github/polaris
1
0
Fork 0
mirror of https://github.com/FairwindsOps/polaris.git synced 2026-02-14 09:59:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove flags from audit command and remove auth command (#1138)

Browse Source 
* update libs

* Remove unused authentication code and dependencies from the Polaris project, streamlining the audit process by eliminating the upload insights feature and related flags.

* remove insights reporter

* remove lingering libs

* update docs

* INS-1251: Polaris: upgrade github.com/qri-io/jsonschema to v0.2.1 (#1135)

* Bump lins

* Code refactoring

* Fixign issues

* Fixing issues

* Fixing issues

* Fixing issues

* [WIP]

* [WIP]

* [WIP]

* Trying to fix tests

* Trying to fix tests

* Fixing issues

* Fixing issues

* Fixing issues

* Fixing issues

* Fixing issues

* Fixing issues

* Revert go mod

* Revert go mod

* Revert go mod

* Revert go mod

* Fixing issues

* Fixing issue

* Code refactoring

* Updating json schema version

* Updating json schema version

* fix go mod

* fix go sum

---------

Co-authored-by: jdesouza <james@fairwinds.com>
This commit is contained in:
Vitor Rodrigo Vezani
2025-07-24 16:48:23 -03:00
committed by GitHub
parent 2b17c31957
commit 38e540e0cf
13 changed files with 3 additions and 980 deletions
Download Patch File Download Diff File Expand all files Collapse all files

67
cmd/polaris/audit.go
View File

@@ -24,14 +24,8 @@ import (
"net/http"
"os"
"os/exec"
"strings"
workloads "github.com/fairwindsops/insights-plugins/plugins/workloads"
workloadsPkg "github.com/fairwindsops/insights-plugins/plugins/workloads/pkg"
"github.com/fairwindsops/polaris/pkg/auth"
cfg "github.com/fairwindsops/polaris/pkg/config"
"github.com/fairwindsops/polaris/pkg/insights"
"github.com/fairwindsops/polaris/pkg/kube"
"github.com/fairwindsops/polaris/pkg/validator"
"github.com/sirupsen/logrus"
@@ -55,9 +49,6 @@ var (
auditNamespace string
severityLevel string
skipSslValidation bool
uploadInsights bool
clusterName string
quiet bool
)
func init() {
@@ -79,9 +70,6 @@ func init() {
auditCmd.PersistentFlags().StringVar(&auditNamespace, "namespace", "", "Namespace to audit. Only applies to in-cluster audits")
auditCmd.PersistentFlags().StringVar(&severityLevel, "severity", "", "Severity level used to filter results. Behaves like log levels. 'danger' is the least verbose (warning, danger)")
auditCmd.PersistentFlags().BoolVar(&skipSslValidation, "skip-ssl-validation", false, "Skip https certificate verification")
auditCmd.PersistentFlags().BoolVar(&uploadInsights, "upload-insights", false, "Upload scan results to Fairwinds Insights")
auditCmd.PersistentFlags().StringVar(&clusterName, "cluster-name", "", "Set --cluster-name to a descriptive name for the cluster you're auditing")
auditCmd.PersistentFlags().BoolVar(&quiet, "quiet", false, "Suppress the 'upload to Insights' prompt.")
}
var auditCmd = &cobra.Command{
@@ -120,23 +108,6 @@ var auditCmd = &cobra.Command{
os.Exit(1)
}
}
if uploadInsights && len(clusterName) == 0 {
logrus.Error("cluster-name is required when using --upload-insights")
os.Exit(1)
}
if uploadInsights {
if auditPath != "" {
logrus.Errorf("upload-insights and audit-path are not supported when used simultaneously")
os.Exit(1)
}
if !auth.IsLoggedIn() {
err := auth.HandleLogin(insightsHost)
if err != nil {
logrus.Errorf("error handling logging: %v", err)
os.Exit(1)
}
}
}
ctx := context.TODO()
k, err := kube.CreateResourceProvider(ctx, auditPath, resourceToAudit, config)
@@ -151,43 +122,7 @@ var auditCmd = &cobra.Command{
os.Exit(1)
}
if uploadInsights {
auth, err := auth.GetAuth(insightsHost)
if err != nil {
logrus.Errorf("getting auth: %v", err)
os.Exit(1)
}
// fetch workloads using workload plugin... or should we adapt the workloads from above?
dynamicClient, restMapper, clientSet, host, err := kube.GetKubeClient(ctx, "")
if err != nil {
logrus.Errorf("getting the kubernetes client: %v", err)
os.Exit(1)
}
k8sResources, err := workloadsPkg.CreateResourceProviderFromAPI(ctx, dynamicClient, restMapper, clientSet, host)
if err != nil {
logrus.Errorf("creating resource provider: %v", err)
os.Exit(1)
}
insightsClient := insights.NewHTTPClient(insightsHost, auth.Organization, auth.Token)
insightsReporter := insights.NewInsightsReporter(insightsClient)
wr := insights.WorkloadsReport{Version: workloads.Version, Payload: *k8sResources}
pr := insights.PolarisReport{Version: version, Payload: auditData}
logrus.Infof("Uploading to Fairwinds Insights organization '%s/%s'...", auth.Organization, clusterName)
err = insightsReporter.ReportAuditToFairwindsInsights(clusterName, wr, pr)
if err != nil {
logrus.Errorf("reporting audit file to insights: %v", err)
os.Exit(1)
}
os.Stderr.WriteString("\n\nSuccess! You can see your results at:")
os.Stderr.WriteString(fmt.Sprintf("\n\n%s/orgs/%s/clusters/%s/action-items\n\n", insightsHost, auth.Organization, clusterName))
} else {
outputAudit(auditData, auditOutputFile, auditOutputURL, auditOutputFormat, useColor, onlyShowFailedTests, severityLevel)
if !quiet {
os.Stderr.WriteString("\n\n🚀 Upload your Polaris findings to Fairwinds Insights to see remediation advice, add teammates, integrate with Slack or Jira, and more:")
os.Stderr.WriteString("\n\n polaris " + strings.Join(os.Args[1:], " ") + " --upload-insights --cluster-name=my-cluster\n\n")
}
}
outputAudit(auditData, auditOutputFile, auditOutputURL, auditOutputFormat, useColor, onlyShowFailedTests, severityLevel)
summary := auditData.GetSummary()
score := summary.GetScore()

81
cmd/polaris/auth.go
View File

@@ -1,81 +0,0 @@
package cmd
import (
"github.com/fairwindsops/polaris/pkg/auth"
"github.com/sirupsen/logrus"
"github.com/spf13/cobra"
)
func init() {
rootCmd.AddCommand(authCmd)
authCmd.AddCommand(loginCmd)
authCmd.AddCommand(logoutCmd)
authCmd.AddCommand(statusCmd)
authCmd.AddCommand(tokenCmd)
}
var authCmd = &cobra.Command{
Use: "auth",
Short: "Authenticate polaris with Fairwinds Insights",
Long: `Authenticate polaris with Fairwinds Insights so better experience`,
}
var loginCmd = &cobra.Command{
Use: "login",
Short: "Authenticate polaris with Fairwinds Insights.",
Long: `Authenticate polaris with Fairwinds Insights.`,
Run: func(cmd *cobra.Command, args []string) {
err := auth.HandleLogin(insightsHost)
if err != nil {
logrus.Fatal(err)
}
},
PersistentPostRunE: func(cmd *cobra.Command, args []string) error {
return nil
},
}
var logoutCmd = &cobra.Command{
Use: "logout",
Short: "Log out of a Fairwinds Insights.",
Long: `Log out of a Fairwinds Insights.`,
Run: func(cmd *cobra.Command, args []string) {
err := auth.HandleLogout()
if err != nil {
logrus.Fatal(err)
}
},
PersistentPostRunE: func(cmd *cobra.Command, args []string) error {
return nil
},
}
var statusCmd = &cobra.Command{
Use: "status",
Short: "View authentication status.",
Long: `View authentication status.`,
Run: func(cmd *cobra.Command, args []string) {
err := auth.PrintStatus(insightsHost)
if err != nil {
logrus.Fatalf("printing status: %v", err)
}
},
PersistentPostRunE: func(cmd *cobra.Command, args []string) error {
return nil
},
}
var tokenCmd = &cobra.Command{
Use: "token",
Short: "Print the auth token gh is configured to use.",
Long: `Print the auth token gh is configured to use.`,
Run: func(cmd *cobra.Command, args []string) {
err := auth.PrintToken()
if err != nil {
logrus.Fatalf("printing token: %v", err)
}
},
PersistentPostRunE: func(cmd *cobra.Command, args []string) error {
return nil
},
}

16
docs/cli.md
View File

@@ -9,8 +9,6 @@ meta:
# top-level commands
audit
Runs a one-time audit.
auth
Authenticate polaris with Fairwinds Insights
dashboard
Runs the webserver for Polaris dashboard.
fix
@@ -44,7 +42,6 @@ webhook
# audit flags
--audit-path string If specified, audits one or more YAML files instead of a cluster.
--checks strings Optional flag to specify specific checks to check
--cluster-name string Set --cluster-name to a descriptive name for the cluster you're auditing
--color Whether to use color in pretty format. (default true)
--display-name string An optional identifier for the audit.
-f, --format string Output format for results - json, yaml, pretty, or score. (default "json")
@@ -56,13 +53,11 @@ webhook
--only-show-failed-tests If specified, audit output will only show failed tests.
--output-file string Destination file for audit results.
--output-url string Destination URL to send audit results.
--quiet Suppress the 'upload to Insights' prompt.
--resource string Audit a specific resource, in the format namespace/kind/version/name, e.g. nginx-ingress/Deployment.apps/v1/default-backend.
--set-exit-code-below-score int Set an exit code of 4 when the score is below this threshold (1-100).
--set-exit-code-on-danger Set an exit code of 3 when the audit contains danger-level issues.
--severity string Severity level used to filter results. Behaves like log levels. 'danger' is the least verbose (warning, danger)
--skip-ssl-validation Skip https certificate verification
--upload-insights Upload scan results to Fairwinds Insights
# fix flags
--checks strings Optional flag to specify specific checks to fix eg. checks=hostIPCSet,hostPIDSet and checks=all applies fix to all defined checks mutations
@@ -76,15 +71,4 @@ webhook
-h, --help help for webhook
-p, --port int Port for the dashboard webserver. (default 9876)
# auth sub-commands
login Authenticate polaris with Fairwinds Insights.
logout Log out of a Fairwinds Insights.
status View authentication status.
token Print the auth token gh is configured to use.
```
#### Suppressing 'upload to Insights' output
When running the `polaris audit` subcommand, you can suppress the following output using the `--quiet flag`:
> 🚀 Upload your Polaris findings to Fairwinds Insights to see remediation advice, add teammates, integrate with Slack or Jira, and more:

6
go.mod
View File

@@ -3,9 +3,7 @@ module github.com/fairwindsops/polaris
go 1.24.4
require (
github.com/AlecAivazis/survey/v2 v2.3.7
github.com/fairwindsops/controller-utils v0.3.4
github.com/fairwindsops/insights-plugins/plugins/workloads v0.0.0-20250613143236-883a20aaf1f1
github.com/fatih/color v1.18.0
github.com/gorilla/mux v1.8.1
github.com/pkg/errors v0.9.1
@@ -29,6 +27,7 @@ require (
github.com/cespare/xxhash/v2 v2.3.0 // indirect
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
github.com/emicklei/go-restful/v3 v3.12.2 // indirect
github.com/evanphx/json-patch v5.9.0+incompatible // indirect
github.com/evanphx/json-patch/v5 v5.9.11 // indirect
github.com/fsnotify/fsnotify v1.9.0 // indirect
github.com/fxamacker/cbor/v2 v2.8.0 // indirect
@@ -44,11 +43,9 @@ require (
github.com/inconshreveable/mousetrap v1.1.0 // indirect
github.com/josharian/intern v1.0.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect
github.com/mailru/easyjson v0.9.0 // indirect
github.com/mattn/go-colorable v0.1.14 // indirect
github.com/mattn/go-isatty v0.0.20 // indirect
github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
@@ -69,6 +66,7 @@ require (
google.golang.org/protobuf v1.36.6 // indirect
gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
k8s.io/apiextensions-apiserver v0.33.1 // indirect
k8s.io/klog/v2 v2.130.1 // indirect
k8s.io/kube-openapi v0.0.0-20250610211856-8b98d1ed966a // indirect
k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 // indirect

34
go.sum
View File

@@ -1,7 +1,3 @@
github.com/AlecAivazis/survey/v2 v2.3.7 h1:6I/u8FvytdGsgonrYsVn2t8t4QiRnh6QSTqkkhIiSjQ=
github.com/AlecAivazis/survey/v2 v2.3.7/go.mod h1:xUTIdE4KCOIjsBAE1JYsUPoCqYdZ1reCfTwbto0Fduo=
github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2 h1:+vx7roKuyA63nhn5WAunQHLTznkw5W8b1Xc0dNjp83s=
github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2/go.mod h1:HBCaDeC1lPdgDeDbhX8XFpy1jqjK0IBG8W5K+xYqA0w=
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM=
@@ -9,8 +5,6 @@ github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2y
github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g=
github.com/creack/pty v1.1.17 h1:QeVUsEDNrLBW4tMgZHvxy18sKtr6VI492kBhUfhDJNI=
github.com/creack/pty v1.1.17/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
@@ -23,8 +17,6 @@ github.com/evanphx/json-patch/v5 v5.9.11 h1:/8HVnzMq13/3x9TPvjG08wUGqBTmZBsCWzjT
