Merge pull request #92 from anchore/remove-metadata-config

feat: remove metadata config option

README.md

@@ -209,9 +209,6 @@ kubeconfig:
 
 # enable/disable printing inventory reports to stdout
 verbose-inventory-reports: false
-
-# collect additional metadata about where a container is running (e.g. namespace labels, namespace annotations, etc.) [defaults to true]
-metadata: true
 ```
 
 ### Namespace selection

internal/config/config.go

@@ -53,7 +53,6 @@ type Application struct {
 	PollingIntervalSeconds          int         `mapstructure:"polling-interval-seconds"`
 	AnchoreDetails                  AnchoreInfo `mapstructure:"anchore"`
 	VerboseInventoryReports         bool        `mapstructure:"verbose-inventory-reports"`
-	Metadata                        bool        `mapstructure:"metadata"` // if true, include runtime metadata in the inventory report
 }
 
 // MissingTagConf details the policy for handling missing tags when reporting images
@@ -129,7 +128,6 @@ func setNonCliDefaultValues(v *viper.Viper) {
 	v.SetDefault("namespaces", []string{})
 	v.SetDefault("namespace-selectors.include", []string{})
 	v.SetDefault("namespace-selectors.exclude", []string{})
-	v.SetDefault("metadata", true)
 }
 
 // Load the Application Configuration from the Viper specifications

internal/config/test-fixtures/snapshot/TestDefaultConfigString.golden

@@ -46,4 +46,3 @@ anchoredetails:
     insecure: false
     timeoutseconds: 10
 verboseinventoryreports: false
-metadata: true

internal/config/test-fixtures/snapshot/TestEmptyConfigString.golden

@@ -46,4 +46,3 @@ anchoredetails:
     insecure: false
     timeoutseconds: 0
 verboseinventoryreports: false
-metadata: false

internal/config/test-fixtures/snapshot/TestSensitiveConfigString.golden

@@ -46,4 +46,3 @@ anchoredetails:
     insecure: false
     timeoutseconds: 10
 verboseinventoryreports: false
-metadata: true

pkg/inventory/namespace.go

@@ -75,7 +75,6 @@ func FetchNamespaces(
 	c client.Client,
 	batchSize, timeout int64,
 	excludes, includes []string,
-	metadata bool,
 ) ([]Namespace, error) {
 	defer tracker.TrackFunctionTime(time.Now(), "Fetching namespaces")
 	nsMap := make(map[string]Namespace)
@@ -96,18 +95,11 @@ func FetchNamespaces(
 		}
 		for _, n := range list.Items {
 			if !excludeNamespace(exclusionChecklist, n.ObjectMeta.Name) {
-				if metadata {
-					nsMap[n.ObjectMeta.Name] = Namespace{
-						Name:        n.ObjectMeta.Name,
-						UID:         string(n.UID),
-						Annotations: n.Annotations,
-						Labels:      n.Labels,
-					}
-				} else {
-					nsMap[n.ObjectMeta.Name] = Namespace{
-						Name: n.ObjectMeta.Name,
-						UID:  string(n.UID),
-					}
+				nsMap[n.ObjectMeta.Name] = Namespace{
+					Name:        n.ObjectMeta.Name,
+					UID:         string(n.UID),
+					Annotations: n.Annotations,
+					Labels:      n.Labels,
 				}
 			}
 		}

pkg/inventory/namespace_test.go

@@ -18,7 +18,6 @@ func Test_fetchNamespaces(t *testing.T) {
 		timeout   int64
 		excludes  []string
 		includes  []string
-		metadata  bool
 	}
 	tests := []struct {
 		name    string
@@ -47,7 +46,6 @@ func Test_fetchNamespaces(t *testing.T) {
 				timeout:   10,
 				excludes:  []string{},
 				includes:  []string{},
-				metadata:  true,
 			},
 			want: []Namespace{
 				{
@@ -105,7 +103,6 @@ func Test_fetchNamespaces(t *testing.T) {
 				timeout:   10,
 				excludes:  []string{"excluded-namespace"},
