refactoring

DataDog · Oct 18, 2024 · 5356ef7 · 5356ef7
1 parent cefb308
commit 5356ef7
Show file tree

Hide file tree

Showing 41 changed files with 129 additions and 116 deletions.
diff --git a/cmd/kubehound/main.go b/cmd/kubehound/main.go
@@ -1,13 +1,16 @@
 package main
 
 import (
+	"github.com/DataDog/KubeHound/pkg/cmd"
 	"github.com/DataDog/KubeHound/pkg/telemetry/log"
 	"github.com/DataDog/KubeHound/pkg/telemetry/tag"
 )
 
 func main() {
 	tag.SetupBaseTags()
-	if err := rootCmd.Execute(); err != nil {
+	err := rootCmd.Execute()
+	cmd.CloseKubehoundConfig(rootCmd.Context())
+	if err != nil {
 		log.Logger(rootCmd.Context()).Fatal(err.Error())
 	}
 }
diff --git a/cmd/kubehound/root.go b/cmd/kubehound/root.go
@@ -70,9 +70,6 @@ var (
 
 			return nil
 		},
-		PersistentPostRunE: func(cobraCmd *cobra.Command, args []string) error {
-			return cmd.CloseKubehoundConfig(cobraCmd.Context())
-		},
 		SilenceUsage:  true,
 		SilenceErrors: true,
 	}

diff --git a/cmd/kubehound/server.go b/cmd/kubehound/server.go
@@ -26,9 +26,6 @@ var (
 
 			return core.CoreGrpcApi(cobraCmd.Context(), khCfg)
 		},
-		PersistentPostRunE: func(cobraCmd *cobra.Command, args []string) error {
-			return cmd.CloseKubehoundConfig(cobraCmd.Context())
-		},
 	}
 )
 

diff --git a/cmd/kubehound/version.go b/cmd/kubehound/version.go
@@ -2,6 +2,7 @@ package main
 
 import (
 	"fmt"
+	"os"
 
 	"github.com/DataDog/KubeHound/pkg/config"
 	"github.com/spf13/cobra"
@@ -15,6 +16,9 @@ var (
 		Run: func(cobraCmd *cobra.Command, args []string) {
 			fmt.Printf("kubehound version: %s (%s/%s)", config.BuildVersion, config.BuildArch, config.BuildOs) //nolint:forbidigo
 		},
+		PersistentPostRun: func(cobraCmd *cobra.Command, args []string) {
+			os.Exit(0)
+		},
 	}
 )
 

diff --git a/deployments/kubehound/binary/Dockerfile_debug b/deployments/kubehound/binary/Dockerfile_debug
@@ -11,7 +11,8 @@ COPY deployments ./deployments
 
 RUN GOOS=linux GOARCH=amd64 go build -o "./bin/build/kubehound" ./cmd/kubehound/
 
-FROM ubuntu:24.04 AS build-release-stage
+FROM registry.ddbuild.io/images/base/gbi-ubuntu_2404:release
+# FROM ubuntu:24.04 AS build-release-stage
 
 WORKDIR /
 

diff --git a/pkg/cmd/config.go b/pkg/cmd/config.go
@@ -39,14 +39,13 @@ func InitializeKubehoundConfig(ctx context.Context, configPath string, generateR
 	}
 
 	InitTags(ctx, khCfg)
-	InitTelemetry(khCfg)
+	InitTelemetry(ctx, khCfg)
 
 	return nil
 
 }
 
-func InitTelemetry(khCfg *config.KubehoundConfig) {
-	ctx := context.Background()
+func InitTelemetry(ctx context.Context, khCfg *config.KubehoundConfig) {
 	l := log.Logger(ctx)
 	l.Info("Initializing application telemetry")
 	err := telemetry.Initialize(ctx, khCfg)

diff --git a/pkg/cmd/dump.go b/pkg/cmd/dump.go
@@ -41,7 +41,7 @@ func InitRemoteDumpCmd(cmd *cobra.Command) {
 	viper.BindPFlag(config.IngestorBlobBucketURL, cmd.Flags().Lookup("bucket-url")) //nolint: errcheck
 
