Minimal implementation

.circleci/config.yml

@@ -29,7 +29,6 @@ commands:
             - go-build-cache-{{ .Branch }}-{{ .Revision }}
             - go-build-cache-{{ .Branch }}-
             - go-build-cache-
-
 jobs:
   scan:
     resource_class: small
@@ -52,16 +51,21 @@ jobs:
       # saving & restoring the module cache takes almost 6x longer than simply fetching the modules...
       #- go/mod-download-cached
       - restore-build-cache 
+      - go/mod-download
       - run:
           command: |
-            golangci-lint run ./...
+            golangci-lint run -v --timeout=2m ./...
           environment:
             # we re-use the Go build cache as our lint-cache too.
             GOLANGCI_LINT_CACHE: /home/circleci/.cache/go-build
       # we're not using the go/test command from the Go orb because that uses `-count=1` as an argument.
       # That means all tests are run every time, instead of honoring the cache.
       - run:
-          command: go test -race ./... 
+          command: |
+            # install required tools for kubebuilder tests.
+            go install sigs.k8s.io/controller-runtime/tools/setup-envtest@latest
+            source <(setup-envtest use -p env) 
+            go test -race ./... 
       - save-build-cache
 
   release:

.dockerignore

@@ -0,0 +1,9 @@
+.bin/
+.circleci/
+.github/
+test/results/
+.git*
+*.js
+*.md
+*.yaml
+config.secret.json

.gitignore

@@ -0,0 +1,64 @@
+### Git ###
+# Created by git for backups. To disable backups in Git:
+# $ git config --global mergetool.keepBackup false
+*.orig
+
+# Created by git when using merge tools for conflicts
+*.BACKUP.*
+*.BASE.*
+*.LOCAL.*
+*.REMOTE.*
+*_BACKUP_*.txt
+*_BASE_*.txt
+*_LOCAL_*.txt
+*_REMOTE_*.txt
+
+### Go ###
+# Binaries for programs and plugins
+*.exe
+*.exe~
+*.dll
+*.so
+*.dylib
+
+# Test binary, built with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+
+# Dependency directories (remove the comment below to include it)
+# /vendor/
+
+# Go workspace file
+go.work
+
+### Go Patch ###
+/vendor/
+/Godeps/
+
+### Helm ###
+# Chart dependencies
+/helm/**/charts/*.tgz
+
+/helm/config.secret.json
+
+### Test results ###
+/test/results
+
+### IDEs ###
+.idea
+.vscode
+.dccache
+
+### Tooling ###
+/.bin/
+
+### Local development ###
+# Local config file
+/config.local.json
+# Local build system configuration
+/local.mk
+
+### Node.js ###
+/node_modules

Dockerfile

@@ -7,7 +7,7 @@ ARG COMMIT_SHA
 ARG GIT_TAG
 
 RUN go mod download
-RUN CGO_ENABLED=0 go build \
+RUN CGO_ENABLED=0 GOEXPERIMENT=boringcrypto go build \
     -ldflags="-s -w \
         -X github.com/snyk/kubernetes-scanner/build.commitSHA=$COMMIT_SHA \
         -X github.com/snyk/kubernetes-scanner/build.tag=$GIT_TAG\
@@ -18,4 +18,4 @@ RUN CGO_ENABLED=0 go build \
 FROM gcr.io/distroless/static
 
 COPY --from=build /go/bin/kubernetes-scanner /
-CMD ["/kubernetes-scanner"]
+ENTRYPOINT ["/kubernetes-scanner"]

README.md

@@ -0,0 +1,13 @@
+# Kubernetes-Scanner
+
+## Running tests
+
+- Install Kubebuilder from your package manager of choice
+- Install setup-envtest with Go: `go install sigs.k8s.io/controller-runtime/tools/setup-envtest@latest`
+- Install the required tools: `setup-envtest use`
+- Setup the environment: `setup-envtest use -p env | source`
+
+(yes this is not optimal)
+
+See [this](https://pkg.go.dev/sigs.k8s.io/controller-runtime/tools/setup-envtest#section-readme)
+for more info.

go.mod

@@ -1,3 +1,70 @@
 module github.com/snyk/kubernetes-scanner
 
 go 1.19
+
+require (
+	golang.org/x/exp v0.0.0-20230213192124-5e25df0256eb
+	k8s.io/api v0.26.1
+	k8s.io/apimachinery v0.26.1
+	k8s.io/client-go v0.26.1
+	sigs.k8s.io/controller-runtime v0.14.4
+)
+
+require (
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/cespare/xxhash/v2 v2.1.2 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/emicklei/go-restful/v3 v3.9.0 // indirect
+	github.com/evanphx/json-patch v4.12.0+incompatible // indirect
+	github.com/evanphx/json-patch/v5 v5.6.0 // indirect
+	github.com/fsnotify/fsnotify v1.6.0 // indirect
+	github.com/go-logr/logr v1.2.3 // indirect
+	github.com/go-logr/zapr v1.2.3 // indirect
+	github.com/go-openapi/jsonpointer v0.19.5 // indirect
+	github.com/go-openapi/jsonreference v0.20.0 // indirect
+	github.com/go-openapi/swag v0.19.14 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
+	github.com/golang/protobuf v1.5.2 // indirect
+	github.com/google/gnostic v0.5.7-v3refs // indirect
+	github.com/google/go-cmp v0.5.9 // indirect
+	github.com/google/gofuzz v1.1.0 // indirect
+	github.com/google/uuid v1.1.2 // indirect
+	github.com/imdario/mergo v0.3.6 // indirect
+	github.com/josharian/intern v1.0.0 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/mailru/easyjson v0.7.6 // indirect
+	github.com/matttproud/golang_protobuf_extensions v1.0.2 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
+	github.com/prometheus/client_golang v1.14.0 // indirect
+	github.com/prometheus/client_model v0.3.0 // indirect
+	github.com/prometheus/common v0.37.0 // indirect
+	github.com/prometheus/procfs v0.8.0 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
+	go.uber.org/atomic v1.7.0 // indirect
+	go.uber.org/multierr v1.6.0 // indirect
+	go.uber.org/zap v1.24.0 // indirect
+	golang.org/x/net v0.3.1-0.20221206200815-1e63c2f08a10 // indirect
+	golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b // indirect
+	golang.org/x/sys v0.3.0 // indirect
+	golang.org/x/term v0.3.0 // indirect
+	golang.org/x/text v0.5.0 // indirect
+	golang.org/x/time v0.3.0 // indirect
+	gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect
+	google.golang.org/appengine v1.6.7 // indirect
+	google.golang.org/protobuf v1.28.1 // indirect
+	gopkg.in/inf.v0 v0.9.1 // indirect
+	gopkg.in/yaml.v2 v2.4.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	k8s.io/apiextensions-apiserver v0.26.1 // indirect
+	k8s.io/component-base v0.26.1 // indirect
+	k8s.io/klog/v2 v2.80.1 // indirect
+	k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 // indirect
+	k8s.io/utils v0.0.0-20221128185143-99ec85e7a448 // indirect
+	sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
+	sigs.k8s.io/yaml v1.3.0 // indirect
+)