Skip to content

feat: osctrld v1.1.0 — daemon mode, osquery lifecycle, extensions, YAML config#1

Merged
javuto merged 43 commits into
jmpsec:mainfrom
alvarofraguas:main
May 24, 2026
Merged

feat: osctrld v1.1.0 — daemon mode, osquery lifecycle, extensions, YAML config#1
javuto merged 43 commits into
jmpsec:mainfrom
alvarofraguas:main

Conversation

@alvarofraguas
Copy link
Copy Markdown
Contributor

@alvarofraguas alvarofraguas commented May 23, 2026

Summary

Production-ready v2.0.0 of osctrld with four major features:

  • Daemon mode (service command) — long-running sync loop with configurable interval and jitter, graceful shutdown on SIGINT/SIGTERM
  • Osquery lifecycle management — automatically restarts osquery via OS service manager when synced flags or certificate change on disk
  • Extension deployment — fetches extension manifests from osctrl, downloads and deploys binaries, restarts osquery only on changes
  • YAML configuration — config defaults to YAML format while keeping full JSON backward compatibility via Viper auto-detection

Additional improvements

  • Migrated logging from log/slog to github.com/rs/zerolog with configurable format (text or json)
  • Fixed force flag binding bug (was bound to Verbose instead of Force)
  • Fixed typo and removed dead code
  • Added comprehensive test suite (51 tests) with CI pipeline (golangci-lint + race-enabled tests)
  • Updated README, sample configs, and service files (systemd/launchd) for v2.0.0

Stats

  • 32 files changed, 1,425 insertions, 352 deletions
  • 51 tests all passing
  • CI green (lint + tests)

Test plan

  • All 51 unit tests pass (go test -race -v ./cmd/osctrld/)
  • golangci-lint passes with zero warnings
  • CI pipeline green on push
  • Release builds successfully for all 6 platforms (darwin/linux/windows × amd64/arm64)
  • YAML and JSON config loading verified via tests
  • Daemon mode jitter calculation verified via tests
  • Osquery restart command generation verified per OS via tests
  • Extension manifest parsing and deployment verified via tests

