Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

remove unecessary resources discovery for cleanup #172

Merged
merged 1 commit into from
Nov 22, 2024
Merged

remove unecessary resources discovery for cleanup #172

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 0 additions & 15 deletions pkg/cleanup/discovery.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,28 +22,13 @@ import (

var (
Workloads = mapset.NewSet[string]([]string{
"apiservice",
"configmap",
"clusterrole",
"clusterrolebinding",
"cronjob",
"daemonset",
"deployment",
"endpoints",
"endpointslice",
"job",
"lease",
"namespace",
"node",
"persistentvolume",
"persistentvolumeclaim",
"pod",
"replicaset",
"role",
"rolebinding",
"secret",
"service",
"serviceaccount",
"statefulset",
}...) // FIXME put in a configmap
)
Expand Down
220 changes: 1 addition & 219 deletions pkg/cleanup/testdata/wlids.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,105 +1,17 @@
{
"namespace-/apiservice-v1.": [],
"namespace-/apiservice-v1.admissionregistration.k8s.io": [],
"namespace-/apiservice-v1.apiextensions.k8s.io": [],
"namespace-/apiservice-v1.apps": [],
"namespace-/apiservice-v1.authentication.k8s.io": [],
"namespace-/apiservice-v1.authorization.k8s.io": [],
"namespace-/apiservice-v1.autoscaling": [],
"namespace-/apiservice-v1.batch": [],
"namespace-/apiservice-v1.certificates.k8s.io": [],
"namespace-/apiservice-v1.coordination.k8s.io": [],
"namespace-/apiservice-v1.discovery.k8s.io": [],
"namespace-/apiservice-v1.events.k8s.io": [],
"namespace-/apiservice-v1.networking.k8s.io": [],
"namespace-/apiservice-v1.node.k8s.io": [],
"namespace-/apiservice-v1.policy": [],
"namespace-/apiservice-v1.rbac.authorization.k8s.io": [],
"namespace-/apiservice-v1.scheduling.k8s.io": [],
"namespace-/apiservice-v1.storage.k8s.io": [],
"namespace-/apiservice-v1beta1.spdx.softwarecomposition.kubescape.io": [],
"namespace-/apiservice-v1beta2.flowcontrol.apiserver.k8s.io": [],
"namespace-/apiservice-v1beta3.flowcontrol.apiserver.k8s.io": [],
"namespace-/apiservice-v2.autoscaling": [],
"namespace-/clusterrolebinding-cluster-admin": [],
"namespace-/clusterrolebinding-kindnet": [],
"namespace-/clusterrolebinding-kollector": [],
"namespace-/clusterrolebinding-kubeadm:get-nodes": [],
"namespace-/clusterrolebinding-kubeadm:kubelet-bootstrap": [],
"namespace-/clusterrolebinding-kubeadm:node-autoapprove-bootstrap": [],
"namespace-/clusterrolebinding-kubeadm:node-autoapprove-certificate-rotation": [],
"namespace-/clusterrolebinding-kubeadm:node-proxier": [],
"namespace-/clusterrolebinding-kubescape": [],
"namespace-/clusterrolebinding-kubevuln": [],
"namespace-/clusterrolebinding-local-path-provisioner-bind": [],
"namespace-/clusterrolebinding-node-agent": [],
"namespace-/clusterrolebinding-operator": [],
"namespace-/clusterrolebinding-storage": [],
"namespace-/clusterrolebinding-storage:system:auth-delegator": [],
"namespace-/clusterrolebinding-synchronizer": [],
"namespace-/clusterrolebinding-system:basic-user": [],
"namespace-/clusterrolebinding-system:controller:attachdetach-controller": [],
"namespace-/clusterrolebinding-system:controller:certificate-controller": [],
"namespace-/clusterrolebinding-system:controller:clusterrole-aggregation-controller": [],
"namespace-/clusterrolebinding-system:controller:cronjob-controller": [],
"namespace-/clusterrolebinding-system:controller:daemon-set-controller": [],
"namespace-/clusterrolebinding-system:controller:deployment-controller": [],
"namespace-/clusterrolebinding-system:controller:disruption-controller": [],
"namespace-/clusterrolebinding-system:controller:endpoint-controller": [],
"namespace-/clusterrolebinding-system:controller:endpointslice-controller": [],
"namespace-/clusterrolebinding-system:controller:endpointslicemirroring-controller": [],
"namespace-/clusterrolebinding-system:controller:ephemeral-volume-controller": [],
"namespace-/clusterrolebinding-system:controller:expand-controller": [],
"namespace-/clusterrolebinding-system:controller:generic-garbage-collector": [],
"namespace-/clusterrolebinding-system:controller:horizontal-pod-autoscaler": [],
"namespace-/clusterrolebinding-system:controller:job-controller": [],
"namespace-/clusterrolebinding-system:controller:namespace-controller": [],
"namespace-/clusterrolebinding-system:controller:node-controller": [],
"namespace-/clusterrolebinding-system:controller:persistent-volume-binder": [],
"namespace-/clusterrolebinding-system:controller:pod-garbage-collector": [],
"namespace-/clusterrolebinding-system:controller:pv-protection-controller": [],
"namespace-/clusterrolebinding-system:controller:pvc-protection-controller": [],
"namespace-/clusterrolebinding-system:controller:replicaset-controller": [],
"namespace-/clusterrolebinding-system:controller:replication-controller": [],
"namespace-/clusterrolebinding-system:controller:resourcequota-controller": [],
"namespace-/clusterrolebinding-system:controller:root-ca-cert-publisher": [],
"namespace-/clusterrolebinding-system:controller:route-controller": [],
"namespace-/clusterrolebinding-system:controller:service-account-controller": [],
"namespace-/clusterrolebinding-system:controller:service-controller": [],
"namespace-/clusterrolebinding-system:controller:statefulset-controller": [],
"namespace-/clusterrolebinding-system:controller:ttl-after-finished-controller": [],
"namespace-/clusterrolebinding-system:controller:ttl-controller": [],
"namespace-/clusterrolebinding-system:coredns": [],
"namespace-/clusterrolebinding-system:discovery": [],
"namespace-/clusterrolebinding-system:kube-controller-manager": [],
"namespace-/clusterrolebinding-system:kube-dns": [],
"namespace-/clusterrolebinding-system:kube-scheduler": [],
"namespace-/clusterrolebinding-system:monitoring": [],
"namespace-/clusterrolebinding-system:node": [],
"namespace-/clusterrolebinding-system:node-proxier": [],
"namespace-/clusterrolebinding-system:public-info-viewer": [],
"namespace-/clusterrolebinding-system:service-account-issuer-discovery": [],
"namespace-/clusterrolebinding-system:volume-scheduler": [],
"namespace-/namespace-default": [],
"namespace-/namespace-kube-node-lease": [],
"namespace-/namespace-kube-public": [],
"namespace-/namespace-kube-system": [],
"namespace-/namespace-kubescape": [],
"namespace-/namespace-local-path-storage": [],
"namespace-/node-kind-control-plane": [],
"namespace-/persistentvolume-pvc-7843aae9-7eaf-407a-8e7e-ea8760e76e6e": [],
"namespace-default/configmap-kube-root-ca.crt": [],
"namespace-default/deployment-nginx": [
"nginx"
],
"namespace-default/endpoints-kubernetes": [],
"namespace-default/endpointslice-kubernetes": [],
"namespace-default/pod-nginx-748c667d99-8mk4k": [],
"namespace-default/replicaset-nginx-748c667d99": [
