Skip to content

Commit

Permalink
support ephemeral containers (#97)
Browse files Browse the repository at this point in the history 
Signed-off-by: Amir Malka <amirm@armosec.io>
  • Loading branch information
@amirmalka
amirmalka committed Apr 5, 2024
1 parent 2c2ff2d commit beb10a4
Show file tree
Hide file tree
Showing 17 changed files with 1,530 additions and 2 deletions.
63 changes: 63 additions & 0 deletions instanceidhandler/v1/ephemeralcontainerinstance/helpers.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
package ephemeralcontainerinstance

import (
"fmt"

"github.com/kubescape/k8s-interface/instanceidhandler/v1/helpers"
core1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)

func validateInstanceID(instanceID *InstanceID) error {
if instanceID.GetAPIVersion() == "" {
return fmt.Errorf("invalid instanceID: apiVersion cannot be empty")
}
if instanceID.GetNamespace() == "" {
return fmt.Errorf("invalid instanceID: namespace cannot be empty")
}
if instanceID.GetKind() == "" {
return fmt.Errorf("invalid instanceID: kind cannot be empty")
}
if instanceID.GetName() == "" {
return fmt.Errorf("invalid instanceID: name cannot be empty")
}
if instanceID.GetContainerName() == "" {
return fmt.Errorf("invalid instanceID: containerName cannot be empty")
}
return nil
}

func listInstanceIDs(ownerReferences []metav1.OwnerReference, ephemeralContainers []core1.EphemeralContainer, apiVersion, namespace, kind, name string) ([]InstanceID, error) {

if len(ephemeralContainers) == 0 {
return []InstanceID{}, nil // ephemeral containers are optional
}

instanceIDs := make([]InstanceID, 0)

parentApiVersion, parentKind, parentName := apiVersion, kind, name

if len(ownerReferences) != 0 && !helpers.IgnoreOwnerReference(ownerReferences[0].Kind) {
parentApiVersion = ownerReferences[0].APIVersion
parentKind = ownerReferences[0].Kind
parentName = ownerReferences[0].Name
}

for i := range ephemeralContainers {
instanceID := &InstanceID{
apiVersion: parentApiVersion,
namespace: namespace,
kind: parentKind,
name: parentName,
ephemeralContainerName: ephemeralContainers[i].Name,
}

if err := validateInstanceID(instanceID); err != nil {
return nil, fmt.Errorf("failed to validate instance ID: %w", err)
}

instanceIDs = append(instanceIDs, *instanceID)
}

return instanceIDs, nil
}

0 comments on commit beb10a4

Please sign in to comment.