apparmor.d/pkg/prebuild/directive/core.go

// apparmor.d - Full set of apparmor profiles
// Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
// SPDX-License-Identifier: GPL-2.0-only

package directive

import (
	"fmt"
	"regexp"
	"strings"

	"github.com/roddhjav/apparmor.d/pkg/paths"
	"github.com/roddhjav/apparmor.d/pkg/prebuild"
)

var (
	// Define the directive keyword globally
	Keyword = "#aa:"

	// Build the profiles with the following directive applied
	Directives = map[string]Directive{}

	regDirective = regexp.MustCompile(`(?m).*` + Keyword + `([a-z]*)( .*)?`)
)

// Main directive interface
type Directive interface {
	prebuild.BaseInterface
	Apply(opt *Option, profile string) (string, error)
}

func Usage() string {
	res := "Directive:\n"
	for _, d := range Directives {
		for _, h := range d.Usage() {
			res += fmt.Sprintf("    %s%s %s\n", Keyword, d.Name(), h)
		}
	}
	return res
}

// Directive options
type Option struct {
	Name    string
	ArgMap  map[string]string
	ArgList []string
	File    *paths.Path
	Raw     string
}

func NewOption(file *paths.Path, match []string) *Option {
	if len(match) != 3 {
		panic(fmt.Sprintf("Invalid directive: %v", match))
	}
	argList := strings.Fields(match[2])
	argMap := map[string]string{}
	for _, t := range argList {
		tmp := strings.Split(t, "=")
		if len(tmp) < 2 {
			argMap[tmp[0]] = ""
		} else {
			argMap[tmp[0]] = tmp[1]
		}
	}
	return &Option{
		Name:    match[1],
		ArgMap:  argMap,
		ArgList: argList,
		File:    file,
		Raw:     match[0],
	}
}

// Clean removes selected directive line from input string.
// Useful to remove directive text applied on some condition only
func (o *Option) Clean(input string) string {
	return strings.Replace(input, o.Raw, o.cleanKeyword(o.Raw), 1)
}

// cleanKeyword removes the dirextive keywork (#aa:...) from the input string
func (o *Option) cleanKeyword(input string) string {
	reg := regexp.MustCompile(`\s*` + Keyword + o.Name + `( .*)?$`)
	return reg.ReplaceAllString(input, "")
}

// Check if the directive is inline or if it is a paragraph
func (o *Option) IsInline() bool {
	inline := true
	tmp := strings.Split(o.Raw, Keyword)
	if len(tmp) >= 1 {
		left := strings.TrimSpace(tmp[0])
		if len(left) == 0 {
			inline = false
		}
	}
	return inline
}

func RegisterDirective(d Directive) {
	Directives[d.Name()] = d
}

func Run(file *paths.Path, profile string) (string, error) {
	var err error
	for _, match := range regDirective.FindAllStringSubmatch(profile, -1) {
		opt := NewOption(file, match)
		drtv, ok := Directives[opt.Name]
		if !ok {
			return "", fmt.Errorf("Unknown directive '%s' in %s", opt.Name, opt.File)
		}
		profile, err = drtv.Apply(opt, profile)
		if err != nil {
			return "", fmt.Errorf("%s %s: %w", drtv.Name(), opt.File, err)
		}
	}
	return profile, nil
}
build: prepare new structure for directives. 2024-03-21 21:36:41 +01:00			`// apparmor.d - Full set of apparmor profiles`
			`// Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>`
			`// SPDX-License-Identifier: GPL-2.0-only`

			`package directive`

			`import (`
			`"fmt"`
			`"regexp"`
			`"strings"`

chore: use internal paths lib. 2024-04-28 01:36:16 +02:00			`"github.com/roddhjav/apparmor.d/pkg/paths"`
build: reorganise build: abi4, fallback, prebuild cli - ABI4 by default, fallback to abi 3. - aa-prebuild cli that can be used by other project shipping profiles. - --file option to cli to only build one dev profile. - add abi version filter to only & exclude directives. 2024-10-02 17:22:46 +02:00			`"github.com/roddhjav/apparmor.d/pkg/prebuild"`
build: prepare new structure for directives. 2024-03-21 21:36:41 +01:00			`)`

build: update directives with the new interface. 2024-03-25 23:40:25 +01:00			`var (`
feat(build): simplify some internal tooling. 2024-04-02 18:48:03 +02:00			`// Define the directive keyword globally`
			`Keyword = "#aa:"`

build: update directives with the new interface. 2024-03-25 23:40:25 +01:00			`// Build the profiles with the following directive applied`
			`Directives = map[string]Directive{}`
build: prepare new structure for directives. 2024-03-21 21:36:41 +01:00
build: support directive without argument. 2024-09-26 23:09:49 +02:00			regDirective = regexp.MustCompile(`(?m).` + Keyword + `([a-z])( .*)?`)
build: update directives with the new interface. 2024-03-25 23:40:25 +01:00			`)`
build: prepare new structure for directives. 2024-03-21 21:36:41 +01:00
			`// Main directive interface`
			`type Directive interface {`
build: reorganise build: abi4, fallback, prebuild cli - ABI4 by default, fallback to abi 3. - aa-prebuild cli that can be used by other project shipping profiles. - --file option to cli to only build one dev profile. - add abi version filter to only & exclude directives. 2024-10-02 17:22:46 +02:00			`prebuild.BaseInterface`
feat(prebuild): add err reporting to builder & directive tasks. 2024-05-25 23:30:20 +02:00			`Apply(opt *Option, profile string) (string, error)`
build: prepare new structure for directives. 2024-03-21 21:36:41 +01:00			`}`

