forked from ckotzbauer/sbom-operator
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.go
111 lines (90 loc) · 3.2 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
package main
import (
"fmt"
"log/slog"
"net/http"
"os"
"runtime"
"time"
"github.com/ckotzbauer/libstandard"
"github.com/l3montree-dev/devguard-operator/kubernetes"
"github.com/lmittmann/tint"
"github.com/spf13/cobra"
)
// InitLogger initializes the logger with a tint handler.
// tint is a simple logging library that allows to add colors to the log output.
// this is obviously not required, but it makes the logs easier to read.
func initLogger() {
// slog.HandlerOptions
w := os.Stderr
// set global logger with custom options
slog.SetDefault(slog.New(
tint.NewHandler(w, &tint.Options{
Level: slog.LevelDebug,
TimeFormat: time.Kitchen,
AddSource: true,
}),
))
}
var (
// Version sets the current Operator version
Version = "0.0.1"
Commit = "main"
Date = ""
BuiltBy = ""
)
func newRootCmd() *cobra.Command {
rootCmd := &cobra.Command{
Use: "devguard-operator",
Short: "An operator for cataloguing all k8s-cluster-images to devguard.",
PersistentPreRunE: func(cmd *cobra.Command, args []string) error {
OperatorConfig = &Config{}
return libstandard.DefaultInitializer(OperatorConfig, cmd, "devguard-operator")
},
Run: func(cmd *cobra.Command, args []string) {
printVersion()
if OperatorConfig.Cron != "" {
StartDaemon(OperatorConfig.Cron, Version)
} else {
k8s := kubernetes.NewClient(OperatorConfig.IgnoreAnnotations, OperatorConfig.FallbackPullSecret)
triv := NewTrivyScanner(libstandard.ToMap(OperatorConfig.RegistryProxies), Version)
p := NewProcessor(k8s, triv)
p.ListenForPods()
}
slog.Info("webserver is running at port 8081")
http.HandleFunc("/health", health)
server := &http.Server{
Addr: ":8081",
ReadHeaderTimeout: 3 * time.Second,
}
slog.Error("starting webserver failed", "err", server.ListenAndServe())
},
}
libstandard.AddConfigFlag(rootCmd)
libstandard.AddVerbosityFlag(rootCmd)
rootCmd.PersistentFlags().String(ConfigKeyCron, "", "Backround-Service interval (CRON)")
rootCmd.PersistentFlags().Bool(ConfigKeyIgnoreAnnotations, false, "Force analyzing of all images, including those from annotated pods.")
rootCmd.PersistentFlags().String(ConfigKeyPodLabelSelector, "", "Kubernetes Label-Selector for pods.")
rootCmd.PersistentFlags().String(ConfigKeyNamespaceLabelSelector, "", "Kubernetes Label-Selector for namespaces.")
rootCmd.PersistentFlags().StringSlice(ConfigKeyRegistryProxy, []string{}, "Registry-Proxy")
rootCmd.PersistentFlags().Int64(ConfigKeyJobTimeout, 60*60, "Job-Timeout")
rootCmd.PersistentFlags().String(ConfigDevGuardToken, "", "DevGuard-Token")
rootCmd.PersistentFlags().String(ConfigDevGuardApiURL, "", "DevGuard Api URL")
rootCmd.PersistentFlags().String(ConfigDevGuardProjectName, "", "DevGuard Project Name (eg. l3montree-cybersecurity/projects/devguard)")
return rootCmd
}
func printVersion() {
slog.Info("starting devguard-operator", "version", Version, "commit", Commit, "date", Date, "builtBy", BuiltBy, "goVersion", runtime.Version())
}
func health(w http.ResponseWriter, req *http.Request) {
w.WriteHeader(200)
fmt.Fprint(w, "Running!")
}
func main() {
initLogger()
rootCmd := newRootCmd()
err := rootCmd.Execute()
if err != nil {
panic(err)
}
}