-
Notifications
You must be signed in to change notification settings - Fork 46
/
scanner.go
131 lines (115 loc) · 5.92 KB
/
scanner.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
// Copyright The Karpor Authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package scanner
import (
"net/http"
"strconv"
"github.com/KusionStack/karpor/pkg/core/entity"
"github.com/KusionStack/karpor/pkg/core/handler"
"github.com/KusionStack/karpor/pkg/core/manager/insight"
_ "github.com/KusionStack/karpor/pkg/infra/scanner"
"github.com/KusionStack/karpor/pkg/util/ctxutil"
"github.com/go-chi/render"
)
// Audit handles the auditing process based on the specified resource group.
//
// @Summary Audit based on resource group.
// @Description This endpoint audits based on the specified resource group.
// @Tags insight
// @Produce json
// @Param cluster query string false "The specified cluster name, such as 'example-cluster'"
// @Param apiVersion query string false "The specified apiVersion, such as 'apps/v1'"
// @Param kind query string false "The specified kind, such as 'Deployment'"
// @Param namespace query string false "The specified namespace, such as 'default'"
// @Param name query string false "The specified resource name, such as 'foo'"
// @Param forceNew query bool false "Switch for forced scanning, default is 'false'"
// @Success 200 {object} AuditData "Audit results"
// @Failure 400 {string} string "Bad Request"
// @Failure 401 {string} string "Unauthorized"
// @Failure 429 {string} string "Too Many Requests"
// @Failure 404 {string} string "Not Found"
// @Failure 500 {string} string "Internal Server Error"
// @Router /rest-api/v1/insight/audit [get]
func Audit(insight *insight.InsightManager) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
// Extract the context and logger from the request.
ctx := r.Context()
log := ctxutil.GetLogger(ctx)
// Begin the auditing process, logging the start.
log.Info("Starting audit with specified resourceGroup in handler ...")
// Decode the query parameters into the resourceGroup.
resourceGroup, err := entity.NewResourceGroupFromQuery(r)
if err != nil {
render.Render(w, r, handler.FailureResponse(ctx, err))
return
}
forceNew, _ := strconv.ParseBool(r.URL.Query().Get("forceNew"))
// Log successful decoding of the request body.
log.Info("Successfully decoded the query parameters to resourceGroup", "resourceGroup", resourceGroup)
// Perform the audit using the manager and the provided manifest.
scanResult, err := insight.Audit(ctx, resourceGroup, forceNew)
if err != nil {
render.Render(w, r, handler.FailureResponse(ctx, err))
return
}
data := convertScanResultToAuditData(scanResult)
render.JSON(w, r, handler.SuccessResponse(ctx, data))
}
}
// Score returns an HTTP handler function that calculates a score for the
// audited manifest. It utilizes an AuditManager to compute the score based
// on detected issues.
//
// @Summary ScoreHandler calculates a score for the audited manifest.
// @Description This endpoint calculates a score for the provided manifest based on the number and severity of issues detected during the audit.
// @Tags insight
// @Produce json
// @Param cluster query string false "The specified cluster name, such as 'example-cluster'"
// @Param apiVersion query string false "The specified apiVersion, such as 'apps/v1'"
// @Param kind query string false "The specified kind, such as 'Deployment'"
// @Param namespace query string false "The specified namespace, such as 'default'"
// @Param name query string false "The specified resource name, such as 'foo'"
// @Param forceNew query bool false "Switch for forced compute score, default is 'false'"
// @Success 200 {object} insight.ScoreData "Score calculation result"
// @Failure 400 {string} string "Bad Request"
// @Failure 401 {string} string "Unauthorized"
// @Failure 429 {string} string "Too Many Requests"
// @Failure 404 {string} string "Not Found"
// @Failure 500 {string} string "Internal Server Error"
// @Router /rest-api/v1/insight/score [get]
func Score(insightMgr *insight.InsightManager) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
// Extract the context and logger from the request.
ctx := r.Context()
log := ctxutil.GetLogger(ctx)
// Begin the auditing process, logging the start.
log.Info("Starting calculate score with specified resourceGroup in handler...")
// Decode the query parameters into the resourceGroup.
resourceGroup, err := entity.NewResourceGroupFromQuery(r)
if err != nil {
render.Render(w, r, handler.FailureResponse(ctx, err))
return
}
forceNew, _ := strconv.ParseBool(r.URL.Query().Get("forceNew"))
// Log successful decoding of the request body.
log.Info("Successfully decoded the query parameters to resourceGroup", "resourceGroup", resourceGroup)
// Calculate score using the audit issues.
data, err := insightMgr.Score(ctx, resourceGroup, forceNew)
if err != nil {
render.Render(w, r, handler.FailureResponse(ctx, err))
return
}
render.JSON(w, r, handler.SuccessResponse(ctx, data))
}
}