refactor: Move constants to starboard package (#477)

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>

itest/helper/doc.go

@@ -0,0 +1,2 @@
+// The helper package provides builders to instantiate Kubernetes objects used in integration tests.
+package helper

itest/helper/helper.go

@@ -5,6 +5,7 @@ import (
 
 	"github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1"
 	"github.com/aquasecurity/starboard/pkg/kube"
+	"github.com/aquasecurity/starboard/pkg/starboard"
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -161,10 +162,10 @@ func (b *VulnerabilityReportBuilder) Build() *v1alpha1.VulnerabilityReport {
 			Name:      b.name,
 			Namespace: b.namespace,
 			Labels: map[string]string{
-				kube.LabelContainerName:     "nginx", // TODO Make it configurable
-				kube.LabelResourceKind:      string(b.ownerKind),
-				kube.LabelResourceName:      b.ownerName,
-				kube.LabelResourceNamespace: b.namespace,
+				starboard.LabelContainerName:     "nginx", // TODO Make it configurable
+				starboard.LabelResourceKind:      string(b.ownerKind),
+				starboard.LabelResourceName:      b.ownerName,
+				starboard.LabelResourceNamespace: b.namespace,
 			},
 		},
 		Report: v1alpha1.VulnerabilityScanResult{

itest/matcher/matcher.go

@@ -7,7 +7,6 @@ import (
 	"fmt"
 
 	"github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1"
-	"github.com/aquasecurity/starboard/pkg/kube"
 	"github.com/aquasecurity/starboard/pkg/starboard"
 	"github.com/onsi/gomega/types"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -61,10 +60,10 @@ func (m *vulnerabilityReportMatcher) Match(actual interface{}) (bool, error) {
 	matcher := MatchFields(IgnoreExtras, Fields{
 		"ObjectMeta": MatchFields(IgnoreExtras, Fields{
 			"Labels": MatchAllKeys(Keys{
-				kube.LabelContainerName:     Equal(m.containerName),
-				kube.LabelResourceKind:      Equal(gvk.Kind),
-				kube.LabelResourceName:      Equal(m.owner.GetName()),
-				kube.LabelResourceNamespace: Equal(m.owner.GetNamespace()),
+				starboard.LabelContainerName:     Equal(m.containerName),
+				starboard.LabelResourceKind:      Equal(gvk.Kind),
+				starboard.LabelResourceName:      Equal(m.owner.GetName()),
+				starboard.LabelResourceNamespace: Equal(m.owner.GetNamespace()),
 			}),
 			"OwnerReferences": ConsistOf(metav1.OwnerReference{
 				APIVersion:         gvk.GroupVersion().Identifier(),
@@ -129,9 +128,9 @@ func (m *configAuditReportMatcher) Match(actual interface{}) (bool, error) {
 	matcher := MatchFields(IgnoreExtras, Fields{
 		"ObjectMeta": MatchFields(IgnoreExtras, Fields{
 			"Labels": MatchAllKeys(Keys{
-				kube.LabelResourceKind:      Equal(gvk.Kind),
-				kube.LabelResourceName:      Equal(m.owner.GetName()),
-				kube.LabelResourceNamespace: Equal(m.owner.GetNamespace()),
+				starboard.LabelResourceKind:      Equal(gvk.Kind),
+				starboard.LabelResourceName:      Equal(m.owner.GetName()),
+				starboard.LabelResourceNamespace: Equal(m.owner.GetNamespace()),
 			}),
 			"OwnerReferences": ConsistOf(metav1.OwnerReference{
 				APIVersion:         gvk.GroupVersion().Identifier(),

