From 8922aa82f0d624a25d22074cbaeb8cce254f15a4 Mon Sep 17 00:00:00 2001 From: Simar Date: Thu, 9 Nov 2023 18:26:30 -0700 Subject: [PATCH 1/4] feat(misconf): Expose debug logs with `--debug` option Addresses: https://github.com/aquasecurity/trivy/issues/5395 Signed-off-by: Simar --- pkg/cloud/aws/scanner/scanner.go | 10 +++++----- pkg/commands/artifact/run.go | 1 + pkg/misconf/scanner.go | 13 +++++++++++++ 3 files changed, 19 insertions(+), 5 deletions(-) diff --git a/pkg/cloud/aws/scanner/scanner.go b/pkg/cloud/aws/scanner/scanner.go index eac5f73d039d..6cf062504753 100644 --- a/pkg/cloud/aws/scanner/scanner.go +++ b/pkg/cloud/aws/scanner/scanner.go @@ -44,11 +44,11 @@ func (s *AWSScanner) Scan(ctx context.Context, option flag.Options) (scan.Result } if option.Debug { - scannerOpts = append(scannerOpts, options.ScannerWithDebug(&defsecLogger{})) + scannerOpts = append(scannerOpts, options.ScannerWithDebug(&DebugLogger{})) } if option.Trace { - scannerOpts = append(scannerOpts, options.ScannerWithTrace(&defsecLogger{})) + scannerOpts = append(scannerOpts, options.ScannerWithTrace(&DebugLogger{})) } if option.Region != "" { @@ -160,11 +160,11 @@ func createState(freshState *state.State, awsCache *cache.Cache) (*state.State, return fullState, nil } -type defsecLogger struct { +type DebugLogger struct { } -func (d *defsecLogger) Write(p []byte) (n int, err error) { - log.Logger.Debug("[defsec] " + strings.TrimSpace(string(p))) +func (d *DebugLogger) Write(p []byte) (n int, err error) { + log.Logger.Debug("[aws] " + strings.TrimSpace(string(p))) return len(p), nil } func addPolicyNamespaces(namespaces []string, scannerOpts []options.ScannerOption) []options.ScannerOption { diff --git a/pkg/commands/artifact/run.go b/pkg/commands/artifact/run.go index 5baa61787a57..53c64b5a7466 100644 --- a/pkg/commands/artifact/run.go +++ b/pkg/commands/artifact/run.go @@ -574,6 +574,7 @@ func initScannerConfig(opts flag.Options, cacheClient cache.Cache) (ScannerConfi disableEmbedded = true } configScannerOptions = misconf.ScannerOption{ + Debug: opts.Debug, Trace: opts.Trace, Namespaces: append(opts.PolicyNamespaces, defaultPolicyNamespaces...), PolicyPaths: append(opts.PolicyPaths, downloadedPolicyPaths...), diff --git a/pkg/misconf/scanner.go b/pkg/misconf/scanner.go index 39e6030e6d44..75eb740beb9f 100644 --- a/pkg/misconf/scanner.go +++ b/pkg/misconf/scanner.go @@ -44,6 +44,7 @@ var enabledDefsecTypes = map[detection.FileType]types.ConfigType{ } type ScannerOption struct { + Debug bool Trace bool RegoOnly bool Namespaces []string @@ -67,6 +68,14 @@ func (o *ScannerOption) Sort() { sort.Strings(o.DataPaths) } +type DebugLogger struct { +} + +func (d *DebugLogger) Write(p []byte) (n int, err error) { + log.Logger.Debug("[misconf] " + strings.TrimSpace(string(p))) + return len(p), nil +} + type Scanner struct { fileType detection.FileType scanner scanners.FSScanner @@ -257,6 +266,10 @@ func scannerOptions(t detection.FileType, opt ScannerOption) ([]options.ScannerO options.ScannerWithDataFilesystem(dataFS), ) + if opt.Debug { + opts = append(opts, options.ScannerWithDebug(&DebugLogger{})) + } + if opt.Trace { opts = append(opts, options.ScannerWithPerResultTracing(true)) } From 7a0b71af3a1dc7745fe8ec66f10f6842675195b7 Mon Sep 17 00:00:00 2001 From: Simar Date: Fri, 10 Nov 2023 21:09:35 -0700 Subject: [PATCH 