fix: connections should not use the namespace of checks

flanksource · Nov 6, 2023 · 7c7e595 · 7c7e595
1 parent 2989110
commit 7c7e595
Show file tree

Hide file tree

Showing 16 changed files with 65 additions and 1,848 deletions.
diff --git a/Makefile b/Makefile
@@ -69,6 +69,12 @@ manifests: .bin/controller-gen
 	cd config/deploy && yq ea  'del(.spec.versions[0].schema.openAPIV3Schema.properties.spec.properties.checks.items.properties)' crd.yaml | yq ea  'del(.spec.versions[0].schema.openAPIV3Schema.properties.spec.properties.forEach.properties)' /dev/stdin  | yq ea  'del(.spec.versions[0].schema.openAPIV3Schema.properties.spec.properties.lookup.properties)'  /dev/stdin | yq ea  'del(.spec.versions[0].schema.openAPIV3Schema.properties.spec.properties.properties.items.properties.lookup.properties)' /dev/stdin | yq ea 'del(.spec.versions[0].schema.openAPIV3Schema.properties.spec.properties.components.items.properties.forEach.properties)' /dev/stdin |  yq ea 'del(.spec.versions[0].schema.openAPIV3Schema.properties.spec.properties.components.items.properties.lookup.properties)' /dev/stdin | yq ea 'del(.spec.versions[0].schema.openAPIV3Schema.properties.spec.properties.components.items.properties.checks.items.properties.inline.properties)' /dev/stdin | yq ea 'del(.spec.versions[0].schema.openAPIV3Schema.properties.spec.properties.components.items.properties.properties.items.properties.lookup.properties)' /dev/stdin > crd.slim.yaml
 	cd config/deploy && mv crd.slim.yaml crd.yaml
 
+
+tidy:
+	go mod tidy
+	cd hack/generate-schemas && go mod tidy
+
+
 # Run go fmt against code
 fmt:
 	go fmt ./...

diff --git a/api/context/context.go b/api/context/context.go
@@ -12,7 +12,6 @@ import (
 	"github.com/flanksource/canary-checker/pkg"
 	"github.com/flanksource/commons/logger"
 	ctemplate "github.com/flanksource/commons/template"
-	"github.com/flanksource/duty"
 	dutyCtx "github.com/flanksource/duty/context"
 	"github.com/flanksource/duty/models"
 	"github.com/flanksource/duty/types"
@@ -80,8 +79,8 @@ func (ctx *Context) WithDeadline(deadline time.Time) (*Context, gocontext.Cancel
 	return ctx, fn
 }
 
-func (ctx *Context) GetEnvValueFromCache(env types.EnvVar) (string, error) {
-	return duty.GetEnvValueFromCache(ctx.Kubernetes, env, ctx.Namespace)
+func (ctx *Context) GetEnvValueFromCache(env types.EnvVar, namespace ...string) (string, error) {
+	return ctx.Duty().GetEnvValueFromCache(env, namespace...)
 }
 
 func getDomain(username string) string {
@@ -211,7 +210,7 @@ func (ctx *Context) HydrateConnectionByURL(connectionName string) (*models.Conne
 		return nil, errors.New("db has not been initialized")
 	}
 
-	connection, err := duty.HydratedConnectionByURL(ctx, ctx.db, ctx.Kubernetes, ctx.Namespace, connectionName)
+	connection, err := ctx.Duty().HydrateConnectionByURL(connectionName)
 	if err != nil {
 		return nil, err
 	}

diff --git a/api/v1/checks.go b/api/v1/checks.go
@@ -8,11 +8,9 @@ import (
 	"strings"
 
 	"github.com/flanksource/canary-checker/api/external"
-	"github.com/flanksource/duty"
 	"github.com/flanksource/duty/models"
 	"github.com/flanksource/duty/types"
 	v1 "k8s.io/api/core/v1"
-	"k8s.io/client-go/kubernetes"
 )
 
 const (
@@ -23,7 +21,7 @@ const (
 type checkContext interface {
 	context.Context
 	HydrateConnectionByURL(connectionName string) (*models.Connection, error)
-	GetEnvValueFromCache(env types.EnvVar) (string, error)
+	GetEnvValueFromCache(env types.EnvVar, namespace ...string) (string, error)
 }
 
 type Check struct {
@@ -844,9 +842,27 @@ type AWSConnection struct {
 	UsePathStyle bool `yaml:"usePathStyle,omitempty" json:"usePathStyle,omitempty"`
 }
 
