carverauto/serviceradar

Fork 0

sysmon-vm to sysmon-osx rename #2501

Merged

mfreeman451 merged 3 commits from refs/pull/2501/head into main

2025-12-03 18:59:57 +00:00

mfreeman451 commented

2025-12-03 18:30:13 +00:00

(Migrated from github.com)

Owner

Imported from GitHub pull request.

Original GitHub pull request: #2051
Original author: @mfreeman451
Original URL: https://github.com/carverauto/serviceradar/pull/2051
Original created: 2025-12-03T18:30:13Z
Original updated: 2025-12-03T19:00:03Z
Original head: carverauto/serviceradar:chore/sysmon-vm-rename
Original base: main
Original merged: 2025-12-03T18:59:57Z by @mfreeman451

User description

IMPORTANT: Please sign the Developer Certificate of Origin

Thank you for your contribution to ServiceRadar. Please note, when contributing, the developer must include
a DCO sign-off statement indicating the DCO acceptance in one commit message. Here
is an example DCO Signed-off-by line in a commit message:

Signed-off-by: J. Doe <j.doe@domain.com>

Describe your changes

Issue ticket number and link

Code checklist before requesting a review

I have signed the DCO?
The build completes without errors?
All tests are passing when running make test?

PR Type

Enhancement

Description

Rename sysmon-vm to sysmon-osx across codebase
Update package names, imports, and service identifiers
Refactor configuration paths and environment variables
Update documentation and deployment scripts

Diagram Walkthrough

flowchart LR
  A["sysmon-vm<br/>package/service"] -->|rename| B["sysmon-osx<br/>package/service"]
  C["Config paths<br/>sysmon-vm.json"] -->|update| D["Config paths<br/>sysmon-osx.json"]
  E["Imports<br/>pkg/checker/sysmonvm"] -->|refactor| F["Imports<br/>pkg/checker/sysmonosx"]
  G["Service names<br/>launchd/systemd"] -->|rename| H["Service names<br/>launchd/systemd"]

File Walkthrough

Relevant files

Refactoring

17 files

main.go `Update imports and service identifiers`	+21/-21
registry.go `Update service name case matching`	+1/-1
config.go `Update package name and documentation`	+2/-2
service.go `Update package name and log messages`	+8/-8
service_test.go `Update package name and test references`	+4/-4
cli.go `Update component type references`	+2/-2
edge_onboarding.go `Update component type and comments`	+2/-2
metrics.go `Update service name case matching`	+1/-1
sysmon.ts `Rename TypeScript interface types`	+11/-11
host-install-macos.sh `Update paths and service names`	+12/-12
package-host-macos.sh `Update distribution and package names`	+14/-14
Makefile `Rename make targets and update references`	+10/-50
page.tsx `Update command example in UI`	+1/-1
WatcherTelemetryPanel.tsx `Update service name in component`	+1/-1
metric-components.jsx `Update display label for sysmon-osx`	+1/-1
Dashboard.tsx `Update component import and service name`	+3/-3
SysmonOsxDetails.tsx `Rename component and update interfaces`	+15/-15

Documentation

9 files

help.go `Update help text for edge package mtls`	+1/-1
edge_onboarding.py `Update certificate comments`
bootstrap.go `Update documentation and examples`	+2/-2
sidebars.ts `Update documentation reference`	+1/-1
README.md `Create new README for sysmon-osx`	+55/-0
README.md `Update documentation for macOS integration`	+8/-8
README.md `Remove old sysmon-vm documentation`	+0/-84
compose-mtls-sysmonosx.md `Update runbook for sysmon-osx`	+10/-10
sysmonosx-e2e.md `Simplify end-to-end validation runbook`	+26/-45

Configuration changes

21 files

registry.go `Update service descriptor configuration`	+5/-5
generate-certs.sh `Update certificate generation names`	+1/-1
setup-edge-poller.sh `Update config file references`	+2/-1
update-config.sh `Update environment variables and paths`	+23/-23
clang-tidy.yml `Update workflow path filters`	+2/-2
BUILD.bazel `Update Bazel alias names`	+2/-2
BUILD.bazel `Update Bazel build target names`	+6/-6
BUILD.bazel `Update plist file references`	+2/-2
com.serviceradar.sysmonosx.plist `Update launchd plist configuration`	+5/-5
config.json `Update service name in poller config`	+1/-1
docker-compose.yml `Update environment variables and paths`	+2/-2
poller-stack.compose.yml `Update config file references`	+2/-2
poller.docker.json `Update service name and address variable`	+2/-2
sysmon-osx.checker.json `Update checker configuration names`	+3/-3
poller.json `Update service name in poller config`	+1/-1
BUILD.bazel `Create new Bazel build for sysmonosx`	+91/-0
postinstall `Create postinstall script for sysmonosx`	+9/-9
preinstall `Create preinstall script for sysmonosx`	+6/-6
BUILD.bazel `Remove old sysmonvm packaging`	+0/-91
BUILD.bazel `Update Bazel build target names`	+4/-4
serviceradar-sysmon-osx.service `Update systemd service file`	+2/-2

