sharang/compliance-scanner-agent
1
0
Fork 0
Code Issues 51 Pull Requests 1 Actions Packages Projects Releases 1 Wiki Activity

feat: add OpenTelemetry trace spans to all handlers and pipeline functions
All checks were successful
CI / Clippy (push) Successful in 4m26s
Details
CI / Security Audit (push) Successful in 1m46s
Details
CI / Format (push) Successful in 4s
Details
CI / Tests (push) Successful in 5m16s
Details
CI / Detect Changes (push) Successful in 4s
Details
CI / Deploy Agent (push) Successful in 3s
Details
CI / Deploy Dashboard (push) Has been skipped
Details
CI / Deploy Docs (push) Has been skipped
Details
CI / Deploy MCP (push) Has been skipped
Details

Browse Source 
Add #[tracing::instrument(skip_all)] to 44 functions:
- 19 API handlers in mod.rs
- 3 chat handlers, 6 DAST handlers, 7 graph handlers
- 2 pipeline orchestrator functions
- 7 scanner functions (sbom, semgrep, gitleaks, cve, lint, patterns)

This generates trace spans for SigNoz visibility into request
latency, scan pipeline stages, and error tracking.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Sharang Parnerkar
2026-03-10 17:08:13 +01:00
parent f394cc15de
commit 67d6a937ae
11 changed files with 44 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
compliance-agent/src/api/handlers/chat.rs
View File

@@ -17,6 +17,7 @@ use super::ApiResponse;
type AgentExt = Extension<Arc<ComplianceAgent>>;
/// POST /api/v1/chat/:repo_id — Send a chat message with RAG context
#[tracing::instrument(skip_all)]
pub async fn chat(
Extension(agent): AgentExt,
Path(repo_id): Path<String>,
@@ -126,6 +127,7 @@ pub async fn chat(
}
/// POST /api/v1/chat/:repo_id/build-embeddings — Trigger embedding build
#[tracing::instrument(skip_all)]
pub async fn build_embeddings(
Extension(agent): AgentExt,
Path(repo_id): Path<String>,
@@ -226,6 +228,7 @@ pub async fn build_embeddings(
}
/// GET /api/v1/chat/:repo_id/status — Get latest embedding build status
#[tracing::instrument(skip_all)]
pub async fn embedding_status(
Extension(agent): AgentExt,
Path(repo_id): Path<String>,

6
compliance-agent/src/api/handlers/dast.rs
View File

@@ -42,6 +42,7 @@ fn default_rate_limit() -> u32 {
}
/// GET /api/v1/dast/targets — List DAST targets
#[tracing::instrument(skip_all)]
pub async fn list_targets(
Extension(agent): AgentExt,
Query(params): Query<PaginationParams>,
@@ -73,6 +74,7 @@ pub async fn list_targets(
}
/// POST /api/v1/dast/targets — Add a new DAST target
#[tracing::instrument(skip_all)]
pub async fn add_target(
Extension(agent): AgentExt,
Json(req): Json<AddTargetRequest>,
@@ -99,6 +101,7 @@ pub async fn add_target(
}
/// POST /api/v1/dast/targets/:id/scan — Trigger DAST scan
#[tracing::instrument(skip_all)]
pub async fn trigger_scan(
Extension(agent): AgentExt,
Path(id): Path<String>,
@@ -138,6 +141,7 @@ pub async fn trigger_scan(
}
/// GET /api/v1/dast/scan-runs — List DAST scan runs
#[tracing::instrument(skip_all)]
pub async fn list_scan_runs(
Extension(agent): AgentExt,
Query(params): Query<PaginationParams>,
@@ -170,6 +174,7 @@ pub async fn list_scan_runs(
}
/// GET /api/v1/dast/findings — List DAST findings
#[tracing::instrument(skip_all)]
pub async fn list_findings(
Extension(agent): AgentExt,
Query(params): Query<PaginationParams>,
@@ -202,6 +207,7 @@ pub async fn list_findings(
}
/// GET /api/v1/dast/findings/:id — Finding detail with evidence
#[tracing::instrument(skip_all)]
pub async fn get_finding(
Extension(agent): AgentExt,
Path(id): Path<String>,

