From 0f1b7e5972abea5ca5ebefe477360d0e1908cd44 Mon Sep 17 00:00:00 2001 From: Filip Barl Date: Thu, 21 Feb 2019 16:18:24 +0100 Subject: [PATCH] Prepare to filter node summaries post-render. --- app/api_report.go | 3 ++- app/api_topologies.go | 2 +- app/api_topology.go | 23 +++++++++++++++++------ render/detailed/censor.go | 15 +++++++++++++++ report/censor.go | 37 +++++++++++++++++++++++++------------ 5 files changed, 60 insertions(+), 20 deletions(-) create mode 100644 render/detailed/censor.go diff --git a/app/api_report.go b/app/api_report.go index 3899f69e3..3ccdf94db 100644 --- a/app/api_report.go +++ b/app/api_report.go @@ -13,12 +13,13 @@ import ( // Raw report handler func makeRawReportHandler(rep Reporter) CtxHandlerFunc { return func(ctx context.Context, w http.ResponseWriter, r *http.Request) { + censorCfg := report.GetCensorConfigFromQueryParams(r) rawReport, err := rep.Report(ctx, time.Now()) if err != nil { respondWith(w, http.StatusInternalServerError, err) return } - respondWith(w, http.StatusOK, report.CensorReportForRequest(rawReport, r)) + respondWith(w, http.StatusOK, report.CensorRawReport(rawReport, censorCfg)) } } diff --git a/app/api_topologies.go b/app/api_topologies.go index af94890ad..294bd2c72 100644 --- a/app/api_topologies.go +++ b/app/api_topologies.go @@ -577,7 +577,7 @@ func (r *Registry) captureRenderer(rep Reporter, f rendererHandler) CtxHandlerFu return } req.ParseForm() - rc := RenderContextForReporter(rep, rpt, req) + rc := RenderContextForReporter(rep, rpt) renderer, filter, err := r.RendererForTopology(topologyID, req.Form, rc.Report) if err != nil { respondWith(w, http.StatusInternalServerError, err) diff --git a/app/api_topology.go b/app/api_topology.go index 1ed67e6f2..c67266d4c 100644 --- a/app/api_topology.go +++ b/app/api_topology.go @@ -30,8 +30,8 @@ type APINode struct { } // RenderContextForReporter creates the rendering context for the given reporter. -func RenderContextForReporter(rep Reporter, r report.Report, req *http.Request) detailed.RenderContext { - rc := detailed.RenderContext{Report: report.CensorReportForRequest(r, req)} +func RenderContextForReporter(rep Reporter, r report.Report) detailed.RenderContext { + rc := detailed.RenderContext{Report: r} if wrep, ok := rep.(WebReporter); ok { rc.MetricsGraphURL = wrep.MetricsGraphURL } @@ -42,8 +42,13 @@ type rendererHandler func(context.Context, render.Renderer, render.Transformer, // Full topology. func handleTopology(ctx context.Context, renderer render.Renderer, transformer render.Transformer, rc detailed.RenderContext, w http.ResponseWriter, r *http.Request) { + // log.Infof("blublu %v", rc.Report.Container.Nodes) + // log.Infof("blublu %v", rc.Report.ContainerImage.Nodes) + // log.Infof("blibli %v", render.Render(ctx, rc.Report, renderer, transformer).Nodes) + censorCfg := report.GetCensorConfigFromQueryParams(r) + nodeSummaries := detailed.Summaries(ctx, rc, render.Render(ctx, rc.Report, renderer, transformer).Nodes) respondWith(w, http.StatusOK, APITopology{ - Nodes: detailed.Summaries(ctx, rc, render.Render(ctx, rc.Report, renderer, transformer).Nodes), + Nodes: detailed.CensorNodeSummaries(nodeSummaries, censorCfg), }) } @@ -72,7 +77,9 @@ func handleNode(ctx context.Context, renderer render.Renderer, transformer rende nodes.Nodes[nodeID] = node nodes.Filtered-- } - respondWith(w, http.StatusOK, APINode{Node: detailed.MakeNode(topologyID, rc, nodes.Nodes, node)}) + censorCfg := report.GetCensorConfigFromQueryParams(r) + rawNode := detailed.MakeNode(topologyID, rc, nodes.Nodes, node) + respondWith(w, http.StatusOK, APINode{Node: detailed.CensorNode(rawNode, censorCfg)}) } // Websocket for the full topology. @@ -141,16 +148,20 @@ func handleWebsocket( log.Errorf("Error generating report: %v", err) return } - rc := RenderContextForReporter(rep, re, r) + rc := RenderContextForReporter(rep, re) renderer, filter, err := topologyRegistry.RendererForTopology(topologyID, r.Form, rc.Report) if err != nil { log.Errorf("Error generating report: %v", err) return } + // log.Infof("blublu %v", rc.Report.Container.Nodes) + censorCfg := report.GetCensorConfigFromQueryParams(r) newTopo := detailed.Summaries(ctx, rc, render.Render(ctx, rc.Report, renderer, filter).Nodes) + newTopo = detailed.CensorNodeSummaries(newTopo, censorCfg) + // log.Infof("blublu %v", newTopo) diff := detailed.TopoDiff(previousTopo, newTopo) previousTopo = newTopo - + // log.Infof("dfdfdf %v", diff) if err := conn.WriteJSON(diff); err != nil { if !xfer.IsExpectedWSCloseError(err) { log.Errorf("cannot serialize topology diff: %s", err) diff --git a/render/detailed/censor.go b/render/detailed/censor.go new file mode 100644 index 000000000..a36bca95e --- /dev/null +++ b/render/detailed/censor.go @@ -0,0 +1,15 @@ +package detailed + +import ( + "github.com/weaveworks/scope/report" +) + +// CensorNode ... +func CensorNode(n Node, cfg report.CensorConfig) Node { + return n +} + +// CensorNodeSummaries ... +func CensorNodeSummaries(n NodeSummaries, cfg report.CensorConfig) NodeSummaries { + return n +} diff --git a/report/censor.go b/report/censor.go index d3a6c3d98..913ddf1c9 100644 --- a/report/censor.go +++ b/report/censor.go @@ -33,22 +33,35 @@ func censorTopology(t *Topology, match keyMatcher, censor censorValueFunc) { } } -// CensorReportForRequest removes any sensitive data -// from the report based on the request query params. -func CensorReportForRequest(rep Report, req *http.Request) Report { +// CensorConfig describes how probe reports should +// be censored when rendered through the API. +type CensorConfig struct { + hideCommandLineArguments bool + hideEnvironmentVariables bool +} + +// GetCensorConfigFromQueryParams extracts censor config from request query params. +func GetCensorConfigFromQueryParams(req *http.Request) CensorConfig { + return CensorConfig{ + hideCommandLineArguments: true || req.URL.Query().Get("hideCommandLineArguments") == "true", + hideEnvironmentVariables: true || req.URL.Query().Get("hideEnvironmentVariables") == "true", + } +} + +// CensorRawReport removes any sensitive data from +// the raw report based on the request query params. +func CensorRawReport(r Report, cfg CensorConfig) Report { var ( - hideCommandLineArguments = req.URL.Query().Get("hideCommandLineArguments") == "true" - hideEnvironmentVariables = req.URL.Query().Get("hideEnvironmentVariables") == "true" - makeEmpty = func(string) string { return "" } + makeEmpty = func(string) string { return "" } ) - if hideCommandLineArguments { - censorTopology(&rep.Process, keyEquals(Cmdline), StripCommandArgs) - censorTopology(&rep.Container, keyEquals(DockerContainerCommand), StripCommandArgs) + if cfg.hideCommandLineArguments { + censorTopology(&r.Process, keyEquals(Cmdline), StripCommandArgs) + censorTopology(&r.Container, keyEquals(DockerContainerCommand), StripCommandArgs) } - if hideEnvironmentVariables { - censorTopology(&rep.Container, keyStartsWith(DockerEnvPrefix), makeEmpty) + if cfg.hideEnvironmentVariables { + censorTopology(&r.Container, keyStartsWith(DockerEnvPrefix), makeEmpty) } - return rep + return r } // StripCommandArgs removes all the arguments from the command