@panguard-ai/manager 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +1 -1
- package/dist/agent-registry.d.ts.map +1 -1
- package/dist/agent-registry.js +1 -0
- package/dist/agent-registry.js.map +1 -1
- package/dist/dashboard-relay.d.ts +80 -0
- package/dist/dashboard-relay.d.ts.map +1 -0
- package/dist/dashboard-relay.js +465 -0
- package/dist/dashboard-relay.js.map +1 -0
- package/dist/db.d.ts +78 -0
- package/dist/db.d.ts.map +1 -0
- package/dist/db.js +339 -0
- package/dist/db.js.map +1 -0
- package/dist/index.d.ts +5 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +7 -1
- package/dist/index.js.map +1 -1
- package/dist/manager.d.ts +40 -6
- package/dist/manager.d.ts.map +1 -1
- package/dist/manager.js +123 -10
- package/dist/manager.js.map +1 -1
- package/dist/server.d.ts +76 -0
- package/dist/server.d.ts.map +1 -0
- package/dist/server.js +468 -0
- package/dist/server.js.map +1 -0
- package/dist/types.d.ts +14 -0
- package/dist/types.d.ts.map +1 -1
- package/dist/types.js.map +1 -1
- package/package.json +14 -2
package/dist/manager.js
CHANGED
|
@@ -14,6 +14,7 @@ import { createLogger } from '@panguard-ai/core';
|
|
|
14
14
|
import { AgentRegistry } from './agent-registry.js';
|
|
15
15
|
import { ThreatAggregator } from './threat-aggregator.js';
|
|
16
16
|
import { PolicyEngine } from './policy-engine.js';
|
|
17
|
+
import { DashboardRelay } from './dashboard-relay.js';
|
|
17
18
|
const logger = createLogger('panguard-manager:core');
|
|
18
19
|
/**
|
|
19
20
|
* Manager is the main orchestrator for the distributed Guard architecture.
|
|
@@ -26,6 +27,8 @@ export class Manager {
|
|
|
26
27
|
registry;
|
|
27
28
|
aggregator;
|
|
28
29
|
policyEngine;
|
|
30
|
+
/** Dashboard relay for proxying remote dashboard connections / 用於代理遠端 dashboard 連接的 relay */
|
|
31
|
+
relay;
|
|
29
32
|
running;
|
|
30
33
|
startTime;
|
|
31
34
|
staleCheckTimer;
|
|
@@ -37,6 +40,7 @@ export class Manager {
|
|
|
37
40
|
this.registry = new AgentRegistry(config.maxAgents);
|
|
38
41
|
this.aggregator = new ThreatAggregator(config.correlationWindowMs, config.threatRetentionMs);
|
|
39
42
|
this.policyEngine = new PolicyEngine();
|
|
43
|
+
this.relay = new DashboardRelay({ requireAuth: !!config.authToken });
|
|
40
44
|
this.running = false;
|
|
41
45
|
this.startTime = 0;
|
|
42
46
|
this.staleCheckTimer = null;
|
|
@@ -85,9 +89,30 @@ export class Manager {
|
|
|
85
89
|
clearInterval(this.purgeTimer);
|
|
86
90
|
this.purgeTimer = null;
|
|
87
91
|
}
|
|
92
|
+
// Disconnect all relay connections / 斷開所有 relay 連接
|
|
93
|
+
this.relay.disconnectAll();
|
|
88
94
|
this.running = false;
|
|
89
95
|
logger.info(`Manager stopped (uptime: ${Date.now() - this.startTime}ms) / Manager 已停止`);
|
|
90
96
|
}
|
|
97
|
+
/**
|
|
98
|
+
* Handle WebSocket upgrade for dashboard relay paths.
|
|
99
|
+
* Routes /api/dashboard/ paths to the DashboardRelay.
