chore: move source code to root folder

cfg/basicAuth.go

@@ -0,0 +1,25 @@
+package cfg
+
+import "gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/auth"
+
+type hashedBasicAuth struct {
+	username string
+	password string
+}
+
+func newHashedBasicAuth(rawUsername, rawPassword string) *hashedBasicAuth {
+	return &hashedBasicAuth{
+		username: auth.HashString(rawUsername),
+		password: auth.HashString(rawPassword),
+	}
+}
+
+func (p *hashedBasicAuth) Enabled() bool {
+	return len(p.username) > 0 && len(p.password) > 0
+}
+
+func (p *hashedBasicAuth) DoesBasicAuthMatch(rawUsername, rawPassword string) bool {
+	username := auth.HashString(rawUsername)
+	password := auth.HashString(rawPassword)
+	return username == p.username && password == p.password
+}

cfg/basicAuth_test.go

@@ -0,0 +1,60 @@
+package cfg
+
+import "testing"
+
+func Test_hashedBasicAuth_DoesBasicAuthMatch(t *testing.T) {
+	type args struct {
+		username string
+		password string
+	}
+	type fields struct {
+		username string
+		password string
+	}
+	tests := []struct {
+		name   string
+		fields fields
+		args   args
+		want   bool
+	}{
+		{"Happy test #1", fields{username: "1234", password: "1234"}, args{username: "1234", password: "1234"}, true},
+		{"Happy test #2", fields{username: "test", password: "1234"}, args{username: "test", password: "1234"}, true},
+		{"Happy test #3", fields{username: "TEST", password: "1234"}, args{username: "TEST", password: "1234"}, true},
+		{"Non match #1", fields{username: "test", password: "1234"}, args{username: "1234", password: "1234"}, false},
+		{"Non match #2", fields{username: "1234", password: "test"}, args{username: "1234", password: "1234"}, false},
+		{"Non match #3", fields{username: "1234", password: "test"}, args{username: "1234", password: "TEST"}, false},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			basicAuth := newHashedBasicAuth(tt.fields.username, tt.fields.password)
+			if got := basicAuth.DoesBasicAuthMatch(tt.args.username, tt.args.password); got != tt.want {
+				t.Errorf("DoesBasicAuthMatch() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func Test_hashedBasicAuth_Enabled(t *testing.T) {
+	type fields struct {
+		username string
+		password string
+	}
+	tests := []struct {
+		name   string
+		fields fields
+		want   bool
+	}{
+		{"Both blank", fields{username: "", password: ""}, false},
+		{"Single blank #1", fields{username: "test", password: ""}, false},
+		{"Single blank #1", fields{username: "", password: "test"}, false},
+		{"Both populated", fields{username: "test", password: "test"}, true},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			basicAuth := newHashedBasicAuth(tt.fields.username, tt.fields.password)
+			if got := basicAuth.Enabled(); got != tt.want {
+				t.Errorf("Enabled() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}

cfg/cfg.go

@@ -0,0 +1,109 @@
+package cfg
+
+import (
+	"fmt"
+	"github.com/alecthomas/kingpin/v2"
+	"os"
+)
+
+const (
+	socketEnvName                = "F2B_COLLECTOR_SOCKET"
+	fileCollectorPathEnvName     = "F2B_COLLECTOR_TEXT_PATH"
+	addressEnvName               = "F2B_WEB_LISTEN_ADDRESS"
+	basicAuthUserEnvName         = "F2B_WEB_BASICAUTH_USER"
+	basicAuthPassEnvName         = "F2B_WEB_BASICAUTH_PASS"
+	exitOnSocketConnErrorEnvName = "F2B_EXIT_ON_SOCKET_CONN_ERROR"
+)
+
+type AppSettings struct {
+	VersionMode           bool
+	MetricsAddress        string
+	Fail2BanSocketPath    string
+	FileCollectorPath     string
+	BasicAuthProvider     *hashedBasicAuth
+	ExitOnSocketConnError bool
+}
+
+func init() {
+	kingpin.HelpFlag.Short('h')
+}
+
+func Parse() *AppSettings {
+	settings := &AppSettings{}
+	readParamsFromCli(settings)
+	settings.validateFlags()
+	return settings
+}
+
+func readParamsFromCli(settings *AppSettings) {
+	versionMode := kingpin.
+		Flag("version", "show version info and exit").
+		Short('v').
+		Default("false").
+		Bool()
+	socketPath := kingpin.
+		Flag("collector.f2b.socket", "path to the fail2ban server socket").
+		Default("/var/run/fail2ban/fail2ban.sock").
+		Envar(socketEnvName).
+		String()
+	fileCollectorPath := kingpin.
+		Flag("collector.textfile.directory", "directory to read text files with metrics from").
+		Default("").
+		Envar(fileCollectorPathEnvName).
+		String()
+	address := kingpin.
+		Flag("web.listen-address", "address to use for the metrics server").
+		Default(":9191").
+		Envar(addressEnvName).
+		String()
+	rawBasicAuthUsername := kingpin.
+		Flag("web.basic-auth.username", "username to use to protect endpoints with basic auth").
+		Default("").
+		Envar(basicAuthUserEnvName).
+		String()
+	rawBasicAuthPassword := kingpin.
+		Flag("web.basic-auth.password", "password to use to protect endpoints with basic auth").
+		Default("").
+		Envar(basicAuthPassEnvName).
+		String()
+	rawExitOnSocketConnError := kingpin.
+		Flag("collector.f2b.exit-on-socket-connection-error", "when set to true the exporter will immediately exit on a fail2ban socket connection error").
+		Default("false").
+		Envar(exitOnSocketConnErrorEnvName).
+		Bool()
+
+	kingpin.Parse()
+
+	settings.VersionMode = *versionMode
+	settings.MetricsAddress = *address
+	settings.Fail2BanSocketPath = *socketPath
+	settings.FileCollectorPath = *fileCollectorPath
+	settings.setBasicAuthValues(*rawBasicAuthUsername, *rawBasicAuthPassword)
+	settings.ExitOnSocketConnError = *rawExitOnSocketConnError
+}
+
+func (settings *AppSettings) setBasicAuthValues(rawUsername, rawPassword string) {
+	settings.BasicAuthProvider = newHashedBasicAuth(rawUsername, rawPassword)
+}
+
+func (settings *AppSettings) validateFlags() {
+	var flagsValid = true
+	if !settings.VersionMode {
+		if settings.Fail2BanSocketPath == "" {
+			fmt.Println("error: fail2ban socket path must not be blank")
+			flagsValid = false
+		}
+		if settings.MetricsAddress == "" {
+			fmt.Println("error: invalid server address, must not be blank")
+			flagsValid = false
+		}
+		if (len(settings.BasicAuthProvider.username) > 0) != (len(settings.BasicAuthProvider.password) > 0) {
+			fmt.Println("error: to enable basic auth both the username and the password must be provided")
+			flagsValid = false
+		}
+	}
+	if !flagsValid {
+		kingpin.Usage()
+		os.Exit(1)
+	}
+}