Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Close gRPC connections & use tickers #1146

Merged
merged 2 commits into from
May 26, 2023
Merged

Close gRPC connections & use tickers #1146

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
6cedab9
Close gRPC connections & use tickers
noboruma May 26, 2023
4f3a011
Fix more leaks on scanner clients
noboruma May 26, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 6 additions & 2 deletions deepfence_agent/tools/apache/scope/probe/appclient/openapi_client_controls.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,9 +48,11 @@ func (ct *OpenapiClient) StartControlsWatching(nodeId string, isClusterAgent boo
req := ct.API().ControlsAPI.GetKubernetesClusterControls(context.Background())
agentId := openapi.NewModelAgentId(getMaxAllocatable(), nodeId)
req = req.ModelAgentId(*agentId)
ticker := time.NewTicker(time.Second * time.Duration(ct.PublishInterval()/2))
for {
ticker.Reset(time.Second * time.Duration(ct.PublishInterval()/2))
select {
case <-time.After(time.Second * time.Duration(ct.PublishInterval()/2)):
case <-ticker.C:
case <-ct.stopControlListening:
break
}
Expand Down Expand Up @@ -78,9 +80,11 @@ func (ct *OpenapiClient) StartControlsWatching(nodeId string, isClusterAgent boo
req := ct.API().ControlsAPI.GetAgentControls(context.Background())
agentId := openapi.NewModelAgentId(getMaxAllocatable(), nodeId)
req = req.ModelAgentId(*agentId)
ticker := time.NewTicker(time.Second * time.Duration(ct.PublishInterval()/2))
for {
ticker.Reset(time.Second * time.Duration(ct.PublishInterval()/2))
select {
case <-time.After(time.Second * time.Duration(ct.PublishInterval()/2)):
case <-ticker.C:
case <-ct.stopControlListening:
break
}
Expand Down
10 changes: 7 additions & 3 deletions deepfence_agent/tools/apache/scope/probe/host/generate_sbom.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ func init() {
}
}

func createPackageScannerClient() (pb.PackageScannerClient, error) {
func createPackageScannerConn() (*grpc.ClientConn, error) {
maxMsgSize := 1024 * 1024 * 1 // 1 mb
conn, err := grpc.Dial(
"unix://"+packageScannerSocket,
Expand All @@ -38,7 +38,7 @@ func createPackageScannerClient() (pb.PackageScannerClient, error) {
if err != nil {
return nil, err
}
return pb.NewPackageScannerClient(conn), nil
return conn, nil
}

func GenerateSbomForVulnerabilityScan(nodeType, imageName, imageId, scanId, containerId,
Expand All @@ -47,10 +47,13 @@ func GenerateSbomForVulnerabilityScan(nodeType, imageName, imageId, scanId, cont

hostName := scopeHostname.Get()

packageScannerClient, err := createPackageScannerClient()
conn, err := createPackageScannerConn()
if err != nil {
return err
}
defer conn.Close()

packageScannerClient := pb.NewPackageScannerClient(conn)
var source string
if nodeType == "host" {
source = scanPath
Expand Down Expand Up @@ -159,6 +162,7 @@ func GetPackageScannerJobCount() int32 {
log.Errorf("error in creating package scanner client: %s", err.Error())
return 0
}
defer conn.Close()
client := pb.NewScannersClient(conn)
jobReport, err := client.ReportJobsStatus(context.Background(), &pb.Empty{})
if err != nil {
Expand Down
22 changes: 10 additions & 12 deletions deepfence_agent/tools/apache/scope/probe/host/malware_scanner.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -87,11 +87,18 @@ func StartMalwareScan(req ctl.StartMalwareScanRequest) error {
}
}