|
|
100
|
+
* 處理 dashboard relay 路徑的 WebSocket 升級。
|
|
101
|
+
*
|
|
102
|
+
* @returns true if the path was handled, false if not a dashboard path
|
|
103
|
+
*/
|
|
104
|
+
handleDashboardUpgrade(req, socket, head) {
|
|
105
|
+
const url = req.url ?? '';
|
|
106
|
+
if (url.startsWith('/api/dashboard/')) {
|
|
107
|
+
this.relay.handleUpgrade(req, socket, head);
|
|
108
|
+
return true;
|
|
109
|
+
}
|
|
110
|
+
return false;
|
|
111
|
+
}
|
|
112
|
+
/** Get the dashboard relay instance / 取得 dashboard relay 實例 */
|
|
113
|
+
getDashboardRelay() {
|
|
114
|
+
return this.relay;
|
|
115
|
+
}
|
|
91
116
|
// ===== Agent Lifecycle / 代理生命週期 =====
|
|
92
117
|
/**
|
|
93
118
|
* Handle a new agent registration request.
|
|
@@ -143,41 +168,129 @@ export class Manager {
|
|
|
143
168
|
// ===== Policy Management / 策略管理 =====
|
|
144
169
|
/**
|
|
145
170
|
* Create and optionally broadcast a new security policy.
|
|
171
|
+
* 建立並選擇性廣播新的安全策略。
|
|
146
172
|
*
|
|
147
173
|
* @param rules - Policy rules to include
|
|
148
|
-
* @param broadcast - Whether to
|
|
174
|
+
* @param broadcast - Whether to push broadcast to all active agents
|
|
149
175
|
* @returns The created policy
|
|
150
176
|
*/
|
|
151
|
-
createPolicy(rules, broadcast = true) {
|
|
177
|
+
async createPolicy(rules, broadcast = true) {
|
|
152
178
|
const activeAgentIds = this.registry
|
|
153
179
|
.getActiveAgents()
|
|
154
180
|
.map((a) => a.agentId);
|
|
155
181
|
const policy = this.policyEngine.createPolicy(rules, activeAgentIds);
|
|
156
182
|
if (broadcast) {
|
|
157
|
-
this.broadcastPolicy(policy);
|
|
183
|
+
await this.broadcastPolicy(policy);
|
|
158
184
|
}
|
|
159
185
|
return policy;
|
|
160
186
|
}
|
|
161
187
|
/**
|
|
162
|
-
*
|
|
188
|
+
* Push a policy update to a single agent via HTTP POST.
|
|
189
|
+
* 透過 HTTP POST 將策略更新推送至單一代理。
|
|
190
|
+
*
|
|
191
|
+
* Looks up the agent's endpoint from the registry, sends a POST to
|
|
192
|
+
* `{agent.endpoint}/api/policy/push` with JSON body `{ policy, timestamp }`.
|
|
193
|
+
* Retries once on network failure. Timeout is 5 seconds per attempt.
|
|
194
|
+
*
|
|
195
|
+
* @param agentId - The target agent's unique identifier
|
|
196
|
+
* @param policy - The policy update to push
|
|
197
|
+
* @returns Push result indicating success or failure
|
|
198
|
+
*/
|
|
199
|
+
async pushPolicyToAgent(agentId, policy) {
|
|
200
|
+
const agent = this.registry.getAgent(agentId);
|
|
201
|
+
if (!agent) {
|
|
202
|
+
return {
|
|
203
|
+
agentId,
|
|
204
|
+
success: false,
|
|
205
|
+
error: `Agent ${agentId} not found in registry / 在登錄簿中找不到代理 ${agentId}`,
|
|
206
|
+
};
|
|
207
|
+
}
|
|
208
|
+
const url = `${agent.endpoint.replace(/\/+$/, '')}/api/policy/push`;
|
|
209
|
+
const body = JSON.stringify({
|
|
210
|
+
policy,
|
|
211
|
+
timestamp: new Date().toISOString(),
|
|
212
|
+
});
|
|
213
|
+
const headers = {
|
|
214
|
+
'Content-Type': 'application/json',
|
|
215
|
+
};
|
|
216
|
+
if (this.config.authToken) {
|
|
217
|
+
headers['Authorization'] = `Bearer ${this.config.authToken}`;
|
|
218
|
+
}
|
|
219
|
+
