From edb2fd11f9962fafd385659b4c88605479a345a7 Mon Sep 17 00:00:00 2001
From: ShohamBit <shohambit@gmail.com>
Date: Thu, 9 Jan 2025 10:21:16 +0000
Subject: [PATCH] fix: tracee-ebpf, tracee-rules dowsnt support new flag format

change tracee --grpc-listen-addr and --http-listen-addr flag to --server
flag

tracee-ebpf and tracee-rulse supported the old foramt, made them support
the new flag format
---
 cmd/tracee-ebpf/main.go             | 53 ++++++++++++++---------------
 cmd/tracee-rules/main.go            | 34 +++++++++---------
 pkg/cmd/cobra/cobra.go              |  6 ++--
 pkg/cmd/flags/server/server.go      | 33 +++++++++++++-----
 pkg/cmd/flags/server/server_test.go | 14 ++++++--
 pkg/cmd/urfave/urfave.go            |  2 --
 6 files changed, 82 insertions(+), 60 deletions(-)

diff --git a/cmd/tracee-ebpf/main.go b/cmd/tracee-ebpf/main.go
index d8de1eb07a60..e0892cd4fd57 100644
--- a/cmd/tracee-ebpf/main.go
+++ b/cmd/tracee-ebpf/main.go
@@ -10,8 +10,7 @@ import (
 
