mirror of
https://github.com/aquasecurity/kube-bench.git
synced 2025-02-20 03:22:07 +00:00
* issue #348: replace everywhere get<Thing>Files with getFiles
This commit is contained in:
zilard
Liz Rice
parent
c87c5cfb51
commit
b86dd92c91
@ -82,10 +82,10 @@ func runChecks(nodetype check.NodeType) {
|
||||
exitWithError(err)
|
||||
}
|
||||
|
||||
confmap := getConfigFiles(typeConf)
|
||||
svcmap := getServiceFiles(typeConf)
|
||||
kubeconfmap := getKubeConfigFiles(typeConf)
|
||||
cafilemap := getCaFile(typeConf)
|
||||
confmap := getFiles(typeConf, "config")
|
||||
svcmap := getFiles(typeConf, "service")
|
||||
kubeconfmap := getFiles(typeConf, "kubeconfig")
|
||||
cafilemap := getFiles(typeConf, "ca")
|
||||
|
||||
// Variable substitutions. Replace all occurrences of variables in controls files.
|
||||
s := string(in)
|
||||
|
||||
129
cmd/util.go
129
cmd/util.go
@ -27,6 +27,12 @@ var (
|
||||
|
||||
var psFunc func(string) string
|
||||
var statFunc func(string) (os.FileInfo, error)
|
||||
var TypeMap = map[string][]string{
|
||||
"ca": []string{"cafile", "defaultcafile"},
|
||||
"kubeconfig": []string{"kubeconfig", "defaultkubeconfig"},
|
||||
"service": []string{"svc", "defaultsvc"},
|
||||
"config": []string{"confs", "defaultconf"},
|
||||
}
|
||||
|
||||
func init() {
|
||||
psFunc = ps
|
||||
@ -165,9 +171,11 @@ func decrementVersion(version string) string {
|
||||
return strings.Join(split, ".")
|
||||
}
|
||||
|
||||
// getConfigFiles finds which of the set of candidate config files exist
|
||||
func getConfigFiles(v *viper.Viper) map[string]string {
|
||||
confmap := make(map[string]string)
|
||||
// getFiles finds which of the set of candidate files exist
|
||||
func getFiles(v *viper.Viper, fileType string) map[string]string {
|
||||
filemap := make(map[string]string)
|
||||
mainOpt := TypeMap[fileType][0]
|
||||
defaultOpt := TypeMap[fileType][1]
|
||||
|
||||
for _, component := range v.GetStringSlice("components") {
|
||||
s := v.Sub(component)
|
||||
@ -175,116 +183,25 @@ func getConfigFiles(v *viper.Viper) map[string]string {
|
||||
continue
|
||||
}
|
||||
|
||||
// See if any of the candidate config files exist
|
||||
conf := findConfigFile(s.GetStringSlice("confs"))
|
||||
if conf == "" {
|
||||
if s.IsSet("defaultconf") {
|
||||
conf = s.GetString("defaultconf")
|
||||
glog.V(2).Info(fmt.Sprintf("Using default config file name '%s' for component %s", conf, component))
|
||||
// See if any of the candidate files exist
|
||||
file := findConfigFile(s.GetStringSlice(mainOpt))
|
||||
if file == "" {
|
||||
if s.IsSet(defaultOpt) {
|
||||
file = s.GetString(defaultOpt)
|
||||
glog.V(2).Info(fmt.Sprintf("Using default %s file name '%s' for component %s", fileType, file, component))
|
||||
} else {
|
||||
// Default the config file name that we'll substitute to the name of the component
|
||||
glog.V(2).Info(fmt.Sprintf("Missing config file for %s", component))
|
||||
conf = component
|
||||
// Default the file name that we'll substitute to the name of the component
|
||||
glog.V(2).Info(fmt.Sprintf("Missing %s file for %s", fileType, component))
|
||||
file = component
|
||||
}
|
||||
} else {
|
||||
glog.V(2).Info(fmt.Sprintf("Component %s uses config file '%s'", component, conf))
|
||||
glog.V(2).Info(fmt.Sprintf("Component %s uses %s file '%s'", component, fileType, file))
|
||||
}
|
||||
|
||||
confmap[component] = conf
|
||||
filemap[component] = file
|
||||
}
|
||||
|
||||
return confmap
|
||||
}
|
||||
|
||||
// getServiceFiles finds which of the set of candidate service files exist
|
||||
func getServiceFiles(v *viper.Viper) map[string]string {
|
||||
svcmap := make(map[string]string)
|
||||
|
||||