 	cmd.Flags().String("region", "", "Region to retrieve the configuration (only for s3) (e.g.: us-east-1)")
-	viper.BindPFlag(config.IngestorBlobBucketURL, cmd.Flags().Lookup("region")) //nolint: errcheck
+	viper.BindPFlag(config.IngestorBlobRegion, cmd.Flags().Lookup("region")) //nolint: errcheck
 }
 
 func InitLocalIngestCmd(cmd *cobra.Command) {

diff --git a/pkg/collector/file.go b/pkg/collector/file.go
@@ -136,7 +136,7 @@ func (c *FileCollector) streamPodsNamespace(ctx context.Context, fp string, inge
 }
 
 func (c *FileCollector) StreamPods(ctx context.Context, ingestor PodIngestor) error {
-	span, ctx := tracer.StartSpanFromContext(ctx, span.CollectorStream, tracer.Measured())
+	span, ctx := span.SpanRunFromContext(ctx, span.CollectorStream)
 	span.SetTag(tag.EntityTag, tag.EntityPods)
 	l := log.Trace(ctx)
 	var err error
@@ -188,7 +188,7 @@ func (c *FileCollector) streamRolesNamespace(ctx context.Context, fp string, ing
 }
 
 func (c *FileCollector) StreamRoles(ctx context.Context, ingestor RoleIngestor) error {
-	span, ctx := tracer.StartSpanFromContext(ctx, span.CollectorStream, tracer.Measured())
+	span, ctx := span.SpanRunFromContext(ctx, span.CollectorStream)
 	span.SetTag(tag.EntityTag, tag.EntityRoles)
 	l := log.Trace(ctx)
 	var err error
@@ -240,7 +240,7 @@ func (c *FileCollector) streamRoleBindingsNamespace(ctx context.Context, fp stri
 }
 
 func (c *FileCollector) StreamRoleBindings(ctx context.Context, ingestor RoleBindingIngestor) error {
-	span, ctx := tracer.StartSpanFromContext(ctx, span.CollectorStream, tracer.Measured())
+	span, ctx := span.SpanRunFromContext(ctx, span.CollectorStream)
 	span.SetTag(tag.EntityTag, tag.EntityRolebindings)
 	l := log.Trace(ctx)
 	var err error
@@ -292,7 +292,7 @@ func (c *FileCollector) streamEndpointsNamespace(ctx context.Context, fp string,
 }
 
 func (c *FileCollector) StreamEndpoints(ctx context.Context, ingestor EndpointIngestor) error {
-	span, ctx := tracer.StartSpanFromContext(ctx, span.CollectorStream, tracer.Measured())
+	span, ctx := span.SpanRunFromContext(ctx, span.CollectorStream)
 	span.SetTag(tag.EntityTag, tag.EntityEndpoints)
 	l := log.Trace(ctx)
 	var err error
@@ -324,7 +324,7 @@ func (c *FileCollector) StreamEndpoints(ctx context.Context, ingestor EndpointIn
 }
 
 func (c *FileCollector) StreamNodes(ctx context.Context, ingestor NodeIngestor) error {
-	span, ctx := tracer.StartSpanFromContext(ctx, span.CollectorStream, tracer.Measured())
+	span, ctx := span.SpanRunFromContext(ctx, span.CollectorStream)
 	span.SetTag(tag.EntityTag, tag.EntityNodes)
 	l := log.Trace(ctx)
 	var err error
@@ -351,7 +351,7 @@ func (c *FileCollector) StreamNodes(ctx context.Context, ingestor NodeIngestor)
 }
 
 func (c *FileCollector) StreamClusterRoles(ctx context.Context, ingestor ClusterRoleIngestor) error {
-	span, ctx := tracer.StartSpanFromContext(ctx, span.CollectorStream, tracer.Measured())
+	span, ctx := span.SpanRunFromContext(ctx, span.CollectorStream)
 	span.SetTag(tag.EntityTag, tag.EntityClusterRoles)
 	l := log.Trace(ctx)
 	var err error
@@ -378,7 +378,7 @@ func (c *FileCollector) StreamClusterRoles(ctx context.Context, ingestor Cluster
 }
 
 func (c *FileCollector) StreamClusterRoleBindings(ctx context.Context, ingestor ClusterRoleBindingIngestor) error {
-	span, ctx := tracer.StartSpanFromContext(ctx, span.CollectorStream, tracer.Measured())
+	span, ctx := span.SpanRunFromContext(ctx, span.CollectorStream)
 	span.SetTag(tag.EntityTag, tag.EntityClusterRolebindings)
 	l := log.Trace(ctx)
 	var err error
@@ -407,7 +407,7 @@ func (c *FileCollector) StreamClusterRoleBindings(ctx context.Context, ingestor
 // readList loads a list of K8s API objects into memory from a JSON file on disk.
 // NOTE: This implementation reads the entire array of objects from the file into memory at once.
 func readList[Tl types.ListInputType](ctx context.Context, inputPath string) (Tl, error) {
-	span, _ := tracer.StartSpanFromContext(ctx, span.DumperReadFile, tracer.Measured())
+	span, _ := span.SpanRunFromContext(ctx, span.DumperReadFile)
 	var err error
 	defer func() { span.Finish(tracer.WithError(err)) }()
 

diff --git a/pkg/collector/k8s_api.go b/pkg/collector/k8s_api.go
@@ -79,7 +79,7 @@ func NewK8sAPICollector(ctx context.Context, cfg *config.KubehoundConfig) (Colle
 	}
 
 	if !cfg.Collector.NonInteractive {
-		l.Warn("About to dump k8s cluster - Do you want to continue ? [Yes/No]", log.String("cluster", clusterName))
+		l.Warn("About to dump k8s cluster - Do you want to continue ? [Yes/No]", log.String(log.FieldClusterKey, clusterName))
 		proceed, err := cmd.AskForConfirmation(ctx)
 		if err != nil {
 			return nil, err
@@ -89,8 +89,7 @@ func NewK8sAPICollector(ctx context.Context, cfg *config.KubehoundConfig) (Colle
 			return nil, errors.New("user did not confirm")
 		}
 	} else {
-		msg := fmt.Sprintf("Non-interactive mode enabled, proceeding with k8s cluster dump: %s", clusterName)
-		l.Warn(msg)
+		l.Warnf("Non-interactive mode enabled, proceeding with k8s cluster dump: %s", clusterName)
 	}
 
 	err = checkK8sAPICollectorConfig(cfg.Collector.Type)
@@ -304,7 +303,7 @@ func (c *k8sAPICollector) streamPodsNamespace(ctx context.Context, namespace str
 
 func (c *k8sAPICollector) StreamPods(ctx context.Context, ingestor PodIngestor) error {
 	entity := tag.EntityPods
-	span, ctx := tracer.StartSpanFromContext(ctx, span.CollectorStream, tracer.Measured())
+	span, ctx := span.SpanRunFromContext(ctx, span.CollectorStream)
 	span.SetTag(tag.EntityTag, entity)
 	var err error
 	defer func() { span.Finish(tracer.WithError(err)) }()
@@ -359,7 +358,7 @@ func (c *k8sAPICollector) streamRolesNamespace(ctx context.Context, namespace st
 
 func (c *k8sAPICollector) StreamRoles(ctx context.Context, ingestor RoleIngestor) error {
 	entity := tag.EntityRoles
-	span, ctx := tracer.StartSpanFromContext(ctx, span.CollectorStream, tracer.Measured())
+	span, ctx := span.SpanRunFromContext(ctx, span.CollectorStream)
 	span.SetTag(tag.EntityTag, entity)
 	var err error
 	defer func() { span.Finish(tracer.WithError(err)) }()
@@ -414,7 +413,7 @@ func (c *k8sAPICollector) streamRoleBindingsNamespace(ctx context.Context, names
 
 func (c *k8sAPICollector) StreamRoleBindings(ctx context.Context, ingestor RoleBindingIngestor) error {
 	entity := tag.EntityRolebindings
-	span, ctx := tracer.StartSpanFromContext(ctx, span.CollectorStream, tracer.Measured())
+	span, ctx := span.SpanRunFromContext(ctx, span.CollectorStream)
 	span.SetTag(tag.EntityTag, entity)
 	var err error
 	defer func() { span.Finish(tracer.WithError(err)) }()
@@ -469,7 +468,7 @@ func (c *k8sAPICollector) streamEndpointsNamespace(ctx context.Context, namespac
 
 func (c *k8sAPICollector) StreamEndpoints(ctx context.Context, ingestor EndpointIngestor) error {
 	entity := tag.EntityEndpoints
-	span, ctx := tracer.StartSpanFromContext(ctx, span.CollectorStream, tracer.Measured())
+	span, ctx := span.SpanRunFromContext(ctx, span.CollectorStream)
 	span.SetTag(tag.EntityTag, tag.EntityEndpoints)
 	var err error
 	defer func() { span.Finish(tracer.WithError(err)) }()
@@ -487,7 +486,7 @@ func (c *k8sAPICollector) StreamEndpoints(ctx context.Context, ingestor Endpoint
 
 func (c *k8sAPICollector) StreamNodes(ctx context.Context, ingestor NodeIngestor) error {
 	entity := tag.EntityNodes
-	span, ctx := tracer.StartSpanFromContext(ctx, span.CollectorStream, tracer.Measured())
+	span, ctx := span.SpanRunFromContext(ctx, span.CollectorStream)
 	span.SetTag(tag.EntityTag, entity)
 	var err error
 	defer func() { span.Finish(tracer.WithError(err)) }()
@@ -530,7 +529,7 @@ func (c *k8sAPICollector) StreamNodes(ctx context.Context, ingestor NodeIngestor
 
 func (c *k8sAPICollector) StreamClusterRoles(ctx context.Context, ingestor ClusterRoleIngestor) error {
 	entity := tag.EntityClusterRoles
-	span, ctx := tracer.StartSpanFromContext(ctx, span.CollectorStream, tracer.Measured())
+	span, ctx := span.SpanRunFromContext(ctx, span.CollectorStream)
 	span.SetTag(tag.EntityTag, entity)
 	var err error
 	defer func() { span.Finish(tracer.WithError(err)) }()
@@ -573,7 +572,7 @@ func (c *k8sAPICollector) StreamClusterRoles(ctx context.Context, ingestor Clust
 
 func (c *k8sAPICollector) StreamClusterRoleBindings(ctx context.Context, ingestor ClusterRoleBindingIngestor) error {
 	entity := tag.EntityClusterRolebindings
-	span, ctx := tracer.StartSpanFromContext(ctx, span.CollectorStream, tracer.Measured())
+	span, ctx := span.SpanRunFromContext(ctx, span.CollectorStream)
 	span.SetTag(tag.EntityTag, entity)
 	var err error
 	defer func() { span.Finish(tracer.WithError(err)) }()

diff --git a/pkg/config/dynamic.go b/pkg/config/dynamic.go
@@ -15,6 +15,7 @@ type DynamicConfig struct {
 	mu          sync.Mutex
 	RunID       *RunID `mapstructure:"run_id"`
 	ClusterName string `mapstructure:"cluster_name"`
+	Service     string `mapstructure:"service"`
 }
 
 func (d *DynamicConfig) HealthCheck() error {

diff --git a/pkg/config/k8s.go b/pkg/config/k8s.go
@@ -24,7 +24,7 @@ func NewClusterInfo(ctx context.Context) (*ClusterInfo, error) {
 	l := log.Logger(ctx)
 	clusterName := os.Getenv(clusterNameEnvVar)
 	if clusterName != "" {
-		l.Warn("Using cluster name from environment variable", log.String("env_var", clusterNameEnvVar), log.String("cluster_name", clusterName))
+		l.Warn("Using cluster name from environment variable", log.String("env_var", clusterNameEnvVar), log.String(log.FieldClusterKey, clusterName))
 
 		return &ClusterInfo{
 			Name: clusterName,

diff --git a/pkg/dump/ingestor.go b/pkg/dump/ingestor.go
@@ -76,7 +76,7 @@ func (d *DumpIngestor) OutputPath() string {
 }
 
 func (d *DumpIngestor) DumpK8sObjects(ctx context.Context) error {
-	spanDump, ctx := tracer.StartSpanFromContext(ctx, span.CollectorDump, tracer.Measured())
+	spanDump, ctx := span.SpanRunFromContext(ctx, span.CollectorDump)
 	var err error
 	defer func() { spanDump.Finish(tracer.WithError(err)) }()
 
@@ -114,7 +114,7 @@ const (
 
 func ParsePath(ctx context.Context, path string) (*DumpResult, error) {
 	l := log.Logger(ctx)
-	l.Warn("[Backward Compatibility] Extracting the metadata", log.String("path", path))
+	l.Warn("[Backward Compatibility] Extracting the metadata", log.String(log.FieldPathKey, path))
 
 	// ./<clusterName>/kubehound_<clusterName>_<run_id>[.tar.gz]
 	// re := regexp.MustCompile(`([a-z0-9\.\-_]+)/kubehound_([a-z0-9\.-_]+)_([a-z0-9]{26})\.?([a-z0-9\.]+)?`)

diff --git a/pkg/dump/pipeline/pipeline.go b/pkg/dump/pipeline/pipeline.go
@@ -173,15 +173,15 @@ func (p *PipelineDumpIngestor) WaitAndClose(ctx context.Context) error {
 
 // Static wrapper to dump k8s object dynamically (streams Kubernetes objects to the collector writer).
 func dumpK8sObjs(ctx context.Context, operationName string, entity string, streamFunc StreamFunc) error {
-	span, ctx := tracer.StartSpanFromContext(ctx, operationName, tracer.Measured())
+	span, ctx := span.SpanRunFromContext(ctx, operationName)
 	span.SetTag(tag.EntityTag, entity)
 	l := log.Logger(ctx)
-	l.Info("Dumping entity", log.String("entity", entity))
+	l.Info("Dumping entity", log.String(log.FieldEntityKey, entity))
 
 	var err error
 	defer func() { span.Finish(tracer.WithError(err)) }()
 	err = streamFunc(ctx)
-	l.Info("Dumping entity done", log.String("entity", entity))
+	l.Info("Dumping entity done", log.String(log.FieldEntityKey, entity))
 
 	return err
 }
diff --git a/pkg/dump/writer/file_writer.go b/pkg/dump/writer/file_writer.go
@@ -60,7 +60,7 @@ func (f *FileWriter) WorkerNumber() int {
 // All buffer are stored in a map which is flushed at the end of every type processed
 func (f *FileWriter) Write(ctx context.Context, k8sObj []byte, pathObj string) error {
 	l := log.Logger(ctx)
-	l.Debug("Writing to file", log.String("path", pathObj))
+	l.Debug("Writing to file", log.String(log.FieldPathKey, pathObj))
 	f.mu.Lock()
 	defer f.mu.Unlock()
 
@@ -110,7 +110,7 @@ func (f *FileWriter) Write(ctx context.Context, k8sObj []byte, pathObj string) e
 
 // No flush needed for the file writer as we are flushing the buffer at every write
 func (f *FileWriter) Flush(ctx context.Context) error {
-	span, _ := tracer.StartSpanFromContext(ctx, span.DumperWriterFlush, tracer.Measured())
+	span, _ := span.SpanRunFromContext(ctx, span.DumperWriterFlush)
 	span.SetTag(tag.DumperWriterTypeTag, FileTypeTag)
 	var err error
 	defer func() { span.Finish(tracer.WithError(err)) }()
@@ -121,7 +121,7 @@ func (f *FileWriter) Flush(ctx context.Context) error {
 func (f *FileWriter) Close(ctx context.Context) error {
 	l := log.Logger(ctx)
 	l.Debug("Closing writers")
-	span, _ := tracer.StartSpanFromContext(ctx, span.DumperWriterClose, tracer.Measured())
+	span, _ := span.SpanRunFromContext(ctx, span.DumperWriterClose)
 	span.SetTag(tag.DumperWriterTypeTag, FileTypeTag)
 	var err error
 	defer func() { span.Finish(tracer.WithError(err)) }()

diff --git a/pkg/dump/writer/fs_writer.go b/pkg/dump/writer/fs_writer.go
@@ -34,7 +34,7 @@ func NewFSWriter(ctx context.Context) (*FSWriter, error) {
 // All buffer are stored in a map which is flushed at the end of every type processed
 func (f *FSWriter) WriteFile(ctx context.Context, pathObj string, k8sObj []byte) error {
 	l := log.Logger(ctx)
-	l.Debug("Writing to file", log.String("path", pathObj))
+	l.Debug("Writing to file", log.String(log.FieldPathKey, pathObj))
 	f.mu.Lock()
 	defer f.mu.Unlock()
 
@@ -54,7 +54,7 @@ func (f *FSWriter) WriteFile(ctx context.Context, pathObj string, k8sObj []byte)
 
 // No flush needed for the file writer as we are flushing the buffer at every write
 func (f *FSWriter) Flush(ctx context.Context) error {
-	span, _ := tracer.StartSpanFromContext(ctx, span.DumperWriterFlush, tracer.Measured())
+	span, _ := span.SpanRunFromContext(ctx, span.DumperWriterFlush)
 	span.SetTag(tag.DumperWriterTypeTag, TarTypeTag)
 	var err error
 	defer func() { span.Finish(tracer.WithError(err)) }()

diff --git a/pkg/dump/writer/tar_writer.go b/pkg/dump/writer/tar_writer.go
@@ -62,7 +62,7 @@ func NewTarWriter(ctx context.Context, tarPath string) (*TarWriter, error) {
 
 func createTarFile(ctx context.Context, tarPath string) (*os.File, error) {
 	l := log.Logger(ctx)
-	l.Debugf("Creating tar file", log.String("path", tarPath))
+	l.Debugf("Creating tar file", log.String(log.FieldPathKey, tarPath))
 	err := os.MkdirAll(filepath.Dir(tarPath), WriterDirMod)
 	if err != nil {
 		return nil, fmt.Errorf("failed to create directories: %w", err)
@@ -83,7 +83,7 @@ func (f *TarWriter) WorkerNumber() int {
 // All buffer are stored in a map which is flushed at the end of every type processed
 func (t *TarWriter) Write(ctx context.Context, k8sObj []byte, filePath string) error {
 	l := log.Logger(ctx)
-	l.Debug("Writing to file", log.String("path", filePath))
+	l.Debug("Writing to file", log.String(log.FieldPathKey, filePath))
 	t.mu.Lock()
 	defer t.mu.Unlock()
 
@@ -100,7 +100,7 @@ func (t *TarWriter) Write(ctx context.Context, k8sObj []byte, filePath string) e
 func (t *TarWriter) Flush(ctx context.Context) error {
 	l := log.Logger(ctx)
 	l.Debug("Flushing writers")
-	span, _ := tracer.StartSpanFromContext(ctx, span.DumperWriterFlush, tracer.Measured())
+	span, _ := span.SpanRunFromContext(ctx, span.DumperWriterFlush)
 	span.SetTag(tag.DumperWriterTypeTag, TarTypeTag)
 	var err error
 	defer func() { span.Finish(tracer.WithError(err)) }()
@@ -128,7 +128,7 @@ func (t *TarWriter) Flush(ctx context.Context) error {
 func (t *TarWriter) Close(ctx context.Context) error {
 	l := log.Logger(ctx)
 	l.Debug("Closing handlers for tar")
-	span, _ := tracer.StartSpanFromContext(ctx, span.DumperWriterClose, tracer.Measured())
+	span, _ := span.SpanRunFromContext(ctx, span.DumperWriterClose)
 	span.SetTag(tag.DumperWriterTypeTag, TarTypeTag)
 	var err error
 	defer func() { span.Finish(tracer.WithError(err)) }()