diff --git a/Dockerfile b/Dockerfile index 5650968..ca0b401 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # Build the manager binary -FROM golang:1.20.8-alpine3.18 as builder +FROM golang:1.21.4-alpine3.18 as builder COPY . /go/src/github.com/uselagoon/lagoon/services/insights-handler/ WORKDIR /go/src/github.com/uselagoon/lagoon/services/insights-handler/ diff --git a/Makefile b/Makefile index 9a20003..ee443ac 100644 --- a/Makefile +++ b/Makefile @@ -5,6 +5,6 @@ gettrivy: .PHONY: runlocal runlocal: - go run main.go --problems-from-sbom=true --rabbitmq-username=guest --rabbitmq-password=guest --lagoon-api-host=http://localhost:8888/graphql --jwt-token-signing-key=secret --access-key-id=minio --secret-access-key=minio123 --disable-s3-upload=true + go run main.go --problems-from-sbom=true --rabbitmq-username=guest --rabbitmq-password=guest --lagoon-api-host=http://localhost:8888/graphql --jwt-token-signing-key=secret --access-key-id=minio --secret-access-key=minio123 --disable-s3-upload=true --debug=true diff --git a/go.mod b/go.mod index 1549693..c3aded7 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/uselagoon/lagoon/services/insights-handler -go 1.18 +go 1.21 require ( github.com/Khan/genqlient v0.3.0 diff --git a/internal/handler/imageInspectParserFilter.go b/internal/handler/imageInspectParserFilter.go index 057ca39..b61d0a2 100644 --- a/internal/handler/imageInspectParserFilter.go +++ b/internal/handler/imageInspectParserFilter.go @@ -3,7 +3,7 @@ package handler import ( "encoding/json" "fmt" - "log" + "log/slog" "strings" "github.com/Khan/genqlient/graphql" @@ -24,10 +24,12 @@ type ImageData struct { } func processImageInspectInsightsData(h *Messaging, insights InsightsData, v string, apiClient graphql.Client, resource ResourceDestination) ([]LagoonFact, string, error) { + source := fmt.Sprintf("insights:image:%s", resource.Service) + logger := slog.With("ProjectName", resource.Project, "EnvironmentName", resource.Environment, "Source", source) if insights.InsightsType == Image { decoded, err := decodeGzipString(v) if err != nil { - fmt.Errorf(err.Error()) + return nil, "", err } _, environment, apiErr := determineResourceFromLagoonAPI(apiClient, resource) @@ -35,8 +37,6 @@ func processImageInspectInsightsData(h *Messaging, insights InsightsData, v stri return nil, "", apiErr } - source := fmt.Sprintf("insights:image:%s", resource.Service) - marshallDecoded, err := json.Marshal(decoded) var imageInspect ImageData @@ -45,12 +45,11 @@ func processImageInspectInsightsData(h *Messaging, insights InsightsData, v stri return nil, "", err } - facts, err := processFactsFromImageInspect(imageInspect, environment.Id, source) + facts, err := processFactsFromImageInspect(logger, imageInspect, environment.Id, source) if err != nil { return nil, "", err } - log.Printf("Successfully decoded image-inspect, for '%s:%s', from '%s'", resource.Project, resource.Environment, source) - + logger.Info("Successfully decoded image-inspect") facts, err = KeyFactsFilter(facts) if err != nil { return nil, "", err @@ -61,7 +60,8 @@ func processImageInspectInsightsData(h *Messaging, insights InsightsData, v stri return []LagoonFact{}, "", nil } -func processFactsFromImageInspect(imageInspectData ImageData, id int, source string) ([]LagoonFact, error) { +func processFactsFromImageInspect(logger *slog.Logger, imageInspectData ImageData, id int, source string) ([]LagoonFact, error) { + var factsInput []LagoonFact var filteredFacts []EnvironmentVariable @@ -95,9 +95,9 @@ func processFactsFromImageInspect(imageInspectData ImageData, id int, source str KeyFact: false, Type: FactTypeText, } - if EnableDebug { - log.Println("[DEBUG] processing fact name " + f.Key) - } + + logger.Debug("Processing fact", "name", f.Key, "value", f.Value) + fact, _ = ProcessLagoonFactAgainstRegisteredFilters(fact, f) factsInput = append(factsInput, fact) } diff --git a/internal/handler/insightsFactsParserFilter.go b/internal/handler/insightsFactsParserFilter.go index a1b8fed..885e07e 100644 --- a/internal/handler/insightsFactsParserFilter.go +++ b/internal/handler/insightsFactsParserFilter.go @@ -4,7 +4,7 @@ import ( "encoding/json" "fmt" "io/ioutil" - "log" + "log/slog" "strings" "github.com/Khan/genqlient/graphql" @@ -16,6 +16,8 @@ type FactsPayload struct { // Processes facts from insights payloads that come from reconcilled kubernetes payloads (e.g. include labels/annotations and compressed/encoded data) func processFactsInsightsData(h *Messaging, insights InsightsData, v string, apiClient graphql.Client, resource ResourceDestination) ([]LagoonFact, string, error) { + source := fmt.Sprintf("insights:facts:%s", resource.Service) + logger := slog.With("ProjectName", resource.Project, "EnvironmentName", resource.Environment, "Source", source) if insights.LagoonType == Facts && insights.InsightsType == Raw { r := strings.NewReader(v) @@ -23,12 +25,10 @@ func processFactsInsightsData(h *Messaging, insights InsightsData, v string, api //dec := base64.NewDecoder(base64.StdEncoding, r) res, err := ioutil.ReadAll(r) if err != nil { - fmt.Println("err: ", err) + slog.Error("Error reading insights data", "Error", err) } - source := fmt.Sprintf("insights:facts:%s", resource.Service) - - facts := processFactsFromJSON(res, source) + facts := processFactsFromJSON(logger, res, source) facts, err = KeyFactsFilter(facts) if err != nil { return nil, "", err @@ -38,20 +38,21 @@ func processFactsInsightsData(h *Messaging, insights InsightsData, v string, api return nil, "", fmt.Errorf("no facts to process") } - log.Printf("Successfully processed %d fact(s), for '%s:%s', from source '%s'", len(facts), resource.Project, resource.Environment, source) + //log.Printf("Successfully processed %d fact(s), for '%s:%s', from source '%s'", len(facts), resource.Project, resource.Environment, source) + logger.Info("Successfully processed facts", "number", len(facts)) return facts, source, nil } return nil, "", nil } -func processFactsFromJSON(facts []byte, source string) []LagoonFact { +func processFactsFromJSON(logger *slog.Logger, facts []byte, source string) []LagoonFact { var factsInput []LagoonFact var factsPayload FactsPayload err := json.Unmarshal(facts, &factsPayload) if err != nil { - fmt.Println(err.Error()) + logger.Error(err.Error()) panic("Can't unmarshal facts") } @@ -80,9 +81,7 @@ func processFactsFromJSON(facts []byte, source string) []LagoonFact { KeyFact: f.KeyFact, Type: FactTypeText, } - if EnableDebug { - log.Println("[DEBUG] processing fact name " + f.Name) - } + logger.Debug("Processing fact", "name", f.Name, "value", f.Value) fact, _ = ProcessLagoonFactAgainstRegisteredFilters(fact, f) factsInput = append(factsInput, fact) } diff --git a/internal/handler/insightsParserFilter.go b/internal/handler/insightsParserFilter.go index fb5baba..70950f9 100644 --- a/internal/handler/insightsParserFilter.go +++ b/internal/handler/insightsParserFilter.go @@ -6,7 +6,7 @@ import ( "encoding/json" "fmt" "io/ioutil" - "log" + "log/slog" "net/http" "strings" @@ -15,6 +15,10 @@ import ( ) func processSbomInsightsData(h *Messaging, insights InsightsData, v string, apiClient graphql.Client, resource ResourceDestination) ([]LagoonFact, string, error) { + + source := fmt.Sprintf("insights:sbom:%s", resource.Service) + logger := slog.With("ProjectName", resource.Project, "EnvironmentName", resource.Environment, "Source", source) + if insights.InsightsType != Sbom { return []LagoonFact{}, "", nil } @@ -59,7 +63,6 @@ func processSbomInsightsData(h *Messaging, insights InsightsData, v string, apiC if apiErr != nil { return nil, "", apiErr } - source := fmt.Sprintf("insights:sbom:%s", resource.Service) // we process the SBOM here @@ -68,7 +71,7 @@ func processSbomInsightsData(h *Messaging, insights InsightsData, v string, apiC if err != nil { return nil, "", fmt.Errorf("trivy server not alive: %v", err.Error()) } else { - fmt.Println("trivy is alive") + logger.Debug("Trivy is reachable") } if isAlive { err = SbomToProblems(apiClient, h.TrivyServerEndpoint, "/tmp/", environment.Id, resource.Service, *bom) @@ -79,7 +82,7 @@ func processSbomInsightsData(h *Messaging, insights InsightsData, v string, apiC } // Process SBOM into facts - facts := processFactsFromSBOM(bom.Components, environment.Id, source) + facts := processFactsFromSBOM(logger, bom.Components, environment.Id, source) facts, err = KeyFactsFilter(facts) if err != nil { @@ -90,12 +93,17 @@ func processSbomInsightsData(h *Messaging, insights InsightsData, v string, apiC return nil, "", fmt.Errorf("no facts to process") } - log.Printf("Successfully decoded SBOM of image %s with %s, found %d for '%s:%s'", bom.Metadata.Component.Name, (*bom.Metadata.Tools)[0].Name, len(*bom.Components), resource.Project, resource.Environment) + //log.Printf("Successfully decoded SBOM of image %s with %s, found %d for '%s:%s'", bom.Metadata.Component.Name, (*bom.Metadata.Tools)[0].Name, len(*bom.Components), resource.Project, resource.Environment) + logger.Info("Successfully decoded SBOM", + "image", bom.Metadata.Component.Name, + "fieldName", (*bom.Metadata.Tools)[0].Name, + "Length", len(*bom.Components), + ) return facts, source, nil } -func processFactsFromSBOM(facts *[]cdx.Component, environmentId int, source string) []LagoonFact { +func processFactsFromSBOM(logger *slog.Logger, facts *[]cdx.Component, environmentId int, source string) []LagoonFact { var factsInput []LagoonFact if len(*facts) == 0 { return factsInput @@ -122,9 +130,13 @@ func processFactsFromSBOM(facts *[]cdx.Component, environmentId int, source stri KeyFact: false, Type: FactTypeText, } - if EnableDebug { - log.Println("[DEBUG] processing fact name " + f.Name) - } + //if EnableDebug { + // log.Println("[DEBUG] processing fact name " + f.Name) + //} + logger.Debug("Processing fact", + "Name", f.Name, + "Value", f.Version, + ) fact, _ = ProcessLagoonFactAgainstRegisteredFilters(fact, f) factsInput = append(factsInput, fact) } diff --git a/internal/handler/main.go b/internal/handler/main.go index 26b3d23..db7bf2a 100644 --- a/internal/handler/main.go +++ b/internal/handler/main.go @@ -11,6 +11,7 @@ import ( "io" "io/ioutil" "log" + "log/slog" "net/http" "net/url" "os" @@ -229,23 +230,28 @@ func (h *Messaging) Consumer() { return attempt < h.ConnectionAttempts, err }) if err != nil { - log.Fatalf("Finally failed to initialize message queue manager: %v", err) + //log.Fatalf("Finally failed to initialize message queue manager: %v", err) + slog.Error("Finally failed to initialize message queue manager", "error", err.Error()) + os.Exit(1) } defer messageQueue.Close() go func() { for err := range messageQueue.Error() { - log.Println(fmt.Sprintf("Caught error from message queue: %v", err)) + //log.Println(fmt.Sprintf("Caught error from message queue: %v", err)) + slog.Error("Caught error from message queue", "Error", err.Error()) } }() forever := make(chan bool) // Handle any tasks that go to the queue - log.Println("Listening for messages in queue lagoon-insights:items") + //log.Println("Listening for messages in queue lagoon-insights:items") + slog.Info("Listening for messages", "queue", "lagoon-insights:items") err = messageQueue.SetConsumerHandler("items-queue", h.processMessageQueue) if err != nil { - log.Println(fmt.Sprintf("Failed to set handler to consumer `%s`: %v", "items-queue", err)) + //log.Println(fmt.Sprintf("Failed to set handler to consumer `%s`: %v", "items-queue", err)) + slog.Error("Failed to set handler", "consumer", "items-queue", "error", err.Error()) } <-forever } @@ -260,9 +266,7 @@ func (t *authedTransport) RoundTrip(req *http.Request) (*http.Response, error) { token, err := jwt.OneMinuteAdminToken(t.h.LagoonAPI.TokenSigningKey, t.h.LagoonAPI.JWTAudience, t.h.LagoonAPI.JWTSubject, t.h.LagoonAPI.JWTIssuer) if err != nil { // the token wasn't generated - if t.h.EnableDebug { - log.Println(err) - } + slog.Debug("Error while creating JWT", "error", err.Error()) return nil, err } req.Header.Set("Authorization", "bearer "+token) @@ -297,7 +301,7 @@ func parserFilterLoopForBinaryPayloads(insights InsightsData, p string, h *Messa result, source, err := filter(h, insights, p, apiClient, resource) if err != nil { - log.Println(fmt.Errorf(err.Error())) + slog.Error("Error running filter", "error", err.Error()) } processResultset(result, err, h, apiClient, resource, source) @@ -311,12 +315,12 @@ func parserFilterLoopForPayloads(insights InsightsData, p PayloadInput, h *Messa json, err := json.Marshal(p) if