github.com/evanphx/json-patch/v5 v5.9.11/go.mod h1:3j+LviiESTElxA4p3EMKAB9HXj3/XEtnUf6OZxqIQTM=
github.com/fairwindsops/controller-utils v0.3.4 h1:t1qulL2GVDVUJTIE4icpBy3KnsxFTavnNAbFnd60blc=
github.com/fairwindsops/controller-utils v0.3.4/go.mod h1:9/hOHX70/LG40RgtFAjtXFiMWEpItqm6Scf+obRFB2Y=
github.com/fairwindsops/insights-plugins/plugins/workloads v0.0.0-20250613143236-883a20aaf1f1 h1:BP0y2dV0D0xqskq3S1mI+gku+XafZK3jOyUfW9Qsvb0=
github.com/fairwindsops/insights-plugins/plugins/workloads v0.0.0-20250613143236-883a20aaf1f1/go.mod h1:M8smAgxKdJQsqhSa5YQAQTACn6Ua1Zr7vHoGMM9m6wA=
github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM=
github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU=
github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k=
@@ -64,16 +56,12 @@ github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=
github.com/hinshun/vt10x v0.0.0-20220119200601-820417d04eec h1:qv2VnGeEQHchGaZ/u7lxST/RaJw+cv273q79D81Xbog=
github.com/hinshun/vt10x v0.0.0-20220119200601-820417d04eec/go.mod h1:Q48J4R4DvxnHolD5P8pOtXigYlRuPLGl6moFx3ulM68=
github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs=
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
github.com/klauspost/compress v1.18.0 h1:c/Cqfb0r+Yi+JtIEq73FWXVkRonBlf0CRNYc8Zttxdo=
@@ -86,15 +74,10 @@ github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0
github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
github.com/mailru/easyjson v0.9.0 h1:PrnmzHw7262yW8sTBwxi1PdJA3Iw/EKBa8psRf7d9a4=
github.com/mailru/easyjson v0.9.0/go.mod h1:1+xMtQp2MRNVL/V1bOzuP3aP8VNwRW55fQUto+XFtTU=
github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHPsaIE=
github.com/mattn/go-colorable v0.1.14/go.mod h1:6LmQG8QLFO4G5z1gPvYEzlUgJ2wF+stgPZH1UqBm1s8=
github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE=
github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d h1:5PJl274Y63IEHC+7izoQE9x6ikvDFZS2mDVS3drnohI=
github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE=
github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
@@ -141,7 +124,6 @@ github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
@@ -151,7 +133,6 @@ github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
@@ -161,16 +142,12 @@ go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
golang.org/x/net v0.41.0 h1:vBTly1HeNPEn3wtREYfy4GZ/NECgw2Cnl+nK6Nz3uvw=
golang.org/x/net v0.41.0/go.mod h1:B/K4NNqkfmg07DQYrbwvSluqCJOOXwUjeb/5lOisjbA=
golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI=
@@ -178,29 +155,19 @@ golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKl
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.15.0 h1:KWH3jNZsfyT6xfAfKiz6MRNmd46ByHDYaZ7KSkCtdW8=
golang.org/x/sync v0.15.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.34.0 h1:H5Y5sJ2L2JRdyv7ROF1he/lPdvFsd0mJHFw2ThKHxLA=
golang.org/x/sys v0.34.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.33.0 h1:NuFncQrRcaRvVmgRkvM3j/F00gWIAlcmlB8ACEKmGIg=
golang.org/x/term v0.33.0/go.mod h1:s18+ql9tYWp1IfpV9DmCtQDDSRBUjKaw9M1eAv5UeF0=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.26.0 h1:P42AVeLghgTYr4+xUnTRKDMqpar+PtX7KWuNQL21L8M=
golang.org/x/text v0.26.0/go.mod h1:QK15LZJUUQVJxhz7wXgxSy/CJaTFjd0G+YLonydOVQA=
golang.org/x/time v0.12.0 h1:ScB/8o8olJvc+CQPWrK3fPZNfh7qgwCrY0zJmoEQLSE=
@@ -209,7 +176,6 @@ golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGm
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
golang.org/x/tools v0.33.0 h1:4qz2S3zmRxbGIhDIAgjxvFutSvH5EfnsYrRBj0UI0bc=
golang.org/x/tools v0.33.0/go.mod h1:CIJMaWEY88juyUfo7UbgPqbC8rU2OqfAV1h2Qp0oMYI=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=

53
pkg/auth/auth.go
View File

@@ -1,53 +0,0 @@
package auth
import (
"errors"
"io"
"os"
"github.com/sirupsen/logrus"
"gopkg.in/yaml.v3"
)
var userHomeDir string
var polarisHostsFilepath string
var ErrNotLoggedIn = errors.New("not logged in")
func init() {
var err error
userHomeDir, err = os.UserHomeDir()
if err != nil {
logrus.Fatalf("reading user home dir: %v", err)
}
polarisHostsFilepath = userHomeDir + "/.config/polaris/hosts.yaml"
}
func readPolarisHostsFile() (map[string]Host, error) {
f, err := os.Open(polarisHostsFilepath)
if err != nil {
return nil, err
}
b, err := io.ReadAll(f)
if err != nil {
return nil, err
}
content := map[string]Host{}
err = yaml.Unmarshal(b, &content)
return content, err
}
func GetAuth(insightsHost string) (*Host, error) {
hosts, err := readPolarisHostsFile()
if err != nil {
return nil, err
}
if len(hosts) == 0 {
return nil, ErrNotLoggedIn
}
if h, ok := hosts[insightsHost]; ok {
return &h, nil
}
return nil, ErrNotLoggedIn
}

45
pkg/auth/browser.go
View File

@@ -1,45 +0,0 @@
package auth
import (
"errors"
"fmt"
"os"
"os/exec"
"runtime"
"strings"
"github.com/sirupsen/logrus"
)
// openBrowser opens up the provided URL in a browser
func openBrowser(url string) error {
var cmd *exec.Cmd
switch runtime.GOOS {
case "openbsd":
fallthrough
case "linux":
cmd = exec.Command("xdg-open", url)
case "darwin":
cmd = exec.Command("open", url)
case "windows":
r := strings.NewReplacer("&", "^&")
cmd = exec.Command("cmd", "/c", "start", r.Replace(url))
}
if cmd != nil {
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
err := cmd.Start()
if err != nil {
logrus.Printf("Failed to open browser due to error %v", err)
return fmt.Errorf("failed to open browser: %v", err)
}
err = cmd.Wait()
if err != nil {
logrus.Printf("Failed to wait for open browser command to finish due to error %v", err)
return fmt.Errorf("failed to wait for open browser command to finish: %v", err.Error())
}
return nil
} else {
return errors.New("unsupported platform")
}
}

291
pkg/auth/login.go
View File

@@ -1,291 +0,0 @@
package auth
import (
"bytes"
"encoding/json"
"errors"
"fmt"
"net"
"net/http"
"os"
"path/filepath"
"strings"
"time"
"github.com/AlecAivazis/survey/v2"
"github.com/fairwindsops/polaris/pkg/insights"
"github.com/gorilla/mux"
"github.com/sirupsen/logrus"
"gopkg.in/yaml.v3"
)
const loginPath = "/auth/login"
const registerPath = "/auth/register"
const (
loginUsingBrowser = "Login with a web browser"
pasteAnAuthenticationToken = "Paste an authentication token"
)
type paramsOrError struct {
token string
user string
organization string
err error
}
type Host struct {
Token string `yaml:"token"`
User string `yaml:"user"`
Organization string `yaml:"organization"`
}
var paramsOrErrorChan = make(chan paramsOrError)
func HandleLogin(insightsHost string) error {
if _, err := os.Stat(polarisHostsFilepath); err == nil {
content, err := readPolarisHostsFile()
if err != nil {
return fmt.Errorf("reading polaris hosts file: %w", err)
}
if len(content) > 0 {
if h, ok := content[insightsHost]; ok {
c := insights.NewHTTPClient(insightsHost, h.Organization, h.Token)
isValid, err := c.IsTokenValid()
if err != nil {
return err
}
if isValid {
var reAuthenticate bool
err = survey.AskOne(&survey.Confirm{Message: fmt.Sprintf("You're already logged into %s. Do you want to re-authenticate?", insightsHost)}, &reAuthenticate)
if err != nil {
return fmt.Errorf("prompting re-authenticate: %w", err)
}
if !reAuthenticate {
// bail-out
return nil
}
}
}
}
}
selection := &survey.Select{
Message: "How would you like to authenticate Polaris?",
Options: []string{loginUsingBrowser, pasteAnAuthenticationToken},
Default: loginUsingBrowser,
}
var answer string
err := survey.AskOne(selection, &answer)
if err != nil {
return fmt.Errorf("asking how to authenticate: %w", err)
}
var user, token, organization string
if answer == loginUsingBrowser {
listener, err := net.Listen("tcp", "localhost:0")
if err != nil {
panic(err)
}
localServerPort := listener.Addr().(*net.TCPAddr).Port
url := fmt.Sprintf("%s%s?source=polaris&callbackUrl=http://localhost:%d/auth/login/callback", insightsHost, registerPath, localServerPort)
err = openBrowser(url)
if err != nil {
logrus.Warnf("could not open browser: %v", err)
logrus.Infoln("paste the link below into your browser:")
os.Stdout.Write([]byte(url + "\n"))
}
var router *mux.Router
go func() {
router = mux.NewRouter()
router.HandleFunc("/auth/login/callback", callbackHandler(insightsHost, localServerPort))
if err := http.Serve(listener, router); err != nil {
paramsOrErrorChan <- paramsOrError{err: fmt.Errorf("starting the local http server: %w", err)}
}
}()
// wait the browser to callback the local server
paramOrError := <-paramsOrErrorChan
if paramOrError.err != nil {
return paramOrError.err
}
user = paramOrError.user
organization = paramOrError.organization
token = paramOrError.token
} else {
var answer string
var bot bot
err := survey.AskOne(&survey.Password{Message: "Paste your authentication token:"}, &answer, survey.WithValidator(validateToken(insightsHost, &bot)))
if err != nil {
return fmt.Errorf("asking how to authenticate: %w", err)
}
token = answer
user = bot.Name
organization = bot.Organization
}
polarisCfgDir := filepath.Join(userHomeDir, ".config", "polaris")
err = os.MkdirAll(polarisCfgDir, os.ModePerm)
if err != nil {
return fmt.Errorf("creating polaris config dir: %w", err)
}
content := map[string]Host{insightsHost: {Token: token, User: user, Organization: organization}}
b, err := yaml.Marshal(content)
if err != nil {
return fmt.Errorf("marshalling yaml data: %w", err)
}
err = os.WriteFile(polarisHostsFilepath, b, os.ModePerm)
if err != nil {
return fmt.Errorf("writing data to file: %w", err)
}
logrus.Debugf("hosts file has been saved")
fmt.Println("✓ Authentication complete.")
fmt.Printf("✓ Logged in organization %s as %s.\n", organization, user)
return nil
}
func fetchAuthToken(insightsHost, organization, code string) (string, error) {
authTokenURL := fmt.Sprintf("%s/v0/organizations/%s/auth/token", insightsHost, organization)
body := map[string]any{"grantType": "authorization_code", "code": code}
b, err := json.Marshal(body)
if err != nil {
return "", err
}
r, err := http.NewRequest("POST", authTokenURL, bytes.NewBuffer(b))
if err != nil {
return "", err
}
r.Header.Add("Content-Type", "application/json")
res, err := http.DefaultClient.Do(r)
if err != nil {
return "", err
}
defer res.Body.Close()
if res.StatusCode < 200 || res.StatusCode >= 400 {
return "", fmt.Errorf("expected 200 OK - received %s", res.Status)
}
var rBody map[string]any
err = json.NewDecoder(res.Body).Decode(&rBody)
if err != nil {
return "", err
}
token, ok := rBody["accessToken"].(string)
if !ok {
return "", fmt.Errorf("unable to parse accessToken from response body: %v", rBody)
}
return token, nil
}
func callbackHandler(insightsHost string, localServerPort int) func(w http.ResponseWriter, r *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {
// checks for error in the params
errMsg := r.URL.Query().Get("error")
if len(errMsg) > 0 {
errDescriptionMsg := r.URL.Query().Get("error_description")
fmt.Fprintf(w, "unable to perform integration: %s - %s", errMsg, errDescriptionMsg)
paramsOrErrorChan <- paramsOrError{err: fmt.Errorf("%s - %s", errMsg, errDescriptionMsg)}
return
}
var err error
code := r.URL.Query().Get("code")
if len(code) == 0 {
err = errors.New("code query param is required in callback")
}
user := r.URL.Query().Get("user")
if len(user) == 0 {
err = errors.New("user query param is required in callback")
}
organization := r.URL.Query().Get("organization")
if len(organization) == 0 {
err = errors.New("organization query param is required in callback")
}
token, err := fetchAuthToken(insightsHost, organization, code)
if err != nil {
err = fmt.Errorf("fetching auth token: %w", err)
}
if err != nil {
fmt.Fprintf(w, "unable to perform integration: %v", err)
paramsOrErrorChan <- paramsOrError{err: err}
return
}
fmt.Fprint(w, "Polaris and Fairwinds Insights integration has finished successfully, your credentials are set! You can safely close this tab now.")
paramsOrErrorChan <- paramsOrError{token: token, user: user, organization: organization}
return
}
}
func validateToken(insightsHost string, bot *bot) func(args any) error {
return func(args any) error {
token, ok := args.(string)
if !ok {
return errors.New("casting token to string")
}
if len(strings.TrimSpace(token)) <= 0 {
return errors.New("token is required")
}
return fetchOrganizationBot(insightsHost, token, bot)
}
}
type bot struct {
ID int
Organization string
Name string
Role string
AuthToken string
CreatedAt time.Time
}
func fetchOrganizationBot(insightsHost, authToken string, bot *bot) error {
authTokenURL := fmt.Sprintf("%s/v0/bots/from-request", insightsHost)
r, err := http.NewRequest("GET", authTokenURL, nil)
if err != nil {
return err
}
r.Header.Add("Content-Type", "application/json")
r.Header.Add("Authorization", "Bearer "+authToken)
res, err := http.DefaultClient.Do(r)
if err != nil {
return err
}
defer res.Body.Close()
if res.StatusCode < 200 || res.StatusCode >= 400 {
return fmt.Errorf("expected 200 (OK) - received %d", res.StatusCode)
}
err = json.NewDecoder(res.Body).Decode(bot)
if err != nil {
return err
}
return nil
}
func IsLoggedIn() bool {
if _, err := os.Stat(polarisHostsFilepath); err == nil {
content, err := readPolarisHostsFile()
if err != nil {
return false
}
return len(content) > 0
}
return false
}

35
pkg/auth/logout.go
View File

@@ -1,35 +0,0 @@
package auth
import (
"fmt"
"os"
)
func HandleLogout() error {
if !IsLoggedIn() {
fmt.Println("not logged in to Fairwinds Insights")
return nil
}
err := performLogout()
if err != nil {
return fmt.Errorf("performing logout: %v", err)
}
fmt.Println("✓ Logged out of Fairwinds Insights")
return nil
}
func performLogout() error {
content, err := readPolarisHostsFile()
if err != nil {
return nil
}
if len(content) > 0 {
err = os.WriteFile(polarisHostsFilepath, []byte("{}"), os.ModePerm)
if err != nil {
return fmt.Errorf("writing data to file: %w", err)
}
return nil
}
return nil
}

46
pkg/auth/status.go
View File

@@ -1,46 +0,0 @@
package auth
import (
"fmt"
"strings"
"github.com/fairwindsops/polaris/pkg/insights"
)
func PrintStatus(insightsHost string) error {
if content, err := readPolarisHostsFile(); err == nil {
if len(content) > 0 {
if h, ok := content[insightsHost]; ok {
c := insights.NewHTTPClient(insightsHost, h.Organization, h.Token)
isValid, err := c.IsTokenValid()
if err != nil {
return err
}
if !isValid {
fmt.Println("✕ Your token is no longer valid. Run polaris auth login to authenticate.")
return nil
}
fmt.Printf("✓ Logged in to %s as %s\n", insightsHost, h.User)
fmt.Printf("✓ Token: %s\n", hideToken(h.Token, 3))
return nil
}
}
fmt.Printf("✕ No authentication found for host %s. Run polaris auth login to authenticate.\n", insightsHost)
return nil
}
fmt.Println("You are not logged into Fairwinds Insights. Run polaris auth login to authenticate.")
return nil
}
func hideToken(token string, hideAfter int) string {
var i int
return strings.Map(func(r rune) rune {
defer func() {
i++
}()
if i > hideAfter {
return []rune("*")[0]
}
return r
}, token)
}

20
pkg/auth/token.go
View File

@@ -1,20 +0,0 @@
package auth
import "fmt"
func PrintToken() error {
if content, err := readPolarisHostsFile(); err == nil {
if len(content) > 0 {
for k, h := range content {
if len(content) == 1 {
fmt.Println(h.Token)
} else {
fmt.Printf("%s: %s\n", k, h.Token)
}
}
return nil
}
}
fmt.Println("no oauth token")
return nil
}

200
pkg/insights/client.go
View File

@@ -1,200 +0,0 @@
package insights
import (
"bytes"
"encoding/json"
"fmt"
"io"
"net/http"
"github.com/sirupsen/logrus"
)
type cluster struct {
Name string `json:"Name"`
AuthToken string `json:"AuthToken"`
Organization string `json:"Organization"`
Status string `json:"Status"`
}
type reportJob struct {
ID int `json:"id"`
Status string `json:"status"`
TimeTakenInMs int `json:"timeTaken"`
}
type Client interface {
UpsertCluster(clusterName string) (*cluster, error)
SendReport(cluster cluster, reportType, reportVersion string, payload []byte) (*reportJob, error)
GetReportJob(clusterName string, reportJobID int) (*reportJob, error)
IsTokenValid() (bool, error)
}
type HTTPClient struct {
insightsHost string
organization string
token string
}
func NewHTTPClient(host, organization, token string) Client {
return HTTPClient{host, organization, token}
}
func (ic HTTPClient) UpsertCluster(clusterName string) (*cluster, error) {
clusterURL := fmt.Sprintf("%s/v0/organizations/%s/clusters/%s?showToken=true", ic.insightsHost, ic.organization, clusterName)
req, err := http.NewRequest("GET", clusterURL, nil)
if err != nil {
return nil, fmt.Errorf("building request for fetching cluster: %w", err)
}
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", "Bearer "+ic.token)
resp, err := http.DefaultClient.Do(req)
if err != nil {
return nil, fmt.Errorf("making request fetching cluster: %w", err)
}
defer resp.Body.Close()
if isSuccessful2XX(resp.StatusCode) {
// cluster already created
logrus.Infof("cluster %q found...", clusterName)
body, err := io.ReadAll(resp.Body)
if err != nil {
return nil, fmt.Errorf("reading response body: %w", err)
}
var c cluster
err = json.Unmarshal(body, &c)
if err != nil {
return nil, fmt.Errorf("unmarshaling response body: %w", err)
}
return &c, nil
} else {
logrus.Warnf("not able to fetch cluster, expected 2xx - received %d, will try to create", resp.StatusCode)
}
logrus.Infof("cluster %q not found... creating..", clusterName)
req, err = http.NewRequest("POST", clusterURL, nil)
if err != nil {
return nil, fmt.Errorf("building request for creating cluster: %w", err)
}
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", "Bearer "+ic.token)
resp, err = http.DefaultClient.Do(req)
if err != nil {
return nil, fmt.Errorf("making request for creating cluster: %w", err)
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
return nil, fmt.Errorf("reading response body: %w", err)
}
if !isSuccessful2XX(resp.StatusCode) {
return nil, fmt.Errorf("creating cluster, expected 200 OK received %s: %v", resp.Status, string(body))
}
var c cluster
err = json.Unmarshal(body, &c)
if err != nil {
return nil, fmt.Errorf("unmarshaling response body: %w", err)
}
logrus.Infof("cluster %q created...", clusterName)
return &c, nil
}
func (ic HTTPClient) SendReport(cluster cluster, reportType, reportVersion string, payload []byte) (*reportJob, error) {
uploadReportURL := fmt.Sprintf("%s/v0/organizations/%s/clusters/%s/data/%s", ic.insightsHost, ic.organization, cluster.Name, reportType)
req, err := http.NewRequest("POST", uploadReportURL, bytes.NewBuffer(payload))
if err != nil {
return nil, fmt.Errorf("building request for output: %w", err)
}
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", "Bearer "+cluster.AuthToken)
req.Header.Set("X-Fairwinds-Report-Version", reportVersion)
req.Header.Set("X-Fairwinds-Report-Priority", "4") // should have higher priority than the default 5
req.Header.Set("X-Fairwinds-Agent-Version", "")
req.Header.Set("X-Fairwinds-Agent-Chart-Version", "")
resp, err := http.DefaultClient.Do(req)
if err != nil {
return nil, fmt.Errorf("making request for output: %w", err)
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
return nil, fmt.Errorf("reading response body: %w", err)
