cleaning up disk driver

JaydipGabani · JaydipGabani · commit c99e491f94c2 · 2025-03-14T00:02:50.000Z
Signed-off-by: Jaydip Gabani &lt;gabanijaydip@gmail.com&gt;
diff --git a/.github/workflows/disk-export.yaml b/.github/workflows/disk-export.yaml
@@ -24,7 +24,7 @@ jobs:
         egress-policy: audit
 
     - name: Check out code into the Go module directory
-      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
     - name: Bootstrap e2e
       run: |
diff --git a/pkg/audit/manager.go b/pkg/audit/manager.go
@@ -260,7 +260,7 @@ func (am *Manager) audit(ctx context.Context) error {
 	am.log = log.WithValues(logging.AuditID, timestamp)
 	logStart(am.log)
 	exportErrorMap := make(map[string]error)
-	if err := am.exportSystem.Publish(context.Background(), *auditConnection, *auditChannel, exportutil.ExportMsg{Message: "audit is started", ID: timestamp}); err != nil {
+	if err := am.exportSystem.Publish(context.Background(), *auditConnection, *auditChannel, exportutil.ExportMsg{Message: exportutil.AuditStartedMsg, ID: timestamp}); err != nil {
 		exportErrorMap[err.Error()] = err
 		am.log.Error(err, "failed to export audit start message")
 	}
@@ -275,7 +275,7 @@ func (am *Manager) audit(ctx context.Context) error {
 		if err := am.reporter.reportRunEnd(endTime); err != nil {
 			am.log.Error(err, "failed to report run end time")
 		}
-		if err := am.exportSystem.Publish(context.Background(), *auditConnection, *auditChannel, exportutil.ExportMsg{Message: "audit is completed", ID: timestamp}); err != nil {
+		if err := am.exportSystem.Publish(context.Background(), *auditConnection, *auditChannel, exportutil.ExportMsg{Message: exportutil.AuditCompletedMsg, ID: timestamp}); err != nil {
 			exportErrorMap[err.Error()] = err
 		}
 		for _, v := range exportErrorMap {
diff --git a/pkg/controller/export/export_config_controller.go b/pkg/controller/export/export_config_controller.go
@@ -3,6 +3,7 @@ package export
 import (
 	"context"
 	"encoding/json"
+	"errors"
 	"flag"
 	"fmt"
 
@@ -111,10 +112,10 @@ func (r *Reconciler) Reconcile(ctx context.Context, request reconcile.Request) (
 	}
 
 	if len(cfg.Data) == 0 {
-		return reconcile.Result{}, fmt.Errorf(fmt.Sprintf("data missing in configmap %s, unable to configure exporter", request.NamespacedName))
+		return reconcile.Result{}, errors.New("%s", fmt.Sprintf("data missing in configmap %s, unable to configure exporter", request.NamespacedName))
 	}
 	if _, ok := cfg.Data["driver"]; !ok {
-		return reconcile.Result{}, fmt.Errorf(fmt.Sprintf("missing driver field in configmap %s, unable to configure exporter", request.NamespacedName))
+		return reconcile.Result{}, errors.New("%s", fmt.Sprintf("missing driver field in configmap %s, unable to configure exporter", request.NamespacedName))
 	}
 	var config interface{}
 	err = json.Unmarshal([]byte(cfg.Data["config"]), &config)
diff --git a/pkg/export/disk/disk.go b/pkg/export/disk/disk.go
@@ -12,7 +12,9 @@ import (
 	"time"
 
 	"github.com/open-policy-agent/gatekeeper/v3/pkg/export/util"
+	"github.com/open-policy-agent/gatekeeper/v3/pkg/logging"
 	"k8s.io/client-go/util/retry"
+	logf "sigs.k8s.io/controller-runtime/pkg/log"
 )
 
 type Connection struct {
@@ -32,31 +34,31 @@ type Writer struct {
 }
 
 const (
+	Name                = "disk"
 	maxAllowedAuditRuns = 5
-)
-
-const (
-	Name = "disk"
+	maxAuditResults     = "maxAuditResults"
+	violationPath       = "path"
 )
 
 var Connections = &Writer{
 	openConnections: make(map[string]Connection),
 }
 
+var log = logf.Log.WithName("disk-driver").WithValues(logging.Process, "export")
+
 func (r *Writer) CreateConnection(_ context.Context, connectionName string, config interface{}) error {
 	cfg, ok := config.(map[string]interface{})
 	if !ok {
 		return fmt.Errorf("invalid config format")
 	}
 