Additional files

15 files

sysmon-osx.json.example	[link]
edge_onboarding.go	+1/-1
BUILD.bazel	[link]
build-checker.sh	[link]
fetch-image.sh	[link]
host-setup.sh	[link]
vm-bootstrap.sh	[link]
vm-copy.sh	[link]
vm-create.sh	[link]
vm-destroy.sh	[link]
vm-install-checker.sh	[link]
vm-ssh.sh	[link]
vm-start.sh	[link]
config.example.yaml	[link]
sysmon-vm.json	[link]

Imported from GitHub pull request. Original GitHub pull request: #2051 Original author: @mfreeman451 Original URL: https://github.com/carverauto/serviceradar/pull/2051 Original created: 2025-12-03T18:30:13Z Original updated: 2025-12-03T19:00:03Z Original head: carverauto/serviceradar:chore/sysmon-vm-rename Original base: main Original merged: 2025-12-03T18:59:57Z by @mfreeman451 --- ### **User description** ## IMPORTANT: Please sign the Developer Certificate of Origin Thank you for your contribution to ServiceRadar. Please note, when contributing, the developer must include a [DCO sign-off statement]( https://developercertificate.org/) indicating the DCO acceptance in one commit message. Here is an example DCO Signed-off-by line in a commit message: ``` Signed-off-by: J. Doe <j.doe@domain.com> ``` ## Describe your changes ## Issue ticket number and link ## Code checklist before requesting a review - [ ] I have signed the DCO? - [ ] The build completes without errors? - [ ] All tests are passing when running make test? ___ ### **PR Type** Enhancement ___ ### **Description** - Rename sysmon-vm to sysmon-osx across codebase - Update package names, imports, and service identifiers - Refactor configuration paths and environment variables - Update documentation and deployment scripts ___ ### Diagram Walkthrough ```mermaid flowchart LR A["sysmon-vm package/service"] -->|rename| B["sysmon-osx package/service"] C["Config paths sysmon-vm.json"] -->|update| D["Config paths sysmon-osx.json"] E["Imports pkg/checker/sysmonvm"] -->|refactor| F["Imports pkg/checker/sysmonosx"] G["Service names launchd/systemd"] -->|rename| H["Service names launchd/systemd"] ``` <details> <summary><h3> File Walkthrough</h3></summary> <table><thead><tr><th></th><th align="left">Relevant files</th></tr></thead><tbody><tr><td>Refactoring</td><td><details><summary>17 files</summary><table> <tr> <td>main.go<dd><code>Update imports and service identifiers</code>                                      </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-db84f1c0f437e6d5b3cba3ee2768c095c6c4ea129f8a1b4419a2862662711ad0">+21/-21</a>  </td> </tr> <tr> <td>registry.go<dd><code>Update service name case matching</code>                                                </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-9ea3b939dfe069a8743ce6d9b53e9601b8dd4cc680a249c1994a95a9c119102f">+1/-1</a>      </td> </tr> <tr> <td>config.go<dd><code>Update package name and documentation</code>                                        </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-88a1bf8690e70d4026ccb523ef5016e96833016cc378e1ff5eb730c395976e5a">+2/-2</a>      </td> </tr> <tr> <td>service.go<dd><code>Update package name and log messages</code>                                          </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-d93f4b5ac51067017ea772febe30f8ff01f4fffd2e9accf2bf68793b45f1de1e">+8/-8</a>      </td> </tr> <tr> <td>service_test.go<dd><code>Update package name and test references</code>                                    </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-76ed98ad460e4e112702d09a4fca8697f02cab9e6439ef0f1f9e0b4c678fa8d0">+4/-4</a>      </td> </tr> <tr> <td>cli.go<dd><code>Update component type references</code>                                                  </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-3040c236897f2704958b674ce81c445b6de53f2ff4c204c812ec510de8a76a73">+2/-2</a>      </td> </tr> <tr> <td>edge_onboarding.go<dd><code>Update component type and comments</code>                                              </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-df917d3115d52d8e8eb0341e2b1538e93cc226823218d31241494bfdde1e349d">+2/-2</a>      </td> </tr> <tr> <td>metrics.go<dd><code>Update service name case matching</code>                                                </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-6d98e853ce17576c088e77956ae4ecfa8078019e0bff107a79d8d1d6ed2443ad">+1/-1</a>      </td> </tr> <tr> <td>sysmon.ts<dd><code>Rename TypeScript interface types</code>                                                </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-7138b7f0a8e7ea5411ac38fb35c31160d11b0ae1342ebc7168836df60036668b">+11/-11</a>  </td> </tr> <tr> <td>host-install-macos.sh<dd><code>Update paths and service names</code>                                                      </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-f9a94df88bcf4160b4ac1c5ec1a89eccbeb6d99c4c16159fecde561bf48cce2f">+12/-12</a>  </td> </tr> <tr> <td>package-host-macos.sh<dd><code>Update distribution and package names</code>                                        </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-b0a9ee4e5f91c2115705a3fa8668e36686c45966280f27653c405e3bb28423fc">+14/-14</a>  </td> </tr> <tr> <td>Makefile<dd><code>Rename make targets and update references</code>                                </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-76ed074a9305c04054cdebb9e9aad2d818052b07091de1f20cad0bbac34ffb52">+10/-50</a>  </td> </tr> <tr> <td>page.tsx<dd><code>Update command example in UI</code>                                                          </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-d627c4ba6a102a46a28024061371276f01053b63f20c75986aef2631b967bafc">+1/-1</a>      </td> </tr> <tr> <td>WatcherTelemetryPanel.tsx<dd><code>Update service name in component</code>                                                  </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-b35ea6ada7032b27a263d2e00a6ad5112693b6485cfbd07c48fca7fab626caa9">+1/-1</a>      </td> </tr> <tr> <td>metric-components.jsx<dd><code>Update display label for sysmon-osx</code>                                            </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-cf2e8733e93c0ad1169a2764b2745e428a1121bf4da588fb9a8d00b73b5746f4">+1/-1</a>      </td> </tr> <tr> <td>Dashboard.tsx<dd><code>Update component import and service name</code>                                  </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-a0046922157d76341ddcd07416191c7a7add740deefbf01ee66c1f49e7da4582">+3/-3</a>      </td> </tr> <tr> <td>SysmonOsxDetails.tsx<dd><code>Rename component and update interfaces</code>                                      </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-2bce88d1bcefdbab4d6776de592377df3f05000851ed8afc9671434b1e16695e">+15/-15</a>  </td> </tr> </table></details></td></tr><tr><td>Documentation</td><td><details><summary>9 files</summary><table> <tr> <td>help.go<dd><code>Update help text for edge package mtls</code>                                      </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-b70ce1645a9961f5fdb9ecb53b12bb9a1ceab4868cd645b86db9e916a067f644">+1/-1</a>      </td> </tr> <tr> <td>edge_onboarding.py<dd><code>Update certificate comments</code>                                                            </dd></td> <td><a href=""></a></td> </tr> <tr> <td>bootstrap.go<dd><code>Update documentation and examples</code>                                                </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-283b2e83f2964f3318b59df9e6fac381ee502a7238161c49f76fd4168b6d2800">+2/-2</a>      </td> </tr> <tr> <td>sidebars.ts<dd><code>Update documentation reference</code>                                                      </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-6e908f6e4016ad389cfb93ce7a47df677247c0f9d17c3589710592e8cf9527e0">+1/-1</a>      </td> </tr> <tr> <td>README.md<dd><code>Create new README for sysmon-osx</code>                                                  </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-2e9751b437fa61442aac074c7a4a912d0ac50ac3ea156ac8aedd8478d21c6bdb">+55/-0</a>    </td> </tr> <tr> <td>README.md<dd><code>Update documentation for macOS integration</code>                              </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-e3f3457a6ed99bb0cd0cf442d1cab7a1c4ea17023fa8b65517b16ff3cc63351a">+8/-8</a>      </td> </tr> <tr> <td>README.md<dd><code>Remove old sysmon-vm documentation</code>                                              </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-f72d7c40673ad7eb78ef313ce5aa05442176de542f531a96ca5776156ac41d4b">+0/-84</a>    </td> </tr> <tr> <td>compose-mtls-sysmonosx.md<dd><code>Update runbook for sysmon-osx</code>                                                        </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-6faf517c376b3509d0b14235f1b674a825f0399cd8a20791d8caf3b6ef16525b">+10/-10</a>  </td> </tr> <tr> <td>sysmonosx-e2e.md<dd><code>Simplify end-to-end validation runbook</code>                                      </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-63786d97ec31541ba3f9dd97ce19ada9f583faa39be33880c29e491ff77e0b25">+26/-45</a>  </td> </tr> </table></details></td></tr><tr><td>Configuration changes</td><td><details><summary>21 files</summary><table> <tr> <td>registry.go<dd><code>Update service descriptor configuration</code>                                    </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-571dd192b00a11d35be5792632115c32a9fc59eb70e0716f0e9c49fe12940e8c">+5/-5</a>      </td> </tr> <tr> <td>generate-certs.sh<dd><code>Update certificate generation names</code>                                            </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-8298241543b4744a6ac7780c760ac5b5a0a87ba62de19c8612ebe1aba0996ebd">+1/-1</a>      </td> </tr> <tr> <td>setup-edge-poller.sh<dd><code>Update config file references</code>                                                        </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-d7aec89d87f4cc98f4d6935e49a8f6ce571bc6dda254d894e93b60922f3a775f">+2/-1</a>      </td> </tr> <tr> <td>update-config.sh<dd><code>Update environment variables and paths</code>                                      </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-9ae50be83a13010a038389c74407ba1bde8cabcea0944e238c4b3374133f78bf">+23/-23</a>  </td> </tr> <tr> <td>clang-tidy.yml<dd><code>Update workflow path filters</code>                                                          </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-2b7b9696b464e236f8066c1c1d33c6c91c95160f813e2b3fe59ddf0e83057ebf">+2/-2</a>      </td> </tr> <tr> <td>BUILD.bazel<dd><code>Update Bazel alias names</code>                                                                  </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-884fa9353a5226345e44fbabea3300efc7a87dfbcde0b6a42521ca51823f1b68">+2/-2</a>      </td> </tr> <tr> <td>BUILD.bazel<dd><code>Update Bazel build target names</code>                                                    </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-5bd88c2b4346ac8dae2b483fd66bdd518f3bce7e046262c4bcd3267a2cd5345f">+6/-6</a>      </td> </tr> <tr> <td>BUILD.bazel<dd><code>Update plist file references</code>                                                          </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-e1d7428b1ee8122a169b68b907ca88ed028ec0ff594521b290b2fc25e874b174">+2/-2</a>      </td> </tr> <tr> <td>com.serviceradar.sysmonosx.plist<dd><code>Update launchd plist configuration</code>                                              </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-5caa1b288cfc4bd6d874882025f709aae660edd61c8332d2c684bcd5d64dfbdd">+5/-5</a>      </td> </tr> <tr> <td>config.json<dd><code>Update service name in poller config</code>                                          </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-9edc2486fff55fc399e0ac96dba5137948a7ea7285f5ef7846835355684b7ab5">+1/-1</a>      </td> </tr> <tr> <td>docker-compose.yml<dd><code>Update environment variables and paths</code>                                      </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-e45e45baeda1c1e73482975a664062aa56f20c03dd9d64a827aba57775bed0d3">+2/-2</a>      </td> </tr> <tr> <td>poller-stack.compose.yml<dd><code>Update config file references</code>                                                        </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-f3b5c991c2c1f7646db0ca4ed9bcb5df0f313ce6a05d8f3c890f80c873f776f5">+2/-2</a>      </td> </tr> <tr> <td>poller.docker.json<dd><code>Update service name and address variable</code>                                  </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-d64ebb69ec31e831efd187c47a5bfff2573960306b177f6464e91cb44a3c709d">+2/-2</a>      </td> </tr> <tr> <td>sysmon-osx.checker.json<dd><code>Update checker configuration names</code>                                              </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-044334b566d907c77656b7f951092709da2a111dc968da9a76315b1c71200cf4">+3/-3</a>      </td> </tr> <tr> <td>poller.json<dd><code>Update service name in poller config</code>                                          </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-cf86f725886f29895b3abb110489858a4778b2638fbf570ae95fac08d9ebac44">+1/-1</a>      </td> </tr> <tr> <td>BUILD.bazel<dd><code>Create new Bazel build for sysmonosx</code>                                          </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-8a3734215de4035942bdc24d0581a64bd2b18231a63029cc8afb63a4bb06e7ed">+91/-0</a>    </td> </tr> <tr> <td>postinstall<dd><code>Create postinstall script for sysmonosx</code>                                    </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-921ec86fee8c88ff2ed792f2e785ce40b4e7c784a9e6f3d8ae7937cf5ef6d894">+9/-9</a>      </td> </tr> <tr> <td>preinstall<dd><code>Create preinstall script for sysmonosx</code>                                      </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-8c2998c90ef8a1a0ee64e260a176008bc5819d8fb6c4d60df2c90e2f7657dc09">+6/-6</a>      </td> </tr> <tr> <td>BUILD.bazel<dd><code>Remove old sysmonvm packaging</code>                                                        </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-61bb5e1d8b1e798d3a834a32ab46845f70bd9bd4b7d20bbfd76a8016e34f9754">+0/-91</a>    </td> </tr> <tr> <td>BUILD.bazel<dd><code>Update Bazel build target names</code>                                                    </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-af8dfa595cc8df053cea67a29bd1fe9fb11d899e13f58ce1399170f6f16fb1ef">+4/-4</a>      </td> </tr> <tr> <td>serviceradar-sysmon-osx.service<dd><code>Update systemd service file</code>                                                            </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-5216c575145675bfb6498e2489a0ca1a40f74172a450bbc17007ab64fdc7b671">+2/-2</a>      </td> </tr> </table></details></td></tr><tr><td>Additional files</td><td><details><summary>15 files</summary><table> <tr> <td>sysmon-osx.json.example</td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-759794ddc007d82397fda1a73a61d3be16bfa9bb4cbd4b187816189438fff9f0">[link]</a>    </td> </tr> <tr> <td>edge_onboarding.go</td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-85874e3c4bdcc9110db09909f10648d44cdee554b26c987f910502321eb20b5c">+1/-1</a>      </td> </tr> <tr> <td>BUILD.bazel</td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-e5dbe4023fb59a453ee0dd6d5da51ed1fdaef8e6d10afdbf25d2453561a7ebfa">[link]</a>    </td> </tr> <tr> <td>build-checker.sh</td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-ccdc5c2a5b17eacd8f109e8759e00217f7e29a30b9722b5c1a753d94e3e1f378">[link]</a>    </td> </tr> <tr> <td>fetch-image.sh</td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-c003318207155d168229ed2e4999546eadc1768ac7c838f147af708b46cc20c5">[link]</a>    </td> </tr> <tr> <td>host-setup.sh</td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-374d2504d510eea72f415623d9685488b6de3cdfaa232a822adabcab4fd01a2a">[link]</a>    </td> </tr> <tr> <td>vm-bootstrap.sh</td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-de05e3f65cfaa1d95dcc7b8eaa674d52d2b1d655f3a8a7396451abe6a0dced8b">[link]</a>    </td> </tr> <tr> <td>vm-copy.sh</td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-b8ab5e74eaad2fcc8b525af7907b4cb5d44d870fdfc95d18fc5b8f59f12da393">[link]</a>    </td> </tr> <tr> <td>vm-create.sh</td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-2f570eb59123b6403e41db0a48b2b5dbd60d9112de5ec4c9fbbbfb3423394461">[link]</a>    </td> </tr> <tr> <td>vm-destroy.sh</td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-0848c2622f5992503345505c967b1ead220342e14a7f831d8c006edc454b2772">[link]</a>    </td> </tr> <tr> <td>vm-install-checker.sh</td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-37e9c856bd573d6930783040903bbdbb3db1464ec6500722aa790f36418e91ef">[link]</a>    </td> </tr> <tr> <td>vm-ssh.sh</td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-7b88e5482c958219da5af30b5090ff6669d0af79abb0b7a78090b89729358f32">[link]</a>    </td> </tr> <tr> <td>vm-start.sh</td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-16931eb41c7aa159614f74431a0bf04dfde8052e04dc9ffeb955edc8bba90876">[link]</a>    </td> </tr> <tr> <td>config.example.yaml</td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-dbb2081d0b52a1ec05aeff9865bf7a86e2915788e1b0e3b4aca597b7159926de">[link]</a>    </td> </tr> <tr> <td>sysmon-vm.json</td> <td><a href="https://github.com/carverauto/serviceradar/pull/2051/files#diff-c8ef11735f9f971eb7b5bdb4d0838ce3bcc433162ee4251abdc37c0c67dd1072">[link]</a>    </td> </tr> </table></details></td></tr></tr></tbody></table> </details> ___

