diff --git a/attestation/commandrun/commandrun.go b/attestation/commandrun/commandrun.go index 8a41e020..35bbbf39 100644 --- a/attestation/commandrun/commandrun.go +++ b/attestation/commandrun/commandrun.go @@ -70,7 +70,7 @@ func WithMaterials(materials map[string]cryptoutil.DigestSet) Option { func WithTracing(enabled bool) Option { return func(cr *CommandRun) { - cr.EnableTracing = enabled + cr.enableTracing = enabled } } @@ -117,10 +117,10 @@ type CommandRun struct { Stderr string `json:"stderr,omitempty"` ExitCode int `json:"exitcode"` Processes []ProcessInfo `json:"processes,omitempty"` - EnableTracing bool silent bool materials map[string]cryptoutil.DigestSet + enableTracing bool environmentBlockList map[string]struct{} } @@ -160,6 +160,10 @@ func (rc *CommandRun) RunType() attestation.RunType { return RunType } +func (rc *CommandRun) EnableTracing() bool { + return rc.enableTracing +} + func (r *CommandRun) runCmd(ctx *attestation.AttestationContext) error { c := exec.Command(r.Cmd[0], r.Cmd[1:]...) c.Dir = ctx.WorkingDir() @@ -176,7 +180,7 @@ func (r *CommandRun) runCmd(ctx *attestation.AttestationContext) error { stderrWriter := io.MultiWriter(stderrWriters...) c.Stdout = stdoutWriter c.Stderr = stderrWriter - if r.EnableTracing { + if r.enableTracing { enableTracing(c) } @@ -185,7 +189,7 @@ func (r *CommandRun) runCmd(ctx *attestation.AttestationContext) error { } var err error - if r.EnableTracing { + if r.enableTracing { r.Processes, err = r.trace(c, ctx) } else { err = c.Wait() diff --git a/attestation/file/file_test.go b/attestation/file/file_test.go index 436e4a4b..5379a487 100644 --- a/attestation/file/file_test.go +++ b/attestation/file/file_test.go @@ -38,13 +38,13 @@ func TestBrokenSymlink(t *testing.T) { symTestDir := filepath.Join(dir, "symTestDir") require.NoError(t, os.Symlink(testDir, symTestDir)) - _, err := RecordArtifacts(dir, map[string]cryptoutil.DigestSet{}, []cryptoutil.DigestValue{{Hash: crypto.SHA256}}, map[string]struct{}{}, false, map[string]bool) + _, err := RecordArtifacts(dir, map[string]cryptoutil.DigestSet{}, []cryptoutil.DigestValue{{Hash: crypto.SHA256}}, map[string]struct{}{}, false, map[string]bool{}) require.NoError(t, err) // remove the symlinks and make sure we don't get an error back require.NoError(t, os.RemoveAll(testDir)) require.NoError(t, os.RemoveAll(testFile)) - _, err = RecordArtifacts(dir, map[string]cryptoutil.DigestSet{}, []cryptoutil.DigestValue{{Hash: crypto.SHA256}}, map[string]struct{}{}, false, map[string]bool) + _, err = RecordArtifacts(dir, map[string]cryptoutil.DigestSet{}, []cryptoutil.DigestValue{{Hash: crypto.SHA256}}, map[string]struct{}{}, false, map[string]bool{}) require.NoError(t, err) } @@ -58,6 +58,6 @@ func TestSymlinkCycle(t *testing.T) { require.NoError(t, os.Symlink(dir, symTestDir)) // if a symlink cycle weren't properly handled this would be an infinite loop - _, err := RecordArtifacts(dir, map[string]cryptoutil.DigestSet{}, []cryptoutil.DigestValue{{Hash: crypto.SHA256}}, map[string]struct{}{}, false, map[string]bool) + _, err := RecordArtifacts(dir, map[string]cryptoutil.DigestSet{}, []cryptoutil.DigestValue{{Hash: crypto.SHA256}}, map[string]struct{}{}, false, map[string]bool{}) require.NoError(t, err) } diff --git a/attestation/product/product.go b/attestation/product/product.go index d70987e7..2e15e526 100644 --- a/attestation/product/product.go +++ b/attestation/product/product.go @@ -188,12 +188,12 @@ func (a *Attestor) Attest(ctx *attestation.AttestationContext) error { for _, completedAttestor := range ctx.CompletedAttestors() { attestor := completedAttestor.Attestor - if commandRunAttestor, ok := attestor.(*commandrun.CommandRun); ok && commandRunAttestor.EnableTracing { + if commandRunAttestor, ok := attestor.(*commandrun.CommandRun); ok && commandRunAttestor.EnableTracing() { processWasTraced = true for _, process := range commandRunAttestor.Processes { - for file := range process.OpenedFiles { - openedFileSet[file] = true; + for fname := range process.OpenedFiles { + openedFileSet[fname] = true } } }