mirror of
https://github.com/k8sgpt-ai/k8sgpt.git
synced 2025-04-27 19:15:24 +00:00
a128906136
* chore: rebased chore: removed trivy Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore: updated deps Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * fix: missing error Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * fix: missing error Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * feat: switching old sonnet to message API Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * feat: added three new analyzers Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore(main): release 0.4.2 (#1400) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * docs: remove extra dollar sign in README.md (#1410) Signed-off-by: Qian_Xiao <heyheyco@gmail.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * test: add tests for `k8sgpt/pkg/analyzer/events.go` (#913) * test: add tests for events_test.go Signed-off-by: Eshaan Aggarwal <96648934+EshaanAgg@users.noreply.github.com> * feat: fixed event tests Signed-off-by: Alex Jones <alexsimonjones@gmail.com> --------- Signed-off-by: Eshaan Aggarwal <96648934+EshaanAgg@users.noreply.github.com> Signed-off-by: Alex Jones <alexsimonjones@gmail.com> Co-authored-by: Alex Jones <alexsimonjones@gmail.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * docs: add table of contents and cleanup (#1413) Signed-off-by: hadi2f244 <m.h.azaddel@gmail.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore: linter (#1414) * chore: changing linter Signed-off-by: Alex Jones <alexsimonjones@gmail.com> * chore: changing linter Signed-off-by: Alex Jones <alexsimonjones@gmail.com> * chore: changing linter Signed-off-by: Alex Jones <alexsimonjones@gmail.com> --------- Signed-off-by: Alex Jones <alexsimonjones@gmail.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore(deps): pin golangci/golangci-lint-action action to 1481404 (#1415) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore(deps): update goreleaser/goreleaser-action digest to 9c156ee (#1411) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * fix: prometheus UTF8Validation (#1404) Signed-off-by: Kay Yan <kay.yan@daocloud.io> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * fix(deps): update module gopkg.in/yaml.v2 to v3 (#1363) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore: added new AmazonBedrock model (#1390) * Update AI Bedrock region - Added mumbai region Signed-off-by: Sakshi Singh <66963254+sakshirajput02@users.noreply.github.com> * Update amazonbedrock.go Signed-off-by: Sakshi Singh <66963254+sakshirajput02@users.noreply.github.com> * Added new AI model to work for ap-south-1 region[that does not uses inference profile] Signed-off-by: Sakshi Singh <66963254+sakshirajput02@users.noreply.github.com> --------- Signed-off-by: Sakshi Singh <66963254+sakshirajput02@users.noreply.github.com> Co-authored-by: Alex Jones <alexsimonjones@gmail.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore(main): release 0.4.3 (#1412) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore(deps): update module github.com/docker/docker to v28 (#1376) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore: updating deps (#1422) Signed-off-by: Alex Jones <alexsimonjones@gmail.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore(deps): update docker/setup-buildx-action digest to b5ca514 (#1371) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore(main): release 0.4.4 (#1421) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore: fix workflows (#1423) Signed-off-by: Alex Jones <alexsimonjones@gmail.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore(main): release 0.4.5 (#1424) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore: fixing docker build push action (#1426) Signed-off-by: Alex Jones <alexsimonjones@gmail.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore: updated actor for login (#1430) Signed-off-by: Alex Jones <alexsimonjones@gmail.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore(deps): pin docker/build-push-action action to 471d1dc (#1428) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore(main): release 0.4.6 (#1427) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore: fixing build (#1431) Signed-off-by: Alex Jones <alexsimonjones@gmail.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore(deps): update actions/upload-artifact digest to ea165f8 (#1425) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore(main): release 0.4.7 (#1432) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore: removed krew release (#1434) Signed-off-by: Alex Jones <alexsimonjones@gmail.