itest/matcher/matcher_test.go

@@ -7,7 +7,7 @@ import (
 
 	"github.com/aquasecurity/starboard/itest/matcher"
 	"github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1"
-	"github.com/aquasecurity/starboard/pkg/kube"
+	"github.com/aquasecurity/starboard/pkg/starboard"
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -37,10 +37,10 @@ func TestVulnerabilityReportMatcher(t *testing.T) {
 				Name:      "pod-nginx-pod-nginx-container",
 				Namespace: "default",
 				Labels: map[string]string{
-					kube.LabelContainerName:     "nginx-container",
-					kube.LabelResourceKind:      "Pod",
-					kube.LabelResourceName:      "nginx-pod",
-					kube.LabelResourceNamespace: "default",
+					starboard.LabelContainerName:     "nginx-container",
+					starboard.LabelResourceKind:      "Pod",
+					starboard.LabelResourceName:      "nginx-pod",
+					starboard.LabelResourceNamespace: "default",
 				},
 				OwnerReferences: []metav1.OwnerReference{
 					{
@@ -90,9 +90,9 @@ func TestConfigAuditReportMatcher(t *testing.T) {
 				Name:      "replicaset-nginx-6d4cf56db6",
 				Namespace: "default",
 				Labels: map[string]string{
-					kube.LabelResourceKind:      "ReplicaSet",
-					kube.LabelResourceName:      "nginx-6d4cf56db6",
-					kube.LabelResourceNamespace: "default",
+					starboard.LabelResourceKind:      "ReplicaSet",
+					starboard.LabelResourceName:      "nginx-6d4cf56db6",
+					starboard.LabelResourceNamespace: "default",
 				},
 				OwnerReferences: []metav1.OwnerReference{
 					{

itest/starboard-operator/starboard_operator_test.go

@@ -11,6 +11,7 @@ import (
 	"github.com/aquasecurity/starboard/itest/helper"
 	"github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1"
 	"github.com/aquasecurity/starboard/pkg/kube"
+	"github.com/aquasecurity/starboard/pkg/starboard"
 	appsv1 "k8s.io/api/apps/v1"
 	batchv1 "k8s.io/api/batch/v1"
 	batchv1beta1 "k8s.io/api/batch/v1beta1"
@@ -230,9 +231,9 @@ func HasVulnerabilityReportOwnedBy(obj client.Object) func() (bool, error) {
 		}
 		var reportList v1alpha1.VulnerabilityReportList
 		err = kubeClient.List(context.Background(), &reportList, client.MatchingLabels{
-			kube.LabelResourceKind:      gvk.Kind,
-			kube.LabelResourceName:      obj.GetName(),
-			kube.LabelResourceNamespace: obj.GetNamespace(),
+			starboard.LabelResourceKind:      gvk.Kind,
+			starboard.LabelResourceName:      obj.GetName(),
+			starboard.LabelResourceNamespace: obj.GetNamespace(),
 		})
 		if err != nil {
 			return false, err
@@ -249,9 +250,9 @@ func HasConfigAuditReportOwnedBy(obj client.Object) func() (bool, error) {
 		}
 		var reportsList v1alpha1.ConfigAuditReportList
 		err = kubeClient.List(context.Background(), &reportsList, client.MatchingLabels{
-			kube.LabelResourceKind:      gvk.Kind,
-			kube.LabelResourceName:      obj.GetName(),
-			kube.LabelResourceNamespace: obj.GetNamespace(),
+			starboard.LabelResourceKind:      gvk.Kind,
+			starboard.LabelResourceName:      obj.GetName(),
+			starboard.LabelResourceNamespace: obj.GetNamespace(),
 		})
 		if err != nil {
 			return false, err

itest/starboard/starboard_cli_test.go

@@ -161,7 +161,7 @@ var _ = Describe("Starboard CLI", func() {
 
 		groupByContainerName := func(element interface{}) string {
 			return element.(v1alpha1.VulnerabilityReport).
-				Labels[kube.LabelContainerName]
+				Labels[starboard.LabelContainerName]
 		}
 
