Skip to content

Commit

Permalink
addressed comments
Browse files Browse the repository at this point in the history
Signed-off-by: Atul-source <atulprajapati6031@gmail.com>
  • Loading branch information
Atul-source committed Sep 5, 2024
1 parent 93fd4ee commit 4d40211
Show file tree
Hide file tree
Showing 16 changed files with 317 additions and 356 deletions.
36 changes: 4 additions & 32 deletions .github/workflows/codeql.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ jobs:
actions: read
contents: read
security-events: write

strategy:
fail-fast: false
matrix:
Expand All @@ -39,40 +39,12 @@ jobs:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

- name: Checkout repository
uses: actions/checkout@2d7d9f7ff5b310f983d059b68785b3c74d8b8edd
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332

- name: Initialize CodeQL
uses: github/codeql-action/init@e1f83c153a6cb7134f035e16e2626b216e7168c9
uses: github/codeql-action/init@4dd16135b69a43b6c8efb853346f8437d92d3c93
with:
languages: ${{ matrix.language }}

- name: Autobuild
uses: github/codeql-action/autobuild@9e39a05578dd315aad814d3c71bd03472cc5b815

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@4067cdab784c667cf1b7fa95169f3a0e0a381d63
with:
category: "/language:${{matrix.language}}"
output: sarif-results
upload: failure-only

- name: filter-sarif
uses: advanced-security/filter-sarif@59d0a64b3c0a34d787819f6659708915b6210582
with:
patterns: |
+**/*.go
-artifact/artifact.go
input: sarif-results/go.sarif
output: sarif-results/go.sarif

- name: Upload SARIF
uses: github/codeql-action/upload-sarif@2bbafcdd7fbf96243689e764c2f15d9735164f33
with:
sarif_file: sarif-results/go.sarif

- name: Upload loc as a Build Artifact
uses: actions/upload-artifact@b18b1d32f3f31abcdc29dee3f2484801fe7822f4
with:
name: sarif-results
path: sarif-results
retention-days: 1
uses: github/codeql-action/analyze@4dd16135b69a43b6c8efb853346f8437d92d3c93
2 changes: 1 addition & 1 deletion apis/handlers/addprog.go
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ func AddEbpfPrograms(ctx context.Context, bpfcfg *bpfprogs.NFConfigs) http.Handl
}(&mesg, &statusCode)
if models.IsReadOnly {
log.Warn().Msgf("We are in Between Restart Please try after some time")
mesg = "We are in Between Restart Please try after some time"
mesg = "We are currently in the middle of a restart. Please attempt again after a while."
return
}
defer DecWriteReq()
Expand Down
2 changes: 1 addition & 1 deletion apis/handlers/deleteprog.go
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ func DeleteEbpfPrograms(ctx context.Context, bpfcfg *bpfprogs.NFConfigs) http.Ha
}(&mesg, &statusCode)
if models.IsReadOnly {
log.Warn().Msgf("We are in Between Restart Please try after some time")
mesg = "We are in Between Restart Please try after some time"
mesg = "We are currently in the middle of a restart. Please attempt again after a while."
return
}
defer DecWriteReq()
Expand Down
60 changes: 19 additions & 41 deletions apis/handlers/restart_linux.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,14 +11,13 @@ import (
"net"
"os"
"os/exec"
"regexp"
"path/filepath"
"strconv"
"strings"
"syscall"
"time"

"net/http"
"net/url"

"github.com/rs/zerolog/log"

Expand Down Expand Up @@ -50,7 +49,7 @@ func HandleRestart(bpfcfg *bpfprogs.NFConfigs) http.HandlerFunc {
}(&mesg, &statusCode)
if models.IsReadOnly {
log.Warn().Msgf("We are in Between Restart Please try after some time")
mesg = "We are in Between Restart Please try after some time"
mesg = "We are currently in the middle of a restart. Please attempt again after a while."
statusCode = http.StatusInternalServerError
return
}
Expand All @@ -73,14 +72,6 @@ func HandleRestart(bpfcfg *bpfprogs.NFConfigs) http.HandlerFunc {
statusCode = http.StatusInternalServerError
return
}

