Merge pull request #19 from replicatedhq/imagepullsecrets

marccampbell · web-flow · commit 537b117d9042 · 2019-07-22T13:21:37.000-07:00
Image pull secret collector and analyzers
diff --git a/cmd/preflight/cli/interactive_results.go b/cmd/preflight/cli/interactive_results.go
@@ -272,9 +272,11 @@ func showSaved(filename string) {
 func appName(preflightName string) string {
 	words := strings.Split(strings.Title(strings.Replace(preflightName, "-", " ", -1)), " ")
 	casedWords := []string{}
-	for _, word := range words {
+	for i, word := range words {
 		if strings.ToLower(word) == "ai" {
 			casedWords = append(casedWords, "AI")
+		} else if strings.ToLower(word) == "io" && i > 0 {
+			casedWords[i-1] += ".io"
 		} else {
 			casedWords = append(casedWords, word)
 		}
diff --git a/cmd/preflight/cli/run_nocrd.go b/cmd/preflight/cli/run_nocrd.go
@@ -11,6 +11,7 @@ import (
 	"net/http"
 	"os"
 	"path/filepath"
+	"strings"
 	"time"
 
 	analyzerunner "github.com/replicatedhq/troubleshoot/pkg/analyze"
@@ -75,10 +76,20 @@ func runPreflightsNoCRD(v *viper.Viper, arg string) error {
 
 		return contents, nil
 	}
+	getChildCollectedFileContents := func(prefix string) (map[string][]byte, error) {
+		matching := make(map[string][]byte)
+		for k, v := range allCollectedData {
+			if strings.HasPrefix(k, prefix) {
+				matching[k] = v
+			}
+		}
+
+		return matching, nil
+	}
 
 	analyzeResults := []*analyzerunner.AnalyzeResult{}
 	for _, analyzer := range preflight.Spec.Analyzers {
-		analyzeResult, err := analyzerunner.Analyze(analyzer, getCollectedFileContents)
+		analyzeResult, err := analyzerunner.Analyze(analyzer, getCollectedFileContents, getChildCollectedFileContents)
 		if err != nil {
 			fmt.Printf("an analyzer failed to run: %v\n", err)
 			continue
diff --git a/config/crds/troubleshoot.replicated.com_preflights.yaml b/config/crds/troubleshoot.replicated.com_preflights.yaml
@@ -475,6 +475,48 @@ spec:
                       - outcomes
                       - customResourceDefinitionName
                       type: object
+                    imagePullSecret:
+                      properties:
+                        checkName:
+                          type: string
+                        outcomes:
+                          items:
+                            properties:
+                              fail:
+                                properties:
+                                  message:
+                                    type: string
+                                  uri:
+                                    type: string
+                                  when:
+                                    type: string
+                                type: object
+                              pass:
+                                properties:
+                                  message:
+                                    type: string
+                                  uri:
+                                    type: string
+                                  when:
+                                    type: string
+                                type: object
+                              warn:
+                                properties:
+                                  message:
+                                    type: string
+                                  uri:
+                                    type: string
+                                  when:
+                                    type: string
+                                type: object
+                            type: object
+                          type: array
+                        registryName:
+                          type: string
+                      required:
+                      - outcomes
+                      - registryName
+                      type: object
                     ingress:
                       properties:
                         checkName:
diff --git a/config/crds/zz_generated.deepcopy.go b/config/crds/zz_generated.deepcopy.go
@@ -36,6 +36,11 @@ func (in *Analyze) DeepCopyInto(out *Analyze) {
 		*out = new(AnalyzeSecret)
 		(*in).DeepCopyInto(*out)
 	}
+	if in.ImagePullSecret != nil {
+		in, out := &in.ImagePullSecret, &out.ImagePullSecret
+		*out = new(ImagePullSecret)
+		(*in).DeepCopyInto(*out)
+	}
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Analyze.
