MCPcopy
hub / github.com/microsoft/retina / runBpftrace

Function runBpftrace

cli/cmd/bpftrace.go:169–289  ·  view source on GitHub ↗
(_ *cobra.Command, args []string)

Source from the content-addressed store, hash-verified

167}
168
169func runBpftrace(_ *cobra.Command, args []string) error {
170 // Validate image version
171 if traceRetinaShellImageVersion == "" {
172 return errMissingRequiredRetinaShellImageVersionArg
173 }
174
175 // === SECURITY: Validate all user inputs BEFORE any use ===
176
177 // Validate IP filter (strict parsing)
178 filterIP, err := ValidateFilterIP(traceFilterIP)
179 if err != nil {
180 return fmt.Errorf("invalid --ip: %w", err)
181 }
182
183 // Validate CIDR filter (strict parsing)
184 filterCIDR, err := ValidateFilterCIDR(traceFilterCIDR)
185 if err != nil {
186 return fmt.Errorf("invalid --cidr: %w", err)
187 }
188
189 // Validate output format (whitelist)
190 outputFormat, err := ValidateOutputFormat(traceOutputFormat)
191 if err != nil {
192 return err
193 }
194
195 // Get namespace
196 namespace, explicitNamespace, err := traceMatchVersionFlags.ToRawKubeConfigLoader().Namespace()
197 if err != nil {
198 return fmt.Errorf("error retrieving namespace arg: %w", err)
199 }
200
201 // Parse node argument (only nodes supported, not pods)
202 r := resource.NewBuilder(traceConfigFlags).
203 WithScheme(scheme.Scheme, scheme.Scheme.PrioritizedVersionsAllGroups()...).
204 FilenameParam(explicitNamespace, &resource.FilenameOptions{}).
205 NamespaceParam(namespace).DefaultNamespace().ResourceNames("nodes", args[0]).
206 Do()
207 if rerr := r.Err(); rerr != nil {
208 return fmt.Errorf("error constructing resource builder: %w", rerr)
209 }
210
211 // Get REST config
212 restConfig, err := traceMatchVersionFlags.ToRESTConfig()
213 if err != nil {
214 return fmt.Errorf("error constructing REST config: %w", err)
215 }
216
217 // Visit the resource (should be a node)
218 return r.Visit(func(info *resource.Info, err error) error { //nolint:wrapcheck // visitor pattern returns errors as-is
219 if err != nil {
220 return err
221 }
222
223 switch obj := info.Object.(type) {
224 case *v1.Node:
225 nodeName := obj.Name
226 podNamespace := namespace

Callers

nothing calls this directly

Calls 8

RunTraceFunction · 0.92
ValidateFilterIPFunction · 0.85
ValidateFilterCIDRFunction · 0.85
ValidateOutputFormatFunction · 0.85
NamespaceMethod · 0.80
DoMethod · 0.80
ErrMethod · 0.65
StopMethod · 0.65

Tested by

no test coverage detected