Merge branch 'main' into ttimonen/watch

kubescape · Jul 19, 2024 · de95b6c · de95b6c
2 parents 381db20 + 62ef3ff
commit de95b6c
Show file tree

Hide file tree

Showing 9 changed files with 168 additions and 304 deletions.
diff --git a/pkg/apis/softwarecomposition/v1beta1/spdx_types.go b/pkg/apis/softwarecomposition/v1beta1/spdx_types.go
@@ -12,26 +12,30 @@ type Annotator struct {
 	AnnotatorType string
 }
 
+// kvJSONLine parses a key-value pair from JSON.
+// i.e. "\"<jsonencoded foo: bar>\""" -> k = "foo", v = "bar".
+func kvJSONLine(data []byte) (k, v string, err error) {
+	var (
+		s  string
+		ok bool
+	)
+	if err = json.Unmarshal(data, &s); err != nil {
+		return k, v, err
+	}
+	if k, v, ok = strings.Cut(s, ": "); !ok {
+		err = fmt.Errorf("failed to parse %q", s)
+	}
+	return k, v, err
+}
+
 // UnmarshalJSON takes an annotator in the typical one-line format and parses it into an Annotator struct.
 // This function is also used when unmarshalling YAML
 func (a *Annotator) UnmarshalJSON(data []byte) error {
-	// annotator will simply be a string
-	var annotatorStr string
-	err := json.Unmarshal(data, &annotatorStr)
-	if err != nil {
-		return err
-	}
-	annotatorStr = strings.Trim(annotatorStr, "\"")
-
-	annotatorFields := strings.SplitN(annotatorStr, ": ", 2)
-
-	if len(annotatorFields) != 2 {
-		return fmt.Errorf("failed to parse Annotator '%s'", annotatorStr)
+	// annotator will simply be a string.
+	var err error
+	if a.AnnotatorType, a.Annotator, err = kvJSONLine(data); err != nil {
+		return fmt.Errorf("failed to parse Annotator: %w", err)
 	}
-
-	a.AnnotatorType = annotatorFields[0]
-	a.Annotator = annotatorFields[1]
-
 	return nil
 }
 
@@ -87,20 +91,10 @@ type Creator struct {
 // UnmarshalJSON takes an annotator in the typical one-line format and parses it into a Creator struct.
 // This function is also used when unmarshalling YAML
 func (c *Creator) UnmarshalJSON(data []byte) error {
-	var str string
-	err := json.Unmarshal(data, &str)
-	if err != nil {
-		return err
+	var err error
+	if c.CreatorType, c.Creator, err = kvJSONLine(data); err != nil {
+		return fmt.Errorf("failed to parse Creator: %w", err)
 	}
-	fields := strings.SplitN(str, ": ", 2)
-
-	if len(fields) != 2 {
-		return fmt.Errorf("failed to parse Creator '%s'", str)
-	}
-
-	c.CreatorType = fields[0]
-	c.Creator = fields[1]
-
 	return nil
 }
 
@@ -356,23 +350,14 @@ type Supplier struct {
 // This function is also used when unmarshalling YAML
 func (s *Supplier) UnmarshalJSON(data []byte) error {
 	// the value is just a string presented as a slice of bytes
-	supplierStr := string(data)
-	supplierStr = strings.Trim(supplierStr, "\"")
-
-	if supplierStr == "NOASSERTION" {
-		s.Supplier = supplierStr
-		return nil
-	}
-
-	supplierFields := strings.SplitN(supplierStr, ": ", 2)
-
-	if len(supplierFields) != 2 {
-		return fmt.Errorf("failed to parse Supplier '%s'", supplierStr)
+	switch k, v, err := kvJSONLine(data); {
+	case k == "NOASSERTION":
+		s.Supplier = k
+	case err != nil:
+		return fmt.Errorf("failed to parse Supplier '%w'", err)
+	default:
+		s.SupplierType, s.Supplier = k, v
 	}
-
-	s.SupplierType = supplierFields[0]
-	s.Supplier = supplierFields[1]
-
 	return nil
 }
 
@@ -399,27 +384,14 @@ type Originator struct {
 // This function is also used when unmarshalling YAML
 func (o *Originator) UnmarshalJSON(data []byte) error {
 	// the value is just a string presented as a slice of bytes
-	var originatorStr string
-	err := json.Unmarshal(data, &originatorStr)
-	if err != nil {
-		return err
+	switch k, v, err := kvJSONLine(data); {
+	case k == "NOASSERTION":
+		o.Originator = k
+	case err != nil:
+		return fmt.Errorf("failed to parse Originator '%w'", err)
+	default:
+		o.OriginatorType, o.Originator = k, v
 	}
-	originatorStr = strings.Trim(originatorStr, "\"")
-
-	if originatorStr == "NOASSERTION" {
-		o.Originator = originatorStr
-		return nil
-	}
-
-	originatorFields := strings.SplitN(originatorStr, ": ", 2)
-
-	if len(originatorFields) != 2 {
-		return fmt.Errorf("failed to parse Originator '%s'", originatorStr)
-	}
-
-	o.OriginatorType = originatorFields[0]
-	o.Originator = originatorFields[1]
-
 	return nil
 }
 

