Register and run components

[andream16]

Re-opened with sorted gitlog from changes in #443

PLEASE TAKE A LOOK AT THE README TO GET MORE CONTEXT BEFORE REVIEWING

---

Closes OCU-251, OCU-254, OCU-220, OCU-230, OCU-232

---

What's not covered:

• Storage logic to actually persist vulnerability findings in the database (PSQL/SQLite)
• Metrics, Tracing handling

---

What's covered:

• Run components using the same run bed to configure common utilities and setup guardrails. Inject common log fields in the runners to have smart defaults useful for debugging and standardisation.
• Logging
• Panic handling
• Context cancellation and signal termination handling
• Graceful shutdown
• Auto initialisation of the runner based on defaults + environment variables and extra customisation via functional options.

---

Technical choices:

• Used gomock for mocking to boost productivity and not maintaining mocks manually. With gomock we can generate the mocks based on mockable interfaces. The way that we actually use gomock is interesting as we rely on tools.go, which runs the vendored gomock version, so we actually don't need to install it.
• I unexported all non required exportable things (like the runner) to not make adopters use things that they shouldn't touch. To make some bits testable, I exported them in an export_test.go file. The latter is a trick to export unexported bits that can't be used by a normal go app as the go build tool IGNORES symbols defined in _test.go files. I did something similar with internal that can't be imported by other packages in general.
• All the files containing logic are at the root level of sdk/component. This was done to have a better UX for contributing as well as shorter import paths. This is a common thing done for OSS projects.
• I opted for writing a simple but effective env var lookup functionality which is ready to be extended with other types of env var. This keeps the dependencies minimal.
• We always inject component_name, component_type and sdk_version as log fields to help us debugging issues.

---

Attaching some sample logs from running a sample scanner:

{"time":"2024-10-24T13:39:11.767624+01:00","level":"DEBUG","msg":"running component...","sdk_version":"0.0.1-alpha","component_name":"sample-scanner"}
{"time":"2024-10-24T13:39:11.767639+01:00","level":"DEBUG","msg":"preparing to execute component...","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner"}
{"time":"2024-10-24T13:39:11.767661+01:00","level":"DEBUG","msg":"preparing to execute scan step...","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner"}
{"time":"2024-10-24T13:39:11.767665+01:00","level":"INFO","msg":"Scanning.","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner"}
{"time":"2024-10-24T13:39:11.76769+01:00","level":"DEBUG","msg":"scan step completed!","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner","num_raw_findings":10}
{"time":"2024-10-24T13:39:11.767692+01:00","level":"DEBUG","msg":"preparing to execute transform step...","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner","num_raw_findings":10}
{"time":"2024-10-24T13:39:11.767695+01:00","level":"INFO","msg":"Transforming.","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner","num_raw_findings":10}
{"time":"2024-10-24T13:39:11.767699+01:00","level":"INFO","msg":"Transforming.","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner","num_raw_findings":10}
{"time":"2024-10-24T13:39:11.7677+01:00","level":"INFO","msg":"Transforming.","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner","num_raw_findings":10}
{"time":"2024-10-24T13:39:11.767702+01:00","level":"INFO","msg":"Transforming.","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner","num_raw_findings":10}
{"time":"2024-10-24T13:39:11.767725+01:00","level":"INFO","msg":"Transforming.","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner","num_raw_findings":10}
{"time":"2024-10-24T13:39:11.767728+01:00","level":"INFO","msg":"Transforming.","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner","num_raw_findings":10}
{"time":"2024-10-24T13:39:11.76773+01:00","level":"INFO","msg":"Transforming.","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner","num_raw_findings":10}
{"time":"2024-10-24T13:39:11.767732+01:00","level":"INFO","msg":"Transforming.","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner","num_raw_findings":10}
{"time":"2024-10-24T13:39:11.767733+01:00","level":"INFO","msg":"Transforming.","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner","num_raw_findings":10}
{"time":"2024-10-24T13:39:11.767766+01:00","level":"INFO","msg":"Transforming.","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner","num_raw_findings":10}
{"time":"2024-10-24T13:39:11.767771+01:00","level":"DEBUG","msg":"transform step completed!","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner","num_raw_findings":10,"num_parsed_findings":10,"num_findings_match":true}
{"time":"2024-10-24T13:39:11.767774+01:00","level":"DEBUG","msg":"preparing to execute store step...","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner","num_raw_findings":10,"num_parsed_findings":10,"num_findings_match":true}
{"time":"2024-10-24T13:39:11.767776+01:00","level":"INFO","msg":"Storing.","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner","num_raw_findings":10,"num_parsed_findings":10,"num_findings_match":true}
{"time":"2024-10-24T13:39:11.767822+01:00","level":"DEBUG","msg":"store step completed!","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner","num_raw_findings":10,"num_parsed_findings":10,"num_findings_match":true}
{"time":"2024-10-24T13:39:11.767825+01:00","level":"DEBUG","msg":"component has completed successfully!","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner","num_raw_findings":10,"num_parsed_findings":10,"num_findings_match":true}
{"time":"2024-10-24T13:39:11.767827+01:00","level":"DEBUG","msg":"component done! Preparing to exit...","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner","num_raw_findings":10,"num_parsed_findings":10,"num_findings_match":true}
{"time":"2024-10-24T13:39:11.767835+01:00","level":"DEBUG","msg":"component done, exiting...","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner","num_raw_findings":10,"num_parsed_findings":10,"num_findings_match":true}
{"time":"2024-10-24T13:39:11.767869+01:00","level":"DEBUG","msg":"gracefully shutting down component...","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner","num_raw_findings":10,"num_parsed_findings":10,"num_findings_match":true}
{"time":"2024-10-24T13:39:11.767875+01:00","level":"INFO","msg":"Closing scanner.","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner","num_raw_findings":10,"num_parsed_findings":10,"num_findings_match":true}
{"time":"2024-10-24T13:39:11.767877+01:00","level":"DEBUG","msg":"gracefully shutdown component successfully!","sdk_version":"0.0.1-alpha","component_name":"sample-scanner","component_type":"scanner","num_raw_findings":10,"num_parsed_findings":10,"num_findings_match":true}

---

Forgive me if the examples are a bit dummy but we can make a better job there when we have the storage later in place 🙏🏻