feat(prebuild): add err reporting to builder & directive tasks.

2024-05-25 22:30:20 +01:00 · 2024-05-25 22:30:20 +01:00 · 02e3334949
commit 02e3334949
parent 865ce4c66b
19 changed files with 108 additions and 53 deletions
--- a/pkg/prebuild/builder/abi.go
+++ b/pkg/prebuild/builder/abi.go
@ -30,6 +30,6 @@ func init() {
 	})
 }
-func (b ABI3) Apply(profile string) string {
+func (b ABI3) Apply(profile string) (string, error) {
-	return regAbi4To3.Replace(profile)
+	return regAbi4To3.Replace(profile), nil
 }
--- a/pkg/prebuild/builder/complain.go
+++ b/pkg/prebuild/builder/complain.go
@ -30,13 +30,13 @@ func init() {
 	})
 }
-func (b Complain) Apply(profile string) string {
+func (b Complain) Apply(profile string) (string, error) {
 	flags := []string{}
 	matches := regFlags.FindStringSubmatch(profile)
 	if len(matches) != 0 {
 		flags = strings.Split(matches[1], ",")
 		if slices.Contains(flags, "complain") {
-			return profile
+			return profile, nil
 		}
 	}
 	flags = append(flags, "complain")
@ -44,5 +44,5 @@ func (b Complain) Apply(profile string) string {
 	// Remove all flags definition, then set manifest' flags
 	profile = regFlags.ReplaceAllLiteralString(profile, "")
-	return regProfileHeader.ReplaceAllLiteralString(profile, strFlags)
+	return regProfileHeader.ReplaceAllLiteralString(profile, strFlags), nil
 }
--- a/pkg/prebuild/builder/core.go
+++ b/pkg/prebuild/builder/core.go
@ -21,7 +21,7 @@ var (
 // Main directive interface
 type Builder interface {
 	cfg.BaseInterface
-	Apply(profile string) string
+	Apply(profile string) (string, error)
 }
 func Register(names ...string) {
--- a/pkg/prebuild/builder/core_test.go
+++ b/pkg/prebuild/builder/core_test.go
@ -15,6 +15,7 @@ func TestBuilder_Apply(t *testing.T) {
 		b       Builder
 		profile string
 		want    string
 		wantErr bool
 	}{
 		{
 			name: "abi3",
@ -237,7 +238,12 @@ func TestBuilder_Apply(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			if got := tt.b.Apply(tt.profile); got != tt.want {
+			got, err := tt.b.Apply(tt.profile)
 			if (err != nil) != tt.wantErr {
 				t.Errorf("Builder.Apply() error = %v, wantErr %v", err, tt.wantErr)
 				return
 			}
 			if got != tt.want {
 				t.Errorf("Builder.Apply() = %v, want %v", got, tt.want)
 			}
 		})
--- a/pkg/prebuild/builder/dev.go
+++ b/pkg/prebuild/builder/dev.go
@ -31,6 +31,6 @@ func init() {
 	})
 }
-func (b Dev) Apply(profile string) string {
+func (b Dev) Apply(profile string) (string, error) {
-	return regDev.Replace(profile)
+	return regDev.Replace(profile), nil
 }
--- a/pkg/prebuild/builder/enforce.go
+++ b/pkg/prebuild/builder/enforce.go
@ -24,16 +24,16 @@ func init() {
 	})
 }
-func (b Enforce) Apply(profile string) string {
+func (b Enforce) Apply(profile string) (string, error) {
 	matches := regFlags.FindStringSubmatch(profile)
 	if len(matches) == 0 {
-		return profile
+		return profile, nil
 	}
 	flags := strings.Split(matches[1], ",")
 	idx := slices.Index(flags, "complain")
 	if idx == -1 {
-		return profile
+		return profile, nil
 	}
 	flags = slices.Delete(flags, idx, idx+1)
 	strFlags := "{"
@ -43,5 +43,5 @@ func (b Enforce) Apply(profile string) string {
 	// Remove all flags definition, then set new flags
 	profile = regFlags.ReplaceAllLiteralString(profile, "")
-	return regProfileHeader.ReplaceAllLiteralString(profile, strFlags)
+	return regProfileHeader.ReplaceAllLiteralString(profile, strFlags), nil
 }
--- a/pkg/prebuild/builder/fsp.go
+++ b/pkg/prebuild/builder/fsp.go
@ -28,6 +28,6 @@ func init() {
 	})
 }
-func (b FullSystemPolicy) Apply(profile string) string {
+func (b FullSystemPolicy) Apply(profile string) (string, error) {
-	return regFullSystemPolicy.Replace(profile)
+	return regFullSystemPolicy.Replace(profile), nil
 }
--- a/pkg/prebuild/builder/userspace.go
+++ b/pkg/prebuild/builder/userspace.go
@ -29,7 +29,7 @@ func init() {
