add process posture check to posture checks handlers

2026-04-20 01:06:45 +00:00 · 2024-03-12 15:20:00 +03:00
parent 5f0eec0add
commit 9f41a1f20f
4 changed files with 171 additions and 1 deletions
--- a/management/server/http/api/openapi.yml
+++ b/management/server/http/api/openapi.yml
@@ -864,6 +864,8 @@ components:
          $ref: '#/components/schemas/GeoLocationCheck'
        peer_network_range_check:
          $ref: '#/components/schemas/PeerNetworkRangeCheck'
+        process_check:
+          $ref: '#/components/schemas/ProcessCheck'
    NBVersionCheck:
      description: Posture check for the version of NetBird
      type: object
@@ -952,6 +954,31 @@ components:
      required:
        - ranges
        - action
+    ProcessCheck:
+      description: Posture Check for binaries exist and are running in the peer’s system
+      type: object
+      properties:
+        processes:
+          type: array
+          items:
+            $ref: '#/components/schemas/Process'
+      required:
+        - processes
+    Process:
+      description: Describe the operational activity within peer's system.
+      type: object
+      properties:
+        path:
+          description: Path to the process executable file in a Unix-like operating system
+          type: string
+          example: "/usr/local/bin/netbird"
+        windows_path:
+          description: Path to the process executable file in a Windows operating system
+          type: string
+          example: "C:\ProgramData\NetBird\netbird.exe"
+      required:
+        - path
+        - windows_path
    Location:
      description: Describe geographical location information
      type: object
--- a/management/server/http/api/types.gen.go
+++ b/management/server/http/api/types.gen.go
@@ -201,6 +201,9 @@ type Checks struct {

 	// PeerNetworkRangeCheck Posture check for allow or deny access based on peer local network addresses
 	PeerNetworkRangeCheck *PeerNetworkRangeCheck `json:"peer_network_range_check,omitempty"`
+
+	// ProcessCheck Posture Check for binaries exist and are running in the peer’s system
+	ProcessCheck *ProcessCheck `json:"process_check,omitempty"`
 }

 // City Describe city geographical location information
@@ -910,6 +913,20 @@ type PostureCheckUpdate struct {
 	Name string `json:"name"`
 }

+// Process Describe the operational activity within peer's system.
+type Process struct {
+	// Path Path to the process executable file in a Unix-like operating system
+	Path string `json:"path"`
+
+	// WindowsPath Path to the process executable file in a Windows operating system
+	WindowsPath string `json:"windows_path"`
+}
+
+// ProcessCheck Posture Check for binaries exist and are running in the peer’s system
+type ProcessCheck struct {
+	Processes []Process `json:"processes"`
+}
+
 // Route defines model for Route.
 type Route struct {
 	// Description Route description