Merge remote-tracking branch 'origin/main' into upload-file

Author: shwstppr

.github/workflows/build-pr-cmk.yml

@@ -0,0 +1,120 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+name: Build cmk binaries on PR
+
+on:
+  pull_request_target:
+    types: [opened, synchronize, reopened]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number }}
+  cancel-in-progress: true
+
+jobs:
+  build:
+    permissions:
+      contents: read
+    runs-on: ubuntu-24.04
+    env:
+      GITHUB_TOKEN: ""
+    outputs:
+      outcome: ${{ steps.meta.outputs.outcome }}
+      artifact_url: ${{ steps.meta.outputs.artifact_url }}
+    steps:
+      - name: Checkout PR HEAD
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+          persist-credentials: false
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: '1.22'
+
+      - name: Build dist
+        id: build
+        run: make dist
+        continue-on-error: true
+
+      - name: Upload zipped dist artifact
+        id: upload_artifact
+        if: ${{ steps.build.outcome == 'success' }}   # gate on build outcome
+        uses: actions/upload-artifact@v4
+        with:
+          name: cmk-binaries.pr${{ github.event.pull_request.number }}
+          path: dist/
+          if-no-files-found: error
+          retention-days: 10
+
+      - name: Expose build outcome & artifact link
+        id: meta
+        if: always()
+        run: |
+          echo "outcome=${{ steps.build.outcome }}" >> $GITHUB_OUTPUT
+          echo "artifact_url=${{ steps.upload_artifact.outputs.artifact-url }}" >> $GITHUB_OUTPUT
+
+  comment:
+    if: always()
+    needs: build
+    permissions:
+      contents: read
+      issues: write
+      pull-requests: write
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Comment or update cmk build artifact on PR
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const { execSync } = require('child_process');
+
+            const issue_number = context.payload.pull_request.number;
+            const identifier = "cmk-build-artifact-comment";
+
+            const owner = context.payload.repository.owner.login; // base repo (pull_request_target)
+            const repo  = context.payload.repository.name;
+
+            const buildOutcome = "${{ needs.build.outputs.outcome }}";
+            const artifactUrl  = "${{ needs.build.outputs.artifact_url }}";
+            const runId        = "${{ github.run_id }}";
+
+            core.info(`Will comment on ${owner}/${repo}#${issue_number}`);
+            core.info(`Outcome=${buildOutcome || '(empty)'} Artifact=${artifactUrl || '(none)'}`);
+
+            let body = `<!-- ${identifier} -->\n`;
+            if (buildOutcome === 'success' && artifactUrl) {
+              const expiryDate = execSync("date -d '+10 days' '+%B %d, %Y'").toString().trim();
+              body += `✅ Build complete for PR #${issue_number}.\n\n`;
+              body += `🔗 Download the [cmk binaries](${artifactUrl}) (expires on ${expiryDate})`;
+            } else {
+              body += `❌ Build failed for PR #${issue_number}.\n\n`;
+              body += `See the run: https://github.com/${owner}/${repo}/actions/runs/${runId}`;
+            }
+
+            const { data: comments } = await github.rest.issues.listComments({ owner, repo, issue_number });
+            const existing = comments.find(c => c.user.login === 'github-actions[bot]' && c.body.includes(identifier));
+
+            if (existing) {
+              core.info(`Updating comment id ${existing.id}`);
+              await github.rest.issues.updateComment({ owner, repo, comment_id: existing.id, body });
+            } else {
+              core.info(`Creating new comment`);
+              await github.rest.issues.createComment({ owner, repo, issue_number, body });
+            }
+

cmd/network.go

@@ -49,6 +49,84 @@ func findSessionCookie(cookies []*http.Cookie) *http.Cookie {
 	return nil
 }
 
