Skip to content

⭐️ discover k8s applications#5424

Merged
czunker merged 3 commits intomainfrom
chris-rock/k8s-apps
May 20, 2025
Merged

⭐️ discover k8s applications#5424
czunker merged 3 commits intomainfrom
chris-rock/k8s-apps

Conversation

@chris-rock
Copy link
Copy Markdown
Member

@chris-rock chris-rock commented Apr 7, 2025
edited
Loading

Adds a new resource to make it easy to detect installed applications in k8s:

cnquery> k8s.apps { * }
k8s.apps: [
  0: {
    version: "1.12.0"
    partOf: "ingress-nginx"
    managedBy: "Helm"
    name: "ingress-nginx"
    components: [
      0: "controller"
    ]
    instance: "ingress-nginx"
  }
]

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 7, 2025
edited
Loading

Test Results

4 262 tests   4 258 ✅  2m 18s ⏱️
  402 suites      4 💤
   30 files        0 ❌

Results for commit 38d49bc.

♻️ This comment has been updated with latest results.

@chris-rock chris-rock force-pushed the chris-rock/k8s-apps branch 2 times, most recently from 1892a53 to a0d5fc2 Compare April 7, 2025 10:55
tas50
tas50 reviewed Apr 7, 2025
View reviewed changes
Comment thread providers/k8s/resources/k8s.lr Outdated
@chris-rock chris-rock marked this pull request as ready for review April 8, 2025 03:55
czunker
czunker reviewed Apr 8, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@czunker czunker left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Something isn't working like I would expect it:

cnquery run kubernetes -c "k8s.apps{ * }"
→ loaded configuration from /etc/opt/mondoo/mondoo.yml using source default
k8s.apps: [
  0: {
    version: "1.12.1"
    partOf: "ingress-nginx"
    managedBy: "Helm"
    name: "ingress-nginx"
    components: [
      0: "controller"
    ]
    instance: "nginx"
  }
]
k8s.apps: [
  0: {
    version: "1.12.1"
    partOf: "ingress-nginx"
    managedBy: "Helm"
    name: "ingress-nginx"
    components: [
      0: "controller"
    ]
    instance: "nginx"
  }
]
...

The same app repeats multiple times, but I only installed it once.

@chris-rock chris-rock force-pushed the chris-rock/k8s-apps branch from e8a3123 to 71d7975 Compare April 24, 2025 14:47
@chris-rock
Copy link
Copy Markdown
Member Author

chris-rock commented Apr 24, 2025

You have two application installed. I missed to set the k8s app id for the MQL resource properly. That is fixed and you should see two different applications now https://github.com/mondoohq/cnquery/pull/5424/files#diff-c7dcc6516acf2f35883e2732feffb500c9c45088773a2f836a67ce3870fa19eaR56

@czunker
Copy link
Copy Markdown
Contributor

czunker commented Apr 25, 2025

Still the same issue:

