cleanup: Started cleaning up the commenting format.

.devcontainer/Dockerfile

@@ -4,8 +4,8 @@
 ARG VARIANT="1.20"
 FROM mcr.microsoft.com/vscode/devcontainers/go:0-${VARIANT}
 
-COPY --from=aquasec/trivy:0.32.1 /usr/local/bin/trivy /usr/bin/trivy
+COPY --from=aquasec/trivy:0.38.3 /usr/local/bin/trivy /usr/bin/trivy
-COPY --from=securego/gosec:2.13.1 /bin/gosec /usr/bin/gosec
+COPY --from=securego/gosec:2.15.0 /bin/gosec /usr/bin/gosec
 
 # [Choice] Node.js version: none, lts/*, 16, 14, 12, 10
 ARG NODE_VERSION="none"

assets/docker/Dockerfile

@@ -1,4 +1,4 @@
-FROM dragonheim/golang:1.20 as builder
+FROM nikatjef/golang:1.20 as builder
 ARG SEMVER=${SEMVER:-0.0.7}
 
 WORKDIR /gagent

cmd/gagent/main.go

@@ -52,19 +52,27 @@ var environment struct {
 	UUID string `env:"GAGENT_UUID" envDefault:""`
 }
 
-// This is the application version number. It can be overridden at build time
+/*
-// using the -ldflags "-X main.semVER=0.0.1" option.
+ * This is the application version number. It can be overridden at build time
+ * using the -ldflags "-X main.semVER=0.0.1" option.
+ */
 var semVER = "0.0.6"
 
-// This is the application configuration. It is populated from the configuration
+/*
-// file and then used throughout the application.
+ * This is the application configuration. It is populated from the configuration
+ * file and then used throughout the application.
+ */
 var config gstructs.GagentConfig
 
-// We use a WaitGroup to wait for all goroutines to finish before exiting.
+/*
+ * We use a WaitGroup to wait for all goroutines to finish before exiting.
+ */
 var wg sync.WaitGroup
 
-// This is the main function, and it assumes that the configuration file has
+/*
-// already been read and parsed by the init() function.
+ * This is the main function, and it assumes that the configuration file has
+ * already been read and parsed by the init() function.
+ */
 func main() {
 	log.Printf("[DEBUG] Configuration is %v\n", config)
 
@@ -117,11 +125,12 @@ func main() {
 	os.Exit(0)
 }
 
-// This is the init() function. It is called before the main() function, and
+/*
-// it reads the configuration file, parses the command line arguments, and
+ * This is the init() function. It is called before the main() function, and
-// reads the environment variables. It also sets up the logging.
+ * it reads the configuration file, parses the command line arguments, and
+ * reads the environment variables. It also sets up the logging.
+ */
 func init() {
-	// var err error
 	autorestart.StartWatcher()
 
