Merge branch 'main' of https://github.com/kolide/launcher into zack/r…

…unner_registration_ids
kolide · Dec 23, 2024 · b5451ff · b5451ff
2 parents c20b160 + a5c83f1
commit b5451ff
Show file tree

Hide file tree

Showing 7 changed files with 56 additions and 33 deletions.
diff --git a/ee/agent/reset_test.go b/ee/agent/reset_test.go
@@ -35,25 +35,26 @@ func TestMain(m *testing.M) {
 		fmt.Printf("failed to make temp dir for test osquery binary: %v", err)
 		os.Exit(1) //nolint:forbidigo // Fine to use os.Exit inside tests
 	}
-	defer os.RemoveAll(downloadDir)
 
 	target := packaging.Target{}
 	if err := target.PlatformFromString(runtime.GOOS); err != nil {
 		fmt.Printf("error parsing platform %s: %v", runtime.GOOS, err)
-		os.Exit(1) //nolint:forbidigo // Fine to use os.Exit inside tests
+		os.RemoveAll(downloadDir) // explicit removal as defer will not run when os.Exit is called
+		os.Exit(1)                //nolint:forbidigo // Fine to use os.Exit inside tests
 	}
 	target.Arch = packaging.ArchFlavor(runtime.GOARCH)
 	if runtime.GOOS == "darwin" {
 		target.Arch = packaging.Universal
 	}
 
 	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
-	defer cancel()
 
 	dlPath, err := packaging.FetchBinary(ctx, downloadDir, "osqueryd", target.PlatformBinaryName("osqueryd"), "nightly", target)
 	if err != nil {
 		fmt.Printf("error fetching binary osqueryd binary: %v", err)
-		os.Exit(1) //nolint:forbidigo // Fine to use os.Exit inside tests
+		cancel()                  // explicit cancel as defer will not run when os.Exit is called
+		os.RemoveAll(downloadDir) // explicit removal as defer will not run when os.Exit is called
+		os.Exit(1)                //nolint:forbidigo // Fine to use os.Exit inside tests
 	}
 
 	testOsqueryBinary = filepath.Join(downloadDir, filepath.Base(dlPath))
@@ -63,12 +64,17 @@ func TestMain(m *testing.M) {
 
 	if err := fsutil.CopyFile(dlPath, testOsqueryBinary); err != nil {
 		fmt.Printf("error copying osqueryd binary: %v", err)
-		os.Exit(1) //nolint:forbidigo // Fine to use os.Exit inside tests
+		cancel()                  // explicit cancel as defer will not run when os.Exit is called
+		os.RemoveAll(downloadDir) // explicit removal as defer will not run when os.Exit is called
+		os.Exit(1)                //nolint:forbidigo // Fine to use os.Exit inside tests
 	}
 
 	// Run the tests
 	retCode := m.Run()
-	os.Exit(retCode) //nolint:forbidigo // Fine to use os.Exit inside tests
+
+	cancel()                  // explicit cancel as defer will not run when os.Exit is called
+	os.RemoveAll(downloadDir) // explicit removal as defer will not run when os.Exit is called
+	os.Exit(retCode)          //nolint:forbidigo // Fine to use os.Exit inside tests
 }
 
 func TestDetectAndRemediateHardwareChange(t *testing.T) {

diff --git a/ee/secureenclaverunner/secureenclaverunner.go b/ee/secureenclaverunner/secureenclaverunner.go
@@ -197,6 +197,10 @@ func (ser *secureEnclaveRunner) currentConsoleUserKey(ctx context.Context) (*ecd
 
 	key, ok := ser.uidPubKeyMap[cu.Uid]
 	if ok {
+		ser.slogger.Log(ctx, slog.LevelDebug,
+			"found existing key for console user",
+			"uid", cu.Uid,
+		)
 		span.AddEvent("found_existing_key_for_console_user")
 		return key, nil
 	}
@@ -207,6 +211,10 @@ func (ser *secureEnclaveRunner) currentConsoleUserKey(ctx context.Context) (*ecd
 		return nil, fmt.Errorf("creating key: %w", err)
 	}
 
+	ser.slogger.Log(ctx, slog.LevelInfo,
+		"created new key for console user",
+		"uid", cu.Uid,
+	)
 	span.AddEvent("created_new_key_for_console_user")
 
 	ser.uidPubKeyMap[cu.Uid] = key

diff --git a/ee/tpmrunner/tpmrunner.go b/ee/tpmrunner/tpmrunner.go
@@ -98,7 +98,7 @@ func (tr *tpmRunner) Execute() error {
 			continue
 		case <-tr.interrupt:
 			tr.slogger.Log(context.TODO(), slog.LevelDebug,
-				"interrupt received, exiting secure enclave signer execute loop",
+				"interrupt received, exiting tpm signer execute loop",
 			)
 			return nil
 		}
@@ -208,10 +208,6 @@ func (tr *tpmRunner) loadOrCreateKeys(ctx context.Context) error {
 	}
 
 	if pubData == nil || priData == nil {
-		tr.slogger.Log(ctx, slog.LevelInfo,
-			"generating new tpm keys",
-		)
-
 		var err error
 		priData, pubData, err = tr.signerCreator.CreateKey()
 		if err != nil {
@@ -230,6 +226,9 @@ func (tr *tpmRunner) loadOrCreateKeys(ctx context.Context) error {
 			return thisErr
 		}
 
+		tr.slogger.Log(ctx, slog.LevelInfo,
+			"new tpm keys generated",
+		)
 		span.AddEvent("generated_new_tpm_keys")
 	}
 
@@ -242,6 +241,9 @@ func (tr *tpmRunner) loadOrCreateKeys(ctx context.Context) error {
 
 	tr.signer = k
 
+	tr.slogger.Log(ctx, slog.LevelDebug,
+		"tpm signer created",
+	)
 	span.AddEvent("created_tpm_signer")
 
 	return nil

diff --git a/pkg/osquery/runtime/osqueryinstance_test.go b/pkg/osquery/runtime/osqueryinstance_test.go
@@ -50,7 +50,7 @@ func TestCreateOsqueryCommand(t *testing.T) {
 		extensionAutoloadPath: "/foo/bar/osquery.autoload",
 	}
 
-	osquerydPath := testOsqueryBinaryDirectory
+	osquerydPath := testOsqueryBinary
 
 	k := typesMocks.NewKnapsack(t)
 	k.On("WatchdogEnabled").Return(true)
@@ -86,7 +86,7 @@ func TestCreateOsqueryCommandWithFlags(t *testing.T) {
 	i := newInstance(types.DefaultRegistrationID, k, mockServiceClient())
 
 	cmd, err := i.createOsquerydCommand(
-		testOsqueryBinaryDirectory,
+		testOsqueryBinary,
 		&osqueryFilePaths{},
 	)
 	require.NoError(t, err)
@@ -120,7 +120,7 @@ func TestCreateOsqueryCommand_SetsEnabledWatchdogSettingsAppropriately(t *testin
 	i := newInstance(types.DefaultRegistrationID, k, mockServiceClient())
 
 	cmd, err := i.createOsquerydCommand(
-		testOsqueryBinaryDirectory,
+		testOsqueryBinary,
 		&osqueryFilePaths{},
 	)
 	require.NoError(t, err)
@@ -170,7 +170,7 @@ func TestCreateOsqueryCommand_SetsDisabledWatchdogSettingsAppropriately(t *testi
 	i := newInstance(types.DefaultRegistrationID, k, mockServiceClient())
 
 	cmd, err := i.createOsquerydCommand(
-		testOsqueryBinaryDirectory,
+		testOsqueryBinary,
 		&osqueryFilePaths{},
 	)
 	require.NoError(t, err)

diff --git a/pkg/osquery/runtime/osqueryinstance_windows_test.go b/pkg/osquery/runtime/osqueryinstance_windows_test.go
@@ -16,7 +16,7 @@ import (
 func TestCreateOsqueryCommandEnvVars(t *testing.T) {
 	t.Parallel()
 
-	osquerydPath := testOsqueryBinaryDirectory
+	osquerydPath := testOsqueryBinary
 
 	k := typesMocks.NewKnapsack(t)
 	k.On("WatchdogEnabled").Return(true)

diff --git a/pkg/osquery/runtime/runtime_posix_test.go b/pkg/osquery/runtime/runtime_posix_test.go
@@ -50,7 +50,7 @@ func TestOsquerySlowStart(t *testing.T) {
 	k.On("OsqueryFlags").Return([]string{}).Maybe()
 	k.On("RegisterChangeObserver", mock.Anything, mock.Anything, mock.Anything, mock.Anything, mock.Anything)
 	k.On("Slogger").Return(slogger)
-	k.On("LatestOsquerydPath", mock.Anything).Return(testOsqueryBinaryDirectory)
+	k.On("LatestOsquerydPath", mock.Anything).Return(testOsqueryBinary)
 	k.On("LoggingInterval").Return(5 * time.Minute).Maybe()
 	k.On("LogMaxBytesPerBatch").Return(0).Maybe()
 	k.On("Transport").Return("jsonrpc").Maybe()
@@ -97,7 +97,7 @@ func TestExtensionSocketPath(t *testing.T) {
 	k.On("RootDirectory").Return(rootDirectory).Maybe()
 	k.On("OsqueryVerbose").Return(true).Maybe()
 	k.On("OsqueryFlags").Return([]string{}).Maybe()
-	k.On("LatestOsquerydPath", mock.Anything).Return(testOsqueryBinaryDirectory)
+	k.On("LatestOsquerydPath", mock.Anything).Return(testOsqueryBinary)
 	k.On("LoggingInterval").Return(5 * time.Minute).Maybe()
 	k.On("LogMaxBytesPerBatch").Return(0).Maybe()
 	k.On("Transport").Return("jsonrpc").Maybe()

