Skip to content

Commit

Permalink
Improvement on upgrade mechanism
Browse files Browse the repository at this point in the history
  • Loading branch information
@noboruma
noboruma committed Nov 15, 2023
1 parent 6893e27 commit 0a1d38c
Show file tree
Hide file tree
Showing 14 changed files with 83 additions and 34 deletions.
15 changes: 9 additions & 6 deletions .github/workflows/build-publish-binaries.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ on:

env:
DF_BIN_VER: ${{ inputs.ver }}
VERSION: ${{ inputs.ver }}

jobs:
docker:
Expand All @@ -35,12 +36,14 @@ jobs:
mkdir -p /tmp/binaries/$DF_BIN_VER
cd /tmp/binaries/$DF_BIN_VER
id=$(docker create deepfenceio/deepfence_agent_ce:latest)
docker cp $id:/usr/local/bin/syft - > syft
docker cp $id:/home/deepfence/bin/yara-hunter/YaraHunter - > YaraHunter
docker cp $id:/home/deepfence/bin/secret-scanner/SecretScanner - > SecretScanner
docker cp $id:/usr/local/discovery/deepfence-discovery - > deepfence-discovery
docker cp $id:/opt/td-agent-bit/bin/fluent-bit - > fluent-bit
docker cp $id:/usr/local/bin/compliance_check/compliance - > compliance
docker cp $id:/bin/deepfenced self
docker cp $id:/home/deepfence/bin/package-scanner package_scanner
docker cp $id:/home/deepfence/bin/yara-hunter/YaraHunter malware_scanner
docker cp $id:/home/deepfence/bin/secret-scanner/SecretScanner secret_scanner
docker cp $id:/usr/local/discovery/deepfence-discovery discovery
docker cp $id:/opt/td-agent-bit/bin/fluent-bit fluentbit
docker cp $id:/usr/local/bin/syft syft
docker cp $id:/usr/local/bin/compliance_check/compliance compliance
tar zcvf binaries.tar.gz ./*
docker rm -v $id
Expand Down
2 changes: 1 addition & 1 deletion deepfence_agent/plugins/SecretScanner
Submodule SecretScanner updated 1 files
+3 −3 Dockerfile
2 changes: 1 addition & 1 deletion deepfence_agent/plugins/YaraHunter
Submodule YaraHunter updated 1 files
+2 −2 docs/yara-rules/listing.json
2 changes: 1 addition & 1 deletion deepfence_agent/plugins/package-scanner
Submodule package-scanner updated 2 files
+1 −1 tools/grype-bin/get_grype.sh
+1 −1 tools/syft-bin/get_syft.sh
16 changes: 8 additions & 8 deletions deepfence_agent/run_discovery.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ PROBE_TRACKDEPLOADS=${DF_ENABLE_TRACKDEPLOADS:-"false"}
PROBE_LOG_LEVEL=${LOG_LEVEL:-info}

if [[ "$DF_CLUSTER_AGENT" == "true" ]]; then
/home/deepfence/deepfence_exe \
exec /home/deepfence/deepfence_exe \
--mode=probe \
--probe.kubernetes.role=cluster \
--probe.log.level="$PROBE_LOG_LEVEL" \
Expand Down Expand Up @@ -41,20 +41,20 @@ fi

