cleanup: integrated libstandard

Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de>

go.mod

@@ -5,12 +5,12 @@ go 1.18
 require (
 	github.com/anchore/syft v0.52.0
 	github.com/ckotzbauer/libk8soci v0.0.0-20220701045827-83b65b42c42b
+	github.com/ckotzbauer/libstandard v0.0.0-20220724093059-4e2e27d1237f
 	github.com/novln/docker-parser v1.0.0
 	github.com/nscuro/dtrack-client v0.6.0
 	github.com/robfig/cron v1.2.0
 	github.com/sirupsen/logrus v1.9.0
 	github.com/spf13/cobra v1.5.0
-	github.com/spf13/viper v1.12.0
 	github.com/stretchr/testify v1.8.0
 	k8s.io/api v0.24.3
 	k8s.io/apimachinery v0.24.3
@@ -23,8 +23,6 @@ require (
 	github.com/Masterminds/sprig/v3 v3.2.2 // indirect
 	github.com/Microsoft/go-winio v0.5.2 // indirect
 	github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7 // indirect
-	github.com/PuerkitoBio/purell v1.1.1 // indirect
-	github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
 	github.com/acobaugh/osrelease v0.1.0 // indirect
 	github.com/acomagu/bufpipe v1.0.3 // indirect
 	github.com/anchore/go-macholibre v0.0.0-20220308212642-53e6d0aaf6fb // indirect
@@ -45,7 +43,6 @@ require (
 	github.com/emicklei/go-restful v2.9.5+incompatible // indirect
 	github.com/emirpasic/gods v1.12.0 // indirect
 	github.com/facebookincubator/nvdtools v0.1.4 // indirect
-	github.com/fsnotify/fsnotify v1.5.4 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.0 // indirect
 	github.com/go-git/gcfg v1.5.0 // indirect
 	github.com/go-git/go-billy/v5 v5.3.1 // indirect
@@ -58,8 +55,8 @@ require (
 	github.com/google/uuid v1.3.0 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
-	github.com/hashicorp/hcl v1.0.0 // indirect
 	github.com/huandu/xstrings v1.3.2 // indirect
+	github.com/iancoleman/strcase v0.2.0 // indirect
 	github.com/inconshreveable/mousetrap v1.0.0 // indirect
 	github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
 	github.com/jinzhu/copier v0.3.2 // indirect
@@ -69,7 +66,6 @@ require (
 	github.com/klauspost/compress v1.15.8 // indirect
 	github.com/klauspost/pgzip v1.2.5 // indirect
 	github.com/knqyf263/go-rpmdb v0.0.0-20220629110411-9a3bd2ebb923 // indirect
-	github.com/magiconair/properties v1.8.6 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mattn/go-isatty v0.0.14 // indirect
 	github.com/mattn/go-runewidth v0.0.13 // indirect
@@ -87,7 +83,6 @@ require (
 	github.com/opencontainers/go-digest v1.0.0 // indirect
 	github.com/opencontainers/image-spec v1.0.3-0.20220114050600-8b9d41f48198 // indirect
 	github.com/pelletier/go-toml v1.9.5 // indirect
-	github.com/pelletier/go-toml/v2 v2.0.1 // indirect
 	github.com/pierrec/lz4/v4 v4.1.2 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
@@ -99,8 +94,6 @@ require (
 	github.com/spdx/tools-golang v0.2.0 // indirect
 	github.com/spf13/afero v1.8.2 // indirect
 	github.com/spf13/cast v1.5.0 // indirect
-	github.com/spf13/jwalterweatherman v1.1.0 // indirect
-	github.com/subosito/gotenv v1.3.0 // indirect
 	github.com/ulikunitz/xz v0.5.10 // indirect
 	github.com/vbatts/go-mtree v0.5.0 // indirect
 	github.com/vbatts/tar-split v0.11.2 // indirect
@@ -117,7 +110,6 @@ require (
 	golang.org/x/xerrors v0.0.0-20220517211312-f3a8303e98df // indirect
 	google.golang.org/genproto v0.0.0-20220519153652-3a47de7e79bd // indirect
 	google.golang.org/grpc v1.47.0 // indirect
-	gopkg.in/ini.v1 v1.66.6 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
 	k8s.io/client-go v0.24.2 // indirect
 	lukechampine.com/uint128 v1.1.1 // indirect
@@ -146,7 +138,7 @@ require (
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/onsi/gomega v1.19.0 // indirect
-	github.com/spf13/pflag v1.0.5
+	github.com/spf13/pflag v1.0.5 // indirect
 	golang.org/x/net v0.0.0-20220708220712-1185a9018129 // indirect
 	golang.org/x/oauth2 v0.0.0-20220718184931-c8730f7fcb92 // indirect
 	golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 // indirect