2/4] refactor debuglogger into pkg/log --- pkg/cloud/aws/scanner/scanner.go | 20 ++++++++++---------- pkg/log/logger.go | 10 ++++++++++ pkg/misconf/scanner.go | 16 ++++++++-------- 3 files changed, 28 insertions(+), 18 deletions(-) diff --git a/pkg/cloud/aws/scanner/scanner.go b/pkg/cloud/aws/scanner/scanner.go index 6cf062504753..502b027aeae0 100644 --- a/pkg/cloud/aws/scanner/scanner.go +++ b/pkg/cloud/aws/scanner/scanner.go @@ -4,7 +4,6 @@ import ( "context" "fmt" "io/fs" - "strings" "golang.org/x/xerrors" @@ -44,11 +43,11 @@ func (s *AWSScanner) Scan(ctx context.Context, option flag.Options) (scan.Result } if option.Debug { - scannerOpts = append(scannerOpts, options.ScannerWithDebug(&DebugLogger{})) + scannerOpts = append(scannerOpts, options.ScannerWithDebug(&log.DebugLogger{Name: "aws"})) } if option.Trace { - scannerOpts = append(scannerOpts, options.ScannerWithTrace(&DebugLogger{})) + scannerOpts = append(scannerOpts, options.ScannerWithTrace(&log.DebugLogger{Name: "aws"})) } if option.Region != "" { @@ -160,13 +159,14 @@ func createState(freshState *state.State, awsCache *cache.Cache) (*state.State, return fullState, nil } -type DebugLogger struct { -} - -func (d *DebugLogger) Write(p []byte) (n int, err error) { - log.Logger.Debug("[aws] " + strings.TrimSpace(string(p))) - return len(p), nil -} +// type DebugLogger struct { +// name string +// } +// +// func (d *DebugLogger) Write(p []byte) (n int, err error) { +// log.Logger.Debug("[aws] " + strings.TrimSpace(string(p))) +// return len(p), nil +// } func addPolicyNamespaces(namespaces []string, scannerOpts []options.ScannerOption) []options.ScannerOption { if len(namespaces) > 0 { scannerOpts = append( diff --git a/pkg/log/logger.go b/pkg/log/logger.go index bc0f401cadab..6e92b98286fe 100644 --- a/pkg/log/logger.go +++ b/pkg/log/logger.go @@ -3,6 +3,7 @@ package log import ( "os" "runtime" + "strings" xlog "github.com/masahiro331/go-xfs-filesystem/log" "go.uber.org/zap" @@ -121,3 +122,12 @@ func String(key, val string) zap.Field { } return zap.String(key, val) } + +type DebugLogger struct { + Name string +} + +func (d *DebugLogger) Write(p []byte) (n int, err error) { + Logger.Debugf("[%s] %s", d.Name, strings.TrimSpace(string(p))) + return len(p), nil +} diff --git a/pkg/misconf/scanner.go b/pkg/misconf/scanner.go index 75eb740beb9f..90e0f6d7582d 100644 --- a/pkg/misconf/scanner.go +++ b/pkg/misconf/scanner.go @@ -68,13 +68,13 @@ func (o *ScannerOption) Sort() { sort.Strings(o.DataPaths) } -type DebugLogger struct { -} - -func (d *DebugLogger) Write(p []byte) (n int, err error) { - log.Logger.Debug("[misconf] " + strings.TrimSpace(string(p))) - return len(p), nil -} +//type DebugLogger struct { +//} +// +//func (d *DebugLogger) Write(p []byte) (n int, err error) { +// log.Logger.Debug("[misconf] " + strings.TrimSpace(string(p))) +// return len(p), nil +//} type Scanner struct { fileType detection.FileType @@ -267,7 +267,7 @@ func scannerOptions(t detection.FileType, opt ScannerOption) ([]options.ScannerO ) if opt.Debug { - opts = append(opts, options.ScannerWithDebug(&DebugLogger{})) + opts = append(opts, options.ScannerWithDebug(&log.DebugLogger{Name: "misconf"})) } if opt.Trace { From 7603035c2e202502eab8ffad0e53611bd347ebcf Mon Sep 17 00:00:00 2001 From: Simar Date: Tue, 14 Nov 2023 17:54:01 -0700 Subject: [PATCH 