Implementation of k8s-discovery datagatherer (#165)

charlieegan3 · web-flow · commit 7720f9ed65fc · 2020-05-07T18:45:45.000+01:00
* Implementation of k8s-discovery datagatherer This makes use of the discovery client in client-go to get the server version information. We need this to use in upcoming packages. https://godoc.org/k8s.io/client-go/discovery Sadly, the fake discovery client doesn't seem to work in the same way as the dynamic one and I've not spent the time to write tests around it. However, it's operation is much simpler. Open to suggestions on how to test this in the same way as the dynamic client. This PR also updates all docs and renames the k8s datagatherer to k8s-dynamic in a backwards compatible manner. (Internal Issue: https://github.com/jetstack/preflight-platform/issues/350) Signed-off-by: Charlie Egan <charlieegan3@users.noreply.github.com> * Add note about data returned for server version Signed-off-by: Charlie Egan <charlieegan3@users.noreply.github.com>
diff --git a/docs/datagatherers/k8s-discovery.md b/docs/datagatherers/k8s-discovery.md
@@ -0,0 +1,22 @@
+# k8s-discovery
+
+This datagatherer uses the [DiscoveryClient](https://godoc.org/k8s.io/client-go/discovery#DiscoveryClient)
+to get API server version information.
+
+Include the following in your agent config:
+
+```
+data-gatherers:
+- kind: "k8s-discovery"
+  name: "k8s-discovery"
+```
+
+or specify a kubeconfig file:
+
+```
+data-gatherers:
+- kind: "k8s-discovery"
+  name: "k8s-discovery"
+  config:
+    kubeconfig: other_kube_config_path
+```
diff --git a/docs/datagatherers/k8s-dynamic.md b/docs/datagatherers/k8s-dynamic.md
@@ -1,7 +1,7 @@
-# Kubernetes (k8s) Data Gatherer
+# Kubernetes Data Gatherer
 
-The Kubernetes data gatherer collects information about resources stored in
-the Kubernetes API.
+The Kubernetes dynamic data gatherer collects information about resources stored
+in the Kubernetes API.
 
 ## Data
 
@@ -28,16 +28,25 @@ below:
 ```yaml
 data-gatherers:
 # basic usage
-- kind: "k8s/pods.v1"
-  name: "pods"
+- kind: "k8s-dynamic"
+  name: "k8s/pods"
+  config:
+    resource-type:
+      resource: pods
+      version: v1
 
 # CRD usage
-- kind: "k8s/certificates.v1alpha2.cert-manager.io"
-  name: "certificates"
+- kind: "k8s-dynamic"
+  name: "k8s/certificates.v1alpha2.cert-manager.io"
+  config:
+    resource-type:
+      group: cert-manager.io
+      version: v1alpha2
+      resource: certificates
 
 # you might event want to gather resources from another cluster
-- kind: "k8s/pods.v1"
-  name: "pods-cluster-2"
+- kind: "k8s-dynamic"
+  name: "k8s/pods"
   config:
     kubeconfig: other_kube_config_path
 ```
diff --git a/examples/cert-manager-agent.yaml b/examples/cert-manager-agent.yaml
@@ -5,27 +5,27 @@ endpoint:
   host: "preflight.jetstack.io"
   path: "/api/v1/datareadings"
 data-gatherers:
-- kind: "k8s"
+- kind: "k8s-dynamic"
   name: "k8s/secrets.v1"
   config:
     resource-type:
       version: v1
       resource: secrets
-- kind: "k8s"
+- kind: "k8s-dynamic"
   name: "k8s/certificates.v1alpha2.cert-manager.io"
   config:
     resource-type:
       group: cert-manager.io
       version: v1alpha2
       resource: certificates
-- kind: "k8s"
+- kind: "k8s-dynamic"
   name: "k8s/ingresses.v1beta1.networking.k8s.io"
   config:
     resource-type:
       group: networking.k8s.io
       version: v1beta1
       resource: ingresses
-- kind: "k8s"
+- kind: "k8s-dynamic"
   name: "k8s/certificaterequests.v1alpha2.cert-manager.io"
   config:
     resource-type:
diff --git a/pkg/agent/config.go b/pkg/agent/config.go
@@ -87,7 +87,11 @@ func (dg *dataGatherer) UnmarshalYAML(unmarshal func(interface{}) error) error {
 	case "aks":
 		cfg = &aks.Config{}
 	case "k8s":
-		cfg = &k8s.Config{}
+		cfg = &k8s.ConfigDynamic{}
+	case "k8s-dynamic":
+		cfg = &k8s.ConfigDynamic{}
+	case "k8s-discovery":
+		cfg = &k8s.ConfigDiscovery{}
 	case "local":
 		cfg = &local.Config{}
 	// dummy dataGatherer is just used for testing
diff --git a/pkg/datagatherer/k8s/client.go b/pkg/datagatherer/k8s/client.go
@@ -3,6 +3,7 @@ package k8s
 
 import (
 	"github.com/pkg/errors"
+	"k8s.io/client-go/discovery"
 	"k8s.io/client-go/dynamic"
 	"k8s.io/client-go/rest"
 	"k8s.io/client-go/tools/clientcmd"
@@ -23,6 +24,25 @@ func NewDynamicClient(kubeconfigPath string) (dynamic.Interface, error) {
 	return cl, nil
 }
 
+// NewDiscoveryClient creates a new 'discovery' client using the provided
+// kubeconfig.  If kubeconfigPath is not set/empty, it will attempt to load
+// configuration using the default loading rules.
+func NewDiscoveryClient(kubeconfigPath string) (discovery.DiscoveryClient, error) {
+	var discoveryClient *discovery.DiscoveryClient
+
+	cfg, err := loadRESTConfig(kubeconfigPath)
+	if err != nil {
+		return *discoveryClient, errors.WithStack(err)
+	}
+
+	discoveryClient, err = discovery.NewDiscoveryClientForConfig(cfg)
+	if err != nil {
+		return *discoveryClient, errors.WithStack(err)
+	}
+
+	return *discoveryClient, nil
+}
+
 func loadRESTConfig(path string) (*rest.Config, error) {
 	switch path {
 	// If the kubeconfig path is not provided, use the default loading rules
diff --git a/pkg/datagatherer/k8s/client_test.go b/pkg/datagatherer/k8s/client_test.go
@@ -34,6 +34,26 @@ func TestNewDynamicClient_InferredKubeconfig(t *testing.T) {
 	}
 }
 
+func TestNewDiscoveryClient_ExplicitKubeconfig(t *testing.T) {
+	kc := createValidTestConfig()
+	path := writeConfigToFile(t, kc)
+	_, err := NewDiscoveryClient(path)
+	if err != nil {
+		t.Error("failed to create client: ", err)
+	}
+}
+
+func TestNewDiscoveryClient_InferredKubeconfig(t *testing.T) {
+	kc := createValidTestConfig()
+	path := writeConfigToFile(t, kc)
+	cleanupFn := temporarilySetEnv("KUBECONFIG", path)
+	defer cleanupFn()
+	_, err := NewDiscoveryClient("")
+	if err != nil {
+		t.Error("failed to create client: ", err)
+	}
+}
+
 func writeConfigToFile(t *testing.T, cfg clientcmdapi.Config) string {
 	f, err := ioutil.TempFile("", "testcase-*")
 	if err != nil {
diff --git a/pkg/datagatherer/k8s/discovery.go b/pkg/datagatherer/k8s/discovery.go
@@ -0,0 +1,62 @@
+package k8s
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/jetstack/preflight/pkg/datagatherer"
+	"k8s.io/client-go/discovery"
+)
+
+// ConfigDiscovery contains the configuration for the k8s-discovery data-gatherer
+type ConfigDiscovery struct {
+	// KubeConfigPath is the path to the kubeconfig file. If empty, will assume it runs in-cluster.
+	KubeConfigPath string `yaml:"kubeconfig"`
+}
+
+// UnmarshalYAML unmarshals the Config resolving GroupVersionResource.
+func (c *ConfigDiscovery) UnmarshalYAML(unmarshal func(interface{}) error) error {
+	aux := struct {
+		KubeConfigPath string `yaml:"kubeconfig"`
+	}{}
+	err := unmarshal(&aux)
+	if err != nil {
+		return err
+	}
+
+	c.KubeConfigPath = aux.KubeConfigPath
+
+	return nil
+}
+
+// NewDataGatherer constructs a new instance of the generic K8s data-gatherer for the provided
+// GroupVersionResource.
+func (c *ConfigDiscovery) NewDataGatherer(ctx context.Context) (datagatherer.DataGatherer, error) {
+	cl, err := NewDiscoveryClient(c.KubeConfigPath)
+	if err != nil {
+		return nil, err
+	}
+
+	return &DataGathererDiscovery{cl: cl}, nil
+}
+
+// DataGathererDiscovery stores the config for a k8s-discovery datagatherer
+type DataGathererDiscovery struct {
+	// The 'discovery' client used for fetching data.
+	cl discovery.DiscoveryClient
+}
+
+// Fetch will fetch discovery data from the apiserver, or return an error
+func (g *DataGathererDiscovery) Fetch() (interface{}, error) {
+	data, err := g.cl.ServerVersion()
+	if err != nil {
+		return nil, fmt.Errorf("failed to get server version: %v", err)
+	}
+
+	response := map[string]interface{}{
+		// data has type Info: https://godoc.org/k8s.io/apimachinery/pkg/version#Info
+		"server_version": data,
+	}
+
+	return response, nil
+}
diff --git a/pkg/datagatherer/k8s/dynamic.go b/pkg/datagatherer/k8s/dynamic.go
@@ -15,8 +15,8 @@ import (
 	"k8s.io/client-go/kubernetes/scheme"
 )
 
-// Config contains the configuration for the data-gatherer.
-type Config struct {
+// ConfigDynamic contains the configuration for the data-gatherer.
+type ConfigDynamic struct {
 	// KubeConfigPath is the path to the kubeconfig file. If empty, will assume it runs in-cluster.
 	KubeConfigPath string `yaml:"kubeconfig"`
 	// GroupVersionResource identifies the resource type to gather.
@@ -27,8 +27,8 @@ type Config struct {
 	IncludeNamespaces []string `yaml:"include-namespaces"`
 }
 
-// UnmarshalYAML unmarshals the Config resolving GroupVersionResource.
-func (c *Config) UnmarshalYAML(unmarshal func(interface{}) error) error {
+// UnmarshalYAML unmarshals the ConfigDynamic resolving GroupVersionResource.
+func (c *ConfigDynamic) UnmarshalYAML(unmarshal func(interface{}) error) error {
 	aux := struct {
 		KubeConfigPath string `yaml:"kubeconfig"`
 		ResourceType   struct {
@@ -53,7 +53,7 @@ func (c *Config) UnmarshalYAML(unmarshal func(interface{}) error) error {
 }
 
 // validate validates the configuration.
-func (c *Config) validate() error {
+func (c *ConfigDynamic) validate() error {
 	var errors []string
 	if len(c.ExcludeNamespaces) > 0 && len(c.IncludeNamespaces) > 0 {
 		errors = append(errors, "cannot set excluded and included namespaces")
@@ -72,7 +72,7 @@ func (c *Config) validate() error {
 
 // NewDataGatherer constructs a new instance of the generic K8s data-gatherer for the provided
 // GroupVersionResource.
-func (c *Config) NewDataGatherer(ctx context.Context) (datagatherer.DataGatherer, error) {
+func (c *ConfigDynamic) NewDataGatherer(ctx context.Context) (datagatherer.DataGatherer, error) {
 	cl, err := NewDynamicClient(c.KubeConfigPath)
 	if err != nil {
 		return nil, err
@@ -81,26 +81,26 @@ func (c *Config) NewDataGatherer(ctx context.Context) (datagatherer.DataGatherer
 	return c.newDataGathererWithClient(cl)
 }
 
-func (c *Config) newDataGathererWithClient(cl dynamic.Interface) (datagatherer.DataGatherer, error) {
+func (c *ConfigDynamic) newDataGathererWithClient(cl dynamic.Interface) (datagatherer.DataGatherer, error) {
 	if err := c.validate(); err != nil {
 		return nil, err
 	}
 
-	return &DataGatherer{
+	return &DataGathererDynamic{
 		cl:                   cl,
 		groupVersionResource: c.GroupVersionResource,
 		fieldSelector:        generateFieldSelector(c.ExcludeNamespaces),
 		namespaces:           c.IncludeNamespaces,
 	}, nil
 }
 
-// DataGatherer is a generic gatherer for Kubernetes. It knows how to request
+// DataGathererDynamic is a generic gatherer for Kubernetes. It knows how to request
 // a list of generic resources from the Kubernetes apiserver.
 // It does not deserialize the objects into structured data, instead utilising
 // the Kubernetes `Unstructured` type for data handling.
 // This is to allow us to support arbitrary CRDs and resources that Preflight
 // does not have registered as part of its `runtime.Scheme`.
-type DataGatherer struct {
+type DataGathererDynamic struct {
 	// The 'dynamic' client used for fetching data.
 	cl dynamic.Interface
 	// groupVersionResource is the name of the API group, version and resource
@@ -118,7 +118,7 @@ type DataGatherer struct {
 
 // Fetch will fetch the requested data from the apiserver, or return an error
 // if fetching the data fails.
-func (g *DataGatherer) Fetch() (interface{}, error) {
+func (g *DataGathererDynamic) Fetch() (interface{}, error) {
 	if g.groupVersionResource.Resource == "" {
 		return nil, fmt.Errorf("resource type must be specified")
 	}
diff --git a/pkg/datagatherer/k8s/dynamic_test.go b/pkg/datagatherer/k8s/dynamic_test.go
@@ -62,7 +62,7 @@ func asUnstructuredList(items ...*unstructured.Unstructured) *unstructured.Unstr
 }
 
 func TestNewDataGathererWithClient(t *testing.T) {
-	config := Config{
+	config := ConfigDynamic{
 		IncludeNamespaces:    []string{"a"},
 		GroupVersionResource: schema.GroupVersionResource{Group: "foobar", Version: "v1", Resource: "foos"},
 	}
@@ -73,7 +73,7 @@ func TestNewDataGathererWithClient(t *testing.T) {
 		t.Errorf("expected no error but got: %v", err)
 	}
 
-	expected := &DataGatherer{
+	expected := &DataGathererDynamic{
 		cl:                   cl,
 		groupVersionResource: config.GroupVersionResource,
 		// it's important that the namespaces are set as the IncludeNamespaces
@@ -168,7 +168,7 @@ func TestGenericGatherer_Fetch(t *testing.T) {
 	for name, test := range tests {
 		t.Run(name, func(t *testing.T) {
 			cl := fake.NewSimpleDynamicClient(emptyScheme, test.objects...)
-			g := DataGatherer{
+			g := DataGathererDynamic{
 				cl:                   cl,
 				groupVersionResource: test.gvr,
 				// if empty, namespaces will default to []string{""} during
@@ -190,7 +190,7 @@ func TestGenericGatherer_Fetch(t *testing.T) {
 	}
 }
 
-func TestUnmarshalConfig(t *testing.T) {
+func TestUnmarshalGenericConfig(t *testing.T) {
 	textCfg := `
 kubeconfig: "/home/someone/.kube/config"
 resource-type:
@@ -213,7 +213,7 @@ exclude-namespaces:
 		"my-namespace",
 	}
 
-	cfg := Config{}
+	cfg := ConfigDynamic{}
 	err := yaml.Unmarshal([]byte(textCfg), &cfg)
 	if err != nil {
 		t.Fatalf("unexpected error: %+v", err)
@@ -232,13 +232,13 @@ exclude-namespaces:
 	}
 }
 
-func TestConfigValidate(t *testing.T) {
+func TestConfigDynamicValidate(t *testing.T) {
 	tests := []struct {
-		Config        Config
+		Config        ConfigDynamic
 		ExpectedError string
 	}{
 		{
-			Config: Config{
+			Config: ConfigDynamic{
 				GroupVersionResource: schema.GroupVersionResource{
 					Group:    "",
 					Version:  "",
@@ -248,7 +248,7 @@ func TestConfigValidate(t *testing.T) {
 			ExpectedError: "invalid configuration: GroupVersionResource.Resource cannot be empty",
 		},
 		{
-			Config: Config{
+			Config: ConfigDynamic{
 				IncludeNamespaces: []string{"a"},
 				ExcludeNamespaces: []string{"b"},
 			},