// Attempt HTTP POST with one retry on failure
|
|
220
|
+
// 嘗試 HTTP POST,失敗時重試一次
|
|
221
|
+
const maxAttempts = 2;
|
|
222
|
+
for (let attempt = 1; attempt <= maxAttempts; attempt++) {
|
|
223
|
+
try {
|
|
224
|
+
const response = await fetch(url, {
|
|
225
|
+
method: 'POST',
|
|
226
|
+
headers,
|
|
227
|
+
body,
|
|
228
|
+
signal: AbortSignal.timeout(5000),
|
|
229
|
+
});
|
|
230
|
+
if (!response.ok) {
|
|
231
|
+
const text = await response.text().catch(() => '');
|
|
232
|
+
throw new Error(`HTTP ${response.status}: ${text}`);
|
|
233
|
+
}
|
|
234
|
+
logger.info(`Policy ${policy.policyId} pushed to agent ${agentId} / ` +
|
|
235
|
+
`策略 ${policy.policyId} 已推送至代理 ${agentId}`);
|
|
236
|
+
return { agentId, success: true };
|
|
237
|
+
}
|
|
238
|
+
catch (err) {
|
|
239
|
+
const message = err instanceof Error ? err.message : String(err);
|
|
240
|
+
if (attempt < maxAttempts) {
|
|
241
|
+
logger.warn(`Push to agent ${agentId} failed (attempt ${attempt}/${maxAttempts}), retrying / ` +
|
|
242
|
+
`推送至代理 ${agentId} 失敗 (嘗試 ${attempt}/${maxAttempts}),重試中: ${message}`);
|
|
243
|
+
continue;
|
|
244
|
+
}
|
|
245
|
+
logger.error(`Push to agent ${agentId} failed after ${maxAttempts} attempts / ` +
|
|
246
|
+
`推送至代理 ${agentId} 在 ${maxAttempts} 次嘗試後失敗: ${message}`);
|
|
247
|
+
return {
|
|
248
|
+
agentId,
|
|
249
|
+
success: false,
|
|
250
|
+
error: message,
|
|
251
|
+
};
|
|
252
|
+
}
|
|
253
|
+
}
|
|
254
|
+
// Unreachable, but satisfies TypeScript
|
|
255
|
+
return { agentId, success: false, error: 'Unexpected push failure' };
|
|
256
|
+
}
|
|
257
|
+
/**
|
|
258
|
+
* Broadcast a policy update to active agents via HTTP POST push.
|
|
259
|
+
* 透過 HTTP POST 推送將策略更新廣播至活躍代理。
|
|
260
|
+
*
|
|
261
|
+
* Gets target agents (specified IDs or all active), pushes policy to each,
|
|
262
|
+
* and collects results into the broadcast queue.
|
|
163
263
|
*
|
|
164
264
|
* @param policy - The policy to broadcast
|
|
165
|
-
* @
|
|
265
|
+
* @param targetAgentIds - Optional list of specific agent IDs to target
|
|
266
|
+
* @returns Broadcast result with per-agent outcomes
|
|
166
267
|
*/
|
|
167
|
-
broadcastPolicy(policy) {
|
|
168
|
-
|
|
169
|
-
const targetIds =
|
|
268
|
+
async broadcastPolicy(policy, targetAgentIds) {
|
|
269
|
+
// Determine target agents / 決定目標代理
|
|
270
|
+
const targetIds = targetAgentIds
|
|
271
|
+
? [...targetAgentIds]
|
|
272
|
+
: this.registry.getActiveAgents().map((a) => a.agentId);
|
|
273
|
+
// Push to each agent concurrently / 同時推送至每個代理
|
|
274
|
+
const agentResults = await Promise.all(targetIds.map((id) => this.pushPolicyToAgent(id, policy)));
|
|
275
|
+
const successCount = agentResults.filter((r) => r.success).length;
|
|
276
|
+
const failureCount = agentResults.filter((r) => !r.success).length;
|
|
170
277
|
const result = {
|
|
171
278
|
policyId: policy.policyId,
|
|
172
279
|
targetAgents: [...targetIds],
|
|
173
280
|
queuedAt: new Date().toISOString(),
|
|
281
|
+
agentResults: [...agentResults],
|
|
282
|
+
successCount,
|
|
283
|
+
failureCount,
|
|
174
284
|
};
|
|
175
285
|
