feat(scanner): Implement K8s scanner (#184)

* Implement K8s scanner

* Automatic application of license header

* Clean up

* Signing previous commits

* Sign with SSH key

* Sign with SSH key (again)

* Sign with SSH key (again testing)

* Implement K8s scanner

* Automatic application of license header

* Clean up

* Signing previous commits

* Sign with SSH key

* Sign with SSH key (again)

* Sign with SSH key (again testing)

* Signing previous commits

* Sign with SSH key

* Sign with SSH key (again)

* Sign with SSH key (again testing)

* Signing previous commits

* Sign with SSH key

* Sign with SSH key (again)

* Sign with SSH key (again testing)

* WIP

* Restore go.mod

* Wip

* Add tests

* Automatic application of license header

* Wip

* Improve logic

* Factorize KubeConfig

* Fixes #discussion_r1740426730

* Fixes #184 (comment)

---------

Co-authored-by: License Bot <[email protected]>
Co-authored-by: David Rochow <[email protected]>

scanner/k8s-assets/client/genqlient.yaml

@@ -0,0 +1,11 @@
+# SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Greenhouse contributors
+# SPDX-License-Identifier: Apache-2.0
+
+# Default genqlient config; for full documentation see:
+# https://github.com/Khan/genqlient/blob/main/docs/genqlient.yaml
+schema: ../../../internal/api/graphql/graph/schema/*.graphqls
+operations:
+- ./query/*.graphql
+generated: generated.go
+package: client
+use_struct_references: true

scanner/k8s-assets/client/query/component_query.graphql

@@ -0,0 +1,19 @@
+# SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Greenhouse contributors
+# SPDX-License-Identifier: Apache-2.0
+
+query ListComponents($filter: ComponentFilter) {
+  # @genqlient(typename: "ComponentConnection")
+  Components (
+    filter: $filter,
+  ) {
+    totalCount
+    edges {
+      # @genqlient(typename: "Component")
+      node {
+        id
+        name
+        type
+      }
+    }
+  }
+}

scanner/k8s-assets/client/query/componentinstance_create.graphql

@@ -0,0 +1,15 @@
+# SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Greenhouse contributors
+# SPDX-License-Identifier: Apache-2.0
+
+mutation CreateComponentInstance ($input: ComponentInstanceInput!) {
+     # @genqlient(typename: "ComponentInstance")
+    createComponentInstance (
+        input: $input
+    ) {
+        id
+        ccrn
+        count
+        componentVersionId
+        serviceId
+    }
+}

scanner/k8s-assets/client/query/componentinstance_query.graphql

@@ -0,0 +1,15 @@
+# SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Greenhouse contributors
+# SPDX-License-Identifier: Apache-2.0
+
+query ListComponentInstances ($filter: ComponentInstanceFilter) {
+    ComponentInstances (
+        filter: $filter,
+    ) {
+        totalCount
+        edges {
+            node {
+                id
+            }
+        }
+    }
+}

scanner/k8s-assets/client/query/componentversion_create.graphql

@@ -0,0 +1,12 @@
+# SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Greenhouse contributors
+# SPDX-License-Identifier: Apache-2.0
+
+mutation CreateComponentVersion ($input: ComponentVersionInput!) {
+    createComponentVersion (
+        input: $input
+    ) {
+        id
+        version
+        componentId
+    }
+}

scanner/k8s-assets/client/query/componentversion_query.graphql

@@ -0,0 +1,19 @@
+# SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Greenhouse contributors
+# SPDX-License-Identifier: Apache-2.0
+
+query ListComponentVersions($filter: ComponentVersionFilter) {
+  # @genqlient(typename: "ComponentVersionConnection")
+  ComponentVersions (
+    filter: $filter,
+  ) {
+    totalCount
+    edges {
+      # @genqlient(typename: "ComponentVersion")
+      node {
+        id
+        version
+        componentId
+      }
+    }
+  }
+}

scanner/k8s-assets/client/query/service_create.graphql

@@ -0,0 +1,12 @@
+# SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Greenhouse contributors
+# SPDX-License-Identifier: Apache-2.0
+
+mutation CreateService ($input: ServiceInput!) {
+     # @genqlient(typename: "Service")
+    createService (
+        input: $input
+    ) {
+        id
+        name
+    }
+}

scanner/k8s-assets/client/query/service_query.graphql

@@ -0,0 +1,15 @@
+# SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Greenhouse contributors
+# SPDX-License-Identifier: Apache-2.0
+
+query ListServices ($filter: ServiceFilter) {
+  Services (
+    filter: $filter,
+  ) {
+    totalCount
+    edges {
+      node {
+        id
+      }
+    }
+  }
+}

scanner/k8s-assets/config/kubeconfig.go

@@ -0,0 +1,88 @@
+// SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Greenhouse contributors
+// SPDX-License-Identifier: Apache-2.0
+
+package config
+
+import (
+	"fmt"
+
+	"k8s.io/client-go/rest"
+	"k8s.io/client-go/tools/clientcmd"
+)
+
+// KubeConfigFactory interface
+type KubeConfigFactory interface {
+	CreateConfig() (*rest.Config, error)
+}
+
+// OIDCConfigFactory implements KubeConfigFactory for OIDC-based configs
+type OIDCConfigFactory struct {
+	path    string
+	context string
+}
+
+func NewOIDCConfigFactory(path, context string) *OIDCConfigFactory {
+	return &OIDCConfigFactory{path: path, context: context}
+}
+
+func (f *OIDCConfigFactory) CreateConfig() (*rest.Config, error) {
+	config, err := clientcmd.NewNonInteractiveDeferredLoadingClientConfig(
+		&clientcmd.ClientConfigLoadingRules{ExplicitPath: f.path},
+		&clientcmd.ConfigOverrides{CurrentContext: f.context},
+	).ClientConfig()
+	if err != nil {
+		return nil, fmt.Errorf("failed to load OIDC kubeconfig: %w", err)
+	}
+	return config, nil
+}
+
+// InClusterConfigFactory implements KubeConfigFactory for in-cluster configs
+type InClusterConfigFactory struct{}
+
+func NewInClusterConfigFactory() *InClusterConfigFactory {
+	return &InClusterConfigFactory{}
+}
+
+func (f *InClusterConfigFactory) CreateConfig() (*rest.Config, error) {
+	return rest.InClusterConfig()
+}
+
+// DefaultConfigFactory implements KubeConfigFactory for default configs
+type DefaultConfigFactory struct {
+	path string
+}
+
+func NewDefaultConfigFactory(path string) *DefaultConfigFactory {
+	return &DefaultConfigFactory{path: path}
+}
+
+func (f *DefaultConfigFactory) CreateConfig() (*rest.Config, error) {
+	config, err := clientcmd.BuildConfigFromFlags("", f.path)
+	if err != nil {
+		return nil, fmt.Errorf("failed to load default kubeconfig: %w", err)
+	}
+	return config, nil
+}
+
+// createConfigFactory creates the appropriate KubeConfigFactory based on the type and parameters
+func createConfigFactory(configType, path, context string) (KubeConfigFactory, error) {
+	switch configType {
+	case "oidc":
+		return NewOIDCConfigFactory(path, context), nil
+	case "in-cluster":
+		return NewInClusterConfigFactory(), nil
+	case "default":
+		return NewDefaultConfigFactory(path), nil
+	default:
+		return nil, fmt.Errorf("unknown KUBECONFIG_TYPE: %s", configType)
+	}
+}
+
+// getKubeConfig is the main function to get the Kubernetes configuration
+func GetKubeConfig(configType, path, context string) (*rest.Config, error) {
+	factory, err := createConfigFactory(configType, path, context)
+	if err != nil {
+		return nil, err
+	}
+	return factory.CreateConfig()
+}

scanner/k8s-assets/go.mod

@@ -1,3 +1,62 @@
 module github.com/cloudoperators/heureka/scanners/k8s-assets
 
-go 1.22.6
+go 1.22.6
+
+require (
+	github.com/Khan/genqlient v0.7.0
+	github.com/onsi/ginkgo/v2 v2.19.0
+	github.com/onsi/gomega v1.33.1
+	k8s.io/client-go v0.31.0
+)
+
+require (
+	github.com/go-task/slim-sprig/v3 v3.0.0 // indirect
+	github.com/google/pprof v0.0.0-20240525223248-4bfdf5a9a2af // indirect
+	github.com/vektah/gqlparser/v2 v2.5.11 // indirect
+	golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect
+)
+
+require (
+	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
+	github.com/emicklei/go-restful/v3 v3.11.0 // indirect
+	github.com/fxamacker/cbor/v2 v2.7.0 // indirect
+	github.com/go-logr/logr v1.4.2 // indirect
+	github.com/go-openapi/jsonpointer v0.19.6 // indirect
+	github.com/go-openapi/jsonreference v0.20.2 // indirect
+	github.com/go-openapi/swag v0.22.4 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/golang/protobuf v1.5.4 // indirect
+	github.com/google/gnostic-models v0.6.8 // indirect
+	github.com/google/go-cmp v0.6.0 // indirect
+	github.com/google/gofuzz v1.2.0 // indirect
+	github.com/google/uuid v1.6.0 // indirect
+	github.com/imdario/mergo v0.3.6 // indirect
+	github.com/josharian/intern v1.0.0 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/kelseyhightower/envconfig v1.4.0
+	github.com/mailru/easyjson v0.7.7 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/sirupsen/logrus v1.9.3
+	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/x448/float16 v0.8.4 // indirect
+	golang.org/x/net v0.26.0 // indirect
+	golang.org/x/oauth2 v0.21.0 // indirect
+	golang.org/x/sys v0.22.0 // indirect
+	golang.org/x/term v0.22.0 // indirect
+	golang.org/x/text v0.16.0 // indirect
+	golang.org/x/time v0.3.0 // indirect
+	google.golang.org/protobuf v1.34.2 // indirect
+	gopkg.in/inf.v0 v0.9.1 // indirect
+	gopkg.in/yaml.v2 v2.4.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	k8s.io/api v0.31.0
+	k8s.io/apimachinery v0.31.0
+	k8s.io/klog/v2 v2.130.1 // indirect
+	k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect
+	k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect
+	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
+	sigs.k8s.io/yaml v1.4.0 // indirect
+)