Revert "[ASCII-2591] Migrate Agent IPC clients to check IPC cert (#32369

)" (#34067)

cmd/agent/subcommands/remoteconfig/command.go

@@ -18,11 +18,9 @@ import (
 	"google.golang.org/protobuf/types/known/emptypb"
 
 	"github.com/DataDog/datadog-agent/cmd/agent/command"
-	"github.com/DataDog/datadog-agent/comp/api/authtoken"
-	"github.com/DataDog/datadog-agent/comp/api/authtoken/fetchonlyimpl"
 	"github.com/DataDog/datadog-agent/comp/core"
 	"github.com/DataDog/datadog-agent/comp/core/config"
-	log "github.com/DataDog/datadog-agent/comp/core/log/def"
+	"github.com/DataDog/datadog-agent/pkg/api/security"
 	pkgconfigsetup "github.com/DataDog/datadog-agent/pkg/config/setup"
 	"github.com/DataDog/datadog-agent/pkg/flare"
 	pbgo "github.com/DataDog/datadog-agent/pkg/proto/pbgo/core"
@@ -48,11 +46,8 @@ func Commands(globalParams *command.GlobalParams) []*cobra.Command {
 			return fxutil.OneShot(state,
 				fx.Supply(cliParams),
 				fx.Supply(core.BundleParams{
-					ConfigParams: config.NewAgentParams(globalParams.ConfFilePath, config.WithExtraConfFiles(globalParams.ExtraConfFilePath), config.WithFleetPoliciesDirPath(globalParams.FleetPoliciesDirPath)),
-					LogParams:    log.ForOneShot("TRACE", "OFF", false),
-				}),
+					ConfigParams: config.NewAgentParams(globalParams.ConfFilePath, config.WithExtraConfFiles(globalParams.ExtraConfFilePath), config.WithFleetPoliciesDirPath(globalParams.FleetPoliciesDirPath))}),
 				core.Bundle(),
-				fetchonlyimpl.Module(),
 			)
 		},
 		Hidden: true,
@@ -61,14 +56,14 @@ func Commands(globalParams *command.GlobalParams) []*cobra.Command {
 	return []*cobra.Command{remoteConfigCmd}
 }
 
-func state(_ *cliParams, config config.Component, at authtoken.Component) error {
+func state(_ *cliParams, config config.Component) error {
 	if !pkgconfigsetup.IsRemoteConfigEnabled(config) {
 		return errors.New("remote configuration is not enabled")
 	}
 	fmt.Println("Fetching the configuration and director repos state..")
 	// Call GRPC endpoint returning state tree
 
-	token, err := at.Get()
+	token, err := security.FetchAuthToken(config)
 	if err != nil {
 		return fmt.Errorf("couldn't get auth token: %w", err)
 	}
@@ -85,7 +80,7 @@ func state(_ *cliParams, config config.Component, at authtoken.Component) error
 		return err
 	}
 
-	cli, err := agentgrpc.GetDDAgentSecureClient(ctx, ipcAddress, pkgconfigsetup.GetIPCPort(), at.GetTLSClientConfig)
+	cli, err := agentgrpc.GetDDAgentSecureClient(ctx, ipcAddress, pkgconfigsetup.GetIPCPort())
 	if err != nil {
 		return err
 	}

cmd/system-probe/subcommands/run/command.go

@@ -30,7 +30,6 @@ import (
 	"github.com/DataDog/datadog-agent/cmd/system-probe/utils"
 	"github.com/DataDog/datadog-agent/comp/agent/autoexit"
 	"github.com/DataDog/datadog-agent/comp/agent/autoexit/autoexitimpl"
-	"github.com/DataDog/datadog-agent/comp/api/authtoken/fetchonlyimpl"
 	"github.com/DataDog/datadog-agent/comp/core/config"
 	healthprobe "github.com/DataDog/datadog-agent/comp/core/healthprobe/def"
 	healthprobefx "github.com/DataDog/datadog-agent/comp/core/healthprobe/fx"
@@ -105,7 +104,6 @@ func Commands(globalParams *command.GlobalParams) []*cobra.Command {
 				telemetryimpl.Module(),
 				sysprobeconfigimpl.Module(),
 				rcclientimpl.Module(),
-				fetchonlyimpl.Module(),
 				fx.Provide(func(config config.Component, sysprobeconfig sysprobeconfig.Component) healthprobe.Options {
 					return healthprobe.Options{
 						Port:           sysprobeconfig.SysProbeObject().HealthPort,
@@ -274,7 +272,6 @@ func runSystemProbe(ctxChan <-chan context.Context, errChan chan error) error {
 		fx.Supply(rcclient.Params{AgentName: "system-probe", AgentVersion: version.AgentVersion, IsSystemProbe: true}),
 		fx.Supply(option.None[secrets.Component]()),
 		rcclientimpl.Module(),
-		fetchonlyimpl.Module(),
 		config.Module(),
 		telemetryimpl.Module(),
 		compstatsd.Module(),

cmd/trace-agent/subcommands/info/command.go

@@ -14,10 +14,7 @@ import (
 	"go.uber.org/fx"
 
