chore: add more instrumentation

Author: ctron

modules/fundamental/src/sbom/model/mod.rs

@@ -44,6 +44,13 @@ pub struct SbomHead {
 }
 
 impl SbomHead {
+    #[instrument(
+        skip(sbom, db),
+        fields(
+            sbom=%sbom.sbom_id,
+        )
+        err(level=tracing::Level::INFO),
+    )]
     pub async fn from_entity<C: ConnectionTrait>(
         sbom: &sbom::Model,
         sbom_node: Option<sbom_node::Model>,

modules/fundamental/src/vulnerability/model/details/mod.rs

@@ -5,6 +5,8 @@ pub use vulnerability_advisory::*;
 use crate::{Error, vulnerability::model::VulnerabilityHead};
 use sea_orm::{ConnectionTrait, ModelTrait};
 use serde::{Deserialize, Serialize};
+use tracing::{info_span, instrument};
+use tracing_futures::Instrument;
 use trustify_common::memo::Memo;
 use trustify_cvss::cvss3::severity::Severity;
 use trustify_entity::{advisory_vulnerability, cvss3, vulnerability};
@@ -29,6 +31,13 @@ pub struct VulnerabilityDetails {
 }
 
 impl VulnerabilityDetails {
+    #[instrument(
+        skip(vulnerability, tx),
+        fields(
+            vulnerability=vulnerability.id,
+        )
+        err(level=tracing::Level::INFO),
+    )]
     pub async fn from_entity<C: ConnectionTrait>(
         vulnerability: &vulnerability::Model,
         deprecation: Deprecation,
@@ -38,9 +47,14 @@ impl VulnerabilityDetails {
             .find_related(advisory_vulnerability::Entity)
             .with_deprecation_related(deprecation)
             .all(tx)
+            .instrument(info_span!("find related"))
             .await?;
 
-        let cvss3 = vulnerability.find_related(cvss3::Entity).all(tx).await?;
+        let cvss3 = vulnerability
+            .find_related(cvss3::Entity)
+            .all(tx)
+            .instrument(info_span!("find scores"))
+            .await?;
 
         let advisories = VulnerabilityAdvisorySummary::from_entities(
             vulnerability,

modules/fundamental/src/vulnerability/model/details/vulnerability_advisory.rs

@@ -13,6 +13,8 @@ use sea_orm::{
 use sea_query::{Asterisk, Expr, Func, JoinType, SimpleExpr};
 use serde::{Deserialize, Serialize};
 use std::collections::{HashMap, HashSet};
+use tracing::{info_span, instrument};
+use tracing_futures::Instrument;
 use trustify_common::{
     db::{
         VersionMatches,
@@ -42,6 +44,15 @@ pub struct VulnerabilityAdvisoryHead {
 }
 
 impl VulnerabilityAdvisoryHead {
+    #[instrument(
+        skip_all,
+        fields(
+            vulnerability=vulnerability.id,
+            advisory_vulnerability_advisory_id=%advisory_vulnerability.advisory_id,
+            advisory_vulnerability_vulnerability_id=advisory_vulnerability.vulnerability_id,
+        ),
+        err(level=tracing::Level::INFO),
+    )]
     pub async fn from_entity<C: ConnectionTrait>(
         vulnerability: &vulnerability::Model,
         advisory_vulnerability: &advisory_vulnerability::Model,
@@ -126,6 +137,15 @@ pub struct VulnerabilityAdvisorySummary {
 }
 
 impl VulnerabilityAdvisorySummary {
+    #[instrument(
+        skip_all,
+        fields(
+            vulnerability=vulnerability.id,
+            advisory_vulnerabilities=advisory_vulnerabilities.len(),
+            vuln_cvss3=vuln_cvss3.len(),
+        ),
+        err(level=tracing::Level::INFO),
+    )]
     pub async fn from_entities<C: ConnectionTrait>(
         vulnerability: &vulnerability::Model,
         advisory_vulnerabilities: &[advisory_vulnerability::Model],
@@ -172,6 +192,7 @@ impl VulnerabilityAdvisorySummary {
         let mut vuln_sbom_statuses = sbom_status_query
             .try_into_multi_model::<SbomStatusCatcher>()?
             .all(tx)
+            .instrument(info_span!("fetching statuses"))
             .await?;
 
