Skip to content

Commit

Permalink
refactor: Rename starboard.workload.* labels to starboard.resource.* (#…
Browse files Browse the repository at this point in the history 
…15)

Signed-off-by: Daniel Pacak <[email protected]>
  • Loading branch information
@danielpacak
danielpacak authored May 15, 2020
1 parent b8eb057 commit 74fe9b4
Show file tree
Hide file tree
Showing 5 changed files with 14 additions and 18 deletions.
10 changes: 5 additions & 5 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -130,13 +130,13 @@ After that you can pull the vulnerabilities reports using the `kubectl get` comm

```
$ kubectl get vulnerabilities -n dev -o yaml \
-l starboard.workload.kind=Deployment \
-l starboard.workload.name=booking-svc
-l starboard.resource.kind=Deployment \
-l starboard.resource.name=booking-svc
```

> **NOTE** The label selectors are used to find vulnerability reports for the specified Deployment.
> For Deployments with *N* containers Starboard creates *N* instances of `vulnerabilities.aquasecurity.github.io`
> resources. There's the `starboard.workload.container` label to associate the vulnerability report with a particular
> resources. There's the `starboard.container.name` label to associate the vulnerability report with a particular
> container image.
Additionally, you could check for other risks with:
Expand All @@ -149,8 +149,8 @@ And get the corresponding report(s):

```
$ kubectl get risks -n dev -o yaml \
-l starboard.workload.kind=Deployment \
-l starboard.workload.name=booking-svc
-l starboard.resource.kind=Deployment \
-l starboard.resource.name=booking-svc
```

## Contributing
Expand Down
4 changes: 2 additions & 2 deletions pkg/find/vulnerabilities/crd/writer.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,8 +37,8 @@ func (s *writer) createVulnerability(workload kube.Workload, container string, r
ObjectMeta: meta.ObjectMeta{
Name: fmt.Sprintf(uuid.New().String()),
Labels: map[string]string{
kube.LabelWorkloadKind: workload.Kind.String(),
kube.LabelWorkloadName: workload.Name,
kube.LabelResourceKind: workload.Kind.String(),
kube.LabelResourceName: workload.Name,
kube.LabelContainerName: container,
},
},
Expand Down
8 changes: 4 additions & 4 deletions pkg/find/vulnerabilities/trivy/scanner.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -174,8 +174,8 @@ func (s *scanner) prepareJob(workload kube.Workload, spec core.PodSpec) (*batch.
Name: jobName,
Namespace: kube.NamespaceStarboard,
Labels: map[string]string{
kube.LabelWorkloadKind: workload.Kind.String(),
kube.LabelWorkloadName: workload.Name,
kube.LabelResourceKind: workload.Kind.String(),
kube.LabelResourceName: workload.Name,
},
},
Spec: batch.JobSpec{
Expand All @@ -185,8 +185,8 @@ func (s *scanner) prepareJob(workload kube.Workload, spec core.PodSpec) (*batch.
Template: core.PodTemplateSpec{
ObjectMeta: meta.ObjectMeta{
Labels: map[string]string{
kube.LabelWorkloadKind: workload.Kind.String(),
kube.LabelWorkloadName: workload.Name,
kube.LabelResourceKind: workload.Kind.String(),
kube.LabelResourceName: workload.Name,
},
},
Spec: core.PodSpec{
Expand Down
6 changes: 1 addition & 5 deletions pkg/kube/workload.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,9 @@ const (
)

const (
// Deprecated use LabelResourceKind instead, which is more generic
LabelWorkloadKind = "starboard.workload.kind"
// Deprecated use LabelResourceName instead, which is more generic
LabelWorkloadName = "starboard.workload.name"
LabelContainerName = "starboard.container.name"
LabelResourceKind = "starboard.resource.kind"
LabelResourceName = "starboard.resource.name"
LabelContainerName = "starboard.container.name"

LabelScannerName = "starboard.scanner.name"
LabelScannerVendor = "starboard.scanner.vendor"
Expand Down
4 changes: 2 additions & 2 deletions pkg/polaris/crd/writer.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,8 @@ func (w *writer) Write(report sec.ConfigAudit) (err error) {
ObjectMeta: meta.ObjectMeta{
Name: name,
Labels: map[string]string{
kube.LabelWorkloadKind: report.Resource.Kind,
kube.LabelWorkloadName: report.Resource.Name,
kube.LabelResourceKind: report.Resource.Kind,
kube.LabelResourceName: report.Resource.Name,
},
},
Report: report,
Expand Down

0 comments on commit 74fe9b4

Please sign in to comment.