From 6e15981494e7e2a4f80db0371558434b69d39ddd Mon Sep 17 00:00:00 2001 From: Frank Jogeleit Date: Wed, 12 May 2021 10:37:50 +0200 Subject: [PATCH] Update Resource / Result mapping (#35) * Update Resource / Result mapping * Update Chart.lock --- CHANGELOG.md | 5 ++ charts/policy-reporter/Chart.lock | 6 +- charts/policy-reporter/Chart.yaml | 6 +- charts/policy-reporter/charts/ui/Chart.yaml | 4 +- charts/policy-reporter/charts/ui/values.yaml | 2 +- charts/policy-reporter/values.yaml | 2 +- pkg/api/handler_test.go | 26 +++--- pkg/api/model.go | 65 ++++++++------- pkg/kubernetes/mapper.go | 82 +++++++++++-------- pkg/kubernetes/mapper_test.go | 2 +- pkg/metrics/cluster_policy_report.go | 8 +- pkg/metrics/cluster_policy_report_test.go | 28 +++---- pkg/metrics/policy_report.go | 8 +- pkg/metrics/policy_report_test.go | 34 ++++---- pkg/report/model.go | 11 ++- pkg/report/model_test.go | 30 +++---- pkg/target/discord/discord.go | 16 ++-- pkg/target/discord/discord_test.go | 14 ++-- .../elasticsearch/elasticsearch_test.go | 14 ++-- pkg/target/loki/loki.go | 18 ++-- pkg/target/loki/loki_test.go | 16 ++-- pkg/target/slack/slack.go | 8 +- pkg/target/slack/slack_test.go | 14 ++-- pkg/target/teams/teams.go | 8 +- pkg/target/teams/teams_test.go | 14 ++-- pkg/target/ui/ui.go | 10 +-- pkg/target/ui/ui_test.go | 14 ++-- 27 files changed, 230 insertions(+), 235 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 75748b38..cd65fb29 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,10 @@ # Changelog +# 1.5.0 +* Support multiple Resources for a single Result + * Mapping Result with multiple Resources in multiple Results with a single Resource + * Upate UI handling with Results without Resources + # 1.4.1 * Update Kyverno Plugin * Fix Rule Type mapping diff --git a/charts/policy-reporter/Chart.lock b/charts/policy-reporter/Chart.lock index aa244bde..9ded68fc 100644 --- a/charts/policy-reporter/Chart.lock +++ b/charts/policy-reporter/Chart.lock @@ -4,9 +4,9 @@ dependencies: version: 1.1.0 - name: ui repository: "" - version: 1.4.1 + version: 1.5.0 - name: kyvernoPlugin repository: "" version: 0.1.1 -digest: sha256:3226034a9bc29036b7c4646edbc51793fe868a76e71ab73271c93ab1de6bf04d -generated: "2021-05-08T12:08:38.853438+02:00" +digest: sha256:a80a1c39cbd48116dca9d4d70da23d00456c4e523914a176355c36f0d73ecd1b +generated: "2021-05-12T10:32:58.510553+02:00" diff --git a/charts/policy-reporter/Chart.yaml b/charts/policy-reporter/Chart.yaml index 35572ae2..e7783e72 100644 --- a/charts/policy-reporter/Chart.yaml +++ b/charts/policy-reporter/Chart.yaml @@ -5,8 +5,8 @@ description: | It creates Prometheus Metrics and can send rule validation events to different targets like Loki, Elasticsearch, Slack or Discord type: application -version: 1.4.1 -appVersion: 1.3.4 +version: 1.5.0 +appVersion: 1.5.0 dependencies: - name: monitoring @@ -16,7 +16,7 @@ dependencies: - name: ui condition: ui.enabled repository: "" - version: "1.4.1" + version: "1.5.0" - name: kyvernoPlugin condition: kyvernoPlugin.enabled repository: "" diff --git a/charts/policy-reporter/charts/ui/Chart.yaml b/charts/policy-reporter/charts/ui/Chart.yaml index b6f0d33e..6459247b 100644 --- a/charts/policy-reporter/charts/ui/Chart.yaml +++ b/charts/policy-reporter/charts/ui/Chart.yaml @@ -3,5 +3,5 @@ name: ui description: Policy Reporter UI type: application -version: 1.4.1 -appVersion: 0.10.1 +version: 1.5.0 +appVersion: 0.10.2 diff --git a/charts/policy-reporter/charts/ui/values.yaml b/charts/policy-reporter/charts/ui/values.yaml index 1a6fc9e0..bc0ca2aa 