if [[ "$DF_KUBERNETES_ON" == "Y" ]]; then
if [[ "$CONTAINER_RUNTIME" == "containerd" ]] || [[ "$CONTAINER_RUNTIME" = "crio" ]]; then
env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=false --probe.podman=false --probe.cri=true --probe.cri.endpoint="$CRI_ENDPOINT" --probe.kubernetes="true" --probe.kubernetes.role=host --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
exec env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=false --probe.podman=false --probe.cri=true --probe.cri.endpoint="$CRI_ENDPOINT" --probe.kubernetes="true" --probe.kubernetes.role=host --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
elif [[ "$CONTAINER_RUNTIME" == "podman" ]]; then
env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=false --probe.podman=true --probe.podman.endpoint="$CRI_ENDPOINT" --probe.cri=false --probe.kubernetes="true" --probe.kubernetes.role=host --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
exec env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=false --probe.podman=true --probe.podman.endpoint="$CRI_ENDPOINT" --probe.cri=false --probe.kubernetes="true" --probe.kubernetes.role=host --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
else
env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=true --probe.podman=false --probe.cri=false --probe.kubernetes="true" --probe.kubernetes.role=host --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
exec env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=true --probe.podman=false --probe.cri=false --probe.kubernetes="true" --probe.kubernetes.role=host --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
fi
else
if [[ "$DF_SERVERLESS" == "true" ]]; then
env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=false --probe.podman=false --probe.cri=false --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.conntrack=false --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
exec env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=false --probe.podman=false --probe.cri=false --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.conntrack=false --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
elif [[ "$CONTAINER_RUNTIME" == "podman" ]]; then
env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=false --probe.podman=true --probe.podman.endpoint="$CRI_ENDPOINT" --probe.cri=false --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.conntrack=false --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
exec env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=false --probe.podman=true --probe.podman.endpoint="$CRI_ENDPOINT" --probe.cri=false --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.conntrack=false --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
elif [[ "$CONTAINER_RUNTIME" == "unknown" ]]; then
env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=false --probe.podman=false --probe.cri=false --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.conntrack=false --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
exec env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=false --probe.podman=false --probe.cri=false --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.conntrack=false --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
else
env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=true --probe.podman=false --probe.cri=false --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
exec env FILEBEAT_CERT_PATH="$DF_INSTALL_DIR/etc/filebeat/filebeat.crt" CONSOLE_SERVER="https://$mgmtConsoleUrl" SCOPE_HOSTNAME="$HOSTNAME" nice -n -20 $DF_INSTALL_DIR/usr/local/discovery/deepfence-discovery --mode=probe --probe.log.level="$PROBE_LOG_LEVEL" --probe.spy.interval=5s --probe.publish.interval=10s --probe.docker.interval=10s --probe.insecure=true --probe.docker=true --probe.podman=false --probe.cri=false --probe.token="$DEEPFENCE_KEY" --probe.processes="$PROBE_PROCESSES" --probe.endpoint.report="$PROBE_CONNECTIONS" --probe.track.deploads="$PROBE_TRACKDEPLOADS" "https://$mgmtConsoleUrl"
fi
fi
4 changes: 2 additions & 2 deletions deepfence_bootstrapper/Makefile
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
VERSION=`git describe --tags`
VERSION?=`git describe --tags`

all: deepfence_bootstrapper

local: deepfence_bootstrapper

prepare:
docker run --rm -i -v $(ROOT_MAKEFILE_DIR):/src:rw -v /tmp/go:/go:rw deepfenceio/deepfence_builder_ce:$(DF_IMG_TAG) bash -c 'cd /src/deepfence_bootstrapper && make deepfence_bootstrapper'
docker run --rm -i -e VERSION=${VERSION} -v $(ROOT_MAKEFILE_DIR):/src:rw -v /tmp/go:/go:rw deepfenceio/deepfence_builder_ce:$(DF_IMG_TAG) bash -c 'cd /src/deepfence_bootstrapper && make deepfence_bootstrapper'

vendor: go.mod $(shell find ../deepfence_utils -path ../deepfence_utils/vendor -prune -o -name '*.go')
go mod tidy -v
Expand Down
8 changes: 4 additions & 4 deletions deepfence_bootstrapper/assets/config.ini
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ maxcpu = 10
maxmem = 100000

[process:fluentbit]
command=/bin/bash -c "$DF_INSTALL_DIR/opt/td-agent-bit/bin/fluent-bit -c $DF_INSTALL_DIR/etc/td-agent-bit/fluentbit-agent.conf"
command=/bin/bash -c "exec $DF_INSTALL_DIR/opt/td-agent-bit/bin/fluent-bit -c $DF_INSTALL_DIR/etc/td-agent-bit/fluentbit-agent.conf"
path=$DF_INSTALL_DIR/opt/td-agent-bit/bin/fluent-bit
autostart=true
autorestart=true
Expand All @@ -15,19 +15,19 @@ autostart=true
autorestart=true

