Skip to content

Commit b5b5e96

Browse files
stefanprodanstefanprodan
authored
Merge pull request #4 from bmcstdio/allow-vendoring
Allow for vendoring the kubesec.io client.
2 parents 2fd1fd9 + dd0d536 commit b5b5e96

File tree

2 files changed

+61
-49
lines changed

2 files changed

+61
-49
lines changed

main.go

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@ import (
99
"strings"
1010

1111
_ "github.com/golang/glog"
12+
"github.com/stefanprodan/kubectl-kubesec/pkg/kubesec"
1213
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
1314
kjson "k8s.io/apimachinery/pkg/runtime/serializer/json"
1415
"k8s.io/client-go/kubernetes"
@@ -119,13 +120,17 @@ func main() {
119120

120121
writer.Flush()
121122

122-
result, err := getResult(buffer)
123+
result, err := kubesec.NewClient().ScanDefinition(buffer)
123124
if err != nil {
124125
fmt.Println(err)
125126
os.Exit(1)
126127
}
128+
if result.Error != "" {
129+
fmt.Println(result.Error)
130+
os.Exit(1)
131+
}
127132

128-
result.print(resource)
133+
result.Dump(os.Stdout)
129134
}
130135

131136
func loadConfig() (*kubernetes.Clientset, string) {

kubesec.go renamed to pkg/kubesec/kubesec.go

Lines changed: 54 additions & 47 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
package main
1+
package kubesec
22

33
import (
44
"bytes"
@@ -11,79 +11,42 @@ import (
1111
"net/http"
1212
)
1313

14-
type KubesecResult struct {
15-
Score int `json:"score"`
16-
Scoring struct {
17-
Critical []struct {
18-
Selector string `json:"selector"`
19-
Reason string `json:"reason"`
20-
Weight int `json:"weight"`
21-
} `json:"critical"`
22-
Advise []struct {
23-
Selector string `json:"selector"`
24-
Reason string `json:"reason"`
25-
Href string `json:"href,omitempty"`
26-
} `json:"advise"`
27-
} `json:"scoring"`
14+
// KubesecClient represent a client for kubesec.io.
15+
type KubesecClient struct {
2816
}
2917

30-
func (r *KubesecResult) print(resource string) {
31-
fmt.Println(fmt.Sprintf("%v kubesec.io score %v", resource, r.Score))
32-
fmt.Println("-----------------")
33-
if len(r.Scoring.Critical) > 0 {
34-
fmt.Println("Critical")
35-
for i, el := range r.Scoring.Critical {
36-
fmt.Println(fmt.Sprintf("%v. %v", i+1, el.Selector))
37-
if len(el.Reason) > 0 {
38-
fmt.Println(el.Reason)
39-
}
40-
41-
}
42-
fmt.Println("-----------------")
43-
}
44-
if len(r.Scoring.Advise) > 0 {
45-
fmt.Println("Advise")
46-
for i, el := range r.Scoring.Advise {
47-
fmt.Println(fmt.Sprintf("%v. %v", i+1, el.Selector))
48-
if len(el.Reason) > 0 {
49-
fmt.Println(el.Reason)
50-
}
51-
}
52-
}
18+
// NewClient returns a new client for kubesec.io.
19+
func NewClient() *KubesecClient {
20+
return &KubesecClient{}
5321
}
5422

55-
func getResult(definition bytes.Buffer) (*KubesecResult, error) {
56-
23+
// ScanDefinition scans the provided resource definition.
24+
func (kc *KubesecClient) ScanDefinition(def bytes.Buffer) (*KubesecResult, error) {
5725
bodyBuf := &bytes.Buffer{}
5826
bodyWriter := multipart.NewWriter(bodyBuf)
59-
6027
fileWriter, err := bodyWriter.CreateFormFile("uploadfile", "object.yaml")
6128
if err != nil {
6229
return nil, err
6330
}
64-
65-
_, err = io.Copy(fileWriter, &definition)
31+
_, err = io.Copy(fileWriter, &def)
6632
if err != nil {
6733
return nil, err
6834
}
69-
7035
contentType := bodyWriter.FormDataContentType()
7136
bodyWriter.Close()
7237

7338
resp, err := http.Post("https://kubesec.io/", contentType, bodyBuf)
7439
if err != nil {
7540
return nil, err
7641
}
77-
7842
defer resp.Body.Close()
7943

8044
body, err := ioutil.ReadAll(resp.Body)
8145
if err != nil {
8246
return nil, err
8347
}
84-
8548
if len(body) < 1 {
86-
return nil, errors.New("unknown result")
49+
return nil, errors.New("failed to scan definition")
8750
}
8851

8952
var result KubesecResult
@@ -94,3 +57,47 @@ func getResult(definition bytes.Buffer) (*KubesecResult, error) {
9457

9558
return &result, nil
9659
}
60+
61+
// KubesecResult represents a result returned by kubesec.io.
62+
type KubesecResult struct {
63+
Error string `json:"error"`
64+
Score int `json:"score"`
65+
Scoring struct {
66+
Critical []struct {
67+
Selector string `json:"selector"`
68+
Reason string `json:"reason"`
69+
Weight int `json:"weight"`
70+
} `json:"critical"`
71+
Advise []struct {
72+
Selector string `json:"selector"`
73+
Reason string `json:"reason"`
74+
Href string `json:"href,omitempty"`
75+
} `json:"advise"`
76+
} `json:"scoring"`
77+
}
78+
79+
// Dump writes the result in a human-readable format to the specified writer.
80+
func (r *KubesecResult) Dump(w io.Writer) {
81+
io.WriteString(w, fmt.Sprintf("kubesec.io score: %v", r.Score))
82+
io.WriteString(w, "-----------------")
83+
if len(r.Scoring.Critical) > 0 {
84+
io.WriteString(w, "Critical")
85+
for i, el := range r.Scoring.Critical {
86+
io.WriteString(w, fmt.Sprintf("%v. %v", i+1, el.Selector))
87+
if len(el.Reason) > 0 {
88+
io.WriteString(w, el.Reason)
89+
}
90+
91+
}
92+
io.WriteString(w, "-----------------")
93+
}
94+
if len(r.Scoring.Advise) > 0 {
95+
io.WriteString(w, "Advise")
96+
for i, el := range r.Scoring.Advise {
97+
io.WriteString(w, fmt.Sprintf("%v. %v", i+1, el.Selector))
98+
if len(el.Reason) > 0 {
99+
io.WriteString(w, el.Reason)
100+
}
101+
}
102+
}
103+
}

0 commit comments

Comments
 (0)