-	path, pathOk := cfg["path"].(string)
+	path, pathOk := cfg[violationPath].(string)
 	if !pathOk {
-		return fmt.Errorf("missing or invalid values in config for connection: %s", connectionName)
+		return fmt.Errorf("missing or invalid values in config for connection %s", connectionName)
 	}
-	var err error
-	maxResults, maxResultsOk := cfg["maxAuditResults"].(float64)
+	maxResults, maxResultsOk := cfg[maxAuditResults].(float64)
 	if !maxResultsOk {
-		return fmt.Errorf("missing or invalid 'maxAuditResults' for connection: %s", connectionName)
+		return fmt.Errorf("missing or invalid 'maxAuditResults' for connection %s", connectionName)
 	}
 	if maxResults > maxAllowedAuditRuns {
 		return fmt.Errorf("maxAuditResults cannot be greater than %d", maxAllowedAuditRuns)
@@ -66,7 +68,7 @@ func (r *Writer) CreateConnection(_ context.Context, connectionName string, conf
 		Path:            path,
 		MaxAuditResults: int(maxResults),
 	}
-	return err
+	return nil
 }
 
 func (r *Writer) UpdateConnection(_ context.Context, connectionName string, config interface{}) error {
@@ -77,28 +79,28 @@ func (r *Writer) UpdateConnection(_ context.Context, connectionName string, conf
 
 	conn, exists := r.openConnections[connectionName]
 	if !exists {
-		return fmt.Errorf("connection not found: %s for Disk driver", connectionName)
+		return fmt.Errorf("connection %s for disk driver not found", connectionName)
 	}
 
 	var cleanUpErr error
-	if path, ok := cfg["path"].(string); ok {
+	if path, ok := cfg[violationPath].(string); ok {
 		if conn.Path != path {
 			if err := os.RemoveAll(conn.Path); err != nil {
 				cleanUpErr = fmt.Errorf("connection updated but failed to remove content form old path: %w", err)
 			}
 			conn.Path = path
 		}
 	} else {
-		return fmt.Errorf("missing or invalid 'path' for connection: %s", connectionName)
+		return fmt.Errorf("missing or invalid 'path' for connection %s", connectionName)
 	}
 
-	if maxResults, ok := cfg["maxAuditResults"].(float64); ok {
+	if maxResults, ok := cfg[maxAuditResults].(float64); ok {
 		if maxResults > maxAllowedAuditRuns {
 			return fmt.Errorf("maxAuditResults cannot be greater than %d", maxAllowedAuditRuns)
 		}
 		conn.MaxAuditResults = int(maxResults)
 	} else {
-		return fmt.Errorf("missing or invalid 'maxAuditResults' for connection: %s", connectionName)
+		return fmt.Errorf("missing or invalid 'maxAuditResults' for connection %s", connectionName)
 	}
 
 	r.openConnections[connectionName] = conn
@@ -108,7 +110,7 @@ func (r *Writer) UpdateConnection(_ context.Context, connectionName string, conf
 func (r *Writer) CloseConnection(connectionName string) error {
 	conn, ok := r.openConnections[connectionName]
 	if !ok {
-		return fmt.Errorf("connection not found: %s for disk driver", connectionName)
+		return fmt.Errorf("connection %s not found for disk driver", connectionName)
 	}
 	err := os.RemoveAll(conn.Path)
 	delete(r.openConnections, connectionName)
@@ -118,15 +120,15 @@ func (r *Writer) CloseConnection(connectionName string) error {
 func (r *Writer) Publish(_ context.Context, connectionName string, data interface{}, topic string) error {
 	conn, ok := r.openConnections[connectionName]
 	if !ok {
-		return fmt.Errorf("connection not found: %s for disk driver", connectionName)
+		return fmt.Errorf("connection %s not found for disk driver", connectionName)
 	}
 
 	var violation util.ExportMsg
 	if violation, ok = data.(util.ExportMsg); !ok {
 		return fmt.Errorf("invalid data type, cannot convert data to exportMsg")
 	}
 
-	if violation.Message == "audit is started" {
+	if violation.Message == util.AuditStartedMsg {
 		err := conn.handleAuditStart(violation.ID, topic)
 		if err != nil {
 			return fmt.Errorf("error handling audit start: %w", err)
@@ -148,7 +150,7 @@ func (r *Writer) Publish(_ context.Context, connectionName string, data interfac
 		return fmt.Errorf("error writing message to disk: %w", err)
 	}
 
-	if violation.Message == "audit is completed" {
+	if violation.Message == util.AuditCompletedMsg {
 		err := conn.handleAuditEnd(topic)
 		if err != nil {
 			return fmt.Errorf("error handling audit end: %w", err)
@@ -161,6 +163,7 @@ func (r *Writer) Publish(_ context.Context, connectionName string, data interfac
 }
 
 func (conn *Connection) handleAuditStart(auditID string, topic string) error {
+	// Replace ':' with '_' to avoid issues with file names in windows
 	conn.currentAuditRun = strings.ReplaceAll(auditID, ":", "_")
 