this.broadcastQueue.push(result);
|
|
176
|
-
logger.info(`Policy ${policy.policyId}
|
|
177
|
-
|
|
286
|
+
logger.info(`Policy ${policy.policyId} broadcast to ${targetIds.length} agents ` +
|
|
287
|
+
`(success: ${successCount}, failed: ${failureCount}) / ` +
|
|
288
|
+
`策略 ${policy.policyId} 已廣播至 ${targetIds.length} 個代理 ` +
|
|
289
|
+
`(成功: ${successCount}, 失敗: ${failureCount})`);
|
|
178
290
|
return {
|
|
179
291
|
...result,
|
|
180
292
|
targetAgents: [...result.targetAgents],
|
|
293
|
+
agentResults: [...agentResults],
|
|
181
294
|
};
|
|
182
295
|
}
|
|
183
296
|
/**
|
package/dist/manager.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"manager.js","sourceRoot":"","sources":["../src/manager.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAC1D,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"manager.js","sourceRoot":"","sources":["../src/manager.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAC1D,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAmBtD,MAAM,MAAM,GAAG,YAAY,CAAC,uBAAuB,CAAC,CAAC;AAErD;;;;;GAKG;AACH,MAAM,OAAO,OAAO;IACD,MAAM,CAAgB;IACtB,QAAQ,CAAgB;IACxB,UAAU,CAAmB;IAC7B,YAAY,CAAe;IAC5C,6FAA6F;IAC5E,KAAK,CAAiB;IAE/B,OAAO,CAAU;IACjB,SAAS,CAAS;IAClB,eAAe,CAAwC;IACvD,UAAU,CAAwC;IAE1D,kCAAkC;IACjB,cAAc,CAA0B;IAEzD,YAAY,MAAqB;QAC/B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,QAAQ,GAAG,IAAI,aAAa,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACpD,IAAI,CAAC,UAAU,GAAG,IAAI,gBAAgB,CACpC,MAAM,CAAC,mBAAmB,EAC1B,MAAM,CAAC,iBAAiB,CACzB,CAAC;QACF,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,EAAE,CAAC;QACvC,IAAI,CAAC,KAAK,GAAG,IAAI,cAAc,CAAC,EAAE,WAAW,EAAE,CAAC,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;QAErE,IAAI,CAAC,OAAO,GAAG,KAAK,CAAC;QACrB,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC;QAC5B,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;QACvB,IAAI,CAAC,cAAc,GAAG,EAAE,CAAC;QAEzB,MAAM,CAAC,IAAI,CACT,mCAAmC,MAAM,CAAC,SAAS,IAAI;YACrD,qBAAqB,MAAM,CAAC,kBAAkB,QAAQ;YACtD,cAAc,CACjB,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,KAAK;QACH,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,MAAM,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC;YACvD,OAAO;QACT,CAAC;QAED,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC;QACpB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAE5B,wCAAwC;QACxC,IAAI,CAAC,eAAe,GAAG,WAAW,CAAC,GAAG,EAAE;YACtC,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAC1B,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC;QAEpC,wCAAwC;QACxC,MAAM,eAAe,GAAG,IAAI,CAAC,GAAG,CAC9B,IAAI,CAAC,MAAM,CAAC,iBAAiB,GAAG,CAAC,EACjC,SAAS,CAAC,aAAa;SACxB,CAAC;QACF,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE;YACjC,IAAI,CAAC,UAAU,CAAC,YAAY,EAAE,CAAC;QACjC,CAAC,EAAE,eAAe,CAAC,CAAC;QAEpB,MAAM,CAAC,IAAI,CACT,2BAA2B,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK;YAC9C,iBAAiB,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CACtC,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,IAAI;QACF,IAAI,CAAC,IAAI,CAAC,OAAO;YAAE,OAAO;QAE1B,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;YACzB,aAAa,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