add NormalizePath to ensure IG paths are always full

[matthyx]

Fixes #721

Summary by CodeRabbit

• New Features

  • Kubernetes DaemonSet template now supports valueFrom for environment variables, enabling dynamic configuration through secrets and configmaps.

• Improvements

  • Path handling is now consistently normalized across event types, including process execution, file operations, and symlink/hardlink events.

• Tests

  • Added comprehensive test coverage for path normalization, validating handling of absolute paths, relative paths, process paths, and edge cases.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR introduces a path normalization utility function and applies it consistently across event getters to fix inconsistent path reporting, particularly for /proc-related "headless" paths missing their root node prefix, and relative paths reported instead of absolute ones.

Changes

Cohort / File(s)	Summary
Path Normalization Utility pkg/utils/path.go	New NormalizePath function that detects headless proc paths (matching ^\d+/(task|fd)/), prepends /proc, ensures absolute paths, converts . to /, and cleans path separators.
Event Getter Modifications pkg/utils/datasource_event.go, pkg/utils/struct_event.go	Applied NormalizePath wrapping to multiple path-returning getters (GetExePath, GetFullPath, GetNewPath, GetOldPath, GetPath) across both event types, ensuring consistent path normalization at retrieval time.
Path Normalization Tests pkg/utils/normalize_path_test.go	New table-driven test file validating NormalizePath across diverse scenarios: empty paths, relative paths, absolute paths, headless proc paths, and path cleanup edge cases.
DaemonSet Configuration tests/chart/templates/node-agent/daemonset.yaml	Added conditional support for valueFrom in environment variable specifications alongside existing value field handling.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~15 minutes

Poem

🐰 Hopping through paths, both twisted and bare,
We normalize whiskers from here to /proc/care,
No headless paths now—each one stands tall,
With "/proc" prepended to answer the call! 🎯

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Out of Scope Changes check	❓ Inconclusive	The changes in tests/chart/templates/node-agent/daemonset.yaml add valueFrom support to env variables, which appears unrelated to path normalization objectives.	Clarify whether the daemonset.yaml changes are related to the path normalization fix or if they should be separated into a different pull request.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately reflects the main change: adding a NormalizePath function to ensure paths are normalized to full absolute paths.
Linked Issues check	✅ Passed	The changes address issue #721 by implementing NormalizePath to convert headless and relative paths to absolute paths (e.g., '/46/task/46/fd' to '/proc/46/task/46/fd') in OPEN events.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/normalize-path

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (3)

pkg/utils/path.go (2)

21-23: Redundant special case for ".".

The "." early-return is dead logic. Without it, "." proceeds through: no headless-proc match → !strings.HasPrefix(".", "/") → p = "/." → path.Clean("/.") → "/". The result is identical. The special case can be safely removed.

♻️ Proposed simplification

-	if p == "." {
-		return "/"
-	}
-
 	if headlessProcRegex.MatchString(p) {

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/utils/path.go` around lines 21 - 23, Remove the redundant special-case
branch that returns "/" when p == "." in the path normalization logic: the
early-return is dead code because the subsequent logic (the headless-proc match,
the strings.HasPrefix check that adds "/" to p, and the final path.Clean call)
already yields "/" for "."; delete the if p == "." { return "/" } block and
leave the remaining code (including the strings.HasPrefix handling and
path.Clean) intact so behavior is unchanged but simpler.

---

4-4: Prefer path/filepath over path for OS filesystem paths.

The path package is documented for slash-separated paths in URLs; path/filepath is the correct package for OS filesystem paths. On Linux both are functionally identical, but using path here is non-idiomatic.

♻️ Proposed fix

 import (
-	"path"
+	"path/filepath"
 	"regexp"
 	"strings"
 )
 
 ...
 
-	return path.Clean(p)
+	return filepath.Clean(p)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/utils/path.go` at line 4, The code imports the net/URL-oriented "path"
package for filesystem paths; replace the import with "path/filepath" and update
all usages (e.g., path.Join, path.Clean, path.Dir, path.Base, path.Split, etc.)
to use filepath.Join, filepath.Clean, filepath.Dir, filepath.Base,
filepath.Split accordingly so the code uses the OS-specific filepath behavior;
ensure any tests/imports compile after switching the package name.

pkg/utils/normalize_path_test.go (1)

14-63: Consider adding edge-case test for "/" and explicit documentation of the headless-path false-positive behavior.