@@ -713,6 +718,33 @@ func (in *HTTP) DeepCopy() *HTTP {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ImagePullSecret) DeepCopyInto(out *ImagePullSecret) {
+	*out = *in
+	out.AnalyzeMeta = in.AnalyzeMeta
+	if in.Outcomes != nil {
+		in, out := &in.Outcomes, &out.Outcomes
+		*out = make([]*Outcome, len(*in))
+		for i := range *in {
+			if (*in)[i] != nil {
+				in, out := &(*in)[i], &(*out)[i]
+				*out = new(Outcome)
+				(*in).DeepCopyInto(*out)
+			}
+		}
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePullSecret.
+func (in *ImagePullSecret) DeepCopy() *ImagePullSecret {
+	if in == nil {
+		return nil
+	}
+	out := new(ImagePullSecret)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *Ingress) DeepCopyInto(out *Ingress) {
 	*out = *in
diff --git a/config/samples/troubleshoot_v1beta1_preflight.yaml b/config/samples/troubleshoot_v1beta1_preflight.yaml
@@ -1,41 +1,50 @@
 apiVersion: troubleshoot.replicated.com/v1beta1
 kind: Preflight
 metadata:
-  name: shiny-new-ai
+  name: support-io
 spec:
   uploadResultsTo: https://hookb.in/Z26mz8R9VpC7q7eYrWob
   analyzers:
-    - clusterVersion:
+    - imagePullSecret:
+        checkName: "blarg"
+        registryName: quay.io
         outcomes:
           - fail:
-              when: "< 1.13.0"
-              message: Sorry, ShinyNew.ai requires at least Kubernetes 1.14.0. Please update your Kubernetes cluster before installing.
-              uri: https://enterprise.shinynew.ai/install/requirements/kubernetes
-          - warn:
-              when: "< 1.15.0"
-              message: The version of Kubernetes you are running meets the minimum requirements to run ShineyNew.ai. It's recommended to run Kubernetes 1.15.0 or later.
-              uri: https://enterprise.shinynew.ai/install/requirements/kubernetes
+              message: Cannot pull from quay.io
           - pass:
-              message: The version of Kubernetes you have installed meets the required and recommended versions.
-    - storageClass:
-        checkName: Required storage classes
-        storageClassName: "microk8s-hostpath"
-        outcomes:
-          - fail:
-              message: The required storage class was not found in the cluster.
-          - pass:
-              message: The required storage class was found in the cluster.
-    - ingress:
-        namespace: default
-        ingressName: my-app-ingress
-        outcomes:
-          - fail:
-              message: Expected to find an ingress named "my-app-ingress".
-          - pass:
-              message: Expected ingress was found.
-        customResourceDefinitionName: rook
-        outcomes:
-          - fail:
-              message: Rook is required for ShinyNew.ai. Rook was not found in the cluster.
-          - pass:
-              message: Found a supported version of Rook installed and running in the cluster.
+              message: Found credentials to pull from quay.io
+    # - clusterVersion:
+    #     outcomes:
+    #       - fail:
+    #           when: "< 1.13.0"
+    #           message: Sorry, support.io requires at least Kubernetes 1.14.0. Please update your Kubernetes cluster before installing.
+    #           uri: https://enterprise.support.io/install/requirements/kubernetes
+    #       - warn:
+    #           when: "< 1.15.0"
+    #           message: The version of Kubernetes you are running meets the minimum requirements to run support.io. It's recommended to run Kubernetes 1.15.0 or later.
+    #           uri: https://enterprise.support.io/install/requirements/kubernetes
+    #       - pass:
+    #           message: The version of Kubernetes you have installed meets the required and recommended versions.
+    # - storageClass:
+    #     checkName: Required storage classes
+    #     storageClassName: "microk8s-hostpath"
+    #     outcomes:
+    #       - fail:
+    #           message: The required storage class was not found in the cluster.
+    #       - pass:
+    #           message: The required storage class was found in the cluster.
+    # - ingress:
+    #     namespace: default
+    #     ingressName: my-app-ingress
+    #     outcomes:
+    #       - fail:
+    #           message: Expected to find an ingress named "my-app-ingress".
+    #       - pass:
+    #           message: Expected ingress was found.
+    # - customResourceDefinitionName:
+    #     customResourceDefinitionName: rook
+    #     outcomes:
+    #       - fail:
+    #           message: Rook is required for Support.io. Rook was not found in the cluster.