3/4] fix lint --- pkg/cloud/aws/scanner/scanner.go | 8 -------- pkg/misconf/scanner.go | 8 -------- 2 files changed, 16 deletions(-) diff --git a/pkg/cloud/aws/scanner/scanner.go b/pkg/cloud/aws/scanner/scanner.go index 502b027aeae0..f6d67c3aaeaf 100644 --- a/pkg/cloud/aws/scanner/scanner.go +++ b/pkg/cloud/aws/scanner/scanner.go @@ -159,14 +159,6 @@ func createState(freshState *state.State, awsCache *cache.Cache) (*state.State, return fullState, nil } -// type DebugLogger struct { -// name string -// } -// -// func (d *DebugLogger) Write(p []byte) (n int, err error) { -// log.Logger.Debug("[aws] " + strings.TrimSpace(string(p))) -// return len(p), nil -// } func addPolicyNamespaces(namespaces []string, scannerOpts []options.ScannerOption) []options.ScannerOption { if len(namespaces) > 0 { scannerOpts = append( diff --git a/pkg/misconf/scanner.go b/pkg/misconf/scanner.go index 90e0f6d7582d..5768940e915b 100644 --- a/pkg/misconf/scanner.go +++ b/pkg/misconf/scanner.go @@ -68,14 +68,6 @@ func (o *ScannerOption) Sort() { sort.Strings(o.DataPaths) } -//type DebugLogger struct { -//} -// -//func (d *DebugLogger) Write(p []byte) (n int, err error) { -// log.Logger.Debug("[misconf] " + strings.TrimSpace(string(p))) -// return len(p), nil -//} - type Scanner struct { fileType detection.FileType scanner scanners.FSScanner From d9389f779f184a58e7d9ecdf33b8f043751642f2 Mon Sep 17 00:00:00 2001 From: Simar Date: Tue, 14 Nov 2023 20:33:23 -0700 Subject: [PATCH 4/4] rename logger --- pkg/cloud/aws/scanner/scanner.go | 4 ++-- pkg/log/logger.go | 4 ++-- pkg/misconf/scanner.go | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/pkg/cloud/aws/scanner/scanner.go b/pkg/cloud/aws/scanner/scanner.go index f6d67c3aaeaf..9c0514691c7c 100644 --- a/pkg/cloud/aws/scanner/scanner.go +++ b/pkg/cloud/aws/scanner/scanner.go @@ -43,11 +43,11 @@ func (s *AWSScanner) Scan(ctx context.Context, option flag.Options) (scan.Result } if option.Debug { - scannerOpts = append(scannerOpts, options.ScannerWithDebug(&log.DebugLogger{Name: "aws"})) + scannerOpts = append(scannerOpts, options.ScannerWithDebug(&log.PrefixedLogger{Name: "aws"})) } if option.Trace { - scannerOpts = append(scannerOpts, options.ScannerWithTrace(&log.DebugLogger{Name: "aws"})) + scannerOpts = append(scannerOpts, options.ScannerWithTrace(&log.PrefixedLogger{Name: "aws"})) } if option.Region != "" { diff --git a/pkg/log/logger.go b/pkg/log/logger.go index 6e92b98286fe..b25e1395b5dd 100644 --- a/pkg/log/logger.go +++ b/pkg/log/logger.go @@ -123,11 +123,11 @@ func String(key, val string) zap.Field { return zap.String(key, val) } -type DebugLogger struct { +type PrefixedLogger struct { Name string } -func (d *DebugLogger) Write(p []byte) (n int, err error) { +func (d *PrefixedLogger) Write(p []byte) (n int, err error) { Logger.Debugf("[%s] %s", d.Name, strings.TrimSpace(string(p))) return len(p), nil } diff --git a/pkg/misconf/scanner.go b/pkg/misconf/scanner.go index 5768940e915b..01bda19280c8 100644 --- a/pkg/misconf/scanner.go +++ b/pkg/misconf/scanner.go @@ -259,7 +259,7 @@ func scannerOptions(t detection.FileType, opt ScannerOption) ([]options.ScannerO ) if opt.Debug { - opts = append(opts, options.ScannerWithDebug(&log.DebugLogger{Name: "misconf"})) + opts = append(opts, options.ScannerWithDebug(&log.PrefixedLogger{Name: "misconf"})) } if opt.Trace {