err != nil { - log.Println(fmt.Errorf(err.Error())) + slog.Error("Error marshalling data", "error", err.Error()) } result, source, err = filter(h, insights, fmt.Sprintf("%s", json), apiClient, resource) if err != nil { - log.Println(fmt.Errorf(err.Error())) + slog.Error("Error Filtering payload", "error", err.Error()) } processResultset(result, err, h, apiClient, resource, source) @@ -342,23 +346,26 @@ func processResultset(result []interface{}, err error, h *Messaging, apiClient g // Handle single fact err = h.sendFactsToLagoonAPI([]LagoonFact{fact}, apiClient, resource, source) if err != nil { - fmt.Println(err) + slog.Error("Error sending facts to Lagoon API", "error", err.Error()) } } else if facts, ok := r.([]LagoonFact); ok { // Handle slice of facts h.sendFactsToLagoonAPI(facts, apiClient, resource, source) } else { // Unexpected type returned from filter() - log.Printf("unexpected type returned from filter(): %T\n", r) + slog.Error(fmt.Sprintf("unexpected type returned from filter(): %T\n", r)) } } } func (h *Messaging) sendFactsToLagoonAPI(facts []LagoonFact, apiClient graphql.Client, resource ResourceDestination, source string) error { - if EnableDebug { - log.Printf("[DEBUG] matched %d number of fact(s) for '%v:%v', from source '%s'", len(facts), resource.Project, resource.Environment, source) - } + slog.Debug("Matched facts", + "Number", len(facts), + "ProjectName", resource.Project, + "EnvironmentId", resource.Environment, + "Source", source, + ) if len(facts) > 0 { apiErr := h.pushFactsToLagoonApi(facts, resource) @@ -377,7 +384,14 @@ func (h *Messaging) deleteExistingFactsBySource(apiClient graphql.Client, enviro return err } - log.Printf("Previous facts deleted for '%s:%s' and source '%s'", project.Name, environment.Name, source) + slog.Info("Previous facts deleted", + "ProjectId", project.Id, + "ProjectName", project.Name, + "EnvironmentId", environment.Id, + "EnvironmentName", environment.Name, + "Source", source, + ) + return nil } @@ -428,7 +442,7 @@ func (h *Messaging) sendToLagoonS3(incoming *InsightsMessage, insights InsightsD return err } } else { - log.Printf("Successfully created %s", h.S3Config.Bucket) + slog.Info(fmt.Sprintf("Successfully created %s", h.S3Config.Bucket)) } if len(incoming.Payload) != 0 { @@ -447,14 +461,14 @@ func (h *Messaging) sendToLagoonS3(incoming *InsightsMessage, insights InsightsD return putObjErr } - log.Printf("Successfully uploaded %s of size %d", objectName, info.Size) + slog.Info(fmt.Sprintf("Successfully uploaded %s of size %d", objectName, info.Size)) } if len(incoming.BinaryPayload) != 0 { for _, p := range incoming.BinaryPayload { result, err := decodeGzipString(p) if err != nil { - fmt.Errorf(err.Error()) + return err } resultJson, _ := json.MarshalIndent(result, "", " ") @@ -472,7 +486,7 @@ func (h *Messaging) sendToLagoonS3(incoming *InsightsMessage, insights InsightsD if insights.OutputCompressed != true { err = ioutil.WriteFile(tempFilePath, resultJson, 0644) if err != nil { - fmt.Errorf(err.Error()) + return err } } else { var buf bytes.Buffer @@ -481,7 +495,7 @@ func (h *Messaging) sendToLagoonS3(incoming *InsightsMessage, insights InsightsD gz.Close() err = ioutil.WriteFile(tempFilePath, buf.Bytes(), 0644) if err != nil { - fmt.Errorf(err.Error()) + return err } } @@ -491,13 +505,13 @@ func (h *Messaging) sendToLagoonS3(incoming *InsightsMessage, insights InsightsD ContentEncoding: contentEncoding, }) if err != nil { - fmt.Errorf(err.Error()) + return err } - log.Printf("Successfully uploaded %s of size %d\n", s3FilePath, info.Size) + slog.Info(fmt.Sprintf("Successfully uploaded %s of size %d", s3FilePath, info.Size)) err = os.Remove(tempFilePath) if err != nil { - fmt.Errorf(err.Error()) + return err } } } @@ -507,11 +521,16 @@ func (h *Messaging) sendToLagoonS3(incoming *InsightsMessage, insights InsightsD // pushFactsToLagoonApi acts as the interface between GraphQL and internal Types func (h *Messaging) pushFactsToLagoonApi(facts []LagoonFact, resource ResourceDestination) error { + + logger := slog.With( + "ProjectName", resource.Project, + "EnvironmentName", resource.Environment, + ) apiClient := graphql.NewClient(h.LagoonAPI.Endpoint, &http.Client{Transport: &authedTransport{wrapped: http.DefaultTransport, h: h}}) - if EnableDebug { - log.Printf("[DEBUG] attempting to add %d fact(s)...", len(facts)) - } + slog.Debug("Attempting to add facts", + "Number", len(facts), + ) processedFacts := make([]lagoonclient.AddFactInput, len(facts)) for i, fact := range facts { @@ -526,6 +545,7 @@ func (h *Messaging) pushFactsToLagoonApi(facts []LagoonFact, resource ResourceDe Type: lagoonclient.FactType(fact.Type), Category: fact.Category, } + } result, err := lagoonclient.AddFacts(context.TODO(), apiClient, processedFacts) @@ -535,11 +555,13 @@ func (h *Messaging) pushFactsToLagoonApi(facts []LagoonFact, resource ResourceDe if h.EnableDebug { for _, fact := range facts { - log.Println("[DEBUG]", fact.Name, ":", fact.Value) + logger.Debug("Added fact", "Name", fact.Name, "Value", fact.Value) } } - log.Println(result) + logger.Debug("Response from API", + "result", result, + ) return nil } @@ -562,6 +584,7 @@ func decodeGzipString(encodedString string) (result interface{}, err error) { return data, nil } +// TODO: this seems to be dead code. Remove? func scanKeyFactsFile(file string) ([]string, error) { var expectedKeyFacts []string @@ -583,8 +606,11 @@ func scanKeyFactsFile(file string) ([]string, error) { } } if err := sc.Err(); err != nil { - log.Fatalf("scan file error: %v", err) - return nil, err + //TODO: Note that the pre-refactored behaviour is a FatalF, which should just exit the service completely + //log.Fatalf("scan file error: %v", err) + //return nil, err + slog.Error("Scan file Error", "Error", err.Error()) + os.Exit(1) } return expectedKeyFacts, nil } @@ -593,13 +619,13 @@ func scanKeyFactsFile(file string) ([]string, error) { func (h *Messaging) toLagoonInsights(messageQueue mq.MQ, message map[string]interface{}) { msgBytes, err := json.Marshal(message) if err != nil { - if h.EnableDebug { - log.Println("[DEBUG]", err, "Unable to encode message as JSON") - } + // TODO: BETTER ERROR HANDLING + slog.Debug("Unable to encode message as JSON", "Error", err.Error()) } producer, err := messageQueue.AsyncProducer("lagoon-insights") if err != nil { - log.Println(fmt.Sprintf("Failed to get async producer: %v", err)) + // TODO: BETTER ERROR HANDLING + slog.Debug("Failed to get async producer", "Error", err.Error()) return } producer.Produce(msgBytes) diff --git a/internal/handler/main_test.go b/internal/handler/main_test.go index 7d0c7de..f23bed8 100644 --- a/internal/handler/main_test.go +++ b/internal/handler/main_test.go @@ -3,6 +3,7 @@ package handler import ( "fmt" "io/ioutil" + "log/slog" "net/http" "net/http/httptest" "os" @@ -200,7 +201,7 @@ func Test_processFactsFromSBOM(t *testing.T) { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - got := processFactsFromSBOM(tt.args.bom, tt.args.environmentId, tt.args.source) + got := processFactsFromSBOM(slog.Default(), tt.args.bom, tt.args.environmentId, tt.args.source) if len(got) != len(tt.want) { t.Errorf("processFactsFromSBOM() returned %d results, want %d", len(got), len(tt.want)) } diff --git a/internal/handler/messaging.go b/internal/handler/messaging.go index 1c7f643..f8582cb 100644 --- a/internal/handler/messaging.go +++ b/internal/handler/messaging.go @@ -4,7 +4,7 @@ import ( "encoding/json" "fmt" "github.com/cheshir/go-mq" - "log" + "log/slog" "sort" "strconv" ) @@ -44,7 +44,7 @@ func (h *Messaging) processMessageQueue(message mq.Message) { // Ack to remove from queue err := message.Ack(false) if err != nil { - fmt.Printf("Failed to acknowledge message: %s\n", err.Error()) + slog.Error("Failed to acknowledge message", "Error", err.Error()) } } }(message) @@ -54,7 +54,7 @@ func (h *Messaging) processMessageQueue(message mq.Message) { // Ack to remove from queue err := message.Reject(requeue) if err != nil { - fmt.Printf("Failed to requect message: %s\n", err.Error()) + slog.Error("Failed to reject message", "Error", err.Error()) } } }(message) @@ -72,9 +72,7 @@ func (h *Messaging) processMessageQueue(message mq.Message) { // the extra processing below. if incoming.Type == "direct.facts" { resp := processFactsDirectly(message, h) - if