+func (t *AWSConnection) GetUsername() types.EnvVar {
+	return t.AccessKey
+}
+
+func (t *AWSConnection) GetPassword() types.EnvVar {
+	return t.SecretKey
+}
+
+func (t *AWSConnection) GetProperties() map[string]string {
+	return map[string]string{
+		"region": t.Region,
+	}
+}
+
+func (t *AWSConnection) GetURL() types.EnvVar {
+	return types.EnvVar{ValueStatic: t.Endpoint}
+}
+
 // Populate populates an AWSConnection with credentials and other information.
 // If a connection name is specified, it'll be used to populate the endpoint, accessKey and secretKey.
-func (t *AWSConnection) Populate(ctx checkContext, k8s kubernetes.Interface, namespace string) error {
+func (t *AWSConnection) Populate(ctx checkContext) error {
 	if t.ConnectionName != "" {
 		connection, err := ctx.HydrateConnectionByURL(t.ConnectionName)
 		if err != nil {
@@ -867,19 +883,19 @@ func (t *AWSConnection) Populate(ctx checkContext, k8s kubernetes.Interface, nam
 		}
 	}
 
-	if accessKey, err := duty.GetEnvValueFromCache(k8s, t.AccessKey, namespace); err != nil {
+	if accessKey, err := ctx.GetEnvValueFromCache(t.AccessKey); err != nil {
 		return fmt.Errorf("could not parse AWS access key id: %v", err)
 	} else {
 		t.AccessKey.ValueStatic = accessKey
 	}
 
-	if secretKey, err := duty.GetEnvValueFromCache(k8s, t.SecretKey, namespace); err != nil {
+	if secretKey, err := ctx.GetEnvValueFromCache(t.SecretKey); err != nil {
 		return fmt.Errorf(fmt.Sprintf("Could not parse AWS secret access key: %v", err))
 	} else {
 		t.SecretKey.ValueStatic = secretKey
 	}
 
-	if sessionToken, err := duty.GetEnvValueFromCache(k8s, t.SessionToken, namespace); err != nil {
+	if sessionToken, err := ctx.GetEnvValueFromCache(t.SessionToken); err != nil {
 		return fmt.Errorf(fmt.Sprintf("Could not parse AWS session token: %v", err))
 	} else {
 		t.SessionToken.ValueStatic = sessionToken
@@ -1003,7 +1019,7 @@ type ExecCheck struct {
 	// On windows executed via powershell and in darwin and linux executed using bash
 	Script      string          `yaml:"script" json:"script"`
 	Connections ExecConnections `yaml:"connections,omitempty" json:"connections,omitempty"`
-	// EnvVars are the environment variables that are accesible to exec processes
+	// EnvVars are the environment variables that are accessible to exec processes
 	EnvVars []types.EnvVar `yaml:"env,omitempty" json:"env,omitempty"`
 	// Checkout details the git repository that should be mounted to the process
 	Checkout *GitCheckout `yaml:"checkout,omitempty" json:"checkout,omitempty"`
@@ -1367,6 +1383,14 @@ type AzureDevopsCheck struct {
 	ThresholdMillis *int `yaml:"thresholdMillis" json:"thresholdMillis"`
 }
 
+func (c AzureDevopsCheck) GetUsername() types.EnvVar {
+	return types.EnvVar{ValueStatic: c.Organization}
+}
+
+func (c AzureDevopsCheck) GetPassword() types.EnvVar {
+	return c.PersonalAccessToken
+}
+
 func (c AzureDevopsCheck) GetType() string {
 	return "azuredevops"
 }

diff --git a/checks/aws_config.go b/checks/aws_config.go
@@ -38,7 +38,7 @@ func (c *AwsConfigChecker) Check(ctx *context.Context, extConfig external.Check)
 	if check.AWSConnection == nil {
 		check.AWSConnection = &v1.AWSConnection{}
 	} else {
-		if err := check.AWSConnection.Populate(ctx, ctx.Kubernetes, ctx.Namespace); err != nil {
+		if err := check.AWSConnection.Populate(ctx); err != nil {
 			return results.Failf("failed to populate aws connection: %v", err)
 		}
 	}

diff --git a/checks/aws_config_rule.go b/checks/aws_config_rule.go
@@ -40,7 +40,7 @@ func (c *AwsConfigRuleChecker) Check(ctx *context.Context, extConfig external.Ch
 	results = append(results, result)
 	if check.AWSConnection == nil {
 		check.AWSConnection = &v1.AWSConnection{}
-	} else if err := check.AWSConnection.Populate(ctx, ctx.Kubernetes, ctx.Namespace); err != nil {
+	} else if err := check.AWSConnection.Populate(ctx); err != nil {
 		return results.Failf("failed to populate aws connection: %v", err)
 	}
 

