Receive ZTA info via control server and make it available via localse…

…rver (#2096)
kolide · Feb 10, 2025 · 661e069 · 661e069
1 parent 45f58f9
commit 661e069
Show file tree

Hide file tree

Showing 11 changed files with 333 additions and 99 deletions.
diff --git a/cmd/launcher/launcher.go b/cmd/launcher/launcher.go
@@ -74,6 +74,7 @@ const (
 	desktopMenuSubsystemName = "kolide_desktop_menu"
 	authTokensSubsystemName  = "auth_tokens"
 	katcSubsystemName        = "katc_config" // Kolide ATC
+	ztaInfoSubsystemName     = "zta_info"
 )
 
 // runLauncher is the entry point into running launcher. It creates a
@@ -485,8 +486,8 @@ func runLauncher(ctx context.Context, cancel func(), multiSlogger, systemMultiSl
 			return fmt.Errorf("failed to register auth token consumer: %w", err)
 		}
 
-		// begin log shipping and subsribe to token updates
-		// nil check incase it failed to create for some reason
+		// begin log shipping and subscribe to token updates
+		// nil check in case it failed to create for some reason
 		if logShipper != nil {
 			controlService.RegisterSubscriber(authTokensSubsystemName, logShipper)
 		}
@@ -507,6 +508,12 @@ func runLauncher(ctx context.Context, cancel func(), multiSlogger, systemMultiSl
 			// information is made available from server_data (e.g. on a fresh install)
 			metadataWriter.Ping()
 		}
+
+		// Set up consumer to receive ZTA info from the control server
+		ztaInfoConsumer := keyvalueconsumer.NewConfigConsumer(k.ZtaInfoStore())
+		if err := controlService.RegisterConsumer(ztaInfoSubsystemName, ztaInfoConsumer); err != nil {
+			return fmt.Errorf("failed to register ZTA info consumer: %w", err)
+		}
 	}
 
 	runEECode := k.ControlServerURL() != "" || k.IAmBreakingEELicense()

diff --git a/ee/agent/knapsack/knapsack.go b/ee/agent/knapsack/knapsack.go
@@ -179,6 +179,10 @@ func (k *knapsack) LauncherHistoryStore() types.KVStore {
 	return k.getKVStore(storage.LauncherHistoryStore)
 }
 
+func (k *knapsack) ZtaInfoStore() types.KVStore {
+	return k.getKVStore(storage.ZtaInfoStore)
+}
+
 func (k *knapsack) SetLauncherWatchdogEnabled(enabled bool) error {
 	return k.flags.SetLauncherWatchdogEnabled(enabled)
 }

diff --git a/ee/agent/storage/bbolt/stores_bbolt.go b/ee/agent/storage/bbolt/stores_bbolt.go
@@ -34,6 +34,7 @@ func MakeStores(ctx context.Context, slogger *slog.Logger, db *bbolt.DB) (map[st
 		storage.TokenStore,
 		storage.ControlServerActionsStore,
 		storage.LauncherHistoryStore,
+		storage.ZtaInfoStore,
 	}
 
 	for _, storeName := range storeNames {

diff --git a/ee/agent/storage/ci/stores_ci.go b/ee/agent/storage/ci/stores_ci.go
@@ -32,6 +32,7 @@ func MakeStores(t *testing.T, slogger *slog.Logger, db *bbolt.DB) (map[storage.S
 		storage.ServerProvidedDataStore,
 		storage.TokenStore,
 		storage.LauncherHistoryStore,
+		storage.ZtaInfoStore,
 	}
 
 	if os.Getenv("CI") == "true" {

diff --git a/ee/agent/storage/stores.go b/ee/agent/storage/stores.go
@@ -19,6 +19,7 @@ const (
 	TokenStore                  Store = "token_store"              // The store used for holding bearer auth tokens, e.g. the ones used to authenticate with the observability ingest server.
 	ControlServerActionsStore   Store = "action_store"             // The store used for storing actions sent by control server.
 	LauncherHistoryStore        Store = "launcher_history"         // The store used for storing launcher start time history currently.
+	ZtaInfoStore                Store = "zta_info"                 // The store used for storing ZTA info about this device
 )
 
 func (storeType Store) String() string {

diff --git a/ee/agent/types/mocks/flags.go b/ee/agent/types/mocks/flags.go