 	})
 }
-func (b Userspace) Apply(profile string) string {
+func (b Userspace) Apply(profile string) (string, error) {
 	p := aa.DefaultTunables()
 	p.ParseVariables(profile)
 	p.ResolveAttachments()
@ -37,7 +37,7 @@ func (b Userspace) Apply(profile string) string {
 	matches := regAttachments.FindAllString(profile, -1)
 	if len(matches) > 0 {
 		strheader := strings.Replace(matches[0], "@{exec_path}", att, -1)
-		return regAttachments.ReplaceAllLiteralString(profile, strheader)
+		return regAttachments.ReplaceAllLiteralString(profile, strheader), nil
 	}
-	return profile
+	return profile, nil
 }
--- a/pkg/prebuild/directive/core.go
+++ b/pkg/prebuild/directive/core.go
@ -26,7 +26,7 @@ var (
 // Main directive interface
 type Directive interface {
 	cfg.BaseInterface
-	Apply(opt *Option, profile string) string
+	Apply(opt *Option, profile string) (string, error)
 }
 // Directive options
@ -65,14 +65,18 @@ func RegisterDirective(d Directive) {
 	Directives[d.Name()] = d
 }
-func Run(file *paths.Path, profile string) string {
+func Run(file *paths.Path, profile string) (string, error) {
 	var err error
 	for _, match := range regDirective.FindAllStringSubmatch(profile, -1) {
 		opt := NewOption(file, match)
 		drtv, ok := Directives[opt.Name]
 		if !ok {
-			panic(fmt.Sprintf("Unknown directive: %s", opt.Name))
+			return "", fmt.Errorf("Unknown directive: %s", opt.Name)
 		}
-		profile = drtv.Apply(opt, profile)
+		profile, err = drtv.Apply(opt, profile)
 		if err != nil {
 			return "", err
 		}
-	return profile
+	}
 	return profile, nil
 }
--- a/pkg/prebuild/directive/core_test.go
+++ b/pkg/prebuild/directive/core_test.go
@ -70,6 +70,7 @@ func TestRun(t *testing.T) {
 		file    *paths.Path
 		profile string
 		want    string
 		wantErr bool
 	}{
 		{
 			name:    "none",
@ -86,7 +87,12 @@ func TestRun(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			if got := Run(tt.file, tt.profile); got != tt.want {
+			got, err := Run(tt.file, tt.profile)
 			if (err != nil) != tt.wantErr {
 				t.Errorf("Run() error = %v, wantErr %v", err, tt.wantErr)
 				return
 			}
 			if got != tt.want {
 				t.Errorf("Run() = %v, want %v", got, tt.want)
 			}
 		})
--- a/pkg/prebuild/directive/dbus.go
+++ b/pkg/prebuild/directive/dbus.go
@ -50,10 +50,13 @@ func setInterfaces(rules map[string]string) []string {
 	return interfaces
 }
-func (d Dbus) Apply(opt *Option, profile string) string {
+func (d Dbus) Apply(opt *Option, profile string) (string, error) {
 	var r aa.Rules
-	action := d.sanityCheck(opt)
+	action, err := d.sanityCheck(opt)
 	if err != nil {
 		return "", err
 	}
 	switch action {
 	case "own":
 		r = d.own(opt.ArgMap)
@ -68,26 +71,26 @@ func (d Dbus) Apply(opt *Option, profile string) string {
 	lenDbus := len(generatedDbus)
 	generatedDbus = generatedDbus[:lenDbus-1]
 	profile = strings.Replace(profile, opt.Raw, generatedDbus, -1)
-	return profile
+	return profile, nil
 }
-func (d Dbus) sanityCheck(opt *Option) string {
+func (d Dbus) sanityCheck(opt *Option) (string, error) {
 	if len(opt.ArgList) < 1 {
-		panic(fmt.Sprintf("Unknown dbus action: %s in %s", opt.Name, opt.File))
+		return "", fmt.Errorf("Unknown dbus action: %s in %s", opt.Name, opt.File)
 	}
 	action := opt.ArgList[0]
 	if action != "own" && action != "talk" {
-		panic(fmt.Sprintf("Unknown dbus action: %s in %s", opt.Name, opt.File))
+		return "", fmt.Errorf("Unknown dbus action: %s in %s", opt.Name, opt.File)
 	}
 	if _, present := opt.ArgMap["name"]; !present {
-		panic(fmt.Sprintf("Missing name for 'dbus: %s' in %s", action, opt.File))
+		return "", fmt.Errorf("Missing name for 'dbus: %s' in %s", action, opt.File)
 	}
 	if _, present := opt.ArgMap["bus"]; !present {
-		panic(fmt.Sprintf("Missing bus for '%s' in %s", opt.ArgMap["name"], opt.File))
+		return "", fmt.Errorf("Missing bus for '%s' in %s", opt.ArgMap["name"], opt.File)
