Some Refactoring

Dockerfile.grader

@@ -1,4 +1,4 @@
-FROM golang:1.20.1-bullseye
+FROM golang:1.23.1-bullseye
 # Copy Repo
 COPY go.mod /delegatio/
 COPY go.sum /delegatio/
@@ -8,9 +8,17 @@ RUN go mod download
 
 COPY ./ /delegatio
 
-WORKDIR /delegatio/grader
+COPY ./grader/gradeapi/graders/exercises /exercises
+
+WORKDIR /delegatio/grader/server
 RUN go build -o grader .
 
-CMD /delegatio/grader/grader
+FROM archlinux:latest
+COPY --from=0 /exercises /exercises
+COPY --from=0 /delegatio/grader/server/grader /delegatio/grader/server/grader
+RUN pacman -Syy
+RUN pacman -S python --noconfirm
+
+CMD /delegatio/grader/server/grader
 
 

Dockerfile.ssh

@@ -1,4 +1,4 @@
-FROM golang:1.20.1-bullseye
+FROM golang:1.23.1-bullseye
 # Copy Repo
 COPY go.mod /delegatio/
 COPY go.sum /delegatio/
@@ -11,6 +11,11 @@ COPY ./ /delegatio
 WORKDIR /delegatio/ssh
 RUN go build -o ssh .
 
+FROM archlinux:latest
+COPY --from=0 /delegatio/ssh/ssh /delegatio/ssh/ssh
+
+RUN pacman -Syy
+
 CMD /delegatio/ssh/ssh
 
 

agent/server/main.go

@@ -14,6 +14,14 @@ import (
 	"go.uber.org/zap"
 )
 
+/*
+ * main is run in every docker container to allow agents to communicate with it.
+ * It sets up the gRPC server and listens for incoming connections.
+ * The SSH agents uses the stream exec to forward its incomming requests
+ *
+ * The same binary is also used in the VM to allow bootstrapping to take place via
+ * CLI rpc calls.
+ */
 func main() {
 	var bindIP, bindPort string
 	cfg := zap.NewDevelopmentConfig()

agent/vmapi/file.go

@@ -18,6 +18,9 @@ import (
 // WriteFile creates a file and writes output to it.
 func (a *API) WriteFile(_ context.Context, in *vmproto.WriteFileRequest) (*vmproto.WriteFileResponse, error) {
 	a.logger.Info("request to write file", zap.String("path", in.Filepath), zap.String("name", in.Filename))
+	if _, err := os.Stat(in.Filepath); os.IsNotExist(err) {
+		os.MkdirAll(in.Filepath, 0o700) // Create your file
+	}
 	if err := os.WriteFile(filepath.Join(in.Filepath, in.Filename), in.Content, os.ModeAppend); err != nil {
 		a.logger.Error("failed to write file", zap.String("path", in.Filepath), zap.String("name", in.Filename), zap.Error(err))
 		return nil, status.Errorf(codes.Internal, "file write failed exited with error code: %v", err)

agent/vmapi/vmapi.go

@@ -25,6 +25,7 @@ import (
 // VMAPI interface contains functions to access the agent.
 type VMAPI interface {
 	CreateExecInPodgRPC(context.Context, string, *config.KubeExecConfig) error
+	WriteFileInPodgRPC(context.Context, string, *config.KubeFileWriteConfig) error
 }
 
 // API is the API.
@@ -65,7 +66,29 @@ type Dialer interface {
 }
 
 // TODO: This code needs some refactoring / cleanup.
+// CreateExecInPodgRPC creates a new exec in pod using gRPC connection to the endpoint agent.
+func (a *API) WriteFileInPodgRPC(ctx context.Context, endpoint string, conf *config.KubeFileWriteConfig) error {
+	conn, err := a.dialInsecure(ctx, endpoint)
+	if err != nil {
+		return err
+	}
+	defer conn.Close()
+	client := vmproto.NewAPIClient(conn)
+	_, err = client.WriteFile(ctx,
+		&vmproto.WriteFileRequest{
+			Filepath: conf.FilePath,
+			Filename: conf.FileName,
+			Content:  conf.FileData,
+		})
+	if err != nil {
+		a.logger.Error("failed to write file in pod", zap.Error(err), zap.String("FileName", conf.FileName), zap.String("FilePath", conf.FilePath))
+		return err
+	}
+	a.logger.Debug("file written in pod", zap.String("FileName", conf.FileName), zap.String("FilePath", conf.FilePath))
+	return nil
+}
 
+// TODO: This code needs some refactoring / cleanup.
 // CreateExecInPodgRPC creates a new exec in pod using gRPC connection to the endpoint agent.
 func (a *API) CreateExecInPodgRPC(ctx context.Context, endpoint string, conf *config.KubeExecConfig) error {
 	conn, err := a.dialInsecure(ctx, endpoint)

cli/infrastructure/qemu/wrapper.go

@@ -6,7 +6,6 @@ package qemu
 
 import (
 	"errors"
-	"fmt"
 
 	"libvirt.org/go/libvirt"
 )
@@ -59,15 +58,6 @@ func (l *connectionWrapper) LookupDomainByName(id string) (domain, error) {
 }
 
 func (l *connectionWrapper) LookupStoragePoolByTargetPath(path string) (storagePool, error) {
-	pools, err := l.conn.ListStoragePools()
-	if err != nil {
-		fmt.Println("error listing pools")
-		return nil, err
-	}
-	for _, pool := range pools {
-		fmt.Println("pool path", pool)
-	}
-
 	pool, err := l.conn.LookupStoragePoolByTargetPath(path)
 	if err != nil {
 		return nil, err

cli/installer/installer.go

@@ -130,18 +130,24 @@ func (k *installer) initalizeChallenges(ctx context.Context, userConfig *config.
 	}
 	stWrapper := storewrapper.StoreWrapper{Store: k.client.SharedStore}
 
-	for namespace := range userConfig.Challenges {
+	for namespace := range userConfig.Containers {
 		if err := stWrapper.PutChallengeData(namespace, nil); err != nil {
 			return err
 		}
 		k.logger.Info("added challenge to store", zap.String("challenge", namespace))
 	}
 
-	for publicKey, realName := range userConfig.PubKeyToUser {
-		if err := stWrapper.PutPublicKeyData(publicKey, realName); err != nil {
+	for uuid, userData := range userConfig.UUIDToUser {
+		if err := stWrapper.PutDataIdxByUuid(uuid, userData); err != nil {
 			return err
 		}
-		k.logger.Info("added user to store", zap.String("publicKey", publicKey), zap.Any("userinfo", realName))
+		k.logger.Info("added user to store", zap.String("uuid", uuid), zap.Any("userinfo", userData))
+	}
+	for pubkey, userData := range userConfig.PubKeyToUser {
+		if err := stWrapper.PutDataIdxByPubKey(pubkey, userData); err != nil {
+			return err
+		}
+		k.logger.Info("added user to store", zap.String("pubkey", pubkey), zap.Any("userinfo", userData))
 	}
 	return nil
 }
@@ -191,14 +197,24 @@ func (k *installer) initializeGrader(ctx context.Context) error {
 		return err
 	}
 	k.logger.Info("create namespace", zap.String("namespace", config.GraderNamespaceName))
-
+	if err := k.createConfigMapAndPutData(ctx, config.GraderNamespaceName, "etcd-credentials", k.sshData); err != nil {
+		k.logger.With(zap.Error(err)).Error("failed to createConfigMapAndPutData")
+		return err
+	}
+	if err := k.client.CreateServiceAccount(ctx, config.GraderNamespaceName, config.GraderServiceAccountName); err != nil {
+		return err
+	}
+	if err := k.client.CreateClusterRoleBinding(ctx, config.GraderNamespaceName, config.GraderServiceAccountName); err != nil {
+		return err
+	}
 	if err := k.client.CreateGraderDeployment(ctx, config.GraderNamespaceName, "grader", int32(config.ClusterConfiguration.NumberOfWorkers)); err != nil {
 		return err
 	}
 	if err := k.client.CreateServiceClusterIP(ctx, config.GraderNamespaceName, "grader", config.GradeAPIport); err != nil {
 		return err
 	}
 	// Not needed as long as we run on-prem
+	// Probably not needed at all? Since we access the gracer tthrough the ClusterServiceName?
 	/* 	if err := k.client.CreateIngress(ctx, graderNamespaceName); err != nil {
 		return err
 	} */

container/challenges/testing/Dockerfile.archlinux

@@ -11,14 +11,14 @@ COPY ./ /delegatio
 WORKDIR /delegatio/agent/server
 RUN go build -o agent .
 
-WORKDIR /delegatio/agent/user
+WORKDIR /delegatio/grader/user
 RUN go build -o agent-user .
 
 
 FROM archlinux:latest
 
 COPY --from=0 /delegatio/agent/server/agent /
-COPY --from=0 /delegatio/agent/user/agent-user /
+COPY --from=0 /delegatio/grader/user/agent-user /
 RUN	 pacman -Syy
 #RUN	 pacman -Sy --noconfirm archlinux-keyring
 #RUN	 pacman-key --refresh-keys

go.mod

@@ -6,6 +6,7 @@ require (
 	github.com/barkimedes/go-deepcopy v0.0.0-20220514131651-17c30cfc62df
 	github.com/creack/pty v1.1.21
 	github.com/docker/docker v27.1.1+incompatible
+	github.com/go-ldap/ldap/v3 v3.4.8
 	github.com/grpc-ecosystem/go-grpc-middleware v1.4.0
 	github.com/spf13/afero v1.11.0
 	github.com/stretchr/testify v1.9.0
@@ -32,6 +33,7 @@ require (
 require (
 	github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 // indirect
 	github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
+	github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect
 	github.com/BurntSushi/toml v1.3.2 // indirect
 	github.com/MakeNowJust/heredoc v1.0.0 // indirect
 	github.com/Masterminds/goutils v1.1.1 // indirect
@@ -64,6 +66,7 @@ require (
 	github.com/fatih/color v1.13.0 // indirect
 	github.com/felixge/httpsnoop v1.0.4 // indirect
 	github.com/fxamacker/cbor/v2 v2.7.0 // indirect
+	github.com/go-asn1-ber/asn1-ber v1.5.5 // indirect
 	github.com/go-errors/errors v1.4.2 // indirect
 	github.com/go-gorp/gorp/v3 v3.1.0 // indirect
 	github.com/go-logr/logr v1.4.2 // indirect