"nginx"
],
"namespace-default/service-kubernetes": [],
"namespace-default/serviceaccount-default": [],
"namespace-gmp-system/daemonset-collector": [
"prometheus",
"config-reloader"
Expand All @@ -114,23 +26,6 @@
"namespace-gmp-system/statefulset-alertmanager": [
"alertmanager"
],
"namespace-kube-node-lease/configmap-kube-root-ca.crt": [],
"namespace-kube-node-lease/lease-kind-control-plane": [],
"namespace-kube-node-lease/serviceaccount-default": [],
"namespace-kube-public/configmap-cluster-info": [],
"namespace-kube-public/configmap-kube-root-ca.crt": [],
"namespace-kube-public/role-kubeadm:bootstrap-signer-clusterinfo": [],
"namespace-kube-public/role-system:controller:bootstrap-signer": [],
"namespace-kube-public/rolebinding-kubeadm:bootstrap-signer-clusterinfo": [],
"namespace-kube-public/rolebinding-system:controller:bootstrap-signer": [],
"namespace-kube-public/serviceaccount-default": [],
"namespace-kube-system/configmap-coredns": [],
"namespace-kube-system/configmap-extension-apiserver-authentication": [],
"namespace-kube-system/configmap-kube-apiserver-legacy-service-account-token-tracking": [],
"namespace-kube-system/configmap-kube-proxy": [],
"namespace-kube-system/configmap-kube-root-ca.crt": [],
"namespace-kube-system/configmap-kubeadm-config": [],
"namespace-kube-system/configmap-kubelet-config": [],
"namespace-kube-system/daemonset-fluentbit-gke": [
"fluentbit-gke",
"fluentbit"
Expand Down Expand Up @@ -249,12 +144,6 @@
"metrics-server",
"metrics-server-nanny"
],
"namespace-kube-system/endpoints-kube-dns": [],
"namespace-kube-system/endpointslice-kube-dns-92k4x": [],
"namespace-kube-system/endpointslice-kube-dns-jgjc6": [],
"namespace-kube-system/lease-apiserver-c7uylvfxlbqccnk6myfkwetzze": [],
"namespace-kube-system/lease-kube-controller-manager": [],
"namespace-kube-system/lease-kube-scheduler": [],
"namespace-kube-system/pod-coredns-5d78c9869d-bjsbm": [],
"namespace-kube-system/pod-coredns-5d78c9869d-bt8qx": [],
"namespace-kube-system/pod-coredns-787d4945fb-r2g4q": [],
Expand All @@ -273,77 +162,7 @@
"namespace-kube-system/replicaset-coredns-787d4945fb": [
"coredns"
],
"namespace-kube-system/role-extension-apiserver-authentication-reader": [],
"namespace-kube-system/role-kube-proxy": [],
"namespace-kube-system/role-kubeadm:kubelet-config": [],
"namespace-kube-system/role-kubeadm:nodes-kubeadm-config": [],
"namespace-kube-system/role-system::leader-locking-kube-controller-manager": [],
"namespace-kube-system/role-system::leader-locking-kube-scheduler": [],
"namespace-kube-system/role-system:controller:bootstrap-signer": [],
"namespace-kube-system/role-system:controller:cloud-provider": [],
"namespace-kube-system/role-system:controller:token-cleaner": [],
"namespace-kube-system/rolebinding-kube-proxy": [],
"namespace-kube-system/rolebinding-kubeadm:kubelet-config": [],
"namespace-kube-system/rolebinding-kubeadm:nodes-kubeadm-config": [],
"namespace-kube-system/rolebinding-storage-auth-reader": [],
"namespace-kube-system/rolebinding-system::extension-apiserver-authentication-reader": [],
"namespace-kube-system/rolebinding-system::leader-locking-kube-controller-manager": [],
"namespace-kube-system/rolebinding-system::leader-locking-kube-scheduler": [],
"namespace-kube-system/rolebinding-system:controller:bootstrap-signer": [],
"namespace-kube-system/rolebinding-system:controller:cloud-provider": [],
"namespace-kube-system/rolebinding-system:controller:token-cleaner": [],
"namespace-kube-system/secret-bootstrap-token-abcdef": [],
"namespace-kube-system/service-kube-dns": [],
"namespace-kube-system/serviceaccount-attachdetach-controller": [],
"namespace-kube-system/serviceaccount-bootstrap-signer": [],
"namespace-kube-system/serviceaccount-certificate-controller": [],
"namespace-kube-system/serviceaccount-clusterrole-aggregation-controller": [],
"namespace-kube-system/serviceaccount-coredns": [],
"namespace-kube-system/serviceaccount-cronjob-controller": [],
"namespace-kube-system/serviceaccount-daemon-set-controller": [],
"namespace-kube-system/serviceaccount-default": [],
"namespace-kube-system/serviceaccount-deployment-controller": [],
"namespace-kube-system/serviceaccount-disruption-controller": [],
"namespace-kube-system/serviceaccount-endpoint-controller": [],
"namespace-kube-system/serviceaccount-endpointslice-controller": [],
"namespace-kube-system/serviceaccount-endpointslicemirroring-controller": [],
"namespace-kube-system/serviceaccount-ephemeral-volume-controller": [],
"namespace-kube-system/serviceaccount-expand-controller": [],
"namespace-kube-system/serviceaccount-generic-garbage-collector": [],
"namespace-kube-system/serviceaccount-horizontal-pod-autoscaler": [],
"namespace-kube-system/serviceaccount-job-controller": [],
"namespace-kube-system/serviceaccount-kindnet": [],
"namespace-kube-system/serviceaccount-kube-proxy": [],
"namespace-kube-system/serviceaccount-namespace-controller": [],
"namespace-kube-system/serviceaccount-node-controller": [],
"namespace-kube-system/serviceaccount-persistent-volume-binder": [],
"namespace-kube-system/serviceaccount-pod-garbage-collector": [],
"namespace-kube-system/serviceaccount-pv-protection-controller": [],
"namespace-kube-system/serviceaccount-pvc-protection-controller": [],
"namespace-kube-system/serviceaccount-replicaset-controller": [],
"namespace-kube-system/serviceaccount-replication-controller": [],
"namespace-kube-system/serviceaccount-resourcequota-controller": [],
"namespace-kube-system/serviceaccount-root-ca-cert-publisher": [],
"namespace-kube-system/serviceaccount-service-account-controller": [],
"namespace-kube-system/serviceaccount-service-controller": [],
"namespace-kube-system/serviceaccount-statefulset-controller": [],
"namespace-kube-system/serviceaccount-token-cleaner": [],
"namespace-kube-system/serviceaccount-ttl-after-finished-controller": [],
"namespace-kube-system/serviceaccount-ttl-controller": [],
"namespace-kubescape/configmap-cs-matching-rules": [],
"namespace-kubescape/configmap-host-scanner-definition": [],
"namespace-kubescape/configmap-ks-capabilities": [],
"namespace-kubescape/configmap-ks-cloud-config": [],
"namespace-kubescape/configmap-kube-root-ca.crt": [],
"namespace-kubescape/configmap-kubescape-cronjob-template": [],
"namespace-kubescape/configmap-kubescape-scheduler": [],
"namespace-kubescape/configmap-kubevuln-cronjob-template": [],
"namespace-kubescape/configmap-kubevuln-scheduler": [],
"namespace-kubescape/configmap-node-agent": [],
"namespace-kubescape/configmap-operator": [],
"namespace-kubescape/configmap-otel-collector-config": [],
"namespace-kubescape/configmap-registry-scan-cronjob-template": [],
"namespace-kubescape/configmap-synchronizer": [],
