fix: rename informer endpoints and handlers to "namespaced"

This is in preparation for distinguishing informers between namespaces and cluster-level. This will allow us to significantly reduce the number of informers we create.

Author: ivanstanev

src/supervisor/watchers/handlers/cron-job.ts

@@ -9,14 +9,16 @@ import { WorkloadKind } from '../../types';
 import { FALSY_WORKLOAD_NAME_MARKER } from './types';
 import { IncomingMessage } from 'http';
 import { k8sApi } from '../../cluster';
-import { paginatedList } from './pagination';
+import { paginatedNamespacedList } from './pagination';
 import {
   deleteWorkloadAlreadyScanned,
   deleteWorkloadImagesAlreadyScanned,
   kubernetesObjectToWorkloadAlreadyScanned,
 } from '../../../state';
 
-export async function paginatedCronJobList(namespace: string): Promise<{
+export async function paginatedNamespacedCronJobList(
+  namespace: string,
+): Promise<{
   response: IncomingMessage;
   body: V1CronJobList;
 }> {
@@ -25,14 +27,16 @@ export async function paginatedCronJobList(namespace: string): Promise<{
   v1CronJobList.kind = 'CronJobList';
   v1CronJobList.items = new Array<V1CronJob>();
 
-  return await paginatedList(
+  return await paginatedNamespacedList(
     namespace,
     v1CronJobList,
     k8sApi.batchClient.listNamespacedCronJob.bind(k8sApi.batchClient),
   );
 }
 
-export async function paginatedCronJobV1Beta1List(namespace: string): Promise<{
+export async function paginatedNamespacedCronJobV1Beta1List(
+  namespace: string,
+): Promise<{
   response: IncomingMessage;
   body: V1beta1CronJobList;
 }> {
@@ -41,7 +45,7 @@ export async function paginatedCronJobV1Beta1List(namespace: string): Promise<{
   cronJobList.kind = 'CronJobList';
   cronJobList.items = new Array<V1beta1CronJob>();
 
-  return await paginatedList(
+  return await paginatedNamespacedList(
     namespace,
     cronJobList,
     k8sApi.batchUnstableClient.listNamespacedCronJob.bind(

src/supervisor/watchers/handlers/daemon-set.ts

@@ -4,14 +4,16 @@ import { WorkloadKind } from '../../types';
 import { FALSY_WORKLOAD_NAME_MARKER } from './types';
 import { IncomingMessage } from 'http';
 import { k8sApi } from '../../cluster';
-import { paginatedList } from './pagination';
+import { paginatedNamespacedList } from './pagination';
 import {
   deleteWorkloadAlreadyScanned,
   deleteWorkloadImagesAlreadyScanned,
   kubernetesObjectToWorkloadAlreadyScanned,
 } from '../../../state';
 
-export async function paginatedDaemonSetList(namespace: string): Promise<{
+export async function paginatedNamespacedDaemonSetList(
+  namespace: string,
+): Promise<{
   response: IncomingMessage;
   body: V1DaemonSetList;
 }> {
@@ -20,7 +22,7 @@ export async function paginatedDaemonSetList(namespace: string): Promise<{
   v1DaemonSetList.kind = 'DaemonSetList';
   v1DaemonSetList.items = new Array<V1DaemonSet>();
 
-  return await paginatedList(
+  return await paginatedNamespacedList(
     namespace,
     v1DaemonSetList,
     k8sApi.appsClient.listNamespacedDaemonSet.bind(k8sApi.appsClient),

src/supervisor/watchers/handlers/deployment-config.ts

@@ -6,15 +6,15 @@ import {
   V1DeploymentConfig,
   V1DeploymentConfigList,
 } from './types';
-import { paginatedList } from './pagination';
+import { paginatedNamespacedList } from './pagination';
 import { k8sApi } from '../../cluster';
 import {
   deleteWorkloadAlreadyScanned,
   deleteWorkloadImagesAlreadyScanned,
   kubernetesObjectToWorkloadAlreadyScanned,
 } from '../../../state';
 
-export async function paginatedDeploymentConfigList(
+export async function paginatedNamespacedDeploymentConfigList(
   namespace: string,
 ): Promise<{
   response: IncomingMessage;
@@ -25,7 +25,7 @@ export async function paginatedDeploymentConfigList(
   v1DeploymentConfigList.kind = 'DeploymentConfigList';
   v1DeploymentConfigList.items = new Array<V1DeploymentConfig>();
 
