Add a show command to the Diki CLI #412
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
gardener-robot
added
needs/review
gardener-robot-ci-2
added
reviewed/ok-to-test
gardener-robot
added
size/l
gardener-robot-ci-2
added
the
reviewed/ok-to-test
gardener-robot-ci-1
removed
the
reviewed/ok-to-test
dimityrmirchev
requested changes
Jan 3, 2025
cmd/diki/app/app.go
Outdated
Comment on lines
142
to
143
| Short: "", | ||
| Long: "", |
There was a problem hiding this comment.
Suggested change
| Short: "", | |
| Long: "", | |
| Short: "Show detailed information for the given provider.", | |
| Long: "Show detailed information for the given provider.", |
pkg/metadata/metadata.go
Outdated
| @@ -0,0 +1,41 @@ | |||
| // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and Gardener contributors | |||
There was a problem hiding this comment.
Suggested change
| // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and Gardener contributors | |
| // SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Gardener contributors |
pkg/metadata/metadata.go
Outdated
|
|
||
| // Version is used to represent a specific version of a ruleset | ||
| type Version struct { | ||
| // Version is the human-readable name of the ruleset release |
There was a problem hiding this comment.
Suggested change
| // Version is the human-readable name of the ruleset release | |
| // Version is the name of the ruleset release. |
pkg/metadata/metadata.go
Outdated
| type Version struct { | ||
| // Version is the human-readable name of the ruleset release | ||
| Version string `json:"version"` | ||
| // Latest is a bool tag that showcases if the specific version is the latest one |
There was a problem hiding this comment.
Suggested change
| // Latest is a bool tag that showcases if the specific version is the latest one | |
| // Latest shows if the specific version is the latest one. |
pkg/metadata/metadata.go
Outdated
| ProviderName string `json:"name"` | ||
| } | ||
|
|
||
| // ProviderMetadata is used to represent a specific provider and it's metadata |
There was a problem hiding this comment.
Please put dots at the end of all sentences.
pkg/provider/builder/garden.go
Outdated
| // GardenProviderMetadata returns available metadata for the Garden Provider and it's supported rulesets. | ||
| func GardenProviderMetadata() metadata.ProviderMetadata { | ||
| providerMetadata := metadata.ProviderMetadata{} | ||
| providerMetadata.ProviderID = "garden" |
There was a problem hiding this comment.
This would not be correct if the provider id changes here
Lines 19 to 22 in a4a8e8f
We should either fix the provider id to a constant or not hardcode it here.
pkg/provider/builder/garden.go
Outdated
Comment on lines
69
to
89
| var availableRulesets = map[string]string{ | ||
| securityhardenedshoot.RulesetID: securityhardenedshoot.RulesetName, | ||
| } | ||
|
|
||
| for rulesetID, rulesetName := range availableRulesets { | ||
| rulesetMetadata := &metadata.RulesetMetadata{} | ||
| rulesetMetadata.RulesetID = rulesetID | ||
| rulesetMetadata.RulesetName = rulesetName | ||
| rulesetSupportedVersions := gardenGetSupportedVersions(rulesetMetadata.RulesetID) | ||
|
|
||
| for index, supportedVersion := range rulesetSupportedVersions { | ||
| if index == 0 { | ||
| rulesetMetadata.Versions = append(rulesetMetadata.Versions, metadata.Version{Version: supportedVersion, Latest: true}) | ||
| } else { | ||
| rulesetMetadata.Versions = append(rulesetMetadata.Versions, metadata.Version{Version: supportedVersion, Latest: false}) | ||
| } | ||
| } | ||
| providerMetadata.ProviderRulesets = append(providerMetadata.ProviderRulesets, *rulesetMetadata) | ||
| } | ||
|
|
||
| return providerMetadata |
There was a problem hiding this comment.
Why not just initialize the structs?
providerMetadata := metadata.ProviderMetadata{
ProviderID: "garden",
ProviderName: "Garden",
ProviderRulesets: []metadata.RulesetMetadata{
{
RulesetID: securityhardenedshoot.RulesetID,
RulesetName: securityhardenedshoot.RulesetName,
},
},
}
for i := range providerMetadata.ProviderRulesets {
supportedVersions := gardenGetSupportedVersions(providerMetadata.ProviderRulesets[i].RulesetID)
for _, supportedVersion := range supportedVersions {
providerMetadata.ProviderRulesets[i].Versions = append(
providerMetadata.ProviderRulesets[i].Versions,
metadata.Version{Version: supportedVersion, Latest: false},
)
}
// Mark the first version as latest as the versions are sorted from newest to oldest
if len(providerMetadata.ProviderRulesets[i].Versions) > 0 {
providerMetadata.ProviderRulesets[i].Versions[0].Latest = true
}
}
return providerMetadata
cmd/diki/app/app.go
Outdated
Comment on lines
209
to
224
| } else { | ||
| var providerArg = args[0] | ||
|
|
||
| metadataFunc, ok := providerFuncMap[providerArg] | ||
| if !ok { | ||
| return fmt.Errorf("provider %s does not exist in the current diki binary", providerArg) | ||
| } | ||
|
|
||
| providerMetadata := metadataFunc() | ||
|
|
||
| if bytes, err := json.Marshal(providerMetadata); err != nil { | ||
| return err | ||
| } else { | ||
| fmt.Println(string(bytes)) | ||
| } | ||
| } |
There was a problem hiding this comment.
