sharang/compliance-scanner-agent
1
0
Fork 0
Code Issues 51 Pull Requests 1 Actions Packages Projects Releases 1 Wiki Activity

feat: add OpenTelemetry trace spans to all handlers and pipeline functions
All checks were successful
CI / Clippy (push) Successful in 4m26s
Details
CI / Security Audit (push) Successful in 1m46s
Details
CI / Format (push) Successful in 4s
Details
CI / Tests (push) Successful in 5m16s
Details
CI / Detect Changes (push) Successful in 4s
Details
CI / Deploy Agent (push) Successful in 3s
Details
CI / Deploy Dashboard (push) Has been skipped
Details
CI / Deploy Docs (push) Has been skipped
Details
CI / Deploy MCP (push) Has been skipped
Details

Browse Source 
Add #[tracing::instrument(skip_all)] to 44 functions:
- 19 API handlers in mod.rs
- 3 chat handlers, 6 DAST handlers, 7 graph handlers
- 2 pipeline orchestrator functions
- 7 scanner functions (sbom, semgrep, gitleaks, cve, lint, patterns)

This generates trace spans for SigNoz visibility into request
latency, scan pipeline stages, and error tracking.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Sharang Parnerkar
2026-03-10 17:08:13 +01:00
parent f394cc15de
commit 67d6a937ae
11 changed files with 44 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
compliance-agent/src/pipeline/cve.rs
View File

@@ -21,6 +21,7 @@ impl CveScanner {
}
}
#[tracing::instrument(skip_all)]
pub async fn scan_dependencies(
&self,
repo_id: &str,

1
compliance-agent/src/pipeline/gitleaks.rs
View File

@@ -17,6 +17,7 @@ impl Scanner for GitleaksScanner {
ScanType::SecretDetection
}
#[tracing::instrument(skip_all)]
async fn scan(&self, repo_path: &Path, repo_id: &str) -> Result<ScanOutput, CoreError> {
let output = tokio::process::Command::new("gitleaks")
.args([

1
compliance-agent/src/pipeline/lint.rs
View File

@@ -22,6 +22,7 @@ impl Scanner for LintScanner {
ScanType::Lint
}
#[tracing::instrument(skip_all)]
async fn scan(&self, repo_path: &Path, repo_id: &str) -> Result<ScanOutput, CoreError> {
let mut all_findings = Vec::new();

2
compliance-agent/src/pipeline/orchestrator.rs
View File

@@ -50,6 +50,7 @@ impl PipelineOrchestrator {
}
}
#[tracing::instrument(skip_all)]
pub async fn run(&self, repo_id: &str, trigger: ScanTrigger) -> Result<(), AgentError> {
// Look up the repository
let repo = self
@@ -108,6 +109,7 @@ impl PipelineOrchestrator {
result.map(|_| ())
}
#[tracing::instrument(skip_all)]
async fn run_pipeline(
&self,
repo: &TrackedRepository,

2
compliance-agent/src/pipeline/patterns.rs
View File

@@ -82,6 +82,7 @@ impl Scanner for GdprPatternScanner {
ScanType::Gdpr
}
#[tracing::instrument(skip_all)]
async fn scan(&self, repo_path: &Path, repo_id: &str) -> Result<ScanOutput, CoreError> {
let findings = scan_with_patterns(
repo_path,
@@ -146,6 +147,7 @@ impl Scanner for OAuthPatternScanner {
ScanType::OAuth
}
#[tracing::instrument(skip_all)]
async fn scan(&self, repo_path: &Path, repo_id: &str) -> Result<ScanOutput, CoreError> {
let findings = scan_with_patterns(
repo_path,

1
compliance-agent/src/pipeline/sbom.rs
View File

@@ -15,6 +15,7 @@ impl Scanner for SbomScanner {
ScanType::Sbom
}
#[tracing::instrument(skip_all)]
async fn scan(&self, repo_path: &Path, repo_id: &str) -> Result<ScanOutput, CoreError> {
let mut entries = Vec::new();

1
compliance-agent/src/pipeline/semgrep.rs
View File

@@ -17,6 +17,7 @@ impl Scanner for SemgrepScanner {
ScanType::Sast
}
#[tracing::instrument(skip_all)]
async fn scan(&self, repo_path: &Path, repo_id: &str) -> Result<ScanOutput, CoreError> {
let output = tokio::process::Command::new("semgrep")
.args(["--config=auto", "--json", "--quiet"])