luciano/vmware-go-kcl-v2
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Go-KCL: Update security scan

Browse source 
gas is now gosec. Need to update security scan and fix
security issue as needed.

No functional change.

Jira CNA-2022

Change-Id: I36f2a204114f3f13e2ed05579c04a9c89f528f9a
This commit is contained in:
Tao Jiang 2018-08-27 12:23:20 -07:00
parent 47daa9d5f0
commit 22de13ef8a
7 changed files with 26 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
HyperMake
View file

@ -80,6 +80,7 @@ targets:
after: after:
- checkfmt - checkfmt
- lint - lint
- scanast
deps-kcl: deps-kcl:
description: populate vendor packages description: populate vendor packages
@ -95,5 +96,5 @@ settings:
default-targets: default-targets:
- ci - ci
docker: docker:
image: 'vmware/cascade-toolchain:0.0.9' image: 'vmware/go-kcl-toolchain:latest'
src-volume: /go/src/vmware.com/cascade-kinesis-client src-volume: /go/src/vmware.com/cascade-kinesis-client

7
clientlibrary/metrics/cloudwatch.go
View file

@ -97,15 +97,16 @@ func (cw *CloudWatchMonitoringService) eventloop() {
defer cw.waitGroup.Done() defer cw.waitGroup.Done()
for { for {
err := cw.flush() if err := cw.flush(); err != nil {
if err != nil {
log.Errorf("Error sending metrics to CloudWatch. %+v", err) log.Errorf("Error sending metrics to CloudWatch. %+v", err)
} }
select { select {
case <-*cw.stop: case <-*cw.stop:
log.Info("Shutting down monitoring system") log.Info("Shutting down monitoring system")
cw.flush() if err := cw.flush(); err != nil {
log.Errorf("Error sending metrics to CloudWatch. %+v", err)
}
return return
case <-time.After(time.Duration(cw.MetricsBufferTimeMillis) * time.Millisecond): case <-time.After(time.Duration(cw.MetricsBufferTimeMillis) * time.Millisecond):
} }

2
clientlibrary/worker/shard-consumer.go
View file

@ -181,7 +181,7 @@ func (sc *ShardConsumer) getRecords(shard *shardStatus) error {
continue continue
} }
} }
log.Errorf("Error getting records from Kinesis that cannot be retried: %+v\nRequest: %s", err, getRecordsArgs) log.Errorf("Error getting records from Kinesis that cannot be retried: %+v Request: %s", err, getRecordsArgs)
return err return err
} }
retriedErrors = 0 retriedErrors = 0