 		Context("when unmanaged Pod is specified as workload", func() {
@@ -188,9 +188,9 @@ var _ = Describe("Starboard CLI", func() {
 
 				var reportList v1alpha1.VulnerabilityReportList
 				err = kubeClient.List(context.TODO(), &reportList, client.MatchingLabels{
-					kube.LabelResourceKind:      string(kube.KindPod),
-					kube.LabelResourceName:      pod.Name,
-					kube.LabelResourceNamespace: pod.Namespace,
+					starboard.LabelResourceKind:      string(kube.KindPod),
+					starboard.LabelResourceName:      pod.Name,
+					starboard.LabelResourceNamespace: pod.Namespace,
 				})
 
 				Expect(err).ToNot(HaveOccurred())
@@ -231,9 +231,9 @@ var _ = Describe("Starboard CLI", func() {
 
 				var reportList v1alpha1.VulnerabilityReportList
 				err = kubeClient.List(context.TODO(), &reportList, client.MatchingLabels{
-					kube.LabelResourceKind:      string(kube.KindPod),
-					kube.LabelResourceName:      pod.Name,
-					kube.LabelResourceNamespace: pod.Namespace,
+					starboard.LabelResourceKind:      string(kube.KindPod),
+					starboard.LabelResourceName:      pod.Name,
+					starboard.LabelResourceNamespace: pod.Namespace,
 				})
 				Expect(err).ToNot(HaveOccurred())
 				Expect(reportList.Items).To(MatchAllElements(groupByContainerName, Elements{
@@ -290,9 +290,9 @@ var _ = Describe("Starboard CLI", func() {
 
 				var reportList v1alpha1.VulnerabilityReportList
 				err = kubeClient.List(context.TODO(), &reportList, client.MatchingLabels{
-					kube.LabelResourceKind:      string(kube.KindPod),
-					kube.LabelResourceName:      pod.Name,
-					kube.LabelResourceNamespace: pod.Namespace,
+					starboard.LabelResourceKind:      string(kube.KindPod),
+					starboard.LabelResourceName:      pod.Name,
+					starboard.LabelResourceNamespace: pod.Namespace,
 				})
 				Expect(err).ToNot(HaveOccurred())
 				Expect(reportList.Items).To(MatchAllElements(groupByContainerName, Elements{
@@ -358,9 +358,9 @@ var _ = Describe("Starboard CLI", func() {
 
 				var reportList v1alpha1.VulnerabilityReportList
 				err = kubeClient.List(context.TODO(), &reportList, client.MatchingLabels{
-					kube.LabelResourceKind:      string(kube.KindReplicaSet),
-					kube.LabelResourceName:      rs.Name,
-					kube.LabelResourceNamespace: rs.Namespace,
+					starboard.LabelResourceKind:      string(kube.KindReplicaSet),
+					starboard.LabelResourceName:      rs.Name,
+					starboard.LabelResourceNamespace: rs.Namespace,
 				})
 
 				Expect(err).ToNot(HaveOccurred())
@@ -424,9 +424,9 @@ var _ = Describe("Starboard CLI", func() {
 
 				var reportList v1alpha1.VulnerabilityReportList
 				err = kubeClient.List(context.TODO(), &reportList, client.MatchingLabels{
-					kube.LabelResourceKind:      string(kube.KindReplicationController),
-					kube.LabelResourceName:      rc.Name,
-					kube.LabelResourceNamespace: rc.Namespace,
+					starboard.LabelResourceKind:      string(kube.KindReplicationController),
+					starboard.LabelResourceName:      rc.Name,
+					starboard.LabelResourceNamespace: rc.Namespace,
 				})
 				Expect(err).ToNot(HaveOccurred())
 				Expect(reportList.Items).To(MatchAllElements(groupByContainerName, Elements{
@@ -465,9 +465,9 @@ var _ = Describe("Starboard CLI", func() {
 
 				var reportList v1alpha1.VulnerabilityReportList
 				err = kubeClient.List(context.TODO(), &reportList, client.MatchingLabels{
-					kube.LabelResourceKind:      string(kube.KindDeployment),
-					kube.LabelResourceName:      deploy.Name,
-					kube.LabelResourceNamespace: deploy.Namespace,
+					starboard.LabelResourceKind:      string(kube.KindDeployment),
+					starboard.LabelResourceName:      deploy.Name,
+					starboard.LabelResourceNamespace: deploy.Namespace,
 				})
 				Expect(err).ToNot(HaveOccurred())
 				Expect(reportList.Items).To(MatchAllElements(groupByContainerName, Elements{
@@ -531,9 +531,9 @@ var _ = Describe("Starboard CLI", func() {
 