diff --git a/checks/azure_devops.go b/checks/azure_devops.go
@@ -13,7 +13,7 @@ import (
 	"github.com/flanksource/canary-checker/api/context"
 	v1 "github.com/flanksource/canary-checker/api/v1"
 	"github.com/flanksource/canary-checker/pkg"
-	"github.com/flanksource/duty"
+	"github.com/flanksource/duty/models"
 )
 
 type AzureDevopsChecker struct {
@@ -36,22 +36,20 @@ func (t *AzureDevopsChecker) check(ctx *context.Context, check v1.AzureDevopsChe
 	var results pkg.Results
 	results = append(results, result)
 
-	var personalAccessToken string
+	var err error
+	var c *models.Connection
 	if check.PersonalAccessToken.ValueStatic != "" {
-		personalAccessToken = check.PersonalAccessToken.ValueStatic
-	} else if connection, err := ctx.HydrateConnectionByURL(check.ConnectionName); err != nil {
+		c = &models.Connection{Password: check.PersonalAccessToken.ValueStatic}
+	} else if c, err = ctx.HydrateConnectionByURL(check.ConnectionName); err != nil {
 		return results.Failf("failed to hydrate connection: %v", err)
-	} else if connection != nil {
-		personalAccessToken = connection.Password
-	} else if ctx.Kubernetes != nil {
-		value, err := duty.GetEnvValueFromCache(ctx.Kubernetes, check.PersonalAccessToken, ctx.Namespace)
-		if err != nil {
-			return results.ErrorMessage(err)
+	} else if c != nil {
+		if c, err = c.Merge(ctx, check); err != nil {
+			return results.Failf("failed to merge connection: %v", err)
 		}
-		personalAccessToken = value
+
 	}
 
-	connection := azuredevops.NewPatConnection(fmt.Sprintf("https://dev.azure.com/%s", check.Organization), personalAccessToken)
+	connection := azuredevops.NewPatConnection(fmt.Sprintf("https://dev.azure.com/%s", check.Organization), c.Password)
 	coreClient, err := core.NewClient(ctx, connection)
 	if err != nil {
 		return results.ErrorMessage(fmt.Errorf("failed to create core client: %w", err))

diff --git a/checks/cloudwatch.go b/checks/cloudwatch.go
@@ -38,7 +38,7 @@ func (c *CloudWatchChecker) Check(ctx *context.Context, extConfig external.Check
 	var results pkg.Results
 	results = append(results, result)
 
-	if err := check.AWSConnection.Populate(ctx, ctx.Kubernetes, ctx.Namespace); err != nil {
+	if err := check.AWSConnection.Populate(ctx); err != nil {
 		return results.Failf("failed to populate aws connection: %v", err)
 	}
 

diff --git a/checks/ec2.go b/checks/ec2.go
@@ -110,7 +110,7 @@ type AWS struct {
 }
 
 func NewAWS(ctx *context.Context, check v1.EC2Check) (*AWS, error) {
-	if err := check.AWSConnection.Populate(ctx, ctx.Kubernetes, ctx.Canary.GetNamespace()); err != nil {
+	if err := check.AWSConnection.Populate(ctx); err != nil {
 		return nil, fmt.Errorf("failed to populate AWS connection: %v", err)
 	}
 

diff --git a/checks/exec.go b/checks/exec.go
@@ -77,7 +77,7 @@ func (c *ExecChecker) prepareEnvironment(ctx *context.Context, check v1.ExecChec
 			}
 		}
 
-		if connection, err = connection.Merge(ctx.Duty(), check.Checkout); err != nil {
+		if connection, err = connection.Merge(ctx, check.Checkout); err != nil {
 			return nil, err
 		}
 		var goGetterURL string
@@ -164,7 +164,7 @@ func setupConnection(ctx *context.Context, check v1.ExecCheck, cmd *exec.Cmd) er
 	var envPreps []models.EnvPrep
 
 	if check.Connections.AWS != nil {
-		if err := check.Connections.AWS.Populate(ctx, ctx.Kubernetes, ctx.Namespace); err != nil {
+		if err := check.Connections.AWS.Populate(ctx); err != nil {
 			return fmt.Errorf("failed to hydrate aws connection: %w", err)
 		}
 

diff --git a/checks/folder_s3.go b/checks/folder_s3.go
@@ -27,7 +27,7 @@ func CheckS3Bucket(ctx *context.Context, check v1.FolderCheck) pkg.Results {
 
 	if check.AWSConnection == nil {
 		check.AWSConnection = &v1.AWSConnection{}
-	} else if err := check.AWSConnection.Populate(ctx, ctx.Kubernetes, ctx.Namespace); err != nil {
+	} else if err := check.AWSConnection.Populate(ctx); err != nil {
 		return results.Failf("failed to populate aws connection: %v", err)
 	}
 

diff --git a/checks/s3.go b/checks/s3.go
@@ -70,7 +70,7 @@ func (c *S3Checker) Check(ctx *context.Context, extConfig external.Check) pkg.Re
 	var results pkg.Results
 	results = append(results, result)
 