7
compliance-agent/src/api/handlers/graph.rs
View File

@@ -33,6 +33,7 @@ fn default_search_limit() -> usize {
}
/// GET /api/v1/graph/:repo_id — Full graph data
#[tracing::instrument(skip_all)]
pub async fn get_graph(
Extension(agent): AgentExt,
Path(repo_id): Path<String>,
@@ -88,6 +89,7 @@ pub async fn get_graph(
}
/// GET /api/v1/graph/:repo_id/nodes — List nodes (paginated)
#[tracing::instrument(skip_all)]
pub async fn get_nodes(
Extension(agent): AgentExt,
Path(repo_id): Path<String>,
@@ -109,6 +111,7 @@ pub async fn get_nodes(
}
/// GET /api/v1/graph/:repo_id/communities — List detected communities
#[tracing::instrument(skip_all)]
pub async fn get_communities(
Extension(agent): AgentExt,
Path(repo_id): Path<String>,
@@ -158,6 +161,7 @@ pub struct CommunityInfo {
}
/// GET /api/v1/graph/:repo_id/impact/:finding_id — Impact analysis
#[tracing::instrument(skip_all)]
pub async fn get_impact(
Extension(agent): AgentExt,
Path((repo_id, finding_id)): Path<(String, String)>,
@@ -179,6 +183,7 @@ pub async fn get_impact(
}
/// GET /api/v1/graph/:repo_id/search — BM25 symbol search
#[tracing::instrument(skip_all)]
pub async fn search_symbols(
Extension(agent): AgentExt,
Path(repo_id): Path<String>,
@@ -211,6 +216,7 @@ pub async fn search_symbols(
}
/// GET /api/v1/graph/:repo_id/file-content — Read source file from cloned repo
#[tracing::instrument(skip_all)]
pub async fn get_file_content(
Extension(agent): AgentExt,
Path(repo_id): Path<String>,
@@ -272,6 +278,7 @@ pub struct FileContent {
}
/// POST /api/v1/graph/:repo_id/build — Trigger graph rebuild
#[tracing::instrument(skip_all)]
pub async fn trigger_build(
Extension(agent): AgentExt,
Path(repo_id): Path<String>,

19
compliance-agent/src/api/handlers/mod.rs
View File

@@ -179,10 +179,12 @@ pub struct SbomVersionDiff {
type AgentExt = Extension<Arc<ComplianceAgent>>;
type ApiResult<T> = Result<Json<ApiResponse<T>>, StatusCode>;
#[tracing::instrument(skip_all)]
pub async fn health() -> Json<serde_json::Value> {
Json(serde_json::json!({ "status": "ok" }))
}
#[tracing::instrument(skip_all)]
pub async fn stats_overview(Extension(agent): AgentExt) -> ApiResult<OverviewStats> {
let db = &agent.db;
@@ -253,6 +255,7 @@ pub async fn stats_overview(Extension(agent): AgentExt) -> ApiResult<OverviewSta
}))
}
#[tracing::instrument(skip_all)]
pub async fn list_repositories(
Extension(agent): AgentExt,
Query(params): Query<PaginationParams>,
@@ -283,6 +286,7 @@ pub async fn list_repositories(
}))
}
#[tracing::instrument(skip_all)]
pub async fn add_repository(
Extension(agent): AgentExt,
Json(req): Json<AddRepositoryRequest>,
@@ -329,6 +333,7 @@ pub async fn add_repository(
}))
}
#[tracing::instrument(skip_all)]
pub async fn get_ssh_public_key(
Extension(agent): AgentExt,
) -> Result<Json<serde_json::Value>, StatusCode> {
@@ -337,6 +342,7 @@ pub async fn get_ssh_public_key(
Ok(Json(serde_json::json!({ "public_key": public_key.trim() })))
}
#[tracing::instrument(skip_all)]
pub async fn trigger_scan(
Extension(agent): AgentExt,
Path(id): Path<String>,
@@ -351,6 +357,7 @@ pub async fn trigger_scan(
Ok(Json(serde_json::json!({ "status": "scan_triggered" })))
}
#[tracing::instrument(skip_all)]
pub async fn delete_repository(
Extension(agent): AgentExt,
Path(id): Path<String>,
@@ -397,6 +404,7 @@ pub async fn delete_repository(
Ok(Json(serde_json::json!({ "status": "deleted" })))
}
#[tracing::instrument(skip_all)]
pub async fn list_findings(
Extension(agent): AgentExt,
Query(filter): Query<FindingsFilter>,
@@ -465,6 +473,7 @@ pub async fn list_findings(
}))
}
#[tracing::instrument(skip_all)]
pub async fn get_finding(
Extension(agent): AgentExt,
Path(id): Path<String>,
@@ -485,6 +494,7 @@ pub async fn get_finding(
}))
}
#[tracing::instrument(skip_all)]
pub async fn update_finding_status(
Extension(agent): AgentExt,
Path(id): Path<String>,
@@ -505,6 +515,7 @@ pub async fn update_finding_status(
Ok(Json(serde_json::json!({ "status": "updated" })))
}
#[tracing::instrument(skip_all)]
pub async fn bulk_update_finding_status(
Extension(agent): AgentExt,
Json(req): Json<BulkUpdateStatusRequest>,
@@ -534,6 +545,7 @@ pub async fn bulk_update_finding_status(
))
}
#[tracing::instrument(skip_all)]
pub async fn update_finding_feedback(
Extension(agent): AgentExt,
Path(id): Path<String>,
@@ -554,6 +566,7 @@ pub async fn update_finding_feedback(
Ok(Json(serde_json::json!({ "status": "updated" })))
}
#[tracing::instrument(skip_all)]
pub async fn sbom_filters(
Extension(agent): AgentExt,
) -> Result<Json<serde_json::Value>, StatusCode> {
@@ -585,6 +598,7 @@ pub async fn sbom_filters(
})))
}
#[tracing::instrument(skip_all)]
pub async fn list_sbom(
Extension(agent): AgentExt,
Query(filter): Query<SbomFilter>,
@@ -640,6 +654,7 @@ pub async fn list_sbom(
}))
}
#[tracing::instrument(skip_all)]
pub async fn export_sbom(
Extension(agent): AgentExt,
Query(params): Query<SbomExportParams>,
@@ -771,6 +786,7 @@ const COPYLEFT_LICENSES: &[&str] = &[
"MPL-2.0",
];
#[tracing::instrument(skip_all)]
pub async fn license_summary(
Extension(agent): AgentExt,
Query(params): Query<SbomFilter>,
@@ -816,6 +832,7 @@ pub async fn license_summary(
}))
}
#[tracing::instrument(skip_all)]
pub async fn sbom_diff(
Extension(agent): AgentExt,
Query(params): Query<SbomDiffParams>,
@@ -905,6 +922,7 @@ pub async fn sbom_diff(
}))
}
#[tracing::instrument(skip_all)]
pub async fn list_issues(
Extension(agent): AgentExt,
Query(params): Query<PaginationParams>,
@@ -936,6 +954,7 @@ pub async fn list_issues(
}))
}
#[tracing::instrument(skip_all)]
pub async fn list_scan_runs(
Extension(agent): AgentExt,
Query(params): Query<PaginationParams>,