match, _ := regexp.MatchString(`^v\d+\.\d+\.\d+$`, t.Version)
if !match {
mesg = "version naming convention is wrong it will like vx.y.z"
log.Error().Msg(mesg)
statusCode = http.StatusInternalServerError
return
}
machineHostname, err := os.Hostname()
if err != nil {
mesg = "failed to get os hostname"
Expand All @@ -94,25 +85,6 @@ func HandleRestart(bpfcfg *bpfprogs.NFConfigs) http.HandlerFunc {
statusCode = http.StatusInternalServerError
return
}
URL, err := url.Parse(t.ArtifactURL)
if err != nil {
mesg = "url format is wrong"
log.Error().Msg(mesg)
statusCode = http.StatusInternalServerError
return
}
if URL.Scheme != models.HttpScheme && URL.Scheme != models.FileScheme && URL.Scheme != models.HttpsScheme {
mesg = "currently only http,https,file is supported"
log.Error().Msg(mesg)
statusCode = http.StatusInternalServerError
return
}
if strings.Contains(t.ArtifactURL, "..") {
mesg = "bad string"
log.Error().Msg(mesg)
statusCode = http.StatusInternalServerError
return
}
defer func() {
models.IsReadOnly = false
}()
Expand All @@ -128,14 +100,14 @@ func HandleRestart(bpfcfg *bpfprogs.NFConfigs) http.HandlerFunc {
time.Sleep(time.Millisecond)
}

oldCfgPath, err := restart.ReadSymlink(bpfcfg.HostConfig.BasePath + "/latest/l3afd.cfg")
oldCfgPath, err := restart.ReadSymlink(filepath.Join(bpfcfg.HostConfig.BasePath, "latest/l3afd.cfg"))
if err != nil {
mesg = fmt.Sprintf("failed read symlink: %v", err)
log.Error().Msg(mesg)
statusCode = http.StatusInternalServerError
return
}
oldBinPath, err := restart.ReadSymlink(bpfcfg.HostConfig.BasePath + "/latest/l3afd")
oldBinPath, err := restart.ReadSymlink(filepath.Join(bpfcfg.HostConfig.BasePath, "latest/l3afd"))
if err != nil {
mesg = fmt.Sprintf("failed to read symlink: %v", err)
log.Error().Msg(mesg)
Expand All @@ -144,12 +116,18 @@ func HandleRestart(bpfcfg *bpfprogs.NFConfigs) http.HandlerFunc {
}
oldVersion := strings.Split(strings.Trim(oldBinPath, bpfcfg.HostConfig.BasePath+"/"), "/")[0]

