From e50d647dc91b823251d86e782a8e5cf4343cd3fd Mon Sep 17 00:00:00 2001
From: Samuel Gaist <samuel.gaist@idiap.ch>
Date: Sun, 24 Mar 2024 10:56:52 +0100
Subject: [PATCH] refactor(configuration): move webserver items in own struct

This makes things easier to pass around like when starting the
web server.

This has the added benefit of simplifying further extension such as
making the metrics endpoint name configurable without adding yet another
parameter to the start function.

Signed-off-by: Samuel Gaist <samuel.gaist@idiap.ch>
---
 unit_tests/falco/test_configuration.cpp       |  2 +-
 .../falco/app/actions/start_webserver.cpp     | 40 +++++++++----------
 userspace/falco/configuration.cpp             | 28 +++++--------
 userspace/falco/configuration.h               | 18 +++++----
 userspace/falco/webserver.cpp                 | 21 ++++------
 userspace/falco/webserver.h                   |  7 +---
 6 files changed, 50 insertions(+), 66 deletions(-)

diff --git a/unit_tests/falco/test_configuration.cpp b/unit_tests/falco/test_configuration.cpp
index a9771732..2774487a 100644
--- a/unit_tests/falco/test_configuration.cpp
+++ b/unit_tests/falco/test_configuration.cpp
@@ -801,7 +801,7 @@ TEST(Configuration, configuration_webserver_ip)
 
         EXPECT_NO_THROW(falco_config.init(cmdline_config_options));
 
-        ASSERT_EQ(falco_config.m_webserver_listen_address, address);
+        ASSERT_EQ(falco_config.m_webserver_config.m_listen_address, address);
     }
 
     std::vector<std::string> invalid_addresses = {"327.0.0.1",
diff --git a/userspace/falco/app/actions/start_webserver.cpp b/userspace/falco/app/actions/start_webserver.cpp
index 76dd3f82..d4e2c365 100644
--- a/userspace/falco/app/actions/start_webserver.cpp
+++ b/userspace/falco/app/actions/start_webserver.cpp
@@ -24,61 +24,57 @@ limitations under the License.
 using namespace falco::app;
 using namespace falco::app::actions;
 
-falco::app::run_result falco::app::actions::start_webserver(falco::app::state& s)
+falco::app::run_result falco::app::actions::start_webserver(falco::app::state& state)
 {
 #if !defined(_WIN32) && !defined(__EMSCRIPTEN__) && !defined(MINIMAL_BUILD)
-	if(!s.is_capture_mode() && s.config->m_webserver_enabled)
+	if(!state.is_capture_mode() && state.config->m_webserver_enabled)
 	{
-		if (s.options.dry_run)
+		if (state.options.dry_run)
 		{
 			falco_logger::log(falco_logger::level::DEBUG, "Skipping starting webserver in dry-run\n");
 			return run_result::ok();
 		}
 	
-		std::string ssl_option = (s.config->m_webserver_ssl_enabled ? " (SSL)" : "");
+		falco_configuration::webserver_config webserver_config = state.config->m_webserver_config;
+		std::string ssl_option = (webserver_config.m_ssl_enabled ? " (SSL)" : "");
 		falco_logger::log(falco_logger::level::INFO, "Starting health webserver with threadiness "
-			+ std::to_string(s.config->m_webserver_threadiness)
+			+ std::to_string(webserver_config.m_threadiness)
 			+ ", listening on "
-			+ s.config->m_webserver_listen_address
+			+ webserver_config.m_listen_address
 			+ ":"
-			+ std::to_string(s.config->m_webserver_listen_port)
+			+ std::to_string(webserver_config.m_listen_port)
 			+ ssl_option + "\n");
 
 		std::vector<libs::metrics::libs_metrics_collector> metrics_collectors;
-		if (s.config->m_metrics_enabled && s.config->m_webserver_metrics_enabled)
+		if (state.config->m_metrics_enabled && webserver_config.m_metrics_enabled)
 		{
-			for (const auto& source_info: s.source_infos)
+			for (const auto& source_info: state.source_infos)
 			{
-				metrics_collectors.push_back(libs::metrics::libs_metrics_collector(source_info.inspector.get(), s.config->m_metrics_flags));
+				metrics_collectors.push_back(libs::metrics::libs_metrics_collector(source_info.inspector.get(), state.config->m_metrics_flags));
 			}
 		}
 
-		s.webserver.start(
-			s.offline_inspector,
+		state.webserver.start(
+			state.offline_inspector,
 			metrics_collectors,
-			s.config->m_webserver_threadiness,
-			s.config->m_webserver_listen_port, 
-			s.config->m_webserver_listen_address,
-			s.config->m_webserver_k8s_healthz_endpoint,
-			s.config->m_webserver_ssl_certificate, 
-			s.config->m_webserver_ssl_enabled);
+			webserver_config);
 	}
 #endif
 	return run_result::ok();
 }
 