100644 --- a/charts/policy-reporter/charts/ui/values.yaml +++ b/charts/policy-reporter/charts/ui/values.yaml @@ -10,7 +10,7 @@ plugins: image: repository: fjogeleit/policy-reporter-ui pullPolicy: IfNotPresent - tag: 0.10.1 + tag: 0.10.2 imagePullSecrets: [] diff --git a/charts/policy-reporter/values.yaml b/charts/policy-reporter/values.yaml index 07449ebf..b9b08ec7 100644 --- a/charts/policy-reporter/values.yaml +++ b/charts/policy-reporter/values.yaml @@ -1,7 +1,7 @@ image: repository: fjogeleit/policy-reporter pullPolicy: IfNotPresent - tag: 1.3.4 + tag: 1.5.0 imagePullSecrets: [] diff --git a/pkg/api/handler_test.go b/pkg/api/handler_test.go index 214169d3..f0481efd 100644 --- a/pkg/api/handler_test.go +++ b/pkg/api/handler_test.go @@ -91,14 +91,12 @@ func Test_PolicyReportAPI(t *testing.T) { Status: report.Fail, Category: "resources", Scored: true, - Resources: []report.Resource{ - { - APIVersion: "v1", - Kind: "Deployment", - Name: "nginx", - Namespace: "test", - UID: "536ab69f-1b3c-4bd9-9ba4-274a56188409", - }, + Resource: report.Resource{ + APIVersion: "v1", + Kind: "Deployment", + Name: "nginx", + Namespace: "test", + UID: "536ab69f-1b3c-4bd9-9ba4-274a56188409", }, } @@ -164,13 +162,11 @@ func Test_ClusterPolicyReportAPI(t *testing.T) { Status: report.Fail, Category: "resources", Scored: true, - Resources: []report.Resource{ - { - APIVersion: "v1", - Kind: "Namespace", - Name: "dev", - UID: "536ab69f-1b3c-4bd9-9ba4-274a56188409", - }, + Resource: report.Resource{ + APIVersion: "v1", + Kind: "Namespace", + Name: "dev", + UID: "536ab69f-1b3c-4bd9-9ba4-274a56188409", }, } diff --git a/pkg/api/model.go b/pkg/api/model.go index fe32ca16..1f8f9178 100644 --- a/pkg/api/model.go +++ b/pkg/api/model.go @@ -18,15 +18,15 @@ type Resource struct { // Result API Model type Result struct { - Message string `json:"message"` - Policy string `json:"policy"` - Rule string `json:"rule"` - Priority string `json:"priority"` - Status string `json:"status"` - Severity string `json:"severity,omitempty"` - Category string `json:"category,omitempty"` - Scored bool `json:"scored"` - Resource Resource `json:"resource"` + Message string `json:"message"` + Policy string `json:"policy"` + Rule string `json:"rule"` + Priority string `json:"priority"` + Status string `json:"status"` + Severity string `json:"severity,omitempty"` + Category string `json:"category,omitempty"` + Scored bool `json:"scored"` + Resource *Resource `json:"resource,omitempty"` } // Summary API Model @@ -59,8 +59,7 @@ func mapPolicyReport(p report.PolicyReport) PolicyReport { results := make([]Result, 0, len(p.Results)) for _, r := range p.Results { - - results = append(results, Result{ + result := Result{ Message: r.Message, Policy: r.Policy, Rule: r.Rule, @@ -69,14 +68,19 @@ func mapPolicyReport(p report.PolicyReport) PolicyReport { Severity: r.Severity, Category: r.Category, Scored: r.Scored, - Resource: Resource{ - Namespace: r.Resources[0].Namespace, - APIVersion: r.Resources[0].APIVersion, - Kind: r.Resources[0].Kind, - Name: r.Resources[0].Name, - UID: r.Resources[0].UID, - }, - }) + } + + if r.HasResource() { + result.Resource = &Resource{ + Namespace: r.Resource.Namespace, + APIVersion: r.Resource.APIVersion, + Kind: r.Resource.Kind, + Name: r.Resource.Name, + UID: r.Resource.UID, + } + } + + results = append(results, result) } return PolicyReport{ @@ -98,7 +102,7 @@ func mapClusterPolicyReport(c report.ClusterPolicyReport) ClusterPolicyReport { results := make([]Result, 0, len(c.Results)) for _, r := range c.Results { - results = append(results, Result{ + result := Result{ Message: r.Message, Policy: r.Policy, Rule: r.Rule, @@ -107,14 +111,19 @@ func mapClusterPolicyReport(c report.ClusterPolicyReport) ClusterPolicyReport { Severity: r.Severity, Category: r.Category, Scored: r.Scored, - Resource: Resource{ - Namespace: r.Resources[0].Namespace, - APIVersion: r.Resources[0].APIVersion, - Kind: r.Resources[0].Kind, - Name: r.Resources[0].Name, - UID: r.Resources[0].UID, - }, - }) + } + + if r.HasResource() { + result.Resource = &Resource{ + Namespace: r.Resource.Namespace, + APIVersion: r.Resource.APIVersion, + Kind: r.Resource.Kind, + Name: r.Resource.Name, + UID: r.Resource.UID, + } + } + + results = append(results, result) } return ClusterPolicyReport{ diff --git a/pkg/kubernetes/mapper.go b/pkg/kubernetes/mapper.go index be412e9a..abccbf69 100644 --- a/pkg/kubernetes/mapper.go +++ b/pkg/kubernetes/mapper.go @@ -57,8 +57,10 @@ func (m *mapper) MapPolicyReport(reportMap map[string]interface{}) report.Policy if rs, ok := reportMap["results"].([]interface{}); ok { for _, resultItem := range rs { - res := m.mapResult(resultItem.(map[string]interface{})) - r.Results[res.GetIdentifier()] = res + resources := m.mapResult(resultItem.(map[string]interface{})) + for _, resource := range resources { + r.Results[resource.GetIdentifier()] = resource + } } } @@ -91,8 +93,10 @@ func (m *mapper) MapClusterPolicyReport(reportMap map[string]interface{}) report if rs, ok := reportMap["results"].([]interface{}); ok { for _, resultItem := range rs { - res := m.mapResult(resultItem.(map[string]interface{})) - r.Results[res.GetIdentifier()] = res + resources := m.mapResult(resultItem.(map[string]interface{})) + for _, resource := range resources { + r.Results[resource.GetIdentifier()] = resource + } } } @@ -115,7 +119,7 @@ func (m *mapper) mapCreationTime(result map[string]interface{}) (time.Time, erro return time.Time{}, errors.New("No metadata provided") } -func (m *mapper) mapResult(result map[string]interface{}) report.Result { +func (m *mapper) mapResult(result map[string]interface{}) []report.Result { var resources []report.Resource if ress, ok := result["resources"].([]interface{}); ok { @@ -146,43 +150,57 @@ func (m *mapper) mapResult(result map[string]interface{}) report.Result { status = r.(report.Status) } - r := report.Result{ - Message: result["message"].(string), - Policy: result["policy"].(string), - Status: status, - Scored: result["scored"].(bool), - Priority: report.PriorityFromStatus(status), - Resources: resources, - Properties: make(map[string]string, 0), - } + var results = []report.Result{} - if severity, ok := result["severity"]; ok { - r.Severity = severity.(report.Severity) - } + factory := func(res report.Resource) report.Result { + r := report.Result{ + Message: result["message"].(string), + Policy: result["policy"].(string), + Status: status, + Scored: result["scored"].(bool), + Priority: report.PriorityFromStatus(status), + Resource: res, + Properties: make(map[string]string, 0), + } - if r.Status == report.Error || r.Status == report.Fail { - r.Priority = m.resolvePriority(r.Policy, r.Severity) - } + if severity, ok := result["severity"]; ok { + r.Severity = severity.(report.Severity) + } - if rule, ok := result["rule"]; ok { - r.Rule = rule.(string) - } + if r.Status == report.Error || r.Status == report.Fail { + r.Priority = m.resolvePriority(r.Policy, r.Severity) + } - if category, ok := result["category"]; ok { - r.Category = category.(string) - } + if rule, ok := result["rule"]; ok { + r.Rule = rule.