Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactor filters for policies and resources #74

Open
viccuad opened this issue Jul 25, 2023 · 0 comments
Open

Refactor filters for policies and resources #74

viccuad opened this issue Jul 25, 2023 · 0 comments
Labels
kind/enhancement kind/tech-debt

Comments

@viccuad
Copy link
Member

viccuad commented Jul 25, 2023
edited
Loading

The first iteration of audit-scanner is in a sense, merging several filtering stages together. While acceptable, we can iterate on its architecture.

Refactor internal/policies/fetcher.go & internal/resources/fetcher.go.

The following list is not exhaustive:

  • Clarify the several MapReduce processes that happen: filtering and collecting, then auditing the resources with the specific policies. These happen for policies, namespaced resources, clusterwide resources, and policy results.
  • Allow for easier mocking and unit-testing of each stage.
  • Remove code duplication. Example, inside GetResourcesForPolicies() & GetClusterWideResourcesForPolicies() (and their tests).
  • Obtain information on which policy makes a resource get added to the list. This will allow to print warnings on misconfigured policies with wrong spec.rules, and allows users to reconfigure those policies, or better know which CRDs they are missing.
  • Allow for more parallelization.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/enhancement kind/tech-debt
Projects
Kubewarden
Status: No status
Milestone
No milestone
Development

No branches or pull requests
2 participants
@fabriziosestito @viccuad