build: reorganise build: abi4, fallback, prebuild cli - ABI4 by default, fallback to abi 3. - aa-prebuild cli that can be used by other project shipping profiles. - --file option to cli to only build one dev profile. - add abi version filter to only & exclude directives. 2024-10-02 17:22:46 +02:00			`func Usage() string {`
build: set default ABI to abi4. 2024-10-02 17:44:15 +02:00			`res := "Directive:\n"`
build: reorganise build: abi4, fallback, prebuild cli - ABI4 by default, fallback to abi 3. - aa-prebuild cli that can be used by other project shipping profiles. - --file option to cli to only build one dev profile. - add abi version filter to only & exclude directives. 2024-10-02 17:22:46 +02:00			`for _, d := range Directives {`
			`for _, h := range d.Usage() {`
			`res += fmt.Sprintf(" %s%s %s\n", Keyword, d.Name(), h)`
			`}`
			`}`
			`return res`
			`}`

build: prepare new structure for directives. 2024-03-21 21:36:41 +01:00			`// Directive options`
			`type Option struct {`
build(directive): support both liust & map. 2024-03-23 18:41:10 +01:00			`Name string`
			`ArgMap map[string]string`
			`ArgList []string`
			`File *paths.Path`
			`Raw string`
build: prepare new structure for directives. 2024-03-21 21:36:41 +01:00			`}`

			`func NewOption(file paths.Path, match []string) Option {`
			`if len(match) != 3 {`
			`panic(fmt.Sprintf("Invalid directive: %v", match))`
			`}`
build(directive): support both liust & map. 2024-03-23 18:41:10 +01:00			`argList := strings.Fields(match[2])`
			`argMap := map[string]string{}`
			`for _, t := range argList {`
build: prepare new structure for directives. 2024-03-21 21:36:41 +01:00			`tmp := strings.Split(t, "=")`
			`if len(tmp) < 2 {`
build(directive): support both liust & map. 2024-03-23 18:41:10 +01:00			`argMap[tmp[0]] = ""`
build: prepare new structure for directives. 2024-03-21 21:36:41 +01:00			`} else {`
build(directive): support both liust & map. 2024-03-23 18:41:10 +01:00			`argMap[tmp[0]] = tmp[1]`
build: prepare new structure for directives. 2024-03-21 21:36:41 +01:00			`}`
			`}`
			`return &Option{`
build(directive): support both liust & map. 2024-03-23 18:41:10 +01:00			`Name: match[1],`
			`ArgMap: argMap,`
			`ArgList: argList,`
			`File: file,`
			`Raw: match[0],`
build: prepare new structure for directives. 2024-03-21 21:36:41 +01:00			`}`
			`}`

build: improve internal directive tool. 2024-09-26 23:08:48 +02:00			`// Clean removes selected directive line from input string.`
build: remove directive text not applied on build. 2024-04-28 15:22:00 +02:00			`// Useful to remove directive text applied on some condition only`
build: improve internal directive tool. 2024-09-26 23:08:48 +02:00			`func (o *Option) Clean(input string) string {`
			`return strings.Replace(input, o.Raw, o.cleanKeyword(o.Raw), 1)`
			`}`

			`// cleanKeyword removes the dirextive keywork (#aa:...) from the input string`
			`func (o *Option) cleanKeyword(input string) string {`
			reg := regexp.MustCompile(`\s` + Keyword + o.Name + `( .)?$`)
			`return reg.ReplaceAllString(input, "")`
			`}`

			`// Check if the directive is inline or if it is a paragraph`
			`func (o *Option) IsInline() bool {`
			`inline := true`
			`tmp := strings.Split(o.Raw, Keyword)`
			`if len(tmp) >= 1 {`
			`left := strings.TrimSpace(tmp[0])`
			`if len(left) == 0 {`
			`inline = false`
			`}`
			`}`
			`return inline`
build: remove directive text not applied on build. 2024-04-28 15:22:00 +02:00			`}`

build: update directives with the new interface. 2024-03-25 23:40:25 +01:00			`func RegisterDirective(d Directive) {`
			`Directives[d.Name()] = d`
			`}`

feat(prebuild): add err reporting to builder & directive tasks. 2024-05-25 23:30:20 +02:00			`func Run(file *paths.Path, profile string) (string, error) {`
			`var err error`
build: prepare new structure for directives. 2024-03-21 21:36:41 +01:00			`for _, match := range regDirective.FindAllStringSubmatch(profile, -1) {`
			`opt := NewOption(file, match)`
			`drtv, ok := Directives[opt.Name]`
			`if !ok {`
feat(aa): ensure the prebuild jobs are working. 2024-05-29 22:12:54 +02:00			`return "", fmt.Errorf("Unknown directive '%s' in %s", opt.Name, opt.File)`
feat(prebuild): add err reporting to builder & directive tasks. 2024-05-25 23:30:20 +02:00			`}`
			`profile, err = drtv.Apply(opt, profile)`
			`if err != nil {`
feat(aa): ensure the prebuild jobs are working. 2024-05-29 22:12:54 +02:00			`return "", fmt.Errorf("%s %s: %w", drtv.Name(), opt.File, err)`
build: prepare new structure for directives. 2024-03-21 21:36:41 +01:00			`}`
			`}`
feat(prebuild): add err reporting to builder & directive tasks. 2024-05-25 23:30:20 +02:00			`return profile, nil`
build: prepare new structure for directives. 2024-03-21 21:36:41 +01:00			`}`