diff --git a/controllers/status/operator_status.go b/controllers/status/operator_status.go index bd7c209af..15a962a51 100644 --- a/controllers/status/operator_status.go +++ b/controllers/status/operator_status.go @@ -171,7 +171,7 @@ func ReportStatusRequestFromAuditConfig( MondooAuditConfig: MondooAuditConfig{Name: m.Name, Namespace: m.Namespace}, OperatorVersion: version.Version, K8sResourcesScanning: m.Spec.KubernetesResources.Enable, - ContainerImageScanning: m.Spec.KubernetesResources.ContainerImageScanning, + ContainerImageScanning: m.Spec.Containers.Enable || m.Spec.KubernetesResources.ContainerImageScanning, NodeScanning: m.Spec.Nodes.Enable, AdmissionController: m.Spec.Admission.Enable, FilteringConfig: m.Spec.Filtering, diff --git a/controllers/status/operator_status_test.go b/controllers/status/operator_status_test.go index b098a09e7..d1f5994a4 100644 --- a/controllers/status/operator_status_test.go +++ b/controllers/status/operator_status_test.go @@ -59,6 +59,61 @@ func TestReportStatusRequestFromAuditConfig_AllEnabled(t *testing.T) { } v := &k8sversion.Info{GitVersion: "v1.24.0"} + m := testMondooAuditConfig() + m.Spec.KubernetesResources.Enable = true + m.Spec.Containers.Enable = true + m.Spec.Nodes.Enable = true + m.Spec.Admission.Enable = true + m.Spec.Filtering.Namespaces = v1alpha2.FilteringSpec{ + Include: []string{"includeA", "includeB"}, + Exclude: []string{"excludeX", "excludeY"}, + } + + m.Status.Conditions = []v1alpha2.MondooAuditConfigCondition{ + {Message: "Kubernetes Resources Scanning is Available", Status: v1.ConditionFalse, Type: v1alpha2.K8sResourcesScanningDegraded}, + {Message: "Kubernetes Container Image Scanning is Available", Status: v1.ConditionFalse, Type: v1alpha2.K8sContainerImageScanningDegraded}, + {Message: "Node Scanning is available", Status: v1.ConditionFalse, Type: v1alpha2.NodeScanningDegraded}, + {Message: "Admission controller is available", Status: v1.ConditionFalse, Type: v1alpha2.AdmissionDegraded}, + {Message: "ScanAPI controller is available", Status: v1.ConditionFalse, Type: v1alpha2.ScanAPIDegraded}, + } + + reportStatus := ReportStatusRequestFromAuditConfig(integrationMrn, m, nodes, v) + assert.Equal(t, integrationMrn, reportStatus.Mrn) + assert.Equal(t, mondooclient.Status_ACTIVE, reportStatus.Status) + assert.Equal(t, OperatorCustomState{ + Nodes: []string{"node1", "node2"}, + KubernetesVersion: v.GitVersion, + MondooAuditConfig: MondooAuditConfig{Name: m.Name, Namespace: m.Namespace}, + OperatorVersion: version.Version, + K8sResourcesScanning: m.Spec.KubernetesResources.Enable, + ContainerImageScanning: m.Spec.Containers.Enable, + NodeScanning: m.Spec.Nodes.Enable, + AdmissionController: m.Spec.Admission.Enable, + FilteringConfig: v1alpha2.Filtering{ + Namespaces: v1alpha2.FilteringSpec{ + Include: []string{"includeA", "includeB"}, + Exclude: []string{"excludeX", "excludeY"}, + }, + }, + }, reportStatus.LastState) + messages := []mondooclient.IntegrationMessage{ + {Identifier: K8sResourcesScanningIdentifier, Status: mondooclient.MessageStatus_MESSAGE_INFO, Message: m.Status.Conditions[0].Message}, + {Identifier: ContainerImageScanningIdentifier, Status: mondooclient.MessageStatus_MESSAGE_INFO, Message: m.Status.Conditions[1].Message}, + {Identifier: NodeScanningIdentifier, Status: mondooclient.MessageStatus_MESSAGE_INFO, Message: m.Status.Conditions[2].Message}, + {Identifier: AdmissionControllerIdentifier, Status: mondooclient.MessageStatus_MESSAGE_INFO, Message: m.Status.Conditions[3].Message}, + {Identifier: ScanApiIdentifier, Status: mondooclient.MessageStatus_MESSAGE_INFO, Message: m.Status.Conditions[4].Message}, + } + assert.ElementsMatch(t, messages, reportStatus.Messages.Messages) +} + +func TestReportStatusRequestFromAuditConfig_AllEnabled_DeprecatedFields(t *testing.T) { + integrationMrn := utils.RandString(10) + nodes := []v1.Node{ + {ObjectMeta: metav1.ObjectMeta{Name: "node1"}}, + {ObjectMeta: metav1.ObjectMeta{Name: "node2"}}, + } + v := &k8sversion.Info{GitVersion: "v1.24.0"} + m := testMondooAuditConfig() m.Spec.KubernetesResources.Enable = true m.Spec.KubernetesResources.ContainerImageScanning = true