v0.1 (#8)

Co-authored-by: kjuulh <contact@kjuulh.io>
Reviewed-on: https://git.front.kjuulh.io/kjuulh/kraken/pulls/8

internal/actions/action.go

@@ -0,0 +1,77 @@
+package actions
+
+import (
+	"context"
+	"errors"
+
+	"git.front.kjuulh.io/kjuulh/kraken/internal/actions/builders"
+	"git.front.kjuulh.io/kjuulh/kraken/internal/actions/querier"
+	"git.front.kjuulh.io/kjuulh/kraken/internal/schema"
+	"git.front.kjuulh.io/kjuulh/kraken/internal/services/storage"
+	"go.uber.org/zap"
+)
+
+type Action struct {
+	Schema     *schema.KrakenSchema
+	SchemaPath string
+}
+
+func (a *Action) Execute(ctx context.Context, area *storage.Area) error {
+	for _, action := range a.Schema.Actions {
+		switch action.Type {
+		case "go":
+			exe, err := builders.NewGo(zap.L()).Build(ctx, a.SchemaPath, action.Entry)
+			if err != nil {
+				return err
+			}
+			err = exe(ctx, area.Path)
+			if err != nil {
+				return err
+			}
+
+			zap.L().Debug("Execution done")
+
+		case "docker-build":
+			zap.L().Debug("Building docker-build")
+			runCmd, err := builders.NewDockerBuild(zap.L()).Build(ctx, a.SchemaPath, action.Entry)
+			if err != nil {
+				return err
+			}
+			err = runCmd(ctx, area.Path)
+			if err != nil {
+				return err
+			}
+			return nil
+
+		default:
+			return errors.New("could not determine action type")
+		}
+	}
+
+	return nil
+}
+
+func (a *Action) Query(ctx context.Context, area *storage.Area) ([]string, bool, error) {
+	for _, query := range a.Schema.Queries {
+		switch query.Type {
+		case "grep":
+			exe, err := querier.NewRipGrep(zap.L()).Build(ctx, a.SchemaPath, query.Query)
+			if err != nil {
+				return nil, false, err
+			}
+			output, found, err := exe(ctx, area.Path)
+			if err != nil {
+				return nil, false, err
+			}
+
+			zap.L().Debug("Execution done")
+
+			return output, found, nil
+
+		default:
+			return nil, false, errors.New("could not determine query type")
+		}
+	}
+
+	return nil, false, nil
+}

internal/actions/action_creator.go

@@ -0,0 +1,85 @@
+package actions
+
+import (
+	"context"
+	"fmt"
+	"os"
+	"path"
+	"time"
+
+	"git.front.kjuulh.io/kjuulh/kraken/internal/schema"
+	"git.front.kjuulh.io/kjuulh/kraken/internal/services/providers"
+	"git.front.kjuulh.io/kjuulh/kraken/internal/services/storage"
+	"go.uber.org/zap"
+)
+
+type (
+	ActionCreatorOps struct {
+		RepositoryUrl string
+		Branch        string
+		Path          string
+	}
+
+	ActionCreator struct {
+		logger  *zap.Logger
+		storage *storage.Service
+		git     *providers.Git
+	}
+
+	ActionCreatorDeps interface {
+		GetStorageService() *storage.Service
+		GetGitProvider() *providers.Git
+	}
+)
+
+func NewActionCreator(logger *zap.Logger, deps ActionCreatorDeps) *ActionCreator {
+	return &ActionCreator{
+		logger:  logger,
+		storage: deps.GetStorageService(),
+		git:     deps.GetGitProvider(),
+	}
+}
+
+func (ac *ActionCreator) Prepare(ctx context.Context, ops *ActionCreatorOps) (*Action, error) {
+	area, err := ac.storage.CreateArea(ctx)
+	if err != nil {
+		ac.logger.Error("failed to allocate area", zap.Error(err))
+		return nil, err
+	}
+
+	cloneCtx, _ := context.WithTimeout(ctx, time.Second*10)
+	_, err = ac.git.CloneBranch(cloneCtx, area, ops.RepositoryUrl, ops.Branch)
+	if err != nil {
+		ac.logger.Error("could not clone repo", zap.Error(err))
+		return nil, err
+	}
+
+	executorUrl := path.Join(area.Path, ops.Path)
+	if _, err = os.Stat(executorUrl); os.IsNotExist(err) {
+		return nil, fmt.Errorf("path is invalid: %s", ops.Path)
+	}
+
+	contents, err := os.ReadFile(path.Join(executorUrl, "kraken.yml"))
+	if err != nil {
+		return nil, err
+	}
+
+	krakenSchema, err := schema.Unmarshal(string(contents))
+	if err != nil {
+		return nil, err
+	}
+
+	ac.logger.Debug("Action creator done")
+	return &Action{
+		Schema:     krakenSchema,
+		SchemaPath: executorUrl,
+	}, nil
+}
+
+func (ac *ActionCreator) Cleanup(ctx context.Context, area *storage.Area) {
+	ac.logger.Debug("Removing area", zap.String("path", area.Path))
+	err := ac.storage.RemoveArea(ctx, area)
+	if err != nil {
+		panic(err)
+	}
+}