+    #       - pass:
+    #           message: Found a supported version of Rook installed and running in the cluster.
diff --git a/go.mod b/go.mod
@@ -32,5 +32,4 @@ require (
 	k8s.io/client-go v11.0.1-0.20190409021438-1a26190bd76a+incompatible
 	sigs.k8s.io/controller-runtime v0.2.0-beta.2
 	sigs.k8s.io/controller-tools v0.2.0-beta.2 // indirect
-
 )
diff --git a/pkg/analyze/analyzer.go b/pkg/analyze/analyzer.go
@@ -16,21 +16,27 @@ type AnalyzeResult struct {
 	URI     string
 }
 
-func Analyze(analyzer *troubleshootv1beta1.Analyze, getCollectedFileContents func(string) ([]byte, error)) (*AnalyzeResult, error) {
+type getCollectedFileContents func(string) ([]byte, error)
+type getChildCollectedFileContents func(string) (map[string][]byte, error)
+
+func Analyze(analyzer *troubleshootv1beta1.Analyze, getFile getCollectedFileContents, findFiles getChildCollectedFileContents) (*AnalyzeResult, error) {
 	if analyzer.ClusterVersion != nil {
-		return analyzeClusterVersion(analyzer.ClusterVersion, getCollectedFileContents)
+		return analyzeClusterVersion(analyzer.ClusterVersion, getFile)
 	}
 	if analyzer.StorageClass != nil {
-		return analyzeStorageClass(analyzer.StorageClass, getCollectedFileContents)
+		return analyzeStorageClass(analyzer.StorageClass, getFile)
 	}
 	if analyzer.CustomResourceDefinition != nil {
-		return analyzeCustomResourceDefinition(analyzer.CustomResourceDefinition, getCollectedFileContents)
+		return analyzeCustomResourceDefinition(analyzer.CustomResourceDefinition, getFile)
 	}
 	if analyzer.Ingress != nil {
-		return analyzeIngress(analyzer.Ingress, getCollectedFileContents)
+		return analyzeIngress(analyzer.Ingress, getFile)
 	}
 	if analyzer.Secret != nil {
-		return analyzeSecret(analyzer.Secret, getCollectedFileContents)
+		return analyzeSecret(analyzer.Secret, getFile)
+	}
+	if analyzer.ImagePullSecret != nil {
+		return analyzeImagePullSecret(analyzer.ImagePullSecret, findFiles)
 	}
 
 	return nil, errors.New("invalid analyzer")
diff --git a/pkg/analyze/image_pull_secret.go b/pkg/analyze/image_pull_secret.go
@@ -0,0 +1,49 @@
+package analyzer
+
+import (
+	"encoding/json"
+
+	troubleshootv1beta1 "github.com/replicatedhq/troubleshoot/pkg/apis/troubleshoot/v1beta1"
+)
+
+func analyzeImagePullSecret(analyzer *troubleshootv1beta1.ImagePullSecret, getChildCollectedFileContents func(string) (map[string][]byte, error)) (*AnalyzeResult, error) {
+	imagePullSecrets, err := getChildCollectedFileContents("cluster-resources/image-pull-secrets")
+	if err != nil {
+		return nil, err
+	}
+
+	var failOutcome *troubleshootv1beta1.Outcome
+	var passOutcome *troubleshootv1beta1.Outcome
+	for _, outcome := range analyzer.Outcomes {
+		if outcome.Fail != nil {
+			failOutcome = outcome