 	"github.com/DataDog/datadog-agent/cmd/trace-agent/subcommands"
-	"github.com/DataDog/datadog-agent/comp/api/authtoken/fetchonlyimpl"
 	coreconfig "github.com/DataDog/datadog-agent/comp/core/config"
-	log "github.com/DataDog/datadog-agent/comp/core/log/def"
-	logfx "github.com/DataDog/datadog-agent/comp/core/log/fx"
 	"github.com/DataDog/datadog-agent/comp/core/secrets"
 	"github.com/DataDog/datadog-agent/comp/core/secrets/secretsimpl"
 	nooptagger "github.com/DataDog/datadog-agent/comp/core/tagger/fx-noop"
@@ -45,14 +42,14 @@ func runTraceAgentInfoFct(params *subcommands.GlobalParams, fct interface{}) err
 	return fxutil.OneShot(fct,
 		config.Module(),
 		fx.Supply(coreconfig.NewAgentParams(params.ConfPath, coreconfig.WithFleetPoliciesDirPath(params.FleetPoliciesDirPath))),
-		fx.Supply(log.ForOneShot(params.LoggerName, "off", true)),
 		fx.Supply(option.None[secrets.Component]()),
 		fx.Supply(secrets.NewEnabledParams()),
 		coreconfig.Module(),
 		secretsimpl.Module(),
 		nooptagger.Module(),
-		fetchonlyimpl.Module(),
-		logfx.Module(),
+		// TODO: (component)
+		// fx.Supply(logimpl.ForOneShot(params.LoggerName, "off", true)),
+		// log.Module(),
 	)
 }
 

comp/api/api/apiimpl/api_test.go

@@ -20,7 +20,7 @@ import (
 	"github.com/DataDog/datadog-agent/comp/aggregator/demultiplexer/demultiplexerimpl"
 	"github.com/DataDog/datadog-agent/comp/api/api/apiimpl/observability"
 	api "github.com/DataDog/datadog-agent/comp/api/api/def"
-	"github.com/DataDog/datadog-agent/comp/api/authtoken/fetchonlyimpl"
+	"github.com/DataDog/datadog-agent/comp/api/authtoken/createandfetchimpl"
 	"github.com/DataDog/datadog-agent/comp/collector/collector"
 	"github.com/DataDog/datadog-agent/comp/core/autodiscovery"
 	"github.com/DataDog/datadog-agent/comp/core/autodiscovery/autodiscoveryimpl"
@@ -76,7 +76,7 @@ func getTestAPIServer(t *testing.T, params config.MockParams) testdeps {
 		demultiplexerimpl.MockModule(),
 		fx.Supply(option.None[rcservice.Component]()),
 		fx.Supply(option.None[rcservicemrf.Component]()),
-		fetchonlyimpl.MockModule(),
+		createandfetchimpl.Module(),
 		fx.Supply(context.Background()),
 		taggermock.Module(),
 		fx.Provide(func(mock taggermock.Mock) tagger.Component {

comp/api/authtoken/component.go

@@ -21,7 +21,7 @@ import (
 
 // Component is the component type.
 type Component interface {
-	Get() (string, error)
+	Get() string
 	GetTLSClientConfig() *tls.Config
 	GetTLSServerConfig() *tls.Config
 }

comp/api/authtoken/createandfetchimpl/authtoken.go

@@ -48,8 +48,8 @@ func newAuthToken(deps dependencies) (authtoken.Component, error) {
 }
 
 // Get returns the session token
-func (at *authToken) Get() (string, error) {
-	return util.GetAuthToken(), nil
+func (at *authToken) Get() string {
+	return util.GetAuthToken()
 }
 
 // GetTLSServerConfig return a TLS configuration with the IPC certificate for http.Server

comp/api/authtoken/createandfetchimpl/authtoken_test.go

@@ -43,9 +43,6 @@ func TestGet(t *testing.T) {
 	data, err := os.ReadFile(authPath)
 	require.NoError(t, err)
 