internal/actions/builders/docker.go

@@ -0,0 +1,95 @@
+package builders
+
+import (
+	"context"
+	"crypto/rand"
+	"encoding/hex"
+	"errors"
+	"fmt"
+	"os"
+	"os/exec"
+
+	"go.uber.org/zap"
+	"go.uber.org/zap/zapio"
+)
+
+type DockerBuild struct {
+	logger *zap.Logger
+}
+
+func NewDockerBuild(logger *zap.Logger) *DockerBuild {
+	return &DockerBuild{logger: logger}
+}
+
+type DockerRunCommand func(ctx context.Context, victimPath string) error
+
+func (g *DockerBuild) Build(ctx context.Context, modulePath, entryPath string) (DockerRunCommand, error) {
+	g.logger.Debug("Building docker image", zap.String("actiondir", modulePath), zap.String("entry", entryPath))
+
+	if _, err := os.Stat(fmt.Sprintf("%s/%s", modulePath, entryPath)); os.IsNotExist(err) {
+		return nil, errors.New("could not find entry")
+	}
+
+	b := make([]byte, 20)
+	_, err := rand.Reader.Read(b)
+	if err != nil {
+		return nil, err
+	}
+	tag := hex.EncodeToString(b)
+	buildDockerCmd := fmt.Sprintf("(cd %s; docker build -f %s --tag kraken/%s .)", modulePath, entryPath, tag)
+	g.logger.Debug("Running command", zap.String("command", buildDockerCmd))
+
+	cmd := exec.CommandContext(
+		ctx,
+		"/bin/bash",
+		"-c",
+		buildDockerCmd,
+	)
+
+	debugwriter := &zapio.Writer{
+		Log:   g.logger,
+		Level: zap.DebugLevel,
+	}
+	defer debugwriter.Close()
+
+	cmd.Stdout = debugwriter
+	cmd.Stderr = debugwriter
+	err = cmd.Start()
+	if err != nil {
+		return nil, err
+	}
+
+	err = cmd.Wait()
+	if err != nil {
+		return nil, err
+	}
+
+	g.logger.Debug("Docker image built!")
+
+	return func(ctx context.Context, victimPath string) error {
+		g.logger.Debug("Executing script", zap.String("victim", victimPath))
+
+		cmd := exec.CommandContext(
+			ctx,
+			"/bin/bash",
+			"-c",
+			fmt.Sprintf("docker run --rm -v %s/:/src/work/ kraken/%s", victimPath, tag),
+		)
+
+		runDockerWriter := &zapio.Writer{
+			Log:   g.logger,
+			Level: zap.DebugLevel,
+		}
+		defer runDockerWriter.Close()
+
+		cmd.Stdout = runDockerWriter
+		cmd.Stderr = runDockerWriter
+
+		err = cmd.Start()
+		if err != nil {
+			return err
+		}
+
+		return cmd.Wait()
+	}, nil
+}