1
compliance-agent/src/pipeline/cve.rs
View File

@@ -21,6 +21,7 @@ impl CveScanner {
}
}
#[tracing::instrument(skip_all)]
pub async fn scan_dependencies(
&self,
repo_id: &str,

1
compliance-agent/src/pipeline/gitleaks.rs
View File

@@ -17,6 +17,7 @@ impl Scanner for GitleaksScanner {
ScanType::SecretDetection
}
#[tracing::instrument(skip_all)]
async fn scan(&self, repo_path: &Path, repo_id: &str) -> Result<ScanOutput, CoreError> {
let output = tokio::process::Command::new("gitleaks")
.args([

1
compliance-agent/src/pipeline/lint.rs
View File

@@ -22,6 +22,7 @@ impl Scanner for LintScanner {
ScanType::Lint
}
#[tracing::instrument(skip_all)]
async fn scan(&self, repo_path: &Path, repo_id: &str) -> Result<ScanOutput, CoreError> {
let mut all_findings = Vec::new();

2
compliance-agent/src/pipeline/orchestrator.rs
View File

@@ -50,6 +50,7 @@ impl PipelineOrchestrator {
}
}
#[tracing::instrument(skip_all)]
pub async fn run(&self, repo_id: &str, trigger: ScanTrigger) -> Result<(), AgentError> {
// Look up the repository
let repo = self
@@ -108,6 +109,7 @@ impl PipelineOrchestrator {
result.map(|_| ())
}
#[tracing::instrument(skip_all)]
async fn run_pipeline(
&self,
repo: &TrackedRepository,

2
compliance-agent/src/pipeline/patterns.rs
View File

@@ -82,6 +82,7 @@ impl Scanner for GdprPatternScanner {
ScanType::Gdpr
}
#[tracing::instrument(skip_all)]
async fn scan(&self, repo_path: &Path, repo_id: &str) -> Result<ScanOutput, CoreError> {
let findings = scan_with_patterns(
repo_path,
@@ -146,6 +147,7 @@ impl Scanner for OAuthPatternScanner {
ScanType::OAuth
}
#[tracing::instrument(skip_all)]
async fn scan(&self, repo_path: &Path, repo_id: &str) -> Result<ScanOutput, CoreError> {
let findings = scan_with_patterns(
repo_path,

1
compliance-agent/src/pipeline/sbom.rs
View File

@@ -15,6 +15,7 @@ impl Scanner for SbomScanner {
ScanType::Sbom
}
#[tracing::instrument(skip_all)]
async fn scan(&self, repo_path: &Path, repo_id: &str) -> Result<ScanOutput, CoreError> {
let mut entries = Vec::new();

1
compliance-agent/src/pipeline/semgrep.rs
View File

@@ -17,6 +17,7 @@ impl Scanner for SemgrepScanner {
ScanType::Sast
}
#[tracing::instrument(skip_all)]
async fn scan(&self, repo_path: &Path, repo_id: &str) -> Result<ScanOutput, CoreError> {
let output = tokio::process::Command::new("semgrep")
.args(["--config=auto", "--json", "--quiet"])