From 81a93dbda313589932ec777a585d6f91566332ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A1s=20J=C3=A1ky?= Date: Mon, 26 Feb 2024 15:11:37 +0100 Subject: [PATCH] refactor: replace Scanner struct Config field MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: András Jáky --- provider/v2/azure/{scanner => }/config.go | 2 +- provider/v2/azure/provider.go | 22 +++++++++++---- provider/v2/azure/scanner/blob.go | 6 ++-- provider/v2/azure/scanner/networkInterface.go | 14 +++++----- provider/v2/azure/scanner/scanner.go | 16 +++++++++-- provider/v2/azure/scanner/scannerVm.go | 28 +++++++++---------- provider/v2/azure/scanner/snapshot.go | 8 +++--- provider/v2/azure/scanner/targetDisk.go | 18 ++++++------ 8 files changed, 69 insertions(+), 45 deletions(-) rename provider/v2/azure/{scanner => }/config.go (99%) diff --git a/provider/v2/azure/scanner/config.go b/provider/v2/azure/config.go similarity index 99% rename from provider/v2/azure/scanner/config.go rename to provider/v2/azure/config.go index 0a973d9ac..eb2927001 100644 --- a/provider/v2/azure/scanner/config.go +++ b/provider/v2/azure/config.go @@ -13,7 +13,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package scanner +package azure import ( "encoding/base64" diff --git a/provider/v2/azure/provider.go b/provider/v2/azure/provider.go index a55f560c7..0ab62b956 100644 --- a/provider/v2/azure/provider.go +++ b/provider/v2/azure/provider.go @@ -40,12 +40,12 @@ func (p *Provider) Kind() apitypes.CloudProvider { } func New(_ context.Context) (*Provider, error) { - scannerConfig, err := scanner.NewConfig() + config, err := NewConfig() if err != nil { return nil, fmt.Errorf("failed to load configuration: %w", err) } - err = scannerConfig.Validate() + err = config.Validate() if err != nil { return nil, fmt.Errorf("failed to validate configuration: %w", err) } @@ -55,12 +55,12 @@ func New(_ context.Context) (*Provider, error) { return nil, fmt.Errorf("failed create managed identity credential: %w", err) } - networkClientFactory, err := armnetwork.NewClientFactory(scannerConfig.SubscriptionID, cred, nil) + networkClientFactory, err := armnetwork.NewClientFactory(config.SubscriptionID, cred, nil) if err != nil { return nil, fmt.Errorf("failed to create network client factory: %w", err) } - computeClientFactory, err := armcompute.NewClientFactory(scannerConfig.SubscriptionID, cred, nil) + computeClientFactory, err := armcompute.NewClientFactory(config.SubscriptionID, cred, nil) if err != nil { return nil, fmt.Errorf("failed to create compute client factory: %w", err) } @@ -77,7 +77,19 @@ func New(_ context.Context) (*Provider, error) { DisksClient: computeClientFactory.NewDisksClient(), InterfacesClient: networkClientFactory.NewInterfacesClient(), - Config: scannerConfig, + SubscriptionID: config.SubscriptionID, + ScannerLocation: config.ScannerLocation, + ScannerResourceGroup: config.ScannerResourceGroup, + ScannerSubnet: config.ScannerSubnet, + ScannerPublicKey: string(config.ScannerPublicKey), + ScannerVMSize: config.ScannerVMSize, + ScannerImagePublisher: config.ScannerImagePublisher, + ScannerImageOffer: config.ScannerImageOffer, + ScannerImageSKU: config.ScannerImageSKU, + ScannerImageVersion: config.ScannerImageVersion, + ScannerSecurityGroup: config.ScannerSecurityGroup, + ScannerStorageAccountName: config.ScannerStorageAccountName, + ScannerStorageContainerName: config.ScannerStorageContainerName, }, Estimator: &estimator.Estimator{}, }, nil diff --git a/provider/v2/azure/scanner/blob.go b/provider/v2/azure/scanner/blob.go index 04fbee523..ff3bd92d6 100644 --- a/provider/v2/azure/scanner/blob.go +++ b/provider/v2/azure/scanner/blob.go @@ -42,7 +42,7 @@ func blobNameFromJobConfig(config *provider.ScanJobConfig) string { } func (s *Scanner) blobURLFromBlobName(blobName string) string { - return fmt.Sprintf("https://%s.blob.core.windows.net/%s/%s", s.Config.ScannerStorageAccountName, s.Config.ScannerStorageContainerName, blobName) + return fmt.Sprintf("https://%s.blob.core.windows.net/%s/%s", s.ScannerStorageAccountName, s.ScannerStorageContainerName, blobName) } func (s *Scanner) ensureBlobFromSnapshot(ctx context.Context, config *provider.ScanJobConfig, snapshot armcompute.Snapshot) (string, error) { @@ -61,7 +61,7 @@ func (s *Scanner) ensureBlobFromSnapshot(ctx context.Context, config *provider.S return blobURL, provider.RetryableErrorf(estimatedBlobCopyTime, "blob is still copying") } - revokepoller, err := s.SnapshotsClient.BeginRevokeAccess(ctx, s.Config.ScannerResourceGroup, *snapshot.Name, nil) + revokepoller, err := s.SnapshotsClient.BeginRevokeAccess(ctx, s.ScannerResourceGroup, *snapshot.Name, nil) if err != nil { _, err := utils.HandleAzureRequestError(err, "revoking SAS access for snapshot %s", *snapshot.Name) return blobURL, err @@ -84,7 +84,7 @@ func (s *Scanner) ensureBlobFromSnapshot(ctx context.Context, config *provider.S // atomically with starting the CopyFromUrl Operation because // GrantAccess only provides the URL once, and we don't want to store // it. - poller, err := s.SnapshotsClient.BeginGrantAccess(ctx, s.Config.ScannerResourceGroup, *snapshot.Name, armcompute.GrantAccessData{ + poller, err := s.SnapshotsClient.BeginGrantAccess(ctx, s.ScannerResourceGroup, *snapshot.Name, armcompute.GrantAccessData{ Access: to.Ptr(armcompute.AccessLevelRead), DurationInSeconds: to.Ptr[int32](int32(snapshotSASAccessSeconds)), }, nil) diff --git a/provider/v2/azure/scanner/networkInterface.go b/provider/v2/azure/scanner/networkInterface.go index 87b33ffaa..0179cb2f2 100644 --- a/provider/v2/azure/scanner/networkInterface.go +++ b/provider/v2/azure/scanner/networkInterface.go @@ -39,7 +39,7 @@ func networkInterfaceNameFromJobConfig(config *provider.ScanJobConfig) string { func (s *Scanner) ensureNetworkInterface(ctx context.Context, config *provider.ScanJobConfig) (armnetwork.Interface, error) { nicName := networkInterfaceNameFromJobConfig(config) - nicResp, err := s.InterfacesClient.Get(ctx, s.Config.ScannerResourceGroup, nicName, nil) + nicResp, err := s.InterfacesClient.Get(ctx, s.ScannerResourceGroup, nicName, nil) if err == nil { if *nicResp.Interface.Properties.ProvisioningState != provisioningStateSucceeded { return nicResp.Interface, provider.RetryableErrorf(NetworkInterfaceEstimateProvisionTime, "interface is not ready yet, provisioning state: %s", *nicResp.Interface.Properties.ProvisioningState) @@ -54,7 +54,7 @@ func (s *Scanner) ensureNetworkInterface(ctx context.Context, config *provider.S } parameters := armnetwork.Interface{ - Location: to.Ptr(s.Config.ScannerLocation), + Location: to.Ptr(s.ScannerLocation), Properties: &armnetwork.InterfacePropertiesFormat{ IPConfigurations: []*armnetwork.InterfaceIPConfiguration{ { @@ -62,18 +62,18 @@ func (s *Scanner) ensureNetworkInterface(ctx context.Context, config *provider.S Properties: &armnetwork.InterfaceIPConfigurationPropertiesFormat{ PrivateIPAllocationMethod: to.Ptr(armnetwork.IPAllocationMethodDynamic), Subnet: &armnetwork.Subnet{ - ID: to.Ptr(s.Config.ScannerSubnet), + ID: to.Ptr(s.ScannerSubnet), }, }, }, }, NetworkSecurityGroup: &armnetwork.SecurityGroup{ - ID: to.Ptr(s.Config.ScannerSecurityGroup), + ID: to.Ptr(s.ScannerSecurityGroup), }, }, } - _, err = s.InterfacesClient.BeginCreateOrUpdate(ctx, s.Config.ScannerResourceGroup, nicName, parameters, nil) + _, err = s.InterfacesClient.BeginCreateOrUpdate(ctx, s.ScannerResourceGroup, nicName, parameters, nil) if err != nil { _, err := utils.HandleAzureRequestError(err, "creating interface %s", nicName) return armnetwork.Interface{}, err @@ -88,11 +88,11 @@ func (s *Scanner) ensureNetworkInterfaceDeleted(ctx context.Context, config *pro return utils.EnsureDeleted( "interface", func() error { - _, err := s.InterfacesClient.Get(ctx, s.Config.ScannerResourceGroup, nicName, nil) + _, err := s.InterfacesClient.Get(ctx, s.ScannerResourceGroup, nicName, nil) return err }, func() error { - _, err := s.InterfacesClient.BeginDelete(ctx, s.Config.ScannerResourceGroup, nicName, nil) + _, err := s.InterfacesClient.BeginDelete(ctx, s.ScannerResourceGroup, nicName, nil) return err }, NetworkInterfaceDeleteEstimateTime, diff --git a/provider/v2/azure/scanner/scanner.go b/provider/v2/azure/scanner/scanner.go index b3dd36f33..d6623f421 100644 --- a/provider/v2/azure/scanner/scanner.go +++ b/provider/v2/azure/scanner/scanner.go @@ -43,7 +43,19 @@ type Scanner struct { DisksClient *armcompute.DisksClient InterfacesClient *armnetwork.InterfacesClient - Config *Config + SubscriptionID string + ScannerLocation string + ScannerResourceGroup string + ScannerSubnet string + ScannerPublicKey string + ScannerVMSize string + ScannerImagePublisher string + ScannerImageOffer string + ScannerImageSKU string + ScannerImageVersion string + ScannerSecurityGroup string + ScannerStorageAccountName string + ScannerStorageContainerName string } // nolint:cyclop @@ -70,7 +82,7 @@ func (s *Scanner) RunAssetScan(ctx context.Context, config *provider.ScanJobConf } var disk armcompute.Disk - if *assetVM.Location == s.Config.ScannerLocation { + if *assetVM.Location == s.ScannerLocation { disk, err = s.ensureManagedDiskFromSnapshot(ctx, config, snapshot) if err != nil { return fmt.Errorf("failed to ensure managed disk created from snapshot: %w", err) diff --git a/provider/v2/azure/scanner/scannerVm.go b/provider/v2/azure/scanner/scannerVm.go index 96d355ed7..ad15f423b 100644 --- a/provider/v2/azure/scanner/scannerVm.go +++ b/provider/v2/azure/scanner/scannerVm.go @@ -44,7 +44,7 @@ func scannerVMNameFromJobConfig(config *provider.ScanJobConfig) string { func (s *Scanner) ensureScannerVirtualMachine(ctx context.Context, config *provider.ScanJobConfig, networkInterface armnetwork.Interface) (armcompute.VirtualMachine, error) { vmName := scannerVMNameFromJobConfig(config) - vmResp, err := s.VMClient.Get(ctx, s.Config.ScannerResourceGroup, vmName, nil) + vmResp, err := s.VMClient.Get(ctx, s.ScannerResourceGroup, vmName, nil) if err == nil { if *vmResp.VirtualMachine.Properties.ProvisioningState != provisioningStateSucceeded { return vmResp.VirtualMachine, provider.RetryableErrorf(VMCreateEstimateProvisionTime, "VM is not ready yet, provisioning state: %s", *vmResp.VirtualMachine.Properties.ProvisioningState) @@ -64,21 +64,21 @@ func (s *Scanner) ensureScannerVirtualMachine(ctx context.Context, config *provi userDataBase64 := base64.StdEncoding.EncodeToString([]byte(userData)) parameters := armcompute.VirtualMachine{ - Location: to.Ptr(s.Config.ScannerLocation), + Location: to.Ptr(s.ScannerLocation), Identity: &armcompute.VirtualMachineIdentity{ // Scanners don't need access to Azure so no need for an Identity Type: to.Ptr(armcompute.ResourceIdentityTypeNone), }, Properties: &armcompute.VirtualMachineProperties{ HardwareProfile: &armcompute.HardwareProfile{ - VMSize: to.Ptr(armcompute.VirtualMachineSizeTypes(s.Config.ScannerVMSize)), + VMSize: to.Ptr(armcompute.VirtualMachineSizeTypes(s.ScannerVMSize)), }, StorageProfile: &armcompute.StorageProfile{ ImageReference: &armcompute.ImageReference{ - Publisher: to.Ptr(s.Config.ScannerImagePublisher), - SKU: to.Ptr(s.Config.ScannerImageSKU), - Version: to.Ptr(s.Config.ScannerImageVersion), - Offer: to.Ptr(s.Config.ScannerImageOffer), + Publisher: to.Ptr(s.ScannerImagePublisher), + SKU: to.Ptr(s.ScannerImageSKU), + Version: to.Ptr(s.ScannerImageVersion), + Offer: to.Ptr(s.ScannerImageOffer), }, OSDisk: &armcompute.OSDisk{ Name: to.Ptr(vmName + "-rootvolume"), @@ -111,18 +111,18 @@ func (s *Scanner) ensureScannerVirtualMachine(ctx context.Context, config *provi }, } - if s.Config.ScannerPublicKey != "" { + if s.ScannerPublicKey != "" { parameters.Properties.OSProfile.LinuxConfiguration.SSH = &armcompute.SSHConfiguration{ PublicKeys: []*armcompute.SSHPublicKey{ { Path: to.Ptr(fmt.Sprintf("/home/%s/.ssh/authorized_keys", "vmclarity")), - KeyData: to.Ptr(string(s.Config.ScannerPublicKey)), + KeyData: to.Ptr(s.ScannerPublicKey), }, }, } } - _, err = s.VMClient.BeginCreateOrUpdate(ctx, s.Config.ScannerResourceGroup, vmName, parameters, nil) + _, err = s.VMClient.BeginCreateOrUpdate(ctx, s.ScannerResourceGroup, vmName, parameters, nil) if err != nil { _, err = utils.HandleAzureRequestError(err, "creating virtual machine") return armcompute.VirtualMachine{}, err @@ -137,11 +137,11 @@ func (s *Scanner) ensureScannerVirtualMachineDeleted(ctx context.Context, config return utils.EnsureDeleted( "virtual machine", func() error { - _, err := s.VMClient.Get(ctx, s.Config.ScannerResourceGroup, vmName, nil) + _, err := s.VMClient.Get(ctx, s.ScannerResourceGroup, vmName, nil) return err }, func() error { - _, err := s.VMClient.BeginDelete(ctx, s.Config.ScannerResourceGroup, vmName, nil) + _, err := s.VMClient.BeginDelete(ctx, s.ScannerResourceGroup, vmName, nil) return err }, VMDeleteEstimateTime, @@ -169,14 +169,14 @@ func (s *Scanner) ensureDiskAttachedToScannerVM(ctx context.Context, vm armcompu }, } - _, err := s.VMClient.BeginCreateOrUpdate(ctx, s.Config.ScannerResourceGroup, *vm.Name, vm, nil) + _, err := s.VMClient.BeginCreateOrUpdate(ctx, s.ScannerResourceGroup, *vm.Name, vm, nil) if err != nil { _, err := utils.HandleAzureRequestError(err, "attaching disk %s to VM %s", *disk.Name, *vm.Name) return err } } - diskResp, err := s.DisksClient.Get(ctx, s.Config.ScannerResourceGroup, *disk.Name, nil) + diskResp, err := s.DisksClient.Get(ctx, s.ScannerResourceGroup, *disk.Name, nil) if err != nil { _, err := utils.HandleAzureRequestError(err, "getting disk %s", *disk.Name) return err diff --git a/provider/v2/azure/scanner/snapshot.go b/provider/v2/azure/scanner/snapshot.go index 237adf80e..470cacbf7 100644 --- a/provider/v2/azure/scanner/snapshot.go +++ b/provider/v2/azure/scanner/snapshot.go @@ -39,7 +39,7 @@ func snapshotNameFromJobConfig(config *provider.ScanJobConfig) string { func (s *Scanner) ensureSnapshotForVMRootVolume(ctx context.Context, config *provider.ScanJobConfig, vm armcompute.VirtualMachine) (armcompute.Snapshot, error) { snapshotName := snapshotNameFromJobConfig(config) - snapshotRes, err := s.SnapshotsClient.Get(ctx, s.Config.ScannerResourceGroup, snapshotName, nil) + snapshotRes, err := s.SnapshotsClient.Get(ctx, s.ScannerResourceGroup, snapshotName, nil) if err == nil { if *snapshotRes.Properties.ProvisioningState != provisioningStateSucceeded { return snapshotRes.Snapshot, provider.RetryableErrorf(SnapshotCreateEstimateProvisionTime, "snapshot is not ready yet") @@ -54,7 +54,7 @@ func (s *Scanner) ensureSnapshotForVMRootVolume(ctx context.Context, config *pro return armcompute.Snapshot{}, err } - _, err = s.SnapshotsClient.BeginCreateOrUpdate(ctx, s.Config.ScannerResourceGroup, snapshotName, armcompute.Snapshot{ + _, err = s.SnapshotsClient.BeginCreateOrUpdate(ctx, s.ScannerResourceGroup, snapshotName, armcompute.Snapshot{ Location: vm.Location, Properties: &armcompute.SnapshotProperties{ CreationData: &armcompute.CreationData{ @@ -78,11 +78,11 @@ func (s *Scanner) ensureSnapshotDeleted(ctx context.Context, config *provider.Sc return utils.EnsureDeleted( "snapshot", func() error { - _, err := s.SnapshotsClient.Get(ctx, s.Config.ScannerResourceGroup, snapshotName, nil) + _, err := s.SnapshotsClient.Get(ctx, s.ScannerResourceGroup, snapshotName, nil) return err }, func() error { - _, err := s.SnapshotsClient.BeginDelete(ctx, s.Config.ScannerResourceGroup, snapshotName, nil) + _, err := s.SnapshotsClient.BeginDelete(ctx, s.ScannerResourceGroup, snapshotName, nil) return err }, SnapshotDeleteEstimateTime, diff --git a/provider/v2/azure/scanner/targetDisk.go b/provider/v2/azure/scanner/targetDisk.go index 9d1c6c49a..409b1399a 100644 --- a/provider/v2/azure/scanner/targetDisk.go +++ b/provider/v2/azure/scanner/targetDisk.go @@ -40,7 +40,7 @@ func volumeNameFromJobConfig(config *provider.ScanJobConfig) string { func (s *Scanner) ensureManagedDiskFromSnapshot(ctx context.Context, config *provider.ScanJobConfig, snapshot armcompute.Snapshot) (armcompute.Disk, error) { volumeName := volumeNameFromJobConfig(config) - volumeRes, err := s.DisksClient.Get(ctx, s.Config.ScannerResourceGroup, volumeName, nil) + volumeRes, err := s.DisksClient.Get(ctx, s.ScannerResourceGroup, volumeName, nil) if err == nil { if *volumeRes.Disk.Properties.ProvisioningState != provisioningStateSucceeded { return volumeRes.Disk, provider.RetryableErrorf(DiskEstimateProvisionTime, "volume is not ready yet, provisioning state: %s", *volumeRes.Disk.Properties.ProvisioningState) @@ -54,8 +54,8 @@ func (s *Scanner) ensureManagedDiskFromSnapshot(ctx context.Context, config *pro return armcompute.Disk{}, err } - _, err = s.DisksClient.BeginCreateOrUpdate(ctx, s.Config.ScannerResourceGroup, volumeName, armcompute.Disk{ - Location: to.Ptr(s.Config.ScannerLocation), + _, err = s.DisksClient.BeginCreateOrUpdate(ctx, s.ScannerResourceGroup, volumeName, armcompute.Disk{ + Location: to.Ptr(s.ScannerLocation), SKU: &armcompute.DiskSKU{ Name: to.Ptr(armcompute.DiskStorageAccountTypesStandardSSDLRS), }, @@ -82,7 +82,7 @@ func (s *Scanner) ensureManagedDiskFromSnapshotInDifferentRegion(ctx context.Con volumeName := volumeNameFromJobConfig(config) - volumeRes, err := s.DisksClient.Get(ctx, s.Config.ScannerResourceGroup, volumeName, nil) + volumeRes, err := s.DisksClient.Get(ctx, s.ScannerResourceGroup, volumeName, nil) if err == nil { if *volumeRes.Disk.Properties.ProvisioningState != provisioningStateSucceeded { return volumeRes.Disk, provider.RetryableErrorf(DiskEstimateProvisionTime, "volume is not ready yet, provisioning state: %s", *volumeRes.Disk.Properties.ProvisioningState) @@ -96,8 +96,8 @@ func (s *Scanner) ensureManagedDiskFromSnapshotInDifferentRegion(ctx context.Con return armcompute.Disk{}, err } - _, err = s.DisksClient.BeginCreateOrUpdate(ctx, s.Config.ScannerResourceGroup, volumeName, armcompute.Disk{ - Location: to.Ptr(s.Config.ScannerLocation), + _, err = s.DisksClient.BeginCreateOrUpdate(ctx, s.ScannerResourceGroup, volumeName, armcompute.Disk{ + Location: to.Ptr(s.ScannerLocation), SKU: &armcompute.DiskSKU{ Name: to.Ptr(armcompute.DiskStorageAccountTypesStandardSSDLRS), }, @@ -105,7 +105,7 @@ func (s *Scanner) ensureManagedDiskFromSnapshotInDifferentRegion(ctx context.Con CreationData: &armcompute.CreationData{ CreateOption: to.Ptr(armcompute.DiskCreateOptionImport), SourceURI: to.Ptr(blobURL), - StorageAccountID: to.Ptr(fmt.Sprintf("subscriptions/%s/resourceGroups/%s/providers/Microsoft.Storage/storageAccounts/%s", s.Config.SubscriptionID, s.Config.ScannerResourceGroup, s.Config.ScannerStorageAccountName)), + StorageAccountID: to.Ptr(fmt.Sprintf("subscriptions/%s/resourceGroups/%s/providers/Microsoft.Storage/storageAccounts/%s", s.SubscriptionID, s.ScannerResourceGroup, s.ScannerStorageAccountName)), }, }, }, nil) @@ -122,11 +122,11 @@ func (s *Scanner) ensureTargetDiskDeleted(ctx context.Context, config *provider. return utils.EnsureDeleted( "target disk", func() error { - _, err := s.DisksClient.Get(ctx, s.Config.ScannerResourceGroup, volumeName, nil) + _, err := s.DisksClient.Get(ctx, s.ScannerResourceGroup, volumeName, nil) return err }, func() error { - _, err := s.DisksClient.BeginDelete(ctx, s.Config.ScannerResourceGroup, volumeName, nil) + _, err := s.DisksClient.BeginDelete(ctx, s.ScannerResourceGroup, volumeName, nil) return err }, DiskDeleteEstimateTime,