Add tracing to kolide tables

ee/katc/case.go

@@ -4,10 +4,14 @@ import (
 	"context"
 	"log/slog"
 
+	"github.com/kolide/launcher/pkg/traces"
 	"github.com/serenize/snaker"
 )
 
-func camelToSnake(_ context.Context, _ *slog.Logger, row map[string][]byte) (map[string][]byte, error) {
+func camelToSnake(ctx context.Context, _ *slog.Logger, row map[string][]byte) (map[string][]byte, error) {
+	_, span := traces.StartSpan(ctx)
+	defer span.End()
+
 	snakeCaseRow := make(map[string][]byte)
 	for k, v := range row {
 		snakeCaseKey := snaker.CamelToSnake(k)

ee/katc/deserialize_firefox.go

@@ -11,6 +11,7 @@ import (
 	"log/slog"
 	"strconv"
 
+	"github.com/kolide/launcher/pkg/traces"
 	"golang.org/x/text/encoding/unicode"
 	"golang.org/x/text/transform"
 )
@@ -37,6 +38,9 @@ const (
 // * https://stackoverflow.com/a/59923297
 // * https://searchfox.org/mozilla-central/source/js/src/vm/StructuredClone.cpp (see especially JSStructuredCloneReader::read)
 func deserializeFirefox(ctx context.Context, slogger *slog.Logger, row map[string][]byte) (map[string][]byte, error) {
+	_, span := traces.StartSpan(ctx)
+	defer span.End()
+
 	// IndexedDB data is stored by key "data" pointing to the serialized object. We want to
 	// extract that serialized object, and discard the top-level "data" key.
 	data, ok := row["data"]

ee/katc/indexeddb_leveldb.go

@@ -8,6 +8,7 @@ import (
 	"strings"
 
 	"github.com/kolide/launcher/ee/indexeddb"
+	"github.com/kolide/launcher/pkg/traces"
 	"github.com/osquery/osquery-go/plugin/table"
 )
 
@@ -16,6 +17,9 @@ import (
 // and object store specified in `query`, which it expects to be in the format
 // `<db name>.<object store name>`.
 func indexeddbLeveldbData(ctx context.Context, slogger *slog.Logger, sourcePaths []string, query string, queryContext table.QueryContext) ([]sourceData, error) {
+	_, span := traces.StartSpan(ctx)
+	defer span.End()
+
 	// Pull out path constraints from the query against the KATC table, to avoid querying more leveldb files than we need to.
 	pathConstraintsFromQuery := getPathConstraint(queryContext)
 

ee/katc/snappy.go

@@ -6,11 +6,15 @@ import (
 	"log/slog"
 
 	"github.com/golang/snappy"
+	"github.com/kolide/launcher/pkg/traces"
 )
 
 // snappyDecode is a dataProcessingStep that decodes data compressed with snappy.
 // We use this to decode data retrieved from Firefox IndexedDB sqlite-backed databases.
 func snappyDecode(ctx context.Context, _ *slog.Logger, row map[string][]byte) (map[string][]byte, error) {
+	_, span := traces.StartSpan(ctx)
+	defer span.End()
+
 	decodedRow := make(map[string][]byte)
 
 	for k, v := range row {

ee/katc/sqlite.go

@@ -8,12 +8,16 @@ import (
 	"path/filepath"
 	"strings"
 
+	"github.com/kolide/launcher/pkg/traces"
 	"github.com/osquery/osquery-go/plugin/table"
 	_ "modernc.org/sqlite"
 )
 
 // sqliteData is the dataFunc for sqlite KATC tables
 func sqliteData(ctx context.Context, slogger *slog.Logger, sourcePaths []string, query string, queryContext table.QueryContext) ([]sourceData, error) {
+	ctx, span := traces.StartSpan(ctx)
+	defer span.End()
+
 	// Pull out path constraints from the query against the KATC table, to avoid querying more sqlite dbs than we need to.
 	pathConstraintsFromQuery := getPathConstraint(queryContext)
 
@@ -60,6 +64,9 @@ func sourcePatternToGlobbablePattern(sourcePattern string) string {
 
 // querySqliteDb queries the database at the given path, returning rows of results
 func querySqliteDb(ctx context.Context, slogger *slog.Logger, path string, query string) ([]map[string][]byte, error) {
+	ctx, span := traces.StartSpan(ctx)
+	defer span.End()
+
 	dsn := fmt.Sprintf("file:%s?mode=ro&immutable=1", path)
 	conn, err := sql.Open("sqlite", dsn)
 	if err != nil {

ee/katc/table.go

@@ -9,6 +9,7 @@ import (
 	"runtime"
 	"strings"
 
+	"github.com/kolide/launcher/pkg/traces"
 	"github.com/osquery/osquery-go/plugin/table"
 )
 
@@ -17,6 +18,7 @@ const pathColumnName = "path"
 // katcTable is a Kolide ATC table. It queries the source and transforms the response data
 // per the configuration in its `cfg`.
 type katcTable struct {
+	tableName         string
 	sourceType        katcSourceType
 	sourcePaths       []string
 	sourceQuery       string
@@ -45,6 +47,7 @@ func newKatcTable(tableName string, cfg katcTableConfig, slogger *slog.Logger) (
 	}
 
 	k := katcTable{
+		tableName:    tableName,
 		columnLookup: columnLookup,
 		slogger:      slogger,
 	}
@@ -104,6 +107,9 @@ func filtersMatch(filters map[string]string) bool {
 
 // generate handles queries against a KATC table.
 func (k *katcTable) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) {
+	ctx, span := traces.StartSpan(ctx, "table_name", k.tableName)
+	defer span.End()
+
 	if k.sourceType.dataFunc == nil {
 		return nil, errors.New("table source type not set")
 	}

ee/tables/airport/table_darwin.go

@@ -16,6 +16,7 @@ import (
 	"github.com/kolide/launcher/ee/dataflatten"
 	"github.com/kolide/launcher/ee/tables/dataflattentable"
 	"github.com/kolide/launcher/ee/tables/tablehelpers"
+	"github.com/kolide/launcher/pkg/traces"
 	"github.com/osquery/osquery-go/plugin/table"
 )
 
@@ -57,16 +58,21 @@ type executor interface {
 }
 
 func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) {
+	ctx, span := traces.StartSpan(ctx, "table_name", tableName)
+	defer span.End()
 
 	airportExecutor := &airportExecutor{
 		ctx:     ctx,
 		slogger: t.slogger,
 	}
 
-	return generateAirportData(queryContext, airportExecutor, t.slogger)
+	return generateAirportData(ctx, queryContext, airportExecutor, t.slogger)
 }
 
-func generateAirportData(queryContext table.QueryContext, airportExecutor executor, slogger *slog.Logger) ([]map[string]string, error) {
+func generateAirportData(ctx context.Context, queryContext table.QueryContext, airportExecutor executor, slogger *slog.Logger) ([]map[string]string, error) {
+	ctx, span := traces.StartSpan(ctx)
+	defer span.End()
+
 	options := tablehelpers.GetConstraints(queryContext, "option", tablehelpers.WithAllowedValues(allowedOptions))
 
 	if len(options) == 0 {
@@ -77,7 +83,7 @@ func generateAirportData(queryContext table.QueryContext, airportExecutor execut
 	for _, option := range options {
 		airportOutput, err := airportExecutor.Exec(option)
 		if err != nil {
-			slogger.Log(context.TODO(), slog.LevelDebug,
+			slogger.Log(ctx, slog.LevelDebug,
 				"error execing airport",
 				"option", option,
 				"err", err,
@@ -87,7 +93,7 @@ func generateAirportData(queryContext table.QueryContext, airportExecutor execut
 
 		optionResult, err := processAirportOutput(bytes.NewReader(airportOutput), option, queryContext, slogger)
 		if err != nil {
-			slogger.Log(context.TODO(), slog.LevelDebug,
+			slogger.Log(ctx, slog.LevelDebug,
 				"error processing airport output",
 				"option", option,
 				"err", err,

ee/tables/airport/table_darwin_test.go

@@ -4,6 +4,7 @@
 package airport
 
 import (
+	"context"
 	"encoding/json"
 	"errors"
 	"io"
@@ -100,7 +101,7 @@ func Test_generateAirportData_HappyPath(t *testing.T) {
 				constraints["query"] = []string{tt.query}
 			}
 
-			got, err := generateAirportData(tablehelpers.MockQueryContext(constraints), executor, multislogger.NewNopLogger())
+			got, err := generateAirportData(context.TODO(), tablehelpers.MockQueryContext(constraints), executor, multislogger.NewNopLogger())
 			require.NoError(t, err)
 
 			executor.AssertExpectations(t)
@@ -218,7 +219,7 @@ func Test_generateAirportData_EdgeCases(t *testing.T) {
 
 			executor.On("Exec", mock.Anything).Return(tt.execReturn()).Once()
 
