base refactoring

cmd/controller_cmd.go → cmd/controller.go

@@ -11,6 +11,7 @@ import (
 	"github.com/rs/zerolog/log"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
+	"github.com/zapier/kubechecks/pkg/app_watcher"
 
 	"github.com/zapier/kubechecks/pkg"
 	"github.com/zapier/kubechecks/pkg/checks"
@@ -41,19 +42,39 @@ var ControllerCmd = &cobra.Command{
 			log.Fatal().Err(err).Msg("failed to parse configuration")
 		}
 
-		ctr, err := newContainer(ctx, cfg, true)
+		ctr, err := container.New(ctx, cfg)
 		if err != nil {
 			log.Fatal().Err(err).Msg("failed to create container")
 		}
 
+		// watch app modifications, if necessary
+		if cfg.MonitorAllApplications {
+			appWatcher, err := app_watcher.NewApplicationWatcher(ctr)
+			if err != nil {
+				log.Fatal().Err(err).Msg("failed to create watch applications")
+			}
+			go appWatcher.Run(ctx, 1)
+
+			appSetWatcher, err := app_watcher.NewApplicationSetWatcher(ctr)
+			if err != nil {
+				log.Fatal().Err(err).Msg("failed to create watch application sets")
+			}
+			go appSetWatcher.Run(ctx)
+		} else {
+			log.Info().Msgf("not monitoring applications, MonitorAllApplications: %+v", cfg.MonitorAllApplications)
+		}
+
 		log.Info().Msg("initializing git settings")
 		if err = initializeGit(ctr); err != nil {
 			log.Fatal().Err(err).Msg("failed to initialize git settings")
 		}
 
+		log.Info().Strs("locations", cfg.PoliciesLocation).Msg("processing policies locations")
 		if err = processLocations(ctx, ctr, cfg.PoliciesLocation); err != nil {
 			log.Fatal().Err(err).Msg("failed to process policy locations")
 		}
+
+		log.Info().Strs("locations", cfg.SchemasLocations).Msg("processing schemas locations")
 		if err = processLocations(ctx, ctr, cfg.SchemasLocations); err != nil {
 			log.Fatal().Err(err).Msg("failed to process schema locations")
 		}

cmd/locations.go

@@ -25,6 +25,8 @@ func processLocations(ctx context.Context, ctr container.Container, locations []
 		}
 	}
 
+	log.Debug().Strs("locations", locations).Msg("locations after processing")
+
 	return nil
 }
 

cmd/process.go

@@ -1,8 +1,13 @@
 package cmd
 
 import (
+	"os"
+	"path/filepath"
+
+	"github.com/argoproj/argo-cd/v2/common"
 	"github.com/rs/zerolog/log"
 	"github.com/spf13/cobra"
+	"github.com/zapier/kubechecks/pkg/container"
 
 	"github.com/zapier/kubechecks/pkg/config"
 	"github.com/zapier/kubechecks/pkg/server"
@@ -15,14 +20,42 @@ var processCmd = &cobra.Command{
 	Run: func(cmd *cobra.Command, args []string) {
 		ctx := cmd.Context()
 
+		tempPath, err := os.MkdirTemp("", "")
+		if err != nil {
+			log.Fatal().Err(err).Msg("fail to create ssh data dir")
+		}
+		defer func() {
+			os.RemoveAll(tempPath)
+		}()
+
+		// symlink local ssh known hosts to argocd ssh known hosts
+		homeDir, err := os.UserHomeDir()
+		if err != nil {
+			log.Fatal().Err(err).Msg("failed to get user home dir")
+		}
+		source := filepath.Join(homeDir, ".ssh", "known_hosts")
+		target := filepath.Join(tempPath, common.DefaultSSHKnownHostsName)
+
+		if err := os.Symlink(source, target); err != nil {
+			log.Fatal().Err(err).Msg("fail to symlink ssh_known_hosts file")
+		}
+
+		if err := os.Setenv("ARGOCD_SSH_DATA_PATH", tempPath); err != nil {
+			log.Fatal().Err(err).Msg("fail to set ARGOCD_SSH_DATA_PATH")
+		}
+
 		cfg, err := config.New()
 		if err != nil {
 			log.Fatal().Err(err).Msg("failed to generate config")
 		}
 
