From 47f71765cc7021673dd89aaa763aff9797ae73bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mateusz=20Dymi=C5=84ski?= Date: Fri, 31 May 2024 14:44:24 +0200 Subject: [PATCH] Change prefix in taxonomy and cyclondx MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Mateusz DymiƄski --- .golangci.yml | 2 +- cmd/cyclonexdx.go | 61 +++++++++++++++++++------------------- cmd/generate.go | 4 +-- cmd/generate_test.go | 3 +- cmd/root.go | 2 +- cmd/schema.go | 3 +- cmd/version.go | 3 +- cmd/version_test.go | 3 +- docs/taxonomy.md | 70 ++++++++++++++++++++++---------------------- 9 files changed, 78 insertions(+), 73 deletions(-) diff --git a/.golangci.yml b/.golangci.yml index 94d1054..d3ef9a3 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -22,7 +22,7 @@ linters-settings: gocyclo: min-complexity: 15 goimports: - local-prefixes: github.com/ksoc-private + local-prefixes: github.com/rad-security golint: min-confidence: 0 lll: diff --git a/cmd/cyclonexdx.go b/cmd/cyclonexdx.go index 0801777..f04b9b2 100644 --- a/cmd/cyclonexdx.go +++ b/cmd/cyclonexdx.go @@ -9,12 +9,13 @@ import ( "github.com/CycloneDX/cyclonedx-go" "github.com/google/uuid" "github.com/mitchellh/hashstructure/v2" + "github.com/rad-security/kbom/internal/model" ) const ( CdxPrefix = "cdx:" - KSOCPrefix = "ksoc:kbom:" + RADPrefix = "rad:kbom:" K8sComponentType = "k8s:component:type" K8sComponentName = "k8s:component:name" @@ -50,28 +51,28 @@ func transformToCycloneDXBOM(kbom *model.KBOM) *cyclonedx.BOM { //nolint:funlen Value: kbom.Cluster.Name, }, { - Name: KSOCPrefix + "k8s:cluster:nodes", + Name: RADPrefix + "k8s:cluster:nodes", Value: fmt.Sprintf("%d", kbom.Cluster.NodesCount), }, } if kbom.Cluster.Location.Name != "" && kbom.Cluster.Location.Name != "unknown" { clusterProperties = append(clusterProperties, cyclonedx.Property{ - Name: KSOCPrefix + "k8s:cluster:location:name", + Name: RADPrefix + "k8s:cluster:location:name", Value: kbom.Cluster.Location.Name, }) } if kbom.Cluster.Location.Region != "" { clusterProperties = append(clusterProperties, cyclonedx.Property{ - Name: KSOCPrefix + "k8s:cluster:location:region", + Name: RADPrefix + "k8s:cluster:location:region", Value: kbom.Cluster.Location.Region, }) } if kbom.Cluster.Location.Zone != "" { clusterProperties = append(clusterProperties, cyclonedx.Property{ - Name: KSOCPrefix + "k8s:cluster:location:zone", + Name: RADPrefix + "k8s:cluster:location:zone", Value: kbom.Cluster.Location.Zone, }) } @@ -103,79 +104,79 @@ func transformToCycloneDXBOM(kbom *model.KBOM) *cyclonedx.BOM { //nolint:funlen Value: n.Name, }, { - Name: KSOCPrefix + "k8s:node:osImage", + Name: RADPrefix + "k8s:node:osImage", Value: n.OsImage, }, { - Name: KSOCPrefix + "k8s:node:arch", + Name: RADPrefix + "k8s:node:arch", Value: n.Architecture, }, { - Name: KSOCPrefix + "k8s:node:kernel", + Name: RADPrefix + "k8s:node:kernel", Value: n.KernelVersion, }, { - Name: KSOCPrefix + "k8s:node:bootId", + Name: RADPrefix + "k8s:node:bootId", Value: n.BootID, }, { - Name: KSOCPrefix + "k8s:node:type", + Name: RADPrefix + "k8s:node:type", Value: n.Type, }, { - Name: KSOCPrefix + "k8s:node:operatingSystem", + Name: RADPrefix + "k8s:node:operatingSystem", Value: n.OperatingSystem, }, { - Name: KSOCPrefix + "k8s:node:machineId", + Name: RADPrefix + "k8s:node:machineId", Value: n.MachineID, }, { - Name: KSOCPrefix + "k8s:node:hostname", + Name: RADPrefix + "k8s:node:hostname", Value: n.Hostname, }, { - Name: KSOCPrefix + "k8s:node:containerRuntimeVersion", + Name: RADPrefix + "k8s:node:containerRuntimeVersion", Value: n.ContainerRuntimeVersion, }, { - Name: KSOCPrefix + "k8s:node:kubeletVersion", + Name: RADPrefix + "k8s:node:kubeletVersion", Value: n.KubeletVersion, }, { - Name: KSOCPrefix + "k8s:node:kubeProxyVersion", + Name: RADPrefix + "k8s:node:kubeProxyVersion", Value: n.KubeProxyVersion, }, { - Name: KSOCPrefix + "k8s:node:capacity:cpu", + Name: RADPrefix + "k8s:node:capacity:cpu", Value: n.Capacity.CPU, }, { - Name: KSOCPrefix + "k8s:node:capacity:memory", + Name: RADPrefix + "k8s:node:capacity:memory", Value: n.Capacity.Memory, }, { - Name: KSOCPrefix + "k8s:node:capacity:pods", + Name: RADPrefix + "k8s:node:capacity:pods", Value: n.Capacity.Pods, }, { - Name: KSOCPrefix + "k8s:node:capacity:ephemeralStorage", + Name: RADPrefix + "k8s:node:capacity:ephemeralStorage", Value: n.Capacity.EphemeralStorage, }, { - Name: KSOCPrefix + "k8s:node:allocatable:cpu", + Name: RADPrefix + "k8s:node:allocatable:cpu", Value: n.Allocatable.CPU, }, { - Name: KSOCPrefix + "k8s:node:allocatable:memory", + Name: RADPrefix + "k8s:node:allocatable:memory", Value: n.Allocatable.Memory, }, { - Name: KSOCPrefix + "k8s:node:allocatable:pods", + Name: RADPrefix + "k8s:node:allocatable:pods", Value: n.Allocatable.Pods, }, { - Name: KSOCPrefix + "k8s:node:allocatable:ephemeralStorage", + Name: RADPrefix + "k8s:node:allocatable:ephemeralStorage", Value: n.Allocatable.EphemeralStorage, }, }, @@ -201,19 +202,19 @@ func transformToCycloneDXBOM(kbom *model.KBOM) *cyclonedx.BOM { //nolint:funlen Value: img.Name, }, { - Name: KSOCPrefix + "pkg:type", + Name: RADPrefix + "pkg:type", Value: "oci", }, { - Name: KSOCPrefix + "pkg:name", + Name: RADPrefix + "pkg:name", Value: img.Name, }, { - Name: KSOCPrefix + "pkg:version", + Name: RADPrefix + "pkg:version", Value: img.Version, }, { - Name: KSOCPrefix + "pkg:digest", + Name: RADPrefix + "pkg:digest", Value: img.Digest, }, }, @@ -238,14 +239,14 @@ func transformToCycloneDXBOM(kbom *model.KBOM) *cyclonedx.BOM { //nolint:funlen Value: res.Name, }, { - Name: KSOCPrefix + "k8s:component:apiVersion", + Name: RADPrefix + "k8s:component:apiVersion", Value: resList.APIVersion, }, } if resList.Namespaced { properties = append(properties, cyclonedx.Property{ - Name: KSOCPrefix + "k8s:component:namespace", + Name: RADPrefix + "k8s:component:namespace", Value: res.Namespace, }) } diff --git a/cmd/generate.go b/cmd/generate.go index 6499850..831f32e 100644 --- a/cmd/generate.go +++ b/cmd/generate.go @@ -22,7 +22,7 @@ import ( ) const ( - KSOCCompany = "RAD Security" + Company = "RAD Security" BOMFormat = "rad" SpecVersion = "0.3" @@ -108,7 +108,7 @@ func generateKBOM(k8sClient kube.K8sClient) error { SpecVersion: SpecVersion, GeneratedAt: generatedAt, GeneratedBy: model.Tool{ - Vendor: KSOCCompany, + Vendor: Company, BuildTime: config.BuildTime, Name: config.AppName, Version: config.AppVersion, diff --git a/cmd/generate_test.go b/cmd/generate_test.go index 22d1cc5..8f957dd 100644 --- a/cmd/generate_test.go +++ b/cmd/generate_test.go @@ -8,9 +8,10 @@ import ( "testing" "time" + "github.com/stretchr/testify/assert" + "github.com/rad-security/kbom/internal/kube" "github.com/rad-security/kbom/internal/model" - "github.com/stretchr/testify/assert" ) func TestGenerateKBOM(t *testing.T) { diff --git a/cmd/root.go b/cmd/root.go index a8e35e5..69090ac 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -17,7 +17,7 @@ import ( ) const ( - confDir = ".config/ksoc" + confDir = ".config/rad" ) var ( diff --git a/cmd/schema.go b/cmd/schema.go index fcd9d52..1e1281e 100644 --- a/cmd/schema.go +++ b/cmd/schema.go @@ -4,8 +4,9 @@ import ( "encoding/json" "github.com/invopop/jsonschema" - "github.com/rad-security/kbom/internal/model" "github.com/spf13/cobra" + + "github.com/rad-security/kbom/internal/model" ) var schemaCmd = &cobra.Command{ diff --git a/cmd/version.go b/cmd/version.go index 37e7b15..cb290f3 100644 --- a/cmd/version.go +++ b/cmd/version.go @@ -3,8 +3,9 @@ package cmd import ( "fmt" - "github.com/rad-security/kbom/internal/config" "github.com/spf13/cobra" + + "github.com/rad-security/kbom/internal/config" ) var versionCmd = &cobra.Command{ diff --git a/cmd/version_test.go b/cmd/version_test.go index 439c2f0..8cfbc18 100644 --- a/cmd/version_test.go +++ b/cmd/version_test.go @@ -4,8 +4,9 @@ import ( "bytes" "testing" - "github.com/rad-security/kbom/internal/config" "github.com/stretchr/testify/assert" + + "github.com/rad-security/kbom/internal/config" ) func TestVersion(t *testing.T) { diff --git a/docs/taxonomy.md b/docs/taxonomy.md index 24b04fb..5484320 100644 --- a/docs/taxonomy.md +++ b/docs/taxonomy.md @@ -1,53 +1,53 @@ -# Custom KSOC KBOM Taxonomy +# Custom RAD KBOM Taxonomy -This is the KSOC KBOM CycloneDX property namespace and name taxonomy. All of the namespaces are prefixed with `ksoc:kbom:`. +This is the RAD KBOM CycloneDX property namespace and name taxonomy. All of the namespaces are prefixed with `rad:kbom:`. Following Taxonomy is used by the `KBOM` tool as extension to: [https://github.com/CycloneDX/cyclonedx-property-taxonomy](https://github.com/CycloneDX/cyclonedx-property-taxonomy). -## `ksoc:kbom:k8s:component` Namespace Taxonomy +## `rad:kbom:k8s:component` Namespace Taxonomy | Namespace | Description | | ------------------------------------ | ----------------------------------------------------------------- | -| `ksoc:kbom:k8s:component:apiVersion` | API Version of the Kubernetes component. | -| `ksoc:kbom:k8s:component:namespace` | Namespace of the Kubernetes component. | +| `rad:kbom:k8s:component:apiVersion` | API Version of the Kubernetes component. | +| `rad:kbom:k8s:component:namespace` | Namespace of the Kubernetes component. | -## `ksoc:kbom:k8s:cluster` Namespace Taxonomy +## `rad:kbom:k8s:cluster` Namespace Taxonomy | Property | Description | | ----------------------------------------- | ------------------------------ | -| `ksoc:kbom:k8s:cluster:location:name` | Name of the location. | -| `ksoc:kbom:k8s:cluster:location:region` | Region of the cluster. | -| `ksoc:kbom:k8s:cluster:location:zone` | Zone where cluster is located. | +| `rad:kbom:k8s:cluster:location:name` | Name of the location. | +| `rad:kbom:k8s:cluster:location:region` | Region of the cluster. | +| `rad:kbom:k8s:cluster:location:zone` | Zone where cluster is located. | -## `ksoc:kbom:k8s:node` Namespace Taxonomy +## `rad:kbom:k8s:node` Namespace Taxonomy | Property | Description | | -------------------------------------------------- | ------------------------------------ | -| `ksoc:kbom:k8s:node:osImage` | Node's operating system image | -| `ksoc:kbom:k8s:node:arch` | Node's architecture | -| `ksoc:kbom:k8s:node:kernel` | Node's kernel version | -| `ksoc:kbom:k8s:node:bootId` | Node's Boot identifier | -| `ksoc:kbom:k8s:node:type` | Node's type | -| `ksoc:kbom:k8s:node:operatingSystem` | Node's operating system | -| `ksoc:kbom:k8s:node:machineId` | Node's machine identifier | -| `ksoc:kbom:k8s:node:hostname` | Node's hostname | -| `ksoc:kbom:k8s:node:containerRuntimeVersion` | Node's container runtime version | -| `ksoc:kbom:k8s:node:kubeletVersion` | Node's kubelet version | -| `ksoc:kbom:k8s:node:kubeProxyVersion` | Node's kube proxy version | -| `ksoc:kbom:k8s:node:capacity:cpu` | Node's CPU capacity | -| `ksoc:kbom:k8s:node:capacity:memory` | Node's Memory capacity | -| `ksoc:kbom:k8s:node:capacity:pods` | Node's Pods capacity | -| `ksoc:kbom:k8s:node:capacity:ephemeralStorage` | Node's ephemeral storage capacity | -| `ksoc:kbom:k8s:node:allocatable:cpu` | Node's allocatable CPU | -| `ksoc:kbom:k8s:node:allocatable:memory` | Node's allocatable Memory | -| `ksoc:kbom:k8s:node:allocatable:pods` | Node's allocatable Pods | -| `ksoc:kbom:k8s:node:allocatable:ephemeralStorage` | Node's allocatable ephemeral storage | - -## `ksoc:kbom:pkg` Namespace Taxonomy +| `rad:kbom:k8s:node:osImage` | Node's operating system image | +| `rad:kbom:k8s:node:arch` | Node's architecture | +| `rad:kbom:k8s:node:kernel` | Node's kernel version | +| `rad:kbom:k8s:node:bootId` | Node's Boot identifier | +| `rad:kbom:k8s:node:type` | Node's type | +| `rad:kbom:k8s:node:operatingSystem` | Node's operating system | +| `rad:kbom:k8s:node:machineId` | Node's machine identifier | +| `rad:kbom:k8s:node:hostname` | Node's hostname | +| `rad:kbom:k8s:node:containerRuntimeVersion` | Node's container runtime version | +| `rad:kbom:k8s:node:kubeletVersion` | Node's kubelet version | +| `rad:kbom:k8s:node:kubeProxyVersion` | Node's kube proxy version | +| `rad:kbom:k8s:node:capacity:cpu` | Node's CPU capacity | +| `rad:kbom:k8s:node:capacity:memory` | Node's Memory capacity | +| `rad:kbom:k8s:node:capacity:pods` | Node's Pods capacity | +| `rad:kbom:k8s:node:capacity:ephemeralStorage` | Node's ephemeral storage capacity | +| `rad:kbom:k8s:node:allocatable:cpu` | Node's allocatable CPU | +| `rad:kbom:k8s:node:allocatable:memory` | Node's allocatable Memory | +| `rad:kbom:k8s:node:allocatable:pods` | Node's allocatable Pods | +| `rad:kbom:k8s:node:allocatable:ephemeralStorage` | Node's allocatable ephemeral storage | + +## `rad:kbom:pkg` Namespace Taxonomy | Property | Description | | --------------------------------- | -------------------------------------------------- | -| `ksoc:kbom:pkg:type` | Type of the package. | -| `ksoc:kbom:pkg:name` | Name of the package. | -| `ksoc:kbom:pkg:version` | Version of the package. | -| `ksoc:kbom:pkg:digest` | Digest of the package. | +| `rad:kbom:pkg:type` | Type of the package. | +| `rad:kbom:pkg:name` | Name of the package. | +| `rad:kbom:pkg:version` | Version of the package. | +| `rad:kbom:pkg:digest` | Digest of the package. |