summaryrefslogtreecommitdiff
path: root/scripts/monitor.sh
blob: 7fdf44a8f92fa7465a402085cb78a9133b67302c (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203

 #!/bin/bash

# Need to add cleanup function to remove the log_dir in the next phase (if required).
# trap cleanup EXIT


function safe_methods() {

  links=("https://poc.sigsum.org/crocodile-icefish/sigsum/v0/get-tree-head-cosigned" "https://poc.sigsum.org/crocodile-icefish/sigsum/v0/get-tree-head-to-cosign" "https://poc.sigsum.org/crocodile-icefish/sigsum/v0/get-leaves/0/1" "https://poc.sigsum.org/crocodile-icefish/sigsum/v0/get-consistency-proof/1/3")

  for url in ${links[@]};
  do
    response=$(curl -s -w "%{http_code}" $url)
    http_code=$(tail -n1 <<< "$response")
    domain_name=$(echo $url | awk -F[/:] '{print $4}')
    if [ $http_code != 200 ]; then
      msg="Warning: $url is down. status_code $http_code"
      echo $msg | mail -s "Warning: $domain_name is down" anwesha@verkligendata.se
    else
      echo $url is working.  status_code $http_code
    fi
  done

}

function get_tree_size() {
  res=$(curl -s https://poc.sigsum.org/crocodile-icefish/sigsum/v0/get-tree-head-cosigned)
  resarray=($res)
  export ${resarray[1]}
  echo $tree_size
}

function main() {

  # Used the current poc log pub_key from https://git.sigsum.org/log-go/tree/README.md
  log_pub_key=4791eff3bfc17f352bcc76d4752b38c07882093a5935a84577c63de224b0f6b3
  log_pub_key_hash=$(echo $log_pub_key | sigsum-debug key hash)
  # Calling all get_methods
  safe_methods
  # Creates a new temporary directory for the test run
  log_dir=$(mktemp -d)
  # Storing `get-leaves` output in `res`
  res=$(curl -s https://poc.sigsum.org/crocodile-icefish/sigsum/v0/get-leaves/0/1)
  # Converting `$res` in an array spliting by space
  # To see the whole array try : `echo ${resarray[*]}`
  resarray=($res)
  # Exporting the first value of the resarray, shard_hint value
  export ${resarray[0]}
  # Exporting the `shard_hint` value in `ssrv_shard_start`
  export ssrv_shard_start=$shard_hint
  # Everytime message in add_leaf has to unique. Using the `date +%s`` for that.
  # Exporting the value of date +%s command in seed_value (tobe used as message)
  export seed_value=`date +%s`
  # Generated all the following private, public and hash of public key via sigsum-debug tool.
  # See `sigsum-debug key help`
  # `./priv` contains the private key of the signer/submitter
  cli_priv=`cat ./priv`
  # `./pub` contains the public key of the signer/submitter
  # `./pub`, the public key has to be added to the log first time before trying the code.
  cli_pub=`cat ./pub`
  # `./pubhash` contains the hash public key of the signer/submitter
  cli_key_hash=`cat ./pubhash`
  cli_domain_hint=_sigsum_v0.sigsum.org
  log_url=https://poc.sigsum.org/crocodile-icefish/sigsum/v0
  get_tree_size
  check_add_leaf $seed_value
  api=add-leaf
  wit1_priv=`cat wit1_priv`
  wit1_pub=`cat wit1_pub`
  wit1_key_hash=`cat wit1_pubhash`
  old_tree_size=$tree_size
  # We don't know how much to sleep
  sleep 480
  get_tree_size
  test_inclusion_proof $tree_size $seed_value $old_tree_size
  check_add_cosignature $wit1_key_hash $wit1_priv
}

function check_add_leaf() {
  desc="POST add-leaf (data \"$1\")"
  echo "shard_hint=$shard_hint" > $log_dir/req
  echo "message=$(openssl dgst -binary <(echo $1) | base16)" >> $log_dir/req
  echo "signature=$(echo $1 |
    sigsum-debug leaf sign -k $cli_priv -h $shard_hint)" >> $log_dir/req
  echo "public_key=$cli_pub" >> $log_dir/req
  echo "domain_hint=$cli_domain_hint" >> $log_dir/req
  cat $log_dir/req |
    curl -s -w "%{http_code}" --data-binary @- $log_url/add-leaf \
        >$log_dir/rsp