 				includes:  []string{},
-				metadata:  true,
 			},
 			want: []Namespace{
 				{
@@ -162,7 +159,6 @@ func Test_fetchNamespaces(t *testing.T) {
 				timeout:   10,
 				excludes:  []string{"excluded.*"},
 				includes:  []string{},
-				metadata:  true,
 			},
 			want: []Namespace{
 				{
@@ -219,7 +215,6 @@ func Test_fetchNamespaces(t *testing.T) {
 				timeout:   10,
 				excludes:  []string{"exclude.*"},
 				includes:  []string{"test-namespace"},
-				metadata:  true,
 			},
 			want: []Namespace{
 				{
@@ -276,7 +271,6 @@ func Test_fetchNamespaces(t *testing.T) {
 				timeout:   10,
 				excludes:  []string{},
 				includes:  []string{"test-namespace"},
-				metadata:  true,
 			},
 			want: []Namespace{
 				{
@@ -287,36 +281,6 @@ func Test_fetchNamespaces(t *testing.T) {
 				},
 			},
 		},
-		{
-			name: "only returns minimal metadata",
-			args: args{
-				c: client.Client{
-					Clientset: fake.NewSimpleClientset(&v1.Namespace{
-						ObjectMeta: metav1.ObjectMeta{
-							Name: "test-namespace",
-							UID:  "test-uid",
-							Annotations: map[string]string{
-								"test-annotation": "test-value",
-							},
-							Labels: map[string]string{
-								"test-label": "test-value",
-							},
-						},
-					}),
-				},
-				batchSize: 100,
-				timeout:   10,
-				excludes:  []string{},
-				includes:  []string{},
-				metadata:  false,
-			},
-			want: []Namespace{
-				{
-					Name: "test-namespace",
-					UID:  "test-uid",
-				},
-			},
-		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
@@ -326,7 +290,6 @@ func Test_fetchNamespaces(t *testing.T) {
 				tt.args.timeout,
 				tt.args.excludes,
 				tt.args.includes,
-				tt.args.metadata,
 			)
 			if (err != nil) != tt.wantErr {
 				assert.Error(t, err)

pkg/inventory/pods.go

@@ -40,30 +40,22 @@ func FetchPodsInNamespace(c client.Client, batchSize, timeout int64, namespace s
 	return podList, nil
 }
 
-func ProcessPods(pods []v1.Pod, namespaceUID string, metadata bool, nodes map[string]Node) []Pod {
+func ProcessPods(pods []v1.Pod, namespaceUID string, nodes map[string]Node) []Pod {
 	var podList []Pod
 
 	for _, p := range pods {
-		if metadata {
-			pod := Pod{
-				Name:         p.ObjectMeta.Name,
-				UID:          string(p.UID),
-				Annotations:  p.Annotations,
-				Labels:       p.Labels,
-				NamespaceUID: namespaceUID,
-			}
-			node, ok := nodes[p.Spec.NodeName]
-			if ok {
-				pod.NodeUID = node.UID
-			}
-			podList = append(podList, pod)
-		} else {
-			podList = append(podList, Pod{
-				Name:         p.ObjectMeta.Name,
-				UID:          string(p.UID),
-				NamespaceUID: namespaceUID,
-			})
+		pod := Pod{
+			Name:         p.ObjectMeta.Name,
+			UID:          string(p.UID),
+			Annotations:  p.Annotations,
+			Labels:       p.Labels,
+			NamespaceUID: namespaceUID,
 		}
+		node, ok := nodes[p.Spec.NodeName]
+		if ok {
+			pod.NodeUID = node.UID
+		}
+		podList = append(podList, pod)
 	}
 
 	return podList

pkg/inventory/pods_test.go

@@ -75,7 +75,6 @@ func TestProcessPods(t *testing.T) {
 	type args struct {
 		pods         []v1.Pod
 		namespaceUID string
-		metadata     bool
 		nodes        map[string]Node
 	}
 	tests := []struct {
@@ -105,7 +104,6 @@ func TestProcessPods(t *testing.T) {
 					},
 				},
 				namespaceUID: "namespace-uid-0000",
-				metadata:     true,
 				nodes: map[string]Node{
 					"test-node": {