 				var reportList v1alpha1.VulnerabilityReportList
 				err = kubeClient.List(context.TODO(), &reportList, client.MatchingLabels{
-					kube.LabelResourceKind:      string(kube.KindStatefulSet),
-					kube.LabelResourceName:      sts.Name,
-					kube.LabelResourceNamespace: sts.Namespace,
+					starboard.LabelResourceKind:      string(kube.KindStatefulSet),
+					starboard.LabelResourceName:      sts.Name,
+					starboard.LabelResourceNamespace: sts.Namespace,
 				})
 				Expect(err).ToNot(HaveOccurred())
 				Expect(reportList.Items).To(MatchAllElements(groupByContainerName, Elements{
@@ -596,9 +596,9 @@ var _ = Describe("Starboard CLI", func() {
 
 				var reportList v1alpha1.VulnerabilityReportList
 				err = kubeClient.List(context.TODO(), &reportList, client.MatchingLabels{
-					kube.LabelResourceKind:      string(kube.KindDaemonSet),
-					kube.LabelResourceName:      ds.Name,
-					kube.LabelResourceNamespace: ds.Namespace,
+					starboard.LabelResourceKind:      string(kube.KindDaemonSet),
+					starboard.LabelResourceName:      ds.Name,
+					starboard.LabelResourceNamespace: ds.Namespace,
 				})
 				Expect(err).ToNot(HaveOccurred())
 				Expect(reportList.Items).To(MatchAllElements(groupByContainerName, Elements{
@@ -834,7 +834,7 @@ var _ = Describe("Starboard CLI", func() {
 
 		groupByWorkloadName := func(element interface{}) string {
 			return element.(v1alpha1.ConfigAuditReport).
-				Labels[kube.LabelResourceName]
+				Labels[starboard.LabelResourceName]
 		}
 
 		Context("when unmanaged Pod is specified as workload", func() {
@@ -863,9 +863,9 @@ var _ = Describe("Starboard CLI", func() {
 
 				var reportList v1alpha1.ConfigAuditReportList
 				err = kubeClient.List(ctx, &reportList, client.MatchingLabels{
-					kube.LabelResourceKind:      string(kube.KindPod),
-					kube.LabelResourceName:      pod.Name,
-					kube.LabelResourceNamespace: pod.Namespace,
+					starboard.LabelResourceKind:      string(kube.KindPod),
+					starboard.LabelResourceName:      pod.Name,
+					starboard.LabelResourceNamespace: pod.Namespace,
 				})
 				Expect(err).ToNot(HaveOccurred())
 
@@ -908,9 +908,9 @@ var _ = Describe("Starboard CLI", func() {
 
 				var reportList v1alpha1.ConfigAuditReportList
 				err = kubeClient.List(ctx, &reportList, client.MatchingLabels{
-					kube.LabelResourceKind:      string(kube.KindPod),
-					kube.LabelResourceName:      pod.Name,
-					kube.LabelResourceNamespace: pod.Namespace,
+					starboard.LabelResourceKind:      string(kube.KindPod),
+					starboard.LabelResourceName:      pod.Name,
+					starboard.LabelResourceNamespace: pod.Namespace,
 				})
 				Expect(err).ToNot(HaveOccurred())
 
