From 7f4a73eb8951b6a04709b77d920f725da574e3d6 Mon Sep 17 00:00:00 2001
From: "eli.stone" <eli.stone@amazee.com>
Date: Tue, 12 Jan 2021 14:58:39 +0000
Subject: [PATCH] ALCS-46 :sparkles: added CDN checker policy and created
 common utils for common methods.

---
 Policies/cnd_check.policy.yml |  14 ++++
 composer.json                 |   3 +-
 src/Audit/CdnCheck.php        | 121 ++++++++++++++++++++++++++++++++++
 src/Audit/SSLChecker.php      |  23 +------
 src/Utils/Common.php          |  27 ++++++++
 5 files changed, 166 insertions(+), 22 deletions(-)
 create mode 100644 Policies/cnd_check.policy.yml
 create mode 100644 src/Audit/CdnCheck.php
 create mode 100644 src/Utils/Common.php

diff --git a/Policies/cnd_check.policy.yml b/Policies/cnd_check.policy.yml
new file mode 100644
index 0000000..3bb7865
--- /dev/null
+++ b/Policies/cnd_check.policy.yml
@@ -0,0 +1,14 @@
+title: "CDN Check"
+class: \Drutiny\algm\Audit\CdnCheck
+name: algm:CdnCheck
+tags:
+  - Speed
+description: |
+  Runs to check if the site is using the a CDN.
+success: |
+  {{ status }}
+failure: |
+  {{ status }}
+parameters:
+  cdn:
+    default: 'fastly'
diff --git a/composer.json b/composer.json
index 2672de2..9ddf304 100644
--- a/composer.json
+++ b/composer.json
@@ -23,7 +23,8 @@
     "require": {
         "drutiny/plugin-drupal-8": "^2.3",
         "drutiny/plugin-drupal-7": "^2.3",
-        "spatie/ssl-certificate": "^1.20"
+        "spatie/ssl-certificate": "^1.20",
+        "rlanvin/php-ip": "^2.1"
     },
     "autoload": {
         "psr-4": {
diff --git a/src/Audit/CdnCheck.php b/src/Audit/CdnCheck.php
new file mode 100644
index 0000000..744996f
--- /dev/null
+++ b/src/Audit/CdnCheck.php
@@ -0,0 +1,121 @@
+<?php
+
+namespace Drutiny\algm\Audit;
+
+use Drutiny\algm\Utils\Common;
+use Drutiny\Annotation\Param;
+use Drutiny\Audit;
+use Drutiny\Sandbox\Sandbox;
+use Drutiny\Annotation\Token;
+use PhpIP\IPBlock;
+
+
+/**
+ * Simple Drush Status test
+ *
+ * @Param(
+ *  name = "cdn",
+ *  description = "Set which CDN we are checking for.",
+ *  type = "string"
+ * )
+ * @Token(
+ *  name = "status",
+ *  type = "string",
+ *  description = "Results from Drush status"
+ * )
+ */
+class CdnCheck extends Audit {
+
+  /**
+   * Returns a list of ip address for CDNs
+   *
+   * @return \string[][]
+   */
+  private function cdnIpAddresses() {
+    $cdns = [
+      // you get a list of fastly IPs from here
+      // I have hardcoded them encase the sever we use cannot ping out.
+      // https://api.fastly.com/public-ip-list
+      "fastly" => [
+        "23.235.32.0/20",
+        "43.249.72.0/22",
+        "103.244.50.0/24",
+        "103.245.222.0/23",
+        "103.245.224.0/24",
+        "104.156.80.0/20",
+        "146.75.0.0/16",
+        "151.101.0.0/16",
+        "157.52.64.0/18",
+        "167.82.0.0/17",
+        "167.82.128.0/20",
+        "167.82.160.0/20",
+        "167.82.224.0/20",
+        "172.111.64.0/18",
+        "185.31.16.0/22",
+        "199.27.72.0/21",
+        "199.232.0.0/16",
+        "2a04:4e40::/32",
+        "2a04:4e42::/32",
+      ],
+    ];
+    return $cdns;
+  }
+
+  /**
+   * Extract the host from a url.
+   *
+   * @param $url
+   *
+   * @return mixed
+   */
+  private function getHost($url){
+    $parse = parse_url($url);
+    return $parse['host'];
+  }
+
+
+  /**
+   * @inheritdoc
+   */
+  public function audit(Sandbox $sandbox) {
+    $cdn = $sandbox->getParameter('cdn');
+
+    $command = "printenv";
+    $output = $sandbox->exec($command);
+    $env = Common::envStringToAssociativeArray($output);
+
+    if (!$env) {
+      throw new \Exception("Could not fetch environment variables.");
+      return Audit::ERROR;
+    }
+
+    $url = $env['LAGOON_ROUTE'];
+    if (!$url) {
+      throw new \Exception("The route could not be found.");
+      return Audit::ERROR;
+    }
+
+    $host = $this->getHost($url);
+    $hostIp = gethostbyname($host);
+    $cdnIpAddresses = $this->cdnIpAddresses();
+    if ($selectedCdn = $cdnIpAddresses[$cdn]) {
+      foreach ($selectedCdn as $ip) {
+        $block = IPBlock::create($ip);
+        if ($block->contains($hostIp)) {
+          $msg = sprintf('The domain %s (%s) has been found in the ip range of %s which matches the %s CDN', $url, $hostIp, $ip, ucfirst($cdn));
+          $sandbox->setParameter('status', $msg);
+          return Audit::PASS;
+        }
+      }
+    }
+    else {
+      throw new \Exception(sprintf("Could not find any ip addresses matching the CDN named %s", $cdn));
+      return Audit::ERROR;
+    }
+
+    $msg = sprintf('The domain %s (%s) has not been found using the %s CDN ', $url, $hostIp, ucfirst($cdn));
+    $sandbox->setParameter('status', $msg);
+    return Audit::FAILURE;
+  }
+
+}
diff --git a/src/Audit/SSLChecker.php b/src/Audit/SSLChecker.php
index 88bc298..84ddc71 100644
--- a/src/Audit/SSLChecker.php
+++ b/src/Audit/SSLChecker.php
@@ -2,12 +2,11 @@
 