}
if !isSuccessful2XX(resp.StatusCode) {
return nil, fmt.Errorf("sending %s report, expected 200 OK received %s: %v", reportType, resp.Status, string(body))
}
var rj reportJob
err = json.Unmarshal(body, &rj)
if err != nil {
return nil, fmt.Errorf("unmarshaling response body: %w", err)
}
logrus.Debugf("%s report sent to fairwinds insights", reportType)
return &rj, nil
}
func isSuccessful2XX(statusCode int) bool {
return statusCode >= 200 && statusCode < 300
}
func (ic HTTPClient) GetReportJob(clusterName string, reportJobID int) (*reportJob, error) {
reportJobsURL := fmt.Sprintf("%s/v0/organizations/%s/clusters/%s/report-jobs/%d", ic.insightsHost, ic.organization, clusterName, reportJobID)
req, err := http.NewRequest("GET", reportJobsURL, nil)
if err != nil {
return nil, fmt.Errorf("building request for fetching report-job: %w", err)
}
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", "Bearer "+ic.token)
resp, err := http.DefaultClient.Do(req)
if err != nil {
return nil, fmt.Errorf("making request fetching report-job: %w", err)
}
defer resp.Body.Close()
if !isSuccessful2XX(resp.StatusCode) {
return nil, fmt.Errorf("fetching report-job, expected 200 OK received %s", resp.Status)
}
body, err := io.ReadAll(resp.Body)
if err != nil {
return nil, fmt.Errorf("reading response body: %w", err)
}
var rj reportJob
err = json.Unmarshal(body, &rj)
if err != nil {
return nil, fmt.Errorf("unmarshaling response body: %w", err)
}
return &rj, nil
}
// IsTokenValid checks if the token is valid by fetching the organization
func (ic HTTPClient) IsTokenValid() (bool, error) {
organizationURL := fmt.Sprintf("%s/v0/organizations/%s", ic.insightsHost, ic.organization)
req, err := http.NewRequest("GET", organizationURL, nil)
if err != nil {
return false, fmt.Errorf("building request for fetching organization: %w", err)
}
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", "Bearer "+ic.token)
resp, err := http.DefaultClient.Do(req)
if err != nil {
return false, fmt.Errorf("making request fetching organization: %w", err)
}
defer resp.Body.Close()
if isSuccessful2XX(resp.StatusCode) {
return true, nil // token is valid
}
if resp.StatusCode == http.StatusNotFound || resp.StatusCode == http.StatusUnauthorized || resp.StatusCode == http.StatusForbidden {
return false, nil // token is invalid
}
// unexpected error
return false, fmt.Errorf("fetching organization, expected 200 OK - received %s", resp.Status)
}

89
pkg/insights/reporter.go
View File

@@ -1,89 +0,0 @@
package insights
import (
"encoding/json"
"fmt"
"time"
workloads "github.com/fairwindsops/insights-plugins/plugins/workloads/pkg"
"github.com/fairwindsops/polaris/pkg/validator"
"github.com/sirupsen/logrus"
)
type insightsReporter struct {
client Client
}
func NewInsightsReporter(client Client) *insightsReporter {
return &insightsReporter{
client: client,
}
}
type WorkloadsReport struct {
Version string
Payload workloads.ClusterWorkloadReport
}
type PolarisReport struct {
Version string
Payload validator.AuditData
}
// ReportAuditToFairwindsInsights report audit to insights
// 1 - check if cluster exists, otherwise create it
// 2 - send workload report
// 3 - send polaris report
// 4 - checks if report job is completed for 3 minutes
// 5 - display link to Fairwinds Insights
func (ir insightsReporter) ReportAuditToFairwindsInsights(clusterName string, wr WorkloadsReport, pr PolarisReport) error {
cluster, err := ir.client.UpsertCluster(clusterName)
if err != nil {
return err
}
workloadsPayload, err := json.MarshalIndent(wr.Payload, "", " ")
if err != nil {
return fmt.Errorf("marshaling data: %w", err)
}
_, err = ir.client.SendReport(*cluster, "workloads", wr.Version, workloadsPayload)
if err != nil {
return err
}
polarisPayload, err := json.MarshalIndent(pr.Payload, "", " ")
if err != nil {
return fmt.Errorf("marshaling data: %w", err)
}
reportJob, err := ir.client.SendReport(*cluster, "polaris", pr.Version, polarisPayload)
if err != nil {
return err
}
success, err := verifyReportJobCompletion(&ir, cluster.Name, reportJob.ID)
if err != nil {
return err
}
if !success {
return fmt.Errorf("timed out waiting for report job to complete")
}
return nil
}
// verifyReportJobCompletion checks Insights for reportJob completion (timeout after 3 minutes)
func verifyReportJobCompletion(ir *insightsReporter, clusterName string, reportJobID int) (bool, error) {
defer func() { fmt.Println() }()
logrus.Println("Processing (this usually takes 1-3 minutes)...")
for i := 0; i < 60; i++ {
reportJob, err := ir.client.GetReportJob(clusterName, reportJobID)
if err != nil {
return false, err
}
if reportJob.Status == "completed" {
return true, nil
}
fmt.Print(".")
time.Sleep(3 * time.Second)
}
return false, nil
}