diff --git a/pkg/analyzer/cronjob.go b/pkg/analyzer/cronjob.go index 7a1cb3586b..1107896d9e 100644 --- a/pkg/analyzer/cronjob.go +++ b/pkg/analyzer/cronjob.go @@ -5,6 +5,7 @@ import ( "time" "github.com/k8sgpt-ai/k8sgpt/pkg/common" + "github.com/k8sgpt-ai/k8sgpt/pkg/util" cron "github.com/robfig/cron/v3" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -25,15 +26,33 @@ func (analyzer CronJobAnalyzer) Analyze(a common.Analyzer) ([]common.Result, err var failures []common.Failure if cronJob.Spec.Suspend != nil && *cronJob.Spec.Suspend { failures = append(failures, common.Failure{ - Text: fmt.Sprintf("CronJob %s is suspended", cronJob.Name), - Sensitive: []common.Sensitive{}, + Text: fmt.Sprintf("CronJob %s is suspended", cronJob.Name), + Sensitive: []common.Sensitive{ + { + Unmasked: cronJob.Namespace, + Masked: util.MaskString(cronJob.Namespace), + }, + { + Unmasked: cronJob.Name, + Masked: util.MaskString(cronJob.Name), + }, + }, }) } else { // check the schedule format if _, err := CheckCronScheduleIsValid(cronJob.Spec.Schedule); err != nil { failures = append(failures, common.Failure{ - Text: fmt.Sprintf("CronJob %s has an invalid schedule: %s", cronJob.Name, err.Error()), - Sensitive: []common.Sensitive{}, + Text: fmt.Sprintf("CronJob %s has an invalid schedule: %s", cronJob.Name, err.Error()), + Sensitive: []common.Sensitive{ + { + Unmasked: cronJob.Namespace, + Masked: util.MaskString(cronJob.Namespace), + }, + { + Unmasked: cronJob.Name, + Masked: util.MaskString(cronJob.Name), + }, + }, }) } @@ -43,8 +62,17 @@ func (analyzer CronJobAnalyzer) Analyze(a common.Analyzer) ([]common.Result, err if deadline < 0 { failures = append(failures, common.Failure{ - Text: fmt.Sprintf("CronJob %s has a negative starting deadline", cronJob.Name), - Sensitive: []common.Sensitive{}, + Text: fmt.Sprintf("CronJob %s has a negative starting deadline", cronJob.Name), + Sensitive: []common.Sensitive{ + { + Unmasked: cronJob.Namespace, + Masked: util.MaskString(cronJob.Namespace), + }, + { + Unmasked: cronJob.Name, + Masked: util.MaskString(cronJob.Name), + }, + }, }) } diff --git a/pkg/analyzer/deployment.go b/pkg/analyzer/deployment.go index ea0aa4382a..4f3b77c936 100644 --- a/pkg/analyzer/deployment.go +++ b/pkg/analyzer/deployment.go @@ -7,6 +7,7 @@ import ( v1 "k8s.io/apimachinery/pkg/apis/meta/v1" "github.com/k8sgpt-ai/k8sgpt/pkg/common" + "github.com/k8sgpt-ai/k8sgpt/pkg/util" ) // DeploymentAnalyzer is an analyzer that checks for misconfigured Deployments @@ -28,9 +29,15 @@ func (d DeploymentAnalyzer) Analyze(a common.Analyzer) ([]common.Result, error) failures = append(failures, common.Failure{ Text: fmt.Sprintf("Deployment %s/%s has %d replicas but %d are available", deployment.Namespace, deployment.Name, *deployment.Spec.Replicas, deployment.Status.Replicas), Sensitive: []common.Sensitive{ - {}, - }, - }) + { + Unmasked: deployment.Namespace, + Masked: util.MaskString(deployment.Namespace), + }, + { + Unmasked: deployment.Name, + Masked: util.MaskString(deployment.Name), + }, + }}) } if len(failures) > 0 { preAnalysis[fmt.Sprintf("%s/%s", deployment.Namespace, deployment.Name)] = common.PreAnalysis{ diff --git a/pkg/analyzer/netpol.go b/pkg/analyzer/netpol.go index 371cea41f4..5e51fb17b2 100644 --- a/pkg/analyzer/netpol.go +++ b/pkg/analyzer/netpol.go @@ -27,6 +27,12 @@ func (NetworkPolicyAnalyzer) Analyze(a common.Analyzer) ([]common.Result, error) if len(policy.Spec.PodSelector.MatchLabels) == 0 { failures = append(failures, common.Failure{ Text: fmt.Sprintf("Network policy allows traffic to all pods in the namespace: %s", policy.Name), + Sensitive: []common.Sensitive{ + { + Unmasked: policy.Name, + Masked: util.MaskString(policy.Name), + }, + }, }) continue } @@ -38,6 +44,12 @@ func (NetworkPolicyAnalyzer) Analyze(a common.Analyzer) ([]common.Result, error) if len(podList.Items) == 0 { failures = append(failures, common.Failure{ Text: fmt.Sprintf("Network policy is not applied to any pods: %s", policy.Name), + Sensitive: []common.Sensitive{ + { + Unmasked: policy.Name, + Masked: util.MaskString(policy.Name), + }, + }, }) }