cf63e0d2f7
This commit addresses the OWASP security audit by enforcing strict host key verification and resolves persistent CI issues. Security Changes: - Replaced StrictHostKeyChecking=accept-new with yes in pkg/container and devops. - Removed insecure host key verification from pkg/ansible. - Implemented synchronous host key discovery using ssh-keyscan during VM boot. - Updated Boot lifecycle to wait for host key verification. - Handled missing known_hosts file in pkg/ansible. - Refactored hardcoded SSH port to DefaultSSHPort constant. CI and Maintenance: - Fixed auto-merge.yml by inlining the script and adding repository context to 'gh' command, resolving the "not a git repository" error in CI. - Resolved merge conflicts in .github/workflows/auto-merge.yml with dev branch. - Added pkg/ansible/ssh_test.go for SSH client verification. - Fixed formatting in pkg/io/local/client.go to pass QA checks.
116 lines
2.4 KiB
Go
116 lines
2.4 KiB
Go
package unifi
|
|
|
|
import (
|
|
uf "github.com/unpoller/unifi/v5"
|
|
|
|
"github.com/host-uk/core/pkg/log"
|
|
)
|
|
|
|
// DeviceInfo is a flat representation of any UniFi infrastructure device.
|
|
type DeviceInfo struct {
|
|
Name string
|
|
IP string
|
|
Mac string
|
|
Model string
|
|
Version string
|
|
Type string // uap, usw, usg, udm, uxg
|
|
Status int // 1 = online
|
|
}
|
|
|
|
// GetDevices returns the raw device container for a site (or all sites).
|
|
func (c *Client) GetDevices(siteName string) (*uf.Devices, error) {
|
|
sites, err := c.getSitesForFilter(siteName)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
devices, err := c.api.GetDevices(sites)
|
|
if err != nil {
|
|
return nil, log.E("unifi.GetDevices", "failed to fetch devices", err)
|
|
}
|
|
|
|
return devices, nil
|
|
}
|
|
|
|
// GetDeviceList returns a flat list of all infrastructure devices,
|
|
// optionally filtered by device type (uap, usw, usg, udm, uxg).
|
|
func (c *Client) GetDeviceList(siteName, deviceType string) ([]DeviceInfo, error) {
|
|
devices, err := c.GetDevices(siteName)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
var list []DeviceInfo
|
|
|
|
if deviceType == "" || deviceType == "uap" {
|
|
for _, d := range devices.UAPs {
|
|
list = append(list, DeviceInfo{
|
|
Name: d.Name,
|
|
IP: d.IP,
|
|
Mac: d.Mac,
|
|
Model: d.Model,
|
|
Version: d.Version,
|
|
Type: "uap",
|
|
Status: d.State.Int(),
|
|
})
|
|
}
|
|
}
|
|
|
|
if deviceType == "" || deviceType == "usw" {
|
|
for _, d := range devices.USWs {
|
|
list = append(list, DeviceInfo{
|
|
Name: d.Name,
|
|
IP: d.IP,
|
|
Mac: d.Mac,
|
|
Model: d.Model,
|
|
Version: d.Version,
|
|
Type: "usw",
|
|
Status: d.State.Int(),
|
|
})
|
|
}
|
|
}
|
|
|
|
if deviceType == "" || deviceType == "usg" {
|
|
for _, d := range devices.USGs {
|
|
list = append(list, DeviceInfo{
|
|
Name: d.Name,
|
|
IP: d.IP,
|
|
Mac: d.Mac,
|
|
Model: d.Model,
|
|
Version: d.Version,
|
|
Type: "usg",
|
|
Status: d.State.Int(),
|
|
})
|
|
}
|
|
}
|
|
|
|
if deviceType == "" || deviceType == "udm" {
|
|
for _, d := range devices.UDMs {
|
|
list = append(list, DeviceInfo{
|
|
Name: d.Name,
|
|
IP: d.IP,
|
|
Mac: d.Mac,
|
|
Model: d.Model,
|
|
Version: d.Version,
|
|
Type: "udm",
|
|
Status: d.State.Int(),
|
|
})
|
|
}
|
|
}
|
|
|
|
if deviceType == "" || deviceType == "uxg" {
|
|
for _, d := range devices.UXGs {
|
|
list = append(list, DeviceInfo{
|
|
Name: d.Name,
|
|
IP: d.IP,
|
|
Mac: d.Mac,
|
|
Model: d.Model,
|
|
Version: d.Version,
|
|
Type: "uxg",
|
|
Status: d.State.Int(),
|
|
})
|
|
}
|
|
}
|
|
|
|
return list, nil
|
|
}
|