Added TLS to examples

Signed-off-by: Micah Hausler <mhausler@amazon.com>
2025-06-03 05:14:43 +00:00 · 2022-04-25 11:02:45 -04:00 · 2022-04-25 11:02:45 -04:00 · 57124d2eb8
commit 57124d2eb8
parent bb13a8977c
7 changed files with 292 additions and 136 deletions
--- a/examples/pre.v1/main.go
+++ b/examples/pre.v1/main.go
@ -5,8 +5,7 @@ package main

 import (
 	"context"
-	"fmt"
-	"os"
+	"flag"

 	"github.com/bmc-toolbox/bmclib/devices"
 	"github.com/bmc-toolbox/bmclib/discover"
@ -15,44 +14,44 @@ import (
 )

 func main() {
-	//ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
+	user := flag.String("user", "", "Username to login with")
+	pass := flag.String("password", "", "Username to login with")
+	host := flag.String("host", "", "BMC hostname to connect to")
+	flag.Parse()
 	ctx := context.TODO()
-	//defer cancel()
-	host := ""
-	user := ""
-	pass := ""

 	l := logrus.New()
 	l.Level = logrus.TraceLevel
 	logger := logrusr.New(l)
+	if *host == "" || *user == "" || *pass == "" {
+		l.Fatal("required host/user/pass parameters not defined")
+	}

 	c, err := discover.ScanAndConnect(
-		host,
-		user,
-		pass,
+		*host,
+		*user,
+		*pass,
 		discover.WithContext(ctx),
 		discover.WithLogger(logger),
 	)

 	if err != nil {
-		logger.Error(err, "Error connecting to bmc")
+		l.WithError(err).Fatal("Error connecting to bmc")
 	}

 	bmc := c.(devices.Bmc)

 	err = bmc.CheckCredentials()
 	if err != nil {
-		logger.Error(err, "Failed to validate credentials")
-		os.Exit(1)
+		l.WithError(err).Fatal("Failed to validate credentials")
 	}

 	defer bmc.Close(ctx)

 	s, err := bmc.Serial()
 	if err != nil {
-		logger.Error(err, "Error getting bmc serial")
-		os.Exit(1)
+		l.WithError(err).Fatal("Error getting bmc serial")
 	}
-	fmt.Println(s)
+	l.WithField("serial", s).Info()

 }
--- a/examples/pre.v1/status/main.go
+++ b/examples/pre.v1/status/main.go
@ -3,6 +3,7 @@ package main
 import (
 	"context"
 	"crypto/x509"
+	"flag"
 	"os"

 	"github.com/bmc-toolbox/bmclib/devices"
@ -21,17 +22,17 @@ import (
 // github.com/sirupsen/logrus: logrusr
 // github.com/wojas/genericr: genericr
 func main() {
-
-	ip := ""
-	user := "admin"
-	pass := "admin"
+	user := flag.String("user", "", "Username to login with")
+	pass := flag.String("password", "", "Username to login with")
+	host := flag.String("host", "", "BMC hostname to connect to")
+	flag.Parse()

 	logger := logrus.New()
 	logger.SetLevel(logrus.DebugLevel)
 	//logger.SetFormatter(&logrus.JSONFormatter{})

 	logger.Info("printing status with a user defined logger")
-	conn, err := withUserDefinedLogger(ip, user, pass, logger)
+	conn, err := withUserDefinedLogger(*host, *user, *pass, logger)
 	if err != nil {
 		logger.Fatal(err)
 	}
@ -39,14 +40,14 @@ func main() {

 	logger.Info("printing status with the default builtin logger")
 	os.Setenv("BMCLIB_LOG_LEVEL", "trace")
-	conn, err = withDefaultBuiltinLogger(ip, user, pass)
+	conn, err = withDefaultBuiltinLogger(*host, *user, *pass)
 	if err != nil {
 		logger.Fatal(err)
 	}
 	printStatus(conn, logger)