 	}
 	if _, present := opt.ArgMap["label"]; !present && action == "talk" {
-		panic(fmt.Sprintf("Missing label for '%s' in %s", opt.ArgMap["name"], opt.File))
+		return "", fmt.Errorf("Missing label for '%s' in %s", opt.ArgMap["name"], opt.File)
 	}
 	// Set default values
@ -95,7 +98,7 @@ func (d Dbus) sanityCheck(opt *Option) string {
 		opt.ArgMap["path"] = "/" + strings.Replace(opt.ArgMap["name"], ".", "/", -1) + "{,/**}"
 	}
 	opt.ArgMap["name"] += "{,.*}"
-	return action
+	return action, nil
 }
 func (d Dbus) own(rules map[string]string) aa.Rules {
--- a/pkg/prebuild/directive/dbus_test.go
+++ b/pkg/prebuild/directive/dbus_test.go
@ -38,6 +38,7 @@ func TestDbus_Apply(t *testing.T) {
 		opt     *Option
 		profile string
 		want    string
 		wantErr bool
 	}{
 		{
 			name: "own",
@ -137,7 +138,12 @@ func TestDbus_Apply(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			if got := Directives["dbus"].Apply(tt.opt, tt.profile); got != tt.want {
+			got, err := Directives["dbus"].Apply(tt.opt, tt.profile)
 			if (err != nil) != tt.wantErr {
 				t.Errorf("Dbus.Apply() error = %v, wantErr %v", err, tt.wantErr)
 				return
 			}
 			if got != tt.want {
 				t.Errorf("Dbus.Apply() = %v, want %v", got, tt.want)
 			}
 		})
--- a/pkg/prebuild/directive/exec.go
+++ b/pkg/prebuild/directive/exec.go
@ -27,7 +27,7 @@ func init() {
 	})
 }
-func (d Exec) Apply(opt *Option, profileRaw string) string {
+func (d Exec) Apply(opt *Option, profileRaw string) (string, error) {
 	transition := "Px"
 	transitions := []string{"P", "U", "p", "u", "PU", "pu"}
 	t := opt.ArgList[0]
@ -60,5 +60,5 @@ func (d Exec) Apply(opt *Option, profileRaw string) string {
 	rules.Sort()
 	new := rules.String()
 	new = new[:len(new)-1]
-	return strings.Replace(profileRaw, opt.Raw, new, -1)
+	return strings.Replace(profileRaw, opt.Raw, new, -1), nil
 }
--- a/pkg/prebuild/directive/exec_test.go
+++ b/pkg/prebuild/directive/exec_test.go
@ -18,6 +18,7 @@ func TestExec_Apply(t *testing.T) {
 		opt           *Option
 		profile       string
 		want          string
 		wantErr       bool
 	}{
 		{
 			name:          "exec",
@ -51,7 +52,12 @@ func TestExec_Apply(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			cfg.RootApparmord = tt.rootApparmord
-			if got := Directives["exec"].Apply(tt.opt, tt.profile); got != tt.want {
+			got, err := Directives["exec"].Apply(tt.opt, tt.profile)
 			if (err != nil) != tt.wantErr {
 				t.Errorf("Exec.Apply() error = %v, wantErr %v", err, tt.wantErr)
 				return
 			}
 			if got != tt.want {
 				t.Errorf("Exec.Apply() = |%v|, want |%v|", got, tt.want)
 			}
 		})
--- a/pkg/prebuild/directive/filter.go
+++ b/pkg/prebuild/directive/filter.go
@ -41,12 +41,12 @@ func filterRuleForUs(opt *Option) bool {
 	return slices.Contains(opt.ArgList, cfg.Distribution) || slices.Contains(opt.ArgList, cfg.Family)
 }
-func filter(only bool, opt *Option, profile string) string {
+func filter(only bool, opt *Option, profile string) (string, error) {
 	if only && filterRuleForUs(opt) {
-		return profile
+		return profile, nil
 	}
 	if !only && !filterRuleForUs(opt) {
-		return profile
+		return profile, nil
 	}
 	inline := true
@ -64,13 +64,13 @@ func filter(only bool, opt *Option, profile string) string {
 		regRemoveParagraph := regexp.MustCompile(`(?s)` + opt.Raw + `\n.*?\n\n`)
 		profile = regRemoveParagraph.ReplaceAllString(profile, "")
 	}
-	return profile
+	return profile, nil
 }
-func (d FilterOnly) Apply(opt *Option, profile string) string {
+func (d FilterOnly) Apply(opt *Option, profile string) (string, error) {
 	return filter(true, opt, profile)
 }
-func (d FilterExclude) Apply(opt *Option, profile string) string {
+func (d FilterExclude) Apply(opt *Option, profile string) (string, error) {
 	return filter(false, opt, profile)
 }
--- a/pkg/prebuild/directive/filter_test.go