cnquery run kubernetes -c "k8s.apps{ * }"
→ loaded configuration from /etc/opt/mondoo/mondoo.yml using source default
k8s.apps: [
  0: {
    version: "1.12.1"
    partOf: "ingress-nginx"
    managedBy: "Helm"
    name: "ingress-nginx"
    components: [
      0: "controller"
    ]
    instance: "nginx"
  }
]
k8s.apps: [
  0: {
    version: "1.12.1"
    partOf: "ingress-nginx"
    managedBy: "Helm"
    name: "ingress-nginx"
    components: [
      0: "controller"
    ]
    instance: "nginx"
  }
]
k8s.apps: [
  0: {
    version: "1.12.1"
    partOf: "ingress-nginx"
    managedBy: "Helm"
    name: "ingress-nginx"
    components: [
      0: "controller"
    ]
    instance: "nginx"
  }
]
k8s.apps: [
  0: {
    version: "1.12.1"
    partOf: "ingress-nginx"
    managedBy: "Helm"
    name: "ingress-nginx"
    components: [
      0: "controller"
    ]
    instance: "nginx"
  }
]
k8s.apps: [
  0: {
    version: "1.12.1"
    partOf: "ingress-nginx"
    managedBy: "Helm"
    name: "ingress-nginx"
    components: [
      0: "controller"
    ]
    instance: "nginx"
  }
]
k8s.apps: [
  0: {
    version: "1.12.1"
    partOf: "ingress-nginx"
    managedBy: "Helm"
    name: "ingress-nginx"
    components: [
      0: "controller"
    ]
    instance: "nginx"
  }
]
k8s.apps: [
  0: {
    version: "1.12.1"
    partOf: "ingress-nginx"
    managedBy: "Helm"
    name: "ingress-nginx"
    components: [
      0: "controller"
    ]
    instance: "nginx"
  }
]
k8s.apps: [
  0: {
    version: "1.12.1"
    partOf: "ingress-nginx"
    managedBy: "Helm"
    name: "ingress-nginx"
    components: [
      0: "controller"
    ]
    instance: "nginx"
  }
]
k8s.apps: [
  0: {
    version: "1.12.1"
    partOf: "ingress-nginx"
    managedBy: "Helm"
    name: "ingress-nginx"
    components: [
      0: "controller"
    ]
    instance: "nginx"
  }
]
k8s.apps: [
  0: {
    version: "1.12.1"
    partOf: "ingress-nginx"
    managedBy: "Helm"
    name: "ingress-nginx"
    components: [
      0: "controller"
    ]
    instance: "nginx"
  }
]
k8s.apps: [
  0: {
    version: "1.12.1"
    partOf: "ingress-nginx"
    managedBy: "Helm"
    name: "ingress-nginx"
    components: [
      0: "controller"
    ]
    instance: "nginx"
  }
]
k8s.apps: [
  0: {
    version: "1.12.1"
    partOf: "ingress-nginx"
    managedBy: "Helm"
    name: "ingress-nginx"
    components: [
      0: "controller"
    ]
    instance: "nginx"
  }
]
k8s.apps: [
  0: {
    version: "1.12.1"
    partOf: "ingress-nginx"
    managedBy: "Helm"
    name: "ingress-nginx"
    components: [
      0: "controller"
    ]
    instance: "nginx"
  }
]

But only one deployment:

k get deployments
NAME                             READY   UP-TO-DATE   AVAILABLE   AGE
nginx-ingress-nginx-controller   1/1     1            1           16d

To reproduce:

@chris-rock
Copy link
Copy Markdown
Member Author

chris-rock commented May 19, 2025 

minikube start
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update
cnquery run kubernetes --discover clusters -c "k8s.apps{ * }"

If you use the cnquery run kubernetes it will execute on each discovered resource. You can try it by:

cnquery shell kubernetes --discover clusters
→ connected to Kubernetes Cluster
  ___ _ __   __ _ _   _  ___ _ __ _   _ 
 / __| '_ \ / _` | | | |/ _ \ '__| | | |
| (__| | | | (_| | |_| |  __/ |  | |_| |
 \___|_| |_|\__, |\__,_|\___|_|   \__, |
  mondoo™      |_|                |___/  interactive shell

cnquery> k8s.apps
k8s.apps: [
  0: k8s.app id = ingress-nginx/nginx
]
cnquery>

@chris-rock chris-rock force-pushed the chris-rock/k8s-apps branch from 71d7975 to 38d49bc Compare May 19, 2025 21:04
@chris-rock
Copy link
Copy Markdown
Member Author

chris-rock commented May 19, 2025

I updated and rebased, should be ready to go.

czunker
czunker approved these changes May 20, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@czunker czunker left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @chris-rock

@czunker czunker merged commit a83cf31 into main May 20, 2025
16 of 17 checks passed
@czunker czunker deleted the chris-rock/k8s-apps branch May 20, 2025 05:08
@github-actions github-actions Bot locked and limited conversation to collaborators May 20, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@tas50 tas50 tas50 left review comments

@czunker czunker czunker approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@chris-rock @czunker @tas50