internal/config.go

@@ -1,7 +1,33 @@
 package internal
 
+type Config struct {
+	Cron                   string   `yaml:"cron" env:"SBOM_CRON" flag:"cron"`
+	Format                 string   `yaml:"format" env:"SBOM_FORMAT" flag:"format"`
+	Targets                []string `yaml:"targets" env:"SBOM_TARGETS" flag:"targets"`
+	IgnoreAnnotations      bool     `yaml:"ignoreAnnotations" env:"SBOM_IGNORE_ANNOTATIONS" flag:"ignore-annotations"`
+	GitWorkingTree         string   `yaml:"gitWorkingTree" env:"SBOM_GIT_WORKINGTREE" flag:"git-workingtree"`
+	GitRepository          string   `yaml:"gitRepository" env:"SBOM_GIT_REPOSITORY" flag:"git-repository"`
+	GitBranch              string   `yaml:"gitBranch" env:"SBOM_GIT_BRANCH" flag:"git-branch"`
+	GitPath                string   `yaml:"gitPath" env:"SBOM_GIT_PATH" flag:"git-path"`
+	GitAccessToken         string   `yaml:"gitAccessToken" env:"SBOM_GIT_ACCESS_TOKEN" flag:"git-access-token"`
+	GitAuthorName          string   `yaml:"gitAuthorName" env:"SBOM_GIT_AUTHOR_NAME" flag:"git-author-name"`
+	GitAuthorEmail         string   `yaml:"gitAuthorEmail" env:"SBOM_GIT_AUTHOR_EMAIL" flag:"git-author-email"`
+	PodLabelSelector       string   `yaml:"podLabelSelector" env:"SBOM_POD_LABEL_SELECTOR" flag:"pod-label-selector"`
+	NamespaceLabelSelector string   `yaml:"namespaceLabelSelector" env:"SBOM_NAMESPACE_LABEL_SELECTOR" flag:"namespace-label-selector"`
+	DtrackBaseUrl          string   `yaml:"dtrackBaseUrl" env:"SBOM_DTRACK_BASE_URL" flag:"dtrack-base-url"`
+	DtrackApiKey           string   `yaml:"dtrackApiKey" env:"SBOM_DTRACK_API_KEY" flag:"dtrack-api-key"`
+	KubernetesClusterId    string   `yaml:"kubernetesClusterId" env:"SBOM_KUBERNETES_CLUSTER_ID" flag:"kubernetes-cluster-id"`
+	JobImage               string   `yaml:"jobImage" env:"SBOM_JOB_IMAGE" flag:"job-image"`
+	JobImagePullSecret     string   `yaml:"jobImagePullSecret" env:"SBOM_JOB_IMAGE_PULL_SECRET" flag:"job-image-pull-secret"`
+	JobTimeout             int64    `yaml:"jobTimeout" env:"SBOM_JOB_TIMEOUT" flag:"job-timeout"`
+	OciRegistry            string   `yaml:"ociRegistry" env:"SBOM_OCI_REGISTRY" flag:"oci-registry"`
+	OciUser                string   `yaml:"ociUser" env:"SBOM_OCI_USER" flag:"oci-user"`
+	OciToken               string   `yaml:"ociToken" env:"SBOM_OCI_TOKEN" flag:"oci-token"`
+	FallbackPullSecret     string   `yaml:"fallbackPullSecret" env:"SBOM_FALLBACK_PULL_SECRET" flag:"fallback-pull-secret"`
+	Verbosity              string   `env:"SBOM_VERBOSITY" flag:"verbosity"`
+}
+
 var (
-	ConfigKeyVerbosity              = "verbosity"
 	ConfigKeyCron                   = "cron"
 	ConfigKeyFormat                 = "format"
 	ConfigKeyTargets                = "targets"
@@ -27,4 +53,6 @@ var (
 	ConfigKeyOciUser            = "oci-user"
 	ConfigKeyOciToken           = "oci-token"
 	ConfigKeyFallbackPullSecret = "fallback-pull-secret"
+
+	OperatorConfig *Config
 )

internal/daemon/daemon.go

@@ -4,6 +4,7 @@ import (
 	"time"
 