Suggested change
| } else { | |
| var providerArg = args[0] | |
| metadataFunc, ok := providerFuncMap[providerArg] | |
| if !ok { | |
| return fmt.Errorf("provider %s does not exist in the current diki binary", providerArg) | |
| } | |
| providerMetadata := metadataFunc() | |
| if bytes, err := json.Marshal(providerMetadata); err != nil { | |
| return err | |
| } else { | |
| fmt.Println(string(bytes)) | |
| } | |
| } | |
| } | |
| metadataFunc, ok := providerFuncMap[args[0]] | |
| if !ok { | |
| return fmt.Errorf("provider %s does not exist in the current diki binary", args[0]) | |
| } | |
| if bytes, err := json.Marshal(metadataFunc()); err != nil { | |
| return err | |
| } | |
| fmt.Println(string(bytes)) | |
gardener-robot-ci-1
added
the
reviewed/ok-to-test
gardener-robot-ci-3
removed
the
reviewed/ok-to-test
gardener-robot-ci-2
added
reviewed/ok-to-test
gardener-robot-ci-3
added
reviewed/ok-to-test
dimityrmirchev
requested changes
Jan 21, 2025
cmd/diki/app/app.go
Outdated
| @@ -124,6 +125,28 @@ e.g. to check compliance of your hyperscaler accounts.`, | |||
| addReportGenerateDiffFlags(generateDiffCmd, &generateDiffOpts) | |||
| generateCmd.AddCommand(generateDiffCmd) | |||
|
|
|||
| showCmd := &cobra.Command{ | |||
| Use: "show", | |||
| Short: "Show metadata of the providers that the current diki binary supports.", | |||
There was a problem hiding this comment.
Suggested change
| Short: "Show metadata of the providers that the current diki binary supports.", | |
| Short: "Show metadata information for different diki internals, i.e. providers.", |
cmd/diki/app/app.go
Outdated
|
|
||
| showProviderCmd := &cobra.Command{ | ||
| Use: "provider", | ||
| Short: "Show detailed information for the given provider.", |
There was a problem hiding this comment.
Suggested change
| Short: "Show detailed information for the given provider.", | |
| Short: "Show detailed information for providers.", |
cmd/diki/app/app.go
Outdated
|
|
||
| metadataFunc, ok := metadataFuncs[args[0]] | ||
| if !ok { | ||
| return fmt.Errorf("provider %s does not exist in the current diki binary", args[0]) |
There was a problem hiding this comment.
Suggested change
| return fmt.Errorf("provider %s does not exist in the current diki binary", args[0]) | |
| return fmt.Errorf("unknown provider: %s", args[0]) |
cmd/diki/app/app.go
Outdated
| "github.com/gardener/diki/pkg/provider" | ||
| "github.com/gardener/diki/pkg/report" | ||
| "github.com/gardener/diki/pkg/ruleset" | ||
| ) | ||
|
|
||
| // NewDikiCommand creates a new command that is used to start Diki. | ||
| func NewDikiCommand(providerCreateFuncs map[string]provider.ProviderFromConfigFunc) *cobra.Command { | ||
| func NewDikiCommand(providerCreateFuncs map[string]provider.ProviderFromConfigFunc, metadataFuncs map[string]metadata.MetadataFunc) *cobra.Command { |
There was a problem hiding this comment.
Use a single map, so there is consistency across provider id keys.
cmd/diki/app/app.go
Outdated
| @@ -156,6 +179,39 @@ func addReportGenerateDiffFlags(cmd *cobra.Command, opts *generateDiffOptions) { | |||
| cmd.PersistentFlags().Var(cliflag.NewMapStringString(&opts.identityAttributes), "identity-attributes", "The keys are the IDs of the providers that will be present in the generated difference report and the values are metadata attributes to be used as identifiers.") | |||
| } | |||
|
|
|||
| func showProviderCmd(args []string, metadataFuncs map[string]metadata.MetadataFunc) error { | |||
| if len(args) > 1 { | |||
| return errors.New("command `show provider` accepts at most one provider") | |||
There was a problem hiding this comment.
Suggested change
| return errors.New("command `show provider` accepts at most one provider") | |
| return errors.New("command 'show provider' accepts at most one provider") |
pkg/metadata/metadata.go
Outdated
| } | ||
|
|
||
| // MetadataFunc constructs a detailed Provider metadata object. | ||
| type MetadataFunc func() ProviderDetailed |
There was a problem hiding this comment.
Please move this func to pkg/provider/provider.go
gardener-robot-ci-3
added
reviewed/ok-to-test
gardener-robot-ci-2
added
the
reviewed/ok-to-test
gardener-robot-ci-1
removed
the
reviewed/ok-to-test
gardener-robot-ci-2
added
reviewed/ok-to-test
gardener-robot-ci-2
added
reviewed/ok-to-test
gardener-robot
added
reviewed/lgtm
gardener-robot-ci-3
added
the
reviewed/ok-to-test
gardener-robot
added
the
status/closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What this PR does / why we need it:
This PR implements a new Cobra command that generates a JSON object containing the metadata of the specified provider and it's supported rulesets, or a JSON list of all providers available.
Which issue(s) this PR fixes:
Fixes #300
Special notes for your reviewer:
Release note: