diff --git a/armometadata/k8sutils.go b/armometadata/k8sutils.go index 4754a47..dc55264 100644 --- a/armometadata/k8sutils.go +++ b/armometadata/k8sutils.go @@ -143,7 +143,7 @@ func ExtractMetadataFromJsonBytes(input []byte) (Metadata, error) { m.ResourceVersion = unquote(value) case strings.HasPrefix(jsonPath, "metadata.annotations."): m.Annotations[unquote(key)] = unquote(value) - case strings.HasPrefix(jsonPath, "metadata.labels."): + case strings.Contains(jsonPath, "metadata.labels."): m.Labels[unquote(key)] = unquote(value) case strings.HasPrefix(jsonPath, "metadata.ownerReferences.."): m.OwnerReferences[unquote(key)] = unquote(value) diff --git a/armometadata/k8sutils_test.go b/armometadata/k8sutils_test.go index 870f24e..e29154d 100644 --- a/armometadata/k8sutils_test.go +++ b/armometadata/k8sutils_test.go @@ -135,6 +135,21 @@ func TestExtractMetadataFromJsonBytes(t *testing.T) { apiVersion string podSelectorMatchLabels map[string]string }{ + { + name: "testdeployment", + annotations: map[string]string{ + "deployment.kubernetes.io/revision": "1", + }, + labels: map[string]string{ + "app": "emailservice", + }, + ownerReferences: map[string]string{}, + creationTs: "2024-07-18T19:58:44Z", + resourceVersion: "6486", + kind: "Deployment", + apiVersion: "apps/v1", + podSelectorMatchLabels: map[string]string{}, + }, { name: "networkpolicy_withoutmatching_labels", annotations: map[string]string{}, diff --git a/armometadata/testdata/pod.json b/armometadata/testdata/pod.json index d30ddf0..43abf8f 100644 --- a/armometadata/testdata/pod.json +++ b/armometadata/testdata/pod.json @@ -36,6 +36,11 @@ }, "spec": { "automountServiceAccountToken": true, + "selector": { + "matchLabels": { + "app": "kubescape" + } + }, "containers": [ { "command": [ diff --git a/armometadata/testdata/testdeployment.json b/armometadata/testdata/testdeployment.json new file mode 100644 index 0000000..3338e91 --- /dev/null +++ b/armometadata/testdata/testdeployment.json @@ -0,0 +1,148 @@ +{ + "apiVersion": "apps/v1", + "kind": "Deployment", + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "1" + }, + "creationTimestamp": "2024-07-18T19:58:44Z", + "generation": 1, + "name": "emailservice", + "namespace": "default", + "resourceVersion": "6486", + "uid": "916f902f-619c-4f42-9734-5df3a8e88cb7" + }, + "spec": { + "progressDeadlineSeconds": 600, + "replicas": 1, + "revisionHistoryLimit": 10, + "selector": { + "matchLabels": { + "app": "emailservice" + } + }, + "strategy": { + "rollingUpdate": { + "maxSurge": "25%", + "maxUnavailable": "25%" + }, + "type": "RollingUpdate" + }, + "template": { + "metadata": { + "creationTimestamp": null, + "labels": { + "app": "emailservice" + } + }, + "spec": { + "containers": [ + { + "env": [ + { + "name": "PORT", + "value": "8080" + }, + { + "name": "DISABLE_PROFILER", + "value": "1" + } + ], + "image": "gcr.io/google-samples/microservices-demo/emailservice:v0.5.1", + "imagePullPolicy": "IfNotPresent", + "livenessProbe": { + "exec": { + "command": [ + "/bin/grpc_health_probe", + "-addr=:8080" + ] + }, + "failureThreshold": 3, + "periodSeconds": 5, + "successThreshold": 1, + "timeoutSeconds": 1 + }, + "name": "server", + "ports": [ + { + "containerPort": 8080, + "protocol": "TCP" + } + ], + "readinessProbe": { + "exec": { + "command": [ + "/bin/grpc_health_probe", + "-addr=:8080" + ] + }, + "failureThreshold": 3, + "periodSeconds": 5, + "successThreshold": 1, + "timeoutSeconds": 1 + }, + "resources": { + "limits": { + "cpu": "200m", + "memory": "128Mi" + }, + "requests": { + "cpu": "100m", + "memory": "64Mi" + } + }, + "securityContext": { + "allowPrivilegeEscalation": false, + "capabilities": { + "drop": [ + "all" + ] + }, + "privileged": false, + "readOnlyRootFilesystem": true + }, + "terminationMessagePath": "/dev/termination-log", + "terminationMessagePolicy": "File" + } + ], + "dnsPolicy": "ClusterFirst", + "restartPolicy": "Always", + "schedulerName": "default-scheduler", + "securityContext": { + "fsGroup": 1000, + "runAsGroup": 1000, + "runAsNonRoot": true, + "runAsUser": 1000 + }, + "serviceAccount": "default", + "serviceAccountName": "default", + "terminationGracePeriodSeconds": 5 + } + } + }, + "status": { + "availableReplicas": 1, + "conditions": [ + { + "lastTransitionTime": "2024-07-18T19:59:08Z", + "lastUpdateTime": "2024-07-18T19:59:08Z", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "lastTransitionTime": "2024-07-18T19:58:44Z", + "lastUpdateTime": "2024-07-18T19:59:08Z", + "message": "ReplicaSet \"emailservice-d9dbcbd\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observedGeneration": 1, + "readyReplicas": 1, + "replicas": 1, + "updatedReplicas": 1 + } +} \ No newline at end of file