Skip to content

Commit

Permalink
Bump gopsutil to v4
Browse files Browse the repository at this point in the history
v3 is no longer maintained other than for security fixes. The breaking
change in v4 that impacts our code is that `process.Uids()` and
`process.Gids()` now returns values of type `uint32` instead of `int32`.

Signed-off-by: Ryan Turner <ryan.turner253@icloud.com>
  • Loading branch information
rturner3 committed Dec 13, 2024
1 parent 65d6f00 commit c83de52
Show file tree
Hide file tree
Showing 7 changed files with 26 additions and 30 deletions.
4 changes: 2 additions & 2 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ require (
github.com/mitchellh/cli v1.1.5
github.com/open-policy-agent/opa v0.70.0
github.com/prometheus/client_golang v1.20.5
github.com/shirou/gopsutil/v3 v3.24.5
github.com/shirou/gopsutil/v4 v4.24.11
github.com/sigstore/cosign/v2 v2.4.1
github.com/sigstore/rekor v1.3.7
github.com/sigstore/sigstore v1.8.11
Expand Down Expand Up @@ -152,6 +152,7 @@ require (
github.com/docker/go-connections v0.4.0 // indirect
github.com/docker/go-units v0.5.0 // indirect
github.com/dustin/go-humanize v1.0.1 // indirect
github.com/ebitengine/purego v0.8.1 // indirect
github.com/emicklei/go-restful/v3 v3.11.0 // indirect
github.com/envoyproxy/protoc-gen-validate v1.1.0 // indirect
github.com/evanphx/json-patch/v5 v5.9.0 // indirect
Expand Down Expand Up @@ -265,7 +266,6 @@ require (
github.com/secure-systems-lab/go-securesystemslib v0.8.0 // indirect
github.com/segmentio/asm v1.2.0 // indirect
github.com/shibumi/go-pathspec v1.3.0 // indirect
github.com/shoenig/go-m1cpu v0.1.6 // indirect
github.com/shopspring/decimal v1.4.0 // indirect
github.com/sigstore/protobuf-specs v0.3.2 // indirect
github.com/sigstore/timestamp-authority v1.2.2 // indirect
Expand Down
10 changes: 4 additions & 6 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -736,6 +736,8 @@ github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4
github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY=
github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
github.com/ebitengine/purego v0.8.1 h1:sdRKd6plj7KYW33EH5As6YKfe8m9zbN9JMrOjNVF/BE=
github.com/ebitengine/purego v0.8.1/go.mod h1:iIjxzd6CiRiOG0UyXP+V1+jWqUXVjPKLAI0mRfJZTmQ=
github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g=
github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
github.com/emicklei/proto v1.12.1 h1:6n/Z2pZAnBwuhU66Gs8160B8rrrYKo7h2F2sCOnNceE=
Expand Down Expand Up @@ -1356,12 +1358,8 @@ github.com/segmentio/ksuid v1.0.4 h1:sBo2BdShXjmcugAMwjugoGUdUV0pcxY5mW4xKRn3v4c
github.com/segmentio/ksuid v1.0.4/go.mod h1:/XUiZBD3kVx5SmUOl55voK5yeAbBNNIed+2O73XgrPE=
github.com/shibumi/go-pathspec v1.3.0 h1:QUyMZhFo0Md5B8zV8x2tesohbb5kfbpTi9rBnKh5dkI=
github.com/shibumi/go-pathspec v1.3.0/go.mod h1:Xutfslp817l2I1cZvgcfeMQJG5QnU2lh5tVaaMCl3jE=
github.com/shirou/gopsutil/v3 v3.24.5 h1:i0t8kL+kQTvpAYToeuiVk3TgDeKOFioZO3Ztz/iZ9pI=
github.com/shirou/gopsutil/v3 v3.24.5/go.mod h1:bsoOS1aStSs9ErQ1WWfxllSeS1K5D+U30r2NfcubMVk=
github.com/shoenig/go-m1cpu v0.1.6 h1:nxdKQNcEB6vzgA2E2bvzKIYRuNj7XNJ4S/aRSwKzFtM=
github.com/shoenig/go-m1cpu v0.1.6/go.mod h1:1JJMcUBvfNwpq05QDQVAnx3gUHr9IYF7GNg9SUEw2VQ=
github.com/shoenig/test v0.6.4 h1:kVTaSd7WLz5WZ2IaoM0RSzRsUD+m8wRR+5qvntpn4LU=
github.com/shoenig/test v0.6.4/go.mod h1:byHiCGXqrVaflBLAMq/srcZIHynQPQgeyvkvXnjqq0k=
github.com/shirou/gopsutil/v4 v4.24.11 h1:WaU9xqGFKvFfsUv94SXcUPD7rCkU0vr/asVdQOBZNj8=
github.com/shirou/gopsutil/v4 v4.24.11/go.mod h1:s4D/wg+ag4rG0WO7AiTj2BeYCRhym0vM7DHbZRxnIT8=
github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=
github.com/shopspring/decimal v1.4.0 h1:bxl37RwXBklmTi0C79JfXCEBD1cqqHt0bbgBAGFp81k=
github.com/shopspring/decimal v1.4.0/go.mod h1:gawqmDU56v4yIKSwfBSFip1HdCCXN8/+DMd9qYNcwME=
Expand Down
6 changes: 3 additions & 3 deletions pkg/agent/plugin/workloadattestor/unix/unix_posix.go
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ import (

