diff --git a/cmd/assess.go b/cmd/assess.go index 6d72f1b..97d81ed 100644 --- a/cmd/assess.go +++ b/cmd/assess.go @@ -87,6 +87,7 @@ func processZipFile(connector *connector.StorageConnector, f *zip.File) error { func assess(connector *connector.StorageConnector, rulesPath string) { // perform checks based on pre-defined static rules + logger := logging.GetLogManager() for _, rule := range files.GetFiles(rulesPath, ".ya?ml") { c := yamler.GetConf(rule) if !c.Enabled { @@ -96,13 +97,13 @@ func assess(connector *connector.StorageConnector, rulesPath string) { query, args := yamler.PrepareQuery(c) results := connector.Query(query, args) - logging.PrintRed("Running rule: " + rule) - logging.PrintGreen("Name: " + c.Name) - logging.PrintGreen("Arguments:") - logging.PrintDarkGreen(yamler.ArgsToQueryNeo4jBrowser(args)) - logging.PrintGreen("Query:") - logging.PrintDarkGreen(query) - logging.PrintGreen("Description: " + c.Description) + logger.PrintRed("Running rule: " + rule) + logger.PrintGreen("Name: " + c.Name) + logger.PrintGreen("Arguments:") + logger.PrintDarkGreen(yamler.ArgsToQueryNeo4jBrowser(args)) + logger.PrintGreen("Query:") + logger.PrintDarkGreen(query) + logger.PrintGreen("Description: " + c.Description) for _, resultMap := range results { for key, value := range resultMap { diff --git a/pkg/connector/services/aws/aws.go b/pkg/connector/services/aws/aws.go index 2f465a5..ea1b3ac 100644 --- a/pkg/connector/services/aws/aws.go +++ b/pkg/connector/services/aws/aws.go @@ -31,10 +31,10 @@ func InitAWSConfiguration(profile string, awsEndpoint string) (awsc *AWSConfig) }), ) cfg.RetryMode = aws.RetryModeStandard - if awsEndpoint != "" { - cfg.BaseEndpoint = aws.String(awsEndpoint) - } - awsc = &AWSConfig{Profile: profile, Config: cfg} + // if awsEndpoint != "" { + // cfg.BaseEndpoint = aws.String(awsEndpoint) + // } + awsc = &AWSConfig{Profile: profile, Config: cfg, logger: logging.GetLogManager()} SetActions() // Get the available AWS regions dynamically ec2.ListAndSaveRegions(cfg) @@ -80,7 +80,7 @@ func (ac *AWSConfig) DumpBuckets() interface{} { func (ac *AWSConfig) DumpEC2Instances() interface{} { ec2s, err := ec2.ListInstances(ac.Config) if err != nil { - logging.HandleError(err, "EC2", "") + ac.logger.Warn("Error listing EC2 instances", "err", err) } return ec2s } @@ -96,7 +96,7 @@ func (ac *AWSConfig) DumpLambdas() interface{} { func (ac *AWSConfig) DumpRDS() interface{} { rds, err := database.ListRDS(ac.Config) if err != nil { - logging.HandleError(err, "RDS", "") + ac.logger.Warn("Error listing RDS", "err", err) } return rds } diff --git a/pkg/connector/services/aws/database/dynamodb.go b/pkg/connector/services/aws/database/dynamodb.go index cdc8cda..66c6994 100644 --- a/pkg/connector/services/aws/database/dynamodb.go +++ b/pkg/connector/services/aws/database/dynamodb.go @@ -13,7 +13,7 @@ import ( // aws iam list-users func ListDynamoDBs(cfg aws.Config) (dynamoDBs []*DynamoDB) { - var dynamoClient = DynamoClient{Config: cfg} + var dynamoClient = DynamoClient{Config: cfg, logger: logging.GetLogManager()} for i := range ec2.Regions { cfg.Region = ec2.Regions[i] @@ -37,9 +37,11 @@ func (dc *DynamoClient) listDynamoDBTablesForRegion() (tableNames []string) { Limit: aws.Int32(100), }) if errors.As(err, &re) { - logging.HandleAWSError(re, "DynamoDB", "ListTables") + dc.logger.Warn("Error on ListTables", "err", re) } - tableNames = output.TableNames + if output != nil { + tableNames = output.TableNames + } return } diff --git a/pkg/connector/services/aws/database/rds.go b/pkg/connector/services/aws/database/rds.go index 515af82..65f9561 100644 --- a/pkg/connector/services/aws/database/rds.go +++ b/pkg/connector/services/aws/database/rds.go @@ -5,7 +5,6 @@ import ( "errors" "github.com/primait/nuvola/pkg/connector/services/aws/ec2" - "github.com/primait/nuvola/pkg/io/logging" "github.com/aws/aws-sdk-go-v2/aws" awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http" @@ -37,7 +36,7 @@ func (rc *RDSClient) listRDSClustersForRegion() (clusters []types.DBCluster) { output, err := rc.client.DescribeDBClusters(context.TODO(), &rds.DescribeDBClustersInput{}) if errors.As(err, &re) { if re.Response.StatusCode != 501 { // When using LocalStack: this is a Pro feature - logging.HandleAWSError(re, "RDS", "DescribeDBClusters") + rc.logger.Warn("Error on DescribeDBClusters", "err", re) } } @@ -54,7 +53,7 @@ func (rc *RDSClient) listRDSInstancesForRegion() (instances []types.DBInstance) output, err := rc.client.DescribeDBInstances(context.TODO(), &rds.DescribeDBInstancesInput{}) if errors.As(err, &re) { if re.Response.StatusCode != 501 { // When using LocalStack: this is a Pro feature - logging.HandleAWSError(re, "RDS", "DescribeDBInstances") + rc.logger.Warn("Error on DescribeDBInstances", "err", re) } } diff --git a/pkg/connector/services/aws/database/redshift.go b/pkg/connector/services/aws/database/redshift.go index 1010d74..104f295 100644 --- a/pkg/connector/services/aws/database/redshift.go +++ b/pkg/connector/services/aws/database/redshift.go @@ -5,7 +5,6 @@ import ( "errors" "github.com/primait/nuvola/pkg/connector/services/aws/ec2" - "github.com/primait/nuvola/pkg/io/logging" "github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go-v2/service/redshift" @@ -34,9 +33,11 @@ func ListRedshiftDBs(cfg aws.Config) (redshiftDBs []*RedshiftDB) { func (rc *RedshiftClient) listRedshiftClustersForRegion() (clusters []types.Cluster) { output, err := rc.client.DescribeClusters(context.TODO(), &redshift.DescribeClustersInput{}) if errors.As(err, &re) { - logging.HandleAWSError(re, "Redshift", "DescribeClusters") + rc.logger.Warn("Error on DescribeClusters", "err", re) } - clusters = output.Clusters + if output != nil { + clusters = output.Clusters + } return } diff --git a/pkg/connector/services/aws/database/structs.go b/pkg/connector/services/aws/database/structs.go index ac7ad25..95777d3 100644 --- a/pkg/connector/services/aws/database/structs.go +++ b/pkg/connector/services/aws/database/structs.go @@ -8,6 +8,7 @@ import ( rdsTypes "github.com/aws/aws-sdk-go-v2/service/rds/types" "github.com/aws/aws-sdk-go-v2/service/redshift" redshiftTypes "github.com/aws/aws-sdk-go-v2/service/redshift/types" + "github.com/primait/nuvola/pkg/io/logging" ) type DynamoDB struct { @@ -22,6 +23,7 @@ type Table struct { type DynamoClient struct { client *dynamodb.Client Config aws.Config + logger logging.LogManager } type RDS struct { @@ -32,6 +34,7 @@ type RDS struct { type RDSClient struct { client *rds.Client Config aws.Config + logger logging.LogManager } type RedshiftDB struct { @@ -41,6 +44,7 @@ type RedshiftDB struct { type RedshiftClient struct { client *redshift.Client Config aws.Config + logger logging.LogManager } var re *awshttp.ResponseError diff --git a/pkg/connector/services/aws/ec2/ec2s.go b/pkg/connector/services/aws/ec2/ec2s.go index 591aa87..caadf07 100644 --- a/pkg/connector/services/aws/ec2/ec2s.go +++ b/pkg/connector/services/aws/ec2/ec2s.go @@ -14,7 +14,7 @@ import ( ) func ListInstances(cfg aws.Config) (ec2s []*Instance, err *awshttp.ResponseError) { - ec2Client := EC2Client{Config: cfg, client: ec2.NewFromConfig(cfg)} + ec2Client := EC2Client{Config: cfg, client: ec2.NewFromConfig(cfg), logger: logging.GetLogManager()} for _, region := range Regions { cfg.Region = region @@ -34,26 +34,28 @@ func (ec *EC2Client) listInstancesForRegion() (ec2s []*Instance) { }}, }) if errors.As(err, &re) { - logging.HandleAWSError(re, "EC2", "listInstancesForRegion") + ec.logger.Warn("Error on listing EC2s in all region", "err", re) } - ec2s = make([]*Instance, 0, len(output.Reservations)) - instances := iter.Map(output.Reservations, func(instances *types.Reservation) []*Instance { - var instancesSlice []*Instance - for _, instance := range instances.Instances { - userData := ec.getInstanceUserDataAttribute(aws.ToString(instance.InstanceId)) - instancesSlice = append(instancesSlice, &Instance{ - Instance: instance, - UserData: userData, - NetworkInterfaces: ec.getNetworkInterfacesWithGroups(instance.NetworkInterfaces), - InstanceState: ec.getInstanceState(aws.ToString(instance.InstanceId)), - }) - } - return instancesSlice - }) + if output != nil { + ec2s = make([]*Instance, 0, len(output.Reservations)) + instances := iter.Map(output.Reservations, func(instances *types.Reservation) []*Instance { + var instancesSlice []*Instance + for _, instance := range instances.Instances { + userData := ec.getInstanceUserDataAttribute(aws.ToString(instance.InstanceId)) + instancesSlice = append(instancesSlice, &Instance{ + Instance: instance, + UserData: userData, + NetworkInterfaces: ec.getNetworkInterfacesWithGroups(instance.NetworkInterfaces), + InstanceState: ec.getInstanceState(aws.ToString(instance.InstanceId)), + }) + } + return instancesSlice + }) - for _, instance := range instances { - ec2s = append(ec2s, instance...) + for _, instance := range instances { + ec2s = append(ec2s, instance...) + } } return } @@ -66,7 +68,7 @@ func (ec *EC2Client) getInstanceUserDataAttribute(instanceID string) string { Attribute: types.InstanceAttributeNameUserData, }) if errors.As(err, &re) { - logging.HandleAWSError(re, "EC2", "DescribeInstanceAttribute") + ec.logger.Warn("Error on describing user data attribute", "err", re) } if userData.UserData != nil { @@ -93,7 +95,7 @@ func (ec *EC2Client) getSecurityGroups(groupID string) (secGroups []types.Securi GroupIds: []string{groupID}, }) if errors.As(err, &re) { - logging.HandleAWSError(re, "EC2", "DescribeSecurityGroups") + ec.logger.Warn("Error on describing security groups", "err", re) } secGroups = append(secGroups, output.SecurityGroups...) @@ -105,7 +107,7 @@ func (ec *EC2Client) getInstanceState(instanceID string) (state types.InstanceSt InstanceIds: []string{instanceID}, }) if errors.As(err, &re) { - logging.HandleAWSError(re, "EC2", "DescribeSecurityGroups") + ec.logger.Warn("Error on getting EC2 state", "err", re) } if output != nil && len(output.InstanceStatuses) > 0 { diff --git a/pkg/connector/services/aws/ec2/structs.go b/pkg/connector/services/aws/ec2/structs.go index 4bde2b3..2f2831e 100644 --- a/pkg/connector/services/aws/ec2/structs.go +++ b/pkg/connector/services/aws/ec2/structs.go @@ -14,6 +14,7 @@ import ( type EC2Client struct { client *ec2.Client aws.Config + logger logging.LogManager } // Override SDK EC2 instance type to insert SecurityGroup information @@ -44,11 +45,8 @@ func ListAndSaveRegions(cfg aws.Config) { ec2Client := ec2.NewFromConfig(cfg) output, err := ec2Client.DescribeRegions(context.TODO(), &ec2.DescribeRegionsInput{}) - if errors.As(err, &re) { - logging.HandleError(err, "EC2", "ListAndSaveRegions") - } - if output == nil { - logging.HandleError(errors.New("invalid profile or credentials"), "EC2", "ListAndSaveRegions") + if errors.As(err, &re) || output == nil { + logging.GetLogManager().Warn("Error on listing regions", "err", err) } else { for _, region := range output.Regions { Regions = append(Regions, aws.ToString(region.RegionName)) diff --git a/pkg/connector/services/aws/ec2/vpcs.go b/pkg/connector/services/aws/ec2/vpcs.go index d90e7ee..47585ea 100644 --- a/pkg/connector/services/aws/ec2/vpcs.go +++ b/pkg/connector/services/aws/ec2/vpcs.go @@ -6,7 +6,6 @@ import ( "github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go-v2/service/ec2" - "github.com/primait/nuvola/pkg/io/logging" ) func ListVpcs(cfg aws.Config) (vpcs *VPC) { @@ -30,23 +29,24 @@ func (ec *EC2Client) getVpcs() (vpcs *VPC) { MaxResults: aws.Int32(1000), }) if errors.As(err, &re) { - logging.HandleAWSError(re, "EC2 - VPC", "DescribeVpcs") + ec.logger.Warn("Error on DescribeVpcs", "err", re) } peeringOutput, err := ec.client.DescribeVpcPeeringConnections(context.TODO(), &ec2.DescribeVpcPeeringConnectionsInput{ MaxResults: aws.Int32(1000), }) if errors.As(err, &re) { - logging.HandleAWSError(re, "EC2 - VPC", "DescribeVpcPeeringConnections") + ec.logger.Warn("Error on DescribeVpcPeeringConnections", "err", re) } - for i := 0; i < len(vpcsOutput.Vpcs); i++ { - vpcs.VPCs = append(vpcs.VPCs, vpcsOutput.Vpcs[i]) - } + if vpcsOutput != nil { + for i := 0; i < len(vpcsOutput.Vpcs); i++ { + vpcs.VPCs = append(vpcs.VPCs, vpcsOutput.Vpcs[i]) + } - for i := 0; i < len(peeringOutput.VpcPeeringConnections); i++ { - vpcs.Peerings = append(vpcs.Peerings, peeringOutput.VpcPeeringConnections[i]) + for i := 0; i < len(peeringOutput.VpcPeeringConnections); i++ { + vpcs.Peerings = append(vpcs.Peerings, peeringOutput.VpcPeeringConnections[i]) + } } - return } diff --git a/pkg/connector/services/aws/iam/groups.go b/pkg/connector/services/aws/iam/groups.go index 2c718ca..de8b414 100644 --- a/pkg/connector/services/aws/iam/groups.go +++ b/pkg/connector/services/aws/iam/groups.go @@ -13,9 +13,9 @@ import ( ) func ListGroups(cfg aws.Config) (groups []*Group) { - iamClient = IAMClient{client: iam.NewFromConfig(cfg), Config: cfg} + iamClient = IAMClient{client: iam.NewFromConfig(cfg), Config: cfg, logger: logging.GetLogManager()} - groups = iter.Map(listGroups(), func(group *types.Group) *Group { + groups = iter.Map(iamClient.listGroups(), func(group *types.Group) *Group { inlines := iamClient.listInlinePolicies(aws.ToString(group.GroupName), "group") attached := iamClient.listAttachedPolicies(aws.ToString(group.GroupName), "group") @@ -38,19 +38,19 @@ func (ic *IAMClient) listGroupsForUser(identity string) []types.Group { UserName: &identity, }) if errors.As(err, &re) { - logging.HandleAWSError(re, "IAM - Groups", "ListGroupsForUser") + ic.logger.Warn("Error on ListGroupsForUser", "err", re) } return output.Groups } -func listGroups() (collectedGroups []types.Group) { +func (ic *IAMClient) listGroups() (collectedGroups []types.Group) { var marker *string for { output, err := iamClient.client.ListGroups(context.TODO(), &iam.ListGroupsInput{ Marker: marker, }) if errors.As(err, &re) { - logging.HandleAWSError(re, "IAM - Groups", "ListGroups") + ic.logger.Warn("Error on ListGroups", "err", re) } collectedGroups = append(collectedGroups, output.Groups...) diff --git a/pkg/connector/services/aws/iam/policies.go b/pkg/connector/services/aws/iam/policies.go index 21becf1..37825ef 100644 --- a/pkg/connector/services/aws/iam/policies.go +++ b/pkg/connector/services/aws/iam/policies.go @@ -12,7 +12,6 @@ import ( aat "github.com/aws/aws-sdk-go-v2/service/accessanalyzer/types" "github.com/aws/aws-sdk-go-v2/service/iam" "github.com/aws/aws-sdk-go-v2/service/iam/types" - "github.com/primait/nuvola/pkg/io/logging" ) var VALIDATE = false @@ -28,7 +27,7 @@ func (ic *IAMClient) ValidatePolicy(policy string) (findings []aat.ValidatePolic PolicyType: aat.PolicyTypeIdentityPolicy, }) if errors.As(err, &re) { - logging.HandleAWSError(re, "IAM - Policies", "ValidatePolicy") + ic.logger.Warn("Error on ValidatePolicy", "err", re) } if output != nil && len(output.Findings) > 0 { @@ -54,7 +53,7 @@ func (ic *IAMClient) listInlinePolicies(identity string, object string) []Policy RoleName: &identity, }) if errors.As(err, &re) { - logging.HandleAWSError(re, "IAM - Policies", "ListRolePolicies") + ic.logger.Warn("Error on ListRolePolicies", "err", re) } policies = attachedPolicies.PolicyNames case object == "user": @@ -63,7 +62,7 @@ func (ic *IAMClient) listInlinePolicies(identity string, object string) []Policy UserName: &identity, }) if errors.As(err, &re) { - logging.HandleAWSError(re, "IAM - Policies", "ListUserPolicies") + ic.logger.Warn("Error on ListUserPolicies", "err", re) } policies = attachedPolicies.PolicyNames case object == "group": @@ -72,11 +71,11 @@ func (ic *IAMClient) listInlinePolicies(identity string, object string) []Policy GroupName: &identity, }) if errors.As(err, &re) { - logging.HandleAWSError(re, "IAM - Policies", "ListGroupPolicies") + ic.logger.Warn("Error on ListGroupPolicies", "err", re) } policies = attachedPolicies.PolicyNames default: - logging.HandleError(nil, "IAM - Policies", "FAILED: no user/role/group defined") + ic.logger.Warn("no user/role/group defined", "object", object) } for i := range policies { @@ -88,7 +87,7 @@ func (ic *IAMClient) listInlinePolicies(identity string, object string) []Policy RoleName: &identity, }) if errors.As(err, &re) { - logging.HandleAWSError(re, "IAM - Policies", "GetRolePolicy") + ic.logger.Warn("Error on GetRolePolicy", "err", re) } decodedValue, _ = url.QueryUnescape(*inlinePolicy.PolicyDocument) case object == "user": @@ -98,7 +97,7 @@ func (ic *IAMClient) listInlinePolicies(identity string, object string) []Policy UserName: &identity, }) if errors.As(err, &re) { - logging.HandleAWSError(re, "IAM - Policies", "GetUserPolicy") + ic.logger.Warn("Error on GetUserPolicy", "err", re) } decodedValue, _ = url.QueryUnescape(*inlinePolicy.PolicyDocument) case object == "group": @@ -108,20 +107,20 @@ func (ic *IAMClient) listInlinePolicies(identity string, object string) []Policy GroupName: &identity, }) if errors.As(err, &re) { - logging.HandleAWSError(re, "IAM - Policies", "GetGroupPolicy") + ic.logger.Warn("Error on GetGroupPolicy", "err", re) } decodedValue, _ = url.QueryUnescape(*inlinePolicy.PolicyDocument) default: - logging.HandleError(nil, "IAM - Policies", "FAILED: no user/role/group defined") + ic.logger.Warn("no user/role/group defined", "object", object) } err := json.Unmarshal([]byte(decodedValue), &policyVersionDocument) if err != nil { - logging.HandleError(nil, "IAM - Policies", "Error on Unmarshalling policyVersionDocument") + ic.logger.Warn("Error on Unmarshalling policyVersionDocument", "err", err) } policyVersionDocument.PolicyName = policies[i] policyVersionDocument.Validation = ic.ValidatePolicy(decodedValue) - expandActions(&policyVersionDocument, identity) + ic.expandActions(&policyVersionDocument, identity) inline = append(inline, policyVersionDocument) } @@ -140,7 +139,7 @@ func (ic *IAMClient) listPolicyVersions(policyArn *string) (policyVersions []Pol MaxItems: &maxItems, }) if errors.As(err, &re) { - logging.HandleAWSError(re, "IAM - Policies", "ListPolicyVersions") + ic.logger.Warn("Error on ListPolicyVersions", "err", re) } for _, policyVersion := range versions.Versions { @@ -149,12 +148,12 @@ func (ic *IAMClient) listPolicyVersions(policyArn *string) (policyVersions []Pol VersionId: policyVersion.VersionId, }) if