tracing: add enclave-specific tracing solution

patrislav · patrislav · commit 689dcdb8d686 · 2026-03-30T18:13:58.000+02:00
diff --git a/tracing/enclave_provider.go b/tracing/enclave_provider.go
@@ -0,0 +1,52 @@
+package tracing
+
+import (
+	"context"
+
+	"github.com/0xsequence/nitrocontrol/enclave"
+	"github.com/0xsequence/nsm/request"
+	"github.com/0xsequence/nsm/response"
+)
+
+func WrapEnclaveProvider(provider enclave.Provider) enclave.Provider {
+	return func() (enclave.Session, error) {
+		sess, err := provider()
+		if err != nil {
+			return nil, err
+		}
+		return &wrappedSession{Session: sess}, nil
+	}
+}
+
+type wrappedSession struct {
+	enclave.Session
+}
+
+func (w *wrappedSession) Send(ctx context.Context, req request.Request) (res response.Response, err error) {
+	ctx, span := Trace(ctx, w.getSpanName(req))
+	defer func() {
+		span.RecordError(err)
+		span.End()
+	}()
+	return w.Session.Send(ctx, req)
+}
+
+func (*wrappedSession) getSpanName(req request.Request) string {
+	switch req.(type) {
+	case *request.DescribePCR:
+		return "NSM.DescribePCR"
+	case *request.ExtendPCR:
+		return "NSM.ExtendPCR"
+	case *request.LockPCR:
+		return "NSM.LockPCR"
+	case *request.LockPCRs:
+		return "NSM.LockPCRs"
+	case *request.DescribeNSM:
+		return "NSM.DescribeNSM"
+	case *request.Attestation:
+		return "NSM.Attestation"
+	case *request.GetRandom:
+		return "NSM.GetRandom"
+	}
+	return "NSM.Send"
+}
diff --git a/tracing/http_client.go b/tracing/http_client.go
@@ -0,0 +1,64 @@
+package tracing
+
+import (
+	"context"
+	"net/http"
+)
+
+type HTTPClient interface {
+	Do(*http.Request) (*http.Response, error)
+	Get(string) (*http.Response, error)
+}
+
+type wrappedClient struct {
+	HTTPClient
+	ctx context.Context
+}
+
+func WrapClient(c HTTPClient) HTTPClient {
+	return &wrappedClient{HTTPClient: c}
+}
+
+func WrapClientWithContext(ctx context.Context, c HTTPClient) HTTPClient {
+	return &wrappedClient{HTTPClient: c, ctx: ctx}
+}
+
+func (c *wrappedClient) Do(req *http.Request) (res *http.Response, err error) {
+	ctx, span := Trace(req.Context(), req.URL.Host, WithSpanKind(SpanKindClient))
+	defer func() {
+		if err != nil {
+			span.RecordError(err)
+		} else {
+			span.SetMetadata(map[string]any{
+				"http.status_code":             res.StatusCode,
+				"http.response_content_length": res.ContentLength,
+			})
+			span.SetStatus(res.StatusCode)
+		}
+		span.End()
+	}()
+
+	span.SetMetadata(map[string]any{
+		"http.method":                 req.Method,
+		"http.url":                    req.URL.String(),
+		"http.scheme":                 req.URL.Scheme,
+		"http.query":                  req.URL.RawQuery,
+		"http.path":                   req.URL.Path,
+		"http.request_content_length": req.ContentLength,
+	})
+
+	return c.HTTPClient.Do(req.WithContext(ctx))
+}
+
+func (c *wrappedClient) Get(url string) (*http.Response, error) {
+	req, err := http.NewRequest(http.MethodGet, url, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	if c.ctx != nil {
+		req = req.WithContext(c.ctx)
+	}
+
+	return c.Do(req)
+}
diff --git a/tracing/log.go b/tracing/log.go
@@ -0,0 +1,113 @@
+package tracing
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"log/slog"
+	"sort"
+	"time"
+)
+
+type Log struct {
+	Time       time.Time      `json:"time"`
+	Level      slog.Level     `json:"level"`
+	Message    string         `json:"msg"`
+	Attributes map[string]any `json:"attributes,omitempty"`
+}
+
+func (l *Log) UnmarshalJSON(data []byte) error {
