Merge pull request #343 from replicatedhq/divolgin/images

Docker registry collector/analyzer

Author: divolgin

go.mod

@@ -3,6 +3,7 @@ module github.com/replicatedhq/troubleshoot
 go 1.12
 
 require (
+	github.com/StackExchange/wmi v0.0.0-20210224194228-fe8f1750fd46 // indirect
 	github.com/ahmetalpbalkan/go-cursor v0.0.0-20131010032410-8136607ea412
 	github.com/aws/aws-sdk-go v1.25.18 // indirect
 	github.com/blang/semver v3.5.1+incompatible
@@ -11,45 +12,40 @@ require (
 	github.com/elazarl/goproxy v0.0.0-20191011121108-aa519ddbe484 // indirect
 	github.com/emicklei/go-restful v2.9.6+incompatible // indirect
 	github.com/fatih/color v1.7.0
+	github.com/go-ole/go-ole v1.2.5 // indirect
 	github.com/go-openapi/spec v0.19.4 // indirect
 	github.com/go-redis/redis/v7 v7.2.0
 	github.com/go-sql-driver/mysql v1.5.0
 	github.com/gobwas/glob v0.2.3
 	github.com/godbus/dbus v4.1.0+incompatible
-	github.com/google/go-cmp v0.3.1 // indirect
+	github.com/google/go-containerregistry v0.4.1
 	github.com/google/gofuzz v1.1.0
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
 	github.com/hashicorp/go-getter v1.3.1-0.20190627223108-da0323b9545e
 	github.com/hashicorp/go-multierror v1.0.0
-	github.com/imdario/mergo v0.3.8 // indirect
 	github.com/lib/pq v1.3.0
 	github.com/manifoldco/promptui v0.3.2
 	github.com/mattn/go-colorable v0.1.4 // indirect
 	github.com/mattn/go-isatty v0.0.9
 	github.com/mitchellh/go-wordwrap v1.0.0 // indirect
 	github.com/nicksnyder/go-i18n v1.10.1 // indirect
-	github.com/onsi/gomega v1.9.0 // indirect
 	github.com/pkg/errors v0.9.1
-	github.com/prometheus/procfs v0.0.5 // indirect
 	github.com/replicatedhq/termui/v3 v3.1.1-0.20200811145416-f40076d26851
 	github.com/segmentio/ksuid v1.0.3
 	github.com/shirou/gopsutil v3.21.1+incompatible
-	github.com/spf13/cobra v0.0.5
+	github.com/spf13/cobra v1.1.1
 	github.com/spf13/pflag v1.0.5
-	github.com/spf13/viper v1.4.0
-	github.com/stretchr/testify v1.5.1
+	github.com/spf13/viper v1.7.0
+	github.com/stretchr/testify v1.6.1
 	github.com/tj/go-spin v1.1.0
 	github.com/ulikunitz/xz v0.5.6 // indirect
-	go.opencensus.io v0.22.0 // indirect
-	golang.org/x/net v0.0.0-20200202094626-16171245cfb2 // indirect
 	golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c // indirect
-	golang.org/x/tools v0.0.0-20191010075000-0337d82405ff // indirect
 	gopkg.in/alecthomas/kingpin.v3-unstable v3.0.0-20191105091915-95d230a53780 // indirect
-	gopkg.in/yaml.v2 v2.2.8
-	k8s.io/api v0.18.3
-	k8s.io/apiextensions-apiserver v0.18.2
-	k8s.io/apimachinery v0.18.3
-	k8s.io/cli-runtime v0.18.0
-	k8s.io/client-go v0.18.2
-	sigs.k8s.io/controller-runtime v0.5.1-0.20200402191424-df180accb901
+	gopkg.in/yaml.v2 v2.3.0
+	k8s.io/api v0.20.2
+	k8s.io/apiextensions-apiserver v0.20.2
+	k8s.io/apimachinery v0.20.2
+	k8s.io/cli-runtime v0.20.2
+	k8s.io/client-go v0.20.2
+	sigs.k8s.io/controller-runtime v0.8.3
 )

go.sum

@@ -300,5 +300,20 @@ func Analyze(analyzer *troubleshootv1beta2.Analyze, getFile getCollectedFileCont
 		return []*AnalyzeResult{result}, nil
 	}
 