+		} else if outcome.Pass != nil {
+			passOutcome = outcome
+		}
+	}
+
+	result := AnalyzeResult{
+		Title:   analyzer.CheckName,
+		IsFail:  true,
+		Message: failOutcome.Fail.Message,
+		URI:     failOutcome.Fail.URI,
+	}
+
+	for _, v := range imagePullSecrets {
+		registryAndUsername := make(map[string]string)
+		if err := json.Unmarshal(v, &registryAndUsername); err != nil {
+			return nil, err
+		}
+
+		for registry, _ := range registryAndUsername {
+			if registry == analyzer.RegistryName {
+				result.IsPass = true
+				result.IsFail = false
+				result.Message = passOutcome.Pass.Message
+				result.URI = passOutcome.Pass.URI
+			}
+		}
+	}
+
+	return &result, nil
+}
diff --git a/pkg/apis/troubleshoot/v1beta1/analyzer_shared.go b/pkg/apis/troubleshoot/v1beta1/analyzer_shared.go
@@ -44,6 +44,12 @@ type AnalyzeSecret struct {
 	Key         string     `json:"key,omitempty" yaml:"key,omitempty"`
 }
 
+type ImagePullSecret struct {
+	AnalyzeMeta  `json:",inline" yaml:",inline"`
+	Outcomes     []*Outcome `json:"outcomes" yaml:"outcomes"`
+	RegistryName string     `json:"registryName" yaml:"registryName"`
+}
+
 type AnalyzeMeta struct {
 	CheckName string `json:"checkName,omitempty" yaml:"checkName,omitempty"`
 }
@@ -54,4 +60,5 @@ type Analyze struct {
 	CustomResourceDefinition *CustomResourceDefinition `json:"customResourceDefinition,omitempty" yaml:"customResourceDefinition,omitempty"`
 	Ingress                  *Ingress                  `json:"ingress,omitempty" yaml:"ingress,omitempty"`
 	Secret                   *AnalyzeSecret            `json:"secret,omitempty" yaml:"secret,omitempty"`
+	ImagePullSecret          *ImagePullSecret          `json:"imagePullSecret,omitempty" yaml:"imagePullSecret,omitempty"`
 }
diff --git a/pkg/apis/troubleshoot/v1beta1/zz_generated.deepcopy.go b/pkg/apis/troubleshoot/v1beta1/zz_generated.deepcopy.go
@@ -52,6 +52,11 @@ func (in *Analyze) DeepCopyInto(out *Analyze) {
 		*out = new(AnalyzeSecret)
 		(*in).DeepCopyInto(*out)
 	}
+	if in.ImagePullSecret != nil {
+		in, out := &in.ImagePullSecret, &out.ImagePullSecret
+		*out = new(ImagePullSecret)
+		(*in).DeepCopyInto(*out)
+	}
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Analyze.
@@ -729,6 +734,33 @@ func (in *HTTP) DeepCopy() *HTTP {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ImagePullSecret) DeepCopyInto(out *ImagePullSecret) {
+	*out = *in
+	out.AnalyzeMeta = in.AnalyzeMeta
+	if in.Outcomes != nil {
+		in, out := &in.Outcomes, &out.Outcomes
+		*out = make([]*Outcome, len(*in))
+		for i := range *in {
+			if (*in)[i] != nil {
+				in, out := &(*in)[i], &(*out)[i]
+				*out = new(Outcome)
+				(*in).DeepCopyInto(*out)
+			}
+		}
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePullSecret.