[process:package_scanner]
command=/bin/bash -c "rm -f $DF_INSTALL_DIR/tmp/package-scanner.sock && $DF_INSTALL_DIR/home/deepfence/bin/package-scanner -socket-path $DF_INSTALL_DIR/tmp/package-scanner.sock -mode grpc-server"
command=/bin/bash -c "rm -f $DF_INSTALL_DIR/tmp/package-scanner.sock && exec $DF_INSTALL_DIR/home/deepfence/bin/package-scanner -socket-path $DF_INSTALL_DIR/tmp/package-scanner.sock -mode grpc-server"
path=$DF_INSTALL_DIR/home/deepfence/bin/package-scanner
autostart=true
autorestart=true

[process:secret_scanner]
command=/bin/bash -c "rm -f $DF_INSTALL_DIR/tmp/secret-scanner.sock && $DF_INSTALL_DIR/home/deepfence/bin/secret-scanner/SecretScanner --config-path $DF_INSTALL_DIR/home/deepfence/bin/secret-scanner --socket-path=$DF_INSTALL_DIR/tmp/secret-scanner.sock"
command=/bin/bash -c "rm -f $DF_INSTALL_DIR/tmp/secret-scanner.sock && exec $DF_INSTALL_DIR/home/deepfence/bin/secret-scanner/SecretScanner --config-path $DF_INSTALL_DIR/home/deepfence/bin/secret-scanner --socket-path=$DF_INSTALL_DIR/tmp/secret-scanner.sock"
path=$DF_INSTALL_DIR/home/deepfence/bin/secret-scanner/SecretScanner
autostart=true
autorestart=true

[process:malware_scanner]
command=/bin/bash -c "rm -f $DF_INSTALL_DIR/tmp/yara-hunter.sock && $DF_INSTALL_DIR/home/deepfence/bin/yara-hunter/YaraHunter --config-path $DF_INSTALL_DIR/home/deepfence/bin/yara-hunter --rules-path $DF_INSTALL_DIR/home/deepfence/bin/yara-hunter/yara-rules --socket-path=$DF_INSTALL_DIR/tmp/yara-hunter.sock --enable-updater=false"
command=/bin/bash -c "rm -f $DF_INSTALL_DIR/tmp/yara-hunter.sock && exec $DF_INSTALL_DIR/home/deepfence/bin/yara-hunter/YaraHunter --config-path $DF_INSTALL_DIR/home/deepfence/bin/yara-hunter --rules-path $DF_INSTALL_DIR/home/deepfence/bin/yara-hunter/yara-rules --socket-path=$DF_INSTALL_DIR/tmp/yara-hunter.sock --enable-updater=false"
path=$DF_INSTALL_DIR/home/deepfence/bin/yara-hunter/YaraHunter
autostart=true
autorestart=true
3 changes: 3 additions & 0 deletions deepfence_bootstrapper/controls/controls.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ func SetClusterAgentControls(k8sClusterName string) {
func(req ctl.StartAgentUpgradeRequest) error {
log.Info().Msg("Start Cluster Agent Upgrade")
router.SetUpgrade()
defer router.UnsetUpgrade()
return StartClusterAgentUpgrade(req)
})
if err != nil {
Expand Down Expand Up @@ -110,6 +111,7 @@ func SetAgentControls() {
func(req ctl.StartAgentUpgradeRequest) error {
log.Info().Msg("Start Agent Upgrade")
router.SetUpgrade()
defer router.UnsetUpgrade()
return router.StartAgentUpgrade(req)
})
if err != nil {
Expand All @@ -119,6 +121,7 @@ func SetAgentControls() {
func(req ctl.EnableAgentPluginRequest) error {
log.Info().Msg("Start & download Agent Plugin")
router.SetUpgrade()
defer router.UnsetUpgrade()
err = supervisor.UpgradeProcessFromURL(req.PluginName, req.BinUrl)
if err != nil {
return err
Expand Down
4 changes: 4 additions & 0 deletions deepfence_bootstrapper/router/openapi_client_controls.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -134,6 +134,10 @@ func SetUpgrade() {
upgrade.Store(true)
}