 	libk8s "github.com/ckotzbauer/libk8soci/pkg/kubernetes"
+	"github.com/ckotzbauer/libstandard"
 	"github.com/ckotzbauer/sbom-operator/internal"
 	"github.com/ckotzbauer/sbom-operator/internal/job"
 	"github.com/ckotzbauer/sbom-operator/internal/kubernetes"
@@ -14,7 +15,6 @@ import (
 	"github.com/ckotzbauer/sbom-operator/internal/target/oci"
 	"github.com/robfig/cron"
 	"github.com/sirupsen/logrus"
-	"github.com/spf13/viper"
 )
 
 type CronService struct {
@@ -25,8 +25,8 @@ type CronService struct {
 var running = false
 
 func Start(cronTime string) {
-	cr := internal.Unescape(cronTime)
-	targetKeys := viper.GetStringSlice(internal.ConfigKeyTargets)
+	cr := libstandard.Unescape(cronTime)
+	targetKeys := internal.OperatorConfig.Targets
 
 	logrus.Debugf("Cron set to: %v", cr)
 	targets := make([]target.Target, 0)
@@ -66,24 +66,24 @@ func (c *CronService) runBackgroundService() {
 	running = true
 
 	logrus.Info("Execute background-service")
-	format := viper.GetString(internal.ConfigKeyFormat)
+	format := internal.OperatorConfig.Format
 
 	if !hasJobImage() {
 		for _, t := range c.targets {
 			t.Initialize()
 		}
 	}
 
-	k8s := kubernetes.NewClient(viper.GetBool(internal.ConfigKeyIgnoreAnnotations))
-	namespaceSelector := viper.GetString(internal.ConfigKeyNamespaceLabelSelector)
+	k8s := kubernetes.NewClient(internal.OperatorConfig.IgnoreAnnotations, internal.OperatorConfig.FallbackPullSecret)
+	namespaceSelector := internal.OperatorConfig.NamespaceLabelSelector
 	namespaces, err := k8s.Client.ListNamespaces(namespaceSelector)
 	if err != nil {
 		logrus.WithError(err).Errorf("failed to list namespaces with selector: %s, abort background-service", namespaceSelector)
 		running = false
 		return
 	}
 	logrus.Debugf("Discovered %v namespaces", len(namespaces))
-	containerImages, allImages := k8s.LoadImageInfos(namespaces, viper.GetString(internal.ConfigKeyPodLabelSelector))
+	containerImages, allImages := k8s.LoadImageInfos(namespaces, internal.OperatorConfig.PodLabelSelector)
 
 	if !hasJobImage() {
 		c.executeSyftScans(format, k8s, containerImages, allImages)
@@ -127,10 +127,10 @@ func (c *CronService) executeSyftScans(format string, k8s *kubernetes.KubeClient
 func executeJobImage(k8s *kubernetes.KubeClient, containerImages []libk8s.KubeImage) {
 	jobClient := job.New(
 		k8s,
-		viper.GetString(internal.ConfigKeyJobImage),
-		viper.GetString(internal.ConfigKeyJobImagePullSecret),
-		viper.GetString(internal.ConfigKeyKubernetesClusterId),
-		viper.GetInt64(internal.ConfigKeyJobTimeout))
+		internal.OperatorConfig.JobImage,
+		internal.OperatorConfig.JobImagePullSecret,
+		internal.OperatorConfig.KubernetesClusterId,
+		internal.OperatorConfig.JobTimeout)
 
 	j, err := jobClient.StartJob(containerImages)
 	if err != nil {
@@ -154,29 +154,29 @@ func initTargets(targetKeys []string) []target.Target {
 		var err error
 
