diff --git a/src/macaron/__main__.py b/src/macaron/__main__.py index 52c441914..93aca76d7 100644 --- a/src/macaron/__main__.py +++ b/src/macaron/__main__.py @@ -206,16 +206,21 @@ def verify_policy(verify_policy_args: argparse.Namespace) -> int: vsa = generate_vsa(policy_content=policy_content, policy_result=result) if vsa is not None: vsa_filepath = os.path.join(global_config.output_path, "vsa.intoto.jsonl") - logger.info("Generating the Verification Summary Attestation (VSA) to %s.", vsa_filepath) + logger.info( + "Generating the Verification Summary Attestation (VSA) to %s.", + os.path.relpath(vsa_filepath, os.getcwd()), + ) logger.info( "To decode and inspect the payload, run `cat %s | jq -r '.payload' | base64 -d | jq`.", - vsa_filepath, + os.path.relpath(vsa_filepath, os.getcwd()), ) try: with open(vsa_filepath, mode="w", encoding="utf-8") as file: file.write(json.dumps(vsa)) except OSError as err: - logger.error("Could not generate the VSA to %s. Error: %s", vsa_filepath, err) + logger.error( + "Could not generate the VSA to %s. Error: %s", os.path.relpath(vsa_filepath, os.getcwd()), err + ) policy_reporter = PolicyReporter() policy_reporter.generate(global_config.output_path, result) @@ -544,9 +549,9 @@ def main(argv: list[str] | None = None) -> None: sys.exit(os.EX_USAGE) if os.path.isdir(args.output_dir): - logger.info("Setting the output directory to %s", args.output_dir) + logger.info("Setting the output directory to %s", os.path.relpath(args.output_dir, os.getcwd())) else: - logger.info("No directory at %s. Creating one ...", args.output_dir) + logger.info("No directory at %s. Creating one ...", os.path.relpath(args.output_dir, os.getcwd())) os.makedirs(args.output_dir) # Add file handler to the root logger. Remove stream handler from the diff --git a/src/macaron/config/global_config.py b/src/macaron/config/global_config.py index d6d113a3a..8befb4045 100644 --- a/src/macaron/config/global_config.py +++ b/src/macaron/config/global_config.py @@ -1,4 +1,4 @@ -# Copyright (c) 2022 - 2024, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2022 - 2025, Oracle and/or its affiliates. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/. """This module contains the GlobalConfig class to be used globally.""" @@ -97,10 +97,10 @@ def load_expectation_files(self, exp_path: str) -> None: policy_file_path = os.path.join(exp_path, policy_path) if os.path.isfile(policy_file_path): exp_files.append(policy_file_path) - logger.info("Added provenance expectation file %s", policy_file_path) + logger.info("Added provenance expectation file %s", os.path.relpath(policy_file_path, os.getcwd())) elif os.path.isfile(exp_path): exp_files.append(exp_path) - logger.info("Added provenance expectation file %s", exp_path) + logger.info("Added provenance expectation file %s", os.path.relpath(exp_path, os.getcwd())) self.expectation_paths = exp_files @@ -114,7 +114,10 @@ def load_python_venv(self, venv_path: str) -> None: The path to the Python virtual environment of the target software component. """ if os.path.isdir(venv_path): - logger.info("Found Python virtual environment for the analysis target at %s", venv_path) + logger.info( + "Found Python virtual environment for the analysis target at %s", + os.path.relpath(venv_path, os.getcwd()), + ) self.python_venv_path = str(os.path.abspath(venv_path)) diff --git a/src/macaron/dependency_analyzer/cyclonedx.py b/src/macaron/dependency_analyzer/cyclonedx.py index 8e2714247..bacefb99d 100644 --- a/src/macaron/dependency_analyzer/cyclonedx.py +++ b/src/macaron/dependency_analyzer/cyclonedx.py @@ -381,7 +381,9 @@ def resolve_dependencies(main_ctx: Any, sbom_path: str, recursive: bool = False) continue if sbom_path: - logger.info("Getting the dependencies from the SBOM defined at %s.", sbom_path) + logger.info( + "Getting the dependencies from the SBOM defined at %s.", os.path.relpath(sbom_path, os.getcwd()) + ) deps_resolved = dep_analyzer.get_deps_from_sbom( sbom_path, @@ -406,7 +408,7 @@ def resolve_dependencies(main_ctx: Any, sbom_path: str, recursive: bool = False) "Running %s version %s dependency analyzer on %s", dep_analyzer.tool_name, dep_analyzer.tool_version, - main_ctx.component.repository.fs_path, + os.path.relpath(main_ctx.component.repository.fs_path, os.getcwd()), ) log_path = os.path.join( @@ -452,7 +454,11 @@ def resolve_dependencies(main_ctx: Any, sbom_path: str, recursive: bool = False) recursive=recursive, ) - logger.info("Stored dependency resolver log for %s to %s.", dep_analyzer.tool_name, log_path) + logger.info( + "Stored dependency resolver log for %s to %s.", + dep_analyzer.tool_name, + os.path.relpath(log_path, os.getcwd()), + ) # Use repo finder to find more repositories to analyze. if defaults.getboolean("repofinder", "find_repos"): diff --git a/src/macaron/output_reporter/reporter.py b/src/macaron/output_reporter/reporter.py index 6ff9b3898..78464e13d 100644 --- a/src/macaron/output_reporter/reporter.py +++ b/src/macaron/output_reporter/reporter.py @@ -1,4 +1,4 @@ -# Copyright (c) 2022 - 2023, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2022 - 2025, Oracle and/or its affiliates. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/. """This module contains reporter classes for creating reports of Macaron analyzed results.""" @@ -60,11 +60,11 @@ def write_file(self, file_path: str, data: str) -> bool: """ try: with open(file_path, mode=self.mode, encoding=self.encoding) as file: - logger.info("Writing to file %s", file_path) + logger.info("Writing to file %s", os.path.relpath(file_path, os.getcwd())) file.write(data) return True except OSError as error: - logger.error("Cannot write to %s. Error: %s", file_path, error) + logger.error("Cannot write to %s. Error: %s", os.path.relpath(file_path, os.getcwd()), error) return False @abc.abstractmethod diff --git a/src/macaron/parsers/bashparser.py b/src/macaron/parsers/bashparser.py index 4e4f322e3..0d5cd66c1 100644 --- a/src/macaron/parsers/bashparser.py +++ b/src/macaron/parsers/bashparser.py @@ -1,4 +1,4 @@ -# Copyright (c) 2022 - 2024, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2022 - 2025, Oracle and/or its affiliates. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/. """This module is a Python wrapper for the compiled bashparser binary. @@ -96,10 +96,10 @@ def parse_file(file_path: str, macaron_path: str | None = None) -> dict: macaron_path = global_config.macaron_path try: with open(file_path, encoding="utf8") as file: - logger.info("Parsing %s.", file_path) + logger.info("Parsing %s.", os.path.relpath(file_path, os.getcwd())) return parse(file.read(), macaron_path) except OSError as error: - raise ParseError(f"Could not load the bash script file: {file_path}.") from error + raise ParseError(f"Could not load the bash script file: {os.path.relpath(file_path, os.getcwd())}.") from error except ParseError as error: raise error diff --git a/src/macaron/provenance/provenance_verifier.py b/src/macaron/provenance/provenance_verifier.py index 98cc42fc6..18e090f0c 100644 --- a/src/macaron/provenance/provenance_verifier.py +++ b/src/macaron/provenance/provenance_verifier.py @@ -327,7 +327,7 @@ def _verify_slsa( verified = "PASSED: SLSA verification passed" in output log_path = os.path.join(global_config.build_log_path, f"{os.path.basename(source_path)}.slsa_verifier.log") with open(log_path, mode="a", encoding="utf-8") as log_file: - logger.info("Storing SLSA verifier output for %s to %s", asset_name, log_path) + logger.info("Storing SLSA verifier output for %s to %s", asset_name, os.path.relpath(log_path, os.getcwd())) log_file.writelines( [f"SLSA verifier output for cmd: {' '.join(cmd)}\n", output, "--------------------------------\n"] ) @@ -346,7 +346,9 @@ def _verify_slsa( global_config.build_log_path, f"{os.path.basename(source_path)}.slsa_verifier.errors" ) with open(error_log_path, mode="a", encoding="utf-8") as log_file: - logger.info("Storing SLSA verifier log for%s to %s", asset_name, error_log_path) + logger.info( + "Storing SLSA verifier log for%s to %s", asset_name, os.path.relpath(error_log_path, os.getcwd()) + ) log_file.write(f"SLSA verifier output for cmd: {' '.join(cmd)}\n") log_file.writelines(errors) log_file.write("--------------------------------\n") diff --git a/src/macaron/repo_finder/repo_utils.py b/src/macaron/repo_finder/repo_utils.py index 0f9ca2683..e1b0be7af 100644 --- a/src/macaron/repo_finder/repo_utils.py +++ b/src/macaron/repo_finder/repo_utils.py @@ -75,7 +75,7 @@ def generate_report(purl: str, commit: str, repo: str, target_dir: str) -> bool: fullpath = f"{target_dir}/{filename}" os.makedirs(os.path.dirname(fullpath), exist_ok=True) - logger.info("Writing report to: %s", fullpath) + logger.info("Writing report to: %s", os.path.relpath(fullpath, os.getcwd())) try: with open(fullpath, "w", encoding="utf-8") as file: @@ -84,7 +84,7 @@ def generate_report(purl: str, commit: str, repo: str, target_dir: str) -> bool: logger.debug("Failed to write report to file: %s", error) return False - logger.info("Report written to: %s", fullpath) + logger.info("Report written to: %s", os.path.relpath(fullpath, os.getcwd())) return True diff --git a/src/macaron/slsa_analyzer/ci_service/base_ci_service.py b/src/macaron/slsa_analyzer/ci_service/base_ci_service.py index 4a2b69e19..adaa3ce95 100644 --- a/src/macaron/slsa_analyzer/ci_service/base_ci_service.py +++ b/src/macaron/slsa_analyzer/ci_service/base_ci_service.py @@ -1,4 +1,4 @@ -# Copyright (c) 2022 - 2024, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2022 - 2025, Oracle and/or its affiliates. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/. """This module contains the BaseCIService class to be inherited by a CI service.""" @@ -147,7 +147,9 @@ def has_kws_in_config(self, kws: list, build_tool_name: str, repo_path: str) -> line.strip(), ) return keyword, config - logger.info("No build command found for %s in %s", build_tool_name, file_path) + logger.info( + "No build command found for %s in %s", build_tool_name, os.path.relpath(file_path, os.getcwd()) + ) return "", "" except FileNotFoundError as error: logger.debug(error) diff --git a/src/macaron/slsa_analyzer/provenance/expectations/cue/__init__.py b/src/macaron/slsa_analyzer/provenance/expectations/cue/__init__.py index 8b5575145..c457d316f 100644 --- a/src/macaron/slsa_analyzer/provenance/expectations/cue/__init__.py +++ b/src/macaron/slsa_analyzer/provenance/expectations/cue/__init__.py @@ -1,4 +1,4 @@ -# Copyright (c) 2023 - 2024, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2023 - 2025, Oracle and/or its affiliates. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/. """This module provides CUE expectation implementations. @@ -10,6 +10,7 @@ import hashlib import logging +import os from typing import Self from sqlalchemy import ForeignKey @@ -52,7 +53,7 @@ def make_expectation(cls, expectation_path: str) -> Self | None: Self The instantiated expectation object. """ - logger.info("Generating an expectation from file %s", expectation_path) + logger.info("Generating an expectation from file %s", os.path.relpath(expectation_path, os.getcwd())) expectation: CUEExpectation = CUEExpectation( description="CUE expectation", path=expectation_path, diff --git a/src/macaron/slsa_analyzer/provenance/expectations/expectation_registry.py b/src/macaron/slsa_analyzer/provenance/expectations/expectation_registry.py index 63fca11c1..46b38a271 100644 --- a/src/macaron/slsa_analyzer/provenance/expectations/expectation_registry.py +++ b/src/macaron/slsa_analyzer/provenance/expectations/expectation_registry.py @@ -1,4 +1,4 @@ -# Copyright (c) 2023 - 2024, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2023 - 2025, Oracle and/or its affiliates. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/. """The provenance expectation module manages expectations that will be provided to checks.""" @@ -37,11 +37,17 @@ def __init__(self, expectation_paths: list[str]) -> None: expectation = CUEExpectation.make_expectation(expectation_path) if expectation and expectation.target: self.expectations[expectation.target] = expectation - logger.info("Found target %s for expectation %s.", expectation.target, expectation_path) + logger.info( + "Found target %s for expectation %s.", + expectation.target, + os.path.relpath(expectation_path, os.getcwd()), + ) else: - logger.error("Unable to find target for expectation %s.", expectation_path) + logger.error( + "Unable to find target for expectation %s.", os.path.relpath(expectation_path, os.getcwd()) + ) else: - logger.error("Unsupported expectation format: %s", expectation_path) + logger.error("Unsupported expectation format: %s", os.path.relpath(expectation_path, os.getcwd())) def get_expectation_for_target(self, repo_complete_name: str) -> Expectation | None: """