diff --git a/pkg/osquery/runtime/runtime_test.go b/pkg/osquery/runtime/runtime_test.go
@@ -40,7 +40,7 @@ import (
 	"github.com/stretchr/testify/require"
 )
 
-var testOsqueryBinaryDirectory string
+var testOsqueryBinary string
 
 // TestMain overrides the default test main function. This allows us to share setup/teardown.
 func TestMain(m *testing.M) {
@@ -54,30 +54,37 @@ func TestMain(m *testing.M) {
 		fmt.Println("Failed to make temp dir for test binaries")
 		os.Exit(1) //nolint:forbidigo // Fine to use os.Exit in tests
 	}
-	defer os.Remove(binDirectory)
 
 	s, err := storageci.NewStore(nil, multislogger.NewNopLogger(), storage.OsqueryHistoryInstanceStore.String())
 	if err != nil {
 		fmt.Println("Failed to make new store")
-		os.Exit(1) //nolint:forbidigo // Fine to use os.Exit in tests
+		os.Remove(binDirectory) // explicit removal as defer will not run when os.Exit is called
+		os.Exit(1)              //nolint:forbidigo // Fine to use os.Exit in tests
 	}
 	if err := history.InitHistory(s); err != nil {
 		fmt.Println("Failed to init history")
-		os.Exit(1) //nolint:forbidigo // Fine to use os.Exit in tests
+		os.Remove(binDirectory) // explicit removal as defer will not run when os.Exit is called
+		os.Exit(1)              //nolint:forbidigo // Fine to use os.Exit in tests
 	}
 
-	testOsqueryBinaryDirectory = filepath.Join(binDirectory, "osqueryd")
+	testOsqueryBinary = filepath.Join(binDirectory, "osqueryd")
+	if runtime.GOOS == "windows" {
+		testOsqueryBinary += ".exe"
+	}
 
 	thrift.ServerConnectivityCheckInterval = 100 * time.Millisecond
 
 	if err := downloadOsqueryInBinDir(binDirectory); err != nil {
 		fmt.Printf("Failed to download osquery: %v\n", err)
-		os.Exit(1) //nolint:forbidigo // Fine to use os.Exit in tests
+		os.Remove(binDirectory) // explicit removal as defer will not run when os.Exit is called
+		os.Exit(1)              //nolint:forbidigo // Fine to use os.Exit in tests
 	}
 
 	// Run the tests!
 	retCode := m.Run()
-	os.Exit(retCode) //nolint:forbidigo // Fine to use os.Exit in tests
+
+	os.Remove(binDirectory) // explicit removal as defer will not run when os.Exit is called
+	os.Exit(retCode)        //nolint:forbidigo // Fine to use os.Exit in tests
 }
 
