Merge pull request #265 from jetstack/open-shift-route-filter

Author: j-fuentes

pkg/datagatherer/k8s/dynamic.go

@@ -7,8 +7,6 @@ import (
 	"strings"
 	"time"
 
-	"github.com/jetstack/preflight/api"
-	"github.com/jetstack/preflight/pkg/datagatherer"
 	"github.com/pkg/errors"
 	"github.com/pmylund/go-cache"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -19,6 +17,9 @@ import (
 	"k8s.io/client-go/dynamic/dynamicinformer"
 	"k8s.io/client-go/kubernetes/scheme"
 	k8scache "k8s.io/client-go/tools/cache"
+
+	"github.com/jetstack/preflight/api"
+	"github.com/jetstack/preflight/pkg/datagatherer"
 )
 
 // ConfigDynamic contains the configuration for the data-gatherer.
@@ -274,16 +275,16 @@ func redactList(list []*api.GatheredResource) error {
 
 		resource := item
 
+		// Redact item if it is a:
 		for _, gvk := range gvks {
-			// If this item is a Secret then we need to redact it.
+			// secret object
 			if gvk.Kind == "Secret" && (gvk.Group == "core" || gvk.Group == "") {
 				Select(SecretSelectedFields, resource)
 
-				// break when the object has been processed as a secret, no
-				// other kinds have redact modifications
-				break
+				// route object
+			} else if gvk.Kind == "Route" && gvk.Group == "route.openshift.io" {
+				Select(RouteSelectedFields, resource)
 			}
-
 		}
 
 		// remove managedFields from all resources

pkg/datagatherer/k8s/fieldfilter.go

@@ -25,6 +25,31 @@ var SecretSelectedFields = []string{
 	"/data/ca.crt",
 }
 
+// RouteSelectedFields is the list of fields sent from OpenShift Route objects to the
+// backend
+var RouteSelectedFields = []string{
+	"kind",
+	"apiVersion",
+	"metadata.annotations",
+	"metadata.name",
+	"metadata.namespace",
+	"metadata.ownerReferences",
+	"metadata.selfLink",
+	"metadata.uid",
+	"spec.host",
+	"spec.to.kind",
+	"spec.to.port",
+	"spec.to.name",
+	"spec.to.weight",
+	"spec.tls.termination",
+	"spec.tls.certificate",
+	"spec.tls.caCertificate",
+	"spec.tls.destinationCACertificate",
+	"spec.tls.insecureEdgeTerminationPolicy",
+	"spec.wildcardPolicy",
+	"status",
+}
+
 // RedactFields are removed from all objects
 var RedactFields = []string{
 	"metadata.managedFields",

pkg/datagatherer/k8s/fieldfilter_test.go

@@ -8,7 +8,8 @@ import (
 )
 
 func TestSelect(t *testing.T) {
-	resource := &unstructured.Unstructured{
+	// secret objects
+	secretResource := &unstructured.Unstructured{
 		Object: map[string]interface{}{
 			"apiVersion": "v1",
 			"kind":       "Secret",
@@ -27,7 +28,7 @@ func TestSelect(t *testing.T) {
 		},
 	}
 
-	fieldsToSelect := []string{
+	secretFieldsToSelect := []string{
 		"apiVersion",
 		"kind",
 		"metadata.name",
@@ -36,13 +37,7 @@ func TestSelect(t *testing.T) {
 		"/data/tls.crt",
 	}
 
-	err := Select(fieldsToSelect, resource)
-	if err != nil {
-		t.Fatalf("unexpected error: %s", err)
-	}
-
-	bytes, err := json.MarshalIndent(resource, "", "    ")
-	expectedJSON := `{
+	secretExpectedJSON := `{
     "apiVersion": "v1",
     "data": {
         "tls.crt": "cert data"
@@ -54,8 +49,90 @@ func TestSelect(t *testing.T) {
     },
     "type": "kubernetes.io/tls"
 }`
-	if string(bytes) != expectedJSON {
-		t.Fatalf("unexpected JSON: \ngot \n%s\nwant\n%s", string(bytes), expectedJSON)
+	// route objects
+	routeResource := &unstructured.Unstructured{
+		Object: map[string]interface{}{
+			"apiVersion": "v1",
+			"kind":       "Route",
+			"metadata": map[string]interface{}{
+				"name": "example",
+				"annotations": map[string]string{
+					"kubectl.kubernetes.io/last-applied-configuration": "secret",
+				},
+			},
+			"spec": map[string]interface{}{
+				"host": "www.example.com",
+				"to": map[string]string{
+					"kind": "Service",
+					"name": "frontend",
+				},
+				"tls": map[string]interface{}{
+					"termination":              "reencrypt",
+					"key":                      "secret",
+					"certificate":              "cert data",
+					"caCertificate":            "caCert data",
+					"destinationCACertificate": "destinationCaCert data",
+				},
+			},
+		},
+	}
+
+	routeFieldsToSelect := []string{
+		"apiVersion",
+		"kind",
+		"metadata.name",
+		"spec.host",
+		"spec.to.kind",
+		"spec.to.name",
+		"spec.tls.termination",
+		"spec.tls.certificate",
+		"spec.tls.caCertificate",
+		"spec.tls.destinationCACertificate",
+	}
+
+	routeExpectedJSON := `{
+    "apiVersion": "v1",
+    "kind": "Route",
+    "metadata": {
+        "name": "example"
+    },
+    "spec": {
+        "host": "www.example.com",
+        "tls": {
+            "caCertificate": "caCert data",
+            "certificate": "cert data",
+            "destinationCACertificate": "destinationCaCert data",
+            "termination": "reencrypt"
+        },
+        "to": {
+            "kind": "Service",
+            "name": "frontend"
+        }
+    }
+}`
+
+	tests := map[string]struct {
+		resource       *unstructured.Unstructured
+		fieldsToSelect []string
+		expectedJSON   string
+	}{
+		"secret": {secretResource, secretFieldsToSelect, secretExpectedJSON},
+		"route":  {routeResource, routeFieldsToSelect, routeExpectedJSON},
+	}
+
+	for name, test := range tests {
+		err := Select(test.fieldsToSelect, test.resource)
+		if err != nil {
+			t.Fatalf("unexpected error: %s", err)
+		}
+
+		bytes, err := json.MarshalIndent(test.resource, "", "    ")
+
+		t.Run(name, func(t *testing.T) {
+			if string(bytes) != test.expectedJSON {
+				t.Fatalf("unexpected JSON: \ngot \n%s\nwant\n%s", string(bytes), test.expectedJSON)
+			}
+		})
 	}
 }