aquasecurity · jokestax · Jan 17, 2025
@@ -26,9 +26,7 @@ var (
 	}
 )
 
-var (
-	setupLog = log.Log.WithName("main")
-)
+var setupLog = log.Log.WithName("main")
 
 // main is the entrypoint of the Trivy Operator executable command.
 func main() {

@@ -297,6 +297,7 @@ func (Tool) Aqua() error {
 	}
 	return sh.Run("go", "install", "github.com/aquaproj/aqua/v2/cmd/aqua@v2.2.1")
 }
+
 func exists(filename string) bool {
 	_, err := os.Stat(filename)
 	return err == nil

@@ -46,5 +46,4 @@ func TestStringToSeverity(t *testing.T) {
 			}
 		})
 	}
-
 }
@@ -6,7 +6,6 @@ import (
 
 // ConfigAuditSummary counts failed checks by severity.
 type ConfigAuditSummary struct {
-
 	// CriticalCount is the number of failed checks with critical severity.
 	CriticalCount int `json:"criticalCount"`
 
@@ -98,7 +97,6 @@ type ConfigAuditReportData struct {
 // indicate a troublesome key. In this case the Type would be `ConfigMapKey`
 // and the Value will hold the name of a key, e.g. `myawsprivatekey`.
 type CheckScope struct {
-
 	// Type indicates type of this scope, e.g. Container, ConfigMapKey or JSONPath.
 	Type string `json:"type"`
 

@@ -6,7 +6,6 @@ import (
 
 // InfraAssessmentSummary counts failed checks by severity.
 type InfraAssessmentSummary struct {
-
 	// CriticalCount is the number of failed checks with critical severity.
 	CriticalCount int `json:"criticalCount"`
 

@@ -6,7 +6,6 @@ import (
 
 // RbacAssessmentSummary counts failed checks by severity.
 type RbacAssessmentSummary struct {
-
 	// CriticalCount is the number of failed checks with critical severity.
 	CriticalCount int `json:"criticalCount"`
 

@@ -1,17 +1,18 @@
 package compliance
 
 import (
+	"context"
+	"fmt"
+	"strings"
+
 	"github.com/aquasecurity/trivy/pkg/compliance/report"
 	ttypes "github.com/aquasecurity/trivy/pkg/types"
 
-	"context"
-	"fmt"
 	"github.com/aquasecurity/trivy-operator/pkg/apis/aquasecurity/v1alpha1"
 	"github.com/aquasecurity/trivy-operator/pkg/ext"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"sigs.k8s.io/controller-runtime/pkg/client"
-	"strings"
 )
 
 type Mgr interface {
@@ -46,7 +47,6 @@ func (w *cm) GenerateComplianceReport(ctx context.Context, spec v1alpha1.ReportS
 	}
 	// update compliance report status
 	return w.client.Status().Update(ctx, updatedReport)
-
 }
 
 // createComplianceReport create compliance report
@@ -164,16 +164,18 @@ func reportsToResults(checks []v1alpha1.Check, name string, namespace string) tt
 				id = fmt.Sprintf("%s-%s-%s", "AVD", "KCV", strings.ReplaceAll(check.ID, "KCV", ""))
 			}
 		}
-		misconfigResult := ttypes.Result{Target: fmt.Sprintf("%s/%s", namespace, name),
-			Misconfigurations: []ttypes.DetectedMisconfiguration{{
-				AVDID:       id,
-				Title:       check.Title,
-				Description: check.Description,
-				Message:     check.Description,
-				Resolution:  check.Remediation,
-				Severity:    string(check.Severity),
-				Status:      status,
-			},
+		misconfigResult := ttypes.Result{
+			Target: fmt.Sprintf("%s/%s", namespace, name),
+			Misconfigurations: []ttypes.DetectedMisconfiguration{
+				{
+					AVDID:       id,
+					Title:       check.Title,
+					Description: check.Description,
+					Message:     check.Description,
+					Resolution:  check.Remediation,
+					Severity:    string(check.Severity),
+					Status:      status,
+				},
 			},
 		}
 		results = append(results, misconfigResult)

@@ -48,7 +48,8 @@ func TestGenerateComplianceReport(t *testing.T) {
 						},
 					},
 				},
-			}}, clusterComplianceReport: &v1alpha1.ClusterComplianceReport{
+			},
+		}, clusterComplianceReport: &v1alpha1.ClusterComplianceReport{
 			TypeMeta:   v1.TypeMeta{Kind: "ConfigAuditReport"},
 			ObjectMeta: v1.ObjectMeta{Name: "nsa"},
 			Spec: v1alpha1.ReportSpec{
@@ -146,7 +147,8 @@ func TestGenerateComplianceReport(t *testing.T) {
 						},
 					},
 				},
-			}}, clusterComplianceReport: &v1alpha1.ClusterComplianceReport{
+			},
+		}, clusterComplianceReport: &v1alpha1.ClusterComplianceReport{
 			TypeMeta:   v1.TypeMeta{Kind: "ConfigAuditReport"},
 			ObjectMeta: v1.ObjectMeta{Name: "nsa"},
 			Spec: v1alpha1.ReportSpec{

@@ -1,11 +1,11 @@
 package configauditreport_test
 
 import (
+	"testing"
+
 	. "github.com/onsi/gomega"
 	"k8s.io/apimachinery/pkg/labels"
 
-	"testing"
-
 	"github.com/aquasecurity/trivy-operator/pkg/apis/aquasecurity/v1alpha1"
 	"github.com/aquasecurity/trivy-operator/pkg/configauditreport"
 	"github.com/aquasecurity/trivy-operator/pkg/trivyoperator"
@@ -17,7 +17,6 @@ import (
 )
 
 func TestReportBuilder(t *testing.T) {
-
 	t.Run("Should build report for namespaced resource", func(t *testing.T) {
 		g := NewGomegaWithT(t)
 

@@ -1,10 +1,10 @@
 package controller
 
 import (
-	"time"
-
 	"context"
 	"fmt"
+	"time"
+
 	trivy_checks "github.com/aquasecurity/trivy-checks"
 	j "github.com/aquasecurity/trivy-kubernetes/pkg/jobs"
 	"github.com/aquasecurity/trivy-kubernetes/pkg/k8s"

@@ -82,7 +82,6 @@ func (r *NodeCollectorJobController) reconcileJobs() reconcile.Func {
 
 		return ctrl.Result{}, err
 	}
-
 }
 
 func (r *NodeCollectorJobController) processCompleteScanJob(ctx context.Context, job *batchv1.Job) error {

@@ -44,7 +44,6 @@ type PolicyConfigController struct {
 // +kubebuilder:rbac:groups="",resources=configmaps,verbs=get;list;watch
 
 func (r *PolicyConfigController) SetupWithManager(mgr ctrl.Manager) error {
-
 	// Determine which Kubernetes workloads the controller will reconcile and add them to resources
 	targetWorkloads := r.Config.GetTargetWorkloads()
 	workloadResources := make([]kube.Resource, 0)
@@ -78,7 +77,6 @@ func (r *PolicyConfigController) SetupWithManager(mgr ctrl.Manager) error {
 			Complete(r.reconcileConfig(configResource.Kind)); err != nil {
 			return fmt.Errorf("constructing controller for %s: %w", configResource.Kind, err)
 		}
-
 	}
 
 	clusterResources := []kube.Resource{
@@ -100,7 +98,6 @@ func (r *PolicyConfigController) SetupWithManager(mgr ctrl.Manager) error {
 	}
 
 	return nil
-
 }
 
 func (r *PolicyConfigController) reconcileConfig(kind kube.Kind) reconcile.Func {

@@ -136,7 +136,6 @@ func (r *ResourceController) SetupWithManager(mgr ctrl.Manager) error {
 	}
 
 	return nil
-
 }
 
 func (r *ResourceController) buildControlMgr(mgr ctrl.Manager, configResource kube.Resource, installModePredicate k8s_predicate.Predicate) *builder.Builder {
@@ -319,6 +318,7 @@ func (r *ResourceController) hasClusterReport(ctx context.Context, owner kube.Ob
 	}
 	return false, nil
 }
+
 func (r *ResourceController) findReportOwner(ctx context.Context, owner kube.ObjectRef, podSpecHash string, pluginConfigHash string, io rbacassessment.Reader) (bool, error) {
 	report, err := io.FindReportByOwner(ctx, owner)
 	if err != nil {
@@ -409,6 +409,7 @@ func clusterAuditConfigReportItems(ccar *v1alpha1.ClusterConfigAuditReportList)
 		return objlist
 	}
 }
+
 func auditConfigReportItems(car *v1alpha1.ConfigAuditReportList) func() []client.Object {
 	return func() []client.Object {
 		objlist := make([]client.Object, 0)

@@ -2,6 +2,7 @@ package configauditreport
 
 import (
 	"context"
+
 	"github.com/aquasecurity/trivy-operator/pkg/apis/aquasecurity/v1alpha1"
 	"github.com/aquasecurity/trivy-operator/pkg/kube"
 	"k8s.io/apimachinery/pkg/api/errors"
@@ -12,7 +13,6 @@ import (
 // Writer is the interface for saving v1alpha1.ClusterConfigAuditReport
 // and v1alpha1.ConfigAuditReport instances.
 type Writer interface {
-
 	// WriteReport creates or updates the given v1alpha1.ConfigAuditReport instance.
 	WriteReport(ctx context.Context, report v1alpha1.ConfigAuditReport) error
 
@@ -23,7 +23,6 @@ type Writer interface {
 // Reader is the interface that wraps methods for finding v1alpha1.ConfigAuditReport
 // and v1alpha1.ClusterConfigAuditReport objects.
 type Reader interface {
-
 	// FindReportByOwner returns a v1alpha1.ConfigAuditReport owned by the given
 	// kube.ObjectRef or nil if the report is not found.
 	FindReportByOwner(ctx context.Context, owner kube.ObjectRef) (interface{}, error)

@@ -19,7 +19,6 @@ import (
 )
 
 func TestReadWriter(t *testing.T) {
-
 	kubernetesScheme := trivyoperator.NewScheme()
 
 	t.Run("Should create ConfigAuditReport", func(t *testing.T) {

@@ -6,7 +6,6 @@ import (
 
 // PluginInMemory defines the interface between trivy-operator and trivy configuration
 type PluginInMemory interface {
-
 	// Init is a callback to initialize this plugin, e.g. ensure the default
 	// configuration.
 	Init(ctx trivyoperator.PluginContext) error
@@ -16,7 +15,6 @@ type PluginInMemory interface {
 
 // ConfigAuditConfig defines the interface between trivy-operator and trivy configuration which related to configauditreport
 type ConfigAuditConfig interface {
-
 	// GetUseBuiltinRegoPolicies return trivy config which associated to configauditreport plugin
 	GetUseBuiltinRegoPolicies() bool
 	// GetUseEmbeddedRegoPolicies return trivy embedded rego policies (mainly for air-gapped environment)

@@ -13,7 +13,7 @@ import (
 type BasicAuth string
 
 func NewBasicAuth(username, password string) BasicAuth {
-	var v = new(BasicAuth)
+	v := new(BasicAuth)
 	v.Encode(username, password)
 	return *v
 }
@@ -128,7 +128,6 @@ func GetServerFromImageRef(imageRef string) (string, error) {
 // In ~/.docker/config.json auth keys can be specified as URLs or host names.
 // For the sake of comparison we need to normalize the registry identifier.
 func GetServerFromDockerAuthKey(key string) (string, error) {
-
 	if !(strings.HasPrefix(key, "http://") || strings.HasPrefix(key, "https://")) {
 		key = fmt.Sprintf("https://%s", key)
 	}

@@ -158,7 +158,6 @@ func TestConfig_Read(t *testing.T) {
 				assert.Equal(t, tc.expectedAuth, dockerConfig.Auths)
 			}
 		})
-
 	}
 }
 

@@ -16,7 +16,6 @@ import (
 )
 
 func TestNewReadWriter(t *testing.T) {
-
 	kubernetesScheme := trivyoperator.NewScheme()
 
 	t.Run("Should create ExposedSecretReports", func(t *testing.T) {

@@ -8,8 +8,7 @@ type Clock interface {
 	Now() time.Time
 }
 
-type systemClock struct {
-}
+type systemClock struct{}
 
 func (c *systemClock) Now() time.Time {
 	return time.Now()

@@ -15,7 +15,6 @@ import (
 )
 
 func TestReportBuilder(t *testing.T) {
-
 	t.Run("Should build report for namespaced resource", func(t *testing.T) {
 		g := NewGomegaWithT(t)
 

@@ -2,6 +2,7 @@ package infraassessment
 
 import (
 	"context"
+
 	"github.com/aquasecurity/trivy-operator/pkg/apis/aquasecurity/v1alpha1"
 	"github.com/aquasecurity/trivy-operator/pkg/kube"
 	"k8s.io/apimachinery/pkg/api/errors"
@@ -11,7 +12,6 @@ import (
 
 // Writer is the interface for saving v1alpha1.InfraAssessmentReport instances.
 type Writer interface {
-
 	// WriteReport creates or updates the given v1alpha1.InfraAssessmentReport instance.
 	WriteReport(ctx context.Context, report v1alpha1.InfraAssessmentReport) error
 
@@ -23,7 +23,6 @@ type Writer interface {
 // and v1alpha1.ClusterConfigAuditReport objects.
 // TODO(danielpacak): Consider returning trivyoperator.ResourceNotFound error instead of returning nil.
 type Reader interface {
-
 	// FindReportByOwner returns a v1alpha1.InfraAssessmentReport owned by the given
 	// kube.ObjectRef or nil if the report is not found.
 	FindReportByOwner(ctx context.Context, owner kube.ObjectRef) (interface{}, error)

@@ -17,7 +17,6 @@ import (
 )
 
 func TestReadWriter(t *testing.T) {
-
 	kubernetesScheme := trivyoperator.NewScheme()
 
 	t.Run("Should create InfraAssessmentReport", func(t *testing.T) {

@@ -80,7 +80,8 @@ func (r *logsReader) podListLookup(ctx context.Context, namespace string, refres
 	}
 	selector := fmt.Sprintf("%s=%s", matchingLabelKey, matchingLabelValue)
 	return r.clientset.CoreV1().Pods(namespace).List(ctx, metav1.ListOptions{
-		LabelSelector: selector})
+		LabelSelector: selector,
+	})
 }
 
 func GetTerminatedContainersStatusesByPod(pod *corev1.Pod) map[string]*corev1.ContainerStateTerminated {
-Original file line number
+Diff line change
@@ Expand Up / @@ -46,5 +46,4 @@ func TestStringToSeverity(t *testing.T) { @@
     			}
     		})
     	}
     }