diff --git a/pkg/apiserver/apiserver.go b/pkg/apiserver/apiserver.go
@@ -17,6 +17,7 @@ limitations under the License.
 package apiserver
 
 import (
+	"github.com/kubescape/storage/pkg/registry"
 	"github.com/kubescape/storage/pkg/registry/file"
 	"github.com/kubescape/storage/pkg/registry/softwarecomposition/applicationactivity"
 	"github.com/kubescape/storage/pkg/registry/softwarecomposition/applicationprofile"
@@ -33,9 +34,11 @@ import (
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/runtime/serializer"
 	"k8s.io/apimachinery/pkg/version"
+	"k8s.io/apiserver/pkg/registry/generic"
 	"k8s.io/apiserver/pkg/registry/rest"
 	genericapiserver "k8s.io/apiserver/pkg/server"
 	"k8s.io/apiserver/pkg/server/options"
+	"k8s.io/apiserver/pkg/storage"
 
 	"github.com/kubescape/storage/pkg/apis/softwarecomposition"
 	"github.com/kubescape/storage/pkg/apis/softwarecomposition/install"
@@ -145,46 +148,45 @@ func (c completedConfig) New() (*WardleServer, error) {
 	// https://github.com/kubernetes/kubernetes/issues/86666).
 	apiGroupInfo.NegotiatedSerializer = NewNoProtobufSerializer(Codecs)
 
