Add a snapshot JSON format for uploads

Signed-off-by: Richard Wall <[email protected]>

Author: wallrj

pkg/internal/cyberark/dataupload/dataupload.go

@@ -29,6 +29,18 @@ const (
 	apiPathSnapshotLinks = "/api/ingestions/kubernetes/snapshot-links"
 )
 
+// Snapshot is the JSON that the CyberArk Discovery and Context API expects to
+// be uploaded to the AWS presigned URL.
+type Snapshot struct {
+	AgentVersion    string        `json:"agent_version"`
+	ClusterID       string        `json:"cluster_id"`
+	K8SVersion      string        `json:"k8s_version"`
+	Secrets         []interface{} `json:"secrets"`
+	ServiceAccounts []interface{} `json:"service_accounts"`
+	Roles           []interface{} `json:"roles"`
+	RoleBindings    []interface{} `json:"role_bindings"`
+}
+
 type CyberArkClient struct {
 	baseURL string
 	client  *http.Client
@@ -63,9 +75,14 @@ func (c *CyberArkClient) PostDataReadingsWithOptions(ctx context.Context, payloa
 		return fmt.Errorf("programmer mistake: the cluster name (aka `cluster_id` in the config file) cannot be left empty")
 	}
 
+	snapshot := Snapshot{
+		ClusterID:    payload.AgentMetadata.ClusterID,
+		AgentVersion: version.PreflightVersion,
+	}
+
 	encodedBody := &bytes.Buffer{}
 	checksum := sha256.New()
-	if err := json.NewEncoder(io.MultiWriter(encodedBody, checksum)).Encode(payload); err != nil {
+	if err := json.NewEncoder(io.MultiWriter(encodedBody, checksum)).Encode(snapshot); err != nil {
 		return err
 	}
 

pkg/internal/cyberark/dataupload/dataupload_test.go

@@ -187,8 +187,16 @@ func TestCyberArkClient_PostDataReadingsWithOptions_RealAPI(t *testing.T) {
 	cyberArkClient, err := dataupload.NewCyberArkClient(nil, serviceURL, identityClient.AuthenticateRequest)
 	require.NoError(t, err)
 
-	err = cyberArkClient.PostDataReadingsWithOptions(ctx, api.DataReadingsPost{}, dataupload.Options{
-		ClusterName: "bb068932-c80d-460d-88df-34bc7f3f3297",
-	})
+	err = cyberArkClient.PostDataReadingsWithOptions(
+		ctx,
+		api.DataReadingsPost{
+			AgentMetadata: &api.AgentMetadata{
+				ClusterID: "bb068932-c80d-460d-88df-34bc7f3f3297",
+			},
+		},
+		dataupload.Options{
+			ClusterName: "bb068932-c80d-460d-88df-34bc7f3f3297",
+		},
+	)
 	require.NoError(t, err)
 }

pkg/internal/cyberark/dataupload/mock.go

@@ -1,6 +1,7 @@
 package dataupload
 
 import (
+	"bytes"
 	"crypto/sha256"
 	"encoding/hex"
 	"encoding/json"
@@ -140,15 +141,26 @@ func (mds *mockDataUploadServer) handleUpload(w http.ResponseWriter, r *http.Req
 		return
 	}
 
-	checksum := sha256.New()
-	_, err := io.Copy(checksum, r.Body)
+	body, err := io.ReadAll(r.Body)
 	if err != nil {
 		panic(err)
 	}
 
+	checksum := sha256.New()
+	_, err = checksum.Write(body)
+	if err != nil {
+		panic(err)
+	}
 	if r.URL.Query().Get("checksum") != hex.EncodeToString(checksum.Sum(nil)) {
 		http.Error(w, "checksum is invalid", http.StatusInternalServerError)
 	}
 
+	var snapshot Snapshot
+	d := json.NewDecoder(bytes.NewBuffer(body))
+	d.DisallowUnknownFields()
+	if err := d.Decode(&snapshot); err != nil {
+		panic(err)
+	}
+
 	w.WriteHeader(http.StatusOK)
 }