Module: Legion::CLI::Check

Defined in:
lib/legion/cli/check_command.rb,
lib/legion/cli/check/privacy_check.rb

Defined Under Namespace

Classes: PrivacyCheck

Constant Summary collapse

CHECKS = 
%i[settings crypt transport cache cache_local data data_local].freeze
EXTENSION_CHECKS = 
%i[extensions].freeze
FULL_CHECKS = 
%i[api].freeze
CHECK_LABELS = 
{
  settings:    'Legion::Settings',
  crypt:       'Legion::Crypt',
  transport:   'Legion::Transport',
  cache:       'Legion::Cache',
  cache_local: 'Legion::Cache::Local',
  data:        'Legion::Data',
  data_local:  'Legion::Data::Local',
  extensions:  'Legion::Extensions',
  api:         'Legion::API'
}.freeze
DEPENDS_ON =

Dependencies: if a check fails, these dependents are skipped

{
  crypt:       :settings,
  transport:   :settings,
  cache:       :settings,
  cache_local: :cache,
  data:        :settings,
  data_local:  :data,
  extensions:  :transport,
  api:         :transport
}.freeze
PROBE_LABELS = 
{
  flag_set:              'Privacy flag set',
  no_cloud_keys:         'No cloud API keys configured',
  no_external_endpoints: 'External endpoints unreachable'
}.freeze

Class Method Summary collapse

Class Method Details

.run(formatter, options) ⇒ Object 



81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
 
# File 'lib/legion/cli/check_command.rb', line 81

def run(formatter, options)
  level = if options[:full]
            :full
          elsif options[:extensions]
            :extensions
          else
            :connections
          end

  checks = CHECKS.dup
  checks.concat(EXTENSION_CHECKS) if %i[extensions full].include?(level)
  checks.concat(FULL_CHECKS) if level == :full

  results = {}
  started = []

  log_level = options[:verbose] ? 'debug' : 'error'
  setup_logging(log_level)

  checks.each do |name|
    dep = DEPENDS_ON[name]
    if dep && results[dep] && %w[fail skip].include?(results[dep][:status])
      results[name] = { status: 'skip', error: "#{dep} failed" }
      print_result(formatter, name, results[name], options) unless options[:json]
      next
    end

    results[name] = run_check(name, options)
    started << name if results[name][:status] == 'pass'
    resolve_secrets_after_crypt(name, results[name])
    print_result(formatter, name, results[name], options) unless options[:json]
  end

  shutdown(started)
  print_summary(formatter, results, level, options)

  results.values.any? { |r| r[:status] == 'fail' } ? 1 : 0
end

.run_privacy(formatter, options) ⇒ Object 



43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
 
# File 'lib/legion/cli/check_command.rb', line 43

def run_privacy(formatter, options)
  require 'legion/settings'
  dir = Connection.send(:resolve_config_dir)
  Legion::Settings.load(config_dir: dir)

  checker = PrivacyCheck.new
  results = checker.run

  if options[:json]
    formatter.json({ results: results, overall: checker.overall_pass? ? 'pass' : 'fail' })
    return checker.overall_pass? ? 0 : 1
  end

  formatter.header('Enterprise Privacy Mode Check')
  formatter.spacer

  results.each do |probe, status|
    label = PROBE_LABELS.fetch(probe, probe.to_s).ljust(36)
    case status
    when :pass
      puts "  #{label}#{formatter.colorize('pass', :green)}"
    when :fail
      puts "  #{label}#{formatter.colorize('FAIL', :red)}"
    when :skip
      puts "  #{label}#{formatter.colorize('skip', :yellow)}"
    end
  end

  formatter.spacer
  if checker.overall_pass?
    formatter.success('Privacy mode fully engaged')
  else
    formatter.error('Privacy mode check failed — see items above')
  end

  checker.overall_pass? ? 0 : 1
end