 // downloadOsqueryInBinDir downloads osqueryd. This allows the test
@@ -163,7 +170,7 @@ func TestWithOsqueryFlags(t *testing.T) {
 	k.On("WatchdogEnabled").Return(false)
 	k.On("RegisterChangeObserver", mock.Anything, mock.Anything, mock.Anything, mock.Anything, mock.Anything)
 	k.On("Slogger").Return(slogger)
-	k.On("LatestOsquerydPath", mock.Anything).Return(testOsqueryBinaryDirectory)
+	k.On("LatestOsquerydPath", mock.Anything).Return(testOsqueryBinary)
 	k.On("RootDirectory").Return(rootDirectory).Maybe()
 	k.On("OsqueryFlags").Return([]string{"verbose=false"})
 	k.On("OsqueryVerbose").Return(false)
@@ -196,7 +203,7 @@ func TestFlagsChanged(t *testing.T) {
 	k.On("WatchdogDelaySec").Return(120)
 	k.On("RegisterChangeObserver", mock.Anything, mock.Anything, mock.Anything, mock.Anything, mock.Anything)
 	k.On("Slogger").Return(slogger)
-	k.On("LatestOsquerydPath", mock.Anything).Return(testOsqueryBinaryDirectory)
+	k.On("LatestOsquerydPath", mock.Anything).Return(testOsqueryBinary)
 	k.On("RootDirectory").Return(rootDirectory).Maybe()
 	k.On("OsqueryFlags").Return([]string{"verbose=false"})
 	k.On("OsqueryVerbose").Return(false)
@@ -327,7 +334,7 @@ func TestSimplePath(t *testing.T) {
 	k.On("WatchdogEnabled").Return(false)
 	k.On("RegisterChangeObserver", mock.Anything, mock.Anything, mock.Anything, mock.Anything, mock.Anything)
 	k.On("Slogger").Return(slogger)
-	k.On("LatestOsquerydPath", mock.Anything).Return(testOsqueryBinaryDirectory)
+	k.On("LatestOsquerydPath", mock.Anything).Return(testOsqueryBinary)
 	k.On("RootDirectory").Return(rootDirectory).Maybe()
 	k.On("OsqueryFlags").Return([]string{})
 	k.On("OsqueryVerbose").Return(true)
@@ -363,7 +370,7 @@ func TestMultipleInstances(t *testing.T) {
 	k.On("WatchdogEnabled").Return(false)
 	k.On("RegisterChangeObserver", mock.Anything, mock.Anything, mock.Anything, mock.Anything, mock.Anything)
 	k.On("Slogger").Return(slogger)
-	k.On("LatestOsquerydPath", mock.Anything).Return(testOsqueryBinaryDirectory)
+	k.On("LatestOsquerydPath", mock.Anything).Return(testOsqueryBinary)
 	k.On("RootDirectory").Return(rootDirectory).Maybe()
 	k.On("OsqueryFlags").Return([]string{})
 	k.On("OsqueryVerbose").Return(true)
@@ -422,7 +429,7 @@ func TestRunnerHandlesImmediateShutdownWithMultipleInstances(t *testing.T) {
 	k.On("WatchdogEnabled").Return(false)
 	k.On("RegisterChangeObserver", mock.Anything, mock.Anything, mock.Anything, mock.Anything, mock.Anything)
 	k.On("Slogger").Return(slogger)
-	k.On("LatestOsquerydPath", mock.Anything).Return(testOsqueryBinaryDirectory)
+	k.On("LatestOsquerydPath", mock.Anything).Return(testOsqueryBinary)
 	k.On("RootDirectory").Return(rootDirectory).Maybe()
 	k.On("OsqueryFlags").Return([]string{})
 	k.On("OsqueryVerbose").Return(true)
@@ -473,7 +480,7 @@ func TestMultipleShutdowns(t *testing.T) {
 	k.On("WatchdogEnabled").Return(false)
 	k.On("RegisterChangeObserver", mock.Anything, mock.Anything, mock.Anything, mock.Anything, mock.Anything)
 	k.On("Slogger").Return(slogger)
-	k.On("LatestOsquerydPath", mock.Anything).Return(testOsqueryBinaryDirectory)
+	k.On("LatestOsquerydPath", mock.Anything).Return(testOsqueryBinary)
 	k.On("RootDirectory").Return(rootDirectory).Maybe()
 	k.On("OsqueryFlags").Return([]string{})
 	k.On("OsqueryVerbose").Return(true)
@@ -505,7 +512,7 @@ func TestOsqueryDies(t *testing.T) {
 	k.On("WatchdogEnabled").Return(false)
 	k.On("RegisterChangeObserver", mock.Anything, mock.Anything, mock.Anything, mock.Anything, mock.Anything)
 	k.On("Slogger").Return(slogger)
-	k.On("LatestOsquerydPath", mock.Anything).Return(testOsqueryBinaryDirectory)
+	k.On("LatestOsquerydPath", mock.Anything).Return(testOsqueryBinary)
 	k.On("RootDirectory").Return(rootDirectory)
 	k.On("OsqueryFlags").Return([]string{})
 	k.On("OsqueryVerbose").Return(true)
@@ -761,7 +768,7 @@ func setupOsqueryInstanceForTests(t *testing.T) (runner *Runner, logBytes *threa
 	k.On("WatchdogDelaySec").Return(120)
 	k.On("RegisterChangeObserver", mock.Anything, mock.Anything, mock.Anything, mock.Anything, mock.Anything).Maybe()
 	k.On("Slogger").Return(slogger)
-	k.On("LatestOsquerydPath", mock.Anything).Return(testOsqueryBinaryDirectory)
+	k.On("LatestOsquerydPath", mock.Anything).Return(testOsqueryBinary)
 	k.On("RootDirectory").Return(rootDirectory).Maybe()
 	k.On("OsqueryFlags").Return([]string{}).Maybe()
 	k.On("OsqueryVerbose").Return(true).Maybe()