+++ b/pkg/prebuild/directive/filter_test.go
@ -18,6 +18,7 @@ func TestFilterOnly_Apply(t *testing.T) {
 		opt     *Option
 		profile string
 		want    string
 		wantErr bool
 	}{
 		{
 			name:   "inline",
@ -79,7 +80,12 @@ func TestFilterOnly_Apply(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			cfg.Distribution = tt.dist
 			cfg.Family = tt.family
-			if got := Directives["only"].Apply(tt.opt, tt.profile); got != tt.want {
+			got, err := Directives["only"].Apply(tt.opt, tt.profile)
 			if (err != nil) != tt.wantErr {
 				t.Errorf("FilterOnly.Apply() error = %v, wantErr %v", err, tt.wantErr)
 				return
 			}
 			if got != tt.want {
 				t.Errorf("FilterOnly.Apply() = %v, want %v", got, tt.want)
 			}
 		})
@ -94,6 +100,7 @@ func TestFilterExclude_Apply(t *testing.T) {
 		opt     *Option
 		profile string
 		want    string
 		wantErr bool
 	}{
 		{
 			name:   "inline",
@ -128,7 +135,12 @@ func TestFilterExclude_Apply(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			cfg.Distribution = tt.dist
 			cfg.Family = tt.family
-			if got := Directives["exclude"].Apply(tt.opt, tt.profile); got != tt.want {
+			got, err := Directives["exclude"].Apply(tt.opt, tt.profile)
 			if (err != nil) != tt.wantErr {
 				t.Errorf("FilterExclude.Apply() error = %v, wantErr %v", err, tt.wantErr)
 				return
 			}
 			if got != tt.want {
 				t.Errorf("FilterExclude.Apply() = %v, want %v", got, tt.want)
 			}
 		})
--- a/pkg/prebuild/directive/stack.go
+++ b/pkg/prebuild/directive/stack.go
@ -38,13 +38,13 @@ func init() {
 	})
 }
-func (s Stack) Apply(opt *Option, profile string) string {
+func (s Stack) Apply(opt *Option, profile string) (string, error) {
 	res := ""
 	for name := range opt.ArgMap {
 		stackedProfile := util.MustReadFile(cfg.RootApparmord.Join(name))
 		m := regRules.FindStringSubmatch(stackedProfile)
 		if len(m) < 2 {
-			panic(fmt.Sprintf("No profile found in %s", name))
+			return "", fmt.Errorf("No profile found in %s", name)
 		}
 		stackedRules := m[1]
 		stackedRules = regCleanStakedRules.Replace(stackedRules)
@ -54,9 +54,9 @@ func (s Stack) Apply(opt *Option, profile string) string {
 	// Insert the stacked profile at the end of the current profile, remove the stack directive
 	m := regEndOfRules.FindStringSubmatch(profile)
 	if len(m) <= 1 {
-		panic(fmt.Sprintf("No end of rules found in %s", opt.File))
+		return "", fmt.Errorf("No end of rules found in %s", opt.File)
 	}
 	profile = strings.Replace(profile, m[0], res+m[0], -1)
 	profile = strings.Replace(profile, opt.Raw, "", -1)
-	return profile
+	return profile, nil
 }
--- a/pkg/prebuild/directive/stack_test.go
+++ b/pkg/prebuild/directive/stack_test.go
@ -18,6 +18,7 @@ func TestStack_Apply(t *testing.T) {
 		opt           *Option
 		profile       string
 		want          string
 		wantErr       bool
 	}{
 		{
 			name:          "stack",
@ -68,7 +69,12 @@ profile parent @{exec_path} {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			cfg.RootApparmord = tt.rootApparmord
-			if got := Directives["stack"].Apply(tt.opt, tt.profile); got != tt.want {
+			got, err := Directives["stack"].Apply(tt.opt, tt.profile)
 			if (err != nil) != tt.wantErr {
 				t.Errorf("Stack.Apply() error = %v, wantErr %v", err, tt.wantErr)
 				return
 			}
 			if got != tt.want {
 				t.Errorf("Stack.Apply() = %v, want %v", got, tt.want)
 			}
 		})
--- a/pkg/prebuild/prebuild.go
+++ b/pkg/prebuild/prebuild.go
@ -84,9 +84,15 @@ func Build() error {
 			return err
 		}
 		for _, b := range builder.Builds {
-			profile = b.Apply(profile)
+			profile, err = b.Apply(profile)
 			if err != nil {
 				return err
 			}
 		}
 		profile, err = directive.Run(file, profile)
 		if err != nil {
 			return err
 		}
 		profile = directive.Run(file, profile)
 		if err := file.WriteFile([]byte(profile)); err != nil {
 			return err
 		}