Initial commit: logcorrelator with unified packaging (DEB + RPM using fpm)

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
2026-02-27 15:31:46 +01:00
commit 8fc14c1e94
35 changed files with 4829 additions and 0 deletions
--- a/internal/adapters/outbound/file/sink.go
+++ b/internal/adapters/outbound/file/sink.go
@ -0,0 +1,168 @@
+package file
+
+import (
+	"bufio"
+	"context"
+	"encoding/json"
+	"fmt"
+	"os"
+	"path/filepath"
+	"strings"
+	"sync"
+
+	"github.com/logcorrelator/logcorrelator/internal/domain"
+)
+
+const (
+	// DefaultFilePermissions for output files
+	DefaultFilePermissions os.FileMode = 0644
+	// DefaultDirPermissions for output directories
+	DefaultDirPermissions os.FileMode = 0750
+)
+
+// Config holds the file sink configuration.
+type Config struct {
+	Path string
+}
+
+// FileSink writes correlated logs to a file as JSON lines.
+type FileSink struct {
+	config Config
+	mu     sync.Mutex
+	file   *os.File
+	writer *bufio.Writer
+}
+
+// NewFileSink creates a new file sink.
+func NewFileSink(config Config) (*FileSink, error) {
+	// Validate path
+	if err := validateFilePath(config.Path); err != nil {
+		return nil, fmt.Errorf("invalid file path: %w", err)
+	}
+
+	return &FileSink{
+		config: config,
+	}, nil
+}
+
+// Name returns the sink name.
+func (s *FileSink) Name() string {
+	return "file"
+}
+
+// Write writes a correlated log to the file.
+func (s *FileSink) Write(ctx context.Context, log domain.CorrelatedLog) error {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+
+	if s.file == nil {
+		if err := s.openFile(); err != nil {
+			return err
+		}
+	}
+
+	data, err := json.Marshal(log)
+	if err != nil {
+		return fmt.Errorf("failed to marshal log: %w", err)
+	}
+
+	if _, err := s.writer.Write(data); err != nil {
+		return fmt.Errorf("failed to write log: %w", err)
+	}
+	if _, err := s.writer.WriteString("\n"); err != nil {
+		return fmt.Errorf("failed to write newline: %w", err)
+	}
+
+	return nil
+}
+
+// Flush flushes any buffered data.
+func (s *FileSink) Flush(ctx context.Context) error {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+
+	if s.writer != nil {
+		return s.writer.Flush()
+	}
+	return nil
+}
+
+// Close closes the sink.
+func (s *FileSink) Close() error {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+
+	if s.writer != nil {
+		if err := s.writer.Flush(); err != nil {
+			return err
+		}
+	}
+
+	if s.file != nil {
+		return s.file.Close()
+	}
+	return nil
+}
+
+func (s *FileSink) openFile() error {
+	// Validate path again before opening
+	if err := validateFilePath(s.config.Path); err != nil {
+		return fmt.Errorf("invalid file path: %w", err)
+	}
+
+	// Ensure directory exists
+	dir := filepath.Dir(s.config.Path)
+	if err := os.MkdirAll(dir, DefaultDirPermissions); err != nil {
+		return fmt.Errorf("failed to create directory: %w", err)
+	}
+
+	file, err := os.OpenFile(s.config.Path, os.O_APPEND|os.O_CREATE|os.O_WRONLY, DefaultFilePermissions)
+	if err != nil {
+		return fmt.Errorf("failed to open file: %w", err)
+	}
+
+	s.file = file
+	s.writer = bufio.NewWriter(file)
+	return nil
+}
+
+// validateFilePath validates that the file path is safe and allowed.
+func validateFilePath(path string) error {
+	if path == "" {
+		return fmt.Errorf("path cannot be empty")
+	}
+
+	// Clean the path
+	cleanPath := filepath.Clean(path)
+
+	// Ensure path is absolute or relative to allowed directories
+	allowedPrefixes := []string{
+		"/var/log/logcorrelator",
+		"/var/log",
+		"/tmp",
+	}
+
+	// Check if path is in allowed directories
+	allowed := false
+	for _, prefix := range allowedPrefixes {
+		if strings.HasPrefix(cleanPath, prefix) {
+			allowed = true
+			break
+		}
+	}
+
+	if !allowed {
+		// Allow relative paths for testing
+		if !filepath.IsAbs(cleanPath) {
+			return nil
+		}
+		return fmt.Errorf("path must be in allowed directories: %v", allowedPrefixes)
+	}
+
+	// Check for path traversal
+	if strings.Contains(cleanPath, "..") {
+		return fmt.Errorf("path cannot contain '..'")
+	}
+
+	return nil
+}
--- a/internal/adapters/outbound/file/sink_test.go
+++ b/internal/adapters/outbound/file/sink_test.go
@ -0,0 +1,96 @@
+package file
+
+import (
+	"context"
+	"os"
+	"path/filepath"
+	"testing"
+
+	"github.com/logcorrelator/logcorrelator/internal/domain"
+)
+
+func TestFileSink_Write(t *testing.T) {
+	tmpDir := t.TempDir()
+	testPath := filepath.Join(tmpDir, "test.log")
+
+	sink, err := NewFileSink(Config{Path: testPath})
+	if err != nil {
+		t.Fatalf("failed to create sink: %v", err)
+	}
+	defer sink.Close()
+
+	log := domain.CorrelatedLog{
+		SrcIP:      "192.168.1.1",
+		SrcPort:    8080,
+		Correlated: true,
+	}
+
+	if err := sink.Write(context.Background(), log); err != nil {
+		t.Fatalf("failed to write: %v", err)
+	}
+
+	if err := sink.Flush(context.Background()); err != nil {
+		t.Fatalf("failed to flush: %v", err)
+	}
+
+	// Verify file exists and contains data
+	data, err := os.ReadFile(testPath)
+	if err != nil {
+		t.Fatalf("failed to read file: %v", err)
+	}
+
+	if len(data) == 0 {
+		t.Error("expected non-empty file")
+	}
+}
+
+func TestFileSink_MultipleWrites(t *testing.T) {
+	tmpDir := t.TempDir()
+	testPath := filepath.Join(tmpDir, "test.log")
+
+	sink, err := NewFileSink(Config{Path: testPath})
+	if err != nil {
+		t.Fatalf("failed to create sink: %v", err)
+	}
+	defer sink.Close()
+
+	for i := 0; i < 5; i++ {
+		log := domain.CorrelatedLog{
+			SrcIP:   "192.168.1.1",
+			SrcPort: 8080 + i,
+		}
+		if err := sink.Write(context.Background(), log); err != nil {
+			t.Fatalf("failed to write: %v", err)
+		}
+	}
+
+	sink.Close()
+
+	// Verify file has 5 lines
+	data, err := os.ReadFile(testPath)
+	if err != nil {
+		t.Fatalf("failed to read file: %v", err)
+	}
+
+	lines := 0
+	for _, b := range data {
+		if b == '\n' {
+			lines++
+		}
+	}
+
+	if lines != 5 {
+		t.Errorf("expected 5 lines, got %d", lines)
+	}
+}
+
+func TestFileSink_Name(t *testing.T) {
+	sink, err := NewFileSink(Config{Path: "/tmp/test.log"})
+	if err != nil {
+		t.Fatalf("failed to create sink: %v", err)
+	}
+
+	if sink.Name() != "file" {
+		t.Errorf("expected name 'file', got %s", sink.Name())
+	}
+}