YACpC,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC;QAC9B,CAAC;QAED,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACpB,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC/B,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;QACzB,CAAC;QAED,mDAAmD;QACnD,IAAI,CAAC,KAAK,CAAC,aAAa,EAAE,CAAC;QAE3B,IAAI,CAAC,OAAO,GAAG,KAAK,CAAC;QAErB,MAAM,CAAC,IAAI,CACT,4BAA4B,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,SAAS,mBAAmB,CAC3E,CAAC;IACJ,CAAC;IAED;;;;;;OAMG;IACH,sBAAsB,CAAC,GAAoB,EAAE,MAAc,EAAE,IAAY;QACvE,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,IAAI,EAAE,CAAC;QAC1B,IAAI,GAAG,CAAC,UAAU,CAAC,iBAAiB,CAAC,EAAE,CAAC;YACtC,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC;YAC5C,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,+DAA+D;IAC/D,iBAAiB;QACf,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IAED,uCAAuC;IAEvC;;;;;;OAMG;IACH,kBAAkB,CAChB,OAAiC;QAEjC,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QAE1D,MAAM,CAAC,IAAI,CACT,iBAAiB,YAAY,CAAC,OAAO,SAAS,YAAY,CAAC,QAAQ,KAAK;YACtE,UAAU,YAAY,CAAC,OAAO,OAAO,YAAY,CAAC,QAAQ,EAAE,CAC/D,CAAC;QAEF,OAAO,YAAY,CAAC;IACtB,CAAC;IAED;;;;;;OAMG;IACH,eAAe,CACb,SAAyB;QAEzB,OAAO,IAAI,CAAC,QAAQ,CAAC,eAAe,CAAC,SAAS,CAAC,CAAC;IAClD,CAAC;IAED;;;;;;OAMG;IACH,kBAAkB,CAChB,MAAoB;QAEpB,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACrD,MAAM,QAAQ,GAAG,KAAK,EAAE,QAAQ,IAAI,SAAS,CAAC;QAE9C,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAElE,6BAA6B;QAC7B,MAAM,UAAU,GAAG,UAAU,CAAC,MAAM,CAClC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,CACnC,CAAC;QACF,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1B,MAAM,CAAC,IAAI,CACT,UAAU,UAAU,CAAC,MAAM,2CAA2C,QAAQ,KAAK;gBACjF,SAAS,QAAQ,QAAQ,UAAU,CAAC,MAAM,SAAS,CACtD,CAAC;QACJ,CAAC;QAED,OAAO,UAAU,CAAC;IACpB,CAAC;IAED;;;;;OAKG;IACH,oBAAoB,CAAC,OAAe;QAClC,OAAO,IAAI,CAAC,QAAQ,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;IAChD,CAAC;IAED,uCAAuC;IAEvC;;;;;;;OAOG;IACH,KAAK,CAAC,YAAY,CAChB,KAA4B,EAC5B,SAAS,GAAG,IAAI;QAEhB,MAAM,cAAc,GAAG,IAAI,CAAC,QAAQ;aACjC,eAAe,EAAE;aACjB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAEzB,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,KAAK,EAAE,cAAc,CAAC,CAAC;QAErE,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;QACrC,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;;;;;;;;;;OAWG;IACH,KAAK,CAAC,iBAAiB,CACrB,OAAe,EACf,MAAoB;QAEpB,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC9C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO;gBACL,OAAO;gBACP,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,SAAS,OAAO,uCAAuC,OAAO,EAAE;aACxE,CAAC;QACJ,CAAC;QAED,MAAM,GAAG,GAAG,GAAG,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,kBAAkB,CAAC;QACpE,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC;YAC1B,MAAM;YACN,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC,CAAC;QAEH,MAAM,OAAO,GAA2B;YACtC,cAAc,EAAE,kBAAkB;SACnC,CAAC;QACF,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;YAC1B,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;QAC/D,CAAC;QAED,8CAA8C;QAC9C,uBAAuB;QACvB,MAAM,WAAW,GAAG,CAAC,CAAC;QACtB,