 	"github.com/aquasecurity/tracee/pkg/cmd"
 	"github.com/aquasecurity/tracee/pkg/cmd/flags"
-
-	// "github.com/aquasecurity/tracee/pkg/cmd/flags/server"
+	"github.com/aquasecurity/tracee/pkg/cmd/flags/server"
 	"github.com/aquasecurity/tracee/pkg/cmd/initialize"
 	"github.com/aquasecurity/tracee/pkg/cmd/urfave"
 	"github.com/aquasecurity/tracee/pkg/logger"
@@ -129,31 +128,31 @@ func main() {
 				Value: "/tmp/tracee",
 				Usage: "path where tracee will install or lookup it's resources",
 			},
-			// &cli.BoolFlag{
-			// 	Name:  server.MetricsEndpointFlag,
-			// 	Usage: "enable metrics endpoint",
-			// 	Value: false,
-			// },
-			// &cli.BoolFlag{
-			// 	Name:  server.HealthzEndpointFlag,
-			// 	Usage: "enable healthz endpoint",
-			// 	Value: false,
-			// },
-			// &cli.BoolFlag{
-			// 	Name:  server.PProfEndpointFlag,
-			// 	Usage: "enable pprof endpoints",
-			// 	Value: false,
-			// },
-			// &cli.BoolFlag{
-			// 	Name:  server.PyroscopeAgentFlag,
-			// 	Usage: "enable pyroscope agent",
-			// 	Value: false,
-			// },
-			// &cli.StringFlag{
-			// 	Name:  server.HTTPListenEndpointFlag,
-			// 	Usage: "listening address of the metrics endpoint server",
-			// 	Value: ":3366",
-			// },
+			&cli.BoolFlag{
+				Name:  server.HTTPServer + "." + server.MetricsEndpointFlag,
+				Usage: "enable metrics endpoint",
+				Value: false,
+			},
+			&cli.BoolFlag{
+				Name:  server.HTTPServer + "." + server.HealthzEndpointFlag,
+				Usage: "enable healthz endpoint",
+				Value: false,
+			},
+			&cli.BoolFlag{
+				Name:  server.HTTPServer + "." + server.PProfEndpointFlag,
+				Usage: "enable pprof endpoints",
+				Value: false,
+			},
+			&cli.BoolFlag{
+				Name:  server.HTTPServer + "." + server.PyroscopeAgentEndpointFlag,
+				Usage: "enable pyroscope agent",
+				Value: false,
+			},
+			&cli.StringFlag{
+				Name:  server.HTTPServer + "." + server.ListenEndpointFlag,
+				Usage: "listening address of the metrics endpoint server",
+				Value: ":3366",
+			},
 			&cli.BoolFlag{
 				Name:  "no-containers",
 				Usage: "disable container info enrichment to events. safeguard option.",
diff --git a/cmd/tracee-rules/main.go b/cmd/tracee-rules/main.go
index d3eb53ab6964..088d7ca37e02 100644
--- a/cmd/tracee-rules/main.go
+++ b/cmd/tracee-rules/main.go
@@ -200,12 +200,12 @@ func main() {
 				Usage: "configure output format via templates. Usage: --output-template=path/to/my.tmpl",
 			},
 			&cli.BoolFlag{
-				Name:  server.PProfEndpointFlag,
+				Name:  server.HTTPServer + "." + server.PProfEndpointFlag,
 				Usage: "enable pprof endpoints",
 				Value: false,
 			},
 			&cli.BoolFlag{
-				Name:  server.PyroscopeAgentFlag,
+				Name:  server.HTTPServer + "." + server.PyroscopeAgentEndpointFlag,
 				Usage: "enable pyroscope agent",
 				Value: false,
 			},
@@ -218,21 +218,21 @@ func main() {
 				Usage: "size of the event channel's buffer consumed by signatures",
 				Value: 1000,
 			},
-			// &cli.BoolFlag{
-			// 	Name:  server.MetricsEndpointFlag,
-			// 	Usage: "enable metrics endpoint",
-			// 	Value: false,
-			// },
-			// &cli.BoolFlag{
-			// 	Name:  server.HealthzEndpointFlag,
-			// 	Usage: "enable healthz endpoint",
-			// 	Value: false,
-			// },
-			// &cli.StringFlag{
-			// 	Name:  server.HTTPListenEndpointFlag,
-			// 	Usage: "listening address of the metrics endpoint server",
-			// 	Value: ":4466",
-			// },
+			&cli.BoolFlag{
+				Name:  server.HTTPServer + "." + server.MetricsEndpointFlag,
+				Usage: "enable metrics endpoint",
+				Value: false,
+			},
+			&cli.BoolFlag{
+				Name:  server.HTTPServer + "." + server.HealthzEndpointFlag,
+				Usage: "enable healthz endpoint",
+				Value: false,
+			},
+			&cli.StringFlag{
+				Name:  server.HTTPServer + "." + server.ListenEndpointFlag,
+				Usage: "listening address of the metrics endpoint server",
+				Value: ":4466",
+			},
 			&cli.BoolFlag{
 				Name:  "allcaps",
 				Value: false,
diff --git a/pkg/cmd/cobra/cobra.go b/pkg/cmd/cobra/cobra.go
index d75b2553ddbe..89428cd85123 100644
--- a/pkg/cmd/cobra/cobra.go
+++ b/pkg/cmd/cobra/cobra.go
@@ -296,13 +296,13 @@ func GetTraceeRunner(c *cobra.Command, version string) (cmd.Runner, error) {
 	if err != nil {
 		return runner, err
 	}
-	server, err := server.PrepareServer(serverFlag)
+	serverRunner, err := server.PrepareServer(serverFlag)
 	if err != nil {
 		return runner, err
 	}
 
-	runner.HTTPServer = server.HTTPServer
-	runner.GRPCServer = server.GRPCServer
+	runner.HTTPServer = serverRunner.HTTPServer
+	runner.GRPCServer = serverRunner.GRPCServer
 	runner.TraceeConfig = cfg
 	runner.Printer = p
 	runner.InstallPath = traceeInstallPath
diff --git a/pkg/cmd/flags/server/server.go b/pkg/cmd/flags/server/server.go
index 76dcfa667f37..47858ac53b9a 100644
--- a/pkg/cmd/flags/server/server.go
+++ b/pkg/cmd/flags/server/server.go
@@ -6,6 +6,7 @@ import (
 	"net"
 	"net/url"
 	"os"
+	"strconv"
 	"strings"
 
