Enhanced K8s API erver triggers filtering (#1351)

docs/configuration/configuring-sinks.rst

@@ -28,7 +28,6 @@ Integrate as many sinks as you like.
 
 .. _sink-matchers:
 
-
 Routing Alerts to Only One Sink
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
@@ -50,6 +49,7 @@ The sinks evaluation order, is the order defined in ``generated_values.yaml``.
             - namespace: production
         stop: true
 
+.. _sink-scope-matching:
 
 Routing Alerts To Specific Sinks
 ***************************************

docs/playbook-reference/triggers/kubernetes.rst

@@ -329,3 +329,42 @@ Most Kubernetes triggers support the following filters:
 * ``name_prefix``
 * ``namespace_prefix``
 * ``labels_selector`` - e.g. ``label1=value1,label2=value2``. If multiple labels is provided, all must match.
+
+Additionally, Kubernetes triggers support a ``scope`` filtering mechanism that works almost
+exactly like the ``scope`` mechanism for sinks (see :ref:`sink-scope-matching` for more
+information). The only difference is that for triggers, there is an additional option
+available for the ``include``/``exclude`` sections, ``attributes``, that makes it possible
+to filter on *any* attribute inside the YAML representation of the resource. An example
+of use of this functionality:
+
+.. code-block:: yaml
+
+    customPlaybooks:
+    - name: "FilteredPodCreation"
+      triggers:
+        - on_pod_create:
+            scope:
+              include:
+                - name:
+                  - my-pod.*
+                  - other
+                  namespace: ns1
+                  labels:
+                    - "foo=bar, boo=xx.*"
+                    - "foo=xx, boo=xx.*"
+                  attributes:
+                    - "status.phase=Pending, status.qosClass=BestEffort, metadata.resourceVersion != 123"
+                    - "spec.restartPolicy=OnFailure"
+                  annotations:
+                    - "foo=bar, boo=xx.*"
+                    - "foo=xx, boo=xx.*"
+              exclude:
+                - name:
+                  - woof.*
+
+Note that ``attributes`` matching only allows exact equality and inequality. The left-hand side
+of each of ``attributes`` filters is a path to select appropriate node in the document. It
+supports typical constructs like following nested attributes using the ``.`` operator, or
+selecting n-th element of a list using the ``[n]`` operator. In fact the language used to
+describe paths is much more versatile, as the implementation uses ``jsonpath-ng`` under
+the hood. You can read more about it `here <https://pypi.org/project/jsonpath-ng/>`_.

pyproject.toml

@@ -70,6 +70,7 @@ prometrix = "0.1.16"
 hikaru-model-26 = "^1.1.1"
 apprise = "^1.5.0"
 rocketchat-api = "^1.30.0"
+pydash = "8.0.0"
 
 [tool.poetry.dev-dependencies]
 pre-commit = "^2.13.0"

scripts/generate_kubernetes_code.py

@@ -1,6 +1,7 @@
 import argparse
 import os
 import textwrap
+from itertools import chain
 from typing import TextIO
 
 KUBERNETES_VERSIONS = ["v1"]
@@ -39,7 +40,7 @@
     "Deployment": "RobustaDeployment",
     "Job": "RobustaJob",
 }
-CUSTOM_SUBCLASSES_NAMES_STR = ",".join(CUSTOM_SUBCLASSES.values())
+CUSTOM_SUBCLASSES_NAMES_STR = ", ".join(CUSTOM_SUBCLASSES.values())
 
 COMMON_PREFIX = """# This file was autogenerated. Do not edit.\n\n"""
 
@@ -48,7 +49,9 @@
     "Rollout",
 ]
 
-CUSTOM_RESOURCES_NAMES_STR = ",".join(CUSTOM_RESOURCES)
+CUSTOM_RESOURCES_NAMES_STR = ", ".join(CUSTOM_RESOURCES)
+
+CUSTOM_MODELS_IMPORTS = ", ".join(sorted(chain(CUSTOM_SUBCLASSES.values(), CUSTOM_RESOURCES)))
 
 
 def get_model_class(k8s_resource_name: str) -> str:
@@ -76,7 +79,7 @@ def autogenerate_events(f: TextIO):
         from ....core.reporting.base import FindingSubject
         from ....core.reporting.consts import FindingSubjectType, FindingSource
         from ....core.reporting.finding_subjects import KubeObjFindingSubject
-        from  robusta.integrations.kubernetes.custom_models import {CUSTOM_SUBCLASSES_NAMES_STR},{CUSTOM_RESOURCES_NAMES_STR}
+        from  robusta.integrations.kubernetes.custom_models import {CUSTOM_MODELS_IMPORTS}
         """
         )
     )
@@ -305,7 +308,7 @@ def autogenerate_models(f: TextIO, version: str):
         textwrap.dedent(
             f"""\
         from hikaru.model.rel_1_26.{version} import *
-        from robusta.integrations.kubernetes.custom_models import {CUSTOM_SUBCLASSES_NAMES_STR},{CUSTOM_RESOURCES_NAMES_STR}
+        from robusta.integrations.kubernetes.custom_models import {CUSTOM_MODELS_IMPORTS}
 
 
         """
@@ -362,6 +365,7 @@ def autogenerate_triggers(f: TextIO):
         from robusta.integrations.kubernetes.base_triggers import K8sBaseTrigger
         from robusta.core.model.k8s_operation_type import K8sOperationType
         from robusta.integrations.kubernetes.autogenerated.events import *
+        from robusta.utils.scope import ScopeParams
 
 
         """
@@ -382,6 +386,7 @@ def __init__(
                     namespace_prefix: str = None,
                     labels_selector: str = None,
                     change_filters: Dict[str, List[str]] = None,
+                    scope: ScopeParams = None
                 ):
                     super().__init__(
                         kind=\"{resource}\",
@@ -390,6 +395,7 @@ def __init__(
                         namespace_prefix=namespace_prefix,
                         labels_selector=labels_selector,
                         change_filters=change_filters,
+                        scope=scope,
                     )
 
                 @staticmethod
@@ -413,13 +419,16 @@ def get_execution_event_type() -> type:
             textwrap.dedent(
                 f"""\
         class KubernetesAny{get_trigger_class_name(trigger_name)}Trigger(K8sBaseTrigger):
-            def __init__(self, name_prefix: str = None, namespace_prefix: str = None, labels_selector: str = None):
+            def __init__(
+                self, name_prefix: str = None, namespace_prefix: str = None, labels_selector: str = None, scope: ScopeParams = None
+            ):
                 super().__init__(
                     kind=\"Any\",
                     operation={operation_type},
                     name_prefix=name_prefix,
                     namespace_prefix=namespace_prefix,
                     labels_selector=labels_selector,
+                    scope=scope,
                 )
 
             @staticmethod

src/robusta/api/__init__.py

@@ -157,7 +157,7 @@
     ScanReportBlock,
     ScanReportRow,
     TableBlock,
-    VideoLink
+    VideoLink,
 )
 
 from robusta.core.reporting.base import EnrichmentType

src/robusta/core/reporting/__init__.py

@@ -1,8 +1,8 @@
 from robusta.core.reporting.base import (
     BaseBlock,
     Emojis,
-    Enrichment,
     Filterable,
+    Enrichment,
     Finding,
     FindingSeverity,
     FindingSource,
@@ -40,8 +40,8 @@
     "VideoLink",
     "FindingSource",
     "Enrichment",
-    "FindingSubjectType",
     "Filterable",
+    "FindingSubjectType",
     "FindingSubject",
     "Finding",
     "MarkdownBlock",