qodo-code-review[bot] commented

2025-12-03 18:31:12 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR comment.

Original author: @qodo-code-review[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/2051#issuecomment-3608247943
Original created: 2025-12-03T18:31:12Z

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
🟢	No security concerns identified No security vulnerabilities detected by AI analysis. Human verification advised for critical code.
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
🟢	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
⚪	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: Action Logging: Newly added operational actions (service name changes, config paths, mTLS bootstrap params, and launchd restarts) do not include explicit audit logs of critical events beyond generic component logs, making it unclear if audit trail requirements are met. Referred Code log.Fatalf("sysmon-osx checker failed: %v", err) } } func run() error { configPath := flag.String("config", defaultConfigPath, "Path to sysmon-osx config file") _ = flag.String("onboarding-token", "", "Edge onboarding token (SPIFFE path; triggers edge onboarding)") _ = flag.String("kv-endpoint", "", "KV service endpoint (required for edge onboarding)") mtlsMode := flag.Bool("mtls", false, "Enable mTLS bootstrap (token or bundle required)") mtlsToken := flag.String("token", "", "mTLS onboarding token (edgepkg-v1)") mtlsHost := flag.String("host", "", "Core API host for mTLS bundle download (e.g. http://core:8090)") mtlsBundlePath := flag.String("bundle", "", "Path to a pre-fetched mTLS bundle (tar.gz or JSON)") mtlsCertDir := flag.String("cert-dir", "/etc/serviceradar/certs", "Directory to write mTLS certs/keys") mtlsServerName := flag.String("server-name", "sysmon-osx.serviceradar", "Server name to present in mTLS") mtlsBootstrapOnly := flag.Bool("mtls-bootstrap-only", false, "Run mTLS bootstrap, persist config, then exit without starting the service") flag.Parse() Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: Error Context: Error logs and returns on JSON marshal and frequency collection provide messages but do not show inclusion of salient request/context values for debugging (e.g., service name, agent/poller IDs) at error paths. Referred Code `messageBytes, err := json.Marshal(payload) if err != nil { s.log.Error().Err(err).Msg("failed to marshal sysmon-osx payload") return s.failureResponse(req, start, fmt.Errorf("serialization error: %w", err)), nil }` Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Input Validation: Newly added flags and config path changes accept external inputs (addresses, tokens, bundles, server names) without visible validation or normalization in the added code hunks, which may require upstream validation not shown here. Referred Code configPath := flag.String("config", defaultConfigPath, "Path to sysmon-osx config file") _ = flag.String("onboarding-token", "", "Edge onboarding token (SPIFFE path; triggers edge onboarding)") _ = flag.String("kv-endpoint", "", "KV service endpoint (required for edge onboarding)") mtlsMode := flag.Bool("mtls", false, "Enable mTLS bootstrap (token or bundle required)") mtlsToken := flag.String("token", "", "mTLS onboarding token (edgepkg-v1)") mtlsHost := flag.String("host", "", "Core API host for mTLS bundle download (e.g. http://core:8090)") mtlsBundlePath := flag.String("bundle", "", "Path to a pre-fetched mTLS bundle (tar.gz or JSON)") mtlsCertDir := flag.String("cert-dir", "/etc/serviceradar/certs", "Directory to write mTLS certs/keys") mtlsServerName := flag.String("server-name", "sysmon-osx.serviceradar", "Server name to present in mTLS") mtlsBootstrapOnly := flag.Bool("mtls-bootstrap-only", false, "Run mTLS bootstrap, persist config, then exit without starting the service") flag.Parse() Learn more about managing compliance generic rules or creating your own custom rules
Update