func UnsetUpgrade() {
upgrade.Store(false)
}

func getUpgradeWorkload() int32 {
if upgrade.Load() {
return MAX_AGENT_WORKLOAD
Expand Down
26 changes: 25 additions & 1 deletion deepfence_bootstrapper/router/upgrade.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (
"os"
"os/exec"
"path/filepath"
"syscall"

"github.com/deepfence/ThreatMapper/deepfence_bootstrapper/supervisor"
ctl "github.com/deepfence/ThreatMapper/deepfence_utils/controls"
Expand Down Expand Up @@ -49,6 +50,9 @@ func StartAgentUpgrade(req ctl.StartAgentUpgradeRequest) error {
if err != nil {
return err
}
if info.IsDir() {
return nil
}
plugins = append(plugins, NamePath{name: filepath.Base(path), path: path})
return nil
})
Expand All @@ -57,16 +61,36 @@ func StartAgentUpgrade(req ctl.StartAgentUpgradeRequest) error {
return err
}

restart := false
for _, plugin := range plugins {
err = supervisor.UpgradeProcessFromFile(plugin.name, plugin.path)
if err != nil {
log.Error().Msg(err.Error())
log.Error().Msgf("plugin: %v, path: %v, err: %v", plugin.name, plugin.path, err)
} else if plugin.name == supervisor.Self_id {
restart = true
}
}

if restart {
log.Info().Msgf("Restart self")
restartSelf()
}

return nil
}

func restartSelf() error {
errs := supervisor.StopAllProcesses()
for i := range errs {
log.Error().Msg(errs[i].Error())
}
argv0, err := exec.LookPath(os.Args[0])
if err != nil {
return err
}
return syscall.Exec(argv0, os.Args, os.Environ())
}

func downloadFile(filepath string, url string) (err error) {

// Create the file
Expand Down
21 changes: 18 additions & 3 deletions deepfence_bootstrapper/supervisor/process.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ import (
)

const (
self_id = "self"
Self_id = "self"
log_root_env = "${DF_INSTALL_DIR}/var/log/deepfenced/"
EXIT_CODE_BASH_NOT_FOUND = 127
)
Expand Down Expand Up @@ -288,7 +288,7 @@ func WriteTo(dst, org string) error {
}

func UpgradeProcessFromFile(name, path string) error {
if name == self_id {
if name == Self_id {
return selfUpgradeFromFile(path)
}

Expand Down Expand Up @@ -325,7 +325,7 @@ func UpgradeProcessFromFile(name, path string) error {
}

func UpgradeProcessFromURL(name, url string) error {
if name == self_id {
if name == Self_id {
return selfUpgradeFromUrl(url)
}

Expand Down Expand Up @@ -393,6 +393,21 @@ func StopProcess(name string) error {
return process.stop()
}

func StopAllProcesses() []error {

access.RLock()
defer access.RUnlock()

errs := []error{}
for _, process := range processes {
err := process.stop()
if err != nil {
errs = append(errs, err)
}
}
return errs
}

func LoadProcess(name, path, command, env string, autorestart bool, cgroup string) {
access.Lock()
defer access.Unlock()
Expand Down
2 changes: 1 addition & 1 deletion deepfence_ctl/cmd/graph.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,7 @@ var graphTopologySubCmd = &cobra.Command{

root, _ := cmd.Flags().GetString("root")

var res *deepfence_server_client.ApiDocsGraphResult
var res *deepfence_server_client.ModelGraphResult
var rh *stdhttp.Response
switch root {
case "":
Expand Down
Loading

0 comments on commit 0a1d38c

Please sign in to comment.