+	if analyzer.RegistryImages != nil {
+		isExcluded, err := isExcluded(analyzer.RegistryImages.Exclude)
+		if err != nil {
+			return nil, err
+		}
+		if isExcluded {
+			return nil, nil
+		}
+		result, err := analyzeRegistry(analyzer.RegistryImages, getFile)
+		if err != nil {
+			return nil, err
+		}
+		return []*AnalyzeResult{result}, nil
+	}
+
 	return nil, errors.New("invalid analyzer")
 }

pkg/analyze/analyzer.go

@@ -68,7 +68,7 @@ func analyzePostgres(analyzer *troubleshootv1beta2.DatabaseAnalyze, getCollected
 				return result, nil
 			}
 		} else if outcome.Warn != nil {
-			if outcome.Pass.When == "" {
+			if outcome.Warn.When == "" {
 				result.IsWarn = true
 				result.Message = outcome.Warn.Message
 				result.URI = outcome.Warn.URI

pkg/analyze/postgres.go

@@ -62,7 +62,7 @@ func analyzeRedis(analyzer *troubleshootv1beta2.DatabaseAnalyze, getCollectedFil
 				return result, nil
 			}
 		} else if outcome.Warn != nil {
-			if outcome.Pass.When == "" {
+			if outcome.Warn.When == "" {
 				result.IsWarn = true
 				result.Message = outcome.Warn.Message
 				result.URI = outcome.Warn.URI

pkg/analyze/redis.go

@@ -0,0 +1,183 @@
+package analyzer
+
+import (
+	"encoding/json"
+	"fmt"
+	"path"
+	"strconv"
+	"strings"
+
+	"github.com/pkg/errors"
+	troubleshootv1beta2 "github.com/replicatedhq/troubleshoot/pkg/apis/troubleshoot/v1beta2"
+	"github.com/replicatedhq/troubleshoot/pkg/collect"
+)
+
+func analyzeRegistry(analyzer *troubleshootv1beta2.RegistryImagesAnalyze, getCollectedFileContents func(string) ([]byte, error)) (*AnalyzeResult, error) {
+	collectorName := analyzer.CollectorName
+	if collectorName == "" {
+		collectorName = "images"
+	}
+
+	fullPath := path.Join("registry", fmt.Sprintf("%s.json", collectorName))
+
+	collected, err := getCollectedFileContents(fullPath)
+	if err != nil {
+		return nil, errors.Wrapf(err, "failed to read collected file name: %s", fullPath)
+	}
+
+	registryInfo := collect.RegistryInfo{}
+	if err := json.Unmarshal(collected, &registryInfo); err != nil {
+		return nil, errors.Wrap(err, "failed to unmarshal database connection result")
+	}
+
+	numMissingImages := 0
+	numVerifiedImages := 0
+	numErrors := 0
+	for _, image := range registryInfo.Images {
+		if image.Error != "" {
+			numErrors++
+		} else if !image.Exists {
+			numMissingImages++
+		} else {
+			numVerifiedImages++
+		}
+	}
+
+	title := analyzer.CheckName
+	if title == "" {
+		title = collectorName
+	}
+
+	result := &AnalyzeResult{
+		Title:   title,
+		IconKey: "kubernetes_registry_analyze",
+		IconURI: "https://troubleshoot.sh/images/analyzer-icons/registry-analyze.svg",
+	}
+
+	for _, outcome := range analyzer.Outcomes {
+		if outcome.Fail != nil {
+			if outcome.Fail.When == "" {
+				result.IsFail = true
+				result.Message = outcome.Fail.Message
+				result.URI = outcome.Fail.URI
+
+				return result, nil
+			}
+
+			isMatch, err := compareRegistryConditionalToActual(outcome.Fail.When, numVerifiedImages, numMissingImages, numErrors)
+			if err != nil {
+				return result, errors.Wrap(err, "failed to compare registry conditional")
+			}
+
+			if isMatch {
+				result.IsFail = true
+				result.Message = outcome.Fail.Message
+				result.URI = outcome.Fail.URI
+
+				return result, nil
+			}
+		} else if outcome.Warn != nil {
+			if outcome.Warn.When == "" {
+				result.IsWarn = true
+				result.Message = outcome.Warn.Message
+				result.URI = outcome.Warn.URI
+
+				return result, nil
+			}
+
+			isMatch, err := compareRegistryConditionalToActual(outcome.Warn.When, numVerifiedImages, numMissingImages, numErrors)
+			if err != nil {
+				return result, errors.Wrap(err, "failed to compare registry conditional")
+			}
+
+			if isMatch {
+				result.IsWarn = true
+				result.Message = outcome.Warn.Message
+				result.URI = outcome.Warn.URI
+
+				return result, nil
+			}
+		} else if outcome.Pass != nil {
+			if outcome.Pass.When == "" {
+				result.IsPass = true
+				result.Message = outcome.Pass.Message
+				result.URI = outcome.Pass.URI
+
+				return result, nil
+			}
+
+			isMatch, err := compareRegistryConditionalToActual(outcome.Pass.When, numVerifiedImages, numMissingImages, numErrors)
+			if err != nil {
+				return result, errors.Wrap(err, "failed to compare registry conditional")
+			}
+
+			if isMatch {
+				result.IsPass = true
+				result.Message = outcome.Pass.Message
+				result.URI = outcome.Pass.URI
+
+				return result, nil
+			}
+		}
+	}
+
+	return result, nil
+}
+
+func compareRegistryConditionalToActual(conditional string, numVerifiedImages int, numMissingImages int, numErrors int) (bool, error) {
+	parts := strings.Split(strings.TrimSpace(conditional), " ")
+
+	if len(parts) != 3 {
+		return false, errors.Errorf("unable to parse conditional: %s", conditional)
+	}
+
+	switch parts[0] {
+	case "verified":
+		result, err := doCompareRegistryImageCount(parts[1], parts[2], numVerifiedImages)
+		if err != nil {
+			return false, errors.Wrap(err, "failed to compare number of verified images")
+		}
+
+		return result, nil
+
+	case "missing":
+		result, err := doCompareRegistryImageCount(parts[1], parts[2], numMissingImages)
+		if err != nil {
+			return false, errors.Wrap(err, "failed to compare number of missing images")
+		}
+
+		return result, nil
+
+	case "errors":
+		result, err := doCompareRegistryImageCount(parts[1], parts[2], numErrors)
+		if err != nil {
+			return false, errors.Wrap(err, "failed to compare number of errors")
+		}
+
+		return result, nil
+	}
+
+	return false, errors.Errorf("unknown term %q in conditional", parts[0])
+}
+
+func doCompareRegistryImageCount(operator string, desired string, actual int) (bool, error) {
+	desiredInt, err := strconv.Atoi(desired)
+	if err != nil {
+		return false, errors.Wrap(err, "failed to parse")
+	}
+
+	switch operator {
+	case "<":
+		return actual < desiredInt, nil
+	case "<=":
+		return actual <= desiredInt, nil
+	case ">":
+		return actual > desiredInt, nil
+	case ">=":
+		return actual >= desiredInt, nil
+	case "=", "==", "===":
+		return actual == desiredInt, nil
+	}
+
+	return false, errors.Errorf("unknown operator: %s", operator)
+}

