diff --git a/api/grpc/mpi/v1/command.pb.go b/api/grpc/mpi/v1/command.pb.go index b5f0346f4..31e94ea7d 100644 --- a/api/grpc/mpi/v1/command.pb.go +++ b/api/grpc/mpi/v1/command.pb.go @@ -8,7 +8,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.36.9 +// protoc-gen-go v1.36.10 // protoc (unknown) // source: mpi/v1/command.proto diff --git a/api/grpc/mpi/v1/common.pb.go b/api/grpc/mpi/v1/common.pb.go index e6d06cf37..b59f47b5a 100644 --- a/api/grpc/mpi/v1/common.pb.go +++ b/api/grpc/mpi/v1/common.pb.go @@ -5,7 +5,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.36.9 +// protoc-gen-go v1.36.10 // protoc (unknown) // source: mpi/v1/common.proto diff --git a/api/grpc/mpi/v1/files.pb.go b/api/grpc/mpi/v1/files.pb.go index 47d1362b7..0223bae3a 100644 --- a/api/grpc/mpi/v1/files.pb.go +++ b/api/grpc/mpi/v1/files.pb.go @@ -5,7 +5,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.36.9 +// protoc-gen-go v1.36.10 // protoc (unknown) // source: mpi/v1/files.proto diff --git a/internal/collector/otel_collector_plugin.go b/internal/collector/otel_collector_plugin.go index 5112e68be..19a8b3d79 100644 --- a/internal/collector/otel_collector_plugin.go +++ b/internal/collector/otel_collector_plugin.go @@ -572,7 +572,7 @@ func (oc *Collector) updateNginxAppProtectTcplogReceivers( oc.config.Collector.Receivers.TcplogReceivers = make(map[string]*config.TcplogReceiver) } - napSysLogServer := oc.findAvailableSyslogServers(ctx, nginxConfigContext.NAPSysLogServers) + napSysLogServer := oc.findAvailableSyslogServers(ctx, nginxConfigContext.NAPSysLogServer) if napSysLogServer != "" { if !oc.doesTcplogReceiverAlreadyExist(napSysLogServer) { @@ -705,40 +705,30 @@ func (oc *Collector) updateResourceAttributes( return actionUpdated } -func (oc *Collector) findAvailableSyslogServers(ctx context.Context, napSyslogServers []string) string { - napSyslogServersMap := make(map[string]bool) - for _, server := range napSyslogServers { - napSyslogServersMap[server] = true +func (oc *Collector) findAvailableSyslogServers(ctx context.Context, napSyslogServer string) string { + if oc.previousNAPSysLogServer != "" && oc.previousNAPSysLogServer == napSyslogServer { + return oc.previousNAPSysLogServer } - if oc.previousNAPSysLogServer != "" { - if _, ok := napSyslogServersMap[oc.previousNAPSysLogServer]; ok { - return oc.previousNAPSysLogServer - } - } - - for _, napSyslogServer := range napSyslogServers { - listenConfig := &net.ListenConfig{} - ln, err := listenConfig.Listen(ctx, "tcp", napSyslogServer) - if err != nil { - slog.DebugContext(ctx, "NAP syslog server is not reachable", "address", napSyslogServer, - "error", err) + listenConfig := &net.ListenConfig{} + ln, err := listenConfig.Listen(ctx, "tcp", napSyslogServer) + if err != nil { + slog.DebugContext(ctx, "NAP syslog server is not reachable", "address", napSyslogServer, + "error", err) - continue - } - closeError := ln.Close() - if closeError != nil { - slog.DebugContext(ctx, "Failed to close syslog server", "address", napSyslogServer, "error", closeError) - } + return "" + } - slog.DebugContext(ctx, "Found valid NAP syslog server", "address", napSyslogServer) + closeError := ln.Close() + if closeError != nil { + slog.DebugContext(ctx, "Failed to close syslog server", "address", napSyslogServer, "error", closeError) + } - oc.previousNAPSysLogServer = napSyslogServer + slog.InfoContext(ctx, "Found valid NAP syslog server", "address", napSyslogServer) - return napSyslogServer - } + oc.previousNAPSysLogServer = napSyslogServer - return "" + return napSyslogServer } func isOSSReceiverChanged(nginxReceiver