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

Imported GitHub PR comment. Original author: @qodo-code-review[bot] Original URL: https://github.com/carverauto/serviceradar/pull/2051#issuecomment-3608247943 Original created: 2025-12-03T18:31:12Z --- ## PR Compliance Guide 🔍  Below is a summary of compliance checks for this PR: <table><tbody><tr><td colspan='2'>Security Compliance</td></tr> <tr><td>🟢</td><td><details><summary>No security concerns identified</summary> No security vulnerabilities detected by AI analysis. Human verification advised for critical code. </details></td></tr> <tr><td colspan='2'>Ticket Compliance</td></tr> <tr><td>⚪</td><td><details><summary>🎫 No ticket provided </summary> - [ ] Create ticket/issue  </details></td></tr> <tr><td colspan='2'>Codebase Duplication Compliance</td></tr> <tr><td>⚪</td><td><details><summary>Codebase context is not defined </summary> Follow the <a href='https://qodo-merge-docs.qodo.ai/core-abilities/rag_context_enrichment/'>guide</a> to enable codebase context checks. </details></td></tr> <tr><td colspan='2'>Custom Compliance</td></tr> <tr><td rowspan=3>🟢</td><td> <details><summary>Generic: Meaningful Naming and Self-Documenting Code</summary> **Objective:** Ensure all identifiers clearly express their purpose and intent, making code self-documenting **Status:** Passed > Learn more about managing compliance <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#configuration-options'>generic rules</a> or creating your own <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#custom-compliance'>custom rules</a> </details></td></tr> <tr><td> <details><summary>Generic: Secure Error Handling</summary> **Objective:** To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. **Status:** Passed > Learn more about managing compliance <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#configuration-options'>generic rules</a> or creating your own <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#custom-compliance'>custom rules</a> </details></td></tr> <tr><td> <details><summary>Generic: Secure Logging Practices</summary> **Objective:** To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. **Status:** Passed > Learn more about managing compliance <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#configuration-options'>generic rules</a> or creating your own <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#custom-compliance'>custom rules</a> </details></td></tr> <tr><td rowspan=3>⚪</td> <td><details> <summary>Generic: Comprehensive Audit Trails</summary> **Objective:** To create a detailed and reliable record of critical system actions for security analysis and compliance. **Status:** <a href='https://github.com/carverauto/serviceradar/pull/2051/files#diff-db84f1c0f437e6d5b3cba3ee2768c095c6c4ea129f8a1b4419a2862662711ad0R41-R57'>Action Logging</a>: Newly added operational actions (service name changes, config paths, mTLS bootstrap params, and launchd restarts) do not include explicit audit logs of critical events beyond generic component logs, making it unclear if audit trail requirements are met. <details open><summary>Referred Code</summary> ```go log.Fatalf("sysmon-osx checker failed: %v", err) } } func run() error { configPath := flag.String("config", defaultConfigPath, "Path to sysmon-osx config file") _ = flag.String("onboarding-token", "", "Edge onboarding token (SPIFFE path; triggers edge onboarding)") _ = flag.String("kv-endpoint", "", "KV service endpoint (required for edge onboarding)") mtlsMode := flag.Bool("mtls", false, "Enable mTLS bootstrap (token or bundle required)") mtlsToken := flag.String("token", "", "mTLS onboarding token (edgepkg-v1)") mtlsHost := flag.String("host", "", "Core API host for mTLS bundle download (e.g. http://core:8090)") mtlsBundlePath := flag.String("bundle", "", "Path to a pre-fetched mTLS bundle (tar.gz or JSON)") mtlsCertDir := flag.String("cert-dir", "/etc/serviceradar/certs", "Directory to write mTLS certs/keys") mtlsServerName := flag.String("server-name", "sysmon-osx.serviceradar", "Server name to present in mTLS") mtlsBootstrapOnly := flag.Bool("mtls-bootstrap-only", false, "Run mTLS bootstrap, persist config, then exit without starting the service") flag.Parse() ``` </details> > Learn more about managing compliance <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#configuration-options'>generic rules</a> or creating your own <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#custom-compliance'>custom rules</a> </details></td></tr> <tr><td><details> <summary>Generic: Robust Error Handling and Edge Case Management</summary> **Objective:** Ensure comprehensive error handling that provides meaningful context and graceful degradation **Status:** <a href='https://github.com/carverauto/serviceradar/pull/2051/files#diff-d93f4b5ac51067017ea772febe30f8ff01f4fffd2e9accf2bf68793b45f1de1eR146-R151'>Error Context</a>: Error logs and returns on JSON marshal and frequency collection provide messages but do not show inclusion of salient request/context values for debugging (e.g., service name, agent/poller IDs) at error paths. <details open><summary>Referred Code</summary> ```go messageBytes, err := json.Marshal(payload) if err != nil { s.log.Error().Err(err).Msg("failed to marshal sysmon-osx payload") return s.failureResponse(req, start, fmt.Errorf("serialization error: %w", err)), nil } ``` </details> > Learn more about managing compliance <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#configuration-options'>generic rules</a> or creating your own <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#custom-compliance'>custom rules</a> </details></td></tr> <tr><td><details> <summary>Generic: Security-First Input Validation and Data Handling</summary> **Objective:** Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities **Status:** <a href='https://github.com/carverauto/serviceradar/pull/2051/files#diff-db84f1c0f437e6d5b3cba3ee2768c095c6c4ea129f8a1b4419a2862662711ad0R46-R56'>Input Validation</a>: Newly added flags and config path changes accept external inputs (addresses, tokens, bundles, server names) without visible validation or normalization in the added code hunks, which may require upstream validation not shown here. <details open><summary>Referred Code</summary> ```go configPath := flag.String("config", defaultConfigPath, "Path to sysmon-osx config file") _ = flag.String("onboarding-token", "", "Edge onboarding token (SPIFFE path; triggers edge onboarding)") _ = flag.String("kv-endpoint", "", "KV service endpoint (required for edge onboarding)") mtlsMode := flag.Bool("mtls", false, "Enable mTLS bootstrap (token or bundle required)") mtlsToken := flag.String("token", "", "mTLS onboarding token (edgepkg-v1)") mtlsHost := flag.String("host", "", "Core API host for mTLS bundle download (e.g. http://core:8090)") mtlsBundlePath := flag.String("bundle", "", "Path to a pre-fetched mTLS bundle (tar.gz or JSON)") mtlsCertDir := flag.String("cert-dir", "/etc/serviceradar/certs", "Directory to write mTLS certs/keys") mtlsServerName := flag.String("server-name", "sysmon-osx.serviceradar", "Server name to present in mTLS") mtlsBootstrapOnly := flag.Bool("mtls-bootstrap-only", false, "Run mTLS bootstrap, persist config, then exit without starting the service") flag.Parse() ``` </details> > Learn more about managing compliance <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#configuration-options'>generic rules</a> or creating your own <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#custom-compliance'>custom rules</a> </details></td></tr> <tr><td align="center" colspan="2"> - [ ] Update  </td></tr></tbody></table> <details><summary>Compliance status legend</summary> 🟢 - Fully Compliant 🟡 - Partial Compliant 🔴 - Not Compliant ⚪ - Requires Further Human Verification 🏷️ - Compliance label </details>

