bunny-lab/Borealis-Github-Replica
1
0
Fork 0
mirror of https://github.com/bunny-lab-io/Borealis.git synced 2025-10-27 07:21:58 -06:00
Code Issues Packages Projects Releases Wiki Activity

Bundle agent hash into audit payload and surface in UI

Browse Source
This commit is contained in:
Nicole Rappe
2025-10-05 02:21:43 -06:00
parent e6516b64dc
commit c8deb11356
2 changed files with 160 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

139
Data/Agent/Roles/role_DeviceAudit.py
View File

@@ -9,6 +9,7 @@ import shutil
import string import string
import asyncio import asyncio
from pathlib import Path from pathlib import Path
from typing import Optional
try: try:
import psutil # type: ignore import psutil # type: ignore
@@ -134,24 +135,132 @@ def _project_root():
return os.getcwd() return os.getcwd()
_AGENT_HASH_CACHE = {"path": None, "mtime": None, "value": None} _AGENT_HASH_CACHE = {
"path": None,
"mtime": None,
"value": None,
"source": None,
"extra": None,
}
def _iter_hash_roots():
seen = set()
root = _project_root()
for _ in range(6):
if not root or root in seen:
break
yield root
seen.add(root)
parent = os.path.dirname(root)
if not parent or parent == root:
break
root = parent
def _resolve_git_head_hash(root: str) -> Optional[str]:
git_dir = os.path.join(root, ".git")
head_path = os.path.join(git_dir, "HEAD")
if not os.path.isfile(head_path):
return None
try:
with open(head_path, "r", encoding="utf-8") as fh:
head = fh.read().strip()
except Exception:
return None
if not head:
return None
if head.startswith("ref:"):
ref = head.split(" ", 1)[1].strip() if " " in head else head.split(":", 1)[1].strip()
if not ref:
return None
ref_path = os.path.join(git_dir, *ref.split("/"))
if os.path.isfile(ref_path):
try:
with open(ref_path, "r", encoding="utf-8") as rf:
commit = rf.read().strip()
return commit or None
except Exception:
return None
packed_refs = os.path.join(git_dir, "packed-refs")
if os.path.isfile(packed_refs):
try:
with open(packed_refs, "r", encoding="utf-8") as pf:
for line in pf:
line = line.strip()
if not line or line.startswith("#") or line.startswith("^"):
continue
try:
commit, ref_name = line.split(" ", 1)
except ValueError:
continue
if ref_name.strip() == ref:
commit = commit.strip()
return commit or None
except Exception:
return None
return None
# Detached head contains the commit hash directly
commit = head.splitlines()[0].strip()
return commit or None
def _read_agent_hash(): def _read_agent_hash():
try: try:
root = _project_root()
path = os.path.join(root, 'github_repo_hash.txt')
cache = _AGENT_HASH_CACHE cache = _AGENT_HASH_CACHE
if not os.path.isfile(path): for root in _iter_hash_roots():
cache.update({"path": path, "mtime": None, "value": None}) path = os.path.join(root, 'github_repo_hash.txt')
return None if not os.path.isfile(path):
mtime = os.path.getmtime(path) continue
if cache.get("path") == path and cache.get("mtime") == mtime: mtime = os.path.getmtime(path)
if (
cache.get("source") == "file"
and cache.get("path") == path
and cache.get("mtime") == mtime
):
return cache.get("value")
with open(path, 'r', encoding='utf-8') as fh:
value = fh.read().strip()
cache.update(
{
"source": "file",
"path": path,
"mtime": mtime,
"extra": None,
"value": value or None,
}
)
return cache.get("value") return cache.get("value")
with open(path, 'r', encoding='utf-8') as fh:
value = fh.read().strip() for root in _iter_hash_roots():
cache.update({"path": path, "mtime": mtime, "value": value or None}) git_dir = os.path.join(root, '.git')
return cache.get("value") head_path = os.path.join(git_dir, 'HEAD')
if not os.path.isfile(head_path):
continue
head_mtime = os.path.getmtime(head_path)
packed_path = os.path.join(git_dir, 'packed-refs')
packed_mtime = os.path.getmtime(packed_path) if os.path.isfile(packed_path) else None
if (
cache.get("source") == "git"
and cache.get("path") == head_path
and cache.get("mtime") == head_mtime
and cache.get("extra") == packed_mtime
):
return cache.get("value")
commit = _resolve_git_head_hash(root)
cache.update(
{
"source": "git",
"path": head_path,
"mtime": head_mtime,
"extra": packed_mtime,
"value": commit or None,
}
)
if commit:
return commit
cache.update({"source": None, "path": None, "mtime": None, "extra": None, "value": None})
return None
except Exception: except Exception:
try: try:
_AGENT_HASH_CACHE.update({"value": None}) _AGENT_HASH_CACHE.update({"value": None})
@@ -803,6 +912,12 @@ def _build_details_fallback() -> dict:
'storage': collect_storage(), 'storage': collect_storage(),
'network': network, 'network': network,
} }
try:
agent_hash_value = _read_agent_hash()
if agent_hash_value:
details.setdefault('summary', {})['agent_hash'] = agent_hash_value
except Exception:
pass
return details return details