+func (in *ImagePullSecret) DeepCopy() *ImagePullSecret {
+	if in == nil {
+		return nil
+	}
+	out := new(ImagePullSecret)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *Ingress) DeepCopyInto(out *Ingress) {
 	*out = *in
diff --git a/pkg/collect/cluster_resources.go b/pkg/collect/cluster_resources.go
diff --git a/pkg/collect/runner.go b/pkg/collect/runner.go
diff --git a/pkg/controller/collectorjob/collector_server.go b/pkg/controller/collectorjob/collector_server.go
diff --git a/pkg/controller/collectorjob/collectorjob_controller.go b/pkg/controller/collectorjob/collectorjob_controller.go
diff --git a/pkg/preflight/server.go b/pkg/preflight/server.go

Original file line number	Diff line number	Diff line change
`@@ -32,5 +32,4 @@ require (`
`32`	`32`	`k8s.io/client-go v11.0.1-0.20190409021438-1a26190bd76a+incompatible`
`33`	`33`	`sigs.k8s.io/controller-runtime v0.2.0-beta.2`
`34`	`34`	`sigs.k8s.io/controller-tools v0.2.0-beta.2 // indirect`
`35`		`-`
`36`	`35`	`)`
Original file line number	Diff line number	Diff line change
`@@ -16,21 +16,27 @@ type AnalyzeResult struct {`
`16`	`16`	`URI string`
`17`	`17`	`}`
`18`	`18`
`19`		`-func Analyze(analyzer troubleshootv1beta1.Analyze, getCollectedFileContents func(string) ([]byte, error)) (AnalyzeResult, error) {`
	`19`	`+type getCollectedFileContents func(string) ([]byte, error)`
	`20`	`+type getChildCollectedFileContents func(string) (map[string][]byte, error)`
	`21`	`+`
	`22`	`+func Analyze(analyzer troubleshootv1beta1.Analyze, getFile getCollectedFileContents, findFiles getChildCollectedFileContents) (AnalyzeResult, error) {`
`20`	`23`	`if analyzer.ClusterVersion != nil {`
`21`		`- return analyzeClusterVersion(analyzer.ClusterVersion, getCollectedFileContents)`
	`24`	`+ return analyzeClusterVersion(analyzer.ClusterVersion, getFile)`
`22`	`25`	`}`
`23`	`26`	`if analyzer.StorageClass != nil {`
`24`		`- return analyzeStorageClass(analyzer.StorageClass, getCollectedFileContents)`
	`27`	`+ return analyzeStorageClass(analyzer.StorageClass, getFile)`
`25`	`28`	`}`
`26`	`29`	`if analyzer.CustomResourceDefinition != nil {`
`27`		`- return analyzeCustomResourceDefinition(analyzer.CustomResourceDefinition, getCollectedFileContents)`
	`30`	`+ return analyzeCustomResourceDefinition(analyzer.CustomResourceDefinition, getFile)`
`28`	`31`	`}`
`29`	`32`	`if analyzer.Ingress != nil {`
`30`		`- return analyzeIngress(analyzer.Ingress, getCollectedFileContents)`
	`33`	`+ return analyzeIngress(analyzer.Ingress, getFile)`
`31`	`34`	`}`
`32`	`35`	`if analyzer.Secret != nil {`
`33`		`- return analyzeSecret(analyzer.Secret, getCollectedFileContents)`
	`36`	`+ return analyzeSecret(analyzer.Secret, getFile)`
	`37`	`+ }`
	`38`	`+ if analyzer.ImagePullSecret != nil {`
	`39`	`+ return analyzeImagePullSecret(analyzer.ImagePullSecret, findFiles)`
`34`	`40`	`}`
`35`	`41`
`36`	`42`	`return nil, errors.New("invalid analyzer")`
Original file line number	Diff line number	Diff line change
`@@ -44,6 +44,12 @@ type AnalyzeSecret struct {`
`44`	`44`	Key string `json:"key,omitempty" yaml:"key,omitempty"`
`45`	`45`	`}`
`46`	`46`
	`47`	`+type ImagePullSecret struct {`
	`48`	+ AnalyzeMeta `json:",inline" yaml:",inline"`
	`49`	+ Outcomes []*Outcome `json:"outcomes" yaml:"outcomes"`
	`50`	+ RegistryName string `json:"registryName" yaml:"registryName"`
	`51`	`+}`
	`52`	`+`
`47`	`53`	`type AnalyzeMeta struct {`
`48`	`54`	CheckName string `json:"checkName,omitempty" yaml:"checkName,omitempty"`
`49`	`55`	`}`
`@@ -54,4 +60,5 @@ type Analyze struct {`
`54`	`60`	CustomResourceDefinition *CustomResourceDefinition `json:"customResourceDefinition,omitempty" yaml:"customResourceDefinition,omitempty"`
`55`	`61`	Ingress *Ingress `json:"ingress,omitempty" yaml:"ingress,omitempty"`
`56`	`62`	Secret *AnalyzeSecret `json:"secret,omitempty" yaml:"secret,omitempty"`
	`63`	+ ImagePullSecret *ImagePullSecret `json:"imagePullSecret,omitempty" yaml:"imagePullSecret,omitempty"`
`57`	`64`	`}`