config.NginxReceiver, nginxConfigContext *model.NginxConfigContext) bool { diff --git a/internal/collector/otel_collector_plugin_test.go b/internal/collector/otel_collector_plugin_test.go index ac25ce775..308351a2b 100644 --- a/internal/collector/otel_collector_plugin_test.go +++ b/internal/collector/otel_collector_plugin_test.go @@ -744,7 +744,7 @@ func TestCollector_updateNginxAppProtectTcplogReceivers(t *testing.T) { require.NoError(t, err) nginxConfigContext := &model.NginxConfigContext{ - NAPSysLogServers: []string{"localhost:15632"}, + NAPSysLogServer: "localhost:15632", } assert.Empty(t, conf.Collector.Receivers.TcplogReceivers) @@ -777,7 +777,7 @@ func TestCollector_updateNginxAppProtectTcplogReceivers(t *testing.T) { t.Run("Test 4: NewCollector tcplogReceiver added and deleted another", func(tt *testing.T) { tcplogReceiverDeleted := collector.updateNginxAppProtectTcplogReceivers(ctx, &model.NginxConfigContext{ - NAPSysLogServers: []string{"localhost:1555"}, + NAPSysLogServer: "localhost:1555", }, ) @@ -927,49 +927,49 @@ func TestCollector_findAvailableSyslogServers(t *testing.T) { name string expectedSyslogServer string previousNAPSysLogServer string - syslogServers []string + syslogServers string portInUse bool }{ { name: "Test 1: port available", expectedSyslogServer: "localhost:15632", previousNAPSysLogServer: "", - syslogServers: []string{"localhost:15632"}, + syslogServers: "localhost:15632", portInUse: false, }, { name: "Test 2: port in use", expectedSyslogServer: "", previousNAPSysLogServer: "", - syslogServers: []string{"localhost:15632"}, + syslogServers: "localhost:15632", portInUse: true, }, { name: "Test 3: syslog server already configured", expectedSyslogServer: "localhost:15632", previousNAPSysLogServer: "localhost:15632", - syslogServers: []string{"localhost:15632"}, + syslogServers: "localhost:15632", portInUse: false, }, { name: "Test 4: new syslog server", expectedSyslogServer: "localhost:15632", previousNAPSysLogServer: "localhost:1122", - syslogServers: []string{"localhost:15632"}, + syslogServers: "localhost:15632", portInUse: false, }, { name: "Test 5: port in use find next server", expectedSyslogServer: "localhost:1122", previousNAPSysLogServer: "", - syslogServers: []string{"localhost:15632", "localhost:1122"}, + syslogServers: "localhost:1122", portInUse: true, }, { name: "Test 6: port hasn't changed", expectedSyslogServer: "localhost:1122", previousNAPSysLogServer: "localhost:1122", - syslogServers: []string{"localhost:1122"}, + syslogServers: "localhost:1122", portInUse: true, }, } diff --git a/internal/config/config.go b/internal/config/config.go index cc72af59c..48f0166a5 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -122,6 +122,7 @@ func ResolveConfig() (*Config, error) { Features: viperInstance.GetStringSlice(FeaturesKey), Labels: resolveLabels(), LibDir: viperInstance.GetString(LibDirPathKey), + SyslogServer: resolveSyslogServer(), } defaultCollector(collector, config) @@ -420,6 +421,12 @@ func registerFlags() { "A comma-separated list of features enabled for the agent.", ) + fs.String( + SyslogServerPort, + DefSyslogServerPort, + "The port Agent will start the syslog server for Nginx App Protect Security violations on", + ) + registerCommonFlags(fs) registerCommandFlags(fs) registerAuxiliaryCommandFlags(fs) @@ -897,6 +904,12 @@ func resolveLog() *Log { } } +func resolveSyslogServer() *SyslogServer { + return &SyslogServer{ + Port: viperInstance.GetString(SyslogServerPort), + } +} + func resolveLabels() map[string]interface{} { input := viperInstance.GetStringMapString(LabelsRootKey) diff --git a/internal/config/config_test.go b/internal/config/config_test.go index f55afee23..91f6bc695 100644 --- a/internal/config/config_test.go +++ b/internal/config/config_test.go @@ -1068,6 +1068,9 @@ func createConfig() *Config { Level: "debug", Path: "./test-path", }, + SyslogServer: &SyslogServer{ + Port: "1512", + }, Client: &Client{ HTTP: &HTTP{ Timeout: 15 * time.Second, diff --git a/internal/config/defaults.go b/internal/config/defaults.go index 615c7bc8b..444f90902 100644 --- a/internal/config/defaults.go +++ b/internal/config/defaults.go @@ -23,6 +23,8 @@ const ( DefNginxReloadBackoffMaxInterval = 3 * time.Second DefNginxReloadBackoffMaxElapsedTime = 10 * time.Second + DefSyslogServerPort = "1514" + DefCommandServerHostKey = "" DefCommandServerPortKey = 0 DefCommandServerTypeKey = "grpc" diff --git a/internal/config/flags.go b/internal/config/flags.go index 3e51eb52b..d14b3ec61 100644 --- a/internal/config/flags.go +++ b/internal/config/flags.go @@ -135,6 +135,8 @@ var ( NginxExcludeLogsKey = pre(DataPlaneConfigRootKey, "nginx") + "exclude_logs" NginxApiTlsCa = pre(DataPlaneConfigRootKey, "nginx") + "api_tls_ca" + SyslogServerPort = pre("syslog_server") + "port" + FileWatcherMonitoringFrequencyKey = pre(FileWatcherKey) + "monitoring_frequency" NginxExcludeFilesKey = pre(FileWatcherKey) + "exclude_files" ) diff --git a/internal/config/testdata/nginx-agent.conf b/internal/config/testdata/nginx-agent.conf index 9df36198d..5a73cf515 100644 --- a/internal/config/testdata/nginx-agent.conf +++ b/internal/config/testdata/nginx-agent.conf @@ -23,7 +23,11 @@ features: - metrics - api-action - logs-nap - + + +syslog_server: + port: 1512 + data_plane_config: nginx: reload_monitoring_period: 30s diff --git a/internal/config/types.go b/internal/config/types.go index a5d07a210..b8a7a50b0 100644 --- a/internal/config/types.go +++ b/internal/config/types.go @@ -43,6 +43,7 @@ type ( Client *Client `yaml:"client" mapstructure:"client"` Collector *Collector `yaml:"collector" mapstructure:"collector"` Watchers *Watchers `yaml:"watchers" mapstructure:"watchers"` + SyslogServer *SyslogServer `yaml:"syslog_server" mapstructure:"syslog_server"` Labels map[string]any `yaml:"labels" mapstructure:"labels"` Version string `yaml:"-"` Path string `yaml:"-"` @@ -61,6 +62,9 @@ type ( Nginx *NginxDataPlaneConfig `yaml:"nginx" mapstructure:"nginx"` } + SyslogServer struct { + Port string `yaml:"port" mapstructure:"port"` + } NginxDataPlaneConfig struct { ReloadBackoff *BackOff `yaml:"reload_backoff" mapstructure:"reload_backoff"` APITls TLSConfig `yaml:"api_tls" mapstructure:"api_tls"` diff --git a/internal/datasource/config/nginx_config_parser.go b/internal/datasource/config/nginx_config_parser.go index 541530b48..7be3459be 100644 --- a/internal/datasource/config/nginx_config_parser.go +++ b/internal/datasource/config/nginx_config_parser.go @@ -151,7 +151,6 @@ func (ncp *NginxConfigParser) createNginxConfigContext( payload *crossplane.Payload, configPath string, ) (*model.NginxConfigContext, error) { - napSyslogServersFound := make(map[string]bool) napEnabled := false nginxConfigContext := &model.NginxConfigContext{ @@ -167,7 +166,7 @@ func (ncp *NginxConfigParser) createNginxConfigContext( Listen: "", Location: "", }, - NAPSysLogServers: make([]string, 0), + NAPSysLogServer: "", } rootDir := filepath.Dir(instance.GetInstanceRuntime().GetConfigPath()) @@ -223,8 +222,8 @@ func (ncp *NginxConfigParser) createNginxConfigContext( if len(directive.Args) > 1 { napEnabled = true sysLogServer := ncp.findLocalSysLogServers(directive.Args[1]) - if sysLogServer != "" && !napSyslogServersFound[sysLogServer] { - napSyslogServersFound[sysLogServer] = true + if sysLogServer != "" { + nginxConfigContext.NAPSysLogServer = sysLogServer slog.DebugContext(ctx, "Found NAP syslog server", "address", sysLogServer) } } @@ -251,15 +250,10 @@ func (ncp *NginxConfigParser) createNginxConfigContext( nginxConfigContext.PlusAPIs = append(nginxConfigContext.PlusAPIs, plusAPIs...) } - if len(napSyslogServersFound) > 0 { - var napSyslogServer []string - for server := range napSyslogServersFound { - napSyslogServer = append(napSyslogServer, server) - } - nginxConfigContext.NAPSysLogServers = napSyslogServer - } else if napEnabled { - slog.WarnContext(ctx, "Could not find available local NGINX App Protect syslog server. "+ - "Security violations will not be collected.") + if napEnabled && nginxConfigContext.NAPSysLogServer == "" { + slog.WarnContext(ctx, fmt.Sprintf("Could not find available local NGINX App Protect syslog"+ + " server configured on port %s. Security violations will not be collected.", + ncp.agentConfig.SyslogServer.Port)) } fileMeta, err := files.FileMeta(conf.File) @@ -280,11 +274,15 @@ func (ncp *NginxConfigParser) findLocalSysLogServers(sysLogServer string) string re := regexp.MustCompile(`syslog:server=([\S]+)`) matches := re.FindStringSubmatch(sysLogServer) if len(matches) > 1 { - host, _, err := net.SplitHostPort(matches[1]) + host, port, err := net.SplitHostPort(matches[1]) if err != nil { return "" } + if port != ncp.agentConfig.SyslogServer.Port { + return "" + } + ip := net.ParseIP(host) if ip.IsLoopback() || strings.EqualFold(host, "localhost") { return matches[1] diff --git a/internal/datasource/config/nginx_config_parser_test.go b/internal/datasource/config/nginx_config_parser_test.go index 8051a5200..6455f5282 100644 --- a/internal/datasource/config/nginx_config_parser_test.go +++ b/internal/datasource/config/nginx_config_parser_test.go @@ -357,7 +357,7 @@ func TestNginxConfigParser_Parse(t *testing.T) { ltsvAccessLog.Name(), errorLog.Name(), protos.NginxOssInstance([]string{}).GetInstanceMeta().GetInstanceId(), - []string{"127.0.0.1:1515"}, + "127.0.0.1:1514", ), expectedLog: "", allowedDirectories: []string{dir}, @@ -377,7 +377,7 @@ func TestNginxConfigParser_Parse(t *testing.T) { ltsvAccessLog.Name(), errorLog.Name(), protos.NginxPlusInstance([]string{}).GetInstanceMeta().GetInstanceId(), - []string{"127.0.0.1:1515"}, + "127.0.0.1:1514", ), expectedLog: "", allowedDirectories: []string{dir}, @@ -392,7 +392,7 @@ func TestNginxConfigParser_Parse(t *testing.T) { errorLog.Name(), []*mpi.File{&allowedFileWithMetas}, protos.NginxPlusInstance([]string{}).GetInstanceMeta().GetInstanceId(), - []string{}, + "", ), expectedLog: "", allowedDirectories: []string{dir}, @@ -402,13 +402,13 @@ func TestNginxConfigParser_Parse(t *testing.T) { instance: protos.NginxPlusInstance([]string{}), content: testconfig.NginxConfWithSSLCertsWithVariables(), expectedConfigContext: &model.NginxConfigContext{ - StubStatus: &model.APIDetails{}, - PlusAPI: &model.APIDetails{}, - InstanceID: protos.NginxPlusInstance([]string{}).GetInstanceMeta().GetInstanceId(), - Files: []*mpi.File{}, - AccessLogs: []*model.AccessLog{}, - ErrorLogs: []*model.ErrorLog{}, - NAPSysLogServers: []string{}, + StubStatus: &model.APIDetails{}, + PlusAPI: &model.APIDetails{}, + InstanceID: protos.NginxPlusInstance([]string{}).GetInstanceMeta().GetInstanceId(), + Files: []*mpi.File{}, + AccessLogs: []*model.AccessLog{}, + ErrorLogs: []*model.ErrorLog{}, + NAPSysLogServer: "", }, allowedDirectories: []string{dir}, }, @@ -426,7 +426,7 @@ func