-	osFs := afero.NewOsFs()
-
-	storageImpl := file.NewStorageImpl(osFs, file.DefaultStorageRoot)
-
-	applicationProfileStorageImpl := file.NewStorageImplWithCollector(osFs, file.DefaultStorageRoot, &file.ApplicationProfileProcessor{})
-	networkNeighborhoodStorageImpl := file.NewStorageImplWithCollector(osFs, file.DefaultStorageRoot, &file.NetworkNeighborhoodProcessor{})
-	configScanStorageImpl := file.NewConfigurationScanSummaryStorage(&storageImpl)
-	vulnerabilitySummaryStorage := file.NewVulnerabilitySummaryStorage(&storageImpl)
-	generatedNetworkPolicyStorage := file.NewGeneratedNetworkPolicyStorage(&storageImpl)
-
-	v1beta1storage := map[string]rest.Storage{}
-
-	v1beta1storage["sbomspdxv2p3s"] = sbomregistry.RESTInPeace(sbomspdxv2p3storage.NewREST(Scheme, storageImpl, c.GenericConfig.RESTOptionsGetter))
-	v1beta1storage["sbomspdxv2p3filtereds"] = sbomregistry.RESTInPeace(sbomspdxv2p3filteredstorage.NewREST(Scheme, storageImpl, c.GenericConfig.RESTOptionsGetter))
-
-	v1beta1storage["vulnerabilitymanifests"] = sbomregistry.RESTInPeace(vmstorage.NewREST(Scheme, storageImpl, c.GenericConfig.RESTOptionsGetter))
-	v1beta1storage["vulnerabilitymanifestsummaries"] = sbomregistry.RESTInPeace(vmsumstorage.NewREST(Scheme, storageImpl, c.GenericConfig.RESTOptionsGetter))
-
-	v1beta1storage["workloadconfigurationscans"] = sbomregistry.RESTInPeace(wcsstorage.NewREST(Scheme, storageImpl, c.GenericConfig.RESTOptionsGetter))
-	v1beta1storage["workloadconfigurationscansummaries"] = sbomregistry.RESTInPeace(wcssumstorage.NewREST(Scheme, storageImpl, c.GenericConfig.RESTOptionsGetter))
-
-	v1beta1storage["configurationscansummaries"] = sbomregistry.RESTInPeace(configurationscansummary.NewREST(Scheme, configScanStorageImpl, c.GenericConfig.RESTOptionsGetter))
-	v1beta1storage["vulnerabilitysummaries"] = sbomregistry.RESTInPeace(vsumstorage.NewREST(Scheme, vulnerabilitySummaryStorage, c.GenericConfig.RESTOptionsGetter))
-
-	v1beta1storage["applicationprofiles"] = sbomregistry.RESTInPeace(applicationprofile.NewREST(Scheme, applicationProfileStorageImpl, c.GenericConfig.RESTOptionsGetter))
-	v1beta1storage["applicationactivities"] = sbomregistry.RESTInPeace(applicationactivity.NewREST(Scheme, storageImpl, c.GenericConfig.RESTOptionsGetter))
-
-	v1beta1storage["networkneighborses"] = sbomregistry.RESTInPeace(networkneighbors.NewREST(Scheme, storageImpl, c.GenericConfig.RESTOptionsGetter))
-	v1beta1storage["networkneighborhoods"] = sbomregistry.RESTInPeace(networkneighborhood.NewREST(Scheme, networkNeighborhoodStorageImpl, c.GenericConfig.RESTOptionsGetter))
-	v1beta1storage["openvulnerabilityexchangecontainers"] = sbomregistry.RESTInPeace(openvulnerabilityexchange.NewREST(Scheme, storageImpl, c.GenericConfig.RESTOptionsGetter))
-
-	v1beta1storage["generatednetworkpolicies"] = sbomregistry.RESTInPeace(generatednetworkpolicy.NewREST(Scheme, generatedNetworkPolicyStorage, c.GenericConfig.RESTOptionsGetter))
-	v1beta1storage["knownservers"] = sbomregistry.RESTInPeace(knownserver.NewREST(Scheme, storageImpl, c.GenericConfig.RESTOptionsGetter))
-
-	v1beta1storage["sbomsyfts"] = sbomregistry.RESTInPeace(sbomsyfts.NewREST(Scheme, storageImpl, c.GenericConfig.RESTOptionsGetter))
-	v1beta1storage["sbomsyftfiltereds"] = sbomregistry.RESTInPeace(sbomsyftfiltereds.NewREST(Scheme, storageImpl, c.GenericConfig.RESTOptionsGetter))
-
-	v1beta1storage["seccompprofiles"] = sbomregistry.RESTInPeace(seccompprofiles.NewREST(Scheme, storageImpl, c.GenericConfig.RESTOptionsGetter))
-
-	apiGroupInfo.VersionedResourcesStorageMap["v1beta1"] = v1beta1storage
+	var (
+		osFs        = afero.NewOsFs()
+		storageImpl = file.NewStorageImpl(osFs, file.DefaultStorageRoot)
+
+		applicationProfileStorageImpl  = file.NewStorageImplWithCollector(osFs, file.DefaultStorageRoot, &file.ApplicationProfileProcessor{})
+		networkNeighborhoodStorageImpl = file.NewStorageImplWithCollector(osFs, file.DefaultStorageRoot, &file.NetworkNeighborhoodProcessor{})
+		configScanStorageImpl          = file.NewConfigurationScanSummaryStorage(storageImpl)
+		vulnerabilitySummaryStorage    = file.NewVulnerabilitySummaryStorage(storageImpl)
+		generatedNetworkPolicyStorage  = file.NewGeneratedNetworkPolicyStorage(storageImpl)
+
+		// REST endpoint registration, defaults to storageImpl.
+		ep = func(f func(*runtime.Scheme, storage.Interface, generic.RESTOptionsGetter) (*registry.REST, error), s ...storage.Interface) *registry.REST {
+			var si storage.Interface = storageImpl
+			if len(s) > 0 {
+				si = s[0]
+			}
+			return sbomregistry.RESTInPeace(f(Scheme, si, c.GenericConfig.RESTOptionsGetter))
+		}
+	)
+	apiGroupInfo.VersionedResourcesStorageMap["v1beta1"] = map[string]rest.Storage{
+		"applicationactivities":               ep(applicationactivity.NewREST),
+		"applicationprofiles":                 ep(applicationprofile.NewREST, applicationProfileStorageImpl),
+		"configurationscansummaries":          ep(configurationscansummary.NewREST, configScanStorageImpl),
+		"generatednetworkpolicies":            ep(generatednetworkpolicy.NewREST, generatedNetworkPolicyStorage),
+		"knownservers":                        ep(knownserver.NewREST),
+		"networkneighborhoods":                ep(networkneighborhood.NewREST, networkNeighborhoodStorageImpl),
+		"networkneighborses":                  ep(networkneighbors.NewREST),
+		"openvulnerabilityexchangecontainers": ep(openvulnerabilityexchange.NewREST),
+		"sbomspdxv2p3filtereds":               ep(sbomspdxv2p3filteredstorage.NewREST),
+		"sbomspdxv2p3s":                       ep(sbomspdxv2p3storage.NewREST),
+		"sbomsyftfiltereds":                   ep(sbomsyftfiltereds.NewREST),
+		"sbomsyfts":                           ep(sbomsyfts.NewREST),
+		"seccompprofiles":                     ep(seccompprofiles.NewREST),
+		"vulnerabilitymanifests":              ep(vmstorage.NewREST),
+		"vulnerabilitymanifestsummaries":      ep(vmsumstorage.NewREST),
+		"vulnerabilitysummaries":              ep(vsumstorage.NewREST, vulnerabilitySummaryStorage),
+		"workloadconfigurationscans":          ep(wcsstorage.NewREST),
+		"workloadconfigurationscansummaries":  ep(wcssumstorage.NewREST),
+	}
 
 	if err := s.GenericAPIServer.InstallAPIGroup(&apiGroupInfo); err != nil {
 		return nil, err