Extending the context with service information now takes such service rather than a port.

PiperOrigin-RevId: 871239254

Author: tooryx

common/clients/llm/tools/httpclient/httpclient.go

@@ -138,9 +138,8 @@ func (h *Tool) numberOfRequests() int {
 
 // Do performs an HTTP request against the service.
 func (h *Tool) Do(toolctx tool.Context, toolreq *Request) (*Response, error) {
-	port := int(h.service.GetNetworkEndpoint().GetPort().GetPortNumber())
 	uri := toolreq.URI
-	ctx := log.ContextForModuleAndService(context.Background(), "clients/llm/httpclient", port)
+	ctx := log.ContextForModuleAndService(context.Background(), "clients/llm/httpclient", h.service)
 	ctx, cancel := context.WithTimeout(ctx, h.coreConfig.TimeoutPerRequest())
 	defer cancel()
 
@@ -168,26 +167,25 @@ func (h *Tool) Do(toolctx tool.Context, toolreq *Request) (*Response, error) {
 }
 
 func (h *Tool) prepareRequest(ctx context.Context, toolreq *Request, path string) (*http.Request, error) {
-	port := h.service.GetNetworkEndpoint().GetPort().GetPortNumber()
 	uri := toolreq.URI
 
 	if !strings.HasPrefix(uri, "/") || strings.Contains(uri, "://") || strings.Contains(uri, ":") {
 		return nil, ErrInvalidURI
 	}
 
 	if !slices.Contains(h.config.GetAllowedMethods(), toolreq.Method) {
-		log.DebugContextf(ctx, log.DebugLevelRequest, "%s invalid method for %q", port, toolreq.Method, uri)
+		log.DebugContextf(ctx, log.DebugLevelRequest, "invalid method for %q: %q", toolreq.Method, uri)
 		return nil, ErrInvalidMethod
 	}
 
 	if h.numberOfRequests() >= int(h.config.GetMaxRequestsPerService()) {
-		log.DebugContextf(ctx, log.DebugLevelRequest, "%s too many requests for %q", port, toolreq.Method, uri)
+		log.DebugContextf(ctx, log.DebugLevelRequest, "too many requests for %q: %q", toolreq.Method, uri)
 		return nil, ErrTooManyRequests
 	}
 
 	for _, path := range h.badPaths {
 		if path.MatchString(uri) {
-			log.DebugContextf(ctx, log.DebugLevelRequest, "%s %q denied by regexp", port, toolreq.Method, uri)
+			log.DebugContextf(ctx, log.DebugLevelRequest, "%q denied by regexp: %q", toolreq.Method, uri)
 			return nil, ErrContentDenied
 		}
 	}

core/log/log.go

@@ -22,6 +22,8 @@ import (
 	"context"
 	"fmt"
 	"log"
+
+	nspb "github.com/google/tsunami-security-scanner/proto/go/network_service_go_proto"
 )
 
 // Logger is Goonami's logging interface.
@@ -68,14 +70,15 @@ func ContextForModule(ctx context.Context, name string) context.Context {
 }
 
 // ContextForService returns a new context with the service information (port) attached.
-func ContextForService(ctx context.Context, port int) context.Context {
+func ContextForService(ctx context.Context, service *nspb.NetworkService) context.Context {
+	port := int(service.GetNetworkEndpoint().GetPort().GetPortNumber())
 	return context.WithValue(ctx, serviceKey, port)
 }
 
 // ContextForModuleAndService returns a new context with both the module name and the service
 // information (port) attached.
-func ContextForModuleAndService(ctx context.Context, name string, port int) context.Context {
-	return ContextForModule(ContextForService(ctx, port), name)
+func ContextForModuleAndService(ctx context.Context, name string, service *nspb.NetworkService) context.Context {
+	return ContextForModule(ContextForService(ctx, service), name)
 }
 
 var logger Logger = &DefaultLogger{}

core/log/log_test.go

@@ -22,6 +22,9 @@ import (
 	"log"
 	"os"
 	"testing"
+
+	npb "github.com/google/tsunami-security-scanner/proto/go/network_go_proto"
+	nspb "github.com/google/tsunami-security-scanner/proto/go/network_service_go_proto"
 )
 