 						Name: "test-node",
@@ -128,42 +126,10 @@ func TestProcessPods(t *testing.T) {
 				},
 			},
 		},
-		{
-			name: "only return minimal metadata",
-			args: args{
-				pods: []v1.Pod{
-					{
-						ObjectMeta: metav1.ObjectMeta{
-							Name: "test-pod",
-							UID:  "test-uid",
-							Annotations: map[string]string{
-								"test-annotation": "test-value",
-							},
-							Labels: map[string]string{
-								"test-label": "test-value",
-							},
-							Namespace: "test-namespace",
-						},
-						Spec: v1.PodSpec{
-							NodeName: "test-node",
-						},
-					},
-				},
-				namespaceUID: "namespace-uid-0000",
-				metadata:     false,
-			},
-			want: []Pod{
-				{
-					Name:         "test-pod",
-					UID:          "test-uid",
-					NamespaceUID: "namespace-uid-0000",
-				},
-			},
-		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			got := ProcessPods(tt.args.pods, tt.args.namespaceUID, tt.args.metadata, tt.args.nodes)
+			got := ProcessPods(tt.args.pods, tt.args.namespaceUID, tt.args.nodes)
 			assert.Equal(t, tt.want, got)
 		})
 	}

pkg/lib.go

@@ -140,7 +140,7 @@ func GetInventoryReport(cfg *config.Application) (inventory.Report, error) {
 
 	namespaces, err := inventory.FetchNamespaces(client,
 		cfg.Kubernetes.RequestBatchSize, cfg.Kubernetes.RequestTimeoutSeconds,
-		cfg.NamespaceSelectors.Exclude, cfg.NamespaceSelectors.Include, cfg.Metadata)
+		cfg.NamespaceSelectors.Exclude, cfg.NamespaceSelectors.Include)
 	if err != nil {
 		return inventory.Report{}, err
 	}
@@ -152,15 +152,13 @@ func GetInventoryReport(cfg *config.Application) (inventory.Report, error) {
 	close(queue)
 
 	var nodeMap map[string]inventory.Node
-	if cfg.Metadata {
-		nodeMap, err = inventory.FetchNodes(
-			client,
-			cfg.Kubernetes.RequestBatchSize,
-			cfg.Kubernetes.RequestTimeoutSeconds,
-		)
-		if err != nil {
-			return inventory.Report{}, err
-		}
+	nodeMap, err = inventory.FetchNodes(
+		client,
+		cfg.Kubernetes.RequestBatchSize,
+		cfg.Kubernetes.RequestTimeoutSeconds,
+	)
+	if err != nil {
+		return inventory.Report{}, err
 	}
 
 	launchWorkerPool(cfg, kubeconfig, ch, queue, nodeMap) // get pods/containers from namespaces using a worker pool pattern
@@ -196,22 +194,12 @@ func GetInventoryReport(cfg *config.Application) (inventory.Report, error) {
 	}
 
 	log.Infof("Got Inventory Report with %d containers running across %d namespaces", len(containers), len(namespaces))
-	if cfg.Metadata {
-		return inventory.Report{
-			Timestamp:             time.Now().UTC().Format(time.RFC3339),
-			Containers:            containers,
-			Pods:                  pods,
-			Namespaces:            namespaces,
-			Nodes:                 nodes,
-			ServerVersionMetadata: serverVersion,
-			ClusterName:           cfg.KubeConfig.Cluster,
-		}, nil
-	}
 	return inventory.Report{
 		Timestamp:             time.Now().UTC().Format(time.RFC3339),
 		Containers:            containers,
 		Pods:                  pods,
 		Namespaces:            namespaces,
+		Nodes:                 nodes,
 		ServerVersionMetadata: serverVersion,
 		ClusterName:           cfg.KubeConfig.Cluster,
 	}, nil
@@ -235,7 +223,7 @@ func processNamespace(
 		return
 	}
 
-	pods := inventory.ProcessPods(v1pods, ns.UID, cfg.Metadata, nodes)
+	pods := inventory.ProcessPods(v1pods, ns.UID, nodes)
 	containers := inventory.GetContainersFromPods(
 		v1pods,
 		cfg.IgnoreNotRunning,