62
Data/Server/WebUI/src/Devices/Device_List.jsx
View File

@@ -167,7 +167,7 @@ export default function DeviceList({ onSelectDevice }) {
const arr = Object.entries(data || {}).map(([id, a]) => { const arr = Object.entries(data || {}).map(([id, a]) => {
const hostname = a.hostname || id || "unknown"; const hostname = a.hostname || id || "unknown";
const details = detailsByHost[hostname] || {}; const details = detailsByHost[hostname] || {};
const agentHash = (a.agent_hash || "").trim(); const agentHash = (a.agent_hash || details.agentHash || "").trim();
return { return {
id, id,
hostname, hostname,
@@ -230,43 +230,47 @@ export default function DeviceList({ onSelectDevice }) {
const externalIp = summary.external_ip || ""; const externalIp = summary.external_ip || "";
const lastReboot = summary.last_reboot || ""; const lastReboot = summary.last_reboot || "";
const description = summary.description || ""; const description = summary.description || "";
const agentHashValue = (summary.agent_hash || "").trim();
const enriched = {
lastUser,
created: createdRaw,
createdTs,
type: deviceType,
internalIp,
externalIp,
lastReboot,
description,
agentHash: agentHashValue,
};
setDetailsByHost((prev) => ({ setDetailsByHost((prev) => ({
...prev, ...prev,
[h]: { [h]: enriched,
lastUser,
created: createdRaw,
createdTs,
type: deviceType,
internalIp,
externalIp,
lastReboot,
description,
},
})); }));
setRows((prev) =>
prev.map((r) => {
if (r.hostname !== h) return r;
const nextHash = agentHashValue || r.agentHash;
return {
...r,
lastUser: enriched.lastUser || r.lastUser,
type: enriched.type || r.type,
created: enriched.created || r.created,
createdTs: enriched.createdTs || r.createdTs,
internalIp: enriched.internalIp || r.internalIp,
externalIp: enriched.externalIp || r.externalIp,
lastReboot: enriched.lastReboot || r.lastReboot,
description: enriched.description || r.description,
agentHash: nextHash,
agentVersion: computeAgentVersion(nextHash, repoSha),
};
})
);
} catch { } catch {
// ignore per-host failure // ignore per-host failure
} }
}) })
); );
} }
// After caching, refresh rows to apply newly available details
setRows((prev) =>
prev.map((r) => {
const det = detailsByHost[r.hostname];
if (!det) return r;
return {
...r,
lastUser: det.lastUser || r.lastUser,
type: det.type || r.type,
created: det.created || r.created,
createdTs: det.createdTs || r.createdTs,
internalIp: det.internalIp || r.internalIp,
externalIp: det.externalIp || r.externalIp,
lastReboot: det.lastReboot || r.lastReboot,
description: det.description || r.description,
};
})
);
} }
} catch (e) { } catch (e) {
console.warn("Failed to load agents:", e); console.warn("Failed to load agents:", e);