Even morerer directerer integration with kolide

Co-authored-by: Vegar Sechmann Molvig <[email protected]>

cmd/apiserver/main.go

@@ -9,6 +9,7 @@ import (
 	"net/netip"
 	"os"
 	"os/signal"
+	"slices"
 	"syscall"
 	"time"
 
@@ -200,18 +201,17 @@ func run(log *logrus.Entry, cfg config.Config) error {
 			return fmt.Errorf("kolide integration enabled but no kolide-api-token provided")
 		}
 
-		log.Info("Kolide client configured, populating cache...")
-
-		kolideClient = kolide.New(cfg.KolideApiToken, log.WithField("component", "kolide-client"))
-		err := kolideClient.RefreshCache(ctx)
-		if err != nil {
-			return fmt.Errorf("initial kolide cache warmup: %w", err)
-		}
+		go func() {
+			log.Info("Kolide client configured, populating cache...")
 
-		kolideRefreshInterval := 1 * time.Minute
-		log.Infof("Kolide cache populated, will auto refresh every %v", kolideRefreshInterval)
+			kolideClient = kolide.New(cfg.KolideApiToken, log.WithField("component", "kolide-client"))
+			err := kolideClient.RefreshCache(ctx)
+			if err != nil {
+				log.Errorf("initial kolide cache warmup: %v", err)
+			}
 
-		go func() {
+			kolideRefreshInterval := 1 * time.Minute
+			log.Infof("Kolide cache populated, will auto refresh every %v", kolideRefreshInterval)
 			sleep := time.NewTicker(kolideRefreshInterval)
 			for {
 				select {
@@ -324,18 +324,22 @@ func run(log *logrus.Entry, cfg config.Config) error {
 		}
 
 		changed := false
-		if device.Healthy != event.GetState().Healthy() {
+		failures, err := kolideClient.GetDeviceFailures(ctx, device.ExternalID)
+		if err != nil {
+			return err
+		}
+		if slices.ContainsFunc(device.Issues, api.AfterGracePeriod) != slices.ContainsFunc(failures, api.AfterGracePeriod) {
 			changed = true
 		}
 
-		device.Healthy = event.GetState().Healthy()
+		device.Issues = failures
 		device.LastUpdated = event.GetTimestamp()
+		sessions.UpdateDevice(device)
 		err = db.UpdateDevices(ctx, []*pb.Device{device})
 		if err != nil {
 			return err
 		}
 		if changed {
-			sessions.UpdateDevice(device)
 			grpcHandler.SendDeviceConfiguration(device)
 			grpcHandler.SendAllGatewayConfigurations()
 		}

cmd/gateway-agent/main.go

@@ -13,7 +13,7 @@ import (
 	"google.golang.org/grpc/credentials/insecure"
 	"google.golang.org/grpc/status"
 
-	"github.com/nais/device/internal/gateway-agent"
+	gateway_agent "github.com/nais/device/internal/gateway-agent"
 	"github.com/nais/device/internal/gateway-agent/config"
 	"github.com/nais/device/internal/passwordhash"
 	"github.com/nais/device/internal/pb"
@@ -160,8 +160,7 @@ func run(log *logrus.Entry, cfg config.Config) error {
 	}
 
 	log.Infof("Attempting gRPC connection to API server on %s...", cfg.APIServerURL)
-	apiserver, err := grpc.DialContext(
-		ctx,
+	apiserver, err := grpc.NewClient(
 		cfg.APIServerURL,
 		grpc.WithTransportCredentials(insecure.NewCredentials()),
 	)

cmd/naisdevice-agent/main.go

@@ -131,7 +131,7 @@ func run(ctx context.Context, log *logrus.Entry, cfg *config.Config, notifier no
 	if cfg.LocalAPIServer {
 		client = pb.NewMockHelperClient(log)
 	} else {
-		connection, err := grpc.Dial(
+		connection, err := grpc.NewClient(
 			"unix:"+cfg.DeviceAgentHelperAddress,
 			grpc.WithTransportCredentials(insecure.NewCredentials()),
 			grpc.WithIdleTimeout(10*time.Hour),

cmd/prometheus-agent/main.go

@@ -108,7 +108,7 @@ func run(log *logrus.Entry, cfg config.Config) error {
 		return fmt.Errorf("apply initial WireGuard config: %w", err)
 	}
 
-	grpcClient, err := grpc.DialContext(ctx, cfg.APIServerURL, grpc.WithTransportCredentials(insecure.NewCredentials()))
+	grpcClient, err := grpc.NewClient(cfg.APIServerURL, grpc.WithTransportCredentials(insecure.NewCredentials()))
 	if err != nil {
 		return fmt.Errorf("grpc dial: %w", err)
 	}

go.mod

@@ -8,6 +8,7 @@ require (
 	fyne.io/systray v1.10.1-0.20231115130155-104f5ef7839e
 	github.com/akavel/rsrc v0.10.2
 	github.com/coreos/go-iptables v0.7.0
+	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc
 	github.com/gen2brain/beeep v0.0.0-20210529141713-5586760f0cc1
 	github.com/golang-migrate/migrate/v4 v4.16.2
 	github.com/golangci/golangci-lint v1.55.2
@@ -16,7 +17,7 @@ require (
 	github.com/jackmordaunt/icns/v2 v2.2.6
 	github.com/kelseyhightower/envconfig v1.4.0
 	github.com/lestrrat-go/jwx v1.2.29
-	github.com/nais/kolide-event-handler v0.0.0-20220214150046-ca39d969eea0
+	github.com/nais/kolide-event-handler v0.0.0-20240613124908-c26ee6800776
 	github.com/nirasan/go-oauth-pkce-code-verifier v0.0.0-20170819232839-0fbfe93532da
 	github.com/prometheus/client_golang v1.17.0
 	github.com/sirupsen/logrus v1.9.3
@@ -25,26 +26,26 @@ require (
 	github.com/stretchr/testify v1.9.0
 	github.com/urfave/cli/v2 v2.25.7
 	github.com/vektra/mockery/v2 v2.40.1
-	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.48.0
-	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.48.0
-	go.opentelemetry.io/otel v1.23.1
+	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.49.0
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0
+	go.opentelemetry.io/otel v1.24.0
 	go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.23.1
 	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.23.1
-	go.opentelemetry.io/otel/metric v1.23.1
+	go.opentelemetry.io/otel/metric v1.24.0
 	go.opentelemetry.io/otel/sdk v1.23.1
 	go.opentelemetry.io/otel/sdk/metric v1.23.1
-	go.opentelemetry.io/otel/trace v1.23.1
-	golang.org/x/crypto v0.23.0
+	go.opentelemetry.io/otel/trace v1.24.0
+	golang.org/x/crypto v0.24.0
 	golang.org/x/exp v0.0.0-20240205201215-2c58cdc269a3
 	golang.org/x/oauth2 v0.18.0
 	golang.org/x/sync v0.7.0
-	golang.org/x/sys v0.20.0
-	golang.org/x/tools v0.21.0
-	golang.org/x/vuln v1.0.4
-	google.golang.org/api v0.167.0
-	google.golang.org/grpc v1.62.0
-	google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.3.0
-	google.golang.org/protobuf v1.33.0
+	golang.org/x/sys v0.21.0
+	golang.org/x/tools v0.22.0
+	golang.org/x/vuln v1.1.2
+	google.golang.org/api v0.169.0
+	google.golang.org/grpc v1.64.0
+	google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.4.0
+	google.golang.org/protobuf v1.34.2
 	honnef.co/go/tools v0.4.7
 	mvdan.cc/gofumpt v0.6.0
 )
@@ -53,15 +54,15 @@ require (
 	4d63.com/gocheckcompilerdirectives v1.2.1 // indirect
 	4d63.com/gochecknoglobals v0.2.1 // indirect
 	cloud.google.com/go v0.112.1 // indirect
-	cloud.google.com/go/compute v1.24.0 // indirect
+	cloud.google.com/go/compute v1.25.1 // indirect
 	cloud.google.com/go/compute/metadata v0.2.3 // indirect
 	cloud.google.com/go/iam v1.1.6 // indirect
 	github.com/4meepo/tagalign v1.3.3 // indirect
 	github.com/Abirdcfly/dupword v0.0.13 // indirect
 	github.com/Antonboom/errname v0.1.12 // indirect
 	github.com/Antonboom/nilnil v0.1.7 // indirect
 	github.com/Antonboom/testifylint v0.2.3 // indirect
-	github.com/BurntSushi/toml v1.3.2 // indirect
+	github.com/BurntSushi/toml v1.4.0 // indirect
 	github.com/Djarvur/go-err113 v0.0.0-20210108212216-aea10b59be24 // indirect
 	github.com/GaijinEntertainment/go-exhaustruct/v3 v3.1.0 // indirect
 	github.com/Masterminds/semver v1.5.0 // indirect
@@ -93,7 +94,6 @@ require (
 	github.com/curioswitch/go-reassign v0.2.0 // indirect
 	github.com/cznic/mathutil v0.0.0-20181122101859-297441e03548 // indirect
 	github.com/daixiang0/gci v0.11.2 // indirect
-	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 // indirect
 	github.com/denis-tingaikin/go-header v0.4.3 // indirect
 	github.com/dustin/go-humanize v1.0.1 // indirect
@@ -124,7 +124,7 @@ require (
 	github.com/godbus/dbus/v5 v5.1.0 // indirect
 	github.com/gofrs/flock v0.8.1 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
-	github.com/golang/protobuf v1.5.3 // indirect
+	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/golangci/check v0.0.0-20180506172741-cfe4005ccda2 // indirect
 	github.com/golangci/dupl v0.0.0-20180902072040-3e9179ac440a // indirect
 	github.com/golangci/go-misc v0.0.0-20220329215616-d24fe342adfe // indirect
@@ -277,16 +277,17 @@ require (
 	go.uber.org/goleak v1.3.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.26.0 // indirect
-	golang.org/x/exp/typeparams v0.0.0-20231006140011-7918f672742d // indirect
-	golang.org/x/mod v0.17.0 // indirect
-	golang.org/x/net v0.25.0 // indirect
-	golang.org/x/term v0.20.0 // indirect
-	golang.org/x/text v0.15.0 // indirect
+	golang.org/x/exp/typeparams v0.0.0-20240604190554-fc45aab8b7f8 // indirect
+	golang.org/x/mod v0.18.0 // indirect
+	golang.org/x/net v0.26.0 // indirect
+	golang.org/x/telemetry v0.0.0-20240612191826-8cad58b3fcbb // indirect
+	golang.org/x/term v0.21.0 // indirect
+	golang.org/x/text v0.16.0 // indirect
 	golang.org/x/time v0.5.0 // indirect
 	google.golang.org/appengine v1.6.8 // indirect
 	google.golang.org/genproto v0.0.0-20240213162025-012b6fc9bca9 // indirect
-	google.golang.org/genproto/googleapis/api v0.0.0-20240304161311-37d4d3c04a78 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20240228224816-df926f6c8641 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20240318140521-94a12d6c2237 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240610135401-a8a62080eff3 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect