add git version and cloud provider information in headers (#90)

Signed-off-by: Amir Malka <amirm@armosec.io>

adapters/backend/v1/adapter.go

@@ -240,9 +240,9 @@ func (a *Adapter) startReconciliationPeriodicTask(mainCtx context.Context, cfg *
 						continue
 					}
 
-					if !utils.IsBatchMessageSupported(clientId.Version) {
+					if !utils.IsBatchMessageSupported(clientId.SyncVersion) {
 						logger.L().Info("skipping reconciliation request for client because it does not support batch messages",
-							helpers.String("version", clientId.Version),
+							helpers.String("version", clientId.SyncVersion),
 							helpers.Interface("clientId", clientId.String()))
 						continue
 					}
@@ -294,10 +294,12 @@ func (a *Adapter) startKeepalivePeriodicTask(mainCtx context.Context, cfg *confi
 					msg.Clients[i] = messaging.ConnectedClient{
 						Account:             clientId.Account,
 						Cluster:             clientId.Cluster,
-						SynchronizerVersion: clientId.Version,
+						SynchronizerVersion: clientId.SyncVersion,
 						HelmVersion:         clientId.HelmVersion,
 						ConnectionId:        clientId.ConnectionId,
 						ConnectionTime:      clientId.ConnectionTime,
+						GitVersion:          clientId.GitVersion,
+						CloudProvider:       clientId.CloudProvider,
 					}
 					i += 1
 				}

adapters/incluster/v1/apiserver.go

@@ -0,0 +1,49 @@
+package incluster
+
+import (
+	"context"
+
+	"github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
+
+	clouds "github.com/kubescape/k8s-interface/cloudsupport"
+	"github.com/kubescape/k8s-interface/k8sinterface"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+func GetApiServerGitVersionAndCloudProvider(ctx context.Context) (string, string) {
+	k8sAPiObj := k8sinterface.NewKubernetesApi()
+
+	cloudProvider, err := getCloudProvider(ctx, k8sAPiObj)
+	if err != nil {
+		logger.L().Error("failed to set cloud provider", helpers.Error(err))
+	} else {
+		logger.L().Info("cloud provider", helpers.String("cloudProvider", cloudProvider))
+	}
+
+	gitVersion, err := getApiServerGitVersion(k8sAPiObj)
+	if err != nil {
+		logger.L().Error("failed to get api server version", helpers.Error(err))
+	} else {
+		logger.L().Info("cluster api server", helpers.String("GitVersion", gitVersion))
+	}
+
+	return gitVersion, cloudProvider
+}
+
+func getCloudProvider(ctx context.Context, k8sApi *k8sinterface.KubernetesApi) (string, error) {
+	nodeList, err := k8sApi.KubernetesClient.CoreV1().Nodes().List(ctx, metav1.ListOptions{})
+	if err != nil {
+		return "", err
+	}
+	return clouds.GetCloudProvider(nodeList), nil
+}
+
+func getApiServerGitVersion(k8sApi *k8sinterface.KubernetesApi) (string, error) {
+	serverVersion, err := k8sApi.KubernetesClient.Discovery().ServerVersion()
+	if err != nil {
+		return "Unknown", err
+	}
+
+	return serverVersion.GitVersion, nil
+}

cmd/client/main.go

@@ -97,15 +97,19 @@ func main() {
 		Cluster: cfg.InCluster.ClusterName,
 	})
 
+	gitVersion, cloudProvider := incluster.GetApiServerGitVersionAndCloudProvider(ctx)
+
 	// authentication headers
 	version := os.Getenv("RELEASE")
 	dialer := ws.Dialer{
 		Header: ws.HandshakeHeaderHTTP(map[string][]string{
-			core.AccessKeyHeader:   {cfg.InCluster.AccessKey},
-			core.AccountHeader:     {cfg.InCluster.Account},
-			core.ClusterNameHeader: {cfg.InCluster.ClusterName},
-			core.HelmVersionHeader: {os.Getenv("HELM_RELEASE")},
-			core.VersionHeader:     {version},
+			core.AccessKeyHeader:     {cfg.InCluster.AccessKey},
+			core.AccountHeader:       {cfg.InCluster.Account},
+			core.ClusterNameHeader:   {cfg.InCluster.ClusterName},
+			core.HelmVersionHeader:   {os.Getenv("HELM_RELEASE")},
+			core.VersionHeader:       {version},
+			core.GitVersionHeader:    {gitVersion},
+			core.CloudProviderHeader: {cloudProvider},
 		}),
 		NetDial: utils.GetDialer(),
 	}

cmd/server/authentication/authentication.go

@@ -37,6 +37,8 @@ func AuthenticationServerMiddleware(cfg *config.AuthenticationServerConfig, next
 		cluster := r.Header.Get(core.ClusterNameHeader)
 		helmVersion := r.Header.Get(core.HelmVersionHeader)
 		version := r.Header.Get(core.VersionHeader)
+		cloudProvider := r.Header.Get(core.CloudProviderHeader)
+		gitVersion := r.Header.Get(core.GitVersionHeader)
 
 		if accessKey == "" || account == "" || cluster == "" {
 			logger.L().Error("missing headers on incoming connection",
@@ -123,7 +125,9 @@ func AuthenticationServerMiddleware(cfg *config.AuthenticationServerConfig, next
 			ConnectionId:   connectionId,
 			ConnectionTime: connectionTime,
 			HelmVersion:    helmVersion,
-			Version:        version,
+			SyncVersion:    version,
+			CloudProvider:  cloudProvider,
+			GitVersion:     gitVersion,
 		})
 
 		// create new request using the new context

core/headers.go

@@ -2,9 +2,11 @@ package core
 
 // These headers are required for client-server authentication
 const (
-	AccessKeyHeader   = "X-API-KEY"
-	AccountHeader     = "X-API-ACCOUNT"
-	ClusterNameHeader = "X-API-CLUSTER"
-	HelmVersionHeader = "X-HELM-VERSION"
-	VersionHeader     = "X-SYNCHRONIZER-VERSION"
+	AccessKeyHeader     = "X-API-KEY"
+	AccountHeader       = "X-API-ACCOUNT"
+	ClusterNameHeader   = "X-API-CLUSTER"
+	HelmVersionHeader   = "X-HELM-VERSION"
+	VersionHeader       = "X-SYNCHRONIZER-VERSION"
+	GitVersionHeader    = "X-GIT-VERSION"
+	CloudProviderHeader = "X-CLOUD-PROVIDER"
 )

domain/identifiers.go

@@ -80,7 +80,9 @@ type ClientIdentifier struct {
 	ConnectionId   string
 	ConnectionTime time.Time
 	HelmVersion    string
-	Version        string
+	SyncVersion    string
+	GitVersion     string
+	CloudProvider  string
 }
 
 func (c ClientIdentifier) String() string {

go.mod

@@ -39,11 +39,20 @@ require (
 )
 
 require (
+	cloud.google.com/go/compute/metadata v0.5.0 // indirect
+	cloud.google.com/go/container v1.29.0 // indirect
 	dario.cat/mergo v1.0.0 // indirect
 	github.com/99designs/go-keychain v0.0.0-20191008050251-8e49817e8af4 // indirect
 	github.com/99designs/keyring v1.2.2 // indirect
 	github.com/AthenZ/athenz v1.11.52 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization v1.0.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v2 v2.1.1 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v2 v2.4.0 // indirect
 	github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
+	github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 // indirect
 	github.com/DataDog/zstd v1.5.5 // indirect
 	github.com/Microsoft/go-winio v0.6.2 // indirect
 	github.com/acobaugh/osrelease v0.1.0 // indirect
@@ -55,6 +64,23 @@ require (
 	github.com/armosec/gojay v1.2.17 // indirect
 	github.com/armosec/utils-go v0.0.57 // indirect
 	github.com/avast/retry-go v3.0.0+incompatible // indirect
+	github.com/aws/aws-sdk-go v1.50.20 // indirect
+	github.com/aws/aws-sdk-go-v2 v1.24.1 // indirect
+	github.com/aws/aws-sdk-go-v2/config v1.26.6 // indirect
+	github.com/aws/aws-sdk-go-v2/credentials v1.16.16 // indirect
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/ini v1.7.3 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ecr v1.20.2 // indirect
+	github.com/aws/aws-sdk-go-v2/service/eks v1.28.1 // indirect
+	github.com/aws/aws-sdk-go-v2/service/iam v1.21.1 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.18.7 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.26.7 // indirect
+	github.com/aws/smithy-go v1.19.0 // indirect
 	github.com/becheran/wildmatch-go v1.0.0 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/bits-and-blooms/bitset v1.13.0 // indirect
@@ -96,23 +122,30 @@ require (
 	github.com/godbus/dbus v0.0.0-20190726142602-4481cbc300e2 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
+	github.com/golang-jwt/jwt/v5 v5.2.0 // indirect
+	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/golang/snappy v0.0.4 // indirect
 	github.com/google/gnostic-models v0.6.9-0.20230804172637-c7be7c783f49 // indirect
 	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/google/go-containerregistry v0.20.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
+	github.com/google/s2a-go v0.1.7 // indirect
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
+	github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
+	github.com/googleapis/gax-go/v2 v2.12.0 // indirect
 	github.com/grpc-ecosystem/grpc-gateway/v2 v2.22.0 // indirect
 	github.com/gsterjov/go-libsecret v0.0.0-20161001094733-a6f4afe4910c // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
 	github.com/hashicorp/hcl v1.0.1-vault-5 // indirect
 	github.com/imdario/mergo v0.3.16 // indirect
 	github.com/jinzhu/copier v0.4.0 // indirect
+	github.com/jmespath/go-jmespath v0.4.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/klauspost/compress v1.17.9 // indirect
+	github.com/kylelemons/godebug v1.1.0 // indirect
 	github.com/linkedin/goavro/v2 v2.12.0 // indirect
 	github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
 	github.com/magiconair/properties v1.8.7 // indirect
@@ -139,6 +172,7 @@ require (
 	github.com/pelletier/go-toml/v2 v2.1.1 // indirect
 	github.com/pierrec/lz4 v2.6.1+incompatible // indirect
 	github.com/pierrec/lz4/v4 v4.1.15 // indirect
+	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
 	github.com/pquerna/cachecontrol v0.2.0 // indirect
@@ -170,6 +204,8 @@ require (
 	github.com/wagoodman/go-partybus v0.0.0-20230516145632-8ccac152c651 // indirect
 	github.com/wagoodman/go-progress v0.0.0-20230925121702-07e42b3cdba0 // indirect
 	github.com/yusufpapurcu/wmi v1.2.3 // indirect
+	go.opencensus.io v0.24.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/runtime v0.55.0 // indirect
 	go.opentelemetry.io/otel v1.30.0 // indirect
@@ -190,10 +226,13 @@ require (
 	golang.org/x/crypto v0.27.0 // indirect
 	golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect
 	golang.org/x/oauth2 v0.22.0 // indirect
+	golang.org/x/sync v0.8.0 // indirect
 	golang.org/x/sys v0.25.0 // indirect
 	golang.org/x/term v0.24.0 // indirect
 	golang.org/x/text v0.18.0 // indirect
 	golang.org/x/time v0.5.0 // indirect
+	google.golang.org/api v0.160.0 // indirect
+	google.golang.org/genproto v0.0.0-20240116215550-a9fa1716bcac // indirect
 	google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 // indirect
 	google.golang.org/grpc v1.67.0 // indirect