  status_code=$(tail -n1 < $log_dir/rsp)
  api=$log_url/add-leaf

  if [ $status_code == 202 ]; then
    msg="Info: $api request is Accepted with status_code $http_code"
    echo $msg
  elif [ $status_code != 200 ]; then
    msg="$(date +"%y-%m-%d %H:%M:%S %Z") Warning:$api is down with status_code $status_code" # Failure message
    fail "$msg" # calling the fail function
    return
  fi

  pass $desc
}

function test_inclusion_proof() {
	desc="GET get-inclusion-proof (tree_size $1, data \"$2\", index $3)"
	signature=$(echo $2 | sigsum-debug leaf sign -k $cli_priv -h $ssrv_shard_start)
	leaf_hash=$(echo $2 | sigsum-debug leaf hash -k $cli_key_hash -s $signature -h $ssrv_shard_start)
	curl -s -w "%{http_code}" $log_url/get-inclusion-proof/$1/$leaf_hash >$log_dir/rsp
  cp $log_dir/rsp $log_dir/rsp_get_inclusion_proof
  status_code=$(tail -n1 < $log_dir/rsp)

	if [[ $status_code != 200 ]]; then
		fail "$desc: http status code $status_code  "
		return
	fi

	if ! keys "leaf_index" "inclusion_path"; then
		fail "$desc: ascii keys in response $(debug_response)"
		return
	fi

	if [[ $(value_of leaf_index) != $3 ]]; then
		fail "$desc: wrong leaf index $(value_of leaf_index)"
		return
	fi

	# TODO: verify inclusion proof
	pass $desc
}

function check_add_cosignature() {
	desc="POST add-cosignature (witness $1)"
	echo "key_hash=$1" > $log_dir/req
	echo "cosignature=$(curl -s $log_url/get-tree-head-to-cosign |
		sigsum-debug head sign -k $2 -h $log_pub_key_hash)" >> $log_dir/req
	cat $log_dir/req |
		curl -s -w "%{http_code}" --data-binary @- $log_url/add-cosignature \
		>$log_dir/rsp
  status_code=$(tail -n1 < $log_dir/rsp)
  api=$log_url/add-cosignature

  if [ "$status_code" != 200 ]; then
  msg="$(date +"%y-%m-%d %H:%M:%S %Z") Warning:$api is down with status_code $status_code"
  fail "$msg"
  else
  msg="Success: $api is working with status_code $status_code."
  echo "$msg"
  return
  fi

	pass $desc
}

function info() {
	echo -e "\e[37m$(date +"%y-%m-%d %H:%M:%S %Z")\e[0m [\e[94mINFO\e[0m] $@" >&2
}

function warn() {
	echo -e "\e[37m$(date +"%y-%m-%d %H:%M:%S %Z")\e[0m [\e[93mWARN\e[0m] $@" >&2
}

function pass() {
	echo -e "\e[37m$(date +"%y-%m-%d %H:%M:%S %Z")\e[0m [\e[32mPASS\e[0m] $@" >&2
}

function fail() {
  echo $1 |  mail -s "Warning: $api is down" anwesha@verkligendata.se
}

function keys() {
	declare -A map
	map[thedummystring]=to_avoid_error_on_size_zero
	while read line; do
		key=$(echo $line | cut -d"=" -f1)
		map[$key]=ok
	done < <(head --lines=-1 $log_dir/rsp)

	if [[ $# != $(( ${#map[@]} - 1 )) ]]; then
		return 1
	fi
	for key in $@; do
		if [[ -z ${map[$key]} ]]; then
			return 1
		fi
	done
	return 0
}

function value_of() {
	while read line; do
		key=$(echo $line | cut -d"=" -f1)
		if [[ $key != $1 ]]; then
			continue
		fi

		value=$(echo $line | cut -d"=" -f2)
		echo $value
	done < <(head --lines=-1 $log_dir/rsp)
}

main
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-19 10:43:46 +0000