         // The query for now is in the raw form for couple of reasons
@@ -246,6 +267,7 @@ impl VulnerabilityAdvisorySummary {
                     Relationship::Describes.into(),
                 ],
             ))
+            .instrument(info_span!("fetching product status"))
             .await?;
 
         vuln_sbom_statuses.extend(
@@ -266,6 +288,7 @@ impl VulnerabilityAdvisorySummary {
             vuln_purl_statuses = purl_status_query
                 .try_into_multi_model::<PurlStatusCatcher>()?
                 .all(tx)
+                .instrument(info_span!("fetch purl statuses"))
                 .await?;
         }
 
@@ -275,6 +298,11 @@ impl VulnerabilityAdvisorySummary {
             let number_of_vulnerabilities = advisory_vulnerability
                 .find_linked(advisory_vulnerability::AdvisoryVulnerabilityToAdvisoryVulnerabilities)
                 .count(tx)
+                .instrument(info_span!(
+                    "counting vulnerabilities",
+                    advisory = %advisory_vulnerability.advisory_id,
+                    vulnerability = advisory_vulnerability.vulnerability_id
+                ))
                 .await?;
 
             let cvss3_scores = vuln_cvss3
@@ -299,7 +327,7 @@ impl VulnerabilityAdvisorySummary {
                 )
                 .await?,
                 cvss3_scores,
-                purls: VulnerabilityAdvisoryStatus::from_models(purl_statuses).await?,
+                purls: VulnerabilityAdvisoryStatus::from_models(purl_statuses)?,
                 sboms: VulnerabilitySbomStatus::from_models(sbom_statuses, tx).await?,
                 number_of_vulnerabilities,
             });
@@ -415,7 +443,7 @@ pub struct VulnerabilityAdvisoryStatus {
 }
 
 impl VulnerabilityAdvisoryStatus {
-    async fn from_models<'i, I: Iterator<Item = &'i PurlStatusCatcher>>(
+    fn from_models<'i, I: Iterator<Item = &'i PurlStatusCatcher>>(
         purls: I,
     ) -> Result<HashMap<String, Vec<Self>>, Error> {
         let mut statuses = HashMap::new();

modules/fundamental/src/vulnerability/service/mod.rs

@@ -6,6 +6,7 @@ use crate::{
 };
 use futures_util::{TryFutureExt, TryStreamExt};
 use sea_orm::{EntityTrait, Statement, StreamTrait, prelude::*};
+use tracing::instrument;
 use trustify_common::{
     db::{
         limiter::LimiterTrait,
@@ -150,14 +151,26 @@ impl VulnerabilityService {
         Ok(result)
     }
 
+    #[instrument(
+        skip_all,
+        fields(purl, id),
+        err(level=tracing::Level::INFO),
+    )]
     async fn to_vuln<C: ConnectionTrait>(
         &self,
         row: QueryResult,
         connection: &C,
     ) -> Result<(String, VulnerabilityDetails), Error> {
+        let span = tracing::Span::current();
+
         let requested_purl: String = row.try_get("", "requested_purl")?;
+        let id = row.try_get("", "id")?;
+
+        span.record("purl", &requested_purl);
+        span.record("id", &id);
+
         let vulnerability = vulnerability::Model {
-            id: row.try_get("", "id")?,
+            id,
             title: row.try_get("", "title")?,
             reserved: row.try_get("", "reserved")?,
             published: row.try_get("", "published")?,
@@ -167,6 +180,7 @@ impl VulnerabilityService {
             base_score: row.try_get("", "base_score")?,
             base_severity: row.try_get("", "base_severity")?,
         };
+
         let vuln_details =
             VulnerabilityDetails::from_entity(&vulnerability, Deprecation::Ignore, connection)
                 .await;