errors.As(err, &re) { - logging.HandleAWSError(re, "IAM - Policies", "GetPolicyVersion") + ic.logger.Warn("Error on GetPolicyVersion", "err", re) } decodedValue, _ := url.QueryUnescape(*pv.PolicyVersion.Document) err = json.Unmarshal([]byte(decodedValue), &policyVersionDocument) if err != nil { - logging.HandleError(err, "IAM - Policies", "Umarshalling policyVersionDocument") + ic.logger.Warn("Error on Unmarshalling policyVersionDocument", "err", err) } policyVersions = append(policyVersions, PolicyVersion{ PolicyVersion: policyVersion, @@ -178,7 +177,7 @@ func (ic *IAMClient) listAttachedPolicies(identity string, object string) (attac RoleName: &identity, }) if errors.As(err, &re) { - logging.HandleAWSError(re, "IAM - Policies", "ListAttachedRolePolicies") + ic.logger.Warn("Error on ListAttachedRolePolicies", "err", re) } output = attachedPolicies.AttachedPolicies case object == "user": @@ -187,7 +186,7 @@ func (ic *IAMClient) listAttachedPolicies(identity string, object string) (attac UserName: &identity, }) if errors.As(err, &re) { - logging.HandleAWSError(re, "IAM - Policies", "ListAttachedUserPolicies") + ic.logger.Warn("Error on ListAttachedUserPolicies", "err", re) } output = attachedPolicies.AttachedPolicies case object == "group": @@ -196,21 +195,22 @@ func (ic *IAMClient) listAttachedPolicies(identity string, object string) (attac GroupName: &identity, }) if errors.As(err, &re) { - logging.HandleAWSError(re, "IAM - Policies", "ListAttachedGroupPolicies") + ic.logger.Warn("Error on ListAttachedGroupPolicies", "err", re) } output = attachedPolicies.AttachedPolicies default: - logging.HandleError(nil, "IAM - Policies", "FAILED: no user/role/group defined") + ic.logger.Warn("no user/role/group defined", "object", object) } + fmt.Println("Asdfasd") for _, policy := range output { policyVersions := ic.listPolicyVersions(policy.PolicyArn) policyDocument, errj := json.Marshal(policyVersions[0].Document) if errj != nil { - logging.HandleError(errj, "IAM - Policies", "Umarshalling policyVersions[0].Document") + ic.logger.Warn("Error on Unmarshalling policyVersionDocument", "err", errj) } - expandActions(&policyVersions[0].Document, identity) + ic.expandActions(&policyVersions[0].Document, identity) findings := ic.ValidatePolicy(string(policyDocument)) attached = append(attached, AttachedPolicies{ AttachedPolicy: policy, @@ -222,7 +222,7 @@ func (ic *IAMClient) listAttachedPolicies(identity string, object string) (attac return } -func expandActions(policy *PolicyDocument, identity any) { +func (ic *IAMClient) expandActions(policy *PolicyDocument, identity any) { for i, statement := range policy.Statement { var realActions []string @@ -238,14 +238,7 @@ func expandActions(policy *PolicyDocument, identity any) { realActions = append(realActions, getActionsStartingWith(v)...) default: policyJSON, _ := json.Marshal(policy) - logging.HandleError( - nil, - "IAM - Policies", - fmt.Sprintf("expandActions\nError: wrong syntax on policy statement %v\nPlease check your policies for \"%v\" principal or open an issue\ntype: %v", - string(policyJSON), - identity, - v), - false) + ic.logger.Warn("Error: wrong syntax on policy statement", "statement", string(policyJSON), "identity", identity, "type", v) } } @@ -262,14 +255,7 @@ func expandActions(policy *PolicyDocument, identity any) { realActions = removeFromList(realActions, getActionsStartingWith(v)) default: policyJSON, _ := json.Marshal(policy) - logging.HandleError( - nil, - "IAM - Policies", - fmt.Sprintf("expandActions\nError: wrong syntax on policy statement %v\nPlease check your policies for \"%v\" principal or open an issue\ntype: %v", - string(policyJSON), - identity, - v), - false) + ic.logger.Warn("Error: wrong syntax on policy statement", "statement", string(policyJSON), "identity", identity, "type", v) } } diff --git a/pkg/connector/services/aws/iam/roles.go b/pkg/connector/services/aws/iam/roles.go index 6065ab6..47d11b9 100644 --- a/pkg/connector/services/aws/iam/roles.go +++ b/pkg/connector/services/aws/iam/roles.go @@ -17,16 +17,16 @@ import ( // aws iam list-roles and aws iam list-instance-profiles func ListRoles(cfg aws.Config) (roles []*Role) { - iamClient = IAMClient{Config: cfg, client: iam.NewFromConfig(cfg)} + iamClient = IAMClient{Config: cfg, client: iam.NewFromConfig(cfg), logger: logging.GetLogManager()} - roles = iter.Map(listRoles(), func(role *types.Role) *Role { + roles = iter.Map(iamClient.listRoles(), func(role *types.Role) *Role { var assumeRoleDocument = PolicyDocument{} var instanceProfileRef = "" var instanceProfileArn = "" decodedValue, _ := url.QueryUnescape(*role.AssumeRolePolicyDocument) err := json.Unmarshal([]byte(decodedValue), &assumeRoleDocument) if err != nil { - logging.HandleError(err, "IAM - Roles", "Umarshalling assumeRoleDocument") + iamClient.logger.Warn("Error unmarshalling assumeRoleDocument", "err", err) } // Sort Service object in the AssumeRolePolicyDocument; useful to diff different JSON outputs @@ -55,7 +55,7 @@ func ListRoles(cfg aws.Config) (roles []*Role) { } sort.Strings(assumableBy) - for _, instanceProfile := range listInstanceProfiles() { + for _, instanceProfile := range iamClient.listInstanceProfiles() { for _, r := range instanceProfile.Roles { if aws.ToString(r.RoleId) == aws.ToString(role.RoleId) { instanceProfileRef = aws.ToString(instanceProfile.InstanceProfileId) @@ -84,7 +84,7 @@ func ListRoles(cfg aws.Config) (roles []*Role) { return } -func listRoles() []types.Role { +func (ic *IAMClient) listRoles() []types.Role { var ( marker *string collectedRoles []types.Role @@ -96,7 +96,7 @@ func listRoles() []types.Role { MaxItems: aws.Int32(300), }) if errors.As(err, &re) { - logging.HandleAWSError(re, "IAM - Roles", "ListRoles") + ic.logger.Warn("Error on ListRoles", "err", re) } collectedRoles = append(collectedRoles, roleOutput.Roles...) @@ -108,7 +108,7 @@ func listRoles() []types.Role { return collectedRoles } -func listInstanceProfiles() []types.InstanceProfile { +func (ic *IAMClient) listInstanceProfiles() []types.InstanceProfile { var ( marker *string collectedInstanceProfiles []types.InstanceProfile @@ -120,7 +120,7 @@ func listInstanceProfiles() []types.InstanceProfile { MaxItems: aws.Int32(300), }) if errors.As(err, &re) { - logging.HandleAWSError(re, "IAM - Roles", "ListInstanceProfiles") + ic.logger.Warn("Error on ListInstanceProfiles", "err", re) } collectedInstanceProfiles = append(collectedInstanceProfiles, roleOutput.InstanceProfiles...) diff --git a/pkg/connector/services/aws/iam/structs.go b/pkg/connector/services/aws/iam/structs.go index f8aacb7..2322929 100644 --- a/pkg/connector/services/aws/iam/structs.go +++ b/pkg/connector/services/aws/iam/structs.go @@ -9,11 +9,13 @@ import ( aat "github.com/aws/aws-sdk-go-v2/service/accessanalyzer/types" "github.com/aws/aws-sdk-go-v2/service/iam" "github.com/aws/aws-sdk-go-v2/service/iam/types" + "github.com/primait/nuvola/pkg/io/logging" ) type IAMClient struct { client *iam.Client Config aws.Config + logger logging.LogManager } type AAClient struct { diff --git a/pkg/connector/services/aws/iam/users.go b/pkg/connector/services/aws/iam/users.go index 99565a9..14988a7 100644 --- a/pkg/connector/services/aws/iam/users.go +++ b/pkg/connector/services/aws/iam/users.go @@ -67,6 +67,7 @@ func ListUsers(cfg aws.Config, credentialReport map[string]*CredentialReport) (u func listUsers() (collectedUsers []types.User) { var ( marker *string + logger = logging.GetLogManager() ) for { @@ -74,7 +75,7 @@ func listUsers() (collectedUsers []types.User) { Marker: marker, }) if errors.As(err, &re) { - logging.HandleAWSError(re, "IAM - Users", "ListUsers") + logger.Warn("Error on ListUsers", "err", re) } collectedUsers = append(collectedUsers, output.Users...) @@ -91,6 +92,7 @@ func GetCredentialReport(cfg aws.Config) (credentialReport map[string]*Credentia var ( countRetries = 0 maxRetries = 5 + logger = logging.GetLogManager() ) iamClient := iam.NewFromConfig(cfg) @@ -100,30 +102,30 @@ func GetCredentialReport(cfg aws.Config) (credentialReport map[string]*Credentia if re.HTTPStatusCode() == 410 { // Gone: https://http.cat/410 checkGen, err := iamClient.GenerateCredentialReport(context.TODO(), &iam.GenerateCredentialReportInput{}) if errors.As(err, &re) { - logging.HandleAWSError(re, "IAM - Users", "GenerateCredentialReport") + logger.Warn("Error on GenerateCredentialReport", "err", re) } log.Println("Credential Report generation requested...") for checkGen.State != "COMPLETE" { if countRetries >= maxRetries { - logging.HandleAWSError(re, "IAM - Policies", "GenerateCredentialReport") + logger.Warn("Error on GenerateCredentialReport", "err", re) } countRetries++ time.Sleep(5 * time.Second) checkGen, err = iamClient.GenerateCredentialReport(context.TODO(), &iam.GenerateCredentialReportInput{}) if errors.As(err, &re) { - logging.HandleAWSError(re, "IAM - Users", "GenerateCredentialReport") + logger.Warn("Error on GenerateCredentialReport", "err", re) } } return GetCredentialReport(cfg) } else { - logging.HandleAWSError(re, "IAM - Users", "GetCredentialReport") + logger.Warn("Error on GetCredentialReport", "err", re) } return nil } credentialReportCSV := []*CredentialReport{} if err := gocsv.Unmarshal(bytes.NewReader(output.Content), &credentialReportCSV); err != nil { - logging.HandleError(err, "IAM - Users", "Umarshalling credentialReportCSV") + logging.GetLogManager().Warn("Error unmarshalling credentialReportCSV", "err", err) } credentialReport = make(map[string]*CredentialReport) @@ -138,7 +140,7 @@ func (ic *IAMClient) listAccessKeys(identity string) (accessKeys []types.AccessK UserName: &identity, }) if errors.As(err, &re) { - logging.HandleAWSError(re, "IAM - Users", "ListAccessKeys") + ic.logger.Warn("Error on ListAccessKeys", "err", re) } accessKeys = output.AccessKeyMetadata return @@ -150,7 +152,7 @@ func (ic *IAMClient) listLoginProfile(identity string) (loginProfile types.Login }) if errors.As(err, &re) { if re.HTTPStatusCode() != 404 { // an user may not have a login profile - logging.HandleAWSError(re, "IAM - Users", "GetLoginProfile") + ic.logger.Warn("Error on GetLoginProfile", "err", re) } return } diff --git a/pkg/connector/services/aws/lambda/lambda.go b/pkg/connector/services/aws/lambda/lambda.go index c690767..4a78cdf 100644 --- a/pkg/connector/services/aws/lambda/lambda.go +++ b/pkg/connector/services/aws/lambda/lambda.go @@ -17,7 +17,7 @@ import ( // aws iam list-users func ListFunctions(cfg aws.Config) (lambdas []*Lambda) { - var lambdaClient = LambdaClient{Config: cfg} + var lambdaClient = LambdaClient{Config: cfg, logger: logging.GetLogManager()} for i := range ec2.Regions { cfg.Region = ec2.Regions[i] @@ -32,16 +32,18 @@ func (lc *LambdaClient) listFunctionsForRegion() (lambdas []*Lambda) { output, err := lc.client.ListFunctions(context.TODO(), &lambda.ListFunctionsInput{}) if errors.As(err, &re) { - logging.HandleAWSError(re, "Lambda", "ListFunctions") + lc.logger.Warn("Error on ListFunctions", "err", re) } - lambdas = iter.Map(output.Functions, func(lambda *types.FunctionConfiguration) *Lambda { - return &Lambda{ - FunctionConfiguration: *lambda, - FunctionCodeLocation: lc.getFunctionCodeLocation(aws.ToString(lambda.FunctionName)), - Policy: lc.getPolicy(aws.ToString(lambda.FunctionName)), - } - }) + if output != nil { + lambdas = iter.Map(output.Functions, func(lambda *types.FunctionConfiguration) *Lambda { + return &Lambda{ + FunctionConfiguration: *lambda, + FunctionCodeLocation: lc.getFunctionCodeLocation(aws.ToString(lambda.FunctionName)), + Policy: lc.getPolicy(aws.ToString(lambda.FunctionName)), + } + }) + } return } @@ -50,7 +52,7 @@ func (lc *LambdaClient) getFunctionCodeLocation(name string) types.FunctionCodeL FunctionName: &name, }) if errors.As(err, &re) { - logging.HandleAWSError(re, "Lambda", "GetFunction") + lc.logger.Warn("Error on GetFunction", "err", re) } return *output.Code @@ -64,15 +66,15 @@ func (lc *LambdaClient) getPolicy(name string) (policyDocument lambdaPolicyDocum }) if errors.As(err, &re) { if re.HTTPStatusCode() != 404 { // Function can't have a policy - logging.HandleAWSError(re, "Lambda", "GetPolicy") + lc.logger.Warn("Error on GetPolicy", "err", re) } return