 	cfg := environment

docs/VULNERABILITIES.md

@@ -1,27 +1,32 @@
 ### [Source Code Scan](#source)
-
-IGNORED: We are not using the protocol buffers provided by gogo/protobuf
 ```
-2022-03-16T16:27:43.221-0700    INFO    Need to update DB
+2023-03-15T06:59:15.989-0700    INFO    Need to update DB
-2022-03-16T16:27:43.221-0700    INFO    Downloading DB...
+2023-03-15T06:59:15.989-0700    INFO    DB Repository: ghcr.io/aquasecurity/trivy-db
-26.43 MiB / 26.43 MiB [---------------------------------------------------------------------------------------------------------------------------------------------------------------] 100.00% 5.71 MiB p/s 5s
+2023-03-15T06:59:15.989-0700    INFO    Downloading DB...
-2022-03-16T16:27:49.073-0700    INFO    Number of language-specific files: 1
+36.01 MiB / 36.01 MiB [-----------------------------------------------------------------------------------------------------------------------------------------------------------------] 100.00% 7.93 MiB p/s 4.7s
-2022-03-16T16:27:49.073-0700    INFO    Detecting gomod vulnerabilities...
+2023-03-15T06:59:21.791-0700    INFO    Vulnerability scanning is enabled
+2023-03-15T06:59:21.791-0700    INFO    Secret scanning is enabled
+2023-03-15T06:59:21.791-0700    INFO    If your scanning is slow, please try '--scanners vuln' to disable secret scanning
+2023-03-15T06:59:21.791-0700    INFO    Please see also https://aquasecurity.github.io/trivy/v0.37/docs/secret/scanning/#recommendation for faster secret detection
+2023-03-15T06:59:25.698-0700    INFO    Number of language-specific files: 1
+2023-03-15T06:59:25.699-0700    INFO    Detecting gomod vulnerabilities...
 
-go.sum (gomod)
+Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)
-==============
-Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)
-
-+--------------------------+------------------+----------+-------------------+---------------+--------------------------------------+
-|         LIBRARY          | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION |                TITLE                 |
-+--------------------------+------------------+----------+-------------------+---------------+--------------------------------------+
-| github.com/gogo/protobuf | CVE-2021-3121    | HIGH     | 1.1.1             | 1.3.2         | gogo/protobuf:                       |
-|                          |                  |          |                   |               | plugin/unmarshal/unmarshal.go        |
-|                          |                  |          |                   |               | lacks certain index validation       |
-|                          |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2021-3121 |
-+--------------------------+------------------+----------+-------------------+---------------+--------------------------------------+
 ```
+
 ---
 ### [Image Scan](#image)
+```
+2023-03-15T07:05:44.377-0700    INFO    Vulnerability scanning is enabled
+2023-03-15T07:05:44.377-0700    INFO    Secret scanning is enabled
+2023-03-15T07:05:44.377-0700    INFO    If your scanning is slow, please try '--scanners vuln' to disable secret scanning
+2023-03-15T07:05:44.377-0700    INFO    Please see also https://aquasecurity.github.io/trivy/v0.37/docs/secret/scanning/#recommendation for faster secret detection
+2023-03-15T07:05:44.731-0700    INFO    Detected OS: alpine
+2023-03-15T07:05:44.731-0700    INFO    Detecting Alpine vulnerabilities...
+2023-03-15T07:05:44.732-0700    INFO    Number of language-specific files: 1
+2023-03-15T07:05:44.732-0700    INFO    Detecting gobinary vulnerabilities...
 
-NONE
+dragonheim/gagent:0.0.7 (alpine 3.17.2)
+
+Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)
+```

internal/chaindb/chaindb.go

@@ -9,8 +9,9 @@ import (
 	gstructs "github.com/dragonheim/gagent/internal/gstructs"
 
 	hclsimple "github.com/hashicorp/hcl/v2/hclsimple"
-	// hclwrite "github.com/hashicorp/hcl/v2/hclwrite"
+	/*
-)
+	 * hclwrite "github.com/hashicorp/hcl/v2/hclwrite"
+	 */)
 
 type GagentDb struct {
 	chainRow []*gagentDbRow `hcl:"timestamp,block"`

internal/client/client.go

@@ -18,13 +18,13 @@ import (
 )
 
 /*
-Client mode will send an agent file to a router for processing
+ * Client mode will send an agent file to a router for processing
-Clients do not process the agent files, only send them as
+ * Clients do not process the agent files, only send them as
-requests to a router. If started without arguments, the client
+ * requests to a router. If started without arguments, the client
-will contact the router and attempt to retrieve the results
+ * will contact the router and attempt to retrieve the results
-of it's most recent request.
+ * of it's most recent request.
-Main is the entrypoint for the client process
+ * Main is the entrypoint for the client process
-*/
+ */
 func Main(wg *sync.WaitGroup, config gstructs.GagentConfig) {
 	log.Printf("[INFO] Starting client\n")
 	defer wg.Done()
@@ -102,7 +102,6 @@ func sendAgent(wg *sync.WaitGroup, uuid string, connectString string, agent gstr
 	status, err := sock.SendMessage(agent)
 	if err != nil {
 		log.Printf("[ERROR] Failed to send agent to router\n")
-		// os.Exit(11)
 		return
 	}
 	log.Printf("[DEBUG] Agent send status: %d\n", status)

internal/gstructs/gstructs.go

@@ -1,6 +1,8 @@
 package gstructs
 
-// GagentConfig is the primary construct used by all modes
+/*
+ * GagentConfig is the primary construct used by all modes
+ */
 type GagentConfig struct {
 	Name        string           `hcl:"name,optional"`
 	Mode        string           `hcl:"mode,attr"`

internal/router/router.go

@@ -24,13 +24,13 @@ var (
 )
 