qodo-code-review[bot] commented

2025-12-03 18:32:18 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR comment.

Original author: @qodo-code-review[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/2051#issuecomment-3608252066
Original created: 2025-12-03T18:32:18Z

PR Code Suggestions ✨

Explore these optional code suggestions:

Category Suggestion Impact

Possible issue

Category	Suggestion	Impact
Possible issue	✅ ~~Add missing dependencies to genrule~~ Suggestion Impact: The commit added the three suggested targets to the genrule's tools list alongside the existing script, addressing the missing dependencies. code diff: `- tools = ["//scripts/sysmonosx:package-host-macos.sh"], + tools = [ + "//scripts/sysmonosx:package-host-macos.sh", + ":sysmonosx_checker_binary", + ":sysmonosx_config_file", + ":sysmonosx_launchd_plist", + ],` Add missing dependencies (`sysmonosx_checker_binary`, `sysmonosx_config_file`, `sysmonosx_launchd_plist`) to the `tools` attribute of the `sysmonosx_host_pkg` `genrule`. packaging/sysmonosx_host/BUILD.bazel [69-91] genrule( name = "sysmonosx_host_pkg", srcs = [ "//scripts/sysmonosx:package-host-macos.sh", ":pkg_scripts", ], outs = ["serviceradar-sysmonosx-host-macos.pkg"], cmd = """ set -euo pipefail SKIP_PKG=0 \ "$(location //scripts/sysmonosx:package-host-macos.sh)" cp "dist/sysmonosx/serviceradar-sysmonosx-host-macos.pkg" "$@" """, - tools = ["//scripts/sysmonosx:package-host-macos.sh"], + tools = [ + "//scripts/sysmonosx:package-host-macos.sh", + ":sysmonosx_checker_binary", + ":sysmonosx_config_file", + ":sysmonosx_launchd_plist", + ], local = True, target_compatible_with = ["@platforms//os:macos"], tags = [ "no-remote", "requires-macos", ], ) `[Suggestion processed]` Suggestion importance[1-10]: 8 __ Why: The suggestion correctly identifies missing Bazel dependencies in a `genrule`, which could cause race conditions in parallel builds, and proposes the correct fix to ensure build correctness.	Medium
Update