@@ -978,9 +978,9 @@ var _ = Describe("Starboard CLI", func() {
 				var reportList v1alpha1.ConfigAuditReportList
 
 				err = kubeClient.List(ctx, &reportList, client.MatchingLabels{
-					kube.LabelResourceKind:      string(kube.KindCronJob),
-					kube.LabelResourceName:      cronJob.Name,
-					kube.LabelResourceNamespace: cronJob.Namespace,
+					starboard.LabelResourceKind:      string(kube.KindCronJob),
+					starboard.LabelResourceName:      cronJob.Name,
+					starboard.LabelResourceNamespace: cronJob.Namespace,
 				})
 				Expect(err).ToNot(HaveOccurred())
 				Expect(reportList.Items).To(MatchAllElements(groupByWorkloadName, Elements{
@@ -1019,8 +1019,8 @@ var _ = Describe("Starboard CLI", func() {
 				Expect(report).To(MatchFields(IgnoreExtras, Fields{
 					"ObjectMeta": MatchFields(IgnoreExtras, Fields{
 						"Labels": MatchAllKeys(Keys{
-							kube.LabelResourceKind: Equal("Node"),
-							kube.LabelResourceName: Equal(node.Name),
+							starboard.LabelResourceKind: Equal("Node"),
+							starboard.LabelResourceName: Equal(node.Name),
 						}),
 						"OwnerReferences": ConsistOf(metav1.OwnerReference{
 							APIVersion:         "v1",
@@ -1074,8 +1074,8 @@ var _ = Describe("Starboard CLI", func() {
 			err = kubeClient.Get(context.TODO(), types.NamespacedName{Name: "cluster"}, &report)
 			Expect(err).ToNot(HaveOccurred())
 			Expect(report.Labels).To(MatchAllKeys(Keys{
-				kube.LabelResourceKind: Equal("Cluster"),
-				kube.LabelResourceName: Equal("cluster"),
+				starboard.LabelResourceKind: Equal("Cluster"),
+				starboard.LabelResourceName: Equal("cluster"),
 			}))
 		})
 	})

pkg/configauditreport/builder.go

@@ -6,6 +6,7 @@ import (
 
 	"github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1"
 	"github.com/aquasecurity/starboard/pkg/kube"
+	"github.com/aquasecurity/starboard/pkg/starboard"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
@@ -69,17 +70,17 @@ func (b *builder) Get() (v1alpha1.ConfigAuditReport, error) {
 	}
 
 	labels := map[string]string{
-		kube.LabelResourceKind:      kind,
-		kube.LabelResourceName:      b.controller.GetName(),
-		kube.LabelResourceNamespace: b.controller.GetNamespace(),
+		starboard.LabelResourceKind:      kind,
+		starboard.LabelResourceName:      b.controller.GetName(),
+		starboard.LabelResourceNamespace: b.controller.GetNamespace(),
 	}
 
 	if b.hash != "" {
-		labels[kube.LabelPodSpecHash] = b.hash
+		labels[starboard.LabelPodSpecHash] = b.hash
 	}
 
 	if b.configHash != "" {
-		labels[kube.LabelPluginConfigHash] = b.configHash
+		labels[starboard.LabelPluginConfigHash] = b.configHash
 	}
 
 	reportName, err := b.reportName()

pkg/configauditreport/io.go

@@ -6,6 +6,7 @@ import (
 
 	"github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1"
 	"github.com/aquasecurity/starboard/pkg/kube"
+	"github.com/aquasecurity/starboard/pkg/starboard"
 	"k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/types"
 	"sigs.k8s.io/controller-runtime/pkg/client"
@@ -76,9 +77,9 @@ func (r *readWriter) FindByOwner(ctx context.Context, owner kube.Object) (*v1alp
 	var list v1alpha1.ConfigAuditReportList
 
 	err := r.List(ctx, &list, client.MatchingLabels{
-		kube.LabelResourceKind:      string(owner.Kind),
-		kube.LabelResourceNamespace: owner.Namespace,
-		kube.LabelResourceName:      owner.Name,
+		starboard.LabelResourceKind:      string(owner.Kind),
+		starboard.LabelResourceNamespace: owner.Namespace,
+		starboard.LabelResourceName:      owner.Name,
 	}, client.InNamespace(owner.Namespace))
 	if err != nil {
 		return nil, err