(string) + } - r.Timestamp = convertTimestamp(result) + if category, ok := result["category"]; ok { + r.Category = category.(string) + } - if props, ok := result["properties"]; ok { - if properties, ok := props.(map[string]interface{}); ok { - for property, value := range properties { - r.Properties[property] = value.(string) + r.Timestamp = convertTimestamp(result) + + if props, ok := result["properties"]; ok { + if properties, ok := props.(map[string]interface{}); ok { + for property, value := range properties { + r.Properties[property] = value.(string) + } } } + + return r } - return r + for _, resource := range resources { + results = append(results, factory(resource)) + } + + if len(results) == 0 { + results = append(results, factory(report.Resource{})) + } + + return results } func convertTimestamp(result map[string]interface{}) time.Time { diff --git a/pkg/kubernetes/mapper_test.go b/pkg/kubernetes/mapper_test.go index c3d88b4d..97991923 100644 --- a/pkg/kubernetes/mapper_test.go +++ b/pkg/kubernetes/mapper_test.go @@ -180,7 +180,7 @@ func Test_MapPolicyReport(t *testing.T) { t.Errorf("Expected Property '1.2.0' (acutal %s)", result1.Properties["version"]) } - resource := result1.Resources[0] + resource := result1.Resource if resource.APIVersion != "v1" { t.Errorf("Expected Resource.APIVersion 'v1' (acutal %s)", resource.APIVersion) } diff --git a/pkg/metrics/cluster_policy_report.go b/pkg/metrics/cluster_policy_report.go index 1a6daab0..86b429e1 100644 --- a/pkg/metrics/cluster_policy_report.go +++ b/pkg/metrics/cluster_policy_report.go @@ -66,11 +66,9 @@ func generateClusterResultLabels(report report.ClusterPolicyReport, result repor "category": result.Category, } - if len(result.Resources) > 0 { - res := result.Resources[0] - - labels["kind"] = res.Kind - labels["name"] = res.Name + if result.HasResource() { + labels["kind"] = result.Resource.Kind + labels["name"] = result.Resource.Name } return labels diff --git a/pkg/metrics/cluster_policy_report_test.go b/pkg/metrics/cluster_policy_report_test.go index 9c53e130..4c93d66c 100644 --- a/pkg/metrics/cluster_policy_report_test.go +++ b/pkg/metrics/cluster_policy_report_test.go @@ -21,13 +21,11 @@ var cresult1 = report.Result{ Severity: report.High, Category: "resources", Scored: true, - Resources: []report.Resource{ - { - APIVersion: "v1", - Kind: "Namespace", - Name: "dev", - UID: "536ab69f-1b3c-4bd9-9ba4-274a56188409", - }, + Resource: report.Resource{ + APIVersion: "v1", + Kind: "Namespace", + Name: "dev", + UID: "536ab69f-1b3c-4bd9-9ba4-274a56188409", }, } @@ -39,13 +37,11 @@ var cresult2 = report.Result{ Status: report.Pass, Category: "resources", Scored: true, - Resources: []report.Resource{ - { - APIVersion: "v1", - Kind: "Namespace", - Name: "stage", - UID: "532ab69f-1b3c-4bd9-9ba4-274a56188419", - }, + Resource: report.Resource{ + APIVersion: "v1", + Kind: "Namespace", + Name: "stage", + UID: "532ab69f-1b3c-4bd9-9ba4-274a56188419", }, } @@ -224,14 +220,14 @@ func testClusterResultMetricLabels(metric *io_prometheus_client.Metric, result r if name := *metric.Label[1].Name; name != "kind" { return fmt.Errorf("Unexpected Name Label: %s", name) } - if value := *metric.Label[1].Value; value != result.Resources[0].Kind { + if value := *metric.Label[1].Value; value != result.Resource.Kind { return fmt.Errorf("Unexpected Kind Label Value: %s", value) } if name := *metric.Label[2].Name; name != "name" { return fmt.Errorf("Unexpected Name Label: %s", name) } - if value := *metric.Label[2].Value; value != result.Resources[0].Name { + if value := *metric.Label[2].Value; value != result.Resource.Name { return fmt.Errorf("Unexpected Name Label Value: %s", value) } diff --git a/pkg/metrics/policy_report.go b/pkg/metrics/policy_report.go index 6f33c3d1..563555c5 100644 --- a/pkg/metrics/policy_report.go +++ b/pkg/metrics/policy_report.go @@ -67,11 +67,9 @@ func generateResultLabels(report report.PolicyReport, result report.Result) prom "category": result.Category, } - if len(result.Resources) > 0 { - res := result.Resources[0] - - labels["kind"] = res.Kind - labels["name"] = res.Name + if result.HasResource() { + labels["kind"] = result.Resource.Kind + labels["name"] = result.Resource.Name } return labels diff --git a/pkg/metrics/policy_report_test.go b/pkg/metrics/policy_report_test.go index a27be9b1..4d03a50f 100644 --- a/pkg/metrics/policy_report_test.go +++ b/pkg/metrics/policy_report_test.go @@ -21,14 +21,12 @@ var result1 = report.Result{ Severity: report.High, Category: "resources", Scored: true, - Resources: []report.Resource{ - { - APIVersion: "v1", - Kind: "Deployment", - Name: "nginx", - Namespace: "test", - UID: "536ab69f-1b3c-4bd9-9ba4-274a56188409", - }, + Resource: report.Resource{ + APIVersion: "v1", + Kind: "Deployment", + Name: "nginx", + Namespace: "test", + UID: "536ab69f-1b3c-4bd9-9ba4-274a56188409", }, } @@ -40,14 +38,12 @@ var result2 = report.Result{ Status: report.Pass, Category: "resources", Scored: true, - Resources: []report.Resource{ - { - APIVersion: "v1", - Kind: "Deployment", - Name: "nginx", - Namespace: "test", - UID: "535ab69f-1b3c-4bd9-9ba4-274a56188419", - }, + Resource: report.Resource{ + APIVersion: "v1", + Kind: "Deployment", + Name: "nginx", + Namespace: "test", + UID: "535ab69f-1b3c-4bd9-9ba4-274a56188419", }, } @@ -233,21 +229,21 @@ func testResultMetricLabels(metric *io_prometheus_client.Metric, result report.R if name := *metric.Label[1].Name; name != "kind" { return fmt.Errorf("Unexpected Name Label: %s", name) } - if value := *metric.Label[1].Value; value != result.Resources[0].Kind { + if value := *metric.Label[1].Value; value != result.Resource.Kind { return fmt.Errorf("Unexpected Kind Label Value: %s", value) } if name := *metric.Label[2].Name; name != "name" { return fmt.Errorf("Unexpected Name Label: %s", name) } - if value := *metric.Label[2].Value; value != result.Resources[0].Name { + if value := *metric.Label[2].Value; value != result.Resource.Name { return fmt.Errorf("Unexpected Name Label Value: %s", value) } if name := *metric.Label[3].Name; name != "namespace" { return fmt.Errorf("Unexpected Name Label: %s", name) } - if value := *metric.Label[3].Value; value != result.Resources[0].Namespace { + if value := *metric.Label[3].Value; value != result.Resource.Namespace { return fmt.Errorf("Unexpected Namespace Label Value: %s", value) } diff --git a/pkg/report/model.go b/pkg/report/model.go index fc42efdb..93e60dde 100644 --- a/pkg/report/model.go +++ b/pkg/report/model.go @@ -142,20 +142,25 @@ type Result struct { Category string `json:",omitempty"` Scored bool Timestamp time.Time - Resources []Resource + Resource Resource Properties map[string]string } // GetIdentifier returns a global unique Result identifier func (r Result) GetIdentifier() string { suffix := "" - if len(r.Resources) > 0 { - suffix = "__" + r.Resources[0].UID + if r.Resource.UID != "" { + suffix = "__" + r.Resource.UID } return fmt.Sprintf("%s__%s__%s%s", r.Policy, r.Rule, r.Status, suffix) } +// HasResource checks if the result has an valid Resource +func (r Result) HasResource() bool { + return