 	logger.Info("printing status with the default secure TLS")
-	conn, err = withSecureTLS(ip, user, pass, nil)
+	conn, err = withSecureTLS(*host, *user, *pass, nil)
 	if err != nil {
 		logger.Fatal(err)
 	}
--- a/examples/v1/main.go
+++ b/examples/v1/main.go
@ -1,65 +0,0 @@
-package main
-
-/*
- This utilizes what is to tbe the 'v1' bmclib interface methods to flash a firmware image
-*/
-
-import (
-	"context"
-	"fmt"
-	"log"
-	"os"
-	"time"
-
-	"github.com/bmc-toolbox/bmclib"
-	"github.com/bombsimon/logrusr/v2"
-	"github.com/sirupsen/logrus"
-)
-
-func main() {
-	ctx, cancel := context.WithTimeout(context.Background(), 60*time.Second)
-	defer cancel()
-	host := ""
-	port := ""
-	user := ""
-	pass := ""
-
-	l := logrus.New()
-	l.Level = logrus.DebugLevel
-	logger := logrusr.New(l)
-
-	var err error
-
-	cl := bmclib.NewClient(host, port, user, pass, bmclib.WithLogger(logger))
-	err = cl.Open(ctx)
-	if err != nil {
-		log.Fatal(err, "bmc login failed")
-	}
-
-	defer cl.Close(ctx)
-
-	v, err := cl.GetBMCVersion(ctx)
-	if err != nil {
-		log.Fatal(err, "unable to retrieve BMC version")
-	}
-
-	fmt.Println("BMC version: " + v)
-
-	// open file handle
-	fh, err := os.Open("/tmp/E3C246D4I-NL_L0.03.00.ima")
-	if err != nil {
-		log.Fatal(err)
-	}
-	defer fh.Close()
-
-	fi, err := fh.Stat()
-	if err != nil {
-		log.Fatal(err)
-	}
-
-	err = cl.UpdateBMCFirmware(ctx, fh, fi.Size())
-	if err != nil {
-		log.Fatal(err)
-	}
-
-}
--- a/examples/v1/status/main.go
+++ b/examples/v1/status/main.go
@ -0,0 +1,79 @@
+package main
+
+import (
+	"context"
+	"crypto/x509"
+	"flag"
+	"io/ioutil"
+	"strconv"
+	"time"
+
+	"github.com/bmc-toolbox/bmclib"
+	"github.com/bombsimon/logrusr/v2"
+	"github.com/sirupsen/logrus"
+)
+
+func main() {
+	user := flag.String("user", "", "Username to login with")
+	pass := flag.String("password", "", "Username to login with")
+	host := flag.String("host", "", "BMC hostname to connect to")
+	port := flag.Int("port", 443, "BMC port to connect to")
+	withSecureTLS := flag.Bool("secure-tls", false, "Enable secure TLS")
+	certPoolFile := flag.String("cert-pool", "", "Path to an file containing x509 CAs. An empty string uses the system CAs. Only takes effect when --secure-tls=true")
+	flag.Parse()
+
+	l := logrus.New()
+	l.Level = logrus.DebugLevel
+	logger := logrusr.New(l)
+
+	if *host == "" || *user == "" || *pass == "" {
+		l.Fatal("required host/user/pass parameters not defined")
+	}
+
+	clientOpts := []bmclib.Option{bmclib.WithLogger(logger)}
+
+	if *withSecureTLS {
+		var pool *x509.CertPool
+		if *certPoolFile != "" {
+			pool = x509.NewCertPool()
+			data, err := ioutil.ReadFile(*certPoolFile)
+			if err != nil {
+				l.Fatal(err)
+			}
+			pool.AppendCertsFromPEM(data)
+		}
+		// a nil pool uses the system certs
+		clientOpts = append(clientOpts, bmclib.WithSecureTLS(pool))
+	}
+
+	cl := bmclib.NewClient(*host, strconv.Itoa(*port), *user, *pass, clientOpts...)
+	cl.Registry.Drivers = cl.Registry.Using("redfish")
+	// cl.Registry.Drivers = cl.Registry.Using("vendorapi")
+
+	ctx, cancel := context.WithTimeout(context.Background(), 60*time.Second)
+	defer cancel()
+
+	err := cl.Open(ctx)
+	if err != nil {
+		l.WithError(err).Fatal(err, "BMC login failed")
+	}
+	defer cl.Close(ctx)
+
+	version, err := cl.GetBMCVersion(ctx)
+	if err != nil {