 var buf bytes.Buffer
@@ -133,6 +136,22 @@ func TestDefaultLoggerDebug(t *testing.T) {
 }
 
 func TestDefaultLoggerPrefix(t *testing.T) {
+	svc80 := nspb.NetworkService_builder{
+		NetworkEndpoint: npb.NetworkEndpoint_builder{
+			Port: npb.Port_builder{
+				PortNumber: 80,
+			}.Build(),
+		}.Build(),
+	}.Build()
+
+	svc443 := nspb.NetworkService_builder{
+		NetworkEndpoint: npb.NetworkEndpoint_builder{
+			Port: npb.Port_builder{
+				PortNumber: 443,
+			}.Build(),
+		}.Build(),
+	}.Build()
+
 	testCases := []struct {
 		name       string
 		ctx        context.Context
@@ -154,13 +173,13 @@ func TestDefaultLoggerPrefix(t *testing.T) {
 		},
 		{
 			name:       "when_service_metadata_service_prefix",
-			ctx:        ContextForService(context.Background(), 80),
+			ctx:        ContextForService(context.Background(), svc80),
 			msg:        "test",
 			wantPrefix: "INFO [    80 ] test",
 		},
 		{
 			name:       "when_both_metadata_both_prefix",
-			ctx:        ContextForModuleAndService(context.Background(), "my-module", 443),
+			ctx:        ContextForModuleAndService(context.Background(), "my-module", svc443),
 			msg:        "test",
 			wantPrefix: "INFO [   443 ] [ my-module ] test",
 		},
@@ -192,7 +211,14 @@ func TestDefaultLoggerPrefix(t *testing.T) {
 }
 
 func TestDefaultLoggerColors(t *testing.T) {
-	ctx := ContextForModuleAndService(context.Background(), "my-module", 443)
+	svc443 := nspb.NetworkService_builder{
+		NetworkEndpoint: npb.NetworkEndpoint_builder{
+			Port: npb.Port_builder{
+				PortNumber: 443,
+			}.Build(),
+		}.Build(),
+	}.Build()
+	ctx := ContextForModuleAndService(context.Background(), "my-module", svc443)
 	buf.Reset()
 	l := &DefaultLogger{UseColors: true}
 	l.InfoContext(ctx, "test message")

core/runner/simplerunner/simplerunner.go

@@ -236,7 +236,6 @@ func runConcurrent[E any](ctx context.Context, concurrency int, services []*nspb
 // coming directly from the port scan. But each fingerprinter can technically "split" that network
 // service into several ones.
 func (r *SimpleRunner) fingerprintService(ctx context.Context, svc *nspb.NetworkService) ([]*nspb.NetworkService, error) {
-	port := int(svc.GetNetworkEndpoint().GetPort().GetPortNumber())
 	var services []*nspb.NetworkService = []*nspb.NetworkService{svc}
 	for _, fp := range r.fingerprinters {
 		var accumulator []*nspb.NetworkService
@@ -246,7 +245,7 @@ func (r *SimpleRunner) fingerprintService(ctx context.Context, svc *nspb.Network
 				return nil, ctx.Err()
 			}
 
-			ctx = log.ContextForModuleAndService(ctx, fp.Name(), port)
+			ctx = log.ContextForModuleAndService(ctx, fp.Name(), sv)
 			res, err := fp.Fingerprint(ctx, sv)
 			if err != nil {
 				log.ErrorContextf(ctx, "fatal fingerprinting error: %s", err)
@@ -263,15 +262,14 @@ func (r *SimpleRunner) fingerprintService(ctx context.Context, svc *nspb.Network
 }
 
 func (r *SimpleRunner) detectService(ctx context.Context, svc *nspb.NetworkService) ([]*dpb.DetectionReport, error) {
-	port := int(svc.GetNetworkEndpoint().GetPort().GetPortNumber())
 	var reports []*dpb.DetectionReport
 
 	for _, dt := range r.detectors {
 		if ctx.Err() != nil {
 			return nil, ctx.Err()
 		}
 
-		ctx = log.ContextForModuleAndService(ctx, dt.Name(), port)
+		ctx = log.ContextForModuleAndService(ctx, dt.Name(), svc)
 		res, err := dt.Detect(ctx, svc)
 		if err != nil {
 			log.ErrorContextf(ctx, "fatal detection error: %s", err)