policyDocument } - if output.Policy != nil { + if output != nil && output.Policy != nil { err := json.Unmarshal([]byte(aws.ToString(output.Policy)), &policyDocument) if err != nil { - logging.HandleError(err, "Lambda", "Umarshalling policyDocument") + lc.logger.Warn("Error unmarshalling policyDocument", "err", err) } } diff --git a/pkg/connector/services/aws/lambda/structs.go b/pkg/connector/services/aws/lambda/structs.go index 1bd4d01..56dd6aa 100644 --- a/pkg/connector/services/aws/lambda/structs.go +++ b/pkg/connector/services/aws/lambda/structs.go @@ -5,6 +5,7 @@ import ( "github.com/aws/aws-sdk-go-v2/aws/transport/http" "github.com/aws/aws-sdk-go-v2/service/lambda" "github.com/aws/aws-sdk-go-v2/service/lambda/types" + "github.com/primait/nuvola/pkg/io/logging" ) type Lambda struct { @@ -16,6 +17,7 @@ type Lambda struct { type LambdaClient struct { client *lambda.Client Config aws.Config + logger logging.LogManager } type statement struct { diff --git a/pkg/connector/services/aws/s3/s3.go b/pkg/connector/services/aws/s3/s3.go index 03a4ce1..c2bca55 100644 --- a/pkg/connector/services/aws/s3/s3.go +++ b/pkg/connector/services/aws/s3/s3.go @@ -18,13 +18,13 @@ import ( ) func ListBuckets(cfg aws.Config) (buckets []*Bucket) { - s3Client := S3Client{Config: cfg, client: s3.NewFromConfig(cfg, func(o *s3.Options) { + s3Client := S3Client{Config: cfg, logger: logging.GetLogManager(), client: s3.NewFromConfig(cfg, func(o *s3.Options) { o.UsePathStyle = true })} output, err := s3Client.client.ListBuckets(context.TODO(), &s3.ListBucketsInput{}) if errors.As(err, &re) { - logging.HandleAWSError(re, "S3", "ListBuckets") + s3Client.logger.Warn("Error on ListBuckets", "err", re) } buckets = iter.Map(output.Buckets, func(bucket *types.Bucket) *Bucket { @@ -72,7 +72,7 @@ func (sc *S3Client) getBucketPolicy(bucket *string) (policy s3PolicyDocument) { } if errors.As(err, &re) { - if out := handleErrors(err, retry); out != nil { + if out := sc.handleErrors(err, retry); out != nil { output = out.(*s3.GetBucketPolicyOutput) } } @@ -80,7 +80,7 @@ func (sc *S3Client) getBucketPolicy(bucket *string) (policy s3PolicyDocument) { if output != nil { err := json.Unmarshal([]byte(aws.ToString(output.Policy)), &policy) if err != nil { - logging.HandleError(err, "S3", "getBucketPolicy") + sc.logger.Warn("Error unmarshalling getBucketPolicy", "err", err) } } return @@ -106,7 +106,7 @@ func (sc *S3Client) listBucketACL(bucket *string) (grants []types.Grant) { } if errors.As(err, &re) { - if out := handleErrors(err, retry); out != nil { + if out := sc.handleErrors(err, retry); out != nil { output = out.(*s3.GetBucketAclOutput) } } @@ -137,7 +137,7 @@ func (sc *S3Client) getEncryptionStatus(bucket *string) bool { } if errors.As(err, &re) { - if out := handleErrors(err, retry); out != nil { + if out := sc.handleErrors(err, retry); out != nil { output = out.(*s3.GetBucketEncryptionOutput) } } @@ -145,7 +145,7 @@ func (sc *S3Client) getEncryptionStatus(bucket *string) bool { return output != nil } -func handleErrors(err error, retry func() interface{}) (output interface{}) { +func (sc *S3Client) handleErrors(err error, retry func() interface{}) (output interface{}) { var re *awshttp.ResponseError if errors.As(err, &re) { @@ -162,7 +162,7 @@ func handleErrors(err error, retry func() interface{}) (output interface{}) { return retry() } default: - logging.HandleAWSError(re, "S3", "handleErrors") + sc.logger.Warn("Error on S3", "err", re) } } return diff --git a/pkg/connector/services/aws/s3/structs.go b/pkg/connector/services/aws/s3/structs.go index 3570cec..dedd034 100644 --- a/pkg/connector/services/aws/s3/structs.go +++ b/pkg/connector/services/aws/s3/structs.go @@ -5,11 +5,13 @@ import ( awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http" "github.com/aws/aws-sdk-go-v2/service/s3" "github.com/aws/aws-sdk-go-v2/service/s3/types" + "github.com/primait/nuvola/pkg/io/logging" ) type S3Client struct { client *s3.Client Config aws.Config + logger logging.LogManager } // Override SDK S3 Bucket type diff --git a/pkg/connector/services/aws/structs.go b/pkg/connector/services/aws/structs.go index 40ae144..f57f36b 100644 --- a/pkg/connector/services/aws/structs.go +++ b/pkg/connector/services/aws/structs.go @@ -2,6 +2,7 @@ package awsconnector import ( "github.com/aws/aws-sdk-go-v2/aws" + "github.com/primait/nuvola/pkg/io/logging" ) // Struct for Policy structured output instead of SDK url-encoded string @@ -31,6 +32,7 @@ import ( type AWSConfig struct { Profile string aws.Config + logger logging.LogManager } // This is far from perfect: only User, Group, Role and Policy is supported and action with multiple targets are simply "*" diff --git a/pkg/connector/services/aws/sts/sts.go b/pkg/connector/services/aws/sts/sts.go index d9183b9..1f15478 100644 --- a/pkg/connector/services/aws/sts/sts.go +++ b/pkg/connector/services/aws/sts/sts.go @@ -14,10 +14,12 @@ import ( func Whoami(cfg aws.Config) *sts.GetCallerIdentityOutput { var re *http.ResponseError + logger := logging.GetLogManager() output, err := sts.NewFromConfig(cfg).GetCallerIdentity(context.TODO(), &sts.GetCallerIdentityInput{}) if errors.As(err, &re) { - logging.HandleAWSError(re, "STS", "GetCallerIdentity") + logger.Warn("Error on GetCallerIdentity", "err", re) } + logger.Info("sts get-caller-identity", "account", aws.ToString(output.Account), "arn", aws.ToString(output.Arn)) return output } diff --git a/pkg/connector/services/neo4j/neo4j.go b/pkg/connector/services/neo4j/neo4j.go index b562853..86fca4c 100644 --- a/pkg/connector/services/neo4j/neo4j.go +++ b/pkg/connector/services/neo4j/neo4j.go @@ -2,7 +2,6 @@ package neo4j_connector import ( "context" - "fmt" "time" "github.com/neo4j/neo4j-go-driver/v5/neo4j" @@ -15,6 +14,7 @@ import ( type Neo4jClient struct { Driver neo4j.DriverWithContext err error + logger logging.LogManager } var logLevel = log.Level(log.WARNING) @@ -26,7 +26,7 @@ var useConsoleLogger = func(level log.Level) func(config *config.Config) { } func Connect(url, username, password string) (*Neo4jClient, error) { - nc := &Neo4jClient{} + nc := &Neo4jClient{logger: logging.GetLogManager()} nc.Driver, nc.err = neo4j.NewDriverWithContext(url, neo4j.BasicAuth(username, password, ""), useConsoleLogger(logLevel), func(c *config.Config) { c.SocketConnectTimeout = 5 * time.Second c.MaxConnectionLifetime = 30 * time.Minute @@ -116,7 +116,7 @@ func (nc *Neo4jClient) Query(query string, arguments map[string]interface{}) []m return results, result.Err() }) if err != nil { - logging.HandleError(err, "Neo4j - Query", fmt.Sprintf("Error on executing query %s with %s", query, arguments)) + nc.logger.Warn("Error on executing query", "err", err, "query", query, "arguments", arguments) } return results.