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore(main): release 0.4.8 (#1435) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore: fixing (#1437) Signed-off-by: Alex Jones <alexsimonjones@gmail.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore(deps): pin dependencies (#1440) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore(main): release 0.4.9 (#1439) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * fix: pod analyzer catches errors when containers are in Terminated state (#1438) Signed-off-by: Guoxun Wei <guwe@microsoft.com> Co-authored-by: Alex Jones <alexsimonjones@gmail.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * feat: add a naive support of bedrock inference profile (#1446) * feat: add a naive support of bedrock inference profile Signed-off-by: Tony Chen <tony_chen@discovery.com> * feat: improving the tests Signed-off-by: Alex Jones <alexsimonjones@gmail.com> --------- Signed-off-by: Tony Chen <tony_chen@discovery.com> Signed-off-by: Alex Jones <alexsimonjones@gmail.com> Co-authored-by: Alex Jones <alexsimonjones@gmail.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * fix(deps): update module gopkg.in/yaml.v2 to v3 (#1417) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * fix(deps): update module helm.sh/helm/v3 to v3.17.3 [security] (#1448) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore(main): release 0.4.10 (#1441) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * feat: call bedrock with inference profile (#1449) * call bedrock with inference profile Signed-off-by: Tony Chen <tony_chen@discovery.com> * add validation and test Signed-off-by: Tony Chen <tony_chen@discovery.com> * update test Signed-off-by: Tony Chen <tony_chen@discovery.com> --------- Signed-off-by: Tony Chen <tony_chen@discovery.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * fix(deps): update module gopkg.in/yaml.v2 to v3 (#1447) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * docs: fix the slack invite link (#1450) Signed-off-by: Pengfei Ni <feiskyer@gmail.com> Co-authored-by: Alex Jones <alexsimonjones@gmail.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * feat: add verbose flag to enable detailed output (#1420) * feat: add verbose flag to enable detailed output Signed-off-by: Yicheng <36285652+zyc140345@users.noreply.github.com> * test: add verbose output tests for analysis.go and root.go Signed-off-by: Yicheng <36285652+zyc140345@users.noreply.github.com> --------- Signed-off-by: Yicheng <36285652+zyc140345@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * fix(deps): update module gopkg.in/yaml.v2 to v3 (#1453) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * feat: improved test coverage (#1455) Signed-off-by: Alex Jones <alexsimonjones@gmail.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * fix: config ai provider in query (#1457) Signed-off-by: Guoxun Wei <guwe@microsoft.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore(main): release 0.4.11 (#1451) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore: fixed test Signed-off-by: AlexsJones <alexsimonjones@gmail.com> * chore: fixed test --------- Signed-off-by: AlexsJones <alexsimonjones@gmail.com> Signed-off-by: Qian_Xiao <heyheyco@gmail.com> Signed-off-by: Eshaan Aggarwal <96648934+EshaanAgg@users.noreply.github.com> Signed-off-by: Alex Jones <alexsimonjones@gmail.com> Signed-off-by: hadi2f244 <m.h.azaddel@gmail.com> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Kay Yan <kay.yan@daocloud.io> Signed-off-by: Sakshi Singh <66963254+sakshirajput02@users.noreply.github.com> Signed-off-by: Guoxun Wei <guwe@microsoft.com> Signed-off-by: Tony Chen <tony_chen@discovery.com> Signed-off-by: Pengfei Ni <feiskyer@gmail.com> Signed-off-by: Yicheng <36285652+zyc140345@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Qian_Xiao <heyheyco@gmail.com> Co-authored-by: Eshaan Aggarwal <96648934+EshaanAgg@users.noreply.github.com> Co-authored-by: Hadi Azaddel <m.h.azaddel@gmail.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Kay Yan <kay.yan@daocloud.io> Co-authored-by: Sakshi Singh <66963254+sakshirajput02@users.noreply.github.com> Co-authored-by: gossion <guwe@microsoft.com> Co-authored-by: ju187 <tony_chen@discovery.com> Co-authored-by: Pengfei Ni <feiskyer@users.noreply.github.com> Co-authored-by: Yicheng <36285652+zyc140345@users.noreply.github.com>
126 lines
3.7 KiB
Go
126 lines
3.7 KiB
Go
/*
|
|
Copyright 2024 The K8sGPT Authors.
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/
|
|
|
|
package analyzer
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"github.com/k8sgpt-ai/k8sgpt/pkg/common"
|
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
|
)
|
|
|
|
type ConfigMapAnalyzer struct{}
|
|
|
|
func (ConfigMapAnalyzer) Analyze(a common.Analyzer) ([]common.Result, error) {
|
|
kind := "ConfigMap"
|
|
|
|
AnalyzerErrorsMetric.DeletePartialMatch(map[string]string{
|
|
"analyzer_name": kind,
|
|
})
|
|
|
|
// Get all ConfigMaps in the namespace
|
|
configMaps, err := a.Client.GetClient().CoreV1().ConfigMaps(a.Namespace).List(a.Context, metav1.ListOptions{
|
|
LabelSelector: a.LabelSelector,
|
|
})
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// Get all Pods to check ConfigMap usage
|
|
pods, err := a.Client.GetClient().CoreV1().Pods(a.Namespace).List(a.Context, metav1.ListOptions{})
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
var results []common.Result
|
|
|
|
// Track which ConfigMaps are used
|
|
usedConfigMaps := make(map[string]bool)
|
|
configMapUsage := make(map[string][]string) // maps ConfigMap name to list of pods using it
|
|
|
|
// Analyze ConfigMap usage in Pods
|
|
for _, pod := range pods.Items {
|
|
// Check volume mounts
|
|
for _, volume := range pod.Spec.Volumes {
|
|
if volume.ConfigMap != nil {
|
|
usedConfigMaps[volume.ConfigMap.Name] = true
|
|
configMapUsage[volume.ConfigMap.Name] = append(configMapUsage[volume.ConfigMap.Name], pod.Name)
|
|
}
|
|
}
|
|
|
|
// Check environment variables
|
|
for _, container := range pod.Spec.Containers {
|
|
for _, env := range container.EnvFrom {
|
|
if env.ConfigMapRef != nil {
|
|
usedConfigMaps[env.ConfigMapRef.Name] = true
|
|
configMapUsage[env.ConfigMapRef.Name] = append(configMapUsage[env.ConfigMapRef.Name], pod.Name)
|
|
}
|
|
}
|
|
for _, env := range container.Env {
|
|
if env.ValueFrom != nil && env.ValueFrom.ConfigMapKeyRef != nil {
|
|
usedConfigMaps[env.ValueFrom.ConfigMapKeyRef.Name] = true
|
|
configMapUsage[env.ValueFrom.ConfigMapKeyRef.Name] = append(configMapUsage[env.ValueFrom.ConfigMapKeyRef.Name], pod.Name)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
// Analyze each ConfigMap
|
|
for _, cm := range configMaps.Items {
|
|
var failures []common.Failure
|
|
|
|
// Check for unused ConfigMaps
|
|
if !usedConfigMaps[cm.Name] {
|
|
failures = append(failures, common.Failure{
|
|
Text: fmt.Sprintf("ConfigMap %s is not used by any pods in the namespace", cm.Name),
|
|
Sensitive: []common.Sensitive{},
|
|
})
|
|
}
|
|
|
|
// Check for empty ConfigMaps
|
|
if len(cm.Data) == 0 && len(cm.BinaryData) == 0 {
|
|
failures = append(failures, common.Failure{
|
|
Text: fmt.Sprintf("ConfigMap %s is empty", cm.Name),
|
|
Sensitive: []common.Sensitive{},
|
|
})
|
|
}
|
|
|
|
// Check for large ConfigMaps (over 1MB)
|
|
totalSize := 0
|
|
for _, value := range cm.Data {
|
|
totalSize += len(value)
|
|
}
|
|
for _, value := range cm.BinaryData {
|
|
totalSize += len(value)
|
|
}
|
|
if totalSize > 1024*1024 { // 1MB
|
|
failures = append(failures, common.Failure{
|
|
Text: fmt.Sprintf("ConfigMap %s is larger than 1MB (%d bytes)", cm.Name, totalSize),
|
|
Sensitive: []common.Sensitive{},
|
|
})
|
|
}
|
|
|
|
if len(failures) > 0 {
|
|
results = append(results, common.Result{
|
|
Kind: kind,
|
|
Name: fmt.Sprintf("%s/%s", cm.Namespace, cm.Name),
|
|
Error: failures,
|
|
})
|
|
AnalyzerErrorsMetric.WithLabelValues(kind, cm.Name, cm.Namespace).Set(float64(len(failures)))
|
|
}
|
|
}
|
|
|
|
return results, nil
|
|
}
|