Properly scan CronJob objects as workloads (#354)

* Fix typo that caused CronJobs to be skipped * Parsing a CronJob from its Info object * Test parsing CronJobs * Properly set go version in workflow --------- Signed-off-by: ZIV NEVO <[email protected]>
np-guard · Feb 7, 2024 · 631eb6c · 631eb6c
1 parent 3595700
commit 631eb6c
Show file tree

Hide file tree

Showing 5 changed files with 1,174 additions and 19 deletions.
diff --git a/.github/workflows/test-output-validity.yml b/.github/workflows/test-output-validity.yml
@@ -23,7 +23,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491
       with:
-        go-version: 'stable'
+        go-version-file: ./go.mod
 
     - name: Build
       run: make

diff --git a/pkg/analyzer/info_to_resource.go b/pkg/analyzer/info_to_resource.go
@@ -31,31 +31,35 @@ func k8sWorkloadObjectFromInfo(info *resource.Info) (*Resource, error) {
 	var metaObj metaV1.Object
 	resourceCtx.Resource.Kind = info.Object.GetObjectKind().GroupVersionKind().Kind
 	switch resourceCtx.Resource.Kind {
-	case "Pod":
+	case pod:
 		obj := parseResourceFromInfo[v1.Pod](info)
 		podSpecV1 = &v1.PodTemplateSpec{Spec: obj.Spec, ObjectMeta: obj.ObjectMeta}
 		metaObj = obj
-	case "ReplicaSet":
+	case replicaSet:
 		obj := parseResourceFromInfo[appsv1.ReplicaSet](info)
 		podSpecV1 = &obj.Spec.Template
 		metaObj = obj
-	case "ReplicationController":
+	case replicationController:
 		obj := parseResourceFromInfo[v1.ReplicationController](info)
 		podSpecV1 = obj.Spec.Template
 		metaObj = obj
-	case "Deployment":
+	case deployment:
 		obj := parseResourceFromInfo[appsv1.Deployment](info)
 		podSpecV1 = &obj.Spec.Template
 		metaObj = obj
-	case "DaemonSet":
+	case daemonSet:
 		obj := parseResourceFromInfo[appsv1.DaemonSet](info)
 		podSpecV1 = &obj.Spec.Template
 		metaObj = obj
-	case "StatefulSet":
+	case statefulSet:
 		obj := parseResourceFromInfo[appsv1.StatefulSet](info)
 		podSpecV1 = &obj.Spec.Template
 		metaObj = obj
-	case "Job":
+	case cronJob:
+		obj := parseResourceFromInfo[batchv1.CronJob](info)
+		podSpecV1 = &obj.Spec.JobTemplate.Spec.Template
+		metaObj = obj
+	case job:
 		obj := parseResourceFromInfo[batchv1.Job](info)
 		podSpecV1 = &obj.Spec.Template
 		metaObj = obj

diff --git a/pkg/analyzer/info_to_resource_test.go b/pkg/analyzer/info_to_resource_test.go
@@ -1,6 +1,7 @@
 package analyzer
 
 import (
+	"fmt"
 	"os"
 	"path/filepath"
 	"strings"
@@ -36,7 +37,7 @@ func TestNetworkAddressValue(t *testing.T) {
 }
 
 func TestScanningSvc(t *testing.T) {
-	resourceInfo, err := loadResourceAsInfo([]string{"k8s_guestbook", "frontend-service.yaml"})
+	resourceInfo, err := loadResourceAsInfo([]string{"k8s_guestbook", "frontend-service.yaml"}, 0)
 	require.Nil(t, err)
 	res, err := k8sServiceFromInfo(resourceInfo)
 	require.Nil(t, err)
@@ -47,7 +48,7 @@ func TestScanningSvc(t *testing.T) {
 }
 
 func TestScanningDeploymentWithArgs(t *testing.T) {
-	resourceInfo, err := loadResourceAsInfo([]string{"sockshop", "manifests", "01-carts-dep.yaml"})
+	resourceInfo, err := loadResourceAsInfo([]string{"sockshop", "manifests", "01-carts-dep.yaml"}, 0)
 	require.Nil(t, err)
 	res, err := k8sWorkloadObjectFromInfo(resourceInfo)
 	require.Nil(t, err)
@@ -59,7 +60,7 @@ func TestScanningDeploymentWithArgs(t *testing.T) {
 }
 
 func TestScanningDeploymentWithEnvs(t *testing.T) {
-	resourceInfo, err := loadResourceAsInfo([]string{"k8s_guestbook", "frontend-deployment.yaml"})
+	resourceInfo, err := loadResourceAsInfo([]string{"k8s_guestbook", "frontend-deployment.yaml"}, 0)
 	require.Nil(t, err)
 	res, err := k8sWorkloadObjectFromInfo(resourceInfo)
 	require.Nil(t, err)
@@ -69,7 +70,7 @@ func TestScanningDeploymentWithEnvs(t *testing.T) {
 }
 