h.EnableDebug { - log.Println(resp) - } + slog.Debug(resp) acknowledgeMessage() return } @@ -83,7 +81,7 @@ func (h *Messaging) processMessageQueue(message mq.Message) { resp, _ := processProblemsDirectly(message, h) if h.EnableDebug { for _, d := range resp { - log.Println(d) + slog.Debug(d) } } acknowledgeMessage() @@ -151,9 +149,7 @@ func (h *Messaging) processMessageQueue(message mq.Message) { // Determine incoming payload type if incoming.Payload == nil && incoming.BinaryPayload == nil { - if h.EnableDebug { - log.Printf("[DEBUG] no payload was found") - } + slog.Debug("No payload was found - rejecting message and exiting") rejectMessage(false) return } @@ -165,18 +161,22 @@ func (h *Messaging) processMessageQueue(message mq.Message) { } // Debug - if h.EnableDebug { - log.Println("[DEBUG] insights:", insights) - log.Println("[DEBUG] target:", resource) - } + //if h.EnableDebug { + // log.Println("[DEBUG] insights:", insights) + // log.Println("[DEBUG] target:", resource) + //} + slog.Debug("Insights", "data", fmt.Sprint(insights)) + slog.Debug("Target", "data", fmt.Sprint(resource)) // Process s3 upload if !h.S3Config.Disabled { if insights.InsightsType != Direct { err := h.sendToLagoonS3(incoming, insights, resource) if err != nil { - log.Printf("Unable to send to S3: %s", err.Error()) - // TODO: do we reque here? Reject + //log.Printf("Unable to send to S3: %s", err.Error()) + slog.Error("Unable to send to S3", "Error", err.Error()) + + // TODO: BETTER ERROR HANDLING } } } @@ -187,12 +187,13 @@ func (h *Messaging) processMessageQueue(message mq.Message) { insights.InsightsType != Image && insights.InsightsType != Raw && insights.InsightsType != Direct { - log.Println("only 'sbom', 'direct', 'raw', and 'image' types are currently supported for api processing") + slog.Error("only 'sbom', 'direct', 'raw', and 'image' types are currently supported for api processing") } else { err := h.sendToLagoonAPI(incoming, resource, insights) if err != nil { - log.Printf("Unable to send to the api: %s", err.Error()) + //log.Printf("Unable to send to the api: %s", err.Error()) + slog.Error("Unable to send to the API", "Error", err.Error()) rejectMessage(false) return } diff --git a/internal/handler/processing.go b/internal/handler/processing.go index 16f5d1a..a873fbb 100644 --- a/internal/handler/processing.go +++ b/internal/handler/processing.go @@ -6,7 +6,7 @@ import ( "github.com/Khan/genqlient/graphql" "github.com/cheshir/go-mq" "github.com/uselagoon/lagoon/services/insights-handler/internal/lagoonclient" - "log" + "log/slog" "net/http" "strconv" ) @@ -15,23 +15,26 @@ import ( func processFactsDirectly(message mq.Message, h *Messaging) string { var directFacts DirectFacts + json.Unmarshal(message.Body(), &directFacts) err := json.Unmarshal(message.Body(), &directFacts) if err != nil { - log.Println("Error unmarshaling JSON:", err.Error()) + slog.Error("Could not unmarshal data", "Error", err.Error()) return "exciting, unable to process direct facts" } - // since its useful to allow int and string json definitions, we need to convert strings here to ints. + // since it's useful to allow int and string json definitions, we need to convert strings here to ints. environmentId, err := strconv.Atoi(directFacts.EnvironmentId.String()) if err != nil { - log.Println("Error converting EnvironmentId to int:", err) + slog.Error("Error converting EnvironmentId to int", "Error", err) return "exciting, unable to process direct facts" } - if h.EnableDebug { - log.Print("[DEBUG] facts", directFacts) - } + //if h.EnableDebug { + // log.Print("[DEBUG] facts", directFacts) + //} + // + slog.Debug("Facts info", "data", directFacts) apiClient := graphql.NewClient(h.LagoonAPI.Endpoint, &http.Client{Transport: &authedTransport{wrapped: http.DefaultTransport, h: h}}) @@ -61,14 +64,28 @@ func processFactsDirectly(message mq.Message, h *Messaging) string { for _, s := range factSources { _, err = lagoonclient.DeleteFactsFromSource(context.TODO(), apiClient, environmentId, s) if err != nil { - log.Println(err) + + slog.Error("Error deleting facts from