-falco::app::run_result falco::app::actions::stop_webserver(falco::app::state& s)
+falco::app::run_result falco::app::actions::stop_webserver(falco::app::state& state)
 {
 #if !defined(_WIN32) && !defined(__EMSCRIPTEN__) && !defined(MINIMAL_BUILD)
-	if(!s.is_capture_mode() && s.config->m_webserver_enabled)
+	if(!state.is_capture_mode() && state.config->m_webserver_enabled)
 	{
-		if (s.options.dry_run)
+		if (state.options.dry_run)
 		{
 			falco_logger::log(falco_logger::level::DEBUG, "Skipping stopping webserver in dry-run\n");
 			return run_result::ok();
 		}
 
-		s.webserver.stop();
+		state.webserver.stop();
 	}
 #endif
 	return run_result::ok();
diff --git a/userspace/falco/configuration.cpp b/userspace/falco/configuration.cpp
index 7d91533b..914c0981 100644
--- a/userspace/falco/configuration.cpp
+++ b/userspace/falco/configuration.cpp
@@ -60,12 +60,6 @@ falco_configuration::falco_configuration():
 	m_grpc_enabled(false),
 	m_grpc_threadiness(0),
 	m_webserver_enabled(false),
-	m_webserver_threadiness(0),
-	m_webserver_listen_port(8765),
-	m_webserver_listen_address("0.0.0.0"),
-	m_webserver_k8s_healthz_endpoint("/healthz"),
-	m_webserver_ssl_enabled(false),
-	m_webserver_metrics_enabled(false),
 	m_syscall_evt_drop_threshold(.1),
 	m_syscall_evt_drop_rate(.03333),
 	m_syscall_evt_drop_max_burst(1),
@@ -447,22 +441,22 @@ void falco_configuration::load_yaml(const std::string& config_name)
 	m_time_format_iso_8601 = config.get_scalar<bool>("time_format_iso_8601", false);
 
 	m_webserver_enabled = config.get_scalar<bool>("webserver.enabled", false);
-	m_webserver_threadiness = config.get_scalar<uint32_t>("webserver.threadiness", 0);
-	m_webserver_listen_port = config.get_scalar<uint32_t>("webserver.listen_port", 8765);
-	m_webserver_listen_address = config.get_scalar<std::string>("webserver.listen_address", "0.0.0.0");
-	if(!re2::RE2::FullMatch(m_webserver_listen_address, ip_address_re))
+	m_webserver_config.m_threadiness = config.get_scalar<uint32_t>("webserver.threadiness", 0);
+	m_webserver_config.m_listen_port = config.get_scalar<uint32_t>("webserver.listen_port", 8765);
+	m_webserver_config.m_listen_address = config.get_scalar<std::string>("webserver.listen_address", "0.0.0.0");
+	if(!re2::RE2::FullMatch(m_webserver_config.m_listen_address, ip_address_re))
 	{
-		throw std::logic_error("Error reading config file (" + config_name + "): webserver listen address \"" + m_webserver_listen_address + "\" is not a valid IP address");
+		throw std::logic_error("Error reading config file (" + config_name + "): webserver listen address \"" + m_webserver_config.m_listen_address + "\" is not a valid IP address");
 	}
 
-	m_webserver_k8s_healthz_endpoint = config.get_scalar<std::string>("webserver.k8s_healthz_endpoint", "/healthz");
-	m_webserver_ssl_enabled = config.get_scalar<bool>("webserver.ssl_enabled", false);
-	m_webserver_ssl_certificate = config.get_scalar<std::string>("webserver.ssl_certificate", "/etc/falco/falco.pem");
-	if(m_webserver_threadiness == 0)
+	m_webserver_config.m_k8s_healthz_endpoint = config.get_scalar<std::string>("webserver.k8s_healthz_endpoint", "/healthz");
+	m_webserver_config.m_ssl_enabled = config.get_scalar<bool>("webserver.ssl_enabled", false);
+	m_webserver_config.m_ssl_certificate = config.get_scalar<std::string>("webserver.ssl_certificate", "/etc/falco/falco.pem");
+	if(m_webserver_config.m_threadiness == 0)
 	{
-		m_webserver_threadiness = falco::utils::hardware_concurrency();
+		m_webserver_config.m_threadiness = falco::utils::hardware_concurrency();
 	}
-	m_webserver_metrics_enabled = config.get_scalar<bool>("webserver.metrics_enabled", false);
+	m_webserver_config.m_metrics_enabled = config.get_scalar<bool>("webserver.metrics_enabled", false);
 
 	std::list<std::string> syscall_event_drop_acts;
 	config.get_sequence(syscall_event_drop_acts, "syscall_event_drops.actions");
diff --git a/userspace/falco/configuration.h b/userspace/falco/configuration.h
index 17afee68..933f8c3e 100644
--- a/userspace/falco/configuration.h
+++ b/userspace/falco/configuration.h
@@ -83,6 +83,16 @@ public:
 		std::string m_root;
 	};
 