+		l.WithError(err).Error()
+	}
+	l.WithField("bmc-version", version).Info()
+
+	state, err := cl.GetPowerState(ctx)
+	if err != nil {
+		l.WithError(err).Error()
+	}
+	l.WithField("power-state", state).Info()
+
+	version, err = cl.GetBIOSVersion(ctx)
+	if err != nil {
+		l.WithError(err).Error()
+	}
+	l.WithField("bios-version", version).Info()
+}
--- a/examples/v1/update-firmware/main.go
+++ b/examples/v1/update-firmware/main.go
@ -0,0 +1,88 @@
+package main
+
+/*
+ This utilizes what is to tbe the 'v1' bmclib interface methods to flash a firmware image
+*/
+
+import (
+	"context"
+	"crypto/x509"
+	"flag"
+	"io/ioutil"
+	"os"
+	"strconv"
+	"time"
+
+	"github.com/bmc-toolbox/bmclib"
+	"github.com/bombsimon/logrusr/v2"
+	"github.com/sirupsen/logrus"
+)
+
+func main() {
+	user := flag.String("user", "", "Username to login with")
+	pass := flag.String("password", "", "Username to login with")
+	host := flag.String("host", "", "BMC hostname to connect to")
+	port := flag.Int("port", 443, "BMC port to connect to")
+	withSecureTLS := flag.Bool("secure-tls", false, "Enable secure TLS")
+	certPoolPath := flag.String("cert-pool", "", "Path to an file containing x509 CAs. An empty string uses the system CAs. Only takes effect when --secure-tls=true")
+	firmwarePath := flag.String("firmware", "", "The firmware path to read")
+	flag.Parse()
+
+	ctx, cancel := context.WithTimeout(context.Background(), 60*time.Second)
+	defer cancel()
+
+	l := logrus.New()
+	l.Level = logrus.DebugLevel
+	logger := logrusr.New(l)
+
+	if *host == "" || *user == "" || *pass == "" {
+		l.Fatal("required host/user/pass parameters not defined")
+	}
+	clientOpts := []bmclib.Option{bmclib.WithLogger(logger)}
+
+	if *withSecureTLS {
+		var pool *x509.CertPool
+		if *certPoolPath != "" {
+			pool = x509.NewCertPool()
+			data, err := ioutil.ReadFile(*certPoolPath)
+			if err != nil {
+				l.Fatal(err)
+			}
+			pool.AppendCertsFromPEM(data)
+		}
+		// a nil pool uses the system certs
+		clientOpts = append(clientOpts, bmclib.WithSecureTLS(pool))
+	}
+
+	cl := bmclib.NewClient(*host, strconv.Itoa(*port), *user, *pass, clientOpts...)
+	err := cl.Open(ctx)
+	if err != nil {
+		l.Fatal(err, "bmc login failed")
+	}
+
+	defer cl.Close(ctx)
+
+	v, err := cl.GetBMCVersion(ctx)
+	if err != nil {
+		l.Fatal(err, "unable to retrieve BMC version")
+	}
+	logger.Info("BMC version", v)
+
+	// open file handle
+	fh, err := os.Open(*firmwarePath)
+	if err != nil {
+		l.Fatal(err)
+	}
+	defer fh.Close()
+
+	fi, err := fh.Stat()
+	if err != nil {
+		l.Fatal(err)
+	}
+
+	err = cl.UpdateBMCFirmware(ctx, fh, fi.Size())
+	if err != nil {
+		l.Fatal(err)
+	}
+	logger.WithValues("host", *host).Info("Updated BMC firmware")
+}
--- a/examples/v1/users/main.go
+++ b/examples/v1/users/main.go
@ -0,0 +1,102 @@
+package main
+
+import (
+	"context"
+	"crypto/x509"
+	"encoding/csv"
+	"flag"
+	"io"
+	"io/ioutil"
+	"os"
+	"strconv"
+	"time"
+
+	"github.com/bmc-toolbox/bmclib"
+	"github.com/bombsimon/logrusr/v2"
+	"github.com/sirupsen/logrus"
+)
+
+func main() {
+	user := flag.String("user", "", "Username to login with")
+	pass := flag.String("password", "", "Username to login with")
+	host := flag.String("host", "", "BMC hostname to connect to")
+	port := flag.Int("port", 443, "BMC port to connect to")
