-
Notifications
You must be signed in to change notification settings - Fork 381
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: improve error handling for tracing policies directory access #3289
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey thanks! Not related to your change but the existing code: I'm not a huge fan of this flow as it looks unnecessarily complicated and I don't exactly get why we don't want to fail in a situation where the directory is given but does not exists. @tixxdz do you remember why you added this "return nil" case? Should we keep this?
You could simplify this a bit as suggested, it's a less explicit error msg but the code flow is a bit more understandable.
cmd/tetragon/main.go
Outdated
if os.IsNotExist(err) { | ||
// If the default directory does not exist then do not fail | ||
// Probably tetragon not fully installed, developers testing, etc | ||
if dir == defaults.DefaultTpDir { | ||
log.WithField("tracing-policy-dir", dir).Info("Loading Tracing Policies from directory ignored, directory does not exist") | ||
return nil | ||
} | ||
return fmt.Errorf("Tracing Policies directory does not exist: %s", dir) | ||
} | ||
return fmt.Errorf("Failed to access tracing policies directory: %w", err) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if os.IsNotExist(err) { | |
// If the default directory does not exist then do not fail | |
// Probably tetragon not fully installed, developers testing, etc | |
if dir == defaults.DefaultTpDir { | |
log.WithField("tracing-policy-dir", dir).Info("Loading Tracing Policies from directory ignored, directory does not exist") | |
return nil | |
} | |
return fmt.Errorf("Tracing Policies directory does not exist: %s", dir) | |
} | |
return fmt.Errorf("Failed to access tracing policies directory: %w", err) | |
// Do not fail if the default directory doesn't exist, | |
// it might because of developer setup or incomplete installation | |
if os.IsNotExist(err) && dir == defaults.DefaultTpDir { | |
log.WithField("tracing-policy-dir", dir).Info("Loading Tracing Policies from directory ignored, directory does not exist") | |
return nil | |
} | |
return fmt.Errorf("Failed to access tracing policies dir %s: %w", dir, err) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this relates how the code evolved to not break various tetragon versions, but also in case you also just run ./tetragon directly.
As long as we don't fail if default dir doesn't exist and we fail for all the rest is fine.
Thank you @mtardy @arthur-zhang
improve error display when policy dir do not exist when starting tetragon. Signed-off-by: arthur-zhang <[email protected]>
✅ Deploy Preview for tetragon ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Lgtm!
improve error display when policy dir do not exist when starting tetragon.
Description
Before the change,the error message is not clear to figure out what happens when custom tracing policy dir do not exist, the error message is
Now we check all directories upfront and provide better error context.
Changelog