 namespace Drutiny\algm\Audit;
 
+use Drutiny\algm\Utils\Common;
 use Drutiny\Audit;
 use Drutiny\Sandbox\Sandbox;
 use Drutiny\Annotation\Token;
 use Drutiny\Annotation\Param;
-use Drutiny\Target\DrushTarget;
-use Drutiny\RemediableInterface;
 use Spatie\SslCertificate\SslCertificate;
 
 
@@ -29,24 +28,6 @@
  */
 class SSLChecker extends Audit {
 
-  /**
-   * Converts string from printenv to associative array
-   *
-   * @param string $input
-   * @return array | null
-   */
-  private function envStringToAssociativeArray($input) {
-    $env=[];
-    $lines = explode(PHP_EOL, $input);
-    foreach ($lines as $line) {
-      $split = explode("=", $line, 2);
-      if ($split[0]) {
-        $env[$split[0]] = $split[1];
-      }
-    }
-    return count($env) ? $env : NULL;
-  }
-
   /**
    * This will be called before audit().
    *
@@ -67,7 +48,7 @@ public function audit(Sandbox $sandbox) {
     // Execute and clean the output into usable data.
     $command = "printenv";
     $output = $sandbox->exec($command);
-    $env = $this->envStringToAssociativeArray($output);
+    $env = Common::envStringToAssociativeArray($output);
 
     if (!$env) {
       throw new \Exception("Could not fetch environment variables.");
diff --git a/src/Utils/Common.php b/src/Utils/Common.php
new file mode 100644
index 0000000..e554823
--- /dev/null
+++ b/src/Utils/Common.php
@@ -0,0 +1,27 @@
+<?php
+
+namespace Drutiny\algm\Utils;
+
+/**
+ * Generate markdown table as output from php array
+ */
+class Common {
+
+  /**
+   * Converts string from printenv to associative array
+   *
+   * @param string $input
+   * @return array | null
+   */
+  public static function envStringToAssociativeArray($input) {
+    $env = [];
+    $lines = explode(PHP_EOL, $input);
+    foreach ($lines as $line) {
+      $split = explode("=", $line, 2);
+      if ($split[0]) {
+        $env[$split[0]] = $split[1];
+      }
+    }
+    return count($env) ? $env : NULL;
+  }
+}
\ No newline at end of file