@alvarofraguas
Add production hardening design spec
f40a2c8 
Documents the plan to fix bugs (force flag binding, typo, dead code),
migrate logging from stdlib log to log/slog, improve test coverage
for core action logic, and add a CI pipeline with golangci-lint.
@alvarofraguas
docs: add production hardening implementation plan
f6e1a98 
9-task plan covering bug fixes, slog migration, test coverage
for action and helper functions, Makefile fixes, and CI pipeline
with golangci-lint.
@alvarofraguas
fix: force flag destination pointed to Verbose instead of Force
41c3de4
@alvarofraguas
fix: typo in error message and dead code in runScript
502a7f0 
Fix 'Cound' -> 'Could' in http-utils.go.
Remove premature cmd.CombinedOutput() in runScript that executed the
script and discarded the result before cmd.Run() tried to run it again.
@alvarofraguas
fix: config test uses inline temp file instead of relative path
2cc000d 
TestLoadConfigurationValid was failing because it referenced
tests/osctrld-test.json with a relative path that didn't resolve
when running from the repository root.
@alvarofraguas
refactor: migrate logging from stdlib log to log/slog
34f4de4 
Replace log.Printf/Println with slog.Info/Warn/Error/Debug.
Remove emoji prefixes, use structured key-value fields instead.
Remove manual verbose guards — slog level filter handles this.
Initialize TextHandler in cliWrapper with level based on --verbose flag.
@alvarofraguas
test: add tests for action helpers
3ad5dcf 
Cover writeContentExists (create, same-content skip, no-force reject,
force overwrite), genericRetrieve (success, server error, connection
refused), retrieveScript, retrieveCert, retrieveVerify, retrieveFlags,
checkFileExist, and checkFileContent.
@alvarofraguas
test: add tests for CLI action functions
a950687 
Cover getFlags, getCert, enrollNode, removeNode, and verifyNode
using httptest servers to mock the osctrl API. Tests cover both
success and server error paths.
@alvarofraguas
fix: Makefile test targets use correct package path
4df3aa0
@alvarofraguas
ci: add golangci-lint and test pipeline for PRs
9480802 
Runs govet, errcheck, staticcheck, unused, gosimple, ineffassign,
and typecheck on every PR and push to main. Tests run with -race
and coverage reporting.
@alvarofraguas
docs: add zerolog migration design spec
13b6a26 
Migrate from log/slog to github.com/rs/zerolog with configurable
output format (text/JSON) via --log-format flag.
@alvarofraguas
docs: add zerolog migration implementation plan
c5a5639 
8-task plan covering dependency addition, CLI flag, logger init,
and mechanical slog-to-zerolog migration across all 5 source files.
@alvarofraguas
deps: add github.com/rs/zerolog dependency
4165655
@alvarofraguas
feat: add --log-format flag and LogFormat config field
e420f60
@alvarofraguas
refactor: migrate main.go from slog to zerolog
c274b28
@alvarofraguas
refactor: migrate remaining source files from slog to zerolog
4f718fc 
Migrate actions.go (29 call sites), actions_helpers.go (3),
config.go (1), and http-utils.go (1) to zerolog's fluent API.
No slog or stdlib log references remain in the codebase.
@alvarofraguas
docs: add daemon mode design spec
17ef7b3 
Long-running `service` command with 60-min configurable interval,
jitter, graceful shutdown, and flags+cert sync on each tick.
@alvarofraguas
docs: add daemon mode implementation plan
432cf63 
7-task plan: config field, jitter helper, command registration,
syncOnce helper, daemon loop with graceful shutdown, service files.
@alvarofraguas
feat: add --interval flag and Interval config field
901a47e
@alvarofraguas
feat: add service.go with jitter helper and tests
f3a84c7
@alvarofraguas
feat: register service command in CLI
d85b079
@alvarofraguas
feat: add syncOnce helper for daemon sync loop
d4faedb
@alvarofraguas
feat: implement serviceNode daemon loop with graceful shutdown
2335f85
@alvarofraguas
fix: update service files for daemon mode
e13e32d
@alvarofraguas
docs: add osquery lifecycle management spec and plan
491d64d
@alvarofraguas
feat: change writeContentExists to return (bool, error) for change de…
56652a7 
…tection
@alvarofraguas
feat: propagate change detection through getFlags and getCert
d2d1b39
@alvarofraguas
feat: add restartOsquery function for OS service manager integration
f8c6f19
@alvarofraguas
feat: integrate osquery restart into daemon sync loop
3b9b98e
@alvarofraguas
docs: add extension deployment spec and plan
2695851
@alvarofraguas
feat: add ExtensionsDir config and extensions URL generation
75ef2e2
@alvarofraguas
feat: add extension data types
81a632c
@alvarofraguas
feat: add extension manifest retrieval and binary deployment
15bf7fe
@alvarofraguas
feat: integrate extension sync into daemon loop
6136c80
@alvarofraguas
chore: bump version to 2.0.0
2d1aeb7
@alvarofraguas
fix: resolve golangci-lint errcheck, gosimple, and unused warnings
9d154a4 
Remove dead code (runScript), simplify fmt.Sprintf wrapping, and
check all error returns in test helpers.
@alvarofraguas
fix: check remaining os.WriteFile returns in helper tests
fc1b750
@alvarofraguas
fix: make TestGenURLs OS-independent for CI
7ffbe3a 
Use runtime.GOOS instead of hardcoded "darwin" so the test passes
on both macOS and Linux runners.
@alvarofraguas
ci: only run release workflow on tag pushes
b51a977 
Removes the main branch trigger and snapshot version generation.
Goreleaser now only runs when a version tag (v*) is pushed,
preventing conflicts with existing release assets.
@alvarofraguas
docs: update README for v2.0.0 features
956ef26 
Add documentation for daemon mode, osquery lifecycle management,
extension deployment, structured logging, configuration reference,
and deployment instructions for systemd and launchd.
Update sample config with new fields.
@alvarofraguas
chore: remove generated docs and update gitignore
3fe8770
@alvarofraguas
feat: migrate config to YAML by default, keep JSON support
3b9d915 
Rename JSONConfiguration to Configuration with yaml/mapstructure tags.
Rename jsonConfig global to appConfig. Add YAML sample config and test.
Update README, service files, and gitignore to default to YAML.
Both YAML and JSON formats are supported — Viper detects from extension.
@javuto javuto self-requested a review May 24, 2026 07:34
@javuto javuto added ✨ enhancement New feature or request 📍 new version New version released ⚙️ configuration Configuration related issues labels May 24, 2026
javuto
javuto reviewed May 24, 2026
View reviewed changes
Comment thread cmd/osctrld/version.go Outdated
const (
// OsctrldVersion to have the version for all components
OsctrldVersion string = "1.0.0"
OsctrldVersion string = "2.0.0"
Copy link
Copy Markdown
Contributor

@javuto javuto May 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's not bump the major release just yet, better do 1.1.0

@alvarofraguas alvarofraguas changed the title feat: osctrld v2.0.0 — daemon mode, osquery lifecycle, extensions, YAML config feat: osctrld v1.1.0 — daemon mode, osquery lifecycle, extensions, YAML config May 24, 2026
@javuto javuto merged commit c186313 into jmpsec:main May 24, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@javuto javuto javuto approved these changes

Assignees

No one assigned

Labels

⚙️ configuration Configuration related issues ✨ enhancement New feature or request 📍 new version New version released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@alvarofraguas @javuto