Merge pull request #81 from JupiterOne/kube-dev-podarray

added pod annotations property

CHANGELOG.md

@@ -8,6 +8,12 @@ and this project adheres to
 
 ## [Unreleased]
 
+## 2.3.4 - 2024-08-26
+
+### Changed
+
+- Added POD Annotation Data property in the same pod entity
+
 ## 2.3.3 - 2024-08-22
 
 - Enable PODS step.

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@jupiterone/graph-kubernetes",
-  "version": "2.3.3",
+  "version": "2.3.4",
   "description": "A JupiterOne Integration for Kubernetes",
   "repository": {
     "type": "git",

src/steps/pods/__snapshots__/index.test.ts.snap

@@ -2324,6 +2324,7 @@ exports[`#fetchPods should collect data: jobState 1`] = `
       "hostname": undefined,
       "name": "coredns-76f75df574-2zlsc",
       "nodeName": "docker-desktop",
+      "podAnnotations": undefined,
       "preemptionPolicy": "PreemptLowerPriority",
       "priority": 2000000000,
       "priorityClassName": "system-cluster-critical",
@@ -3220,6 +3221,7 @@ exports[`#fetchPods should collect data: jobState 1`] = `
       "hostname": undefined,
       "name": "coredns-76f75df574-hnlc6",
       "nodeName": "docker-desktop",
+      "podAnnotations": undefined,
       "preemptionPolicy": "PreemptLowerPriority",
       "priority": 2000000000,
       "priorityClassName": "system-cluster-critical",
@@ -3841,6 +3843,13 @@ exports[`#fetchPods should collect data: jobState 1`] = `
       "hostname": undefined,
       "name": "etcd-docker-desktop",
       "nodeName": "docker-desktop",
+      "podAnnotations": [
+        "kubeadm.kubernetes.io/etcd.advertise-client-urls: https://192.168.65.3:2379",
+        "kubernetes.io/config.hash: a7259c8a6f480a66649ce97631b20e6f",
+        "kubernetes.io/config.mirror: a7259c8a6f480a66649ce97631b20e6f",
+        "kubernetes.io/config.seen: 2024-03-15T15:20:27.439981811Z",
+        "kubernetes.io/config.source: file",
+      ],
       "preemptionPolicy": "PreemptLowerPriority",
       "priority": 2000001000,
       "priorityClassName": "system-node-critical",
@@ -4800,6 +4809,13 @@ exports[`#fetchPods should collect data: jobState 1`] = `
       "hostname": undefined,
       "name": "kube-apiserver-docker-desktop",
       "nodeName": "docker-desktop",
+      "podAnnotations": [
+        "kubeadm.kubernetes.io/kube-apiserver.advertise-address.endpoint: 192.168.65.3:6443",
+        "kubernetes.io/config.hash: 0ebf02f01020bac6394d8c559802bcc8",
+        "kubernetes.io/config.mirror: 0ebf02f01020bac6394d8c559802bcc8",
+        "kubernetes.io/config.seen: 2024-03-15T15:20:27.439985247Z",
+        "kubernetes.io/config.source: file",
+      ],
       "preemptionPolicy": "PreemptLowerPriority",
       "priority": 2000001000,
       "priorityClassName": "system-node-critical",
@@ -5880,6 +5896,12 @@ exports[`#fetchPods should collect data: jobState 1`] = `
       "hostname": undefined,
       "name": "kube-controller-manager-docker-desktop",
       "nodeName": "docker-desktop",
+      "podAnnotations": [
+        "kubernetes.io/config.hash: af7b12e5509cb13b2c1d769bc20867d1",
+        "kubernetes.io/config.mirror: af7b12e5509cb13b2c1d769bc20867d1",
+        "kubernetes.io/config.seen: 2024-03-15T15:20:27.439986156Z",
+        "kubernetes.io/config.source: file",
+      ],
       "preemptionPolicy": "PreemptLowerPriority",
       "priority": 2000001000,
       "priorityClassName": "system-node-critical",
@@ -6814,6 +6836,7 @@ exports[`#fetchPods should collect data: jobState 1`] = `
       "hostname": undefined,
       "name": "kube-proxy-6dr6c",
       "nodeName": "docker-desktop",
+      "podAnnotations": undefined,
       "preemptionPolicy": "PreemptLowerPriority",
       "priority": 2000001000,
       "priorityClassName": "system-node-critical",
@@ -7473,6 +7496,12 @@ exports[`#fetchPods should collect data: jobState 1`] = `
       "hostname": undefined,
       "name": "kube-scheduler-docker-desktop",
       "nodeName": "docker-desktop",
+      "podAnnotations": [
+        "kubernetes.io/config.hash: 8dc7392ffeee7cf9ac30dda5e5775176",
+        "kubernetes.io/config.mirror: 8dc7392ffeee7cf9ac30dda5e5775176",
+        "kubernetes.io/config.seen: 2024-03-15T15:20:27.439986887Z",
+        "kubernetes.io/config.source: file",
+      ],
       "preemptionPolicy": "PreemptLowerPriority",
       "priority": 2000001000,
       "priorityClassName": "system-node-critical",
@@ -8098,6 +8127,10 @@ exports[`#fetchPods should collect data: jobState 1`] = `
       "hostname": undefined,
       "name": "storage-provisioner",
       "nodeName": "docker-desktop",
+      "podAnnotations": [
+        "kubectl.kubernetes.io/last-applied-configuration: {"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"labels":{"component":"storage-provisioner"},"name":"storage-provisioner","namespace":"kube-system"},"spec":{"containers":[{"args":["/var/lib/k8s-pvs"],"image":"docker/desktop-storage-provisioner:v2.0","imagePullPolicy":"IfNotPresent","name":"storage-provisioner","volumeMounts":[{"mountPath":"/var/lib/k8s-pvs","name":"pvs"}]}],"serviceAccountName":"storage-provisioner","volumes":[{"hostPath":{"path":"/var/lib/k8s-pvs","type":"Directory"},"name":"pvs"}]}}
+",
+      ],
       "preemptionPolicy": "PreemptLowerPriority",
       "priority": 0,
       "priorityClassName": undefined,
@@ -8692,6 +8725,10 @@ exports[`#fetchPods should collect data: jobState 1`] = `
       "hostname": undefined,
       "name": "vpnkit-controller",
       "nodeName": "docker-desktop",
+      "podAnnotations": [
+        "kubectl.kubernetes.io/last-applied-configuration: {"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"labels":{"component":"vpnkit-controller"},"name":"vpnkit-controller","namespace":"kube-system"},"spec":{"containers":[{"command":["/kube-vpnkit-forwarder","-path","/run/host-services/backend.sock"],"image":"docker/desktop-vpnkit-controller:dc331cb22850be0cdd97c84a9cfecaf44a1afb6e","imagePullPolicy":"IfNotPresent","name":"vpnkit-controller","volumeMounts":[{"mountPath":"/run/host-services/backend.sock","name":"api"}]}],"serviceAccountName":"vpnkit-controller","volumes":[{"hostPath":{"path":"/run/host-services/backend.sock"},"name":"api"}]}}
+",
+      ],
       "preemptionPolicy": "PreemptLowerPriority",
       "priority": 0,
       "priorityClassName": undefined,