+	withSecureTLS := flag.Bool("secure-tls", false, "Enable secure TLS")
+	certPoolFile := flag.String("cert-pool", "", "Path to an file containing x509 CAs. An empty string uses the system CAs. Only takes effect when --secure-tls=true")
+	userCSV := flag.String("user-csv", "", "A CSV file of users to create containing 3 columns: username, password, role")
+	dryRun := flag.Bool("dry-run", false, "Connect to the BMC but do not create users")
+	flag.Parse()
+
+	l := logrus.New()
+	l.Level = logrus.DebugLevel
+	logger := logrusr.New(l)
+
+	if *host == "" || *user == "" || *pass == "" {
+		l.Fatal("required host/user/pass parameters not defined")
+	}
+
+	clientOpts := []bmclib.Option{bmclib.WithLogger(logger)}
+
+	if *withSecureTLS {
+		var pool *x509.CertPool
+		if *certPoolFile != "" {
+			pool = x509.NewCertPool()
+			data, err := ioutil.ReadFile(*certPoolFile)
+			if err != nil {
+				l.Fatal(err)
+			}
+			pool.AppendCertsFromPEM(data)
+		}
+		// a nil pool uses the system certs
+		clientOpts = append(clientOpts, bmclib.WithSecureTLS(pool))
+	}
+
+	cl := bmclib.NewClient(*host, strconv.Itoa(*port), *user, *pass, clientOpts...)
+	cl.Registry.Drivers = cl.Registry.Using("redfish")
+	// cl.Registry.Drivers = cl.Registry.Using("vendorapi")
+
+	ctx, cancel := context.WithTimeout(context.Background(), 60*time.Second)
+	defer cancel()
+
+	err := cl.Open(ctx)
+	if err != nil {
+		l.WithError(err).Fatal(err, "BMC login failed")
+	}
+	defer cl.Close(ctx)
+
+	fh, err := os.Open(*userCSV)
+	if err != nil {
+		l.WithError(err).WithField("file", *userCSV).Fatal()
+	}
+	defer fh.Close()
+	reader := csv.NewReader(fh)
+	i := 0
+	for {
+		record, err := reader.Read()
+		i++
+		if err == io.EOF {
+			break
+		}
+		if err != nil {
+			l.WithError(err).Fatal()
+		}
+		if len(record) != 3 {
+			l.WithField("line", i).WithField("length", len(record)).Infof("line did not have 3 columns")
+			continue
+		}
+		if !*dryRun {
+			_, err = cl.CreateUser(ctx, "foobar", "sekurity101", "Administrator")
+			if err != nil {
+				l.WithError(err).Error("error creating user")
+				continue
+			}
+		}
+		l.WithFields(logrus.Fields(map[string]interface{}{
+			"user": record[0],
+			"role": record[2],
+		})).Info("created user")
+	}
+
+	l.WithField("count", i).Info("created users")
+
+}
--- a/examples/v1/users/user.go
+++ b/examples/v1/users/user.go
@ -1,48 +0,0 @@
-package main
-
-import (
-	"context"
-	"log"
-	"time"
-
-	"github.com/bmc-toolbox/bmclib"
-	"github.com/bombsimon/logrusr/v2"
-	"github.com/sirupsen/logrus"
-)
-
-func main() {
-	ctx, cancel := context.WithTimeout(context.Background(), 60*time.Second)
-	defer cancel()
-
-	// set BMC parameters here
-	host := ""
-	port := ""
-	user := ""
-	pass := ""
-
-	l := logrus.New()
-	l.Level = logrus.DebugLevel
-	logger := logrusr.New(l)
-
-	if host == "" || user == "" || pass == "" {
-		log.Fatal("required host/user/pass parameters not defined")
-	}
-
-	cl := bmclib.NewClient(host, port, user, pass, bmclib.WithLogger(logger))
-
-	cl.Registry.Drivers = cl.Registry.Using("redfish")
-	// cl.Registry.Drivers = cl.Registry.Using("vendorapi")
-
-	err := cl.Open(ctx)
-	if err != nil {
-		log.Fatal(err, "bmc login failed")
-	}
-
-	defer cl.Close(ctx)
-
-	_, err = cl.CreateUser(ctx, "foobar", "sekurity101", "Administrator")
-	if err != nil {
-		l.Error(err)
-	}
-
-}