refactor: kubehunter package (#330)

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>

pkg/cmd/scan_kubehunter.go

@@ -3,11 +3,9 @@ package cmd
 import (
 	"context"
 
-	"github.com/aquasecurity/starboard/pkg/starboard"
-
-	starboardapi "github.com/aquasecurity/starboard/pkg/generated/clientset/versioned"
+	"github.com/aquasecurity/starboard/pkg/generated/clientset/versioned"
 	"github.com/aquasecurity/starboard/pkg/kubehunter"
-	"github.com/aquasecurity/starboard/pkg/kubehunter/crd"
+	"github.com/aquasecurity/starboard/pkg/starboard"
 	"github.com/spf13/cobra"
 	"k8s.io/cli-runtime/pkg/genericclioptions"
 	"k8s.io/client-go/kubernetes"
@@ -56,10 +54,10 @@ func ScanKubeHunterReports(cf *genericclioptions.ConfigFlags) func(cmd *cobra.Co
 		if err != nil {
 			return err
 		}
-		starboardClientset, err := starboardapi.NewForConfig(kubeConfig)
+		starboardClientset, err := versioned.NewForConfig(kubeConfig)
 		if err != nil {
 			return err
 		}
-		return crd.NewWriter(starboardClientset).Write(ctx, report, kubeHunterReportName)
+		return kubehunter.NewWriter(starboardClientset).Write(ctx, report, kubeHunterReportName)
 	}
 }

pkg/kubehunter/writer.go

@@ -2,10 +2,53 @@ package kubehunter
 
 import (
 	"context"
+	"errors"
+	"strings"
 
-	starboard "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1"
+	"github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1"
+	"github.com/aquasecurity/starboard/pkg/generated/clientset/versioned"
+	"github.com/aquasecurity/starboard/pkg/kube"
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
 type Writer interface {
-	Write(ctx context.Context, report starboard.KubeHunterOutput, cluster string) error
+	Write(ctx context.Context, report v1alpha1.KubeHunterOutput, cluster string) error
+}
+
+type writer struct {
+	clientset versioned.Interface
+}
+
+func NewWriter(clientset versioned.Interface) Writer {
+	return &writer{
+		clientset: clientset,
+	}
+}
+
+func (w *writer) Write(ctx context.Context, report v1alpha1.KubeHunterOutput, cluster string) error {
+	if strings.TrimSpace(cluster) == "" {
+		return errors.New("cluster name must not be blank")
+	}
+	_, err := w.clientset.AquasecurityV1alpha1().KubeHunterReports().Create(ctx, &v1alpha1.KubeHunterReport{
+		ObjectMeta: metav1.ObjectMeta{
+			Name: cluster,
+			Labels: map[string]string{
+				kube.LabelResourceKind: "Cluster",
+				kube.LabelResourceName: cluster,
+			},
+		},
+		Report: report,
+	}, metav1.CreateOptions{})
+	if err != nil && apierrors.IsAlreadyExists(err) {
+		found, err := w.clientset.AquasecurityV1alpha1().KubeHunterReports().Get(ctx, cluster, metav1.GetOptions{})
+		if err != nil {
+			return err
+		}
+		deepCopy := found.DeepCopy()
+		deepCopy.Report = report
+		_, err = w.clientset.AquasecurityV1alpha1().KubeHunterReports().Update(ctx, deepCopy, metav1.UpdateOptions{})
+		return err
+	}
+	return err
 }

pkg/kubehunter/writer_test.go

@@ -0,0 +1,103 @@
+package kubehunter_test
+
+import (
+	"context"
+	"testing"
+
+	"github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1"
+	"github.com/aquasecurity/starboard/pkg/generated/clientset/versioned/fake"
+	"github.com/aquasecurity/starboard/pkg/kube"
+	"github.com/aquasecurity/starboard/pkg/kubehunter"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+func TestWriter_Write(t *testing.T) {
+
+	t.Run("Should create KubeHunterReport", func(t *testing.T) {
+		clientset := fake.NewSimpleClientset()
+
+		writer := kubehunter.NewWriter(clientset)
+		err := writer.Write(context.TODO(), v1alpha1.KubeHunterOutput{
+			Summary: v1alpha1.KubeHunterSummary{
+				HighCount: 7,
+			},
+		}, "my-cluster")
+		require.NoError(t, err)
+
+		list, err := clientset.AquasecurityV1alpha1().KubeHunterReports().List(context.TODO(), metav1.ListOptions{})
+		require.NoError(t, err)
+
+		reports := map[string]v1alpha1.KubeHunterReport{}
+		for _, item := range list.Items {
+			reports[item.Name] = item
+		}
+		assert.Equal(t, map[string]v1alpha1.KubeHunterReport{
+			"my-cluster": {
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "my-cluster",
+					Labels: map[string]string{
+						kube.LabelResourceKind: "Cluster",
+						kube.LabelResourceName: "my-cluster",
+					},
+				},
+				Report: v1alpha1.KubeHunterOutput{
+					Summary: v1alpha1.KubeHunterSummary{
+						HighCount: 7,
+					},
+				},
+			},
+		}, reports)
+	})
+
+	t.Run("Should update KubeHunterReport", func(t *testing.T) {
+		clientset := fake.NewSimpleClientset(&v1alpha1.KubeHunterReport{
+			ObjectMeta: metav1.ObjectMeta{
+				Name: "my-cluster",
+				Labels: map[string]string{
+					kube.LabelResourceKind: "Cluster",
+					kube.LabelResourceName: "my-cluster",
+				},
+			},
+			Report: v1alpha1.KubeHunterOutput{
+				Summary: v1alpha1.KubeHunterSummary{
+					HighCount: 1,
+				},
+			},
+		})
+
+		writer := kubehunter.NewWriter(clientset)
+		err := writer.Write(context.TODO(), v1alpha1.KubeHunterOutput{
+			Summary: v1alpha1.KubeHunterSummary{
+				HighCount: 3,
+			},
+		}, "my-cluster")
+		require.NoError(t, err)
+
+		list, err := clientset.AquasecurityV1alpha1().KubeHunterReports().List(context.TODO(), metav1.ListOptions{})
+		require.NoError(t, err)
+
+		reports := map[string]v1alpha1.KubeHunterReport{}
+		for _, item := range list.Items {
+			reports[item.Name] = item
+		}
+		assert.Equal(t, map[string]v1alpha1.KubeHunterReport{
+			"my-cluster": {
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "my-cluster",
+					Labels: map[string]string{
+						kube.LabelResourceKind: "Cluster",
+						kube.LabelResourceName: "my-cluster",
+					},
+				},
+				Report: v1alpha1.KubeHunterOutput{
+					Summary: v1alpha1.KubeHunterSummary{
+						HighCount: 3,
+					},
+				},
+			},
+		}, reports)
+	})
+
+}