Trivy k8s scanning changes

agent/kubviz/k8smetrics_agent.go

@@ -2,6 +2,7 @@ package main
 
 import (
 	"encoding/json"
+	"github.com/intelops/kubviz/constants"
 	"github.com/nats-io/nats.go"
 	"log"
 	"os"
@@ -31,14 +32,6 @@ import (
 	"k8s.io/client-go/tools/clientcmd"
 )
 
-// constants for jetstream
-const (
-	streamName     = "METRICS"
-	streamSubjects = "METRICS.*"
-	eventSubject   = "METRICS.kubvizevent"
-	allSubject     = "METRICS.all"
-)
-
 type RuningEnv int
 
 const (
@@ -66,14 +59,15 @@ func main() {
 	getAllResourceChan := make(chan error, 1)
 	clusterMetricsChan := make(chan error, 1)
 	kubescoreMetricsChan := make(chan error, 1)
+	trivyK8sMetricsChan := make(chan error, 1)
 	RakeesErrChan := make(chan error, 1)
 	var (
 		wg        sync.WaitGroup
 		config    *rest.Config
 		clientset *kubernetes.Clientset
 	)
-	// waiting for 4 go routines
-	wg.Add(5)
+	// waiting for 7 go routines
+	wg.Add(7)
 	// connecting with nats ...
 	nc, err := nats.Connect(natsurl, nats.Name("K8s Metrics"), nats.Token(token))
 	checkErr(err)
@@ -105,6 +99,7 @@ func main() {
 	go getK8sEvents(clientset)
 	go publishMetrics(clientset, js, &wg, clusterMetricsChan)
 	go RunKubeScore(clientset, js, &wg, kubescoreMetricsChan)
+	go RunTrivyK8sClusterScan(&wg, js, trivyK8sMetricsChan)
 	wg.Wait()
 	// once the go routines completes we will close the error channels
 	close(outdatedErrChan)
@@ -113,6 +108,7 @@ func main() {
 	close(clusterMetricsChan)
 	close(kubescoreMetricsChan)
 	close(RakeesErrChan)
+	close(trivyK8sMetricsChan)
 	// for loop will wait for the error channels
 	// logs if any error occurs
 	for {
@@ -141,29 +137,15 @@ func main() {
 			if err != nil {
 				log.Println(err)
 			}
+		case err := <-trivyK8sMetricsChan:
+			if err != nil {
+				log.Println(err)
+			}
 		}
 	}
 
 }
 
-//func setupAgent() {
-//	configurations, err := config.GetAgentConfigurations()
-//	if err != nil {
-//		log.Printf("Failed to get agent config: %v\n", err)
-//		panic(err)
-//	}
-//	//k8s := &K8sData{
-//	//	Namespace:          configurations.SANamespace,
-//	//	ServiceAccountName: configurations.SAName,
-//	//	KubeconfigFileName: constants.KUBECONFIG,
-//	//}
-//	//_, err = k8s.GenerateKubeConfiguration()
-//	if err != nil {
-//		log.Printf("Failed to generate kubeconfig: %v\n", err)
-//		panic(err)
-//	}
-//}
-
 // publishMetrics publishes stream of events
 // with subject "METRICS.created"
 func publishMetrics(clientset *kubernetes.Clientset, js nats.JetStreamContext, wg *sync.WaitGroup, errCh chan error) {
@@ -181,7 +163,7 @@ func publishK8sMetrics(id string, mtype string, mdata *v1.Event, js nats.JetStre
 		ClusterName: ClusterName,
 	}
 	metricsJson, _ := json.Marshal(metrics)
-	_, err := js.Publish(eventSubject, metricsJson)
+	_, err := js.Publish(constants.EventSubject, metricsJson)
 	if err != nil {
 		return true, err
 	}
@@ -192,16 +174,16 @@ func publishK8sMetrics(id string, mtype string, mdata *v1.Event, js nats.JetStre
 // createStream creates a stream by using JetStreamContext
 func createStream(js nats.JetStreamContext) error {
 	// Check if the METRICS stream already exists; if not, create it.
-	stream, err := js.StreamInfo(streamName)
+	stream, err := js.StreamInfo(constants.StreamName)
 	log.Printf("Retrieved stream %s", fmt.Sprintf("%v", stream))
 	if err != nil {
 		log.Printf("Error getting stream %s", err)
 	}
 	if stream == nil {
-		log.Printf("creating stream %q and subjects %q", streamName, streamSubjects)
+		log.Printf("creating stream %q and subjects %q", constants.StreamName, constants.StreamSubjects)
 		_, err = js.AddStream(&nats.StreamConfig{
-			Name:     streamName,
-			Subjects: []string{streamSubjects},
+			Name:     constants.StreamName,
+			Subjects: []string{constants.StreamSubjects},
 		})
 		checkErr(err)
 	}

agent/kubviz/ketall.go

@@ -3,6 +3,7 @@ package main
 import (
 	"context"
 	"encoding/json"
+	"github.com/intelops/kubviz/constants"
 	"sync"
 	"time"
 
