From f90dd925b8ef80f5ef6b4df009fa728e7aff1098 Mon Sep 17 00:00:00 2001 From: Abubakr-Sadik Nii Nai Davis Date: Fri, 3 Nov 2017 12:59:35 +0000 Subject: [PATCH] Exit kube-bench if we can't get valid kubernetes server version and improve error messages. --- cmd/common.go | 2 +- cmd/util.go | 34 ++++++++++++---------------------- cmd/util_test.go | 13 +++---------- 3 files changed, 16 insertions(+), 33 deletions(-) diff --git a/cmd/common.go b/cmd/common.go index 3e01f2a..2bcf30e 100644 --- a/cmd/common.go +++ b/cmd/common.go @@ -62,7 +62,7 @@ func runChecks(t check.NodeType) { } ver := getKubeVersion() - path := fmt.Sprintf("%s/%s/%s", cfgDir, ver.Server, file) + path := fmt.Sprintf("%s/%s/%s", cfgDir, ver, file) in, err := ioutil.ReadFile(path) if err != nil { exitWithError(fmt.Errorf("error opening %s controls file: %v", t, err)) diff --git a/cmd/util.go b/cmd/util.go index dfd8b23..97b5544 100644 --- a/cmd/util.go +++ b/cmd/util.go @@ -213,37 +213,27 @@ func multiWordReplace(s string, subname string, sub string) string { return strings.Replace(s, subname, sub, -1) } -type version struct { - Server string - Client string -} - -func getKubeVersion() *version { - ver := new(version) +func getKubeVersion() string { + failmsg := "kubernetes version check failed" // These executables might not be on the user's path. _, err := exec.LookPath("kubectl") if err != nil { - s := fmt.Sprintf("Kubernetes version check skipped with error %v", err) - continueWithError(err, sprintlnWarn(s)) - return nil + exitWithError(fmt.Errorf("%s: %s", failmsg, err)) } - cmd := exec.Command("kubectl", "version") - out, err := cmd.Output() + cmd := exec.Command("kubectl", "version", "--short") + out, err := cmd.CombinedOutput() if err != nil { - s := fmt.Sprintf("Kubernetes version check skipped, with error getting kubectl version") - continueWithError(err, sprintlnWarn(s)) - return nil + exitWithError(fmt.Errorf("%s, %s", failmsg, out)) } - clientVerRe := regexp.MustCompile(`Client.*Major:"(\d+)".*Minor:"(\d+)"`) - svrVerRe := regexp.MustCompile(`Server.*Major:"(\d+)".*Minor:"(\d+)"`) + validVersionPttn := `\d.\d` + serverVersionRe := regexp.MustCompile(`Server Version: v(\d+.\d+)`) + ver := serverVersionRe.FindStringSubmatch(string(out))[1] - sub := clientVerRe.FindStringSubmatch(string(out)) - ver.Client = sub[1] + "." + sub[2] - - sub = svrVerRe.FindStringSubmatch(string(out)) - ver.Server = sub[1] + "." + sub[2] + if matched, _ := regexp.MatchString(validVersionPttn, ver); !matched { + exitWithError(fmt.Errorf("%s: invalid server version ", failmsg, ver)) + } return ver } diff --git a/cmd/util_test.go b/cmd/util_test.go index 50044cf..646a75e 100644 --- a/cmd/util_test.go +++ b/cmd/util_test.go @@ -184,18 +184,11 @@ func TestMultiWordReplace(t *testing.T) { func TestGetKubeVersion(t *testing.T) { ver := getKubeVersion() - if ver == nil { - t.Log("Expected non nil version info.") - } else { - if ok, err := regexp.MatchString(`\d+.\d+`, ver.Client); !ok && err != nil { - t.Logf("Expected:%v got %v\n", "n.m", ver.Client) - } - - if ok, err := regexp.MatchString(`\d+.\d+`, ver.Server); !ok && err != nil { - t.Logf("Expected:%v got %v\n", "n.m", ver.Server) - } + if ok, err := regexp.MatchString(`\d+.\d+`, ver); !ok && err != nil { + t.Logf("Expected:%v got %v\n", "n.m", ver) } + } func TestFindConfigFile(t *testing.T) {