pkg/analyze/registry.go

@@ -116,6 +116,12 @@ type CephStatusAnalyze struct {
 	Namespace     string     `json:"namespace" yaml:"namespace"`
 }
 
+type RegistryImagesAnalyze struct {
+	AnalyzeMeta   `json:",inline" yaml:",inline"`
+	Outcomes      []*Outcome `json:"outcomes" yaml:"outcomes"`
+	CollectorName string     `json:"collectorName" yaml:"collectorName"`
+}
+
 type AnalyzeMeta struct {
 	CheckName string                 `json:"checkName,omitempty" yaml:"checkName,omitempty"`
 	Exclude   multitype.BoolOrString `json:"exclude,omitempty" yaml:"exclude,omitempty"`
@@ -138,4 +144,5 @@ type Analyze struct {
 	Mysql                    *DatabaseAnalyze          `json:"mysql,omitempty" yaml:"mysql,omitempty"`
 	Redis                    *DatabaseAnalyze          `json:"redis,omitempty" yaml:"redis,omitempty"`
 	CephStatus               *CephStatusAnalyze        `json:"cephStatus,omitempty" yaml:"cephStatus,omitempty"`
+	RegistryImages           *RegistryImagesAnalyze    `json:"registryImages,omitempty" yaml:"registryImages,omitempty"`
 }

pkg/apis/troubleshoot/v1beta2/analyzer_shared.go

@@ -139,6 +139,13 @@ type Ceph struct {
 	Timeout       string `json:"timeout,omitempty" yaml:"timeout,omitempty"`
 }
 
+type RegistryImages struct {
+	CollectorMeta    `json:",inline" yaml:",inline"`
+	Images           []string          `json:"images" yaml:"images"`
+	Namespace        string            `json:"namespace" yaml:"namespace"`
+	ImagePullSecrets *ImagePullSecrets `json:"imagePullSecret,omitempty" yaml:"imagePullSecret,omitempty"`
+}
+
 type Collect struct {
 	ClusterInfo      *ClusterInfo      `json:"clusterInfo,omitempty" yaml:"clusterInfo,omitempty"`
 	ClusterResources *ClusterResources `json:"clusterResources,omitempty" yaml:"clusterResources,omitempty"`
@@ -154,6 +161,7 @@ type Collect struct {
 	Redis            *Database         `json:"redis,omitempty" yaml:"redis,omitempty"`
 	Collectd         *Collectd         `json:"collectd,omitempty" yaml:"collectd,omitempty"`
 	Ceph             *Ceph             `json:"ceph,omitempty" yaml:"ceph,omitempty"`
+	RegistryImages   *RegistryImages   `json:"registryImages,omitempty" yaml:"registryImages,omitempty"`
 }
 
 func (c *Collect) AccessReviewSpecs(overrideNS string) []authorizationv1.SelfSubjectAccessReviewSpec {