-  return await paginatedList(
+  return await paginatedNamespacedList(
     namespace,
     v1DeploymentConfigList,
     async (

src/supervisor/watchers/handlers/deployment.ts

@@ -4,14 +4,16 @@ import { WorkloadKind } from '../../types';
 import { FALSY_WORKLOAD_NAME_MARKER } from './types';
 import { IncomingMessage } from 'http';
 import { k8sApi } from '../../cluster';
-import { paginatedList } from './pagination';
+import { paginatedNamespacedList } from './pagination';
 import {
   deleteWorkloadAlreadyScanned,
   deleteWorkloadImagesAlreadyScanned,
   kubernetesObjectToWorkloadAlreadyScanned,
 } from '../../../state';
 
-export async function paginatedDeploymentList(namespace: string): Promise<{
+export async function paginatedNamespacedDeploymentList(
+  namespace: string,
+): Promise<{
   response: IncomingMessage;
   body: V1DeploymentList;
 }> {
@@ -20,7 +22,9 @@ export async function paginatedDeploymentList(namespace: string): Promise<{
   v1DeploymentList.kind = 'DeploymentList';
   v1DeploymentList.items = new Array<V1Deployment>();
 
-  return await paginatedList(
+  k8sApi.appsClient.listDeploymentForAllNamespaces();
+
+  return await paginatedNamespacedList(
     namespace,
     v1DeploymentList,
     k8sApi.appsClient.listNamespacedDeployment.bind(k8sApi.appsClient),