✅ ~~Add missing dependencies to genrule~~

Suggestion Impact:

The commit added the three suggested targets to the genrule's tools list alongside the existing script, addressing the missing dependencies.

code diff:

-    tools = ["//scripts/sysmonosx:package-host-macos.sh"],
+    tools = [
+        "//scripts/sysmonosx:package-host-macos.sh",
+        ":sysmonosx_checker_binary",
+        ":sysmonosx_config_file",
+        ":sysmonosx_launchd_plist",
+    ],

Add missing dependencies (sysmonosx_checker_binary, sysmonosx_config_file,
sysmonosx_launchd_plist) to the tools attribute of the sysmonosx_host_pkg
genrule.

packaging/sysmonosx_host/BUILD.bazel [69-91]

 genrule(
     name = "sysmonosx_host_pkg",
     srcs = [
         "//scripts/sysmonosx:package-host-macos.sh",
         ":pkg_scripts",
     ],
     outs = ["serviceradar-sysmonosx-host-macos.pkg"],
     cmd = """
 set -euo pipefail
 
 SKIP_PKG=0 \
 "$(location //scripts/sysmonosx:package-host-macos.sh)"
 
 cp "dist/sysmonosx/serviceradar-sysmonosx-host-macos.pkg" "$@"
     """,
-    tools = ["//scripts/sysmonosx:package-host-macos.sh"],
+    tools = [
+        "//scripts/sysmonosx:package-host-macos.sh",
+        ":sysmonosx_checker_binary",
+        ":sysmonosx_config_file",
+        ":sysmonosx_launchd_plist",
+    ],
     local = True,
     target_compatible_with = ["@platforms//os:macos"],
     tags = [
         "no-remote",
         "requires-macos",
     ],
 )

[Suggestion processed]

Suggestion importance[1-10]: 8

Why: The suggestion correctly identifies missing Bazel dependencies in a genrule, which could cause race conditions in parallel builds, and proposes the correct fix to ensure build correctness.

Medium

Update

Imported GitHub PR comment. Original author: @qodo-code-review[bot] Original URL: https://github.com/carverauto/serviceradar/pull/2051#issuecomment-3608252066 Original created: 2025-12-03T18:32:18Z --- ## PR Code Suggestions ✨  Explore these optional code suggestions: <table><thead><tr><td>Category</td><td align=left>Suggestion                                                                                                                                    </td><td align=center>Impact</td></tr><tbody><tr><td rowspan=1>Possible issue</td> <td> <details><summary>✅ <s>Add missing dependencies to genrule</s></summary> ___ <details><summary>Suggestion Impact:</summary>The commit added the three suggested targets to the genrule's tools list alongside the existing script, addressing the missing dependencies. code diff: ```diff - tools = ["//scripts/sysmonosx:package-host-macos.sh"], + tools = [ + "//scripts/sysmonosx:package-host-macos.sh", + ":sysmonosx_checker_binary", + ":sysmonosx_config_file", + ":sysmonosx_launchd_plist", + ], ``` </details> ___ **Add missing dependencies (<code>sysmonosx_checker_binary</code>, <code>sysmonosx_config_file</code>, <code>sysmonosx_launchd_plist</code>) to the <code>tools</code> attribute of the <code>sysmonosx_host_pkg</code> <code>genrule</code>.** [packaging/sysmonosx_host/BUILD.bazel [69-91]](https://github.com/carverauto/serviceradar/pull/2051/files#diff-8a3734215de4035942bdc24d0581a64bd2b18231a63029cc8afb63a4bb06e7edR69-R91) ```diff genrule( name = "sysmonosx_host_pkg", srcs = [ "//scripts/sysmonosx:package-host-macos.sh", ":pkg_scripts", ], outs = ["serviceradar-sysmonosx-host-macos.pkg"], cmd = """ set -euo pipefail SKIP_PKG=0 \ "$(location //scripts/sysmonosx:package-host-macos.sh)" cp "dist/sysmonosx/serviceradar-sysmonosx-host-macos.pkg" "$@" """, - tools = ["//scripts/sysmonosx:package-host-macos.sh"], + tools = [ + "//scripts/sysmonosx:package-host-macos.sh", + ":sysmonosx_checker_binary", + ":sysmonosx_config_file", + ":sysmonosx_launchd_plist", + ], local = True, target_compatible_with = ["@platforms//os:macos"], tags = [ "no-remote", "requires-macos", ], ) ``` `[Suggestion processed]` <details><summary>Suggestion importance[1-10]: 8</summary> __ Why: The suggestion correctly identifies missing Bazel dependencies in a `genrule`, which could cause race conditions in parallel builds, and proposes the correct fix to ensure build correctness. </details></details></td><td align=center>Medium </td></tr> <tr><td align="center" colspan="2"> - [ ] Update  </td><td></td></tr></tbody></table>