+func getLoginResponse(responseBody []byte) (map[string]interface{}, error) {
+	var responseMap map[string]interface{}
+	err := json.Unmarshal(responseBody, &responseMap)
+	if err != nil {
+		return nil, errors.New("failed to parse login response: " + err.Error())
+	}
+	loginRespRaw, ok := responseMap["loginresponse"]
+	if !ok {
+		return nil, errors.New("failed to parse login response, expected 'loginresponse' key not found")
+	}
+	loginResponse, ok := loginRespRaw.(map[string]interface{})
+	if !ok {
+		return nil, errors.New("failed to parse login response, expected 'loginresponse' to be a map")
+	}
+	return loginResponse, nil
+}
+
+func getResponseBooleanValue(response map[string]interface{}, key string) (bool, bool) {
+	v, found := response[key]
+	if !found {
+		return false, false
+	}
+	switch value := v.(type) {
+	case bool:
+		return true, value
+	case string:
+		return true, strings.ToLower(value) == "true"
+	case float64:
+		return true, value != 0
+	default:
+		return true, false
+	}
+}
+
+func checkLogin2FAPromptAndValidate(r *Request, response map[string]interface{}, sessionKey string) error {
+	if !r.Config.HasShell {
+		return nil
+	}
+	config.Debug("Checking if 2FA is enabled and verified for the user ", response)
+	found, is2faEnabled := getResponseBooleanValue(response, "is2faenabled")
+	if !found || !is2faEnabled {
+		config.Debug("2FA is not enabled for the user, skipping 2FA validation")
+		return nil
+	}
+	found, is2faVerified := getResponseBooleanValue(response, "is2faverified")
+	if !found || is2faVerified {
+		config.Debug("2FA is already verified for the user, skipping 2FA validation")
+		return nil
+	}
+	activeSpinners := r.Config.PauseActiveSpinners()
+	fmt.Print("Enter 2FA code: ")
+	var code string
+	fmt.Scanln(&code)
+	if activeSpinners > 0 {
+		r.Config.ResumePausedSpinners()
+	}
+	params := make(url.Values)
+	params.Add("command", "validateUserTwoFactorAuthenticationCode")
+	params.Add("codefor2fa", code)
+	params.Add("sessionkey", sessionKey)
+
+	msURL, _ := url.Parse(r.Config.ActiveProfile.URL)
+
+	config.Debug("Validating 2FA with POST URL:", msURL, params)
+	spinner := r.Config.StartSpinner("trying to validate 2FA...")
+	resp, err := r.Client().PostForm(msURL.String(), params)
+	r.Config.StopSpinner(spinner)
+	if err != nil {
+		return errors.New("failed to failed to validate 2FA code: " + err.Error())
+	}
+	config.Debug("ValidateUserTwoFactorAuthenticationCode POST response status code:", resp.StatusCode)
+	if resp.StatusCode != http.StatusOK {
+		r.Client().Jar, _ = cookiejar.New(nil)
+		return errors.New("failed to validate 2FA code, please check the code. Invalidating session")
+	}
+	return nil
+}
+
 // Login logs in a user based on provided request and returns http client and session key
 func Login(r *Request) (string, error) {
 	params := make(url.Values)
@@ -81,6 +159,13 @@ func Login(r *Request) (string, error) {
 		return "", e
 	}
 
+	body, _ := ioutil.ReadAll(resp.Body)
+	config.Debug("Login response body:", string(body))
+	loginResponse, err := getLoginResponse(body)
+	if err != nil {
+		return "", err
+	}
+
 	var sessionKey string
 	curTime := time.Now()
 	expiryDuration := 15 * time.Minute
@@ -98,6 +183,9 @@ func Login(r *Request) (string, error) {
 	}()
 
 	config.Debug("Login sessionkey:", sessionKey)
+	if err := checkLogin2FAPromptAndValidate(r, loginResponse, sessionKey); err != nil {
+		return "", err
+	}
 	return sessionKey, nil
 }
 
@@ -157,7 +245,16 @@ func pollAsyncJob(r *Request, jobID string) (map[string]interface{}, error) {
 			return nil, errors.New("async API job query timed out")
 
 		case <-ticker.C:
-			queryResult, queryError := NewAPIRequest(r, "queryAsyncJobResult", []string{"jobid=" + jobID}, false)
+			args := []string{"jobid=" + jobID}
+			if r.Args != nil {
+				for _, arg := range r.Args {
+					if strings.HasPrefix(strings.ToLower(arg), "filter=") {
+						args = append(args, arg)
+						break
+					}
+				}
+			}
+			queryResult, queryError := NewAPIRequest(r, "queryAsyncJobResult", args, false)
 			if queryError != nil {
 				return queryResult, queryError
 			}

cmd/output.go

@@ -62,28 +62,49 @@ func printJSON(response map[string]interface{}) {
 	enc.Encode(response)
 }
 
