Copy scb annotations from scheduledScans to scans

J12934 · J12934 · commit 60fcc0b5e968 · 2021-02-03T15:55:44.000+01:00
diff --git a/operator/controllers/execution/scheduledscan_controller.go b/operator/controllers/execution/scheduledscan_controller.go
@@ -20,6 +20,7 @@ import (
 	"context"
 	"fmt"
 	"reflect"
+	"regexp"
 	"sort"
 	"time"
 
@@ -123,8 +124,9 @@ func (r *ScheduledScanReconciler) Reconcile(req ctrl.Request) (ctrl.Result, erro
 		// It's time!
 		var scan = &executionv1.Scan{
 			ObjectMeta: metav1.ObjectMeta{
-				Namespace: scheduledScan.Namespace,
-				Labels:    scheduledScan.ObjectMeta.GetLabels(),
+				Namespace:   scheduledScan.Namespace,
+				Labels:      scheduledScan.ObjectMeta.GetLabels(),
+				Annotations: getAnnotationsForScan(scheduledScan),
 			},
 			Spec: *scheduledScan.Spec.ScanSpec.DeepCopy(),
 		}
@@ -153,6 +155,24 @@ func (r *ScheduledScanReconciler) Reconcile(req ctrl.Request) (ctrl.Result, erro
 	return ctrl.Result{RequeueAfter: nextSchedule.Sub(time.Now())}, nil
 }
 
+// Copy over securecodebox.io annotations from the scheduledScan to the created scan
+func getAnnotationsForScan(scheduledScan executionv1.ScheduledScan) map[string]string {
+	annotations := map[string]string{}
+
+	if scheduledScan.Annotations == nil {
+		return annotations
+	}
+
+	re := regexp.MustCompile(`.*securecodebox\.io/.*`)
+	for key, value := range scheduledScan.Annotations {
+		if matches := re.MatchString(key); matches {
+			annotations[key] = value
+		}
+	}
+
+	return annotations
+}
+
 // Returns a sorted list of scans with a matching state
 func getScansWithState(scans []executionv1.Scan, state string) []executionv1.Scan {
 	// Get a sorted list of scans.
diff --git a/operator/controllers/execution/scheduledscan_controller_test.go b/operator/controllers/execution/scheduledscan_controller_test.go
@@ -0,0 +1,59 @@
+package controllers
+
+import (
+	"fmt"
+	"testing"
+
+	executionv1 "github.com/secureCodeBox/secureCodeBox/operator/apis/execution/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+type testData struct {
+	in                   map[string]string
+	expectedMapKeyLength int
+}
+
+// Tests that getAnnotationsForScan drops all annotations not prefixed with "*.securecodebox.io/*"
+func TestGetAnnotationsForScan(t *testing.T) {
+	tests := []testData{
+		{
+			in: map[string]string{
+				"foobar": "bar",
+			},
+			expectedMapKeyLength: 0,
+		},
+		{
+			in: map[string]string{
+				"foobar.securecodebox.io/bar": "bar",
+			},
+			expectedMapKeyLength: 1,
+		},
+		{
+			in: map[string]string{
+				"barfoo.securecodebox.io/bar": "bar",
+				"foo":                         "bar",
+			},
+			expectedMapKeyLength: 1,
+		},
+		{
+			in: map[string]string{
+				"barfoo.securecodebox.io/bar": "bar",
+				"barfoo.securecodebox.io/foo": "bar",
+			},
+			expectedMapKeyLength: 2,
+		},
+	}
+
+	for _, test := range tests {
+		scheduledScan := executionv1.ScheduledScan{
+			ObjectMeta: metav1.ObjectMeta{
+				Name:        "foobar",
+				Annotations: test.in,
+			},
+		}
+		actual := getAnnotationsForScan(scheduledScan)
+		if len(actual) != test.expectedMapKeyLength {
+			t.Error(fmt.Errorf("getAnnotationsForScan should only copy over annotations following the pattern '*.securecodebox.io', but map: %v returned a map with %d keys (%d expected)", test.in, len(actual), test.expectedMapKeyLength))
+		}
+	}
+}
diff --git a/operator/controllers/execution/suite_test.go b/operator/controllers/execution/suite_test.go
diff --git a/operator/go.mod b/operator/go.mod
@@ -5,8 +5,6 @@ go 1.15
 require (
 	github.com/go-logr/logr v0.1.0
 	github.com/minio/minio-go/v7 v7.0.6
-	github.com/onsi/ginkgo v1.11.0
-	github.com/onsi/gomega v1.8.1
 	k8s.io/api v0.17.2
 	k8s.io/apimachinery v0.17.2
 	k8s.io/client-go v0.17.2