internal/actions/builders/go.go

@@ -0,0 +1,46 @@
+package builders
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"os"
+	"os/exec"
+
+	"go.uber.org/zap"
+)
+
+type Go struct {
+	logger *zap.Logger
+}
+
+func NewGo(logger *zap.Logger) *Go {
+	return &Go{logger: logger}
+}
+
+type GoExecutable func(ctx context.Context, victimPath string) error
+
+func (g *Go) Build(ctx context.Context, modulePath, entryPath string) (GoExecutable, error) {
+	g.logger.Debug("Building go binary", zap.String("actiondir", modulePath), zap.String("entry", entryPath))
+
+	if _, err := os.Stat(fmt.Sprintf("%s/%s", modulePath, entryPath)); os.IsNotExist(err) {
+		return nil, errors.New("could not find entry")
+	}
+
+	err := exec.CommandContext(
+		ctx,
+		"/bin/bash",
+		"-c",
+		fmt.Sprintf("(cd %s; go build -o main %s)", modulePath, entryPath),
+	).Run()
+	if err != nil {
+		return nil, err
+	}
+
+	g.logger.Debug("Go binary built!")
+
+	return func(ctx context.Context, victimPath string) error {
+		g.logger.Debug("Executing script", zap.String("victim", victimPath))
+		return exec.CommandContext(ctx, "/bin/bash", "-c", fmt.Sprintf("(cd %s; %s/main)", victimPath, modulePath)).Run()
+	}, nil
+}

internal/actions/querier/ripgrep.go

@@ -0,0 +1,106 @@
+package querier
+
+import (
+	"context"
+	"fmt"
+	"io"
+	"os/exec"
+	"strings"
+
+	"go.uber.org/zap"
+	"go.uber.org/zap/zapio"
+)
+
+type RipGrep struct {
+	logger *zap.Logger
+}
+
+func NewRipGrep(logger *zap.Logger) *RipGrep {
+	return &RipGrep{logger: logger}
+}
+
+type RipGrepCommand func(ctx context.Context, victimPath string) ([]string, bool, error)
+
+func (g *RipGrep) Build(ctx context.Context, modulePath, query string) (RipGrepCommand, error) {
+	g.logger.Debug("Pulling docker image", zap.String("actiondir", modulePath), zap.String("query", query))
+
+	pullDockerImage := "docker pull mbologna/docker-ripgrep"
+	g.logger.Debug("Running command", zap.String("command", pullDockerImage))
+
+	cmd := exec.CommandContext(
+		ctx,
+		"/bin/bash",
+		"-c",
+		pullDockerImage,
+	)
+
+	debugwriter := &zapio.Writer{
+		Log:   g.logger,
+		Level: zap.DebugLevel,
+	}
+	defer debugwriter.Close()
+
+	cmd.Stdout = debugwriter
+	cmd.Stderr = debugwriter
+	err := cmd.Start()
+	if err != nil {
+		return nil, err
+	}
+
+	err = cmd.Wait()
+	if err != nil {
+		return nil, err
+	}
+
+	g.logger.Debug("Docker image pulled")
+
+	return func(ctx context.Context, victimPath string) ([]string, bool, error) {
+		g.logger.Debug("Executing script", zap.String("victim", victimPath))
+
+		runRipGrepCmd := fmt.Sprintf("docker run --rm -v %s/:/data:ro mbologna/docker-ripgrep rg -i '%s' || true", victimPath, query)
+
+		g.logger.Debug("Execute ripgrep query", zap.String("command", runRipGrepCmd))
+
+		cmd := exec.CommandContext(
+			ctx,
+			"/bin/bash",
+			"-c",
+			runRipGrepCmd,
+		)
+
+		runDockerWriter := &zapio.Writer{
+			Log:   g.logger,
+			Level: zap.DebugLevel,
+		}
+		defer runDockerWriter.Close()
+
+		builder := &strings.Builder{}
+		combinedWriter := io.MultiWriter(runDockerWriter, builder)
+
+		cmd.Stdout = combinedWriter
+		cmd.Stderr = combinedWriter
+
+		err = cmd.Start()
+		if err != nil {
+			return nil, false, err
+		}
+
+		err = cmd.Wait()
+		if err != nil {
+			return nil, false, err
+		}
+
+		contents := strings.Split(builder.String(), "\n")
+		validatedOutput := make([]string, 0)
+
+		for _, c := range contents {
+			if !strings.Contains(c, "WARNING:") {
+				validatedOutput = append(validatedOutput, c)
+			}
+		}
+
+		found := len(validatedOutput) > 0
+
+		return validatedOutput, found, nil
+	}, nil
+}