src/supervisor/watchers/handlers/index.ts

@@ -11,27 +11,40 @@ import {
 
 import { logger } from '../../../common/logger';
 import { WorkloadKind } from '../../types';
-import { podWatchHandler, podDeletedHandler, paginatedPodList } from './pod';
+import {
+  podWatchHandler,
+  podDeletedHandler,
+  paginatedNamespacedPodList,
+} from './pod';
 import {
   cronJobWatchHandler,
-  paginatedCronJobList,
-  paginatedCronJobV1Beta1List,
+  paginatedNamespacedCronJobList,
+  paginatedNamespacedCronJobV1Beta1List,
 } from './cron-job';
-import { daemonSetWatchHandler, paginatedDaemonSetList } from './daemon-set';
-import { deploymentWatchHandler, paginatedDeploymentList } from './deployment';
-import { jobWatchHandler, paginatedJobList } from './job';
-import { paginatedReplicaSetList, replicaSetWatchHandler } from './replica-set';
 import {
-  paginatedReplicationControllerList,
+  daemonSetWatchHandler,
+  paginatedNamespacedDaemonSetList,
+} from './daemon-set';
+import {
+  deploymentWatchHandler,
+  paginatedNamespacedDeploymentList,
+} from './deployment';
+import { jobWatchHandler, paginatedNamespacedJobList } from './job';
+import {
+  paginatedNamespacedReplicaSetList,
+  replicaSetWatchHandler,
+} from './replica-set';
+import {
+  paginatedNamespacedReplicationControllerList,
   replicationControllerWatchHandler,
 } from './replication-controller';
 import {
-  paginatedStatefulSetList,
+  paginatedNamespacedStatefulSetList,
   statefulSetWatchHandler,
 } from './stateful-set';
 import {
   deploymentConfigWatchHandler,
-  paginatedDeploymentConfigList,
+  paginatedNamespacedDeploymentConfigList,
 } from './deployment-config';
 import { k8sApi, kubeConfig } from '../../cluster';
 import * as kubernetesApiWrappers from '../../kuberenetes-api-wrappers';
@@ -58,97 +71,111 @@ import { RETRYABLE_NETWORK_ERRORS } from '../types';
  */
 const workloadWatchMetadata: Readonly<IWorkloadWatchMetadata> = {
   [WorkloadKind.Pod]: {
-    endpoint: '/api/v1/namespaces/{namespace}/pods',
+    namespacedEndpoint: '/api/v1/namespaces/{namespace}/pods',
     handlers: {
       [ADD]: podWatchHandler,
       [UPDATE]: podWatchHandler,
       [DELETE]: podDeletedHandler,
     },
-    listFactory: (namespace) => () => paginatedPodList(namespace),
+    namespacedListFactory: (namespace) => () =>
+      paginatedNamespacedPodList(namespace),
   },
   [WorkloadKind.ReplicationController]: {
-    endpoint: '/api/v1/watch/namespaces/{namespace}/replicationcontrollers',
+    namespacedEndpoint:
+      '/api/v1/watch/namespaces/{namespace}/replicationcontrollers',
     handlers: {
       [DELETE]: replicationControllerWatchHandler,
     },
-    listFactory: (namespace) => () =>
-      paginatedReplicationControllerList(namespace),
+    namespacedListFactory: (namespace) => () =>
+      paginatedNamespacedReplicationControllerList(namespace),
   },
   [WorkloadKind.CronJob]: {
-    endpoint: '/apis/batch/v1/watch/namespaces/{namespace}/cronjobs',
+    namespacedEndpoint: '/apis/batch/v1/watch/namespaces/{namespace}/cronjobs',
     handlers: {
       [DELETE]: cronJobWatchHandler,
     },
-    listFactory: (namespace) => () => paginatedCronJobList(namespace),
+    namespacedListFactory: (namespace) => () =>
+      paginatedNamespacedCronJobList(namespace),
   },
   [WorkloadKind.CronJobV1Beta1]: {
-    endpoint: '/apis/batch/v1beta1/watch/namespaces/{namespace}/cronjobs',
+    namespacedEndpoint:
+      '/apis/batch/v1beta1/watch/namespaces/{namespace}/cronjobs',
     handlers: {
       [DELETE]: cronJobWatchHandler,
     },
-    listFactory: (namespace) => () => paginatedCronJobV1Beta1List(namespace),
+    namespacedListFactory: (namespace) => () =>
+      paginatedNamespacedCronJobV1Beta1List(namespace),
   },
   [WorkloadKind.Job]: {
-    endpoint: '/apis/batch/v1/watch/namespaces/{namespace}/jobs',
+    namespacedEndpoint: '/apis/batch/v1/watch/namespaces/{namespace}/jobs',
     handlers: {
       [DELETE]: jobWatchHandler,
     },
-    listFactory: (namespace) => () => paginatedJobList(namespace),
+    namespacedListFactory: (namespace) => () =>
+      paginatedNamespacedJobList(namespace),
   },
   [WorkloadKind.DaemonSet]: {
-    endpoint: '/apis/apps/v1/watch/namespaces/{namespace}/daemonsets',
+    namespacedEndpoint: '/apis/apps/v1/watch/namespaces/{namespace}/daemonsets',
     handlers: {
       [DELETE]: daemonSetWatchHandler,
     },
-    listFactory: (namespace) => () => paginatedDaemonSetList(namespace),
+    namespacedListFactory: (namespace) => () =>
+      paginatedNamespacedDaemonSetList(namespace),
   },
   [WorkloadKind.Deployment]: {
-    endpoint: '/apis/apps/v1/watch/namespaces/{namespace}/deployments',
+    namespacedEndpoint:
+      '/apis/apps/v1/watch/namespaces/{namespace}/deployments',
     handlers: {
       [DELETE]: deploymentWatchHandler,
     },
-    listFactory: (namespace) => () => paginatedDeploymentList(namespace),
+    namespacedListFactory: (namespace) => () =>
+      paginatedNamespacedDeploymentList(namespace),
   },
   [WorkloadKind.ReplicaSet]: {
-    endpoint: '/apis/apps/v1/watch/namespaces/{namespace}/replicasets',
+    namespacedEndpoint:
+      '/apis/apps/v1/watch/namespaces/{namespace}/replicasets',
     handlers: {
       [DELETE]: replicaSetWatchHandler,
     },
-    listFactory: (namespace) => () => paginatedReplicaSetList(namespace),
+    namespacedListFactory: (namespace) => () =>
+      paginatedNamespacedReplicaSetList(namespace),
   },
   [WorkloadKind.StatefulSet]: {
-    endpoint: '/apis/apps/v1/watch/namespaces/{namespace}/statefulsets',
+    namespacedEndpoint:
+      '/apis/apps/v1/watch/namespaces/{namespace}/statefulsets',
     handlers: {
       [DELETE]: statefulSetWatchHandler,
     },
-    listFactory: (namespace) => () => paginatedStatefulSetList(namespace),
+    namespacedListFactory: (namespace) => () =>
+      paginatedNamespacedStatefulSetList(namespace),
   },
   [WorkloadKind.DeploymentConfig]: {
     /** https://docs.openshift.com/container-platform/4.7/rest_api/workloads_apis/deploymentconfig-apps-openshift-io-v1.html */
-    endpoint:
+    namespacedEndpoint:
       '/apis/apps.openshift.io/v1/watch/namespaces/{namespace}/deploymentconfigs',
     handlers: {
       [DELETE]: deploymentConfigWatchHandler,
     },
-    listFactory: (namespace) => () => paginatedDeploymentConfigList(namespace),
+    namespacedListFactory: (namespace) => () =>
+      paginatedNamespacedDeploymentConfigList(namespace),
   },
 };
 