-	token, err := comp.Get()
-	require.NoError(t, err)
-
-	assert.Equal(t, string(data), token)
-	assert.Equal(t, util.GetAuthToken(), token)
+	assert.Equal(t, string(data), comp.Get())
+	assert.Equal(t, util.GetAuthToken(), comp.Get())
 }

comp/api/authtoken/fetchonlyimpl/authtoken.go

@@ -63,12 +63,13 @@ func (at *authToken) setToken() error {
 }
 
 // Get returns the session token
-func (at *authToken) Get() (string, error) {
+func (at *authToken) Get() string {
 	if err := at.setToken(); err != nil {
-		return "", err
+		at.log.Debugf("%s", err.Error())
+		return ""
 	}
 
-	return util.GetAuthToken(), nil
+	return util.GetAuthToken()
 }
 
 // GetTLSClientConfig return a TLS configuration with the IPC certificate for http.Client

comp/api/authtoken/fetchonlyimpl/authtoken_test.go

@@ -40,26 +40,21 @@ func TestGet(t *testing.T) {
 		),
 	).(*authToken)
 
-	_, err := comp.Get()
-
-	assert.Error(t, err)
+	assert.Empty(t, comp.Get())
 	assert.False(t, comp.tokenLoaded)
 
-	err = os.WriteFile(authPath, []byte("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"), 0777)
+	err := os.WriteFile(authPath, []byte("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"), 0777)
 	require.NoError(t, err)
 
 	// Should be empty because the cert/key weren't generated yet
-	_, err = comp.Get()
-	assert.Error(t, err)
+	assert.Empty(t, comp.Get())
 	assert.False(t, comp.tokenLoaded)
 
 	// generating IPC cert/key files
 	_, _, err = cert.CreateOrFetchAgentIPCCert(cfg)
 	require.NoError(t, err)
 
-	token, err := comp.Get()
-	assert.NoError(t, err)
-	assert.Equal(t, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", token)
+	assert.Equal(t, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", comp.Get())
 	assert.True(t, comp.tokenLoaded)
 
 }

comp/api/authtoken/fetchonlyimpl/mock.go

@@ -29,8 +29,8 @@ func MockModule() fxutil.Module {
 type MockFetchOnly struct{}
 
 // Get is a mock of the fetchonly Get function
-func (fc *MockFetchOnly) Get() (string, error) {
-	return "a string", nil
+func (fc *MockFetchOnly) Get() string {
+	return "a string"
 }
 
 // GetTLSClientConfig is a mock of the fetchonly GetTLSClientConfig function

comp/checks/bundle_test.go

@@ -12,7 +12,6 @@ import (
 
 	"go.uber.org/fx"
 
-	"github.com/DataDog/datadog-agent/comp/api/authtoken/fetchonlyimpl"
 	"github.com/DataDog/datadog-agent/comp/core"
 	agenttelemetryfx "github.com/DataDog/datadog-agent/comp/core/agenttelemetry/fx"
 	tagger "github.com/DataDog/datadog-agent/comp/core/tagger/def"
@@ -26,7 +25,6 @@ func TestBundleDependencies(t *testing.T) {
 
 	fxutil.TestBundle(t, Bundle(),
 		core.MockBundle(),
-		fetchonlyimpl.MockModule(),
 		fx.Provide(func() tagger.Component { return fakeTagger }),
 		fx.Supply(core.BundleParams{}),
 		agenttelemetryfx.Module(),

comp/core/configsync/configsyncimpl/module_integration_test.go

@@ -45,7 +45,7 @@ func TestOptionalModule(t *testing.T) {
 	}
 	comp := fxutil.Test[configsync.Component](t, fx.Options(
 		core.MockBundle(),
-		fetchonlyimpl.MockModule(),
+		fetchonlyimpl.Module(),
 		Module(Params{}),
 		fx.Populate(&cfg),
 		fx.Replace(config.MockParams{Overrides: overrides}),

comp/core/configsync/configsyncimpl/sync.go

@@ -8,7 +8,6 @@ package configsyncimpl
 import (
 	"context"
 	"encoding/json"
-	"fmt"
 	"net/http"
 	"strconv"
 	"time"
@@ -19,12 +18,7 @@ import (
 
 func (cs *configSync) updater() error {
 	cs.Log.Debugf("Pulling new configuration from agent-core at '%s'", cs.url.String())
-	authToken, err := cs.Authtoken.Get()
-	if err != nil {
-		return fmt.Errorf("Failed to fetch config from core agent: unable to retrieve auth_token: %v", err.Error())
-	}
-
-	cfg, err := fetchConfig(cs.ctx, cs.client, authToken, cs.url.String())
+	cfg, err := fetchConfig(cs.ctx, cs.client, cs.Authtoken.Get(), cs.url.String())
 	if err != nil {
 		if cs.connected {
 			cs.Log.Warnf("Loosed connectivity to core-agent to fetch config: %v", err)

comp/core/hostname/remotehostnameimpl/hostname.go

@@ -19,11 +19,9 @@ import (
 	"github.com/DataDog/datadog-agent/pkg/util/hostname"
 	"github.com/DataDog/datadog-agent/pkg/util/log"
 
+	"github.com/DataDog/datadog-agent/comp/core/hostname/hostnameinterface"
 	cache "github.com/patrickmn/go-cache"
 	"go.uber.org/fx"
-
-	"github.com/DataDog/datadog-agent/comp/api/authtoken"
-	"github.com/DataDog/datadog-agent/comp/core/hostname/hostnameinterface"
 )
 
 const (
@@ -52,26 +50,19 @@ var cachKey = "hostname"
 
 type remotehostimpl struct {
 	cache *cache.Cache
-	at    authtoken.Component
-}
-
-type dependencies struct {
-	fx.In
-	At authtoken.Component
 }
 
-func newRemoteHostImpl(deps dependencies) hostnameinterface.Component {
+func newRemoteHostImpl() hostnameinterface.Component {
 	return &remotehostimpl{
 		cache: cache.New(defaultExpire, defaultPurge),
-		at:    deps.At,
 	}
 }
 
 func (r *remotehostimpl) Get(ctx context.Context) (string, error) {
 	if hostname, found := r.cache.Get(cachKey); found {
 		return hostname.(string), nil
 	}
-	hostname, err := r.getHostnameWithContextAndFallback(ctx)
+	hostname, err := getHostnameWithContextAndFallback(ctx)
 	if err != nil {
 		return "", err
 	}
@@ -97,7 +88,7 @@ func (r *remotehostimpl) GetWithProvider(ctx context.Context) (hostnameinterface
 
 // getHostnameWithContext attempts to acquire a hostname by connecting to the
 // core agent's gRPC endpoints extending the given context.
-func (r *remotehostimpl) getHostnameWithContext(ctx context.Context) (string, error) {
+func getHostnameWithContext(ctx context.Context) (string, error) {
 	var hostname string
 	err := retry.Do(func() error {
 		ctx, cancel := context.WithTimeout(ctx, 1*time.Second)
@@ -108,7 +99,7 @@ func (r *remotehostimpl) getHostnameWithContext(ctx context.Context) (string, er
 			return err
 		}
 
-		client, err := grpc.GetDDAgentClient(ctx, ipcAddress, pkgconfigsetup.GetIPCPort(), r.at.GetTLSClientConfig)
+		client, err := grpc.GetDDAgentClient(ctx, ipcAddress, pkgconfigsetup.GetIPCPort())
 		if err != nil {
 			return err
 		}
@@ -128,8 +119,8 @@ func (r *remotehostimpl) getHostnameWithContext(ctx context.Context) (string, er
 
 // getHostnameWithContextAndFallback attempts to acquire a hostname by connecting to the
 // core agent's gRPC endpoints extending the given context, or falls back to local resolution
-func (r *remotehostimpl) getHostnameWithContextAndFallback(ctx context.Context) (string, error) {
-	hostnameDetected, err := r.getHostnameWithContext(ctx)
+func getHostnameWithContextAndFallback(ctx context.Context) (string, error) {
+	hostnameDetected, err := getHostnameWithContext(ctx)
 	if err != nil {
 		log.Warnf("Could not resolve hostname from core-agent: %v", err)
 		hostnameDetected, err = hostname.Get(ctx)

comp/metadata/inventoryotel/inventoryotelimpl/inventoryotel.go

@@ -168,13 +168,8 @@ func (i *inventoryotel) parseResponseFromJSON(body []byte) (otelMetadata, error)
 }
 
 func (i *inventoryotel) fetchRemoteOtelConfig(u *url.URL) (otelMetadata, error) {
-	authToken, err := i.authToken.Get()
-	if err != nil {
-		return nil, err
-	}
-
 	// Create a Bearer string by appending string access token
-	bearer := "Bearer " + authToken
+	bearer := "Bearer " + i.authToken.Get()
 
 	// Create a new request using http
 	req, err := http.NewRequest("GET", u.String(), nil)