+func getItemsFromValue(v interface{}) ([]interface{}, reflect.Kind, bool) {
+	valueKind := reflect.TypeOf(v).Kind()
+	if valueKind == reflect.Slice {
+		sliceItems, ok := v.([]interface{})
+		if !ok {
+			return nil, valueKind, false
+		}
+		return sliceItems, valueKind, true
+	} else if valueKind == reflect.Map {
+		mapItem, ok := v.(map[string]interface{})
+		if !ok {
+			return nil, valueKind, false
+		}
+		return []interface{}{mapItem}, valueKind, true
+	}
+	return nil, valueKind, false
+}
+
 func printText(response map[string]interface{}) {
 	format := "text"
 	for k, v := range response {
 		valueType := reflect.TypeOf(v)
-		if valueType.Kind() == reflect.Slice {
-			fmt.Printf("%v:\n", k)
-			for idx, item := range v.([]interface{}) {
-				if idx > 0 {
-					fmt.Println("================================================================================")
-				}
-				row, isMap := item.(map[string]interface{})
-				if isMap {
-					for field, value := range row {
-						fmt.Printf("%s = %v\n", field, jsonify(value, format))
+		if valueType.Kind() == reflect.Slice || valueType.Kind() == reflect.Map {
+			items, _, ok := getItemsFromValue(v)
+			if ok {
+				fmt.Printf("%v:\n", k)
+				for idx, item := range items {
+					if idx > 0 {
+						fmt.Println("================================================================================")
+					}
+					row, isMap := item.(map[string]interface{})
+					if isMap {
+						for field, value := range row {
+							fmt.Printf("%s = %v\n", field, jsonify(value, format))
+						}
+					} else {
+						fmt.Printf("%v\n", item)
 					}
-				} else {
-					fmt.Printf("%v\n", item)
 				}
+				return
 			}
-		} else {
-			fmt.Printf("%v = %v\n", k, jsonify(v, format))
 		}
+		fmt.Printf("%v = %v\n", k, jsonify(v, format))
 	}
 }
 
@@ -92,8 +113,8 @@ func printTable(response map[string]interface{}, filter []string) {
 	table := tablewriter.NewWriter(os.Stdout)
 	for k, v := range response {
 		valueType := reflect.TypeOf(v)
-		if valueType.Kind() == reflect.Slice {
-			items, ok := v.([]interface{})
+		if valueType.Kind() == reflect.Slice || valueType.Kind() == reflect.Map {
+			items, _, ok := getItemsFromValue(v)
 			if !ok {
 				continue
 			}
@@ -134,7 +155,7 @@ func printColumn(response map[string]interface{}, filter []string) {
 	for _, v := range response {
 		valueType := reflect.TypeOf(v)
 		if valueType.Kind() == reflect.Slice || valueType.Kind() == reflect.Map {
-			items, ok := v.([]interface{})
+			items, _, ok := getItemsFromValue(v)
 			if !ok {
 				continue
 			}
@@ -173,7 +194,7 @@ func printCsv(response map[string]interface{}, filter []string) {
 	for _, v := range response {
 		valueType := reflect.TypeOf(v)
 		if valueType.Kind() == reflect.Slice || valueType.Kind() == reflect.Map {
-			items, ok := v.([]interface{})
+			items, _, ok := getItemsFromValue(v)
 			if !ok {
 				continue
 			}
@@ -207,7 +228,7 @@ func printCsv(response map[string]interface{}, filter []string) {
 }
 
 func filterResponse(response map[string]interface{}, filter []string, excludeFilter []string, outputType string) map[string]interface{} {
-	if (filter == nil || len(filter) == 0) && (excludeFilter == nil || len(excludeFilter) == 0) {
+	if len(filter) == 0 && len(excludeFilter) == 0 {
 		return response
 	}
 
@@ -224,8 +245,12 @@ func filterResponse(response map[string]interface{}, filter []string, excludeFil
 	filteredResponse := make(map[string]interface{})
 
 	for key, value := range response {
-		switch items := value.(type) {
-		case []interface{}:
+		valueType := reflect.TypeOf(value)
+		if valueType.Kind() == reflect.Slice || valueType.Kind() == reflect.Map {
+			items, originalKind, ok := getItemsFromValue(value)
+			if !ok {
+				continue
+			}
 			var filteredRows []interface{}
 			for _, item := range items {
 				row, ok := item.(map[string]interface{})
@@ -255,9 +280,12 @@ func filterResponse(response map[string]interface{}, filter []string, excludeFil
 
 				filteredRows = append(filteredRows, filteredRow)
 			}
-			filteredResponse[key] = filteredRows
-
-		default:
+			if originalKind == reflect.Map && len(filteredRows) > 0 {
+				filteredResponse[key] = filteredRows[0]
+			} else {
+				filteredResponse[key] = filteredRows
+			}
+		} else {
 			filteredResponse[key] = value
 		}
 	}