mirror of
https://github.com/aquasecurity/kube-bench.git
synced 2025-01-08 23:00:56 +00:00
Combine config reading functions into single function.
This commit is contained in:
parent
e227934c88
commit
cec1d9d6b3
@ -66,9 +66,9 @@ func runChecks(t check.NodeType) {
|
|||||||
// Get the set of exectuables and config files we care about on this type of node. This also
|
// Get the set of exectuables and config files we care about on this type of node. This also
|
||||||
// checks that the executables we need for the node type are running.
|
// checks that the executables we need for the node type are running.
|
||||||
binmap := getBinaries(typeConf)
|
binmap := getBinaries(typeConf)
|
||||||
confmap := getConfigFiles(typeConf)
|
confmap := getConfigFiles(typeConf, "conf")
|
||||||
podspecmap := getPodSpecFiles(typeConf)
|
podspecmap := getConfigFiles(typeConf, "podspec")
|
||||||
unitfilemap := getUnitFiles(typeConf)
|
unitfilemap := getConfigFiles(typeConf, "unitfile")
|
||||||
|
|
||||||
switch t {
|
switch t {
|
||||||
case check.MASTER:
|
case check.MASTER:
|
||||||
|
72
cmd/util.go
72
cmd/util.go
@ -117,7 +117,9 @@ func getBinaries(v *viper.Viper) map[string]string {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// getConfigFiles finds which of the set of candidate config files exist
|
// getConfigFiles finds which of the set of candidate config files exist
|
||||||
func getConfigFiles(v *viper.Viper) map[string]string {
|
// accepts a string 't' which indicates the type of config file, conf,
|
||||||
|
// podspec or untifile.
|
||||||
|
func getConfigFiles(v *viper.Viper, t string) map[string]string {
|
||||||
confmap := make(map[string]string)
|
confmap := make(map[string]string)
|
||||||
|
|
||||||
for _, component := range v.GetStringSlice("components") {
|
for _, component := range v.GetStringSlice("components") {
|
||||||
@ -127,10 +129,10 @@ func getConfigFiles(v *viper.Viper) map[string]string {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// See if any of the candidate config files exist
|
// See if any of the candidate config files exist
|
||||||
conf := findConfigFile(s.GetStringSlice("confs"))
|
conf := findConfigFile(s.GetStringSlice(t))
|
||||||
if conf == "" {
|
if conf == "" {
|
||||||
if s.IsSet("defaultconf") {
|
if s.IsSet("default" + t) {
|
||||||
conf = s.GetString("defaultconf")
|
conf = s.GetString("default" + t)
|
||||||
glog.V(2).Info(fmt.Sprintf("Using default config file name '%s' for component %s", conf, component))
|
glog.V(2).Info(fmt.Sprintf("Using default config file name '%s' for component %s", conf, component))
|
||||||
} else {
|
} else {
|
||||||
// Default the config file name that we'll substitute to the name of the component
|
// Default the config file name that we'll substitute to the name of the component
|
||||||
@ -147,68 +149,6 @@ func getConfigFiles(v *viper.Viper) map[string]string {
|
|||||||
return confmap
|
return confmap
|
||||||
}
|
}
|
||||||
|
|
||||||
// getPodSpecFiles finds which of the set of candidate podspec files exist
|
|
||||||
func getPodSpecFiles(v *viper.Viper) map[string]string {
|
|
||||||
podspecmap := make(map[string]string)
|
|
||||||
|
|
||||||
for _, component := range v.GetStringSlice("components") {
|
|
||||||
s := v.Sub(component)
|
|
||||||
if s == nil {
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
// See if any of the candidate podspec files exist
|
|
||||||
podspec := findConfigFile(s.GetStringSlice("podspecs"))
|
|
||||||
if podspec == "" {
|
|
||||||
if s.IsSet("defaultpodspec") {
|
|
||||||
podspec = s.GetString("defaultpodspec")
|
|
||||||
glog.V(2).Info(fmt.Sprintf("Using default podspec file name '%s' for component %s", podspec, component))
|
|
||||||
} else {
|
|
||||||
// Default the config file name that we'll substitute to the name of the component
|
|
||||||
printlnWarn(fmt.Sprintf("Missing podspec file for %s", component))
|
|
||||||
podspec = component
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
glog.V(2).Info(fmt.Sprintf("Component %s uses podspec file '%s'", component, podspec))
|
|
||||||
}
|
|
||||||
|
|
||||||
podspecmap[component] = podspec
|
|
||||||
}
|
|
||||||
|
|
||||||
return podspecmap
|
|
||||||
}
|
|
||||||
|
|
||||||
// getUnitFiles finds which of the set of candidate unit files exist
|
|
||||||
func getUnitFiles(v *viper.Viper) map[string]string {
|
|
||||||
unitfilemap := make(map[string]string)
|
|
||||||
|
|
||||||
for _, component := range v.GetStringSlice("components") {
|
|
||||||
s := v.Sub(component)
|
|
||||||
if s == nil {
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
// See if any of the candidate podspec files exist
|
|
||||||
unitfile := findConfigFile(s.GetStringSlice("unitfiles"))
|
|
||||||
if unitfile == "" {
|
|
||||||
if s.IsSet("defaultunitfile") {
|
|
||||||
unitfile = s.GetString("defaultunitfile")
|
|
||||||
glog.V(2).Info(fmt.Sprintf("Using default unit file name '%s' for component %s", unitfile, component))
|
|
||||||
} else {
|
|
||||||
// Default the config file name that we'll substitute to the name of the component
|
|
||||||
printlnWarn(fmt.Sprintf("Missing unit file for %s", component))
|
|
||||||
unitfile = component
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
glog.V(2).Info(fmt.Sprintf("Component %s uses unit file '%s'", component, unitfile))
|
|
||||||
}
|
|
||||||
|
|
||||||
unitfilemap[component] = unitfile
|
|
||||||
}
|
|
||||||
|
|
||||||
return unitfilemap
|
|
||||||
}
|
|
||||||
|
|
||||||
// verifyBin checks that the binary specified is running
|
// verifyBin checks that the binary specified is running
|
||||||
func verifyBin(bin string) bool {
|
func verifyBin(bin string) bool {
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user