From 2b07436772a7e536a7dc15d7d54e7d1e45b8f20e Mon Sep 17 00:00:00 2001 From: poornima-metron Date: Mon, 26 Aug 2024 12:24:28 +0530 Subject: [PATCH 1/3] added pod annotations property --- CHANGELOG.md | 6 +++ package.json | 2 +- .../pods/__snapshots__/index.test.ts.snap | 37 +++++++++++++++++++ src/steps/pods/converters.ts | 12 ++++++ src/steps/pods/index.test.ts | 4 ++ 5 files changed, 60 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 854040a..e21481e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,12 @@ and this project adheres to ## [Unreleased] +## 2.3.4 - 2024-08-26 + +### Changed + +- Added POD Annotation Data property in the same pod entity + ## 2.3.3 - 2024-08-22 - Enable PODS step. diff --git a/package.json b/package.json index b0f679e..5516078 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@jupiterone/graph-kubernetes", - "version": "2.3.3", + "version": "2.3.4", "description": "A JupiterOne Integration for Kubernetes", "repository": { "type": "git", diff --git a/src/steps/pods/__snapshots__/index.test.ts.snap b/src/steps/pods/__snapshots__/index.test.ts.snap index c770e20..bbba4c0 100644 --- a/src/steps/pods/__snapshots__/index.test.ts.snap +++ b/src/steps/pods/__snapshots__/index.test.ts.snap @@ -2324,6 +2324,7 @@ exports[`#fetchPods should collect data: jobState 1`] = ` "hostname": undefined, "name": "coredns-76f75df574-2zlsc", "nodeName": "docker-desktop", + "podAnnotations": undefined, "preemptionPolicy": "PreemptLowerPriority", "priority": 2000000000, "priorityClassName": "system-cluster-critical", @@ -3220,6 +3221,7 @@ exports[`#fetchPods should collect data: jobState 1`] = ` "hostname": undefined, "name": "coredns-76f75df574-hnlc6", "nodeName": "docker-desktop", + "podAnnotations": undefined, "preemptionPolicy": "PreemptLowerPriority", "priority": 2000000000, "priorityClassName": "system-cluster-critical", @@ -3841,6 +3843,13 @@ exports[`#fetchPods should collect data: jobState 1`] = ` "hostname": undefined, "name": "etcd-docker-desktop", "nodeName": "docker-desktop", + "podAnnotations": [ + "kubeadm.kubernetes.io/etcd.advertise-client-urls: https://192.168.65.3:2379", + "kubernetes.io/config.hash: a7259c8a6f480a66649ce97631b20e6f", + "kubernetes.io/config.mirror: a7259c8a6f480a66649ce97631b20e6f", + "kubernetes.io/config.seen: 2024-03-15T15:20:27.439981811Z", + "kubernetes.io/config.source: file", + ], "preemptionPolicy": "PreemptLowerPriority", "priority": 2000001000, "priorityClassName": "system-node-critical", @@ -4800,6 +4809,13 @@ exports[`#fetchPods should collect data: jobState 1`] = ` "hostname": undefined, "name": "kube-apiserver-docker-desktop", "nodeName": "docker-desktop", + "podAnnotations": [ + "kubeadm.kubernetes.io/kube-apiserver.advertise-address.endpoint: 192.168.65.3:6443", + "kubernetes.io/config.hash: 0ebf02f01020bac6394d8c559802bcc8", + "kubernetes.io/config.mirror: 0ebf02f01020bac6394d8c559802bcc8", + "kubernetes.io/config.seen: 2024-03-15T15:20:27.439985247Z", + "kubernetes.io/config.source: file", + ], "preemptionPolicy": "PreemptLowerPriority", "priority": 2000001000, "priorityClassName": "system-node-critical", @@ -5880,6 +5896,12 @@ exports[`#fetchPods should collect data: jobState 1`] = ` "hostname": undefined, "name": "kube-controller-manager-docker-desktop", "nodeName": "docker-desktop", + "podAnnotations": [ + "kubernetes.io/config.hash: af7b12e5509cb13b2c1d769bc20867d1", + "kubernetes.io/config.mirror: af7b12e5509cb13b2c1d769bc20867d1", + "kubernetes.io/config.seen: 2024-03-15T15:20:27.439986156Z", + "kubernetes.io/config.source: file", + ], "preemptionPolicy": "PreemptLowerPriority", "priority": 2000001000, "priorityClassName": "system-node-critical", @@ -6814,6 +6836,7 @@ exports[`#fetchPods should collect data: jobState 1`] = ` "hostname": undefined, "name": "kube-proxy-6dr6c", "nodeName": "docker-desktop", + "podAnnotations": undefined, "preemptionPolicy": "PreemptLowerPriority", "priority": 2000001000, "priorityClassName": "system-node-critical", @@ -7473,6 +7496,12 @@ exports[`#fetchPods should collect data: jobState 1`] = ` "hostname": undefined, "name": "kube-scheduler-docker-desktop", "nodeName": "docker-desktop", + "podAnnotations": [ + "kubernetes.io/config.hash: 8dc7392ffeee7cf9ac30dda5e5775176", + "kubernetes.io/config.mirror: 8dc7392ffeee7cf9ac30dda5e5775176", + "kubernetes.io/config.seen: 2024-03-15T15:20:27.439986887Z", + "kubernetes.io/config.source: file", + ], "preemptionPolicy": "PreemptLowerPriority", "priority": 2000001000, "priorityClassName": "system-node-critical", @@ -8098,6 +8127,10 @@ exports[`#fetchPods should collect data: jobState 1`] = ` "hostname": undefined, "name": "storage-provisioner", "nodeName": "docker-desktop", + "podAnnotations": [ + "kubectl.kubernetes.io/last-applied-configuration: {"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"labels":{"component":"storage-provisioner"},"name":"storage-provisioner","namespace":"kube-system"},"spec":{"containers":[{"args":["/var/lib/k8s-pvs"],"image":"docker/desktop-storage-provisioner:v2.0","imagePullPolicy":"IfNotPresent","name":"storage-provisioner","volumeMounts":[{"mountPath":"/var/lib/k8s-pvs","name":"pvs"}]}],"serviceAccountName":"storage-provisioner","volumes":[{"hostPath":{"path":"/var/lib/k8s-pvs","type":"Directory"},"name":"pvs"}]}} +", + ], "preemptionPolicy": "PreemptLowerPriority", "priority": 0, "priorityClassName": undefined, @@ -8692,6 +8725,10 @@ exports[`#fetchPods should collect data: jobState 1`] = ` "hostname": undefined, "name": "vpnkit-controller", "nodeName": "docker-desktop", + "podAnnotations": [ + "kubectl.kubernetes.io/last-applied-configuration: {"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"labels":{"component":"vpnkit-controller"},"name":"vpnkit-controller","namespace":"kube-system"},"spec":{"containers":[{"command":["/kube-vpnkit-forwarder","-path","/run/host-services/backend.sock"],"image":"docker/desktop-vpnkit-controller:dc331cb22850be0cdd97c84a9cfecaf44a1afb6e","imagePullPolicy":"IfNotPresent","name":"vpnkit-controller","volumeMounts":[{"mountPath":"/run/host-services/backend.sock","name":"api"}]}],"serviceAccountName":"vpnkit-controller","volumes":[{"hostPath":{"path":"/run/host-services/backend.sock"},"name":"api"}]}} +", + ], "preemptionPolicy": "PreemptLowerPriority", "priority": 0, "priorityClassName": undefined, diff --git a/src/steps/pods/converters.ts b/src/steps/pods/converters.ts index 2d02c61..32db220 100644 --- a/src/steps/pods/converters.ts +++ b/src/steps/pods/converters.ts @@ -8,6 +8,17 @@ import { Entities } from '../constants'; export function createPodEntity(data: k8s.V1Pod) { // TODO: We could remove data.spec.containers array from this (from rawData) // TODO: We may want to take the spec.volumes, delete it from here and create new entities/relationships + + // Convert annotations to string array if present + const annotations = data.metadata?.annotations; + let annotationArray: string[] | undefined; + + if (annotations) { + annotationArray = Object.entries(annotations).map( + ([key, value]) => `${key}: ${value}`, + ); + } + return createIntegrationEntity({ entityData: { source: data, @@ -44,6 +55,7 @@ export function createPodEntity(data: k8s.V1Pod) { shareProcessNamespace: data.spec?.shareProcessNamespace, subdomain: data.spec?.subdomain, terminationGracePeriodSeconds: data.spec?.terminationGracePeriodSeconds, + podAnnotations: annotationArray, 'status.hostIP': data.status?.hostIP, 'status.message': data.status?.message, 'status.nominatedNodeName': data.status?.nominatedNodeName, diff --git a/src/steps/pods/index.test.ts b/src/steps/pods/index.test.ts index 6d6c88b..7ff3c69 100644 --- a/src/steps/pods/index.test.ts +++ b/src/steps/pods/index.test.ts @@ -63,6 +63,10 @@ describe('#fetchPods', () => { 'status.qosClass': { type: 'string' }, 'status.reason': { type: 'string' }, 'status.startTime': { type: 'number' }, + podAnnotations: { + type: 'array', + items: { type: 'string' }, + }, }, }, }, From f438adc9fda9e75284c01a4761fd6f76090c988a Mon Sep 17 00:00:00 2001 From: Gonzalo Avalos Ribas Date: Mon, 26 Aug 2024 10:39:50 -0300 Subject: [PATCH 2/3] Decrease version on package.json --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 5516078..b0f679e 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@jupiterone/graph-kubernetes", - "version": "2.3.4", + "version": "2.3.3", "description": "A JupiterOne Integration for Kubernetes", "repository": { "type": "git", From 4fceeebf8c7303d26d2b56c35d2460c916aa0b6a Mon Sep 17 00:00:00 2001 From: Gonzalo Avalos Ribas Date: Mon, 26 Aug 2024 10:43:07 -0300 Subject: [PATCH 3/3] v2.3.4 --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index b0f679e..5516078 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@jupiterone/graph-kubernetes", - "version": "2.3.3", + "version": "2.3.4", "description": "A JupiterOne Integration for Kubernetes", "repository": { "type": "git",