From 78c9dddb25dabd707ff0fec9ccd2c4c05438cf1e Mon Sep 17 00:00:00 2001 From: Dean Coakley Date: Thu, 16 Nov 2023 15:28:03 +0000 Subject: [PATCH] Improve error messages. Debug. Tweak permissions --- .../nginx-app-protect/nap/nap_metadata.go | 23 +++++++++++++------ .../nap/nap_metadata_test.go | 5 ++-- .../nginx-app-protect/nap/nap_metadata.go | 23 +++++++++++++------ 3 files changed, 35 insertions(+), 16 deletions(-) diff --git a/src/extensions/nginx-app-protect/nap/nap_metadata.go b/src/extensions/nginx-app-protect/nap/nap_metadata.go index 92cbec038c..c9e8f92a04 100644 --- a/src/extensions/nginx-app-protect/nap/nap_metadata.go +++ b/src/extensions/nginx-app-protect/nap/nap_metadata.go @@ -11,6 +11,7 @@ import ( "encoding/json" "errors" "os" + "fmt" "path/filepath" "github.com/nginx/agent/sdk/v2" @@ -33,11 +34,11 @@ func UpdateMetadata( data, err := os.ReadFile(appProtectWAFDetails.GetWafLocation()) if err != nil { if !errors.Is(err, os.ErrNotExist) { - return err + return fmt.Errorf("failed to update metadata: %v", err) } } else { if err := json.Unmarshal(data, &previousMeta); err != nil { - return err + return fmt.Errorf("failed to unmarshal current metadata: %v", err) } previousPrecompiledPublication = previousMeta.PrecompiledPublication } @@ -53,7 +54,6 @@ func UpdateMetadata( policies, profiles := sdk.GetAppProtectPolicyAndSecurityLogFilesWithIgnoreDirectives(cfg, ignoreDirectives) policyBundles := []*BundleMetadata{} - profileBundles := []*BundleMetadata{} for _, policy := range policies { bundle := &BundleMetadata{ @@ -61,6 +61,9 @@ func UpdateMetadata( } policyBundles = append(policyBundles, bundle) } + + profileBundles := []*BundleMetadata{} + for _, profile := range profiles { bundle := &BundleMetadata{ Name: profile, @@ -84,21 +87,27 @@ func UpdateMetadata( m, err := json.Marshal(metadata) if err != nil { - return err + return fmt.Errorf("failed to marshal metadata update: %v", err) } // Make dir if not exists directory := filepath.Dir(appProtectWAFDetails.GetWafLocation()) _, err = os.Stat(directory) if os.IsNotExist(err) { - err = os.MkdirAll(directory, 0o644) + err = os.MkdirAll(directory, 0o755) if err != nil { - return err + return fmt.Errorf("failed to create directory for metadata update: %v", err) } } log.Debugf("Writing NAP Metadata %s", m) - return os.WriteFile(appProtectWAFDetails.GetWafLocation(), m, 0o644) + + err = os.WriteFile(appProtectWAFDetails.GetWafLocation(), m, 0o664) + if err != nil { + return fmt.Errorf("failed to write NAP Metadata update: %v", err ) + } + + return nil } // metadataAreEqual compares the metadata for equality diff --git a/src/extensions/nginx-app-protect/nap/nap_metadata_test.go b/src/extensions/nginx-app-protect/nap/nap_metadata_test.go index 6ab13e4928..2e0333ce9c 100644 --- a/src/extensions/nginx-app-protect/nap/nap_metadata_test.go +++ b/src/extensions/nginx-app-protect/nap/nap_metadata_test.go @@ -171,9 +171,10 @@ func TestUpdateNapMetadata(t *testing.T) { WafLocation: metadataFile, PrecompiledPublication: tc.precompPub, } - ignoreDirecitves := []string{} + + ignoreDirectives = []string{} - err = UpdateMetadata(cfg, appProtectWAFDetails, ignoreDirecitves) + err = UpdateMetadata(cfg, appProtectWAFDetails, ignoreDirectives) assert.NoError(t, err) data, err := os.ReadFile(metadataFile) diff --git a/test/performance/vendor/github.com/nginx/agent/v2/src/extensions/nginx-app-protect/nap/nap_metadata.go b/test/performance/vendor/github.com/nginx/agent/v2/src/extensions/nginx-app-protect/nap/nap_metadata.go index 92cbec038c..c9e8f92a04 100644 --- a/test/performance/vendor/github.com/nginx/agent/v2/src/extensions/nginx-app-protect/nap/nap_metadata.go +++ b/test/performance/vendor/github.com/nginx/agent/v2/src/extensions/nginx-app-protect/nap/nap_metadata.go @@ -11,6 +11,7 @@ import ( "encoding/json" "errors" "os" + "fmt" "path/filepath" "github.com/nginx/agent/sdk/v2" @@ -33,11 +34,11 @@ func UpdateMetadata( data, err := os.ReadFile(appProtectWAFDetails.GetWafLocation()) if err != nil { if !errors.Is(err, os.ErrNotExist) { - return err + return fmt.Errorf("failed to update metadata: %v", err) } } else { if err := json.Unmarshal(data, &previousMeta); err != nil { - return err + return fmt.Errorf("failed to unmarshal current metadata: %v", err) } previousPrecompiledPublication = previousMeta.PrecompiledPublication } @@ -53,7 +54,6 @@ func UpdateMetadata( policies, profiles := sdk.GetAppProtectPolicyAndSecurityLogFilesWithIgnoreDirectives(cfg, ignoreDirectives) policyBundles := []*BundleMetadata{} - profileBundles := []*BundleMetadata{} for _, policy := range policies { bundle := &BundleMetadata{ @@ -61,6 +61,9 @@ func UpdateMetadata( } policyBundles = append(policyBundles, bundle) } + + profileBundles := []*BundleMetadata{} + for _, profile := range profiles { bundle := &BundleMetadata{ Name: profile, @@ -84,21 +87,27 @@ func UpdateMetadata( m, err := json.Marshal(metadata) if err != nil { - return err + return fmt.Errorf("failed to marshal metadata update: %v", err) } // Make dir if not exists directory := filepath.Dir(appProtectWAFDetails.GetWafLocation()) _, err = os.Stat(directory) if os.IsNotExist(err) { - err = os.MkdirAll(directory, 0o644) + err = os.MkdirAll(directory, 0o755) if err != nil { - return err + return fmt.Errorf("failed to create directory for metadata update: %v", err) } } log.Debugf("Writing NAP Metadata %s", m) - return os.WriteFile(appProtectWAFDetails.GetWafLocation(), m, 0o644) + + err = os.WriteFile(appProtectWAFDetails.GetWafLocation(), m, 0o664) + if err != nil { + return fmt.Errorf("failed to write NAP Metadata update: %v", err ) + } + + return nil } // metadataAreEqual compares the metadata for equality