Create a K8s event attached to the policy report at each update (#69)

* Create a K8s event attached to the policy report at each update * Update version to 0.4.4
hardbyte · Dec 24, 2023 · 4780dd1 · 4780dd1
1 parent 3b016eb
commit 4780dd1
Show file tree

Hide file tree

Showing 7 changed files with 788 additions and 579 deletions.
diff --git a/.run/Netchecks Operator.run.xml b/.run/Netchecks Operator.run.xml
@@ -0,0 +1,26 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="Netchecks Operator" type="PythonConfigurationType" factoryName="Python">
+    <module name="netchecks" />
+    <option name="ENV_FILES" value="" />
+    <option name="INTERPRETER_OPTIONS" value="" />
+    <option name="PARENT_ENVS" value="true" />
+    <envs>
+      <env name="PYTHONUNBUFFERED" value="1" />
+    </envs>
+    <option name="SDK_HOME" value="" />
+    <option name="SDK_NAME" value="Poetry (netchecks)" />
+    <option name="WORKING_DIRECTORY" value="$ProjectFileDir$/operator" />
+    <option name="IS_MODULE_SDK" value="false" />
+    <option name="ADD_CONTENT_ROOTS" value="false" />
+    <option name="ADD_SOURCE_ROOTS" value="false" />
+    <EXTENSION ID="PythonCoverageRunConfigurationExtension" runner="coverage.py" />
+    <option name="SCRIPT_NAME" value="kopf" />
+    <option name="PARAMETERS" value="run netchecks_operator/main.py --all-namespaces --liveness=http://0.0.0.0:8080/healthz" />
+    <option name="SHOW_COMMAND_LINE" value="false" />
+    <option name="EMULATE_TERMINAL" value="false" />
+    <option name="MODULE_MODE" value="true" />
+    <option name="REDIRECT_INPUT" value="false" />
+    <option name="INPUT_FILE" value="" />
+    <method v="2" />
+  </configuration>
+</component>
diff --git a/operator/charts/netchecks/Chart.yaml b/operator/charts/netchecks/Chart.yaml
@@ -6,13 +6,13 @@ icon: https://raw.githubusercontent.com/hardbyte/netchecks/main/.github/logo.png
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.11
+version: 0.1.12
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "0.4.3"
+appVersion: "0.4.4"
 sources:
   - https://github.com/hardbyte/netchecks
 maintainers:
@@ -22,6 +22,8 @@ maintainers:
 annotations:
   # https://artifacthub.io/docs/topics/annotations/helm/
   artifacthub.io/changes: |
+    - kind: added
+      description: Updated versions, added K8s Events on probe run.
     - kind: added
       description: Support for CEL templated variables, injecting context from ConfigMaps and Secrets.
       links:

diff --git a/operator/netchecks_operator/main.py b/operator/netchecks_operator/main.py
@@ -373,7 +373,7 @@ def summarize_results(probe_results):
             # be one of: pass, fail, warn, error, skip
             summary[test_result.get("status", "skip")] += 1
 
-    return summary
+    return dict(summary)
 
 
 def convert_results_for_policy_report(probe_results, namespace, pod_name):
@@ -435,8 +435,7 @@ def upsert_policy_report(probe_results, assertion_name, namespace, pod_name):
 
     logger = get_logger(name=assertion_name, namespace=namespace, pod_name=pod_name)
     logger.info("Upsert PolicyReport")
-    # get the resource and print out data
-    # If it doesn't exist, create it
+    # get the resource, if it doesn't exist, create it
     policy_report_label_selector = f"app.kubernetes.io/instance={assertion_name}"
     policy_reports = crd_api.list_namespaced_custom_object(
         group="wgpolicyk8s.io",
@@ -469,15 +468,15 @@ def upsert_policy_report(probe_results, assertion_name, namespace, pod_name):
     }
 
     if len(policy_reports["items"]) > 0:
-        logger.info("Existing policy reports found", reports=policy_reports)
+        logger.debug("Existing policy reports found", reports=policy_reports)
         policy_report = crd_api.get_namespaced_custom_object(
             group="wgpolicyk8s.io",
             version="v1alpha2",
             namespace=namespace,
             plural="policyreports",
             name=assertion_name,
         )
-        logger.info("Existing policy report found", report=policy_report)
+        logger.debug("Existing policy report found", report=policy_report)
         crd_api.patch_namespaced_custom_object(
             group="wgpolicyk8s.io",
             version="v1alpha2",
@@ -506,12 +505,21 @@ def upsert_policy_report(probe_results, assertion_name, namespace, pod_name):
 
         logger.info("PolicyReport created")
 
+    # Create an event on the policy report
+    logger.info("Policy Report Metadata", meta=policy_report["metadata"])
+    kopf.event(
+        objs=policy_report,
+        type="Normal",
+        reason="updated",
+        message=f"Updated after running Netchecks Probe for Network Assertion '{assertion_name}'.\nSummary:\n{report_summary}",
+    )
+
     return policy_report
 
 
 def process_probe_output(pod_log: str, network_assertion_name, namespace, pod_name):
     """
-    Extract JSON from pod log
+    Extract JSON from pod log and update the PolicyReport
     """
     try:
         probe_results = json.loads(pod_log)