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,IAAI,WAAW,EAAE,OAAO,EAAE,EAAE,CAAC;YACxD,IAAI,CAAC;gBACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;oBAChC,MAAM,EAAE,MAAM;oBACd,OAAO;oBACP,IAAI;oBACJ,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC;iBAClC,CAAC,CAAC;gBAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;oBACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;oBACnD,MAAM,IAAI,KAAK,CAAC,QAAQ,QAAQ,CAAC,MAAM,KAAK,IAAI,EAAE,CAAC,CAAC;gBACtD,CAAC;gBAED,MAAM,CAAC,IAAI,CACT,UAAU,MAAM,CAAC,QAAQ,oBAAoB,OAAO,KAAK;oBACvD,MAAM,MAAM,CAAC,QAAQ,WAAW,OAAO,EAAE,CAC5C,CAAC;gBAEF,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;YACpC,CAAC;YAAC,OAAO,GAAY,EAAE,CAAC;gBACtB,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBAEjE,IAAI,OAAO,GAAG,WAAW,EAAE,CAAC;oBAC1B,MAAM,CAAC,IAAI,CACT,iBAAiB,OAAO,oBAAoB,OAAO,IAAI,WAAW,gBAAgB;wBAChF,SAAS,OAAO,WAAW,OAAO,IAAI,WAAW,UAAU,OAAO,EAAE,CACvE,CAAC;oBACF,SAAS;gBACX,CAAC;gBAED,MAAM,CAAC,KAAK,CACV,iBAAiB,OAAO,iBAAiB,WAAW,cAAc;oBAChE,SAAS,OAAO,MAAM,WAAW,YAAY,OAAO,EAAE,CACzD,CAAC;gBAEF,OAAO;oBACL,OAAO;oBACP,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,OAAO;iBACf,CAAC;YACJ,CAAC;QACH,CAAC;QAED,wCAAwC;QACxC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,yBAAyB,EAAE,CAAC;IACvE,CAAC;IAED;;;;;;;;;;OAUG;IACH,KAAK,CAAC,eAAe,CACnB,MAAoB,EACpB,cAAyB;QAEzB,mCAAmC;QACnC,MAAM,SAAS,GAAG,cAAc;YAC9B,CAAC,CAAC,CAAC,GAAG,cAAc,CAAC;YACrB,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,eAAe,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAE1D,8CAA8C;QAC9C,MAAM,YAAY,GAAsB,MAAM,OAAO,CAAC,GAAG,CACvD,SAAS,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC,CAC1D,CAAC;QAEF,MAAM,YAAY,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC;QAClE,MAAM,YAAY,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC;QAEnE,MAAM,MAAM,GAA0B;YACpC,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,YAAY,EAAE,CAAC,GAAG,SAAS,CAAC;YAC5B,QAAQ,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YAClC,YAAY,EAAE,CAAC,GAAG,YAAY,CAAC;YAC/B,YAAY;YACZ,YAAY;SACb,CAAC;QAEF,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAEjC,MAAM,CAAC,IAAI,CACT,UAAU,MAAM,CAAC,QAAQ,iBAAiB,SAAS,CAAC,MAAM,UAAU;YAClE,aAAa,YAAY,aAAa,YAAY,MAAM;YACxD,MAAM,MAAM,CAAC,QAAQ,SAAS,SAAS,CAAC,MAAM,OAAO;YACrD,QAAQ,YAAY,SAAS,YAAY,GAAG,CAC/C,CAAC;QAEF,OAAO;YACL,GAAG,MAAM;YACT,YAAY,EAAE,CAAC,GAAG,MAAM,CAAC,YAAY,CAAC;YACtC,YAAY,EAAE,CAAC,GAAG,YAAY,CAAC;SAChC,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,eAAe;QACb,OAAO,IAAI,CAAC,YAAY,CAAC,eAAe,EAAE,CAAC;IAC7C,CAAC;IAED;;;;;OAKG;IACH,iBAAiB,CAAC,OAAe;QAC/B,OAAO,IAAI,CAAC,YAAY,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;IACtD,CAAC;IAED;;;;OAIG;IACH,oBAAoB;QAClB,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACrC,GAAG,CAAC;YACJ,YAAY,EAAE,CAAC,GAAG,CAAC,CAAC,YAAY,CAAC;SAClC,CAAC,CAAC,CAAC;IACN,CAAC;IAED,8BAA8B;IAE9B;;;OAGG;IACK,gBAAgB;QACtB,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,cAAc,CACxC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAC/B,CAAC;QAEF,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrB,MAAM,CAAC,IAAI,CACT,GAAG,KAAK,CAAC,MAAM,6BAA6B;gBAC1C,OAAO,KAAK,CAAC,MAAM,