src/steps/pods/converters.ts

@@ -8,6 +8,17 @@ import { Entities } from '../constants';
 export function createPodEntity(data: k8s.V1Pod) {
   // TODO: We could remove data.spec.containers array from this (from rawData)
   // TODO: We may want to take the spec.volumes, delete it from here and create new entities/relationships
+
+  // Convert annotations to string array if present
+  const annotations = data.metadata?.annotations;
+  let annotationArray: string[] | undefined;
+
+  if (annotations) {
+    annotationArray = Object.entries(annotations).map(
+      ([key, value]) => `${key}: ${value}`,
+    );
+  }
+
   return createIntegrationEntity({
     entityData: {
       source: data,
@@ -44,6 +55,7 @@ export function createPodEntity(data: k8s.V1Pod) {
         shareProcessNamespace: data.spec?.shareProcessNamespace,
         subdomain: data.spec?.subdomain,
         terminationGracePeriodSeconds: data.spec?.terminationGracePeriodSeconds,
+        podAnnotations: annotationArray,
         'status.hostIP': data.status?.hostIP,
         'status.message': data.status?.message,
         'status.nominatedNodeName': data.status?.nominatedNodeName,

src/steps/pods/index.test.ts

@@ -63,6 +63,10 @@ describe('#fetchPods', () => {
                 'status.qosClass': { type: 'string' },
                 'status.reason': { type: 'string' },
                 'status.startTime': { type: 'number' },
+                podAnnotations: {
+                  type: 'array',
+                  items: { type: 'string' },
+                },
               },
             },
           },