Skip to content

Commit fcb1c10

Browse files
CodeMonkeyCybersecurityCodeMonkeyCybersecurity
authored
Merge pull request #44 from CodeMonkeyCybersecurity/claude/convert-to-go-worker-011CUtAeXWmX5hpiuUQwyAqo
Claude/convert to go worker 011 c ut ae x wm x5hpiu u qwy aqo
2 parents 800bf0e + 3ab26b0 commit fcb1c10

8 files changed

Lines changed: 3322 additions & 2 deletions

File tree

cmd/update/moni.go

Lines changed: 139 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@ import (
1212
"github.com/CodeMonkeyCybersecurity/eos/pkg/bionicgpt/refresh"
1313
eos "github.com/CodeMonkeyCybersecurity/eos/pkg/eos_cli"
1414
"github.com/CodeMonkeyCybersecurity/eos/pkg/eos_io"
15+
"github.com/CodeMonkeyCybersecurity/eos/pkg/moni"
1516
"github.com/spf13/cobra"
1617
"github.com/uptrace/opentelemetry-go-extra/otelzap"
1718
"go.uber.org/zap"
@@ -28,6 +29,22 @@ var (
2829
moniPostInstall bool
2930
moniRotateAPIKeys bool
3031
moniInstallDir string
32+
33+
// Moni init (worker) flags
34+
moniInit bool
35+
moniSkipSSL bool
36+
moniSkipDatabase bool
37+
moniSkipSecurity bool
38+
moniSkipVerification bool
39+
moniValidateCerts bool
40+
moniFixCerts bool
41+
moniVerifyDB bool
42+
moniVerifyRLS bool
43+
moniVerifyCSP bool
44+
moniVerifySecurity bool
45+
moniCleanupBackups bool
46+
moniWorkDir string
47+
moniForce bool
3148
)
3249

3350
// MoniCmd is the command for Moni (BionicGPT) operations
@@ -112,6 +129,44 @@ Examples:
112129
MoniCmd.Flags().StringVar(&moniInstallDir, "install-dir", "/opt/bionicgpt",
113130
"Path to Moni installation directory")
114131

132+
// Moni init (worker) flags - full initialization
133+
MoniCmd.Flags().BoolVar(&moniInit, "init", false,
134+
"Run full Moni initialization (SSL, database, security)")
135+
136+
// Phase control flags
137+
MoniCmd.Flags().BoolVar(&moniSkipSSL, "skip-ssl", false,
138+
"Skip SSL certificate generation")
139+
MoniCmd.Flags().BoolVar(&moniSkipDatabase, "skip-database", false,
140+
"Skip database configuration")
141+
MoniCmd.Flags().BoolVar(&moniSkipSecurity, "skip-security", false,
142+
"Skip security hardening")
143+
MoniCmd.Flags().BoolVar(&moniSkipVerification, "skip-verification", false,
144+
"Skip security verification")
145+
146+
// Targeted action flags
147+
MoniCmd.Flags().BoolVar(&moniValidateCerts, "validate-certs", false,
148+
"Validate SSL certificate readability")
149+
MoniCmd.Flags().BoolVar(&moniFixCerts, "fix-certs", false,
150+
"Fix SSL certificate permissions")
151+
MoniCmd.Flags().BoolVar(&moniVerifyDB, "verify-db", false,
152+
"Verify database configuration")
153+
MoniCmd.Flags().BoolVar(&moniVerifyRLS, "verify-rls", false,
154+
"Verify Row Level Security (RLS)")
155+
MoniCmd.Flags().BoolVar(&moniVerifyCSP, "verify-csp", false,
156+
"Verify Content Security Policy (CSP)")
157+
MoniCmd.Flags().BoolVar(&moniVerifySecurity, "verify-security", false,
158+
"Run all security verifications (RLS + CSP)")
159+
MoniCmd.Flags().BoolVar(&moniCleanupBackups, "cleanup-backups", false,
160+
"Cleanup old .env backups")
161+
162+
// Work directory flag
163+
MoniCmd.Flags().StringVar(&moniWorkDir, "work-dir", "/opt/moni",
164+
"Working directory for Moni initialization (default: /opt/moni)")
165+
166+
// Force flag (skip confirmations for RLS breaking changes)
167+
MoniCmd.Flags().BoolVar(&moniForce, "force", false,
168+
"Skip confirmation prompts (use for automation/CI/CD)")
169+
115170
MoniCmd.AddCommand(refreshCmd)
116171
}
117172