+	var rawMap map[string]json.RawMessage
+	if err := json.Unmarshal(data, &rawMap); err != nil {
+		return err
+	}
+
+	l.Attributes = make(map[string]any)
+
+	for k, v := range rawMap {
+		switch k {
+		case "time":
+			if err := json.Unmarshal(v, &l.Time); err != nil {
+				return fmt.Errorf("unmarshal %q: %w", k, err)
+			}
+		case "msg":
+			if err := json.Unmarshal(v, &l.Message); err != nil {
+				return fmt.Errorf("unmarshal %q: %w", k, err)
+			}
+		case "level":
+			if err := json.Unmarshal(v, &l.Level); err != nil {
+				return fmt.Errorf("unmarshal %q: %w", k, err)
+			}
+		default:
+			var value any
+			if err := json.Unmarshal(v, &value); err != nil {
+				return fmt.Errorf("unmarshal %q: %w", k, err)
+			}
+			l.Attributes[k] = value
+		}
+	}
+
+	return nil
+}
+
+func ExtractLogs(ctx context.Context, logger *slog.Logger, span *Span) error {
+	logs, err := span.getLogs()
+	if err != nil {
+		return err
+	}
+
+	sort.Slice(logs, func(i, j int) bool {
+		return logs[i].Time.Before(logs[j].Time)
+	})
+
+	for _, log := range logs {
+		attrs := make([]slog.Attr, 0, len(log.Attributes))
+		for k, v := range log.Attributes {
+			attrs = append(attrs, slog.Any(k, v))
+		}
+
+		record := slog.Record{
+			Level:   log.Level,
+			Message: log.Message,
+			Time:    log.Time,
+		}
+		record.AddAttrs(attrs...)
+		logger.Handler().Handle(ctx, record)
+	}
+
+	return nil
+}
+
+func (s *Span) getLogs() ([]*Log, error) {
+	logs := make([]*Log, len(s.Logs))
+	for i, log := range s.Logs {
+		if err := json.Unmarshal(log, &logs[i]); err != nil {
+			return nil, err
+		}
+	}
+
+	for _, child := range s.Children {
+		childLogs, err := child.getLogs()
+		if err != nil {
+			return nil, err
+		}
+		logs = append(logs, childLogs...)
+	}
+
+	if s.Metadata != nil {
+		if msg, ok := s.Metadata["exception.message"].(string); ok {
+			attrs := make(map[string]any)
+			for k, v := range s.Annotations {
+				attrs[k] = v
+			}
+			logs = append(logs, &Log{
+				Time:       s.EndTime,
+				Level:      slog.LevelError,
+				Message:    msg,
+				Attributes: attrs,
+			})
+		}
+	}
+
+	return logs, nil
+}
diff --git a/tracing/middleware.go b/tracing/middleware.go
@@ -0,0 +1,55 @@
+package tracing
+
+import (
+	"bytes"
+	"encoding/json"
+	"net/http"
+
+	"github.com/go-chi/chi/v5/middleware"
+	"github.com/go-chi/traceid"
+)
+
+func Middleware(errorFn func(http.ResponseWriter, error)) func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			var body bytes.Buffer
+			ww := middleware.NewWrapResponseWriter(w, r.ProtoMajor)
+			ww.Tee(&body)
+			ww.Discard()
+
+			tid := traceid.FromContext(r.Context())
+			ctx, span := Trace(
+				r.Context(),
+				r.URL.Path,
+				WithSpanKind(SpanKindServer),
+				WithMetadata(map[string]any{
+					"sequence.traceid": tid,
+					"net.host.name":    r.Host,
+					"server.address":   r.Host,
+					"http.method":      r.Method,
+					"http.url":         r.URL.String(),
+					"url.path":         r.URL.Path,
+					"url.query":        r.URL.RawQuery,
+				}),
+			)
+
+			next.ServeHTTP(ww, r.WithContext(ctx))
+
+			span.SetStatus(ww.Status())
+			span.End()
+			spanJSON, err := json.Marshal(span)
+			if err != nil {
+				errorFn(w, err)
+				return
+			}
+
+			w.Header().Set("X-Sequence-Span", string(spanJSON))
+
+			w.WriteHeader(ww.Status())
+			if _, err := body.WriteTo(w); err != nil {
+				errorFn(w, err)
+				return
+			}
+		})
+	}
+}
diff --git a/tracing/span.go b/tracing/span.go