([]map[string]interface{}) diff --git a/pkg/connector/services/neo4j/tools.go b/pkg/connector/services/neo4j/tools.go index 3fdd238..b713dee 100644 --- a/pkg/connector/services/neo4j/tools.go +++ b/pkg/connector/services/neo4j/tools.go @@ -11,7 +11,6 @@ import ( servicesIAM "github.com/primait/nuvola/pkg/connector/services/aws/iam" servicesLambda "github.com/primait/nuvola/pkg/connector/services/aws/lambda" servicesS3 "github.com/primait/nuvola/pkg/connector/services/aws/s3" - "github.com/primait/nuvola/pkg/io/logging" "github.com/sourcegraph/conc/iter" ec2types "github.com/aws/aws-sdk-go-v2/service/ec2/types" @@ -91,7 +90,7 @@ func (nc *Neo4jClient) createPolicyRelationships(idPolicy int64, statements *[]s items = append(items, item) parseResources(statement.Resource, service, action, strconv.Itoa(int(idPolicy)), principal) default: - logging.HandleError(nil, "Neo4j", fmt.Sprintf("createPolicyRelationships - case not implemented for %v of type: %v", statement.Action, v)) + nc.logger.Warn("createPolicyRelationships - case not implemented", "action", statement.Action, "type", v) } // Append all actions of this statement to the UNWIND map @@ -115,7 +114,7 @@ func (nc *Neo4jClient) createPolicyRelationships(idPolicy int64, statements *[]s }) if err != nil { - logging.HandleError(err, "Neo4j - createPolicyRelationships", "Error on executing query") + nc.logger.Warn("Error on executing query createPolicyRelationships", "err", err, "arguments", actions) } } } diff --git a/pkg/connector/services/neo4j/writer.go b/pkg/connector/services/neo4j/writer.go index 050c9fa..21f5b70 100644 --- a/pkg/connector/services/neo4j/writer.go +++ b/pkg/connector/services/neo4j/writer.go @@ -10,7 +10,6 @@ import ( servicesIAM "github.com/primait/nuvola/pkg/connector/services/aws/iam" servicesLambda "github.com/primait/nuvola/pkg/connector/services/aws/lambda" servicesS3 "github.com/primait/nuvola/pkg/connector/services/aws/s3" - "github.com/primait/nuvola/pkg/io/logging" "strings" @@ -91,7 +90,7 @@ func (nc *Neo4jClient) createGroup(group servicesIAM.Group) int64 { }) if err != nil { - logging.HandleError(err, "Neo4j - createGroup", fmt.Sprintf("Error on executing query %s", query)) + nc.logger.Error("Error on executing query", "err", err, "query", query, "arguments", group) } return idGroup.(int64) } @@ -128,7 +127,7 @@ func (nc *Neo4jClient) createPolicyGroup(idGroup int64, policyArn string, name s }) if err != nil { - logging.HandleError(err, "Neo4j - createPolicyGroup", fmt.Sprintf("Error on executing query %s", query)) + nc.logger.Error("Error on executing query", "err", err, "query", query) } return idPolicy.(int64) } @@ -165,7 +164,7 @@ func (nc *Neo4jClient) createUser(user servicesIAM.User) int64 { }) if err != nil { - logging.HandleError(err, "Neo4j - createUser", fmt.Sprintf("Error on executing query %s", query)) + nc.logger.Error("Error on executing query", "err", err, "query", query, "arguments", user) } for g := 0; g < len(user.Groups); g++ { @@ -197,7 +196,7 @@ func (nc *Neo4jClient) createUser(user servicesIAM.User) int64 { return result.Consume(context.TODO()) }) if err != nil { - logging.HandleError(err, "Neo4j - createUser", fmt.Sprintf("Error on executing query %s", query)) + nc.logger.Error("Error on executing query", "err", err, "query", query) } } @@ -236,7 +235,7 @@ func (nc *Neo4jClient) createPolicyUser(idUser int64, policyArn string, name str }) if err != nil { - logging.HandleError(err, "Neo4j - createPolicyUser", fmt.Sprintf("Error on executing query %s", query)) + nc.logger.Error("Error on executing query", "err", err, "query", query) } return idPolicy.(int64) } @@ -272,7 +271,7 @@ func (nc *Neo4jClient) createRole(role servicesIAM.Role) int64 { }) if err != nil { - logging.HandleError(err, "Neo4j - createRole", fmt.Sprintf("Error on executing query %s", query)) + nc.logger.Error("Error on executing query", "err", err, "query", query, "arguments", role) } return idRole.(int64) } @@ -309,7 +308,7 @@ func (nc *Neo4jClient) createPolicyRole(idRole int64, policyArn string, name str }) if err != nil { - logging.HandleError(err, "Neo4j - createPolicyRole", fmt.Sprintf("Error on executing query %s", query)) + nc.logger.Error("Error on executing query", "err", err, "query", query) } return idPolicy.(int64) } @@ -329,7 +328,7 @@ func (nc *Neo4jClient) AddObjects(result map[string]interface{}, query string) { }) if err != nil { - logging.HandleError(err, "Neo4j - AddObjects", fmt.Sprintf("Error on executing query %s", query)) + nc.logger.Error("Error on executing query", "err", err, "query", query) } } @@ -368,7 +367,7 @@ func (nc *Neo4jClient) addLinksToResources(service string, property string) { }) if err != nil { - logging.HandleError(err, "Neo4j - addLinksToResources", fmt.Sprintf("Error on executing query %s", query)) + nc.logger.Error("Error on executing query", "err", err, "query", query) } } @@ -420,7 +419,7 @@ func (nc *Neo4jClient) AddLinksToResourcesIAM() { }) if err != nil { - logging.HandleError(err, "Neo4j - AddLinksToResourcesIAM", fmt.Sprintf("Error on executing query %s with %v", query, out)) + nc.logger.Error("Error on executing query", "err", err, "query", query) } } @@ -448,7 +447,7 @@ func (nc *Neo4jClient) AddEC2(instances *[]servicesEC2.Instance) { MERGE (n)-[:USES]->(role)", {batchSize:10000, parallel:true, iterateList:true})` _, err := session.Run(context.TODO(), linkInstanceProfiles, nil) if