debugd: add check for info fields

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2024-10-01 01:36:09 -04:00 · 2022-11-29 15:58:01 +01:00 · 2022-11-29 15:58:01 +01:00 · ac74de86fb
commit ac74de86fb
parent a0a7294546
2 changed files with 38 additions and 2 deletions
--- a/debugd/internal/cdbg/cmd/deploy.go
+++ b/debugd/internal/cdbg/cmd/deploy.go
@ -13,9 +13,11 @@ import (
 	"log"
 	"net"
 	"strconv"
+	"strings"

 	"github.com/edgelesssys/constellation/v2/debugd/internal/bootstrapper"
 	"github.com/edgelesssys/constellation/v2/debugd/internal/debugd"
+	"github.com/edgelesssys/constellation/v2/debugd/internal/debugd/logcollector"
 	pb "github.com/edgelesssys/constellation/v2/debugd/service"
 	"github.com/edgelesssys/constellation/v2/internal/config"
 	"github.com/edgelesssys/constellation/v2/internal/constants"
@ -85,16 +87,19 @@ func deploy(cmd *cobra.Command, fileHandler file.Handler, constellationConfig *c
 		ips = []string{idFile.IP}
 	}

-	infos, err := cmd.Flags().GetStringToString("info")
+	info, err := cmd.Flags().GetStringToString("info")
 	if err != nil {
 		return err
 	}
+	if err := checkInfoMap(info); err != nil {
+		return err
+	}

 	for _, ip := range ips {

 		input := deployOnEndpointInput{
 			debugdEndpoint:   ip,
-			infos:            infos,
+			infos:            info,
 			bootstrapperPath: bootstrapperPath,
 			reader:           reader,
 		}
@ -196,6 +201,22 @@ func uploadBootstrapper(ctx context.Context, client pb.DebugdClient, in deployOn
 	return nil
 }

+func checkInfoMap(info map[string]string) error {
+	logPrefix, logFields := logcollector.InfoFields()
+	for k := range info {
+		if !strings.HasPrefix(k, logPrefix) {
+			continue
+		}
+		subkey := strings.TrimPrefix(k, logPrefix)
+
+		if _, ok := logFields[subkey]; !ok {
+			return fmt.Errorf("invalid subkey %q for info key %q", subkey, fmt.Sprintf("%s.%s", logPrefix, k))
+		}
+	}
+
+	return nil
+}
+
 type fileToStreamReader interface {
 	ReadStream(filename string, stream bootstrapper.WriteChunkStream, chunksize uint, showProgress bool) error
 }
--- a/debugd/internal/debugd/logcollector/fields.go
+++ b/debugd/internal/debugd/logcollector/fields.go
@ -0,0 +1,15 @@
+/*
+Copyright (c) Edgeless Systems GmbH
+
+SPDX-License-Identifier: AGPL-3.0-only
+*/
+
+package logcollector
+
+// InfoFields are the fields that are allowed in the info map
+// under the prefix "logcollect.".
+func InfoFields() (string, map[string]struct{}) {
+	return "logcollect.", map[string]struct{}{
+		"admin": {}, // the name of the person running the cdbg command
+	}
+}