for _, component := range v.GetStringSlice("components") {
|
||||
s := v.Sub(component)
|
||||
if s == nil {
|
||||
continue
|
||||
}
|
||||
|
||||
// See if any of the candidate config files exist
|
||||
svc := findConfigFile(s.GetStringSlice("svc"))
|
||||
if svc == "" {
|
||||
if s.IsSet("defaultsvc") {
|
||||
svc = s.GetString("defaultsvc")
|
||||
glog.V(2).Info(fmt.Sprintf("Using default service file name '%s' for component %s", svc, component))
|
||||
} else {
|
||||
// Default the service file name that we'll substitute to the name of the component
|
||||
glog.V(2).Info(fmt.Sprintf("Missing service file for %s", component))
|
||||
svc = component
|
||||
}
|
||||
} else {
|
||||
glog.V(2).Info(fmt.Sprintf("Component %s uses service file '%s'", component, svc))
|
||||
}
|
||||
|
||||
svcmap[component] = svc
|
||||
}
|
||||
|
||||
return svcmap
|
||||
}
|
||||
|
||||
// getKubeConfigFiles finds which of the set of candidate kubeconfig files exist
|
||||
func getKubeConfigFiles(v *viper.Viper) map[string]string {
|
||||
kubeconfigmap := make(map[string]string)
|
||||
|
||||
for _, component := range v.GetStringSlice("components") {
|
||||
s := v.Sub(component)
|
||||
if s == nil {
|
||||
continue
|
||||
}
|
||||
|
||||
// See if any of the candidate config files exist
|
||||
kubeconfig := findConfigFile(s.GetStringSlice("kubeconfig"))
|
||||
if kubeconfig == "" {
|
||||
if s.IsSet("defaultkubeconfig") {
|
||||
kubeconfig = s.GetString("defaultkubeconfig")
|
||||
glog.V(2).Info(fmt.Sprintf("Using default kubeconfig file name '%s' for component %s", kubeconfig, component))
|
||||
} else {
|
||||
// Default the service file name that we'll substitute to the name of the component
|
||||
glog.V(2).Info(fmt.Sprintf("Missing kubeconfig file for %s", component))
|
||||
kubeconfig = component
|
||||
}
|
||||
} else {
|
||||
glog.V(2).Info(fmt.Sprintf("Component %s uses kubeconfig file '%s'", component, kubeconfig))
|
||||
}
|
||||
|
||||
kubeconfigmap[component] = kubeconfig
|
||||
}
|
||||
|
||||
return kubeconfigmap
|
||||
}
|
||||
|
||||
// getCaFile finds which of the set of client certificate authorities files exist
|
||||
func getCaFile(v *viper.Viper) map[string]string {
|
||||
cafilemap := make(map[string]string)
|
||||
|
||||
for _, component := range v.GetStringSlice("components") {
|
||||
s := v.Sub(component)
|
||||
if s == nil {
|
||||
continue
|
||||
}
|
||||
|
||||
cafile := findConfigFile(s.GetStringSlice("cafile"))
|
||||
if cafile == "" {
|
||||
if s.IsSet("defaultcafile") {
|
||||
cafile = s.GetString("defaultcafile")
|
||||
glog.V(2).Info(fmt.Sprintf("Using default client CA file name '%s' for component %s", cafile, component))
|
||||
} else {
|
||||
glog.V(2).Info(fmt.Sprintf("Missing client CA file for %s", component))
|
||||
cafile = component
|
||||
}
|
||||
} else {
|
||||
glog.V(2).Info(fmt.Sprintf("Component %s uses client CA file '%s'", component, cafile))
|
||||
}
|
||||
|
||||
cafilemap[component] = cafile
|
||||
}
|
||||
|
||||
return cafilemap
|
||||
return filemap
|
||||
}
|
||||
|
||||
// verifyBin checks that the binary specified is running
|
||||
|
||||
@ -298,7 +298,7 @@ func TestGetConfigFiles(t *testing.T) {
|
||||
e = c.statResults
|
||||
eIndex = 0
|
||||
|
||||
m := getConfigFiles(v)
|
||||
m := getFiles(v, "config")
|
||||
if !reflect.DeepEqual(m, c.exp) {
|
||||
t.Fatalf("Got %v\nExpected %v", m, c.exp)
|
||||
}
|
||||
@ -373,7 +373,7 @@ func TestGetServiceFiles(t *testing.T) {
|
||||
e = c.statResults
|
||||
eIndex = 0
|
||||
|
||||
m := getServiceFiles(v)
|
||||
m := getFiles(v, "service")
|
||||
if !reflect.DeepEqual(m, c.exp) {
|
||||
t.Fatalf("Got %v\nExpected %v", m, c.exp)
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user