err != nil { - logging.HandleError(err, "Neo4j - AddEC2", fmt.Sprintf("Error on executing query %s", linkInstanceProfiles)) + nc.logger.Error("Error on executing query", "err", err, "query", query, "arguments", linkInstanceProfiles) } nc.addLinksToResources("ec2", "InstanceId") } @@ -493,7 +492,7 @@ func (nc *Neo4jClient) AddLambda(lambdas *[]servicesLambda.Lambda) { {batchSize:10000, parallel:true, iterateList:true})` _, err := session.Run(context.TODO(), linkRoles, nil) if err != nil { - logging.HandleError(err, "Neo4j - AddLambda", fmt.Sprintf("Error on executing query %s", linkRoles)) + nc.logger.Error("Error on executing query", "err", err, "query", query, "arguments", linkRoles) } linkVpcs := `call apoc.periodic.iterate( @@ -502,7 +501,7 @@ func (nc *Neo4jClient) AddLambda(lambdas *[]servicesLambda.Lambda) { {batchSize:10000, parallel:true, iterateList:true})` _, err = session.Run(context.TODO(), linkVpcs, nil) if err != nil { - logging.HandleError(err, "Neo4j - AddLambda", fmt.Sprintf("Error on executing query %s", linkVpcs)) + nc.logger.Error("Error on executing query", "err", err, "query", query, "arguments", linkVpcs) } nc.addLinksToResources("lambda", "FunctionName") } @@ -542,6 +541,6 @@ func (nc *Neo4jClient) AddRedshift(redshifts *[]servicesDatabase.RedshiftDB) { {batchSize:10000, parallel:true, iterateList:true})` _, err := session.Run(context.TODO(), linkVpcs, nil) if err != nil { - logging.HandleError(err, "Neo4j - AddRedshift", fmt.Sprintf("Error on executing query %s", linkVpcs)) + nc.logger.Error("Error on executing query", "err", err, "query", query, "arguments", linkVpcs) } } diff --git a/pkg/io/logging/logging.go b/pkg/io/logging/base_logging.go similarity index 65% rename from pkg/io/logging/logging.go rename to pkg/io/logging/base_logging.go index ff62836..f32e26b 100644 --- a/pkg/io/logging/logging.go +++ b/pkg/io/logging/base_logging.go @@ -20,6 +20,10 @@ type LogManager interface { Error(message interface{}, keyvals ...interface{}) PrettyJSON(s interface{}) []byte JSON(s interface{}) []byte + PrintRed(s string) + PrintDarkGreen(s string) + PrintGreen(s string) + PrintColored(s string, c color.Attribute) } type logManager struct { @@ -29,13 +33,13 @@ type logManager struct { const INDENT_SPACES int = 4 var ( - logger *logManager - once sync.Once + instance *logManager + once sync.Once ) func GetLogManager() LogManager { once.Do(func() { - logger = &logManager{ + instance = &logManager{ logger: log.NewWithOptions(os.Stdout, log.Options{ CallerOffset: 1, Level: log.WarnLevel, @@ -46,7 +50,7 @@ func GetLogManager() LogManager { } }) - return logger + return instance } func (lm *logManager) SetVerboseLevel() { @@ -77,10 +81,7 @@ func (lm *logManager) Error(message interface{}, keyvals ...interface{}) { func (lm *logManager) PrettyJSON(s interface{}) []byte { data, err := json.MarshalIndent(s, "", strings.Repeat(" ", INDENT_SPACES)) if err != nil { - if _, ok := err.(*json.UnsupportedTypeError); ok { - lm.Error("Tried to Marshal invalid type", "err", err) - } - lm.Error("Struct does not exist", "err", err) + lm.handleJSONError(err) } return data } @@ -88,31 +89,14 @@ func (lm *logManager) PrettyJSON(s interface{}) []byte { func (lm *logManager) JSON(s interface{}) []byte { data, err := json.Marshal(s) if err != nil { - if _, ok := err.(*json.UnsupportedTypeError); ok { - lm.Error("Tried to Marshal invalid type", "err", err) - } - lm.Error("Struct does not exist", "err", err) + lm.handleJSONError(err) } return data } -func PrintRed(s string) { - _, err := color.New(color.FgHiRed).Println(s) - if err != nil { - HandleError(err, "Clioutput - PrintRed", "Error on printing colored string") - } -} - -func PrintGreen(s string) { - _, err := color.New(color.FgHiGreen).Println(s) - if err != nil { - HandleError(err, "Clioutput - PrintRed", "Error on printing colored string") - } -} - -func PrintDarkGreen(s string) { - _, err := color.New(color.FgGreen).Println(s) - if err != nil { - HandleError(err, "Clioutput - PrintRed", "Error on printing colored string") +func (lm *logManager) handleJSONError(err error) { + if _, ok := err.(*json.UnsupportedTypeError); ok { + lm.Error("Tried to Marshal invalid type", "err", err) } + lm.Error("Struct does not exist", "err", err) } diff --git a/pkg/io/logging/colored_logging.go b/pkg/io/logging/colored_logging.go new file mode 100644 index 0000000..05ed083 --- /dev/null +++ b/pkg/io/logging/colored_logging.go @@ -0,0 +1,22 @@ +package logging + +import "github.com/fatih/color" + +func (lm *logManager) PrintColored(s string, c color.Attribute) { + _, err := color.New(c).Println(s) + if err != nil { + lm.Error("Error on printing colored string", "err", err) + } +} + +func (lm *logManager) PrintRed(s string) { + lm.PrintColored(s, color.FgHiRed) +} + +func (lm *logManager) PrintGreen(s string) { + lm.PrintColored(s, color.FgHiGreen) +} + +func (lm *logManager) PrintDarkGreen(s string) { + lm.PrintColored(s, color.FgGreen) +} diff --git a/pkg/io/logging/handlerrors.go b/pkg/io/logging/handlerrors.go deleted file mode 100644 index 393447c..0000000 --- a/pkg/io/logging/handlerrors.go +++ /dev/null @@ -1,27 +0,0 @@ -package logging - -import ( - "runtime" - - "github.com/aws/aws-sdk-go-v2/aws/transport/http" -) - -func HandleAWSError(err *http.ResponseError, service string, operation string) { - logger.Warn(runtime.Caller(1)) - switch err.Response.StatusCode { - case 403: - logger.Warn("service", service, "operation", operation, "status", err.HTTPStatusCode(), "err", "permission denied") - default: - logger.Warn("service", service, "operation", operation, "status", err.HTTPStatusCode(), "error", err.ResponseError, "err", err.Unwrap()) - } -} - -func HandleError(err error, service string, operation string, exitonError ...bool) { - _, file, line, _ := runtime.Caller(1) - logger.Warn("Error pointer: %s:%d\n", file, line) - if len(exitonError) >= 1 && !exitonError[0] { - logger.Warn("service", service, "operation", operation, "err", err) - } else { - logger.Error("service", service, "operation", operation, "err", err) - } -}