Merge pull request #75 from steadybit/feat/refa-kube-score

kube score

CHANGELOG.md

@@ -4,6 +4,8 @@
 
 - Crash Loop Attack: validate specified container name with spec
 - Crash Loop Attack: ignore when to be killed container is already gone
+- Renamed attribute `k8s.deployment.replicas` to `k8s.specification.replicas`
+- Update dependencies
 
 ## v2.5.3
 

charts/steadybit-extension-kubernetes/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 name: steadybit-extension-kubernetes
 description: Steadybit Kubernetes extension Helm chart for Kubernetes.
-version: 1.4.48
+version: 1.4.49
 appVersion: latest
 home: https://www.steadybit.com/
 icon: https://steadybit-website-assets.s3.amazonaws.com/logo-symbol-transparent.png

charts/steadybit-extension-kubernetes/templates/clusterrole.yaml

@@ -21,15 +21,6 @@ rules:
       - list
       - watch
   {{/* Required for Discoveries */}}
-  - apiGroups:
-      - autoscaling
-    resources:
-      - horizontalpodautoscalers
-    verbs:
-      - get
-      - list
-      - watch
-  {{/* Required for Discoveries */}}
   - apiGroups: [""]
     resources:
       - services

charts/steadybit-extension-kubernetes/tests/__snapshot__/clusterrole_test.yaml.snap

@@ -17,14 +17,6 @@ manifest should match snapshot:
           - get
           - list
           - watch
-      - apiGroups:
-          - autoscaling
-        resources:
-          - horizontalpodautoscalers
-        verbs:
-          - get
-          - list
-          - watch
       - apiGroups:
           - ""
         resources:

client/client.go

@@ -10,7 +10,6 @@ import (
 	"github.com/rs/zerolog/log"
 	"golang.org/x/exp/slices"
 	appsv1 "k8s.io/api/apps/v1"
-	autoscalingv1 "k8s.io/api/autoscaling/v1"
 	corev1 "k8s.io/api/core/v1"
 	k8sErrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -19,7 +18,6 @@ import (
 	"k8s.io/client-go/informers"
 	"k8s.io/client-go/kubernetes"
 	listerAppsv1 "k8s.io/client-go/listers/apps/v1"
-	listerAutoscalingv1 "k8s.io/client-go/listers/autoscaling/v1"
 	listerCorev1 "k8s.io/client-go/listers/core/v1"
 	"k8s.io/client-go/rest"
 	"k8s.io/client-go/tools/cache"
@@ -77,11 +75,6 @@ type Client struct {
 		informer cache.SharedIndexInformer
 	}
 
-	hpa struct {
-		lister   listerAutoscalingv1.HorizontalPodAutoscalerLister
-		informer cache.SharedIndexInformer
-	}
-
 	handlers struct {
 		sync.Mutex
 		l []chan<- interface{}
@@ -138,7 +131,7 @@ func (c *Client) DeploymentByNamespaceAndName(namespace string, name string) *ap
 }
 
 func (c *Client) ServicesByPod(pod *corev1.Pod) []*corev1.Service {
-	services, err := c.service.lister.List(labels.Everything())
+	services, err := c.service.lister.Services(pod.Namespace).List(labels.Everything())
 	if err != nil {
 		log.Error().Err(err).Msgf("Error while fetching services")
 		return []*corev1.Service{}
@@ -158,6 +151,27 @@ func (c *Client) ServicesByPod(pod *corev1.Pod) []*corev1.Service {
 	return result
 }
 
+func (c *Client) ServicesMatchingToPodLabels(namespace string, labelSelector map[string]string) []*corev1.Service {
+	services, err := c.service.lister.Services(namespace).List(labels.Everything())
+	if err != nil {
+		log.Error().Err(err).Msgf("Error while fetching services")
+		return []*corev1.Service{}
+	}
+	var result []*corev1.Service
+	for _, service := range services {
+		match := service.Spec.Selector != nil
+		for key, value := range service.Spec.Selector {
+			if value != labelSelector[key] {
+				match = false
+			}
+		}
+		if match {
+			result = append(result, service)
+		}
+	}
+	return result
+}
+
 func (c *Client) DaemonSets() []*appsv1.DaemonSet {
 	daemonSets, err := c.daemonSet.lister.List(labels.Everything())
 	if err != nil {
@@ -227,20 +241,6 @@ func (c *Client) Events(since time.Time) *[]corev1.Event {
 	return &result
 }
 
-func (c *Client) HorizontalPodAutoscalerByNamespaceAndDeployment(namespace string, reference string) *autoscalingv1.HorizontalPodAutoscaler {
-	hpas, err := c.hpa.lister.HorizontalPodAutoscalers(namespace).List(labels.Everything())
-	if err != nil {
-		log.Error().Err(err).Msgf("Error while fetching horizontal pod autoscalers")
-		return nil
-	}
-	for _, hpa := range hpas {
-		if hpa.Spec.ScaleTargetRef.Kind == "Deployment" && hpa.Spec.ScaleTargetRef.Name == reference {
-			return hpa
-		}
-	}
-	return nil
-}
-
 func logGetError(resource string, err error) {
 	if err != nil {
 		var t *k8sErrors.StatusError
@@ -295,7 +295,7 @@ func CreateClient(clientset kubernetes.Interface, stopCh <-chan struct{}, rootAp
 	client.daemonSet.informer = daemonSets.Informer()
 	client.daemonSet.lister = daemonSets.Lister()
 	informerSyncList = append(informerSyncList, client.daemonSet.informer.HasSynced)
-	if err := client.daemonSet.informer.SetTransform(transformDaemonset); err != nil {
+	if err := client.daemonSet.informer.SetTransform(transformDaemonSet); err != nil {
 		log.Fatal().Err(err).Msg("Failed to add daemonSet transformer")
 	}
 	if _, err := client.daemonSet.informer.AddEventHandler(client.resourceEventHandler); err != nil {
@@ -368,19 +368,6 @@ func CreateClient(clientset kubernetes.Interface, stopCh <-chan struct{}, rootAp
 		log.Fatal().Msg("failed to add node event handler")
 	}
 
-	if permissions.CanReadHorizontalPodAutoscalers() {
-		hpa := factory.Autoscaling().V1().HorizontalPodAutoscalers()
-		client.hpa.informer = hpa.Informer()
-		client.hpa.lister = hpa.Lister()
-		informerSyncList = append(informerSyncList, client.hpa.informer.HasSynced)
-		if err := client.hpa.informer.SetTransform(transformHPA); err != nil {
-			log.Fatal().Err(err).Msg("Failed to add hpa transformer")
-		}
-		if _, err := client.hpa.informer.AddEventHandler(client.resourceEventHandler); err != nil {
-			log.Fatal().Msg("failed to add hpa event handler")
-		}
-	}
-
 	events := factory.Core().V1().Events()
 	client.event.informer = events.Informer()
 	informerSyncList = append(informerSyncList, client.event.informer.HasSynced)

client/permissions.go

@@ -46,7 +46,6 @@ var requiredPermissions = []requiredPermission{
 	{group: "apps", resource: "replicasets", verbs: []string{"get", "list", "watch"}, allowGracefulFailure: false},
 	{group: "apps", resource: "daemonsets", verbs: []string{"get", "list", "watch"}, allowGracefulFailure: false},
 	{group: "apps", resource: "statefulsets", verbs: []string{"get", "list", "watch"}, allowGracefulFailure: false},
-	{group: "autoscaling", resource: "horizontalpodautoscalers", verbs: []string{"get", "list", "watch"}, allowGracefulFailure: true},
 	{group: "", resource: "services", verbs: []string{"get", "list", "watch"}, allowGracefulFailure: false},
 	{group: "", resource: "pods", verbs: []string{"get", "list", "watch"}, allowGracefulFailure: false},
 	{group: "", resource: "nodes", verbs: []string{"get", "list", "watch"}, allowGracefulFailure: false},
@@ -134,13 +133,6 @@ func (p *PermissionCheckResult) hasPermissions(requiredPermissions []string) boo
 	return true
 }
 
-func (p *PermissionCheckResult) CanReadHorizontalPodAutoscalers() bool {
-	return p.hasPermissions([]string{
-		"autoscaling/horizontalpodautoscalers/get",
-		"autoscaling/horizontalpodautoscalers/list",
-		"autoscaling/horizontalpodautoscalers/watch"})
-}
-
 func (p *PermissionCheckResult) IsRolloutRestartPermitted() bool {
 	return p.hasPermissions([]string{
 		"apps/deployments/patch",

client/transformers.go

@@ -6,14 +6,11 @@ import (
 	corev1 "k8s.io/api/core/v1"
 )
 
-func transformDaemonset(i interface{}) (interface{}, error) {
+func transformDaemonSet(i interface{}) (interface{}, error) {
 	d, ok := i.(*appsv1.DaemonSet)
 	if ok {
 		d.ObjectMeta.Annotations = nil
 		d.ObjectMeta.ManagedFields = nil
-		newDaemonSetSpec := appsv1.DaemonSetSpec{}
-		newDaemonSetSpec.Selector = d.Spec.Selector
-		d.Spec = newDaemonSetSpec
 		d.Status = appsv1.DaemonSetStatus{}
 		return d, nil
 	}
@@ -91,10 +88,6 @@ func transformStatefulSet(i interface{}) (interface{}, error) {
 	if ok {
 		s.ObjectMeta.Annotations = nil
 		s.ObjectMeta.ManagedFields = nil
-		newStatefulSetSpec := appsv1.StatefulSetSpec{}
-		newStatefulSetSpec.Replicas = s.Spec.Replicas
-		newStatefulSetSpec.Selector = s.Spec.Selector
-		s.Spec = newStatefulSetSpec
 		s.Status = appsv1.StatefulSetStatus{}
 		return s, nil
 	}