-
Notifications
You must be signed in to change notification settings - Fork 174
Expand file tree
/
Copy pathutils.go
More file actions
52 lines (46 loc) · 1.68 KB
/
utils.go
File metadata and controls
52 lines (46 loc) · 1.68 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
package utils
import (
"github.com/pkg/errors"
commonLabels "github.com/stackrox/rox/pkg/labels"
"k8s.io/client-go/kubernetes"
)
const (
KubernetesLabelManagedBy = "app.kubernetes.io/managed-by"
KubernetesLabelCreatedBy = "app.kubernetes.io/created-by"
KubernetesLabelName = "app.kubernetes.io/name"
KubernetesOwnerAnnotation = "owner"
)
// GetSensorKubernetesLabels returns the default labels for resources created by the sensor.
func GetSensorKubernetesLabels() map[string]string {
return map[string]string{
KubernetesLabelManagedBy: "sensor",
KubernetesLabelCreatedBy: "sensor",
KubernetesLabelName: "stackrox",
}
}
func GetTLSSecretLabels() map[string]string {
labels := GetSensorKubernetesLabels()
labels[commonLabels.TLSSecretLabelKey] = "true"
// Add the StackRox managed-by label so Operator can watch these secrets for CA rotation
labels[commonLabels.ManagedByLabelKey] = commonLabels.ManagedBySensor
return labels
}
// GetSensorKubernetesAnnotations returns the default annotations for resources created by the sensor.
func GetSensorKubernetesAnnotations() map[string]string {
return map[string]string{
KubernetesOwnerAnnotation: "stackrox",
}
}
// HasAPI checks whether the kubernetes server supports the groupVersion API for the specified kind
func HasAPI(client kubernetes.Interface, groupVersion, kind string) (bool, error) {
apiResourceList, err := client.Discovery().ServerResourcesForGroupVersion(groupVersion)
if err != nil {
return false, errors.Wrap(err, "checking API support for groupVersion "+groupVersion)
}
for _, apiResource := range apiResourceList.APIResources {
if apiResource.Kind == kind {
return true, nil
}
}
return false, nil
}