Two cases worth covering:

1. Input "/" — already covered by general logic but having an explicit test guards against regression.
2. Input like "/1234/fd/socket" (a legitimate app-level path matching the headless regex) — adding this as a documented test case makes it explicit that such paths will be prefixed with /proc, alerting future readers to the known trade-off.

🧪 Suggested additions

+		{
+			name:     "root path",
+			input:    "/",
+			expected: "/",
+		},
+		{
+			name:     "only dotdot relative",
+			input:    "../etc/passwd",
+			expected: "/etc/passwd",
+		},

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/utils/normalize_path_test.go` around lines 14 - 63, Add explicit test
cases to the table in pkg/utils/normalize_path_test.go: include an input of "/"
with expected "/" to guard regressions, and include an input like
"/1234/fd/socket" with expected "/proc/1234/fd/socket" (or whatever the current
NormalizePath behavior is) to document the known headless-path false-positive;
update the test table (the slice of test structs used to exercise NormalizePath)
and add a short comment next to the second case explaining this is a documented
trade-off of the headless-path prefixing logic so future readers see this
intended behavior.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@tests/chart/templates/node-agent/daemonset.yaml`:
- Around line 119-125: Render only one of `.value` or `.valueFrom` for each
`nodeAgent.env` entry by making the template mutually exclusive: change the
current independent `if .value` / `if .valueFrom` checks so that `.value` is
rendered only when `.value` is set and `.valueFrom` is not, and `.valueFrom` is
rendered only when `.valueFrom` is set and `.value` is not (or use an if/else-if
structure) to ensure exactly one of the two blocks appears for any env entry.

---

Nitpick comments:
In `@pkg/utils/normalize_path_test.go`:
- Around line 14-63: Add explicit test cases to the table in
pkg/utils/normalize_path_test.go: include an input of "/" with expected "/" to
guard regressions, and include an input like "/1234/fd/socket" with expected
"/proc/1234/fd/socket" (or whatever the current NormalizePath behavior is) to
document the known headless-path false-positive; update the test table (the
slice of test structs used to exercise NormalizePath) and add a short comment
next to the second case explaining this is a documented trade-off of the
headless-path prefixing logic so future readers see this intended behavior.

In `@pkg/utils/path.go`:
- Around line 21-23: Remove the redundant special-case branch that returns "/"
when p == "." in the path normalization logic: the early-return is dead code
because the subsequent logic (the headless-proc match, the strings.HasPrefix
check that adds "/" to p, and the final path.Clean call) already yields "/" for
"."; delete the if p == "." { return "/" } block and leave the remaining code
(including the strings.HasPrefix handling and path.Clean) intact so behavior is
unchanged but simpler.
- Line 4: The code imports the net/URL-oriented "path" package for filesystem
paths; replace the import with "path/filepath" and update all usages (e.g.,
path.Join, path.Clean, path.Dir, path.Base, path.Split, etc.) to use
filepath.Join, filepath.Clean, filepath.Dir, filepath.Base, filepath.Split
accordingly so the code uses the OS-specific filepath behavior; ensure any
tests/imports compile after switching the package name.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Missing mutual exclusion guard between value and valueFrom.

If a nodeAgent.env entry sets both .value and .valueFrom, both blocks will be rendered, producing invalid Kubernetes YAML (the pod spec requires exactly one of value or valueFrom, not both). Kubernetes will reject the resulting pod spec.

🛡️ Proposed guard

-            {{- if .value }}
-              value: "{{ .value }}"
-            {{- end }}
-            {{- if .valueFrom }}
-              valueFrom:
-{{ toYaml .valueFrom | indent 16 }}
-            {{- end }}
+            {{- if and .value (not .valueFrom) }}
+              value: "{{ .value }}"
+            {{- else if .valueFrom }}
+              valueFrom:
+{{ toYaml .valueFrom | indent 16 }}
+            {{- end }}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@tests/chart/templates/node-agent/daemonset.yaml` around lines 119 - 125,
Render only one of `.value` or `.valueFrom` for each `nodeAgent.env` entry by
making the template mutually exclusive: change the current independent `if
.value` / `if .valueFrom` checks so that `.value` is rendered only when `.value`
is set and `.valueFrom` is not, and `.valueFrom` is rendered only when
`.valueFrom` is set and `.value` is not (or use an if/else-if structure) to
ensure exactly one of the two blocks appears for any env entry.