Merge pull request #41 from kubescape/feature/silent-logs

Feature/silent logs

go.mod

@@ -14,8 +14,11 @@ require (
 
 require (
 	github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed // indirect
+	github.com/jinzhu/inflection v1.0.0 // indirect
+	github.com/jinzhu/now v1.1.5 // indirect
 	github.com/rogpeppe/go-internal v1.12.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
+	gorm.io/gorm v1.25.2-0.20230530020048-26663ab9bf55
 )
 
 require (
@@ -27,7 +30,7 @@ require (
 	github.com/eapache/go-resiliency v1.4.0 // indirect
 	github.com/eapache/go-xerial-snappy v0.0.0-20230731223053-c322873962e3 // indirect
 	github.com/eapache/queue v1.1.0 // indirect
-	github.com/go-sql-driver/mysql v1.7.1
+	github.com/go-sql-driver/mysql v1.7.1 // indirect
 	github.com/gocql/gocql v1.6.0
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
@@ -54,7 +57,7 @@ require (
 	go.etcd.io/etcd/api/v3 v3.5.11 // indirect
 	go.etcd.io/etcd/client/pkg/v3 v3.5.11 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
-	go.uber.org/zap v1.26.0 // indirect
+	go.uber.org/zap v1.26.0
 	golang.org/x/crypto v0.18.0 // indirect
 	golang.org/x/net v0.20.0 // indirect
 	golang.org/x/sync v0.4.0 // indirect
@@ -63,8 +66,9 @@ require (
 	google.golang.org/genproto v0.0.0-20240116215550-a9fa1716bcac // indirect
 	google.golang.org/genproto/googleapis/api v0.0.0-20240116215550-a9fa1716bcac // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20240116215550-a9fa1716bcac // indirect
-	google.golang.org/grpc v1.60.1
+	google.golang.org/grpc v1.60.1 // indirect
 	google.golang.org/protobuf v1.32.0 // indirect
+	gorm.io/driver/mysql v1.5.2
 )
 
 replace github.com/coreos/bbolt => go.etcd.io/bbolt v1.3.8

go.sum

@@ -26,6 +26,7 @@ github.com/fortytw2/leaktest v1.3.0 h1:u8491cBMTQ8ft8aeV+adlcytMZylmA5nnwwkRZjI8
 github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
 github.com/go-redis/redis/v8 v8.11.5 h1:AcZZR7igkdvfVmQTPnu9WE37LRrO/YrBH5zWyjDC0oI=
 github.com/go-redis/redis/v8 v8.11.5/go.mod h1:gREzHqY1hg6oD9ngVRbLStwAWKhA0FEgq8Jd4h5lpwo=
+github.com/go-sql-driver/mysql v1.7.0/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
 github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI=
 github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
 github.com/gocql/gocql v1.6.0 h1:IdFdOTbnpbd0pDhl4REKQDM+Q0SzKXQ1Yh+YZZ8T/qU=
@@ -68,6 +69,10 @@ github.com/jcmturner/gokrb5/v8 v8.4.4 h1:x1Sv4HaTpepFkXbt2IkL29DXRf8sOfZXo8eRKh6
 github.com/jcmturner/gokrb5/v8 v8.4.4/go.mod h1:1btQEpgT6k+unzCwX1KdWMEwPPkkgBtP+F6aCACiMrs=
 github.com/jcmturner/rpc/v2 v2.0.3 h1:7FXXj8Ti1IaVFpSAziCZWNzbNuZmnvw/i6CqLNdWfZY=
 github.com/jcmturner/rpc/v2 v2.0.3/go.mod h1:VUJYCIDm3PVOEHw8sgt091/20OJjskO/YJki3ELg/Hc=
+github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E=
+github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc=
+github.com/jinzhu/now v1.1.5 h1:/o9tlHleP7gOFmsnYNz3RGnqzefHA47wQpKrrdTIwXQ=
+github.com/jinzhu/now v1.1.5/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8=
 github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
@@ -218,3 +223,7 @@ gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gorm.io/driver/mysql v1.5.2 h1:QC2HRskSE75wBuOxe0+iCkyJZ+RqpudsQtqkp+IMuXs=
+gorm.io/driver/mysql v1.5.2/go.mod h1:pQLhh1Ut/WUAySdTHwBpBv6+JKcj+ua4ZFx1QQTBzb8=
+gorm.io/gorm v1.25.2-0.20230530020048-26663ab9bf55 h1:sC1Xj4TYrLqg1n3AN10w871An7wJM0gzgcm8jkIkECQ=
+gorm.io/gorm v1.25.2-0.20230530020048-26663ab9bf55/go.mod h1:L4uxeKpfBml98NYqVqwAdmV1a2nBtAec/cf3fpucW/k=

pkg/networkscanner/servicediscovery/applicationlayerdiscovery/al_etcd.go

@@ -3,13 +3,11 @@ package applicationlayerdiscovery
 import (
 	"context"
 	"fmt"
-	"io"
 	"time"
 
 	"github.com/kubescape/kubescape-network-scanner/pkg/networkscanner/servicediscovery"
 	clientv3 "go.etcd.io/etcd/client/v3"
 	"go.uber.org/zap"
-	"google.golang.org/grpc/grpclog"
 )
 
 type EtcdDiscoveryResult struct {
@@ -63,14 +61,13 @@ func (d *EtcdDiscovery) Discover(sessionHandler servicediscovery.ISessionHandler
 		}, err
 	}
 	defer client.Close()
-	grpclog.SetLoggerV2(grpclog.NewLoggerV2(io.Discard, io.Discard, io.Discard))
 
