use patch instead of update + remove logs + validate empty labels

Signed-off-by: rcohen <rcohen@armosec.io>
kubescape · Mar 27, 2023 · b1e056e · b1e056e
1 parent 5077882
commit b1e056e
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 5 deletions.
diff --git a/pkg/conthandler/container_main_handler.go b/pkg/conthandler/container_main_handler.go
@@ -205,13 +205,12 @@ func (ch *ContainerHandler) handleContainerRunningEvent(contEvent v1.ContainerEv
 }
 
 func (ch *ContainerHandler) handleContainerTerminatedEvent(contEvent v1.ContainerEventData) error {
-	watchedContainer, exist := ch.watchedContainers.Load(contEvent.GetContainerID())
-	if exist {
+	watchedContainer, _ := ch.watchedContainers.Load(contEvent.GetContainerID())
+	if watchedContainer != nil {
 		data, ok := watchedContainer.(watchedContainerData)
 		if !ok {
 			return fmt.Errorf("failed to stop container ID %s", contEvent.GetContainerID())
 		}
-		logger.L().Info("container has terminated - stop monitor it", []helpers.IDetails{helpers.String("ContainerID", contEvent.GetContainerID()), helpers.String("Container name", data.event.GetContainerName()), helpers.String("k8s workload", data.event.GetK8SWorkloadID())}...)
 		data.syncChannel[StepEventAggregator] <- containerHasTerminatedError
 	}
 	return nil

diff --git a/pkg/sbom/v1/sbom_spdx_storage_format.go b/pkg/sbom/v1/sbom_spdx_storage_format.go
@@ -129,7 +129,13 @@ func (sbom *SBOMData) StoreFilteredSBOMName(name string) {
 }
 
 func (sbom *SBOMData) StoreMetadata(instanceID instanceidhandler.IInstanceID) {
-	sbom.filteredSpdxData.ObjectMeta.SetLabels(instanceID.GetLabels())
+	labels := instanceID.GetLabels()
+	for i := range labels {
+		if labels[i] == "" {
+			delete(labels, i)
+		}
+	}
+	sbom.filteredSpdxData.ObjectMeta.SetLabels(labels)
 }
 
 func (sc *SBOMData) AddResourceVersionIfNeeded(resourceVersion string) {

diff --git a/pkg/storageclient/storage_client.go b/pkg/storageclient/storage_client.go
@@ -2,13 +2,15 @@ package storageclient
 
 import (
 	gcontext "context"
+	"encoding/json"
 	"fmt"
 	"os"
 	"sync"
 	"time"
 
 	apimachineryerrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/watch"
 	"k8s.io/client-go/rest"
 	"k8s.io/client-go/tools/clientcmd"
@@ -136,17 +138,23 @@ func (sc *StorageK8SAggregatedAPIClient) GetData(key string) (any, error) {
 	}
 	return SBOM, nil
 }
+
 func (sc *StorageK8SAggregatedAPIClient) PutData(key string, data any) error {
 	SBOM, ok := data.(*spdxv1beta1.SBOMSPDXv2p3Filtered)
 	if !ok {
 		return fmt.Errorf("failed to update SBOM: SBOM is not in the right form")
 	}
-	_, err := sc.clientset.SpdxV1beta1().SBOMSPDXv2p3Filtereds(KubescapeNamespace).Update(gcontext.TODO(), SBOM, metav1.UpdateOptions{})
+	bytes, err := json.Marshal(SBOM)
+	if err != nil {
+		return err
+	}
+	_, err = sc.clientset.SpdxV1beta1().SBOMSPDXv2p3Filtereds(KubescapeNamespace).Patch(gcontext.TODO(), key, types.StrategicMergePatchType, bytes, metav1.PatchOptions{})
 	if err != nil {
 		return err
 	}
 	return nil
 }
+
 func (sc *StorageK8SAggregatedAPIClient) PostData(key string, data any) error {
 	SBOM, ok := data.(*spdxv1beta1.SBOMSPDXv2p3Filtered)
 	if !ok {
@@ -159,6 +167,7 @@ func (sc *StorageK8SAggregatedAPIClient) PostData(key string, data any) error {
 	SBOM.ObjectMeta = retSBOM.ObjectMeta
 	return nil
 }
+
 func (sc *StorageK8SAggregatedAPIClient) GetResourceVersion(key string) string {
 	SBOM, err := sc.clientset.SpdxV1beta1().SBOMSPDXv2p3Filtereds(KubescapeNamespace).Get(gcontext.TODO(), key, metav1.GetOptions{})
 	if err != nil {