@@ -15,15 +16,11 @@ import (
 	"k8s.io/client-go/rest"
 )
 
-const (
-	eventSubject_getall_resource = "METRICS.ketall"
-)
-
 func PublishAllResources(result model.Resource, js nats.JetStreamContext) error {
 	metrics := result
 	metrics.ClusterName = ClusterName
 	metricsJson, _ := json.Marshal(metrics)
-	_, err := js.Publish(eventSubject_getall_resource, metricsJson)
+	_, err := js.Publish(constants.EventSubject_getall_resource, metricsJson)
 	if err != nil {
 		return err
 	}

agent/kubviz/kubePreUpgrade.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"github.com/intelops/kubviz/constants"
 	"io"
 	"net/http"
 	"os"
@@ -25,13 +26,10 @@ import (
 )
 
 const (
-	baseURL                 = "https://raw.githubusercontent.com/kubernetes/kubernetes"
-	fileURL                 = "api/openapi-spec/swagger.json"
-	crdGroup                = "apiextensions.k8s.io"
-	apiRegistration         = "apiregistration.k8s.io"
-	kubeConfigFileName      = "dev-config"
-	eventSubject_deleted    = "METRICS.deletedAPI"
-	eventSubject_depricated = "METRICS.deprecatedAPI"
+	baseURL         = "https://raw.githubusercontent.com/kubernetes/kubernetes"
+	fileURL         = "api/openapi-spec/swagger.json"
+	crdGroup        = "apiextensions.k8s.io"
+	apiRegistration = "apiregistration.k8s.io"
 )
 
 type ignoreStruct map[string]struct{}
@@ -61,7 +59,7 @@ func publishK8sDepricated_Deleted_Api(result *model.Result, js nats.JetStreamCon
 		deprecatedAPI.ClusterName = ClusterName
 		fmt.Println("deprecatedAPI", deprecatedAPI)
 		deprecatedAPIJson, _ := json.Marshal(deprecatedAPI)
-		_, err := js.Publish(eventSubject_depricated, deprecatedAPIJson)
+		_, err := js.Publish(constants.EventSubject_depricated, deprecatedAPIJson)
 		if err != nil {
 			return err
 		}
@@ -71,7 +69,7 @@ func publishK8sDepricated_Deleted_Api(result *model.Result, js nats.JetStreamCon
 		deletedAPI.ClusterName = ClusterName
 		fmt.Println("deletedAPI", deletedAPI)
 		deletedAPIJson, _ := json.Marshal(deletedAPI)
-		_, err := js.Publish(eventSubject_deleted, deletedAPIJson)
+		_, err := js.Publish(constants.EventSubject_deleted, deletedAPIJson)
 		if err != nil {
 			return err
 		}

agent/kubviz/kube_score.go

@@ -55,7 +55,7 @@ func publishKubescoreMetrics(id string, ns string, recommendations string, js na
 		ClusterName:     ClusterName,
 	}
 	metricsJson, _ := json.Marshal(metrics)
-	_, err := js.Publish(constants.SUBJECT, metricsJson)
+	_, err := js.Publish(constants.KUBESCORE_SUBJECT, metricsJson)
 	if err != nil {
 		return err
 	}

agent/kubviz/outdated.go

@@ -5,6 +5,7 @@ import (
 	"encoding/base64"
 	"encoding/json"
 	"fmt"
+	"github.com/intelops/kubviz/constants"
 	"log"
 	"os"
 	"regexp"
@@ -27,9 +28,8 @@ import (
 )
 
 const (
-	maxImageLength               = 50
-	maxTagLength                 = 50
-	eventSubject_outdated_images = "METRICS.outdated"
+	maxImageLength = 50
+	maxTagLength   = 50
 )
 
 var (
@@ -58,7 +58,7 @@ func PublishOutdatedImages(out model.CheckResultfinal, js nats.JetStreamContext)
 	metrics := out
 	metrics.ClusterName = ClusterName
 	metricsJson, _ := json.Marshal(metrics)
-	_, err := js.Publish(eventSubject_outdated_images, metricsJson)
+	_, err := js.Publish(constants.EventSubject_outdated_images, metricsJson)
 	if err != nil {
 		return err
 	}

agent/kubviz/rakees_agent.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"github.com/intelops/kubviz/constants"
 	"log"
 	"os"
 	"os/signal"
@@ -17,8 +18,6 @@ import (
 	"k8s.io/client-go/rest"
 )
 
-const eventSubject_rakees = "METRICS.rakees"
-
 func accessToOutcome(access rakkess.Access) (rakkess.Outcome, error) {
 	switch access {
 	case 0:
@@ -86,7 +85,7 @@ func RakeesOutput(config *rest.Config, js nats.JetStreamContext, wg *sync.WaitGr
 			Update:      rakkess.HumanreadableAccessCode(updateOutcome),
 		}
 		metricsJson, _ := json.Marshal(metrics)
-		_, err = js.Publish(eventSubject_rakees, metricsJson)
+		_, err = js.Publish(constants.EventSubject_rakees, metricsJson)
 		if err != nil {
 			errCh <- err
 		}