 func TestScanningDeploymentWithConfigMapRef(t *testing.T) {
-	resourceInfo, err := loadResourceAsInfo([]string{"acs-security-demos", "frontend", "webapp", "deployment.yaml"})
+	resourceInfo, err := loadResourceAsInfo([]string{"acs-security-demos", "frontend", "webapp", "deployment.yaml"}, 0)
 	require.Nil(t, err)
 	res, err := k8sWorkloadObjectFromInfo(resourceInfo)
 	require.Nil(t, err)
@@ -80,7 +81,7 @@ func TestScanningDeploymentWithConfigMapRef(t *testing.T) {
 }
 
 func TestScanningReplicaSet(t *testing.T) {
-	resourceInfo, err := loadResourceAsInfo([]string{"k8s_guestbook", "redis-leader-deployment.yaml"})
+	resourceInfo, err := loadResourceAsInfo([]string{"k8s_guestbook", "redis-leader-deployment.yaml"}, 0)
 	require.Nil(t, err)
 	res, err := k8sWorkloadObjectFromInfo(resourceInfo)
 	require.Nil(t, err)
@@ -90,7 +91,7 @@ func TestScanningReplicaSet(t *testing.T) {
 }
 
 func TestScanningConfigMap(t *testing.T) {
-	resourceInfo, err := loadResourceAsInfo([]string{"qotd", "qotd_usecase.yaml"})
+	resourceInfo, err := loadResourceAsInfo([]string{"qotd", "qotd_usecase.yaml"}, 0)
 	require.Nil(t, err)
 	res, err := k8sConfigmapFromInfo(resourceInfo)
 	require.Nil(t, err)
@@ -99,7 +100,7 @@ func TestScanningConfigMap(t *testing.T) {
 }
 
 func TestScanningIngress(t *testing.T) {
-	resourceInfo, err := loadResourceAsInfo([]string{"bookinfo", "bookinfo-ingress.yaml"})
+	resourceInfo, err := loadResourceAsInfo([]string{"bookinfo", "bookinfo-ingress.yaml"}, 0)
 	require.Nil(t, err)
 	toExpose := servicesToExpose{}
 	err = k8sIngressFromInfo(resourceInfo, toExpose)
@@ -108,15 +109,26 @@ func TestScanningIngress(t *testing.T) {
 }
 
 func TestScanningRoute(t *testing.T) {
-	resourceInfo, err := loadResourceAsInfo([]string{"acs-security-demos", "frontend", "webapp", "route.yaml"})
+	resourceInfo, err := loadResourceAsInfo([]string{"acs-security-demos", "frontend", "webapp", "route.yaml"}, 0)
 	require.Nil(t, err)
 	toExpose := servicesToExpose{}
 	err = ocRouteFromInfo(resourceInfo, toExpose)
 	require.Nil(t, err)
 	require.Len(t, toExpose, 1)
 }
 
-func loadResourceAsInfo(resourceDirs []string) (*resource.Info, error) {
+func TestScanningCronJob(t *testing.T) {
+	resourceInfo, err := loadResourceAsInfo([]string{"openshift", "openshift-operator-lifecycle-manager-resources.yaml"}, 7)
+	require.Nil(t, err)
+	res, err := k8sWorkloadObjectFromInfo(resourceInfo)
+	require.Nil(t, err)
+	require.Equal(t, "collect-profiles", res.Resource.Name)
+	require.Equal(t, cronJob, res.Resource.Kind)
+	require.Len(t, res.Resource.NetworkAddrs, 1)
+	require.Len(t, res.Resource.Labels, 0)
+}
+
+func loadResourceAsInfo(resourceDirs []string, infoIndex int) (*resource.Info, error) {
 	currentDir, _ := os.Getwd()
 	resourceRelPath := filepath.Join(resourceDirs...)
 	resourcePath := filepath.Join(currentDir, "..", "..", "tests", resourceRelPath)
@@ -126,5 +138,9 @@ func loadResourceAsInfo(resourceDirs []string) (*resource.Info, error) {
 		return nil, errs[0]
 	}
 
-	return infos[0], nil
+	if len(infos) <= infoIndex {
+		return nil, fmt.Errorf("Info  number %d was required, but only %d Infos were read", infoIndex, len(infos))
+	}
+
+	return infos[infoIndex], nil
 }
diff --git a/pkg/analyzer/resource_accumulator.go b/pkg/analyzer/resource_accumulator.go
@@ -24,7 +24,7 @@ const (
 	statefulSet           string = "StatefulSet"
 	daemonSet             string = "DaemonSet"
 	job                   string = "Job"
-	cronJob               string = "CronTab"
+	cronJob               string = "CronJob"
 	service               string = "Service"
 	configmap             string = "ConfigMap"
 	route                 string = "Route"