 	// Ensure the directory exists
@@ -197,6 +200,7 @@ func (conn *Connection) handleAuditEnd(topic string) error {
 	if err := os.Rename(path.Join(conn.Path, topic, appendExtension(conn.currentAuditRun, "txt")), readyFilePath); err != nil {
 		return fmt.Errorf("failed to rename file: %w, %s", err, conn.currentAuditRun)
 	}
+	log.Info("File renamed", "filename", readyFilePath)
 
 	return conn.cleanupOldAuditFiles(topic)
 }
diff --git a/pkg/export/util/util.go b/pkg/export/util/util.go
@@ -42,3 +42,8 @@ const (
 	ErrWritingMessage     ExportError = "error_writing_message"
 	ErrCleaningUpAudit    ExportError = "error_cleaning_up_audit"
 )
+
+const (
+	AuditStartedMsg   = "audit is started"
+	AuditCompletedMsg = "audit is completed"
+)

Original file line number	Diff line number	Diff line change
`@@ -260,7 +260,7 @@ func (am *Manager) audit(ctx context.Context) error {`
`260`	`260`	`am.log = log.WithValues(logging.AuditID, timestamp)`
`261`	`261`	`logStart(am.log)`
`262`	`262`	`exportErrorMap := make(map[string]error)`
`263`		`- if err := am.exportSystem.Publish(context.Background(), auditConnection, auditChannel, exportutil.ExportMsg{Message: "audit is started", ID: timestamp}); err != nil {`
	`263`	`+ if err := am.exportSystem.Publish(context.Background(), auditConnection, auditChannel, exportutil.ExportMsg{Message: exportutil.AuditStartedMsg, ID: timestamp}); err != nil {`
`264`	`264`	`exportErrorMap[err.Error()] = err`
`265`	`265`	`am.log.Error(err, "failed to export audit start message")`
`266`	`266`	`}`
`@@ -275,7 +275,7 @@ func (am *Manager) audit(ctx context.Context) error {`
`275`	`275`	`if err := am.reporter.reportRunEnd(endTime); err != nil {`
`276`	`276`	`am.log.Error(err, "failed to report run end time")`
`277`	`277`	`}`
`278`		`- if err := am.exportSystem.Publish(context.Background(), auditConnection, auditChannel, exportutil.ExportMsg{Message: "audit is completed", ID: timestamp}); err != nil {`
	`278`	`+ if err := am.exportSystem.Publish(context.Background(), auditConnection, auditChannel, exportutil.ExportMsg{Message: exportutil.AuditCompletedMsg, ID: timestamp}); err != nil {`
`279`	`279`	`exportErrorMap[err.Error()] = err`
`280`	`280`	`}`
`281`	`281`	`for _, v := range exportErrorMap {`
Original file line number	Diff line number	Diff line change
`@@ -3,6 +3,7 @@ package export`
`3`	`3`	`import (`
`4`	`4`	`"context"`
`5`	`5`	`"encoding/json"`
	`6`	`+ "errors"`
`6`	`7`	`"flag"`
`7`	`8`	`"fmt"`
`8`	`9`
`@@ -111,10 +112,10 @@ func (r *Reconciler) Reconcile(ctx context.Context, request reconcile.Request) (`
`111`	`112`	`}`
`112`	`113`
`113`	`114`	`if len(cfg.Data) == 0 {`
`114`		`- return reconcile.Result{}, fmt.Errorf(fmt.Sprintf("data missing in configmap %s, unable to configure exporter", request.NamespacedName))`
	`115`	`+ return reconcile.Result{}, errors.New("%s", fmt.Sprintf("data missing in configmap %s, unable to configure exporter", request.NamespacedName))`
`115`	`116`	`}`
`116`	`117`	`if _, ok := cfg.Data["driver"]; !ok {`
`117`		`- return reconcile.Result{}, fmt.Errorf(fmt.Sprintf("missing driver field in configmap %s, unable to configure exporter", request.NamespacedName))`
	`118`	`+ return reconcile.Result{}, errors.New("%s", fmt.Sprintf("missing driver field in configmap %s, unable to configure exporter", request.NamespacedName))`
`118`	`119`	`}`
`119`	`120`	`var config interface{}`
`120`	`121`	`err = json.Unmarshal([]byte(cfg.Data["config"]), &config)`
Original file line number	Diff line number	Diff line change
`@@ -42,3 +42,8 @@ const (`
`42`	`42`	`ErrWritingMessage ExportError = "error_writing_message"`
`43`	`43`	`ErrCleaningUpAudit ExportError = "error_cleaning_up_audit"`
`44`	`44`	`)`
	`45`	`+`
	`46`	`+const (`
	`47`	`+ AuditStartedMsg = "audit is started"`
	`48`	`+ AuditCompletedMsg = "audit is completed"`
	`49`	`+)`