Addresses security concerns from OWASP audit and CodeQL by enforcing strict host key verification and TLS certificate verification. Security Changes: - Enforced strict SSH host key checking in pkg/container and devops. - Removed insecure SSH host key verification from pkg/ansible. - Added synchronous host key discovery during VM boot using ssh-keyscan. - Updated UniFi client to enforce TLS certificate verification by default. - Added --insecure flag and config option for UniFi to allow opt-in to skipping TLS verification for self-signed certificates. CI and Maintenance: - Fixed auto-merge workflow by providing repository context to 'gh' command. - Resolved merge conflicts in .github/workflows/auto-merge.yml. - Added unit tests for secured Ansible SSH client. - Fixed formatting issues identified by QA checks.
53 lines
1.1 KiB
Go
53 lines
1.1 KiB
Go
package unifi
|
|
|
|
import (
|
|
"github.com/host-uk/core/pkg/cli"
|
|
"github.com/host-uk/core/pkg/log"
|
|
uf "github.com/host-uk/core/pkg/unifi"
|
|
)
|
|
|
|
// addSitesCommand adds the 'sites' subcommand for listing UniFi sites.
|
|
func addSitesCommand(parent *cli.Command) {
|
|
cmd := &cli.Command{
|
|
Use: "sites",
|
|
Short: "List controller sites",
|
|
Long: "List all sites configured on the UniFi controller.",
|
|
RunE: func(cmd *cli.Command, args []string) error {
|
|
return runSites()
|
|
},
|
|
}
|
|
|
|
parent.AddCommand(cmd)
|
|
}
|
|
|
|
func runSites() error {
|
|
client, err := uf.NewFromConfig("", "", "", "", false)
|
|
if err != nil {
|
|
return log.E("unifi.sites", "failed to initialise client", err)
|
|
}
|
|
|
|
sites, err := client.GetSites()
|
|
if err != nil {
|
|
return log.E("unifi.sites", "failed to fetch sites", err)
|
|
}
|
|
|
|
if len(sites) == 0 {
|
|
cli.Text("No sites found.")
|
|
return nil
|
|
}
|
|
|
|
table := cli.NewTable("Name", "Description")
|
|
|
|
for _, s := range sites {
|
|
table.AddRow(
|
|
valueStyle.Render(s.Name),
|
|
dimStyle.Render(s.Desc),
|
|
)
|
|
}
|
|
|
|
cli.Blank()
|
|
cli.Print(" %d sites\n\n", len(sites))
|
|
table.Render()
|
|
|
|
return nil
|
|
}
|