From e78d01baccddd1835453023334b0cda8e486d7b5 Mon Sep 17 00:00:00 2001 From: Pankaj Patil Date: Mon, 17 May 2021 21:31:15 +0530 Subject: [PATCH] incorporate review comments --- Makefile | 4 ++-- pkg/http-server/file-scan.go | 2 +- pkg/http-server/health.go | 2 +- pkg/http-server/remote-repo.go | 2 +- pkg/http-server/webhook-scan-logs.go | 2 +- pkg/http-server/webhook-scan.go | 2 +- ...alidating-webhook.sh => e2e-admission-control.sh} | 0 test/e2e/validatingwebhook/certgen.go | 2 +- test/e2e/validatingwebhook/kubeclient.go | 8 ++------ .../e2e/validatingwebhook/validating_webhook_test.go | 12 ++++++------ .../e2e/validatingwebhook/validatingwebhook_utils.go | 2 ++ 11 files changed, 18 insertions(+), 20 deletions(-) rename scripts/{e2e-validating-webhook.sh => e2e-admission-control.sh} (100%) diff --git a/Makefile b/Makefile index 9863b25a1..f2eb0807e 100644 --- a/Makefile +++ b/Makefile @@ -92,8 +92,8 @@ e2e-tests: build ./scripts/run-e2e.sh # run e2e validating webhook -e2e-validating-webhook: build - ./scripts/e2e-validating-webhook.sh +e2e-admission-control-tests: build + ./scripts/e2e-admission-control.sh # install kind install-kind: diff --git a/pkg/http-server/file-scan.go b/pkg/http-server/file-scan.go index d9a6a4f19..3e041e04a 100644 --- a/pkg/http-server/file-scan.go +++ b/pkg/http-server/file-scan.go @@ -35,7 +35,7 @@ import ( // scanFile accepts uploaded file and runs scan on it func (g *APIHandler) scanFile(w http.ResponseWriter, r *http.Request) { - zap.S().Info("handle: file scan request") + zap.S().Debug("handle: file scan request") // get url params params := mux.Vars(r) diff --git a/pkg/http-server/health.go b/pkg/http-server/health.go index d9231d6fa..6040fb05a 100644 --- a/pkg/http-server/health.go +++ b/pkg/http-server/health.go @@ -24,6 +24,6 @@ import ( // Health returns the health of the http server func (g *APIHandler) Health(w http.ResponseWriter, r *http.Request) { - zap.S().Info("handle: health check request") + zap.S().Debug("handle: health check request") w.WriteHeader(http.StatusOK) } diff --git a/pkg/http-server/remote-repo.go b/pkg/http-server/remote-repo.go index 5734da2b9..a07946c3c 100644 --- a/pkg/http-server/remote-repo.go +++ b/pkg/http-server/remote-repo.go @@ -50,7 +50,7 @@ type scanRemoteRepoReq struct { // scanRemoteRepo downloads the remote Iac repository and scans it for // violations func (g *APIHandler) scanRemoteRepo(w http.ResponseWriter, r *http.Request) { - zap.S().Info("handle: remote repository scan request") + zap.S().Debug("handle: remote repository scan request") // get url params params := mux.Vars(r) diff --git a/pkg/http-server/webhook-scan-logs.go b/pkg/http-server/webhook-scan-logs.go index c6fecf0d5..082a01421 100644 --- a/pkg/http-server/webhook-scan-logs.go +++ b/pkg/http-server/webhook-scan-logs.go @@ -69,7 +69,7 @@ type webhookDisplayedShowLog struct { } func (g *APIHandler) getLogs(w http.ResponseWriter, r *http.Request) { - zap.S().Info("handle: validating webhook's get logs request") + zap.S().Debug("handle: validating webhook's get logs request") if !config.GetK8sAdmissionControl().Dashboard { apiErrorResponse(w, ErrDashboardDisabled.Error(), http.StatusBadRequest) diff --git a/pkg/http-server/webhook-scan.go b/pkg/http-server/webhook-scan.go index a3c55ea8d..49a26dbab 100644 --- a/pkg/http-server/webhook-scan.go +++ b/pkg/http-server/webhook-scan.go @@ -31,7 +31,7 @@ import ( // validateK8SWebhook handles the incoming validating admission webhook from kubernetes API server func (g *APIHandler) validateK8SWebhook(w http.ResponseWriter, r *http.Request) { - zap.S().Info("handle: validating webhook request") + zap.S().Debug("handle: validating webhook request") var ( params = mux.Vars(r) diff --git a/scripts/e2e-validating-webhook.sh b/scripts/e2e-admission-control.sh similarity index 100% rename from scripts/e2e-validating-webhook.sh rename to scripts/e2e-admission-control.sh diff --git a/test/e2e/validatingwebhook/certgen.go b/test/e2e/validatingwebhook/certgen.go index 83d7723f8..f1f6343ec 100644 --- a/test/e2e/validatingwebhook/certgen.go +++ b/test/e2e/validatingwebhook/certgen.go @@ -50,7 +50,7 @@ func GenerateCertificates(certFilePath, privateKeyPath string) error { template := x509.Certificate{ SerialNumber: big.NewInt(1), Subject: pkix.Name{ - Organization: []string{"Accurics"}, + Organization: []string{"acme.org"}, Country: []string{"IN"}, }, IPAddresses: []net.IP{ipAddr}, diff --git a/test/e2e/validatingwebhook/kubeclient.go b/test/e2e/validatingwebhook/kubeclient.go index c9a5add00..938fdd808 100644 --- a/test/e2e/validatingwebhook/kubeclient.go +++ b/test/e2e/validatingwebhook/kubeclient.go @@ -57,7 +57,6 @@ func NewKubernetesClient() (*KubernetesClient, error) { func (k *KubernetesClient) getK8sClient() (*kubernetes.Clientset, error) { home, err := homedir.Dir() if err != nil { - fmt.Println("home directory not found", err) return nil, fmt.Errorf("home directory not found, error: %s", err.Error()) } @@ -110,7 +109,6 @@ func (k *KubernetesClient) CreateValidatingWebhookConfiguration(webhookFile, cer createdWebhookConfig, err := admr.ValidatingWebhookConfigurations().Create(context.TODO(), &webhooks, metav1.CreateOptions{}) if err != nil { - fmt.Println(err) return nil, err } return createdWebhookConfig, nil @@ -137,10 +135,9 @@ func (k *KubernetesClient) CreatePod(resourceFile string) (*v1.Pod, error) { createdPod, err := k.client.CoreV1().Pods(namespace).Create(context.TODO(), &pod, metav1.CreateOptions{}) if err != nil { - fmt.Println(err) return nil, err } - return createdPod, err + return createdPod, nil } // DeletePod will delete the specified pod name @@ -164,10 +161,9 @@ func (k *KubernetesClient) CreateService(resourceFile string) (*v1.Service, erro createdService, err := k.client.CoreV1().Services(namespace).Create(context.TODO(), &service, metav1.CreateOptions{}) if err != nil { - fmt.Println(err) return nil, err } - return createdService, err + return createdService, nil } // DeleteService will delete the specified service name diff --git a/test/e2e/validatingwebhook/validating_webhook_test.go b/test/e2e/validatingwebhook/validating_webhook_test.go index d1e13e546..ed34b02b8 100644 --- a/test/e2e/validatingwebhook/validating_webhook_test.go +++ b/test/e2e/validatingwebhook/validating_webhook_test.go @@ -127,7 +127,7 @@ var _ = Describe("ValidatingWebhook", func() { Expect(err).NotTo(HaveOccurred()) os.Setenv(k8sWebhookAPIKey, apiKeyValue) - args := []string{"server", "-c", configFileName, "--cert-path", certFileAbsPath, "--key-path", privKeyFileAbsPath} + args := []string{"server", "-c", configFileName, "--cert-path", certFileAbsPath, "--key-path", privKeyFileAbsPath, "-l", "debug"} session = helper.RunCommand(terrascanBinaryPath, outWriter, errWriter, args...) Eventually(session.Err, defaultTimeout).Should(gbytes.Say("http server listening at port 9010")) }) @@ -176,7 +176,7 @@ var _ = Describe("ValidatingWebhook", func() { Expect(err).NotTo(HaveOccurred()) os.Setenv(k8sWebhookAPIKey, apiKeyValue) - args := []string{"server", "-c", configFileName, "--cert-path", certFileAbsPath, "--key-path", privKeyFileAbsPath, "-p", port} + args := []string{"server", "-c", configFileName, "--cert-path", certFileAbsPath, "--key-path", privKeyFileAbsPath, "-p", port, "-l", "debug"} session = helper.RunCommand(terrascanBinaryPath, outWriter, errWriter, args...) Eventually(session.Err, defaultTimeout).Should(gbytes.Say("http server listening at port 9011")) }) @@ -225,7 +225,7 @@ var _ = Describe("ValidatingWebhook", func() { Expect(err).NotTo(HaveOccurred()) os.Setenv(k8sWebhookAPIKey, apiKeyValue) - args := []string{"server", "-c", configFileName, "--cert-path", certFileAbsPath, "--key-path", privKeyFileAbsPath, "-p", port} + args := []string{"server", "-c", configFileName, "--cert-path", certFileAbsPath, "--key-path", privKeyFileAbsPath, "-p", port, "-l", "debug"} session = helper.RunCommand(terrascanBinaryPath, outWriter, errWriter, args...) Eventually(session.Err, defaultTimeout).Should(gbytes.Say("http server listening at port 9012")) }) @@ -272,7 +272,7 @@ var _ = Describe("ValidatingWebhook", func() { Expect(err).NotTo(HaveOccurred()) os.Setenv(k8sWebhookAPIKey, apiKeyValue) - args := []string{"server", "-c", configFileName, "--cert-path", certFileAbsPath, "--key-path", privKeyFileAbsPath, "-p", port} + args := []string{"server", "-c", configFileName, "--cert-path", certFileAbsPath, "--key-path", privKeyFileAbsPath, "-p", port, "-l", "debug"} session = helper.RunCommand(terrascanBinaryPath, outWriter, errWriter, args...) Eventually(session.Err, defaultTimeout).Should(gbytes.Say("http server listening at port 9013")) }) @@ -321,7 +321,7 @@ var _ = Describe("ValidatingWebhook", func() { Expect(err).NotTo(HaveOccurred()) os.Setenv(k8sWebhookAPIKey, apiKeyValue) - args := []string{"server", "-c", configFileName, "--cert-path", certFileAbsPath, "--key-path", privKeyFileAbsPath, "-p", port} + args := []string{"server", "-c", configFileName, "--cert-path", certFileAbsPath, "--key-path", privKeyFileAbsPath, "-p", port, "-l", "debug"} session = helper.RunCommand(terrascanBinaryPath, outWriter, errWriter, args...) Eventually(session.Err, defaultTimeout).Should(gbytes.Say("http server listening at port 9014")) }) @@ -368,7 +368,7 @@ var _ = Describe("ValidatingWebhook", func() { Expect(err).NotTo(HaveOccurred()) os.Setenv(k8sWebhookAPIKey, apiKeyValue) - args := []string{"server", "-c", configFileName, "--cert-path", certFileAbsPath, "--key-path", privKeyFileAbsPath, "-p", port} + args := []string{"server", "-c", configFileName, "--cert-path", certFileAbsPath, "--key-path", privKeyFileAbsPath, "-p", port, "-l", "debug"} session = helper.RunCommand(terrascanBinaryPath, outWriter, errWriter, args...) Eventually(session.Err, defaultTimeout).Should(gbytes.Say("http server listening at port 9015")) }) diff --git a/test/e2e/validatingwebhook/validatingwebhook_utils.go b/test/e2e/validatingwebhook/validatingwebhook_utils.go index 37ba40331..7769a2dcc 100644 --- a/test/e2e/validatingwebhook/validatingwebhook_utils.go +++ b/test/e2e/validatingwebhook/validatingwebhook_utils.go @@ -88,6 +88,7 @@ func CreateCertificate(certsFolder, certFileName, privKeyFileName string) (strin // DeleteDefaultKindCluster deletes the default kind cluster func DeleteDefaultKindCluster() error { cmd := exec.Command("kind", "delete", "cluster") + cmd.Stderr = os.Stderr err := cmd.Run() if err != nil { return err @@ -98,6 +99,7 @@ func DeleteDefaultKindCluster() error { // CreateDefaultKindCluster creates the default kind cluster func CreateDefaultKindCluster() error { cmd := exec.Command("kind", "create", "cluster") + cmd.Stderr = os.Stderr err := cmd.Run() if err != nil { return err