r.Resource.UID != "" +} + // Summary from the PolicyReport spec wgpolicyk8s.io/v1alpha1.PolicyReportSummary type Summary struct { Pass int diff --git a/pkg/report/model_test.go b/pkg/report/model_test.go index 08f575f7..73644f15 100644 --- a/pkg/report/model_test.go +++ b/pkg/report/model_test.go @@ -17,14 +17,12 @@ var result1 = report.Result{ Category: "resources", Severity: report.High, Scored: true, - Resources: []report.Resource{ - { - APIVersion: "v1", - Kind: "Deployment", - Name: "nginx", - Namespace: "test", - UID: "536ab69f-1b3c-4bd9-9ba4-274a56188409", - }, + Resource: report.Resource{ + APIVersion: "v1", + Kind: "Deployment", + Name: "nginx", + Namespace: "test", + UID: "536ab69f-1b3c-4bd9-9ba4-274a56188409", }, } @@ -36,14 +34,12 @@ var result2 = report.Result{ Status: report.Fail, Category: "resources", Scored: true, - Resources: []report.Resource{ - { - APIVersion: "v1", - Kind: "Deployment", - Name: "nginx", - Namespace: "test", - UID: "536ab69f-1b3c-4bd9-9ba4-274a56188419", - }, + Resource: report.Resource{ + APIVersion: "v1", + Kind: "Deployment", + Name: "nginx", + Namespace: "test", + UID: "536ab69f-1b3c-4bd9-9ba4-274a56188419", }, } @@ -152,7 +148,7 @@ func Test_ClusterPolicyReport(t *testing.T) { func Test_Result(t *testing.T) { t.Run("Check Result.GetIdentifier", func(t *testing.T) { - expected := fmt.Sprintf("%s__%s__%s__%s", result1.Policy, result1.Rule, result1.Status, result1.Resources[0].UID) + expected := fmt.Sprintf("%s__%s__%s__%s", result1.Policy, result1.Rule, result1.Status, result1.Resource.UID) if result1.GetIdentifier() != expected { t.Errorf("Expected ClusterPolicyReport.GetIdentifier() to be %s (actual: %s)", expected, creport.GetIdentifier()) diff --git a/pkg/target/discord/discord.go b/pkg/target/discord/discord.go index 5b2be831..62908c31 100644 --- a/pkg/target/discord/discord.go +++ b/pkg/target/discord/discord.go @@ -61,18 +61,14 @@ func newPayload(result report.Result) payload { if result.Severity != "" { embedFields = append(embedFields, embedField{"Severity", result.Severity, true}) } - res := report.Resource{} - if len(result.Resources) > 0 { - res = result.Resources[0] - } - if res.Kind != "" { - embedFields = append(embedFields, embedField{"Kind", res.Kind, true}) - embedFields = append(embedFields, embedField{"Name", res.Name, true}) - if res.Namespace != "" { - embedFields = append(embedFields, embedField{"Namespace", res.Namespace, true}) + if result.HasResource() { + embedFields = append(embedFields, embedField{"Kind", result.Resource.Kind, true}) + embedFields = append(embedFields, embedField{"Name", result.Resource.Name, true}) + if result.Resource.Namespace != "" { + embedFields = append(embedFields, embedField{"Namespace", result.Resource.Namespace, true}) } - embedFields = append(embedFields, embedField{"API Version", res.APIVersion, true}) + embedFields = append(embedFields, embedField{"API Version", result.Resource.APIVersion, true}) } for property, value := range result.Properties { diff --git a/pkg/target/discord/discord_test.go b/pkg/target/discord/discord_test.go index d4dcb835..d2d43ce5 100644 --- a/pkg/target/discord/discord_test.go +++ b/pkg/target/discord/discord_test.go @@ -19,14 +19,12 @@ var completeResult = report.Result{ Severity: report.High, Category: "resources", Scored: true, - Resources: []report.Resource{ - { - APIVersion: "v1", - Kind: "Deployment", - Name: "nginx", - Namespace: "default", - UID: "536ab69f-1b3c-4bd9-9ba4-274a56188409", - }, + Resource: report.Resource{ + APIVersion: "v1", + Kind: "Deployment", + Name: "nginx", + Namespace: "default", + UID: "536ab69f-1b3c-4bd9-9ba4-274a56188409", }, Properties: map[string]string{"version": "1.2.0"}, } diff --git a/pkg/target/elasticsearch/elasticsearch_test.go b/pkg/target/elasticsearch/elasticsearch_test.go index b674f20e..79094a67 100644 --- a/pkg/target/elasticsearch/elasticsearch_test.go +++ b/pkg/target/elasticsearch/elasticsearch_test.go @@ -19,14 +19,12 @@ var completeResult = report.Result{ Severity: report.High, Category: "resources", Scored: true, - Resources: []report.Resource{ - { - APIVersion: "v1", - Kind: "Deployment", - Name: "nginx", - Namespace: "default", - UID: "536ab69f-1b3c-4bd9-9ba4-274a56188409", - }, + Resource: report.Resource{ + APIVersion: "v1", + Kind: "Deployment", + Name: "nginx", + Namespace: "default", + UID: "536ab69f-1b3c-4bd9-9ba4-274a56188409", }, Properties: map[string]string{"version": "1.2.0"}, } diff --git a/pkg/target/loki/loki.go b/pkg/target/loki/loki.go index d8251978..2bc228ad 100644 --- a/pkg/target/loki/loki.go +++ b/pkg/target/loki/loki.go @@ -40,12 +40,6 @@ func newLokiPayload(result report.Result) payload { le := entry{Ts: timestamp.Format(time.RFC3339), Line: "[" + strings.ToUpper(result.Priority.String()) + "] " + result.Message} ls := stream{Entries: []entry{le}} - res := report.Resource{} - - if len(result.Resources) > 0 { - res = result.Resources[0] - } - var labels = []string{ "status=\"" + result.Status + "\"", "policy=\"" + result.Policy + "\"", @@ -62,12 +56,12 @@ func newLokiPayload(result report.Result) payload { if result.Severity != "" { labels = append(labels, "severity=\""+result.Severity+"\"") } - if res.Kind != "" { - labels = append(labels, "kind=\""+res.Kind+"\"") - labels = append(labels, "name=\""+res.Name+"\"") - labels = append(labels, "apiVersion=\""+res.APIVersion+"\"") - labels = append(labels, "uid=\""+res.UID+"\"") - labels = append(labels, "namespace=\""+res.Namespace+"\"") + if result.HasResource() { + labels = append(labels, "kind=\""+result.Resource.Kind+"\"") + labels = append(labels, "name=\""+result.Resource.Name+"\"") + labels = append(labels, "apiVersion=\""+result.Resource.APIVersion+"\"") + labels = append(labels, "uid=\""+result.Resource.UID+"\"") + labels = append(labels, "namespace=\""+result.Resource.Namespace+"\"") } for property, value := range result.Properties { diff --git a/pkg/target/loki/loki_test.go b/pkg/target/loki/loki_test.go index 72f458dc..b9b9c2aa 100644 --- a/pkg/target/loki/loki_test.go +++ b/pkg/target/loki/loki_test.go @@ -22,14 +22,12 @@ var completeResult = report.Result{ Severity: report.High, Category: "resources", Scored: true, - Resources: []report.Resource{ - { - APIVersion: "v1", - Kind: "Deployment", - Name: "nginx", - Namespace: "default", - UID: "536ab69f-1b3c-4bd9-9ba4-274a56188409", - }, + Resource: report.Resource{ + APIVersion: "v1", + Kind: "Deployment", + Name: "nginx", + Namespace: "default", + UID: "536ab69f-1b3c-4bd9-9ba4-274a56188409", }, Properties: map[string]string{"version": "1.2.0"}, } @@ -97,7 +95,7 @@ func Test_LokiTarget(t *testing.T) { t.Error("Missing Content for Label 'severity'") } - res := completeResult.Resources[0] + res := completeResult.Resource if !strings.Contains(labels, "kind=\""+res.Kind+"\"") { t.Error("Missing Content for Label 'kind'") } diff --git a/pkg/target/slack/slack.go b/pkg/target/slack/slack.go index a5ffd0a4..3c5c70d0 100644 --- a/pkg/target/slack/slack.go +++ b/pkg/target/slack/slack.go @@ -120,11 +120,11 @@ func (s *client) newPayload(result report.Result) payload { } res := report.Resource{} - - if len(result.Resources) > 0 { - res = result.Resources[0] + if result.Resource.UID != "" { + res = result.Resource } - if res.Kind != "" { + + if res.UID != "" { att.Blocks = append( att.Blocks, block{Type: "section", Text: &text{Type: "mrkdwn", Text: "*Resource*"}}, diff --git a/pkg/target/slack/slack_test.go b/pkg/target/slack/slack_test.go index bb2e8a26..6f58e4bb 100644 --- a/pkg/target/slack/slack_test.go +++ b/pkg/target/slack/slack_test.go @@ -19,14 +19,12 @@ var completeResult = report.Result{ Severity: report.High, Category: "resources", Scored: true, - Resources: []report.Resource{ - { - APIVersion: "v1", - Kind: "Deployment", - Name: "nginx", - Namespace: "default", - UID: "536ab69f-1b3c-4bd9-9ba4-274a56188409", - }, + Resource: report.Resource{ + APIVersion: "v1", + Kind: "Deployment", + Name: "nginx", + Namespace: "default", + UID: "536ab69f-1b3c-4bd9-9ba4-274a56188409", }, Properties: map[string]string{"version": "1.2.0"}, } diff --git a/pkg/target/teams/teams.go b/pkg/target/teams/teams.go index 002a3893..9e8e4578 100644 --- a/pkg/target/teams/teams.go +++ b/pkg/target/teams/teams.go @@ -72,11 +72,11 @@ func newPayload(result report.Result) payload { facts = append(facts, fact{"Severity", result.Severity}) } res := report.Resource{} - - if len(result.Resources) > 0 { - res = result.Resources[0] + if result.Resource.UID != "" { + res = result.Resource } - if res.Kind != "" { + + if res.UID != "" { facts = append(facts, fact{"Kind", res.Kind}) facts = append(facts, fact{"Name", res.Name}) facts = append(facts, fact{"UID", res.UID}) diff --git a/pkg/target/teams/teams_test.go b/pkg/target/teams/teams_test.go index d2cc2a95..75318a34 100644 --- a/pkg/target/teams/teams_test.go +++ b/pkg/target/teams/teams_test.go @@ -20,14 +20,12 @@ var completeResult = report.Result{ Timestamp: time.Date(2021, time.February, 23, 15, 10, 0, 0, time.UTC), Category: "resources", Scored: true, - Resources: []report.Resource{ - { - APIVersion: "v1", - Kind: "Deployment", - Name: "nginx", - Namespace: "default", - UID: "536ab69f-1b3c-4bd9-9ba4-274a56188409", - }, + Resource: report.Resource{ + APIVersion: "v1", + Kind: "Deployment", + Name: "nginx", + Namespace: "default", + UID: "536ab69f-1b3c-4bd9-9ba4-274a56188409", }, Properties: map[string]string{"version": "1.2.0"}, } diff --git a/pkg/target/ui/ui.go b/pkg/target/ui/ui.go index b53b7bb7..4a000028 100644 --- a/pkg/target/ui/ui.go +++ b/pkg/target/ui/ui.go @@ -55,11 +55,11 @@ func newPayload(r report.Result) result { Category: r.Category, Scored: r.Scored, Resource: resource{ - Namespace: r.Resources[0].Namespace, - APIVersion: r.Resources[0].APIVersion, - Kind: r.Resources[0].Kind, - Name: r.Resources[0].Name, - UID: r.Resources[0].UID, + Namespace: r.Resource.Namespace, + APIVersion: r.Resource.APIVersion, + Kind: r.Resource.Kind, + Name: r.Resource.Name, + UID: r.Resource.UID, }, CreationTimestamp: time.Now(), } diff --git a/pkg/target/ui/ui_test.go b/pkg/target/ui/ui_test.go index 0aed98fa..6c3abe6f 100644 --- a/pkg/target/ui/ui_test.go +++ b/pkg/target/ui/ui_test.go @@ -17,14 +17,12 @@ var completeResult = report.Result{ Severity: report.High, Category: "resources", Scored: true, - Resources: []report.Resource{ - { - APIVersion: "v1", - Kind: "Deployment", - Name: "nginx", - Namespace: "default", - UID: "536ab69f-1b3c-4bd9-9ba4-274a56188409", - }, + Resource: report.Resource{ + APIVersion: "v1", + Kind: "Deployment", + Name: "nginx", + Namespace: "default", + UID: "536ab69f-1b3c-4bd9-9ba4-274a56188409", }, }