TestNginxConfigParser_Parse(t *testing.T) { combinedAccessLog.Name(), ltsvAccessLog.Name(), protos.NginxPlusInstance([]string{}).GetInstanceMeta().GetInstanceId(), - []string{"127.0.0.1:1515"}, + "127.0.0.1:1514", ), expectedLog: "Currently error log outputs to stderr. Log monitoring is disabled while applying a " + "config; log errors to file to enable error monitoring", @@ -446,7 +446,7 @@ func TestNginxConfigParser_Parse(t *testing.T) { combinedAccessLog.Name(), ltsvAccessLog.Name(), protos.NginxPlusInstance([]string{}).GetInstanceMeta().GetInstanceId(), - []string{"127.0.0.1:1515"}, + "127.0.0.1:1514", ), expectedLog: "Currently error log outputs to stdout. Log monitoring is disabled while applying a " + "config; log errors to file to enable error monitoring", @@ -465,7 +465,7 @@ func TestNginxConfigParser_Parse(t *testing.T) { errorLog.Name(), []*mpi.File{&certFileWithMetas}, protos.NginxPlusInstance([]string{}).GetInstanceMeta().GetInstanceId(), - []string{}, + "", ), allowedDirectories: []string{dir}, }, @@ -483,7 +483,7 @@ func TestNginxConfigParser_Parse(t *testing.T) { errorLog.Name(), []*mpi.File{&diffCertFileWithMetas, &certFileWithMetas}, protos.NginxPlusInstance([]string{}).GetInstanceMeta().GetInstanceId(), - []string{}, + "", ), allowedDirectories: []string{dir}, }, @@ -501,7 +501,7 @@ func TestNginxConfigParser_Parse(t *testing.T) { errorLog.Name(), []*mpi.File{&certFileWithMetas}, protos.NginxPlusInstance([]string{}).GetInstanceMeta().GetInstanceId(), - []string{}, + "", ), allowedDirectories: []string{dir}, }, @@ -509,12 +509,12 @@ func TestNginxConfigParser_Parse(t *testing.T) { name: "Test 10: Available NAP syslog server", instance: protos.NginxPlusInstance([]string{}), content: testconfig.NginxConfigWithMultipleSysLogs(errorLog.Name(), accessLog.Name(), - "192.168.12.34:1517", "my.domain.com:1517", "127.0.0.1:1515"), + "192.168.12.34:1517", "my.domain.com:1517", "127.0.0.1:1514"), expectedConfigContext: modelHelpers.ConfigContextWithSysLog( accessLog.Name(), errorLog.Name(), protos.NginxPlusInstance([]string{}).GetInstanceMeta().GetInstanceId(), - []string{"127.0.0.1:1515"}, + "127.0.0.1:1514", ), allowedDirectories: []string{dir}, expectedLog: "Found NAP syslog server", @@ -528,11 +528,11 @@ func TestNginxConfigParser_Parse(t *testing.T) { accessLog.Name(), errorLog.Name(), protos.NginxPlusInstance([]string{}).GetInstanceMeta().GetInstanceId(), - []string{}, + "", ), allowedDirectories: []string{dir}, - expectedLog: "Could not find available local NGINX App Protect syslog server. " + - "Security violations will not be collected.", + expectedLog: "Could not find available local NGINX App Protect syslog server " + + "configured on port 1514. Security violations will not be collected.", }, } @@ -561,7 +561,6 @@ func TestNginxConfigParser_Parse(t *testing.T) { result, parseError := nginxConfig.Parse(ctx, test.instance) require.NoError(t, parseError) - t.Logf("Log: %s", logBuf.String()) helpers.ValidateLog(t, test.expectedLog, logBuf) logBuf.Reset() @@ -578,7 +577,7 @@ func TestNginxConfigParser_Parse(t *testing.T) { assert.Truef(t, protoListEqual(test.expectedConfigContext.Files, result.Files), "Expect %s Got %s", test.expectedConfigContext.Files, result.Files) - assert.Equal(t, test.expectedConfigContext.NAPSysLogServers, result.NAPSysLogServers) + assert.Equal(t, test.expectedConfigContext.NAPSysLogServer, result.NAPSysLogServer) assert.Equal(t, test.expectedConfigContext.PlusAPI, result.PlusAPI) assert.ElementsMatch(t, test.expectedConfigContext.AccessLogs, result.AccessLogs) assert.ElementsMatch(t, test.expectedConfigContext.ErrorLogs, result.ErrorLogs) @@ -629,25 +628,25 @@ func TestNginxConfigParser_SyslogServerParse(t *testing.T) { instance.InstanceRuntime.ConfigPath = file.Name() tests := []struct { - content string - expectedLog string - name string - expectedSyslogServers []string - portInUse bool + content string + expectedLog string + name string + expectedSyslogServer string + portInUse bool }{ { - name: "Test 1: Valid port", - expectedSyslogServers: []string{"127.0.0.1:1515"}, + name: "Test 1: Valid port", + expectedSyslogServer: "127.0.0.1:1514", content: testconfig.NginxConfigWithMultipleSysLogs(errorLog.Name(), accessLog.Name(), - "192.168.12.34:1517", "my.domain.com:1517", "127.0.0.1:1515"), + "192.168.12.34:1517", "my.domain.com:1517", "127.0.0.1:1514"), expectedLog: "Found NAP syslog server", }, { - name: "Test 2: No valid server", - expectedSyslogServers: []string{}, + name: "Test 2: No valid server", + expectedSyslogServer: "", content: testconfig.NginxConfigWithMultipleSysLogs(errorLog.Name(), accessLog.Name(), "random.domain:1515", "192.168.12.34:1517", "my.domain.com:1517"), - expectedLog: "Could not find available local NGINX App Protect syslog server. " + + expectedLog: "Could not find available local NGINX App Protect syslog server configured on port 1514. " + "Security violations will not be collected.", }, } @@ -671,17 +670,17 @@ func TestNginxConfigParser_SyslogServerParse(t *testing.T) { helpers.ValidateLog(t, test.expectedLog, logBuf) logBuf.Reset() - assert.Equal(t, test.expectedSyslogServers, result.NAPSysLogServers) + assert.Equal(t, test.expectedSyslogServer, result.NAPSysLogServer) }) } } func TestNginxConfigParser_findValidSysLogServers(t *testing.T) { servers := []string{ - "syslog:server=192.168.12.34:1517", "syslog:server=my.domain.com:1517", "syslog:server=127.0.0.1:1515", - "syslog:server=localhost:1516", "syslog:server=127.255.255.255:1517", + "syslog:server=192.168.12.34:1517", "syslog:server=my.domain.com:1517", "syslog:server=127.0.0.1:1514", + "syslog:server=localhost:1516", "syslog:server=localhost:1514", "syslog:server=127.255.255.255:1517", } - expected := []string{"", "", "127.0.0.1:1515", "localhost:1516", "127.255.255.255:1517"} + expected := []string{"", "", "127.0.0.1:1514", "", "localhost:1514", ""} ncp := NewNginxConfigParser(types.AgentConfig()) for i, server := range servers { diff --git a/internal/model/config.go b/internal/model/config.go index e9aee603a..3dcf25406 100644 --- a/internal/model/config.go +++ b/internal/model/config.go @@ -12,17 +12,17 @@ import ( ) type NginxConfigContext struct { - StubStatus *APIDetails - PlusAPI *APIDetails - StubStatuses []*APIDetails - PlusAPIs []*APIDetails - InstanceID string - ConfigPath string - Files []*v1.File - AccessLogs []*AccessLog - ErrorLogs []*ErrorLog - NAPSysLogServers []string - Includes []string + StubStatus *APIDetails + PlusAPI *APIDetails + StubStatuses []*APIDetails + PlusAPIs []*APIDetails + InstanceID string + ConfigPath string + Files []*v1.File + AccessLogs []*AccessLog + ErrorLogs []*ErrorLog + NAPSysLogServer string + Includes []string } type APIDetails struct { @@ -124,7 +124,7 @@ func (ncc *NginxConfigContext) Equal(otherNginxConfigContext *NginxConfigContext return false } - if !reflect.DeepEqual(ncc.NAPSysLogServers, otherNginxConfigContext.NAPSysLogServers) { + if !reflect.DeepEqual(ncc.NAPSysLogServer, otherNginxConfigContext.NAPSysLogServer) { return false } diff --git a/internal/resource/resource_service_test.go b/internal/resource/resource_service_test.go index 8a8cd45a9..caa0f3721 100644 --- a/internal/resource/resource_service_test.go +++ b/internal/resource/resource_service_test.go @@ -364,13 +364,13 @@ func TestResourceService_ApplyConfig(t *testing.T) { nginxParser := configfakes.FakeConfigParser{} nginxParser.ParseReturns(&model.NginxConfigContext{ - StubStatus: &model.APIDetails{}, - PlusAPI: &model.APIDetails{}, - InstanceID: test.instanceID, - Files: nil, - AccessLogs: nil, - ErrorLogs: nil, - NAPSysLogServers: []string{}, + StubStatus: &model.APIDetails{}, + PlusAPI: &model.APIDetails{}, + InstanceID: test.instanceID, + Files: nil, + AccessLogs: nil, + ErrorLogs: nil, + NAPSysLogServer: "", }, nil) nginxParser.FindStubStatusAPIReturns(&model.APIDetails{ diff --git a/test/config/nginx/nginx-with-multiple-access-logs.conf b/test/config/nginx/nginx-with-multiple-access-logs.conf index a185f498a..2a2f508b0 100644 --- a/test/config/nginx/nginx-with-multiple-access-logs.conf +++ b/test/config/nginx/nginx-with-multiple-access-logs.conf @@ -44,6 +44,6 @@ http { server { access_log %s ltsv; - app_protect_security_log "/etc/app_protect/conf/log_default.json" syslog:server=127.0.0.1:1515; + app_protect_security_log "/etc/app_protect/conf/log_default.json" syslog:server=127.0.0.1:1514; } } diff --git a/test/model/config.go b/test/model/config.go index e1370d06b..2963082de 100644 --- a/test/model/config.go +++ b/test/model/config.go @@ -29,7 +29,7 @@ func ConfigContextWithNames( ltsvAccessLogName, errorLogName string, instanceID string, - syslogServers []string, + syslogServers string, ) *model.NginxConfigContext { return &model.NginxConfigContext{ StubStatus: &model.APIDetails{ @@ -71,8 +71,8 @@ func ConfigContextWithNames( Permissions: "0600", }, }, - InstanceID: instanceID, - NAPSysLogServers: syslogServers, + InstanceID: instanceID, + NAPSysLogServer: syslogServers, } } @@ -81,7 +81,7 @@ func ConfigContextWithoutErrorLog( combinedAccessLogName, ltsvAccessLogName, instanceID string, - syslogServers []string, + syslogServers string, ) *model.NginxConfigContext { return &model.NginxConfigContext{ StubStatus: &model.APIDetails{ @@ -115,8 +115,8 @@ func ConfigContextWithoutErrorLog( Permissions: "0600", }, }, - InstanceID: instanceID, - NAPSysLogServers: syslogServers, + InstanceID: instanceID, + NAPSysLogServer: syslogServers, } } @@ -125,7 +125,7 @@ func ConfigContextWithFiles( errorLogName string, files []*mpi.File, instanceID string, - syslogServers []string, + syslogServers string, ) *model.NginxConfigContext { return &model.NginxConfigContext{ StubStatus: &model.APIDetails{ @@ -156,8 +156,8 @@ func ConfigContextWithFiles( Permissions: "0600", }, }, - InstanceID: instanceID, - NAPSysLogServers: syslogServers, + InstanceID: instanceID, + NAPSysLogServer: syslogServers, } } @@ -165,7 +165,7 @@ func ConfigContextWithSysLog( accessLogName, errorLogName string, instanceID string, - syslogServers []string, + syslogServers string, ) *model.NginxConfigContext { return &model.NginxConfigContext{ StubStatus: &model.APIDetails{ @@ -194,7 +194,7 @@ func ConfigContextWithSysLog( Permissions: "0600", }, }, - InstanceID: instanceID, - NAPSysLogServers: syslogServers, + InstanceID: instanceID, + NAPSysLogServer: syslogServers, } } diff --git a/test/types/config.go b/test/types/config.go index f544b8926..682810476 100644 --- a/test/types/config.go +++ b/test/types/config.go @@ -39,6 +39,9 @@ func AgentConfig() *config.Config { UUID: "75442486-0878-440c-9db1-a7006c25a39f", Path: "/etc/nginx-agent", Log: &config.Log{}, + SyslogServer: &config.SyslogServer{ + Port: "1514", + }, Client: &config.Client{ HTTP: &config.HTTP{ Timeout: clientHTTPTimeout,