🐛 Fix platform IDs for operator manifests (#2834)

* 🐛 Fix platform IDs for operator manifests Fixes #2818 Signed-off-by: Christian Zunker <[email protected]>
mondoohq · Dec 14, 2023 · 4c4583f · 4c4583f
1 parent b600c70
commit 4c4583f
Show file tree

Hide file tree

Showing 4 changed files with 1,575 additions and 6 deletions.
diff --git a/providers/k8s/connection/manifest/connection.go b/providers/k8s/connection/manifest/connection.go
@@ -81,12 +81,6 @@ func NewConnection(id uint32, asset *inventory.Asset, opts ...Option) (shared.Co
 		asset.Name = clusterName
 	}
 
-	platformId, err := c.AssetId()
-	if err != nil {
-		return nil, err
-	}
-	asset.PlatformIds = []string{platformId}
-
 	c.ManifestParser, err = shared.NewManifestParser(manifest, c.namespace, "")
 	if err != nil {
 		return nil, err

diff --git a/providers/k8s/connection/manifest/connection_test.go b/providers/k8s/connection/manifest/connection_test.go
@@ -103,3 +103,188 @@ func TestManifestDiscovery(t *testing.T) {
 	require.NoError(t, err)
 	require.Len(t, inv.Spec.Assets, 1)
 }
+
+func TestOperatorManifest(t *testing.T) {
+	path := "./testdata/mondoo-operator-manifests.yaml"
+
+	runtime := K8s()
+	rootAsset := &inventory.Asset{
+		Connections: []*inventory.Config{{
+			Type: "k8s",
+			Options: map[string]string{
+				shared.OPTION_MANIFEST: path,
+			},
+			Discover: &inventory.Discovery{
+				Targets: []string{"auto"},
+			},
+		}},
+	}
+	conn, err := manifest.NewConnection(0, rootAsset, manifest.WithManifestFile(path))
+	require.NoError(t, err)
+
+	err = runtime.Connect(&plugin.ConnectReq{
+		Asset: rootAsset,
+	})
+	require.NoError(t, err)
+
+	pluginRuntime := &plugin.Runtime{
+		Connection:     conn,
+		HasRecording:   false,
+		CreateResource: resources.CreateResource,
+	}
+	inv, err := resources.Discover(pluginRuntime)
+	require.NoError(t, err)
+	require.Len(t, inv.Spec.Assets, 2)
+
+	require.Len(t, inv.Spec.Assets[1].PlatformIds, 1)
+
+	for i := range inv.Spec.Assets {
+		asset := inv.Spec.Assets[i]
+		err = runtime.Connect(&plugin.ConnectReq{
+			Asset: asset,
+		})
+		require.NoError(t, err)
+		require.NotEmpty(t, asset.PlatformIds[0])
+	}
+	require.NotEqual(t, inv.Spec.Assets[0].PlatformIds[0], inv.Spec.Assets[1].PlatformIds[0])
+	require.Equal(t, "//platformid.api.mondoo.app/runtime/k8s/uid/7b0dacb1266786d90e70e4c924064ef619eff6b1ccb4b0769f408510570fbbd2", inv.Spec.Assets[0].PlatformIds[0])
+	require.Equal(t, "//platformid.api.mondoo.app/runtime/k8s/uid/7b0dacb1266786d90e70e4c924064ef619eff6b1ccb4b0769f408510570fbbd2/namespace/mondoo-operator/deployments/name/mondoo-operator-controller-manager", inv.Spec.Assets[1].PlatformIds[0])
+}
+
+func TestOperatorManifestWithNamespaceFilter(t *testing.T) {
+	path := "./testdata/mondoo-operator-manifests.yaml"
+
+	runtime := K8s()
+	rootAsset := &inventory.Asset{
+		Connections: []*inventory.Config{{
+			Type: "k8s",
+			Options: map[string]string{
+				shared.OPTION_MANIFEST:  path,
+				shared.OPTION_NAMESPACE: "mondoo-operator",
+			},
+			Discover: &inventory.Discovery{
+				Targets: []string{"auto"},
+			},
+		}},
+	}
+	conn, err := manifest.NewConnection(0, rootAsset, manifest.WithManifestFile(path))
+	require.NoError(t, err)
+
+	err = runtime.Connect(&plugin.ConnectReq{
+		Asset: rootAsset,
+	})