-		ctr, err := newContainer(ctx, cfg, false)
+		if len(args) != 1 {
+			log.Fatal().Msg("usage: kubechecks process PR_REF")
+		}
+
+		ctr, err := container.New(ctx, cfg)
 		if err != nil {
-			log.Fatal().Err(err).Msg("failed to create container")
+			log.Fatal().Err(err).Msg("failed to create clients")
 		}
 
 		log.Info().Msg("initializing git settings")

cmd/root.go

@@ -45,7 +45,7 @@ func init() {
 				zerolog.LevelDebugValue,
 				zerolog.LevelTraceValue,
 			).
-			withDefault("info").
+			withDefault("debug").
 			withShortHand("l"),
 	)
 	boolFlag(flags, "persist-log-level", "Persists the set log level down to other module loggers.")
@@ -79,7 +79,7 @@ func init() {
 		newStringOpts().
 			withChoices("hide", "delete").
 			withDefault("hide"))
-	stringSliceFlag(flags, "schemas-location", "Sets schema locations to be used for every check request. Can be common paths inside the repos being checked or git urls in either git or http(s) format.")
+	stringSliceFlag(flags, "schemas-location", "Sets schema locations to be used for every check request. Can be a common path on the host or git urls in either git or http(s) format.")
 	boolFlag(flags, "enable-conftest", "Set to true to enable conftest policy checking of manifests.")
 	stringSliceFlag(flags, "policies-location", "Sets rego policy locations to be used for every check request. Can be common path inside the repos being checked or git urls in either git or http(s) format.",
 		newStringSliceOpts().
@@ -115,14 +115,15 @@ func init() {
 }
 
 func setupLogOutput() {
-	output := zerolog.ConsoleWriter{Out: os.Stdout}
-	log.Logger = log.Output(output)
-
 	// Default level is info, unless debug flag is present
 	levelFlag := viper.GetString("log-level")
 	level, _ := zerolog.ParseLevel(levelFlag)
 
 	zerolog.SetGlobalLevel(level)
+
+	output := zerolog.ConsoleWriter{Out: os.Stdout}
+	log.Logger = log.Output(output)
+
 	log.Debug().Msg("Debug level logging enabled.")
 	log.Trace().Msg("Trace level logging enabled.")
 	log.Info().Msg("Initialized logger.")

pkg/affected_apps/argocd_matcher.go

@@ -6,7 +6,6 @@ import (
 
 	"github.com/rs/zerolog/log"
 	"github.com/zapier/kubechecks/pkg/appdir"
-	"github.com/zapier/kubechecks/pkg/container"
 	"github.com/zapier/kubechecks/pkg/git"
 )
 
@@ -15,7 +14,7 @@ type ArgocdMatcher struct {
 	appSetsDirectory *appdir.AppSetDirectory
 }
 
-func NewArgocdMatcher(vcsToArgoMap container.VcsToArgoMap, repo *git.Repo) (*ArgocdMatcher, error) {
+func NewArgocdMatcher(vcsToArgoMap appdir.VcsToArgoMap, repo *git.Repo) (*ArgocdMatcher, error) {
 	repoApps := getArgocdApps(vcsToArgoMap, repo)
 	kustomizeAppFiles := getKustomizeApps(vcsToArgoMap, repo, repo.Directory)
 
@@ -41,7 +40,7 @@ func logCounts(repoApps *appdir.AppDirectory) {
 	}
 }
 
-func getKustomizeApps(vcsToArgoMap container.VcsToArgoMap, repo *git.Repo, repoPath string) *appdir.AppDirectory {
+func getKustomizeApps(vcsToArgoMap appdir.VcsToArgoMap, repo *git.Repo, repoPath string) *appdir.AppDirectory {
 	log.Debug().Msgf("creating fs for %s", repoPath)
 	fs := os.DirFS(repoPath)
 	log.Debug().Msg("following kustomize apps")
@@ -51,15 +50,15 @@ func getKustomizeApps(vcsToArgoMap container.VcsToArgoMap, repo *git.Repo, repoP
 	return kustomizeAppFiles
 }
 