-			got, err := generateAirportData(tt.args.queryContext, executor, multislogger.NewNopLogger())
+			got, err := generateAirportData(context.TODO(), tt.args.queryContext, executor, multislogger.NewNopLogger())
 			tt.assertion(t, err)
 			assert.Equal(t, tt.want, got)
 		})

ee/tables/app-icons/app_icons_darwin.go

@@ -34,6 +34,7 @@ import (
 	"image/png"
 	"unsafe"
 
+	"github.com/kolide/launcher/pkg/traces"
 	"github.com/nfnt/resize"
 	"github.com/osquery/osquery-go/plugin/table"
 
@@ -52,6 +53,9 @@ func AppIcons() *table.Plugin {
 }
 
 func generateAppIcons(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) {
+	_, span := traces.StartSpan(ctx, "table_name", "kolide_app_icons")
+	defer span.End()
+
 	q, ok := queryContext.Constraints["path"]
 	if !ok || len(q.Constraints) == 0 {
 		return nil, errors.New("The kolide_app_icons table requires that you specify a constraint WHERE path =")

ee/tables/apple_silicon_security_policy/table.go

@@ -13,6 +13,7 @@ import (
 	"github.com/kolide/launcher/ee/dataflatten"
 	"github.com/kolide/launcher/ee/tables/dataflattentable"
 	"github.com/kolide/launcher/ee/tables/tablehelpers"
+	"github.com/kolide/launcher/pkg/traces"
 	"github.com/osquery/osquery-go/plugin/table"
 )
 
@@ -35,6 +36,9 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin {
 }
 
 func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) {
+	ctx, span := traces.StartSpan(ctx, "table_name", "kolide_apple_silicon_security_policy")
+	defer span.End()
+
 	var results []map[string]string
 
 	output, err := tablehelpers.RunSimple(ctx, t.slogger, 30, allowedcmd.Bputil, []string{bootPolicyUtilArgs})

ee/tables/crowdstrike/falcon_kernel_check/table.go

@@ -11,6 +11,7 @@ import (
 
 	"github.com/kolide/launcher/ee/allowedcmd"
 	"github.com/kolide/launcher/ee/tables/tablehelpers"
+	"github.com/kolide/launcher/pkg/traces"
 	"github.com/osquery/osquery-go/plugin/table"
 )
 
@@ -35,6 +36,9 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin {
 }
 
 func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) {
+	ctx, span := traces.StartSpan(ctx, "table_name", "kolide_falcon_kernel_check")
+	defer span.End()
+
 	output, err := tablehelpers.RunSimple(ctx, t.slogger, 5, allowedcmd.FalconKernelCheck, []string{})
 	if err != nil {
 		t.slogger.Log(ctx, slog.LevelInfo,

ee/tables/crowdstrike/falconctl/table.go

@@ -14,6 +14,7 @@ import (
 	"github.com/kolide/launcher/ee/dataflatten"
 	"github.com/kolide/launcher/ee/tables/dataflattentable"
 	"github.com/kolide/launcher/ee/tables/tablehelpers"
+	"github.com/kolide/launcher/pkg/traces"
 	"github.com/osquery/osquery-go/plugin/table"
 )
 
@@ -61,6 +62,9 @@ func NewFalconctlOptionTable(slogger *slog.Logger) *table.Plugin {
 }
 
 func (t *falconctlOptionsTable) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) {
+	ctx, span := traces.StartSpan(ctx, "table_name", "kolide_falconctl_options")
+	defer span.End()
+
 	var results []map[string]string
 
 	// Note that we don't use tablehelpers.AllowedValues here, because that would disallow us from

ee/tables/cryptoinfotable/table.go

@@ -14,6 +14,7 @@ import (
 	"github.com/kolide/launcher/ee/dataflatten"
 	"github.com/kolide/launcher/ee/tables/dataflattentable"
 	"github.com/kolide/launcher/ee/tables/tablehelpers"
+	"github.com/kolide/launcher/pkg/traces"
 	"github.com/osquery/osquery-go/plugin/table"
 )
 