QAAQ,CAC9B,CAAC;QACJ,CAAC;IACH,CAAC;IAED,8BAA8B;IAE9B;;;;OAIG;IACH,WAAW;QACT,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE,CAAC;QAC/C,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC,eAAe,EAAE,CAAC;QACrD,MAAM,aAAa,GAAG,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,CAAC;QACnD,MAAM,aAAa,GAAG,IAAI,CAAC,YAAY,CAAC,iBAAiB,EAAE,CAAC;QAE5D,MAAM,cAAc,GAAoB,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YAC1D,MAAM,YAAY,GAAG,IAAI,CAAC,UAAU,CAAC,iBAAiB,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;YAClE,OAAO;gBACL,OAAO,EAAE,CAAC,CAAC,OAAO;gBAClB,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,MAAM,EAAE,CAAC,CAAC,MAAM;gBAChB,aAAa,EAAE,CAAC,CAAC,aAAa;gBAC9B,WAAW,EAAE,YAAY,CAAC,MAAM;aACjC,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,OAAO;YACL,WAAW,EAAE,SAAS,CAAC,MAAM;YAC7B,YAAY,EAAE,YAAY,CAAC,MAAM;YACjC,WAAW,EAAE,YAAY,CAAC,KAAK;YAC/B,aAAa,EAAE,YAAY,CAAC,OAAO;YACnC,MAAM,EAAE,cAAc;YACtB,aAAa;YACb,mBAAmB,EAAE,aAAa;YAClC,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;SACzD,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,gBAAgB;QACd,OAAO,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,CAAC;IACtC,CAAC;IAED;;;;;OAKG;IACH,iBAAiB,CACf,OAAe;QAEf,OAAO,IAAI,CAAC,UAAU,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;IACpD,CAAC;IAED;;;;;OAKG;IACH,gBAAgB,CAAC,KAAW;QAC1B,OAAO,IAAI,CAAC,UAAU,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;IACjD,CAAC;IAED;;;;;OAKG;IACH,QAAQ,CAAC,OAAe;QACtB,OAAO,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACzC,CAAC;IAED;;OAEG;IACH,SAAS;QACP,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,aAAa;QACX,OAAO,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;IAC5B,CAAC;CACF"}
|
package/dist/server.d.ts
ADDED
|
@@ -0,0 +1,76 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Manager HTTP API Server
|
|
3
|
+
* Manager HTTP API 伺服器
|
|
4
|
+
*
|
|
5
|
+
* Exposes the Manager orchestrator as a REST API for Guard agents
|
|
6
|
+
* and the Admin dashboard.
|
|
7
|
+
*
|
|
8
|
+
* Endpoints:
|
|
9
|
+
* - POST /api/agents/register Register a new agent
|
|
10
|
+
* - POST /api/agents/:id/heartbeat Agent heartbeat
|
|
11
|
+
* - POST /api/agents/:id/events Submit threat report
|
|
12
|
+
* - DELETE /api/agents/:id Deregister an agent
|
|
13
|
+
* - GET /api/agents List all agents
|
|
14
|
+
* - GET /api/agents/:id Get single agent
|
|
15
|
+
* - GET /api/overview Dashboard overview
|
|
16
|
+
* - GET /api/threats Recent threats
|
|
17
|
+
* - GET /api/threats/summary Threat summary
|
|
18
|
+
* - POST /api/policy Create policy
|
|
19
|
+
* - GET /api/policy/active Get active policy
|
|
20
|
+
* - GET /api/policy/agent/:id Get policy for agent
|
|
21
|
+
* - GET /api/events/stream SSE stream for real-time updates
|
|
22
|
+
* - GET /health Health check
|
|
23
|
+
*
|
|
24
|
+
* @module @panguard-ai/manager/server
|
|
25
|
+
*/
|
|
26
|
+
import { Manager } from './manager.js';
|
|
27
|
+
import type { ManagerConfig } from './types.js';
|
|
28
|
+
/**
|
|
29
|
+
* Manager HTTP API Server
|
|
30
|
+
* Wraps the Manager class with a REST API using raw node:http.