 		if ta == "git" {
-			workingTree := viper.GetString(internal.ConfigKeyGitWorkingTree)
-			workPath := viper.GetString(internal.ConfigKeyGitPath)
-			repository := viper.GetString(internal.ConfigKeyGitRepository)
-			branch := viper.GetString(internal.ConfigKeyGitBranch)
-			format := viper.GetString(internal.ConfigKeyFormat)
-			token := viper.GetString(internal.ConfigKeyGitAccessToken)
-			name := viper.GetString(internal.ConfigKeyGitAuthorName)
-			email := viper.GetString(internal.ConfigKeyGitAuthorEmail)
+			workingTree := internal.OperatorConfig.GitWorkingTree
+			workPath := internal.OperatorConfig.GitPath
+			repository := internal.OperatorConfig.GitRepository
+			branch := internal.OperatorConfig.GitBranch
+			format := internal.OperatorConfig.Format
+			token := internal.OperatorConfig.GitAccessToken
+			name := internal.OperatorConfig.GitAuthorName
+			email := internal.OperatorConfig.GitAuthorEmail
 			t := git.NewGitTarget(workingTree, workPath, repository, branch, token, name, email, format)
 			err = t.ValidateConfig()
 			targets = append(targets, t)
 		} else if ta == "dtrack" {
-			baseUrl := viper.GetString(internal.ConfigKeyDependencyTrackBaseUrl)
-			apiKey := viper.GetString(internal.ConfigKeyDependencyTrackApiKey)
-			k8sClusterId := viper.GetString(internal.ConfigKeyKubernetesClusterId)
+			baseUrl := internal.OperatorConfig.DtrackBaseUrl
+			apiKey := internal.OperatorConfig.DtrackApiKey
+			k8sClusterId := internal.OperatorConfig.KubernetesClusterId
 			t := dtrack.NewDependencyTrackTarget(baseUrl, apiKey, k8sClusterId)
 			err = t.ValidateConfig()
 			targets = append(targets, t)
 		} else if ta == "oci" {
-			registry := viper.GetString(internal.ConfigKeyOciRegistry)
-			username := viper.GetString(internal.ConfigKeyOciUser)
-			token := viper.GetString(internal.ConfigKeyOciToken)
-			format := viper.GetString(internal.ConfigKeyFormat)
+			registry := internal.OperatorConfig.OciRegistry
+			username := internal.OperatorConfig.OciUser
+			token := internal.OperatorConfig.OciToken
+			format := internal.OperatorConfig.Format
 			t := oci.NewOciTarget(registry, username, token, format)
 			err = t.ValidateConfig()
 			targets = append(targets, t)
@@ -197,5 +197,5 @@ func initTargets(targetKeys []string) []target.Target {
 }
 
 func hasJobImage() bool {
-	return viper.GetString(internal.ConfigKeyJobImage) != ""
+	return internal.OperatorConfig.JobImage != ""
 }

internal/kubernetes/kubernetes.go

@@ -6,7 +6,6 @@ import (
 	"os"
 
 	"github.com/sirupsen/logrus"
-	"github.com/spf13/viper"
 	batchv1 "k8s.io/api/batch/v1"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
@@ -15,12 +14,12 @@ import (
 
 	libk8s "github.com/ckotzbauer/libk8soci/pkg/kubernetes"
 	"github.com/ckotzbauer/libk8soci/pkg/oci"
-	"github.com/ckotzbauer/sbom-operator/internal"
 )
 
 type KubeClient struct {
 	Client                *libk8s.KubeClient
 	ignoreAnnotations     bool
+	fallbackPullSecret    string
 	SbomOperatorNamespace string
 }
 
@@ -31,22 +30,21 @@ var (
 	JobName       = "sbom-operator-job"
 )
 
-func NewClient(ignoreAnnotations bool) *KubeClient {
+func NewClient(ignoreAnnotations bool, fallbackPullSecret string) *KubeClient {
 	client := libk8s.NewClient()
 
 	sbomOperatorNamespace := os.Getenv("POD_NAMESPACE")
-	return &KubeClient{Client: client, ignoreAnnotations: ignoreAnnotations, SbomOperatorNamespace: sbomOperatorNamespace}
+	return &KubeClient{Client: client, ignoreAnnotations: ignoreAnnotations, fallbackPullSecret: fallbackPullSecret, SbomOperatorNamespace: sbomOperatorNamespace}
 }
 
 func (client *KubeClient) LoadImageInfos(namespaces []corev1.Namespace, podLabelSelector string) ([]libk8s.KubeImage, []libk8s.KubeImage) {
-	fallbackPullSecretName := viper.GetString(internal.ConfigKeyFallbackPullSecret)
 	var fallbackPullSecret []oci.KubeCreds
 
-	if fallbackPullSecretName != "" {
+	if client.fallbackPullSecret != "" {
 		if client.SbomOperatorNamespace == "" {
 			logrus.Debugf("please specify the environment variable 'POD_NAMESPACE' in order to use the fallbackPullSecret")
 		} else {
-			fallbackPullSecret = client.Client.LoadSecrets(client.SbomOperatorNamespace, []corev1.LocalObjectReference{{Name: fallbackPullSecretName}})
+			fallbackPullSecret = client.Client.LoadSecrets(client.SbomOperatorNamespace, []corev1.LocalObjectReference{{Name: client.fallbackPullSecret}})
 		}
 	}