@@ -35,6 +36,9 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin {
 }
 
 func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) {
+	ctx, span := traces.StartSpan(ctx, "table_name", "kolide_cryptinfo")
+	defer span.End()
+
 	var results []map[string]string
 
 	requestedPaths := tablehelpers.GetConstraints(queryContext, "path")

ee/tables/cryptsetup/table.go

@@ -13,6 +13,7 @@ import (
 	"github.com/kolide/launcher/ee/dataflatten"
 	"github.com/kolide/launcher/ee/tables/dataflattentable"
 	"github.com/kolide/launcher/ee/tables/tablehelpers"
+	"github.com/kolide/launcher/pkg/traces"
 	"github.com/osquery/osquery-go/plugin/table"
 )
 
@@ -37,6 +38,9 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin {
 }
 
 func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) {
+	ctx, span := traces.StartSpan(ctx, "table_name", "kolide_cryptsetup_status")
+	defer span.End()
+
 	var results []map[string]string
 
 	requestedNames := tablehelpers.GetConstraints(queryContext, "name",

ee/tables/dataflattentable/exec.go

@@ -10,6 +10,7 @@ import (
 	"github.com/kolide/launcher/ee/allowedcmd"
 	"github.com/kolide/launcher/ee/dataflatten"
 	"github.com/kolide/launcher/ee/tables/tablehelpers"
+	"github.com/kolide/launcher/pkg/traces"
 	"github.com/osquery/osquery-go/plugin/table"
 	"github.com/pkg/errors"
 )
@@ -45,6 +46,9 @@ func TablePluginExec(slogger *slog.Logger, tableName string, dataSourceType Data
 }
 
 func (t *Table) generateExec(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) {
+	ctx, span := traces.StartSpan(ctx, "table_name", t.tableName)
+	defer span.End()
+
 	var results []map[string]string
 
 	execBytes, err := tablehelpers.RunSimple(ctx, t.slogger, 50, t.cmdGen, t.execArgs)

ee/tables/dataflattentable/tables.go

@@ -12,6 +12,7 @@ import (
 	"github.com/kolide/launcher/ee/allowedcmd"
 	"github.com/kolide/launcher/ee/dataflatten"
 	"github.com/kolide/launcher/ee/tables/tablehelpers"
+	"github.com/kolide/launcher/pkg/traces"
 	"github.com/osquery/osquery-go"
 	"github.com/osquery/osquery-go/plugin/table"
 )
@@ -129,6 +130,9 @@ func TablePlugin(slogger *slog.Logger, dataSourceType DataSourceType) osquery.Os
 }
 
 func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) {
+	ctx, span := traces.StartSpan(ctx, "table_name", t.tableName)
+	defer span.End()
+
 	var results []map[string]string
 
 	requestedPaths := tablehelpers.GetConstraints(queryContext, "path")
@@ -204,6 +208,9 @@ func (t *Table) generateRawData(ctx context.Context, rawdata string, dataQuery s
 }
 
 func (t *Table) generatePath(ctx context.Context, filePath string, dataQuery string, flattenOpts ...dataflatten.FlattenOpts) ([]map[string]string, error) {
+	ctx, span := traces.StartSpan(ctx, "path", filePath)
+	defer span.End()
+
 	data, err := t.flattenFileFunc(filePath, flattenOpts...)
 	if err != nil {
 		t.slogger.Log(ctx, slog.LevelInfo,

ee/tables/desktopprocs/desktopprocs.go

@@ -5,6 +5,7 @@ import (
 	"fmt"
 
 	"github.com/kolide/launcher/ee/desktop/runner"
+	"github.com/kolide/launcher/pkg/traces"
 	"github.com/osquery/osquery-go/plugin/table"
 )
 
@@ -20,6 +21,9 @@ func TablePlugin() *table.Plugin {
 
 func generate() table.GenerateFunc {
 	return func(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) {
+		_, span := traces.StartSpan(ctx, "table_name", "kolide_desktop_procs")
+		defer span.End()
+
 		results := []map[string]string{}
 
 		for k, v := range runner.InstanceDesktopProcessRecords() {

ee/tables/dev_table_tooling/table.go

@@ -8,6 +8,7 @@ import (
 
 	"github.com/kolide/launcher/ee/allowedcmd"
 	"github.com/kolide/launcher/ee/tables/tablehelpers"
+	"github.com/kolide/launcher/pkg/traces"
 	"github.com/osquery/osquery-go/plugin/table"
 )
 
@@ -40,6 +41,9 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin {
 }
 
 func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) {
+	ctx, span := traces.StartSpan(ctx, "table_name", "kolide_dev_table_tooling")
+	defer span.End()
+
 	var results []map[string]string
 
 	for _, name := range tablehelpers.GetConstraints(queryContext, "name", tablehelpers.WithDefaults("")) {