"github.com/hashicorp/go-hclog"
"github.com/hashicorp/hcl"
"github.com/shirou/gopsutil/v3/process"
"github.com/shirou/gopsutil/v4/process"
workloadattestorv1 "github.com/spiffe/spire-plugin-sdk/proto/spire/plugin/agent/workloadattestor/v1"
configv1 "github.com/spiffe/spire-plugin-sdk/proto/spire/service/common/config/v1"
"github.com/spiffe/spire/pkg/common/catalog"
Expand All @@ -34,8 +34,8 @@ func builtin(p *Plugin) catalog.BuiltIn {
}

type processInfo interface {
Uids() ([]int32, error)
Gids() ([]int32, error)
Uids() ([]uint32, error)
Gids() ([]uint32, error)
Groups() ([]string, error)
Exe() (string, error)
NamespacedExe() string
Expand Down
26 changes: 12 additions & 14 deletions pkg/agent/plugin/workloadattestor/unix/unix_posix_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -23,9 +23,7 @@ import (
"google.golang.org/grpc/codes"
)

var (
ctx = context.Background()
)
var ctx = context.Background()

func TestPlugin(t *testing.T) {
spiretest.Run(t, new(Suite))
Expand Down Expand Up @@ -261,7 +259,7 @@ func (s *Suite) TestAttest() {
}

func (s *Suite) writeFile(path string, data []byte) {
s.Require().NoError(os.WriteFile(filepath.Join(s.dir, path), data, 0600))
s.Require().NoError(os.WriteFile(filepath.Join(s.dir, path), data, 0o600))
}

func (s *Suite) loadPlugin(t *testing.T, trustDomain string, config string) workloadattestor.WorkloadAttestor {
Expand Down Expand Up @@ -292,35 +290,35 @@ type fakeProcess struct {
dir string
}

func (p fakeProcess) Uids() ([]int32, error) {
func (p fakeProcess) Uids() ([]uint32, error) {
switch p.pid {
case 1:
return []int32{}, nil
return []uint32{}, nil
case 2:
return nil, fmt.Errorf("unable to get UIDs for PID %d", p.pid)
case 3:
return []int32{1999}, nil
return []uint32{1999}, nil
case 4, 5, 6, 7, 9, 10, 11, 12, 13, 14:
return []int32{1000}, nil
return []uint32{1000}, nil
case 8:
return []int32{1000, 1100}, nil
return []uint32{1000, 1100}, nil
default:
return nil, fmt.Errorf("unhandled uid test case %d", p.pid)
}
}

func (p fakeProcess) Gids() ([]int32, error) {
func (p fakeProcess) Gids() ([]uint32, error) {
switch p.pid {
case 4:
return []int32{}, nil
return []uint32{}, nil
case 5:
return nil, fmt.Errorf("unable to get GIDs for PID %d", p.pid)
case 6:
return []int32{2999}, nil
return []uint32{2999}, nil
case 3, 7, 9, 10, 11, 12, 13, 14:
return []int32{2000}, nil
return []uint32{2000}, nil
case 8:
return []int32{2000, 2100}, nil
return []uint32{2000, 2100}, nil
default:
return nil, fmt.Errorf("unhandled gid test case %d", p.pid)
}
Expand Down
2 changes: 1 addition & 1 deletion pkg/server/api/middleware/audit.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ package middleware
import (
"context"

"github.com/shirou/gopsutil/v3/process"
"github.com/shirou/gopsutil/v4/process"
"github.com/sirupsen/logrus"
"github.com/spiffe/spire/pkg/common/peertracker"
"github.com/spiffe/spire/pkg/common/telemetry"
Expand Down
6 changes: 3 additions & 3 deletions pkg/server/api/middleware/audit_posix.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
package middleware

import (
"github.com/shirou/gopsutil/v3/process"
"github.com/shirou/gopsutil/v4/process"
"github.com/sirupsen/logrus"
"github.com/spiffe/spire/pkg/common/telemetry"
"google.golang.org/grpc/codes"
Expand All @@ -27,7 +27,7 @@ func setFields(p *process.Process, fields logrus.Fields) error {
return nil
}

func getUID(p *process.Process) (int32, error) {
func getUID(p *process.Process) (uint32, error) {
uids, err := p.Uids()
if err != nil {
return 0, status.Errorf(codes.Internal, "failed UIDs lookup: %v", err)
Expand All @@ -43,7 +43,7 @@ func getUID(p *process.Process) (int32, error) {
}
}

func getGID(p *process.Process) (int32, error) {
func getGID(p *process.Process) (uint32, error) {
gids, err := p.Gids()
if err != nil {
return 0, status.Errorf(codes.Internal, "failed GIDs lookup: %v", err)
Expand Down
2 changes: 1 addition & 1 deletion pkg/server/api/middleware/audit_windows.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ package middleware
import (
"fmt"

"github.com/shirou/gopsutil/v3/process"
"github.com/shirou/gopsutil/v4/process"
"github.com/sirupsen/logrus"
"github.com/spiffe/spire/pkg/common/telemetry"
"golang.org/x/sys/windows"
Expand Down

0 comments on commit c83de52

Please sign in to comment.