err = restart.GetNewVersion(t.ArtifactURL, oldVersion, t.Version, bpfcfg.HostConfig)
if _, ok := models.AvailableVersions[t.Version]; !ok {
mesg = "invalid version to upgrade"
log.Error().Msg(mesg)
statusCode = http.StatusInternalServerError
return
}
err = restart.GetNewVersion(t.ArtifactName, oldVersion, models.AvailableVersions[t.Version], bpfcfg.HostConfig)
if err != nil {
mesg = fmt.Sprintf("failed to getNewVersion: %v", err)
mesg = fmt.Sprintf("failed to get new version: %v", err)
log.Error().Msg(mesg)
statusCode = http.StatusInternalServerError
err = restart.RollBackSymlink(oldCfgPath, oldBinPath, oldVersion, t.Version, bpfcfg.HostConfig)
err = restart.RollBackSymlink(oldCfgPath, oldBinPath, oldVersion, models.AvailableVersions[t.Version], bpfcfg.HostConfig)
mesg = mesg + fmt.Sprintf("rollback of symlink failed: %v", err)
return
}
Expand All @@ -158,7 +136,7 @@ func HandleRestart(bpfcfg *bpfprogs.NFConfigs) http.HandlerFunc {
ln, err := net.Listen("unix", models.HostSock)
if err != nil {
log.Err(err)
err = restart.RollBackSymlink(oldCfgPath, oldBinPath, oldVersion, t.Version, bpfcfg.HostConfig)
err = restart.RollBackSymlink(oldCfgPath, oldBinPath, oldVersion, models.AvailableVersions[t.Version], bpfcfg.HostConfig)
mesg = mesg + fmt.Sprintf("rollback of symlink failed: %v", err)
statusCode = http.StatusInternalServerError
return
Expand Down Expand Up @@ -195,7 +173,7 @@ func HandleRestart(bpfcfg *bpfprogs.NFConfigs) http.HandlerFunc {
lf, err := lis.File()
if err != nil {
log.Error().Msgf("%v", err)
err = restart.RollBackSymlink(oldCfgPath, oldBinPath, oldVersion, t.Version, bpfcfg.HostConfig)
err = restart.RollBackSymlink(oldCfgPath, oldBinPath, oldVersion, models.AvailableVersions[t.Version], bpfcfg.HostConfig)
mesg = mesg + fmt.Sprintf("rollback of symlink failed: %v", err)
statusCode = http.StatusInternalServerError
isErr = true
Expand All @@ -209,7 +187,7 @@ func HandleRestart(bpfcfg *bpfprogs.NFConfigs) http.HandlerFunc {
return
}
// we have added
cmd := exec.Command(bpfcfg.HostConfig.BasePath+"/latest/l3afd", "--config", bpfcfg.HostConfig.BasePath+"/latest/l3afd.cfg")
cmd := exec.Command(filepath.Join(bpfcfg.HostConfig.BasePath, "latest/l3afd"), "--config", filepath.Join(bpfcfg.HostConfig.BasePath, "latest/l3afd.cfg"))
cmd.SysProcAttr = &syscall.SysProcAttr{
Setsid: true,
}
Expand Down Expand Up @@ -238,7 +216,7 @@ func HandleRestart(bpfcfg *bpfprogs.NFConfigs) http.HandlerFunc {
log.Error().Msgf("%v", err)
mesg = mesg + fmt.Sprintf("unable to create pid file: %v", err)
}
err = restart.RollBackSymlink(oldCfgPath, oldBinPath, oldVersion, t.Version, bpfcfg.HostConfig)
err = restart.RollBackSymlink(oldCfgPath, oldBinPath, oldVersion, models.AvailableVersions[t.Version], bpfcfg.HostConfig)
if err != nil {
mesg = mesg + fmt.Sprintf("rollback of symlink failed: %v", err)
}
Expand Down Expand Up @@ -296,7 +274,7 @@ func HandleRestart(bpfcfg *bpfprogs.NFConfigs) http.HandlerFunc {
log.Error().Msgf("%v", err)
mesg = mesg + fmt.Sprintf("unable to create pid file: %v", err)
}
err = restart.RollBackSymlink(oldCfgPath, oldBinPath, oldVersion, t.Version, bpfcfg.HostConfig)
err = restart.RollBackSymlink(oldCfgPath, oldBinPath, oldVersion, models.AvailableVersions[t.Version], bpfcfg.HostConfig)
if err != nil {
mesg = mesg + fmt.Sprintf("rollback of symlink failed: %v", err)
}
Expand Down Expand Up @@ -327,7 +305,7 @@ func HandleRestart(bpfcfg *bpfprogs.NFConfigs) http.HandlerFunc {
log.Error().Msgf("%v", err)
mesg = mesg + fmt.Sprintf("unable to create pid file: %v", err)
}
err = restart.RollBackSymlink(oldCfgPath, oldBinPath, oldVersion, t.Version, bpfcfg.HostConfig)
err = restart.RollBackSymlink(oldCfgPath, oldBinPath, oldVersion, models.AvailableVersions[t.Version], bpfcfg.HostConfig)
if err != nil {
mesg = mesg + fmt.Sprintf("rollback of symlink failed: %v", err)
}
Expand Down
2 changes: 1 addition & 1 deletion apis/handlers/updateconfig.go
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ func UpdateConfig(ctx context.Context, bpfcfg *bpfprogs.NFConfigs) http.HandlerF
}(&mesg, &statusCode)
if models.IsReadOnly {
log.Warn().Msgf("We are in Between Restart Please try after some time")
mesg = "We are in Between Restart Please try after some time"
mesg = "We are currently in the middle of a restart. Please attempt again after a while."
return
}
defer DecWriteReq()
Expand Down
Loading

0 comments on commit 4d40211

Please sign in to comment.