Merge pull request #85 from kubescape/naming-convention

remove hash and ns from name
kubescape · Dec 24, 2023 · 5cfe320 · 5cfe320
2 parents 2855cc9 + 42a436a
commit 5cfe320
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 117 deletions.
diff --git a/instanceidhandler/v1/instanceidhandler.go b/instanceidhandler/v1/instanceidhandler.go
@@ -132,5 +132,5 @@ func (id *InstanceID) GetLabels() map[string]string {
 }
 
 func (id *InstanceID) GetSlug() (string, error) {
-	return names.InstanceIDToSlug(id.GetName(), id.GetNamespace(), id.GetKind(), id.GetHashed())
+	return names.InstanceIDToSlug(id.GetName(), id.GetKind(), id.GetHashed())
 }
diff --git a/instanceidhandler/v1/instanceidhandler_test.go b/instanceidhandler/v1/instanceidhandler_test.go
@@ -164,7 +164,7 @@ func TestInstanceIDToDisplayName(t *testing.T) {
 				name:          "reverse-proxy",
 				containerName: "nginx",
 			},
-			want:    "default-pod-reverse-proxy-2f07-68bd",
+			want:    "pod-reverse-proxy",
 			wantErr: nil,
 		},
 		{
@@ -176,7 +176,7 @@ func TestInstanceIDToDisplayName(t *testing.T) {
 				name:          "webapp",
 				containerName: "leader",
 			},
-			want:    "default-service-webapp-cca3-8ea7",
+			want:    "service-webapp",
 			wantErr: nil,
 		},
 		{

diff --git a/names/slugs.go b/names/slugs.go
@@ -12,10 +12,10 @@ import (
 
 const (
 	// instanceIDSlugHashlessFormat is a format of the Instance ID slug string without hash-based identifiers
-	instanceIDSlugHashlessFormat = "%s-%s-%s"
+	instanceIDSlugHashlessFormat = "%s-%s"
 	// instanceIDSlugFormat is a format of the slug string:
 	// "hashlessFormat + hashLeading + hashTrailing"
-	slugFormat     = "%s-%s-%s"
+	slugFormat     = "%s-%s"
 	slugHashLength = 4
 	// slugHashesLength is a length of the hash-based identifiers (-xxxx-xxxx) in the slug string
 	slugHashesLength        = slugHashLength*2 + 2
@@ -136,26 +136,23 @@ func sanitizeImage(image string) string {
 }
 
 // sanitizeInstanceIDSlug returns a sanitized instance ID slug
-func sanitizeInstanceIDSlug(instanceIDSlug string) string {
-	if len(instanceIDSlug) > 243 {
-		return instanceIDSlug[:243]
-	} else {
+func sanitizeInstanceIDSlug(instanceIDSlug, hashedID string) string {
+	if len(instanceIDSlug) < maxHashlessStringLength {
 		return instanceIDSlug
 	}
+	leadingDigest, trailingDigest := hashedID[:slugHashLength], hashedID[len(hashedID)-slugHashLength:]
+	return fmt.Sprintf("%s-%s-%s", instanceIDSlug[:maxHashlessStringLength], leadingDigest, trailingDigest)
 
 }
 
 // InstanceIDToSlug retuns a human-friendly representation given a description of an instance ID
 //
 // If the given inputs would produce an invalid slug, it returns an appropriate error
-func InstanceIDToSlug(name, namespace, kind, hashedID string) (string, error) {
-	leadingDigest, trailingDigest := hashedID[:slugHashLength], hashedID[len(hashedID)-slugHashLength:]
+func InstanceIDToSlug(name, kind, hashedID string) (string, error) {
 
-	hashlessInstanceIDSlug := fmt.Sprintf(instanceIDSlugHashlessFormat, namespace, kind, name)
-	hashlessInstanceIDSlug = sanitizeInstanceIDSlug(hashlessInstanceIDSlug)
+	slug := sanitizeInstanceIDSlug(fmt.Sprintf(instanceIDSlugHashlessFormat, kind, name), hashedID)
 
 	var err error
-	slug, err := fmt.Sprintf(slugFormat, hashlessInstanceIDSlug, leadingDigest, trailingDigest), nil
 	slug = strings.ToLower(slug)
 
 	if !IsValidSlug(slug) {
@@ -186,21 +183,6 @@ func ImageInfoToSlug(image, imageHash string) (string, error) {
 	return slug, err
 }
 
-func GetNamespaceLessSlug(slug, namespace string) (string, error) {
-	if !IsValidSlug(slug) {
-		return "", ErrInvalidSlug
-	}
-	namespaceLessSlug := strings.TrimPrefix(slug, namespace+"-")
-	if slug == namespaceLessSlug {
-		return "", ErrInvalidSlug
-	}
-	if !IsValidSlug(namespaceLessSlug) {
-		return "", ErrInvalidSlug
-	}
-
-	return namespaceLessSlug, nil
-}
-
 func SanitizeLabelValues(labels map[string]string) {
 	for k, v := range labels {
 		labels[k] = ToValidLabelValue(v)
@@ -211,22 +193,17 @@ func SanitizeLabelValues(labels map[string]string) {
 //
 // If the given inputs would produce an invalid slug, it returns an appropriate error
 func StringToSlug(str string) (string, error) {
-	// hash the string, take the first and last 4 characters of the hash
-	hashBytes := sha256.Sum256([]byte(str))
-	hashStr := hex.EncodeToString(hashBytes[:])
-	leadingDigest, trailingDigest := hashStr[:slugHashLength], hashStr[len(hashStr)-slugHashLength:]
 
 	// sanitize the string to be DNS Subdomain compatible
 	sanitizedStr, err := ToValidDNSSubdomainName(str)
 	if err != nil {
 		return "", err
 	}
 
-	if len(sanitizedStr) >= maxHashlessStringLength {
-		sanitizedStr = sanitizedStr[:maxHashlessStringLength]
-	}
+	hashBytes := sha256.Sum256([]byte(str))
+	hashStr := hex.EncodeToString(hashBytes[:])
+	slug := sanitizeInstanceIDSlug(sanitizedStr, hashStr)
 
-	slug := fmt.Sprintf(slugFormat, sanitizedStr, leadingDigest, trailingDigest)
 	slug = strings.ToLower(slug)
 
 	if !IsValidSlug(slug) {
@@ -237,7 +214,7 @@ func StringToSlug(str string) (string, error) {
 }
 
 func resourceToFormattedString(resource workloadinterface.IMetadata) string {
-	return fmt.Sprintf("%s-%s-%s-%s", resource.GetApiVersion(), resource.GetKind(), resource.GetNamespace(), resource.GetName())
+	return fmt.Sprintf("%s-%s", resource.GetKind(), resource.GetName())
 }
 
 // ResourceToSlug returns a human-friendly representation for a given resource

diff --git a/names/slugs_test.go b/names/slugs_test.go
@@ -134,7 +134,7 @@ func TestInstanceIDToFriendlyName(t *testing.T) {
 			inputKind:      "Pod",
 			inputName:      "reverse-proxy",
 			inputHashedID:  "1ba506b28f9ee9c7e8a0c98840fe5a1fe21142d225ecc526fbb535d0d6344aaf",
-			want:           "default-pod-reverse-proxy-1ba5-4aaf",
+			want:           "pod-reverse-proxy",
 			wantErr:        nil,
 		},
 		{
@@ -143,16 +143,16 @@ func TestInstanceIDToFriendlyName(t *testing.T) {
 			inputKind:      "Service",
 			inputName:      "webapp",
 			inputHashedID:  "1ba506b28f9ee9c7e8a0c98840fe5a1fe21142d225ecc526fbb535d0d6344aaf",
-			want:           "default-service-webapp-1ba5-4aaf",
+			want:           "service-webapp",
 			wantErr:        nil,
 		},
 		{
 			name:           "instanceID that produces overflowing slugs gets truncated to limit",
-			inputNamespace: "0123456789",
-			inputKind:      "0123456789",
-			inputName:      "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaab",
+			inputNamespace: "default",
+			inputKind:      "Service",
+			inputName:      "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaab",
 			inputHashedID:  "1ba506b28f9ee9c7e8a0c98840fe5a1fe21142d225ecc526fbb535d0d6344aaf",
-			want:           "0123456789-0123456789-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-1ba5-4aaf",
+			want:           "service-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-1ba5-4aaf",
 			wantErr:        nil,
 		},
 		{
@@ -168,7 +168,7 @@ func TestInstanceIDToFriendlyName(t *testing.T) {
 
 	for _, tc := range tt {
 		t.Run(tc.name, func(t *testing.T) {
-			got, err := InstanceIDToSlug(tc.inputName, tc.inputNamespace, tc.inputKind, tc.inputHashedID)
+			got, err := InstanceIDToSlug(tc.inputName, tc.inputKind, tc.inputHashedID)
 
 			assert.Equal(t, tc.want, got)
 			assert.ErrorIs(t, err, tc.wantErr)
@@ -328,73 +328,6 @@ func TestIsValidDSNLabelName(t *testing.T) {
 	}
 }
 
-func TestGetNamespaceLessSlug(t *testing.T) {
-	tt := []struct {
-		inputName string
-		want      string
-		namespace string
-	}{
-		{
-			inputName: "default-replicaset-nginx-77b4fdf86c-6e03-a89e",
-			want:      "replicaset-nginx-77b4fdf86c-6e03-a89e",
-			namespace: "default",
-		},
-		{
-			inputName: "kubescape-statefulset-kollector-c1be-77d8",
-			want:      "statefulset-kollector-c1be-77d8",
-			namespace: "kubescape",
-		},
-		{
-			inputName: "kubescape-replicaset-kubevuln-7d894c4494-3b54-2a81",
-			want:      "replicaset-kubevuln-7d894c4494-3b54-2a81",
-			namespace: "kubescape",
-		},
-		{
-			inputName: "kubescape-replicaset-otel-collector-5674d77b9f-3eeb-8ca1",
-			want:      "replicaset-otel-collector-5674d77b9f-3eeb-8ca1",
-			namespace: "kubescape",
-		},
-		{
-			inputName: "kube-system-daemonset-kube-proxy-4e8b-ad45",
-			want:      "daemonset-kube-proxy-4e8b-ad45",
-			namespace: "kube-system",
-		},
-		{
-			inputName: "kubescape-replicaset-gateway-6d4fddc958-54db-85c8",
-			want:      "replicaset-gateway-6d4fddc958-54db-85c8",
-			namespace: "kubescape",
-		},
-	}
-
-	ttError := []struct {
-		inputName string
-		namespace string
-	}{
-		{
-			inputName: "kubescape-replicaset-gateway-6d4fddc958-54db-85c8",
-			namespace: "notexistone",
-		},
-		{
-			inputName: "notValidSlug",
-		},
-	}
-
-	for _, tc := range tt {
-		t.Run(tc.inputName, func(t *testing.T) {
-			got, err := GetNamespaceLessSlug(tc.inputName, tc.namespace)
-			assert.Equal(t, err, nil)
-			assert.Equal(t, tc.want, got)
-		})
-	}
-
-	for _, tc := range ttError {
-		t.Run(tc.inputName, func(t *testing.T) {
-			_, err := GetNamespaceLessSlug(tc.inputName, tc.namespace)
-			assert.NotEqual(t, err, nil)
-		})
-	}
-}
-
 func TestIsValidLabelValue(t *testing.T) {
 	tests := []struct {
 		value    string
@@ -534,7 +467,7 @@ func TestStringToSlug(t *testing.T) {
 		{
 			name:     "short input",
 			input:    "n:ginx-xyz1.2.34",
-			expected: "n-ginx-xyz1.2.34-8020-7297",
+			expected: "n-ginx-xyz1.2.34",
 			err:      nil,
 		},
 		{
@@ -603,7 +536,7 @@ func TestResourceToSlug(t *testing.T) {
 				Namespace:  "default",
 				Name:       "mypod",
 			},
-			expected: "v1-pod-default-mypod-b5fd-df1b",
+			expected: "pod-mypod",
 		},
 		{
 			resource: &FakeMetadata{
@@ -612,7 +545,7 @@ func TestResourceToSlug(t *testing.T) {
 				Namespace:  "",
 				Name:       "mypod",
 			},
-			expected: "pod--mypod-8282-f27b",
+			expected: "pod-mypod",
 		},
 	}
 
@@ -652,7 +585,7 @@ func TestRoleBindingResourceToSlug(t *testing.T) {
 				Name:      "myrolebinding",
 				Namespace: "namespace-2",
 			},
-			expected: "serviceaccount-kubescape-sa-2--role-namespace-1-myrole--rolebinding-namespace-2-myrolebinding-eacf-57fc",
+			expected: "serviceaccount-sa-2-role-myrole-rolebinding-myrolebinding",
 		},
 		{
 			name: "with related objects (cluster role, cluster rolebinding)",
@@ -669,7 +602,7 @@ func TestRoleBindingResourceToSlug(t *testing.T) {
 				Kind: "ClusterRoleBinding",
 				Name: "myrolebinding",
 			},
-			expected: "serviceaccount-kubescape-sa-1--clusterrole--myrole--clusterrolebinding--myrolebinding-af38-ce0e",
+			expected: "serviceaccount-sa-1-clusterrole-myrole-clusterrolebinding-myrolebinding",
 		},
 	}