2021-02-27 18:11:49 +00:00
|
|
|
package cmd
|
|
|
|
|
|
|
|
import (
|
2022-07-25 15:34:41 +00:00
|
|
|
"context"
|
2021-02-27 18:11:49 +00:00
|
|
|
"flag"
|
2022-05-13 08:59:32 +00:00
|
|
|
"log"
|
2021-12-13 15:02:40 +00:00
|
|
|
|
2021-07-23 08:05:20 +00:00
|
|
|
"github.com/kyverno/policy-reporter/pkg/config"
|
2022-07-25 15:34:41 +00:00
|
|
|
"github.com/kyverno/policy-reporter/pkg/listener"
|
2022-07-03 21:49:16 +00:00
|
|
|
|
2021-02-27 18:11:49 +00:00
|
|
|
"github.com/spf13/cobra"
|
2022-07-03 21:49:16 +00:00
|
|
|
"golang.org/x/sync/errgroup"
|
2021-03-05 13:26:47 +00:00
|
|
|
"k8s.io/client-go/rest"
|
|
|
|
"k8s.io/client-go/tools/clientcmd"
|
2022-07-25 15:34:41 +00:00
|
|
|
"k8s.io/klog"
|
2021-02-27 18:11:49 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
func newRunCMD() *cobra.Command {
|
|
|
|
cmd := &cobra.Command{
|
|
|
|
Use: "run",
|
|
|
|
Short: "Run PolicyReporter Watcher & HTTP Metrics Server",
|
|
|
|
RunE: func(cmd *cobra.Command, args []string) error {
|
2022-07-03 21:49:16 +00:00
|
|
|
c, err := config.Load(cmd)
|
2021-02-27 18:11:49 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2021-03-05 13:26:47 +00:00
|
|
|
var k8sConfig *rest.Config
|
|
|
|
if c.Kubeconfig != "" {
|
|
|
|
k8sConfig, err = clientcmd.BuildConfigFromFlags("", c.Kubeconfig)
|
|
|
|
} else {
|
|
|
|
k8sConfig, err = rest.InClusterConfig()
|
|
|
|
}
|
2021-02-27 18:11:49 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2021-03-05 13:26:47 +00:00
|
|
|
resolver := config.NewResolver(c, k8sConfig)
|
|
|
|
|
2021-12-13 15:02:40 +00:00
|
|
|
client, err := resolver.PolicyReportClient()
|
2021-02-27 18:11:49 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2022-06-29 08:43:59 +00:00
|
|
|
server := resolver.APIServer(client.HasSynced)
|
|
|
|
|
2021-12-13 15:02:40 +00:00
|
|
|
g := &errgroup.Group{}
|
2021-02-27 18:11:49 +00:00
|
|
|
|
2021-12-13 15:02:40 +00:00
|
|
|
if c.REST.Enabled {
|
|
|
|
db, err := resolver.Database()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
defer db.Close()
|
2021-03-05 13:26:47 +00:00
|
|
|
|
2021-12-13 15:02:40 +00:00
|
|
|
store, err := resolver.PolicyReportStore(db)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2021-02-27 18:11:49 +00:00
|
|
|
|
2022-05-13 08:59:32 +00:00
|
|
|
log.Println("[INFO] REST api enabled")
|
2021-12-13 15:02:40 +00:00
|
|
|
resolver.RegisterStoreListener(store)
|
|
|
|
server.RegisterV1Handler(store)
|
|
|
|
}
|
2021-03-13 18:56:38 +00:00
|
|
|
|
2021-12-13 15:02:40 +00:00
|
|
|
if c.Metrics.Enabled {
|
2022-05-13 08:59:32 +00:00
|
|
|
log.Println("[INFO] metrics enabled")
|
2021-12-13 15:02:40 +00:00
|
|
|
resolver.RegisterMetricsListener()
|
|
|
|
server.RegisterMetricsHandler()
|
|
|
|
}
|
2021-04-24 10:32:15 +00:00
|
|
|
|
2022-05-13 08:59:32 +00:00
|
|
|
if c.Profiling.Enabled {
|
|
|
|
log.Println("[INFO] pprof profiling enabled")
|
|
|
|
server.RegisterProfilingHandler()
|
|
|
|
}
|
|
|
|
|
2022-07-25 15:34:41 +00:00
|
|
|
if resolver.HasTargets() && c.LeaderElection.Enabled {
|
|
|
|
elector, err := resolver.LeaderElectionClient()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
elector.RegisterOnStart(func(c context.Context) {
|
|
|
|
klog.Info("started leadership")
|
|
|
|
|
|
|
|
resolver.RegisterSendResultListener()
|
|
|
|
}).RegisterOnNew(func(currentID, lockID string) {
|
|
|
|
if currentID != lockID {
|
|
|
|
klog.Infof("leadership by %s", currentID)
|
|
|
|
}
|
|
|
|
}).RegisterOnStop(func() {
|
|
|
|
klog.Info("stopped leadership")
|
|
|
|
|
|
|
|
resolver.EventPublisher().UnregisterListener(listener.NewResults)
|
|
|
|
})
|
|
|
|
|
|
|
|
g.Go(func() error {
|
|
|
|
return elector.Run(cmd.Context())
|
|
|
|
})
|
|
|
|
} else if resolver.HasTargets() {
|
|
|
|
resolver.RegisterSendResultListener()
|
|
|
|
}
|
|
|
|
|
2021-12-13 15:02:40 +00:00
|
|
|
g.Go(server.Start)
|
2021-08-09 18:53:04 +00:00
|
|
|
|
2022-06-29 08:43:59 +00:00
|
|
|
stop := make(chan struct{})
|
|
|
|
defer close(stop)
|
2021-02-27 18:11:49 +00:00
|
|
|
|
2022-06-29 08:43:59 +00:00
|
|
|
err = client.Run(stop)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2021-02-27 18:11:49 +00:00
|
|
|
|
2021-10-18 09:07:38 +00:00
|
|
|
return g.Wait()
|
2021-02-27 18:11:49 +00:00
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
// For local usage
|
|
|
|
cmd.PersistentFlags().StringP("kubeconfig", "k", "", "absolute path to the kubeconfig file")
|
|
|
|
cmd.PersistentFlags().StringP("config", "c", "", "target configuration file")
|
2021-12-13 15:02:40 +00:00
|
|
|
cmd.PersistentFlags().IntP("port", "p", 8080, "http port for the optional rest api")
|
|
|
|
cmd.PersistentFlags().StringP("dbfile", "d", "sqlite-database.db", "path to the SQLite DB File")
|
|
|
|
cmd.PersistentFlags().BoolP("metrics-enabled", "m", false, "Enable Policy Reporter's Metrics API")
|
|
|
|
cmd.PersistentFlags().BoolP("rest-enabled", "r", false, "Enable Policy Reporter's REST API")
|
2022-05-13 08:59:32 +00:00
|
|
|
cmd.PersistentFlags().Bool("profile", false, "Enable application profiling with pprof")
|
2022-07-25 15:34:41 +00:00
|
|
|
cmd.PersistentFlags().String("lease-name", "policy-reporter", "name of the LeaseLock")
|
2021-02-27 18:11:49 +00:00
|
|
|
|
|
|
|
flag.Parse()
|
|
|
|
|
|
|
|
return cmd
|
|
|
|
}
|