+	struct webserver_config {
+		uint32_t m_threadiness = 0;
+		uint32_t m_listen_port = 8765;
+		std::string m_listen_address = "0.0.0.0";
+		std::string m_k8s_healthz_endpoint = "/healthz";
+		bool m_ssl_enabled = false;
+		std::string m_ssl_certificate;
+		bool m_metrics_enabled = false;
+	};
+
 	falco_configuration();
 	virtual ~falco_configuration() = default;
 
@@ -127,13 +137,7 @@ public:
 	std::string m_grpc_root_certs;
 
 	bool m_webserver_enabled;
-	uint32_t m_webserver_threadiness;
-	uint32_t m_webserver_listen_port;
-	std::string m_webserver_listen_address;
-	std::string m_webserver_k8s_healthz_endpoint;
-	bool m_webserver_ssl_enabled;
-	std::string m_webserver_ssl_certificate;
-	bool m_webserver_metrics_enabled;
+	webserver_config m_webserver_config;
 
 	syscall_evt_drop_actions m_syscall_evt_drop_actions;
 	double m_syscall_evt_drop_threshold;
diff --git a/userspace/falco/webserver.cpp b/userspace/falco/webserver.cpp
index d6890ec4..33e55477 100644
--- a/userspace/falco/webserver.cpp
+++ b/userspace/falco/webserver.cpp
@@ -28,12 +28,7 @@ falco_webserver::~falco_webserver()
 void falco_webserver::start(
         const std::shared_ptr<sinsp>& inspector,
         const std::vector<libs::metrics::libs_metrics_collector>& metrics_collectors,
-        uint32_t threadiness,
-        uint32_t listen_port,
-        std::string& listen_address,
-        std::string& healthz_endpoint,
-        std::string &ssl_certificate,
-        bool ssl_enabled)
+        const falco_configuration::webserver_config& configuration)
 {
     if (m_running)
     {
@@ -42,11 +37,11 @@ void falco_webserver::start(
     }
 
     // allocate and configure server
-    if (ssl_enabled)
+    if (configuration.m_ssl_enabled)
     {
         m_server = std::make_unique<httplib::SSLServer>(
-            ssl_certificate.c_str(),
-            ssl_certificate.c_str());
+            configuration.m_ssl_certificate.c_str(),
+            configuration.m_ssl_certificate.c_str());
     }
     else
     {
@@ -54,10 +49,10 @@ void falco_webserver::start(
     }
 
     // configure server
-    m_server->new_task_queue = [&threadiness] { return new httplib::ThreadPool(threadiness); };
+    m_server->new_task_queue = [configuration] { return new httplib::ThreadPool(configuration.m_threadiness); };
 
     // setup healthz endpoint
-    m_server->Get(healthz_endpoint,
+    m_server->Get(configuration.m_k8s_healthz_endpoint,
         [](const httplib::Request &, httplib::Response &res) {
             res.set_content("{\"status\": \"ok\"}", "application/json");
         });
@@ -100,11 +95,11 @@ void falco_webserver::start(
 
     std::atomic<bool> failed;
     failed.store(false, std::memory_order_release);
-    m_server_thread = std::thread([this, listen_address, listen_port, &failed]
+    m_server_thread = std::thread([this, configuration, &failed]
     {
         try
         {
-            this->m_server->listen(listen_address, listen_port);
+            this->m_server->listen(configuration.m_listen_address, configuration.m_listen_port);
         }
         catch(std::exception &e)
         {
diff --git a/userspace/falco/webserver.h b/userspace/falco/webserver.h
index 81f446d5..57eae4d2 100644
--- a/userspace/falco/webserver.h
+++ b/userspace/falco/webserver.h
@@ -37,12 +37,7 @@ public:
 	virtual void start(
 		const std::shared_ptr<sinsp>& inspector,
 		const std::vector<libs::metrics::libs_metrics_collector>& metrics_collectors,
-		uint32_t threadiness,
-		uint32_t listen_port,
-		std::string& list_address,
-		std::string& healthz_endpoint,
-		std::string &ssl_certificate,
-		bool ssl_enabled);
+		const falco_configuration::webserver_config& configuration);
 	virtual void stop();
 
 private: