From 2b6c9cc50ae914aaf5bf5c40b17ff8b02b15b8e4 Mon Sep 17 00:00:00 2001 From: Cristian Bonanno Date: Tue, 14 Jan 2025 23:46:44 +0100 Subject: [PATCH 1/2] feat: added namespace filtering Signed-off-by: Cristian Bonanno --- chart/Chart.yaml | 2 +- chart/templates/cronjob.yaml | 5 +++++ chart/values.yaml | 5 +++++ src/main.py | 23 ++++++++++++++++++++--- 4 files changed, 31 insertions(+), 4 deletions(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index ae1b981..6086387 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 name: kcmsu-chart description: A Helm chart that deploys a CronJob and RBAC for kcmsu. -version: 0.0.2 +version: 0.0.3 appVersion: "latest" diff --git a/chart/templates/cronjob.yaml b/chart/templates/cronjob.yaml index 9533203..2b50303 100644 --- a/chart/templates/cronjob.yaml +++ b/chart/templates/cronjob.yaml @@ -13,4 +13,9 @@ spec: - name: cronjob image: "{{ .Values.image.repository }}:{{ default .Chart.AppVersion .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- if .Values.namespaces }} + env: + - name: NAMESPACES + value: {{ join "," .Values.namespaces }} + {{- end }} restartPolicy: OnFailure diff --git a/chart/values.yaml b/chart/values.yaml index d7afe87..daf3f59 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -7,6 +7,11 @@ cronjob: schedule: "*/1 * * * *" # Cron schedule for job execution jobName: kcmsu +# Namespaces to be scanned by the tool +# namespaces: +# - kube-system +# - default + serviceAccount: create: true name: kcmsu diff --git a/src/main.py b/src/main.py index cb886b9..210f374 100644 --- a/src/main.py +++ b/src/main.py @@ -1,15 +1,32 @@ import pandas as pd +import os from kubernetes import client, config from tabulate import tabulate from utils.utils import list_cm, list_ns, list_secret, usage if __name__ == "__main__": - config.load_incluster_config() # when running in a POD - # config.load_kube_config() # when running locally + # config.load_incluster_config() # when running in a POD + config.load_kube_config() # when running locally api = client.CoreV1Api() - selected_ns = list_ns(api).items + namespaces = os.getenv("NAMESPACES", []) + selected_ns = [] + cluster_namespaces = {} + + for ns in list_ns(api).items: + cluster_namespaces.update({ ns.metadata.name : ns }) + + if namespaces: + for ns in namespaces.split(","): + if ns in cluster_namespaces: + selected_ns.append(cluster_namespaces[ns]) + else: + print(f"WARNING: Namespace {ns} not found. Skipping it.") + + if not namespaces or not selected_ns: + print("INFO: Namespace list is empty. Checking all namespaces.") + selected_ns = list_ns(api).items df = pd.DataFrame( columns=['Namespace', 'Kind', 'Name', 'UsedCount', 'UsedAs', 'UsedBy']) From 2778763196b3f50c695eca1526c84f0fd506c82c Mon Sep 17 00:00:00 2001 From: Cristian Bonanno Date: Tue, 14 Jan 2025 23:49:21 +0100 Subject: [PATCH 2/2] fix: fix kubeconfig loading Signed-off-by: Cristian Bonanno --- src/main.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main.py b/src/main.py index 210f374..07f3dc1 100644 --- a/src/main.py +++ b/src/main.py @@ -6,8 +6,8 @@ from utils.utils import list_cm, list_ns, list_secret, usage if __name__ == "__main__": - # config.load_incluster_config() # when running in a POD - config.load_kube_config() # when running locally + config.load_incluster_config() # when running in a POD + # config.load_kube_config() # when running locally api = client.CoreV1Api() namespaces = os.getenv("NAMESPACES", [])