 	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
 	_, err = client.Get(ctx, "/")
 	cancel()
 	if err != nil {
 		return &EtcdDiscoveryResult{
-			isDetected:      true,
+			isDetected:      false,
 			isAuthenticated: true,
 			properties:      nil,
 		}, nil

pkg/networkscanner/servicediscovery/applicationlayerdiscovery/al_mysql.go

@@ -1,22 +1,20 @@
 package applicationlayerdiscovery
 
 import (
-	"bytes"
-	"database/sql"
-	"encoding/binary"
 	"fmt"
 	"strings"
-	"time"
 
-	_ "github.com/go-sql-driver/mysql"
+	"gorm.io/driver/mysql"
+	"gorm.io/gorm"
+	"gorm.io/gorm/logger"
 
 	"github.com/kubescape/kubescape-network-scanner/pkg/networkscanner/servicediscovery"
 )
 
 type MysqlDiscoveryResult struct {
 	IsDetected      bool
-	isAuthenticated bool
-	properties      map[string]interface{}
+	IsAuthenticated bool
+	Properties      map[string]interface{}
 }
 
 type MysqlDiscovery struct{}
@@ -26,15 +24,15 @@ func (r *MysqlDiscoveryResult) Protocol() string {
 }
 
 func (r *MysqlDiscoveryResult) GetIsAuthRequired() bool {
-	return r.isAuthenticated
+	return r.IsAuthenticated
 }
 
 func (r *MysqlDiscoveryResult) GetIsDetected() bool {
 	return r.IsDetected
 }
 
 func (r *MysqlDiscoveryResult) GetProperties() map[string]interface{} {
-	return r.properties
+	return r.Properties
 }
 
 func (d *MysqlDiscovery) Protocol() string {
@@ -45,96 +43,38 @@ func (d *MysqlDiscovery) Discover(sessionHandler servicediscovery.ISessionHandle
 	dataSourceName := fmt.Sprintf("root:@tcp(%s:%d)/", sessionHandler.GetHost(), sessionHandler.GetPort())
 
 	// Attempt to open a connection
-	db, err := sql.Open("mysql", dataSourceName)
+	db, err := gorm.Open(mysql.Open(dataSourceName), &gorm.Config{
+		Logger: logger.Default.LogMode(logger.Silent),
+	})
 	if err != nil {
+		if strings.Contains(err.Error(), "Access denied for user") {
+			return &MysqlDiscoveryResult{
+				IsDetected:      true,
+				IsAuthenticated: true,
+				Properties:      nil,
+			}, nil
+		}
 		return &MysqlDiscoveryResult{
 			IsDetected:      false,
-			isAuthenticated: true,
-			properties:      nil, // Set properties to nil as it's not used in this case
+			IsAuthenticated: true,
+			Properties:      nil,
 		}, err
 	}
-	defer db.Close()
-	db.SetMaxIdleConns(0)
-	db.SetMaxOpenConns(1)
-	db.SetConnMaxLifetime(time.Second * 10)
-
-	// Ping the server
-	err = db.Ping()
-	isMySql := false
-	isAuthRequired := true
+	sqlDB, err := db.DB()
 	if err != nil {
-		if strings.Contains(err.Error(), "Access denied") {
-			// If access is denied, that means the server is there but requires authentication
-			isMySql = true
-			isAuthRequired = true
-		} else {
-			// Some other error means the server is not there
-			isMySql = false
-		}
-	} else {
-		// No error means the server is there and does not require authentication
-		isMySql = true
-		isAuthRequired = false
+		return &MysqlDiscoveryResult{
+			IsDetected:      true,
+			IsAuthenticated: true,
+			Properties:      nil,
+		}, err
 	}
+	defer sqlDB.Close()
 
 	result := &MysqlDiscoveryResult{
-		IsDetected:      isMySql,
-		isAuthenticated: isAuthRequired,
-		properties:      nil, // Set properties to nil as it's not used in this case
+		IsDetected:      true,
+		IsAuthenticated: false,
+		Properties:      nil,
 	}
 
 	return result, nil
-
-}
-
-// PacketHeader represents packet header
-type PacketHeader struct {
-	Length     uint32
-	SequenceId uint8
-}
-
-// InitialHandshakePacket represents initial handshake packet sent by MySQL Server
-type InitialHandshakePacket struct {
-	ProtocolVersion uint8
-	ServerVersion   []byte
-	ConnectionId    uint32
-	header          *PacketHeader
-}
-
-func (r *InitialHandshakePacket) Decode(sessionHandler servicediscovery.ISessionHandler) error {
-	data := make([]byte, 1024)
-	_, err := sessionHandler.Read(data)
-	if err != nil {
-		return err
-	}
-
-	header := &PacketHeader{}
-	ln := []byte{data[0], data[1], data[2], 0x00}
-	header.Length = binary.LittleEndian.Uint32(ln)
-	// a single byte integer is the same in BigEndian and LittleEndian
-	header.SequenceId = data[3]
-
-	r.header = header
-
-	// Assign payload only data to new var just for convenience
-	payload := data[4 : header.Length+4]
-	position := 0
-
-	// Check protocol version
-	r.ProtocolVersion = payload[0]
-
-	position += 1
-
-	// Extract server version
-	index := bytes.IndexByte(payload, byte(0x00))
-	r.ServerVersion = payload[position:index]
-	position = index + 1
-
-	// Extract connection ID
-	connectionId := payload[position : position+4]
-	id := binary.LittleEndian.Uint32(connectionId)
-	r.ConnectionId = id
-	position += 4
-	// Return nil error since there is no error
-	return nil
 }

tests/apps/mysql/app.yaml

@@ -15,7 +15,7 @@ spec:
     spec:
       containers:
         - name: mysql
-          image: mysql:5.7
+          image: mysql:8.3.0
           env:
             - name: MYSQL_ROOT_PASSWORD
               value: my-secret-pw