 	"github.com/aquasecurity/tracee/pkg/errfmt"
@@ -50,7 +51,7 @@ func PrepareServer(serverSlice []string) (*Server, error) {
 			return nil, fmt.Errorf("cannot process the flag: try grpc.Xxx or http.Xxx instead")
 		}
 		switch serverParts[0] {
-		//flag http.Xxx
+		// flag http.Xxx
 		case HTTPServer:
 			httpParts := strings.SplitN(serverParts[1], "=", 2)
 			switch httpParts[0] {
@@ -79,7 +80,7 @@ func PrepareServer(serverSlice []string) (*Server, error) {
 			default:
 				return nil, errors.New("invalid http flag, consider using one of the following commands: address, metrics, healthz, pprof, pyroscope")
 			}
-		//flag grpc.Xxx
+		// flag grpc.Xxx
 		case GRPCServer:
 			grpcParts := strings.SplitN(serverParts[1], "=", 2)
 			switch grpcParts[0] {
@@ -138,23 +139,39 @@ func PrepareServer(serverSlice []string) (*Server, error) {
 }
 
 func isValidAddr(addr string) bool {
+	// Check if the address is a valid URL.
 	_, err := url.ParseRequestURI("http://" + addr)
 	if err != nil {
 		return false
 	}
 
-	host, port, err := net.SplitHostPort(addr)
-	if err != nil {
+	// Check if the address contains a port.
+	if !strings.Contains(addr, ":") {
 		return false
 	}
 
-	ip := net.ParseIP(host)
-	if ip == nil && host != "localhost" && host != "0.0.0.0" {
+	// Split the address into host and port.
+	host, portStr, err := net.SplitHostPort(addr)
+	if err != nil {
 		return false
 	}
 
-	_, err = net.LookupPort("tcp", port)
-	if err != nil {
+	// If a host is specified, check if it's a valid IP address or hostname.
+	if host != "" {
+		ip := net.ParseIP(host)
+		if ip == nil {
+			_, err := net.LookupHost(host)
+			if err != nil {
+				return false
+			}
+		}
+	}
+	// Check if the port is a valid integer and within the allowed range.
+	port, err := strconv.Atoi(portStr)
+	if err != nil || port < 0 || port > 65535 {
+		return false
+	}
+	if port == 0 {
 		return false
 	}
 
diff --git a/pkg/cmd/flags/server/server_test.go b/pkg/cmd/flags/server/server_test.go
index b68f432ab43f..f324f64c0c04 100644
--- a/pkg/cmd/flags/server/server_test.go
+++ b/pkg/cmd/flags/server/server_test.go
@@ -4,10 +4,11 @@ import (
 	"fmt"
 	"testing"
 
-	"github.com/aquasecurity/tracee/pkg/server/grpc"
-	"github.com/aquasecurity/tracee/pkg/server/http"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
+
+	"github.com/aquasecurity/tracee/pkg/server/grpc"
+	"github.com/aquasecurity/tracee/pkg/server/http"
 )
 
 func TestPrepareServer(t *testing.T) {
@@ -26,6 +27,14 @@ func TestPrepareServer(t *testing.T) {
 			},
 			expectedError: nil,
 		},
+		{
+			testName:    "http server only just port",
+			serverFlags: []string{"http.address=:8080"},
+			expectedServer: &Server{
+				HTTPServer: http.New(":8080"),
+			},
+			expectedError: nil,
+		},
 		{
 			testName:    "grpc server only",
 			serverFlags: []string{"grpc.address=unix:/tmp/tracee.sock"},
@@ -122,7 +131,6 @@ func TestPrepareServer(t *testing.T) {
 			} else {
 				assert.Equal(t, testcase.expectedServer, server)
 			}
-
 		})
 	}
 }
diff --git a/pkg/cmd/urfave/urfave.go b/pkg/cmd/urfave/urfave.go
index 4f55f7fa31b8..eaaa9d54eca1 100644
--- a/pkg/cmd/urfave/urfave.go
+++ b/pkg/cmd/urfave/urfave.go
@@ -5,8 +5,6 @@ import (
 
 	"github.com/aquasecurity/tracee/pkg/cmd"
 	"github.com/aquasecurity/tracee/pkg/cmd/flags"
-
-	// "github.com/aquasecurity/tracee/pkg/cmd/flags/server"
 	"github.com/aquasecurity/tracee/pkg/cmd/initialize"
 	"github.com/aquasecurity/tracee/pkg/cmd/printer"
 	"github.com/aquasecurity/tracee/pkg/config"