytes = 1500000 # Just shy of 1.5 megs
  config.initial_delay_ms = 100  # milliseconds
  config.max_delay_ms = 10 * 60 * 1000  # milliseconds
  config.dev_mode = false
  config.debug_mode = false
  config.ready_timeout = 0
  # Default list of active plugins
  config.plugins_active = DEFAULT_PLUGINS.to_set
  # Default to empty lists for enabled and disabled
  config.plugins_enabled = []
  config.plugins_disabled = []
  config.agent_enabled = true
  config.safe_script_tag_contexts = []
  config.vm_data = {}

  # Be sure all config attributes have a type before this call:
  load_config

  Immunio::switch_to_real_logger(config.log_file, config.log_level)

  if !config.agent_enabled then
    Immunio.logger.info { "Agent disabled in config" }
    return
  end

  @vmfactory = VMFactory.new(config[:key], config.secret, config.dev_mode,
                             config.debug_mode)

  @channel = Channel.new(config)
  @channel.on_sending do
    @vmfactory.current_state
  end

  # Link things together. The vmfactory needs to know about updates
  # to the code and data, and the channel needs to know when everything
  # is up to date.
  have_code = config.dev_mode
  have_data = false
  @channel.on_message do |message|
    case message[:type]
      when "engine.vm.code.update"
        # Don't update code in dev_mode
        unless config.dev_mode
          @vmfactory.update_code message[:version], message[:code]
          have_code = true
          if have_data
            @channel.set_ready
          end
        end
      when "engine.vm.data.update"
        @vmfactory.update_data message[:version], message[:data]
        have_data = true
        if have_code
          @channel.set_ready
        end
    end
  end

  @processor = Processor.new(@channel, @vmfactory, config)
end

Instance Method Details

#environment=(environment) ⇒ Object

# File 'lib/immunio/agent.rb', line 224

def environment=(environment)
  @processor.environment = environment
end

#finish_request(*args) ⇒ Object

# File 'lib/immunio/agent.rb', line 212

def finish_request(*args)
  @processor.finish_request(*args)
end

#load_config ⇒ Object

# File 'lib/immunio/agent.rb', line 150

def load_config
  Immunio.logger.debug { "Default configuration: #{config}" }

  # Try loading file from some standard locations. First match is used.
  locations = []
  locations << Rails.root.join("config", CONFIG_FILENAME) if defined?(Rails.root) && Rails.root
  locations << File.join("config", CONFIG_FILENAME)

  locations.each do |location|
    Immunio.logger.debug { "Trying to find config file at #{location}" }
    begin
      realpath = File.realpath(location) # Raises exception if file doesn't exist
      Immunio.logger.debug { "Found config file at #{realpath}" }
      options = YAML.load_file(realpath).symbolize_keys
      config.update options
      Immunio.logger.debug { "Configuration after loading from file: #{config}" }
      break
    rescue SystemCallError => e
      Immunio.logger.debug { "Failed to load config: #{e}" }
    end
  end

  # Load private config from env vars.
  # Set the type of the same as set in initialize
  config.keys.each do |key|
    if ENV["IMMUNIO_#{key.upcase}"] then
      new_value = ENV["IMMUNIO_#{key.upcase}"]
      case config[key]
      when String
        config[key] = new_value
      when Fixnum
        config[key] = Integer(new_value)
      when TrueClass, FalseClass
        config[key] = !(new_value =~ (/^(true|t|yes|y|1)$/i)).nil?
      when Array
        config[key] = new_value.split(/[\s,]+/)
      when Set
        config[key] = new_value.split(/[\s,]+/).to_set
      else
        raise ArgumentError, "Unknown ENV conversion for #{config[key].class}"
      end
    end
  end

  Immunio.logger.debug { "Configuration after evaluating env vars: #{config}" }

  # Remove any requested plugins, then add any requested plugins.
  config.plugins_active.subtract(config.plugins_disabled)
  config.plugins_active.merge(config.plugins_enabled)
  Immunio.logger.info { "Active plugins: #{config.plugins_active.to_a}" }

end

#new_request(*args) ⇒ Object

# File 'lib/immunio/agent.rb', line 208

def new_request(*args)
  @processor.new_request(*args)
end

#plugin_enabled?(plugin) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/immunio/agent.rb', line 203

def plugin_enabled?(plugin)
  # Check if the specified `plugin` is enabled based on the Agent config.
  config.plugins_active.member?(plugin)
end

#run_hook(*args) ⇒ Object

# File 'lib/immunio/agent.rb', line 216

def run_hook(*args)
  @processor.run_hook(*args) if defined? @processor
end

#run_hook!(*args) ⇒ Object

# File 'lib/immunio/agent.rb', line 220

def run_hook!(*args)
  @processor.run_hook!(*args) if defined? @processor
end