"namespace-kubescape/cronjob-kubescape-scheduler": [],
"namespace-kubescape/cronjob-kubevuln-scheduler": [],
"namespace-kubescape/daemonset-node-agent": [
Expand All @@ -370,24 +189,6 @@
"namespace-kubescape/deployment-synchronizer": [
"synchronizer"
],
"namespace-kubescape/endpoints-gateway": [],
"namespace-kubescape/endpoints-kubescape": [],
"namespace-kubescape/endpoints-kubevuln": [],
"namespace-kubescape/endpoints-operator": [],
"namespace-kubescape/endpoints-otel-collector": [],
"namespace-kubescape/endpoints-storage": [],
"namespace-kubescape/endpointslice-gateway-49n52": [],
"namespace-kubescape/endpointslice-gateway-v7sdn": [],
"namespace-kubescape/endpointslice-kubescape-77x49": [],
"namespace-kubescape/endpointslice-kubescape-l7ccb": [],
"namespace-kubescape/endpointslice-kubevuln-k4p8f": [],
"namespace-kubescape/endpointslice-kubevuln-qm7x8": [],
"namespace-kubescape/endpointslice-operator-rl9d7": [],
"namespace-kubescape/endpointslice-operator-tgxrh": [],
"namespace-kubescape/endpointslice-otel-collector-h8zp5": [],
"namespace-kubescape/endpointslice-otel-collector-qgz29": [],
"namespace-kubescape/endpointslice-storage-bnqlv": [],
"namespace-kubescape/endpointslice-storage-cxtlm": [],
"namespace-kubescape/job-kubescape-scheduler-28364487": [
"kubescape-scheduler"
],
Expand All @@ -400,7 +201,6 @@
"namespace-kubescape/job-kubevuln-scheduler-28372865": [
"kubevuln-scheduler"
],
"namespace-kubescape/persistentvolumeclaim-storage": [],
"namespace-kubescape/pod-gateway-776ff9b5c8-2c6z8": [],
"namespace-kubescape/pod-gateway-7d75fdf958-t7vv6": [],
"namespace-kubescape/pod-kollector-0": [],
Expand Down Expand Up @@ -467,31 +267,15 @@
"namespace-kubescape/replicaset-synchronizer-67576f6b5c": [
"synchronizer"
],
"namespace-kubescape/role-kubescape": [],
"namespace-kubescape/role-operator": [],
"namespace-kubescape/rolebinding-kubescape": [],
"namespace-kubescape/rolebinding-operator": [],
"namespace-kubescape/secret-cloud-secret": [],
"namespace-kubescape/secret-sh.helm.release.v1.kubescape.v1": [],
"namespace-kubescape/service-gateway": [],
"namespace-kubescape/service-kubescape": [],
"namespace-kubescape/service-kubevuln": [],
"namespace-kubescape/service-operator": [],
"namespace-kubescape/service-otel-collector": [],
"namespace-kubescape/service-storage": [],
"namespace-kubescape/serviceaccount-default": [],
"namespace-kubescape/serviceaccount-kollector": [],
"namespace-kubescape/serviceaccount-kubescape": [],
"namespace-kubescape/serviceaccount-kubevuln": [],
"namespace-kubescape/serviceaccount-node-agent": [],
"namespace-kubescape/serviceaccount-operator": [],
"namespace-kubescape/serviceaccount-storage": [],
"namespace-kubescape/serviceaccount-synchronizer": [],
"namespace-kubescape/statefulset-kollector": [
"kollector"
],
"namespace-local-path-storage/configmap-kube-root-ca.crt": [],
"namespace-local-path-storage/configmap-local-path-config": [],
"namespace-local-path-storage/deployment-local-path-provisioner": [
"local-path-provisioner"
],
Expand All @@ -503,9 +287,7 @@
"namespace-local-path-storage/replicaset-local-path-provisioner-75f5b54ffd": [
"local-path-provisioner"
],
"namespace-local-path-storage/serviceaccount-default": [],
"namespace-local-path-storage/serviceaccount-local-path-provisioner-service-account": [],
"namespace-systest-ns-foso/deployment-golang": [
"golang"
]
}
}
Loading