+	require.NoError(t, err)
+
+	pluginRuntime := &plugin.Runtime{
+		Connection:     conn,
+		HasRecording:   false,
+		CreateResource: resources.CreateResource,
+	}
+	inv, err := resources.Discover(pluginRuntime)
+	require.NoError(t, err)
+	require.Len(t, inv.Spec.Assets, 2)
+
+	require.Len(t, inv.Spec.Assets[1].PlatformIds, 1)
+
+	for i := range inv.Spec.Assets {
+		asset := inv.Spec.Assets[i]
+		err = runtime.Connect(&plugin.ConnectReq{
+			Asset: asset,
+		})
+		require.NoError(t, err)
+		require.NotEmpty(t, asset.PlatformIds[0])
+	}
+	require.NotEqual(t, inv.Spec.Assets[0].PlatformIds[0], inv.Spec.Assets[1].PlatformIds[0])
+	require.Equal(t, "//platformid.api.mondoo.app/runtime/k8s/uid/namespace/mondoo-operator", inv.Spec.Assets[0].PlatformIds[0])
+	require.Equal(t, "//platformid.api.mondoo.app/runtime/k8s/uid/namespace/mondoo-operator/deployments/name/mondoo-operator-controller-manager", inv.Spec.Assets[1].PlatformIds[0])
+}
+
+func TestManifestNoObjects(t *testing.T) {
+	path := "./testdata/no-discovered-objects.yaml"
+
+	runtime := K8s()
+	rootAsset := &inventory.Asset{
+		Connections: []*inventory.Config{{
+			Type: "k8s",
+			Options: map[string]string{
+				shared.OPTION_MANIFEST: path,
+			},
+			Discover: &inventory.Discovery{
+				Targets: []string{"auto"},
+			},
+		}},
+	}
+	conn, err := manifest.NewConnection(0, rootAsset, manifest.WithManifestFile(path))
+	require.NoError(t, err)
+
+	err = runtime.Connect(&plugin.ConnectReq{
+		Asset: rootAsset,
+	})
+	require.NoError(t, err)
+
+	pluginRuntime := &plugin.Runtime{
+		Connection:     conn,
+		HasRecording:   false,
+		CreateResource: resources.CreateResource,
+	}
+	inv, err := resources.Discover(pluginRuntime)
+	require.NoError(t, err)
+	require.Len(t, inv.Spec.Assets, 1)
+
+	require.Len(t, inv.Spec.Assets[0].PlatformIds, 1)
+
+	for i := range inv.Spec.Assets {
+		asset := inv.Spec.Assets[i]
+		err = runtime.Connect(&plugin.ConnectReq{
+			Asset: asset,
+		})
+		require.NoError(t, err)
+		require.NotEmpty(t, asset.PlatformIds[0])
+	}
+	require.NotEmpty(t, inv.Spec.Assets[0].PlatformIds[0])
+}
+
+func TestManifestDir(t *testing.T) {
+	path := "./testdata/"
+
+	runtime := K8s()
+	rootAsset := &inventory.Asset{
+		Connections: []*inventory.Config{{
+			Type: "k8s",
+			Options: map[string]string{
+				shared.OPTION_MANIFEST: path,
+			},
+			Discover: &inventory.Discovery{
+				Targets: []string{"auto"},
+			},
+		}},
+	}
+	conn, err := manifest.NewConnection(0, rootAsset, manifest.WithManifestFile(path))
+	require.NoError(t, err)
+
+	err = runtime.Connect(&plugin.ConnectReq{
+		Asset: rootAsset,
+	})
+	require.NoError(t, err)
+
+	pluginRuntime := &plugin.Runtime{
+		Connection:     conn,
+		HasRecording:   false,
+		CreateResource: resources.CreateResource,
+	}
+	inv, err := resources.Discover(pluginRuntime)
+	require.NoError(t, err)
+	require.Len(t, inv.Spec.Assets, 3)
+
+	for i := range inv.Spec.Assets {
+		asset := inv.Spec.Assets[i]
+		err = runtime.Connect(&plugin.ConnectReq{
+			Asset: asset,
+		})
+		require.NoError(t, err)
+		require.NotEmpty(t, asset.PlatformIds[0])
+	}
+	require.NotEmpty(t, inv.Spec.Assets[0].PlatformIds[0])
+	// we have the operator deployment twice
+	require.Equal(t, inv.Spec.Assets[1].PlatformIds[0], inv.Spec.Assets[2].PlatformIds[0])
+}