@@ -120,17 +175,32 @@ Examples:
120175
func runMoniOperations(rc *eos_io.RuntimeContext, cmd *cobra.Command, args []string) error {
121176
logger := otelzap.Ctx(rc.Ctx)
122177

123-
// Check which operation was requested
178+
// Check which operation was requested (priority order)
179+
180+
// 1. Init/worker operations (new functionality)
181+
if moniInit || moniValidateCerts || moniFixCerts || moniVerifyDB ||
182+
moniVerifyRLS || moniVerifyCSP || moniVerifySecurity || moniCleanupBackups {
183+
return runMoniInit(rc, cmd, args)
184+
}
185+
186+
// 2. Post-install
124187
if moniPostInstall {
125188
return runMoniPostInstall(rc, cmd, args)
126189
}
127190

191+
// 3. API key rotation
128192
if moniRotateAPIKeys {
129193
return runMoniRotateAPIKeys(rc, cmd, args)
130194
}
131195

132196
// If no operation specified, show help
133-
logger.Info("No operation specified. Use --post-install or --rotate-api-keys")
197+
logger.Info("No operation specified")
198+
logger.Info("Common operations:")
199+
logger.Info(" --init # Full initialization (SSL, database, security)")
200+
logger.Info(" --post-install # Post-installation configuration")
201+
logger.Info(" --rotate-api-keys # Rotate API keys")
202+
logger.Info(" --validate-certs # Validate SSL certificates")
203+
logger.Info(" --verify-security # Security verification")
134204
return cmd.Help()
135205
}
136206

@@ -224,3 +294,70 @@ func runMoniRefresh(rc *eos_io.RuntimeContext, cmd *cobra.Command, args []string
224294
logger.Info("Moni refresh completed successfully")
225295
return nil
226296
}
297+
298+
// runMoniInit handles the Moni initialization worker
299+
// Orchestration layer: delegates to pkg/moni for business logic
300+
func runMoniInit(rc *eos_io.RuntimeContext, cmd *cobra.Command, args []string) error {
301+
logger := otelzap.Ctx(rc.Ctx)
302+
303+
// Build worker configuration
304+
config := &moni.WorkerConfig{
305+
SkipSSL: moniSkipSSL,
306+
SkipDatabase: moniSkipDatabase,
307+
SkipSecurity: moniSkipSecurity,
308+
SkipVerification: moniSkipVerification,
309+
ValidateCertsOnly: moniValidateCerts,
310+
FixCertsOnly: moniFixCerts,
311+
VerifyDBOnly: moniVerifyDB,
312+
VerifyRLSOnly: moniVerifyRLS,
313+
VerifyCSPOnly: moniVerifyCSP,
314+
VerifySecurityOnly: moniVerifySecurity,
315+
CleanupBackups: moniCleanupBackups,
316+
WorkDir: moniWorkDir,
317+
Force: moniForce,
318+
}
319+
320+
// Log operation
321+
if moniInit {
322+
logger.Info("Starting Moni full initialization",
323+
zap.String("work_dir", moniWorkDir))
324+
} else if moniValidateCerts {
325+
logger.Info("Validating SSL certificates")
326+
} else if moniFixCerts {
327+
logger.Info("Fixing SSL certificate permissions")
328+
} else if moniVerifyDB {
329+
logger.Info("Verifying database configuration")
330+
} else if moniVerifyRLS {
331+
logger.Info("Verifying Row Level Security")
332+
} else if moniVerifyCSP {
333+
logger.Info("Verifying Content Security Policy")
334+
} else if moniVerifySecurity {
335+
logger.Info("Running security verification")
336+
} else if moniCleanupBackups {
337+
logger.Info("Cleaning up old backups")
338+
}
339+
340+
// Run worker
341+
result, err := moni.RunWorker(rc, config)
342+
if err != nil {
343+
logger.Error("Moni worker failed", zap.Error(err))
344+
return fmt.Errorf("moni worker failed: %w", err)
345+
}
346+
347+
// Check result
348+
if !result.Success {
349+
logger.Error("Moni operation did not complete successfully")
350+
351+
if len(result.CriticalIssues) > 0 {
352+
logger.Error("Critical issues detected:")
353+
for _, issue := range result.CriticalIssues {
354+
logger.Error(fmt.Sprintf(" • %s", issue))
355+
}
356+
}
357+
358+
return fmt.Errorf("moni operation failed")
359+
}
360+
361+
logger.Info("Moni operation completed successfully")
362+
return nil
363+
}

0 commit comments

Comments
 (0)