-func getArgocdApps(vcsToArgoMap container.VcsToArgoMap, repo *git.Repo) *appdir.AppDirectory {
+func getArgocdApps(vcsToArgoMap appdir.VcsToArgoMap, repo *git.Repo) *appdir.AppDirectory {
 	log.Debug().Msgf("looking for %s repos", repo.CloneURL)
 	repoApps := vcsToArgoMap.GetAppsInRepo(repo.CloneURL)
 
 	logCounts(repoApps)
 	return repoApps
 }
 
-func getArgocdAppSets(vcsToArgoMap container.VcsToArgoMap, repo *git.Repo) *appdir.AppSetDirectory {
+func getArgocdAppSets(vcsToArgoMap appdir.VcsToArgoMap, repo *git.Repo) *appdir.AppSetDirectory {
 	log.Debug().Msgf("looking for %s repos", repo.CloneURL)
 	repoApps := vcsToArgoMap.GetAppSetsInRepo(repo.CloneURL)
 

pkg/app_watcher/app_watcher.go

@@ -12,11 +12,11 @@ import (
 	informers "github.com/argoproj/argo-cd/v2/pkg/client/informers/externalversions/application/v1alpha1"
 	applisters "github.com/argoproj/argo-cd/v2/pkg/client/listers/application/v1alpha1"
 	"github.com/rs/zerolog/log"
+	"github.com/zapier/kubechecks/pkg/appdir"
+	"github.com/zapier/kubechecks/pkg/container"
 	"k8s.io/apimachinery/pkg/util/runtime"
-	"k8s.io/client-go/rest"
 	"k8s.io/client-go/tools/cache"
 
-	"github.com/zapier/kubechecks/pkg/appdir"
 	"github.com/zapier/kubechecks/pkg/config"
 )
 
@@ -34,16 +34,16 @@ type ApplicationWatcher struct {
 //   - kubeCfg is the Kubernetes configuration.
 //   - vcsToArgoMap is the mapping between VCS and Argo applications.
 //   - cfg is the server configuration.
-func NewApplicationWatcher(kubeCfg *rest.Config, vcsToArgoMap appdir.VcsToArgoMap, cfg config.ServerConfig) (*ApplicationWatcher, error) {
-	if kubeCfg == nil {
+func NewApplicationWatcher(ctr container.Container) (*ApplicationWatcher, error) {
+	if ctr.KubeClientSet == nil {
 		return nil, fmt.Errorf("kubeCfg cannot be nil")
 	}
 	ctrl := ApplicationWatcher{
-		applicationClientset: appclientset.NewForConfigOrDie(kubeCfg),
-		vcsToArgoMap:         vcsToArgoMap,
+		applicationClientset: appclientset.NewForConfigOrDie(ctr.KubeClientSet.Config()),
+		vcsToArgoMap:         ctr.VcsToArgoMap,
 	}
 
-	appInformer, appLister := ctrl.newApplicationInformerAndLister(time.Second*30, cfg)
+	appInformer, appLister := ctrl.newApplicationInformerAndLister(time.Second*30, ctr.Config)
 
 	ctrl.appInformer = appInformer
 	ctrl.appLister = appLister
@@ -152,14 +152,14 @@ func canProcessApp(obj interface{}) (*appv1alpha1.Application, bool) {
 		return nil, false
 	}
 
-	for _, src := range app.Spec.Sources {
+	if src := app.Spec.Source; src != nil {
 		if isGitRepo(src.RepoURL) {
 			return app, true
 		}
 	}
 
-	if app.Spec.Source != nil {
-		if isGitRepo(app.Spec.Source.RepoURL) {
+	for _, src := range app.Spec.Sources {
+		if isGitRepo(src.RepoURL) {
 			return app, true
 		}
 	}