source", + "EnvironmentId", directFacts.EnvironmentId, + "ProjectName", directFacts.ProjectName, + "EnvironmentName", directFacts.EnvironmentName, + "Source", s, + "Error", err, + ) } - log.Printf("Deleted facts on '%v:%v' for source %v\n", directFacts.ProjectName, directFacts.EnvironmentName, s) + //log.Printf("Deleted facts on '%v:%v' for source %v\n", directFacts.ProjectName, directFacts.EnvironmentName, s) + slog.Info("Deleted facts", + "EnvironmentId", directFacts.EnvironmentId, + "ProjectName", directFacts.ProjectName, + "EnvironmentName", directFacts.EnvironmentName, + "Source", s, + ) } facts, err := lagoonclient.AddFacts(context.TODO(), apiClient, processedFacts) if err != nil { - log.Println(err) + //log.Println(err) + slog.Error("Issue adding facts", "Error", err.Error()) } return facts @@ -77,16 +94,13 @@ func processFactsDirectly(message mq.Message, h *Messaging) string { func processProblemsDirectly(message mq.Message, h *Messaging) ([]string, error) { var directProblems DirectProblems json.Unmarshal(message.Body(), &directProblems) - log.Println(directProblems) err := json.Unmarshal(message.Body(), &directProblems) if err != nil { - log.Println("Error unmarshaling JSON:", err) + slog.Error("Could not unmarshal JSON", "Error", err) return []string{}, err } - if h.EnableDebug { - log.Print("[DEBUG] problems", directProblems) - } + slog.Debug("Problems data", "data", directProblems) apiClient := graphql.NewClient(h.LagoonAPI.Endpoint, &http.Client{Transport: &authedTransport{wrapped: http.DefaultTransport, h: h}}) @@ -114,15 +128,20 @@ func processProblemsDirectly(message mq.Message, h *Messaging) ([]string, error) for _, s := range problemSources { _, err := lagoonclient.DeleteProblemsFromSource(context.TODO(), apiClient, directProblems.EnvironmentId, s.Service, s.Source) if err != nil { - log.Println(err) //This could potentially mess up the state if we've already deleted source info, might return []string{}, err } - log.Printf("Deleted Problems on '%v:%v' for source %v\n", directProblems.ProjectName, directProblems.EnvironmentName, s) + + slog.Info("Deleted problems", + "EnvironmentId", directProblems.EnvironmentId, + "ProjectName", directProblems.ProjectName, + "EnvironmentName", directProblems.EnvironmentName, + "Source", s, + ) } resptext, err := lagoonclient.AddProblems(context.TODO(), apiClient, directProblems.Problems) if err != nil { - log.Println(err) + return []string{}, err } return resptext, nil diff --git a/internal/handler/testassets/nginxcyclonedxpayload.json b/internal/handler/testassets/nginxcyclonedxpayload.json index e51db52..40145a6 100644 --- a/internal/handler/testassets/nginxcyclonedxpayload.json +++ b/internal/handler/testassets/nginxcyclonedxpayload.json @@ -1 +1 @@ -{"payload":null,"binaryPayload":{"nginx.cyclonedx.json.gz":""},"annotations":null,"labels":{"lagoon.sh/buildName":"lagoon-build-qwexoc","lagoon.sh/environment":"master","lagoon.sh/insightsType":"sbom-gz","lagoon.sh/project":"high-cotton","lagoon.sh/service":"nginx"}} \ No newline at end of file +{"payload":null,"binaryPayload":{"nginx.cyclonedx.json.gz":""},"annotations":null,"labels":{"lagoon.sh/buildName":"lagoon-build-qwexoc","lagoon.sh/environment":"main","lagoon.sh/insightsType":"sbom-gz","lagoon.sh/project":"organization-cotton","lagoon.sh/service":"nginx"}} \ No newline at end of file diff --git a/internal/handler/trivyProcessing.go b/internal/handler/trivyProcessing.go index 7aa8178..a6594aa 100644 --- a/internal/handler/trivyProcessing.go +++ b/internal/handler/trivyProcessing.go @@ -8,9 +8,11 @@ import ( "github.com/Khan/genqlient/graphql" "github.com/aquasecurity/trivy/pkg/commands/artifact" "github.com/aquasecurity/trivy/pkg/flag" + aqualog "github.com/aquasecurity/trivy/pkg/log" "github.com/aquasecurity/trivy/pkg/types" "github.com/uselagoon/lagoon/services/insights-handler/internal/lagoonclient" "io" + "log/slog" "net/http" "os" "strings" @@ -83,7 +85,12 @@ func writeProblemsArrayToApi(apiClient graphql.Client, environment int, source s if err != nil { return err } - fmt.Printf("Deleted problems from API for %v:%v - response: %v\n", service, source, ret) + //fmt.Printf("Deleted problems from API for %v:%v - response: %v\n", service, source, ret) + slog.Info("Deleted problems from API", + "Service", service, + "Source", source, + "Return Data", ret, + ) //now we write the problems themselves _, err = lagoonclient.AddProblems(context.TODO(), apiClient, problems) @@ -145,7 +152,6 @@ func executeProcessingTrivy(trivyRemoteAddress string, bomWriteDir string, bom c os.Remove(fullFilename) file.Close() }() - ctx, cancel := context.WithTimeout(context.Background(), time.Second*1000) defer cancel() @@ -239,7 +245,18 @@ func trivyReportToProblems(environment int, source string, service string, repor ret = append(ret, p) } } - fmt.Printf("Found %v problems for environment %v\n", len(ret), environment) + //fmt.Printf("Found %v problems for environment %v\n", len(ret), environment) + slog.Info("Found problems", + "EnvironmentId", environment, + "Source", source, + "Number", len(ret), + ) return ret, nil } + +func init() { + // Ensure that logging is turned off for Zap so that our logs aren't smashed by Trivy. + // Only errors are used for output + aqualog.InitLogger(false, true) +} diff --git a/internal/handler/trivyProcessing_test.go b/internal/handler/trivyProcessing_test.go index 90baddd..5b3114f 100644 --- a/internal/handler/trivyProcessing_test.go +++ b/internal/handler/trivyProcessing_test.go @@ -2,7 +2,6 @@ package handler import ( "encoding/json" - "fmt" "github.com/CycloneDX/cyclonedx-go" "github.com/aquasecurity/trivy/pkg/types" "github.com/goccy/go-yaml" @@ -43,7 +42,6 @@ func Test_convertBOMToProblemsArray(t *testing.T) { var bom cyclonedx.BOM json.Unmarshal(bomText, &bom) got, err := convertBOMToProblemsArray(tt.args.environment, tt.args.source, tt.args.service, bom) - fmt.Print(len(got)) if (err != nil) != tt.wantErr { t.Errorf("convertBOMToProblemsArray() error = %v, wantErr %v", err, tt.wantErr) return diff --git a/main.go b/main.go index 95c8ec7..9c23bca 100644 --- a/main.go +++ b/main.go @@ -3,13 +3,12 @@ package main import ( "flag" "fmt" - "log" + "github.com/cheshir/go-mq" + "github.com/uselagoon/lagoon/services/insights-handler/internal/handler" + "log/slog" "os" "strconv" "time" - - "github.com/cheshir/go-mq" - "github.com/uselagoon/lagoon/services/insights-handler/internal/handler" ) var ( @@ -101,15 +100,26 @@ func main() { disableS3Upload = getEnvBool("INSIGHTS_DISABLE_S3_UPLOAD", disableS3Upload) problemsFromSBOM = getEnvBool("PROBLEMS_FROM_SBOM", problemsFromSBOM) trivyServerEndpoint = getEnv("TRIVY_SERVER_ENDPOINT", trivyServerEndpoint) + enableDebug = getEnvBool("ENABLE_DEBUG", enableDebug) + // First we set up the default logger for the project + + // If we enable debugging, we set the logging level to output debug for the default logger. + // This means we don't need to wrap debug info, simply log it at the right level + debugLevel := slog.LevelInfo + if enableDebug { + debugLevel = slog.LevelDebug + } + + slog.SetDefault(slog.New(slog.NewJSONHandler(os.Stdout, &slog.HandlerOptions{ + Level: debugLevel, + }))) + slog.Debug("problemsFromSBOM", "status", problemsFromSBOM) if problemsFromSBOM == true { - log.Println("PROBLEMS FROM SBOM - enabled") if trivyServerEndpoint == "" { - log.Fatalf("NO TRIVY SERVER ENDPOINT SET - exiting") + slog.Error("NO TRIVY SERVER ENDPOINT SET - exiting") os.Exit(1) } - } else { - log.Println("PROBLEMS FROM SBOM - disabled") } // configure the backup handler settings @@ -138,20 +148,14 @@ func main() { Disabled: disableS3Upload, } - if disableS3Upload == true { - fmt.Println("Disabled S3 upload is true") - } else { - fmt.Println("Disabled S3 upload is false") - } + slog.Debug("disableS3Upload", "status", disableS3Upload) - log.Println("Registering Fact Filters/Transformer") err := handler.RegisterFiltersFromDisk(filterTransformerFile) if err != nil { - log.Println(err) + // TODO: BETTER ERROR HANDLING + slog.Error("Unable to register filters from disk", "Error", err) } - log.Println("insights-handler running...") - config := mq.Config{ ReconnectDelay: time.Duration(rabbitReconnectRetryInterval) * time.Second, Exchanges: mq.Exchanges{ @@ -205,6 +209,7 @@ func main() { ) // start the consumer + //slog.Info("insights-handler is started-up") messaging.Consumer() }