 /*
-The 'router' processes routing requests from the agent.  The router does
+ * The 'router' processes routing requests from the agent.  The router does
-not handle any of the agent activities beyond processing the agent's
+ * not handle any of the agent activities beyond processing the agent's
-list of tags and passing the agent and it's storage to either a member
+ * list of tags and passing the agent and it's storage to either a member
-or client node. Tags are used by the agent to give hints as to where
+ * or client node. Tags are used by the agent to give hints as to where
-it should be routed.
+ * it should be routed.
-Main is the entrypoint for the router
+ * Main is the entrypoint for the router
-*/
+ */
 func Main(wg *sync.WaitGroup, config gstructs.GagentConfig) {
 	log.Printf("[INFO] Starting router\n")
 	defer wg.Done()
@@ -139,7 +139,9 @@ func unwrap(msg []string) (head string, tail []string) {
 func answerClient(w http.ResponseWriter, r *http.Request) {
 	if r.URL.Path != "/" {
 		opsProcessed.Inc()
-		// fmt.Fprintf(w, "%v\n", r)
+		/*
+		 * fmt.Fprintf(w, "%v\n", r)
+		 */
 		http.NotFound(w, r)
 		return
 	}

internal/setup/setup.go

@@ -12,8 +12,8 @@ import (
 )
 
 /*
-Main is the entrypoint for the setup process
+ * Main is the entrypoint for the setup process
-*/
+ */
 func Main(wg *sync.WaitGroup, config gs.GagentConfig) {
 	log.Printf("[INFO] Starting setup\n")
 	defer wg.Done()
@@ -31,13 +31,15 @@ func Main(wg *sync.WaitGroup, config gs.GagentConfig) {
 
 	clientBlock1 := rootBody.AppendNewBlock("client", []string{config.Name})
 	clientBody1 := clientBlock1.Body()
-	// clientBody1.AppendUnstructuredTokens(
+	/*
-	// 	hclwrite.TokensForTraversal(hcl.Traversal{
+	 * clientBody1.AppendUnstructuredTokens(
-	// 		hcl.TraverseRoot{
+	 * 	hclwrite.TokensForTraversal(hcl.Traversal{
-	// 			Name: hcl.CommentGenerator("comment"),
+	 * 		hcl.TraverseRoot{
-	// 		},
+	 * 			Name: hcl.CommentGenerator("comment"),
-	// 	},
+	 * 		},
-	// 	))
+	 * 	},
+	 * 	))
+	 */
 	clientBody1.SetAttributeValue("clientid", cty.StringVal(config.UUID))
 	rootBody.AppendNewline()
 

internal/worker/worker.go

@@ -7,7 +7,9 @@ import (
 
 	gstructs "github.com/dragonheim/gagent/internal/gstructs"
 
-	// picol "github.com/dragonheim/gagent/src/picol"
+	/*
+	 * picol "github.com/dragonheim/gagent/src/picol"
+	 */
 
 	prometheus "github.com/prometheus/client_golang/prometheus"
 	promauto "github.com/prometheus/client_golang/prometheus/promauto"
@@ -22,12 +24,12 @@ var (
 )
 
 /*
-The "worker" processes the agent code. The worker nodes do not know
+ * The "worker" processes the agent code. The worker nodes do not know
-anything about the network structure. Instead they know only to which
+ * anything about the network structure. Instead they know only to which
-router(s) they are connected. The worker will execute the agent code and
+ * router(s) they are connected. The worker will execute the agent code and
-pass the agent and it's results to a router.
+ * pass the agent and it's results to a router.
-Main is the entrypoint for the worker process
+ * Main is the entrypoint for the worker process
-*/
+ */
 func Main(wg *sync.WaitGroup, config gstructs.GagentConfig) {
 	log.Printf("[INFO] Starting worker\n")
 	defer wg.Done()
@@ -46,7 +48,9 @@ func Main(wg *sync.WaitGroup, config gstructs.GagentConfig) {
 		wg.Add(1)
 		go getAgent(wg, config.UUID, connectString)
 	}
-	// workerListener := fmt.Sprintf("tcp://%s:%d", config.ListenAddr, config.WorkerPort)
+	/*
+	 * workerListener := fmt.Sprintf("tcp://%s:%d", config.ListenAddr, config.WorkerPort)
+	 */
 
 }