-async function isSupportedWorkload(
+async function isSupportedNamespacedWorkload(
   namespace: string,
   workloadKind: WorkloadKind,
 ): Promise<boolean> {
   switch (workloadKind) {
     case WorkloadKind.DeploymentConfig:
-      return await isDeploymentConfigSupported(namespace);
+      return await isNamespacedDeploymentConfigSupported(namespace);
     case WorkloadKind.CronJobV1Beta1:
-      return await isCronJobVersionSupported(
+      return await isNamespacedCronJobSupported(
         workloadKind,
         namespace,
         k8sApi.batchUnstableClient,
       );
     case WorkloadKind.CronJob:
-      return await isCronJobVersionSupported(
+      return await isNamespacedCronJobSupported(
         workloadKind,
         namespace,
         k8sApi.batchClient,
@@ -158,7 +185,7 @@ async function isSupportedWorkload(
   }
 }
 
-async function isCronJobVersionSupported(
+async function isNamespacedCronJobSupported(
   workloadKind: WorkloadKind,
   namespace: string,
   client: BatchV1Api | BatchV1beta1Api,
@@ -204,7 +231,7 @@ async function isCronJobVersionSupported(
   }
 }
 
-async function isDeploymentConfigSupported(
+async function isNamespacedDeploymentConfigSupported(
   namespace: string,
 ): Promise<boolean> {
   try {
@@ -252,7 +279,10 @@ export async function setupInformer(
   workloadKind: WorkloadKind,
 ): Promise<void> {
   const logContext: Record<string, unknown> = { namespace, workloadKind };
-  const isSupported = await isSupportedWorkload(namespace, workloadKind);
+  const isSupported = await isSupportedNamespacedWorkload(
+    namespace,
+    workloadKind,
+  );
   if (!isSupported) {
     logger.debug(
       logContext,
@@ -262,12 +292,12 @@ export async function setupInformer(
   }
 
   const workloadMetadata = workloadWatchMetadata[workloadKind];
-  const namespacedEndpoint = workloadMetadata.endpoint.replace(
+  const namespacedEndpoint = workloadMetadata.namespacedEndpoint.replace(
     '{namespace}',
     namespace,
   );
 
-  const listMethod = workloadMetadata.listFactory(namespace);
+  const listMethod = workloadMetadata.namespacedListFactory(namespace);
   const loggedListMethod = async () => {
     try {
       return await kubernetesApiWrappers.retryKubernetesApiRequest(() =>

src/supervisor/watchers/handlers/job.ts

@@ -4,14 +4,14 @@ import { WorkloadKind } from '../../types';
 import { FALSY_WORKLOAD_NAME_MARKER } from './types';
 import { IncomingMessage } from 'http';
 import { k8sApi } from '../../cluster';
-import { paginatedList } from './pagination';
+import { paginatedNamespacedList } from './pagination';
 import {
   deleteWorkloadAlreadyScanned,
   deleteWorkloadImagesAlreadyScanned,
   kubernetesObjectToWorkloadAlreadyScanned,
 } from '../../../state';
 
-export async function paginatedJobList(namespace: string): Promise<{
+export async function paginatedNamespacedJobList(namespace: string): Promise<{
   response: IncomingMessage;
   body: V1JobList;
 }> {
@@ -20,7 +20,7 @@ export async function paginatedJobList(namespace: string): Promise<{
   v1JobList.kind = 'JobList';
   v1JobList.items = new Array<V1Job>();
 
-  return await paginatedList(
+  return await paginatedNamespacedList(
     namespace,
     v1JobList,
     k8sApi.batchClient.listNamespacedJob.bind(k8sApi.batchClient),

src/supervisor/watchers/handlers/pagination.ts

@@ -17,7 +17,7 @@ const PAGE_SIZE = 100;
  * The workloads collected are additionally trimmed to contain only the relevant data for vulnerability analysis.
  * The combination of both listing and trimming ensures we reduce our memory footprint and prevent overloading the API server.
  */
-export async function paginatedList<
+export async function paginatedNamespacedList<
   T extends KubernetesObject & Partial<{ status: unknown; spec: unknown }>,
 >(
   namespace: string,