-	if err := check.AWSConnection.Populate(ctx, ctx.Kubernetes, ctx.Namespace); err != nil {
+	if err := check.AWSConnection.Populate(ctx); err != nil {
 		return results.Failf("failed to populate aws connection: %v", err)
 	}
 

diff --git a/checks/tcp.go b/checks/tcp.go
@@ -7,8 +7,6 @@ import (
 	"time"
 
 	"github.com/flanksource/canary-checker/api/context"
-	"github.com/flanksource/canary-checker/pkg/db"
-	"github.com/flanksource/duty"
 
 	"github.com/flanksource/canary-checker/api/external"
 	v1 "github.com/flanksource/canary-checker/api/v1"
@@ -39,12 +37,6 @@ func (t *TCPChecker) Check(ctx *context.Context, extConfig external.Check) pkg.R
 	var results pkg.Results
 	results = append(results, result)
 
-	if connection, err := duty.FindConnectionByURL(ctx, db.Gorm, c.Endpoint); err != nil {
-		return results.Failf("failed to find TCP endpoint from connection %q: %v", c.Endpoint, err)
-	} else if connection != nil {
-		c.Endpoint = connection.URL
-	}
-
 	addr, port, err := extractAddrAndPort(c.Endpoint)
 	if err != nil {
 		return results.ErrorMessage(err)

diff --git a/go.mod b/go.mod
@@ -21,7 +21,7 @@ require (
 	github.com/elastic/go-elasticsearch/v8 v8.10.1
 	github.com/fergusstrange/embedded-postgres v1.24.0
 	github.com/flanksource/commons v1.17.1
-	github.com/flanksource/duty v1.0.213
+	github.com/flanksource/duty v1.0.216
 	github.com/flanksource/gomplate/v3 v3.20.24
 	github.com/flanksource/is-healthy v0.0.0-20231003215854-76c51e3a3ff7
 	github.com/flanksource/kommons v0.31.4

diff --git a/go.sum b/go.sum
@@ -816,8 +816,8 @@ github.com/fergusstrange/embedded-postgres v1.24.0 h1:WqXbmYrBeT5JfNWQ8Qa+yHa5YJ
 github.com/fergusstrange/embedded-postgres v1.24.0/go.mod h1:wL562t1V+iuFwq0UcgMi2e9rp8CROY9wxWZEfP8Y874=
 github.com/flanksource/commons v1.17.1 h1:jd114sxRwe2VWcbG/PVVEAWsEkialL6eltbqFGANyuI=
 github.com/flanksource/commons v1.17.1/go.mod h1:RDdQI0/QYC4GzicbDaXIvBPjWuQWKLzX8/rFBbFjG5U=
-github.com/flanksource/duty v1.0.213 h1:2+POTsg30wn8Go9OK5HF9GipbmWH5GhsasvOAMBG5/I=
-github.com/flanksource/duty v1.0.213/go.mod h1:tr6nnn/4wtJ3bfFT1BrhN9AK1Zm7klKFjnlZuJMJNj8=
+github.com/flanksource/duty v1.0.216 h1:1fCDIbqiYdbOtzJygHwHuGWX6BK91rLpaKYKJu/dba4=
+github.com/flanksource/duty v1.0.216/go.mod h1:IUXGDXwYdChv9hKB7X7C9ZH79Fh7tHZ9bF7nde2ZBTo=
 github.com/flanksource/gomplate/v3 v3.20.4/go.mod h1:27BNWhzzSjDed1z8YShO6W+z6G9oZXuxfNFGd/iGSdc=
 github.com/flanksource/gomplate/v3 v3.20.24 h1:Hp77K3FSoOX5HtrO+rMi52nH0s3d/Sj5UV5+RxApLos=
 github.com/flanksource/gomplate/v3 v3.20.24/go.mod h1:GKmptFMdr2LbOuqwQZrmo9a/UygyZ0pbXffks8MuYhE=