15
clientlibrary/worker/worker.go
View file

@ -135,7 +135,10 @@ func (w *Worker) Start() error {
// Start monitoring service // Start monitoring service
log.Info("Starting monitoring service.") log.Info("Starting monitoring service.")
w.mService.Start() if err := w.mService.Start(); err != nil {
log.Errorf("Failed to start monitoring service: %+v", err)
return err
}
log.Info("Starting worker event loop.") log.Info("Starting worker event loop.")
// entering event loop // entering event loop
@ -249,7 +252,7 @@ func (w *Worker) eventLoop() {
if err != nil { if err != nil {
// checkpoint may not existed yet is not an error condition. // checkpoint may not existed yet is not an error condition.
if err != ErrSequenceIDNotFound { if err != ErrSequenceIDNotFound {
log.Error(err) log.Errorf(" Error: %+v", err)
// move on to next shard // move on to next shard
continue continue
} }
@ -308,10 +311,12 @@ func (w *Worker) getShardIDs(startShardID string, shardInfo map[string]bool) err
streamDesc, err := w.kc.DescribeStream(args) streamDesc, err := w.kc.DescribeStream(args)
if err != nil { if err != nil {
log.Errorf("Error in DescribeStream: %s Error: %+v Request: %s", w.streamName, err, args)
return err return err
} }
if *streamDesc.StreamDescription.StreamStatus != "ACTIVE" { if *streamDesc.StreamDescription.StreamStatus != "ACTIVE" {
log.Warnf("Stream %s is not active", w.streamName)
return errors.New("stream not active") return errors.New("stream not active")
} }
@ -319,6 +324,7 @@ func (w *Worker) getShardIDs(startShardID string, shardInfo map[string]bool) err
for _, s := range streamDesc.StreamDescription.Shards { for _, s := range streamDesc.StreamDescription.Shards {
// record avail shardId from fresh reading from Kinesis // record avail shardId from fresh reading from Kinesis
shardInfo[*s.ShardId] = true shardInfo[*s.ShardId] = true
// found new shard // found new shard
if _, ok := w.shardStatus[*s.ShardId]; !ok { if _, ok := w.shardStatus[*s.ShardId]; !ok {
log.Debugf("Found shard with id %s", *s.ShardId) log.Debugf("Found shard with id %s", *s.ShardId)
@ -336,6 +342,7 @@ func (w *Worker) getShardIDs(startShardID string, shardInfo map[string]bool) err
if *streamDesc.StreamDescription.HasMoreShards { if *streamDesc.StreamDescription.HasMoreShards {
err := w.getShardIDs(lastShardID, shardInfo) err := w.getShardIDs(lastShardID, shardInfo)
if err != nil { if err != nil {
log.Errorf("Error in getShardIDs: %s Error: %+v", lastShardID, err)
return err return err
} }
} }
@ -359,7 +366,9 @@ func (w *Worker) syncShard() error {
delete(w.shardStatus, shard.ID) delete(w.shardStatus, shard.ID)
// remove the shard entry in dynamoDB as well // remove the shard entry in dynamoDB as well
// Note: syncShard runs periodically. we don't need to do anything in case of error here. // Note: syncShard runs periodically. we don't need to do anything in case of error here.
w.checkpointer.RemoveLeaseInfo(shard.ID) if err := w.checkpointer.RemoveLeaseInfo(shard.ID); err != nil {
log.Errorf("Failed to remove shard lease info: %s Error: %+v", shard.ID, err)
}
} }
} }

2
support/scripts/check.sh
View file

@ -27,7 +27,7 @@ lint() {
scanast() { scanast() {
set +e set +e
gas ./... > security.log 2>&1 gosec ./... > security.log 2>&1
set -e set -e
local issues=$(grep -E "Severity: MEDIUM" security.log | wc -l) local issues=$(grep -E "Severity: MEDIUM" security.log | wc -l)

10
support/toolchain/HyperMake
View file

@ -1,8 +1,8 @@
--- ---
format: hypermake.v0 format: hypermake.v0
name: cascade-kcl name: go-kcl
description: Amazon Kinesis Client Library in Go description: VMWare Go-KCL Amazon Kinesis Client Library in Go
targets: targets:
rebuild-toolchain: rebuild-toolchain:
@ -12,17 +12,17 @@ targets:
build: docker build: docker
cache: false cache: false
tags: tags:
- vmware/cascade-kcl-toolchain:latest - vmware/go-kcl-toolchain:latest
push-toolchain: push-toolchain:
description: push toolchain image description: push toolchain image
after: after:
- rebuild-toolchain - rebuild-toolchain
push: push:
- vmware/cascade-toolchain:latest - vmware/go-kcl-toolchain:latest
settings: settings:
default-targets: default-targets:
- rebuild-toolchain - rebuild-toolchain
docker: docker:
image: 'vmware/cascade-kcl-toolchain:0.0.0' image: 'vmware/go-kcl-toolchain:0.1.0'

2
support/toolchain/docker/Dockerfile
View file

@ -4,7 +4,7 @@ ENV GOPATH /go:/src
RUN go get -v github.com/alecthomas/gometalinter && \ RUN go get -v github.com/alecthomas/gometalinter && \
go get -v golang.org/x/tools/cmd/... && \ go get -v golang.org/x/tools/cmd/... && \
go get -v github.com/FiloSottile/gvt && \ go get -v github.com/FiloSottile/gvt && \
go get -v github.com/GoASTScanner/gas/cmd/gas/... && \ go get github.com/securego/gosec/cmd/gosec/... && \
go get github.com/derekparker/delve/cmd/dlv && \ go get github.com/derekparker/delve/cmd/dlv && \
gometalinter --install && \ gometalinter --install && \
chmod -R a+rw /go chmod -R a+rw /go