|
|
31
|
+
*/
|
|
32
|
+
export declare class ManagerServer {
|
|
33
|
+
private server;
|
|
34
|
+
private readonly manager;
|
|
35
|
+
private readonly config;
|
|
36
|
+
private readonly rateLimits;
|
|
37
|
+
private readonly hashedAuthToken;
|
|
38
|
+
private readonly sseClients;
|
|
39
|
+
constructor(config: ManagerConfig);
|
|
40
|
+
/** Get the underlying Manager instance */
|
|
41
|
+
getManager(): Manager;
|
|
42
|
+
/** Start the HTTP server and Manager service */
|
|
43
|
+
start(): Promise<void>;
|
|
44
|
+
/** Stop the server and Manager service gracefully */
|
|
45
|
+
stop(): Promise<void>;
|
|
46
|
+
private handleRequest;
|
|
47
|
+
/** Route requests to handlers */
|
|
48
|
+
private route;
|
|
49
|
+
private handleRegister;
|
|
50
|
+
private handleHeartbeat;
|
|
51
|
+
private handleEvents;
|
|
52
|
+
private handleDeregister;
|
|
53
|
+
private handleGetAgent;
|
|
54
|
+
private handleListAgents;
|
|
55
|
+
private handleOverview;
|
|
56
|
+
private handleThreatSummary;
|
|
57
|
+
private handleRecentThreats;
|
|
58
|
+
private handleCreatePolicy;
|
|
59
|
+
private handleActivePolicy;
|
|
60
|
+
private handlePolicyForAgent;
|
|
61
|
+
/** Handle a new SSE stream connection / 處理新的 SSE 串流連線 */
|
|
62
|
+
private handleSSEStream;
|
|
63
|
+
/** Broadcast an event to all connected SSE clients / 向所有已連線的 SSE 客戶端廣播事件 */
|
|
64
|
+
broadcastSSE(eventType: string, data: unknown): void;
|
|
65
|
+
/** Send an SSE event to a single client / 向單個客戶端發送 SSE 事件 */
|
|
66
|
+
private sendSSE;
|
|
67
|
+
/** Read and parse JSON body from request */
|
|
68
|
+
private readBody;
|
|
69
|
+
/** Send JSON response */
|
|
70
|
+
private sendJson;
|
|
71
|
+
/** Verify Bearer token authentication */
|
|
72
|
+
private verifyAuth;
|
|
73
|
+
/** Simple in-memory rate limiter */
|
|
74
|
+
private checkRateLimit;
|
|
75
|
+
}
|
|
76
|
+
//# sourceMappingURL=server.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AAKH,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,KAAK,EACV,aAAa,EAKd,MAAM,YAAY,CAAC;AAUpB;;;GAGG;AACH,qBAAa,aAAa;IACxB,OAAO,CAAC,MAAM,CAAgD;IAC9D,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAU;IAClC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAgB;IACvC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAA0C;IACrE,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAS;IACzC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAkC;gBAEjD,MAAM,EAAE,aAAa;IAkBjC,0CAA0C;IAC1C,UAAU,IAAI,OAAO;IAIrB,gDAAgD;IAC1C,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAqB5B,qDAAqD;IAC/C,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;YAoBb,aAAa;IA8E3B,iCAAiC;YACnB,KAAK;YAgGL,cAAc;YAuBd,eAAe;YAsBf,YAAY;IAgC1B,OAAO,CAAC,gBAAgB;IAUxB,OAAO,CAAC,cAAc;IAStB,OAAO,CAAC,gBAAgB;IAKxB,OAAO,CAAC,cAAc;IAKtB,OAAO,CAAC,mBAAmB;IAK3B,OAAO,CAAC,mBAAmB;YAUb,kBAAkB;IAehC,OAAO,CAAC,kBAAkB;IAS1B,OAAO,CAAC,oBAAoB;IAO5B,yDAAyD;IACzD,OAAO,CAAC,eAAe;IA0BvB,4EAA4E;IAC5E,YAAY,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,GAAG,IAAI;IAWpD,6DAA6D;IAC7D,OAAO,CAAC,OAAO;IAMf,4CAA4C;IAC5C,OAAO,CAAC,QAAQ;IA6BhB,yBAAyB;IACzB,OAAO,CAAC,QAAQ;IAMhB,yCAAyC;IACzC,OAAO,CAAC,UAAU;IAgBlB,oCAAoC;IACpC,OAAO,CAAC,cAAc;CAcvB"}
|