ssClient, err := newMalwareScannerClient()
conn, err := grpc.Dial("unix://"+ebpfMalwareSocketPath, grpc.WithAuthority("dummy"),
grpc.WithInsecure())
if err != nil {
fmt.Printf("error in creating malware scanner client: %s\n", err.Error())
return err
}
_, err = ssClient.FindMalwareInfo(context.Background(), &greq)
defer conn.Close()
client := pb.NewMalwareScannerClient(conn)
if err != nil {
return err
}
_, err = client.FindMalwareInfo(context.Background(), &greq)
if err != nil {
return err
}
Expand All @@ -101,23 +108,14 @@ func StartMalwareScan(req ctl.StartMalwareScanRequest) error {
return nil
}

func newMalwareScannerClient() (pb.MalwareScannerClient, error) {
conn, err := grpc.Dial("unix://"+ebpfMalwareSocketPath, grpc.WithAuthority("dummy"),
grpc.WithInsecure())
if err != nil {
fmt.Printf("error in creating malware scanner client: %s\n", err.Error())
return nil, err
}
return pb.NewMalwareScannerClient(conn), nil
}

func GetMalwareScannerJobCount() int32 {
conn, err := grpc.Dial("unix://"+ebpfMalwareSocketPath, grpc.WithAuthority("dummy"),
grpc.WithInsecure())
if err != nil {
fmt.Printf("error in creating malware scanner client: %s\n", err.Error())
return 0
}
defer conn.Close()
client := pb.NewScannersClient(conn)
jobReport, err := client.ReportJobsStatus(context.Background(), &pb.Empty{})
if err != nil {
Expand Down
17 changes: 6 additions & 11 deletions deepfence_agent/tools/apache/scope/probe/host/secret_scanner.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,11 +76,15 @@ func StartSecretsScan(req ctl.StartSecretScanRequest) error {
}
}

ssClient, err := newSecretScannerClient()
conn, err := grpc.Dial("unix://"+ebpfSocketPath, grpc.WithAuthority("dummy"),
grpc.WithInsecure())
if err != nil {
fmt.Printf("error in creating secret scanner client: %s\n", err.Error())
return err
}
defer conn.Close()

ssClient := pb.NewSecretScannerClient(conn)
_, err = ssClient.FindSecretInfo(context.Background(), &greq)

if err != nil {
Expand All @@ -92,23 +96,14 @@ func StartSecretsScan(req ctl.StartSecretScanRequest) error {
return nil
}

func newSecretScannerClient() (pb.SecretScannerClient, error) {
conn, err := grpc.Dial("unix://"+ebpfSocketPath, grpc.WithAuthority("dummy"),
grpc.WithInsecure())
if err != nil {
fmt.Printf("error in creating secret scanner client: %s\n", err.Error())
return nil, err
}
return pb.NewSecretScannerClient(conn), nil
}

func GetSecretScannerJobCount() int32 {
conn, err := grpc.Dial("unix://"+ebpfSocketPath, grpc.WithAuthority("dummy"),
grpc.WithInsecure())
if err != nil {
fmt.Printf("error in creating secret scanner client: %s\n", err.Error())
return 0
}
defer conn.Close()
client := pb.NewScannersClient(conn)
jobReport, err := client.ReportJobsStatus(context.Background(), &pb.Empty{})
if err != nil {
Expand Down
5 changes: 3 additions & 2 deletions deepfence_agent/tools/apache/scope/probe/real_probe.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,11 +23,12 @@ func (p *Probe) publishLoop() {
startTime := time.Now()
publishCount := 0
var lastFullReport report.Report

ticker := time.NewTicker(time.Second * time.Duration(p.publisher.PublishInterval()))
for {
var err error
ticker.Reset(time.Second * time.Duration(p.publisher.PublishInterval()))
select {
case <-time.After(time.Second * time.Duration(p.publisher.PublishInterval())):
case <-ticker.C:
rpt, count := p.drainAndSanitise(report.MakeReport(), p.spiedReports)
if count == 0 {
continue // No data has been collected - don't bother publishing.
Expand Down