feat: Add provider for Google Cloud Platform (#433)

* gcp support * rebase * Fix lint issues and error handling * Add scanner ssh public key option to GCP * Add better logging for failed resource cleanup * Use higher performace disk for GCP scanner VMs * Add missing licence header in gcp/client_test.go --------- Co-authored-by: Sam Betts <[email protected]>
openclarity · Jul 17, 2023 · 374e34f · 374e34f
1 parent 47b0151
commit 374e34f
Show file tree

Hide file tree

Showing 21 changed files with 1,328 additions and 123 deletions.
diff --git a/api/models/models.gen.go b/api/models/models.gen.go
diff --git a/api/openapi.yaml b/api/openapi.yaml
@@ -916,6 +916,7 @@ components:
       enum:
         - AWS
         - Azure
+        - GCP
 
     Scans:
       type: object

diff --git a/api/server/server.gen.go b/api/server/server.gen.go
diff --git a/go.mod b/go.mod
@@ -3,6 +3,7 @@ module github.com/openclarity/vmclarity
 go 1.20
 
 require (
+	cloud.google.com/go/compute v1.19.1
 	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.6.1
 	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0
 	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v4 v4.2.1
@@ -26,6 +27,7 @@ require (
 	github.com/ghodss/yaml v1.0.0
 	github.com/google/go-cmp v0.5.9
 	github.com/google/uuid v1.3.0
+	github.com/googleapis/gax-go/v2 v2.8.0
 	github.com/labstack/echo/v4 v4.10.2
 	github.com/mitchellh/mapstructure v1.5.0
 	github.com/moby/sys/mountinfo v0.6.2
@@ -39,6 +41,7 @@ require (
 	github.com/spf13/viper v1.16.0
 	github.com/vulsio/go-exploitdb v0.4.5
 	golang.org/x/exp v0.0.0-20230321023759-10a507213a29
+	google.golang.org/api v0.122.0
 	google.golang.org/grpc v1.56.2
 	gopkg.in/yaml.v3 v3.0.1
 	gorm.io/datatypes v1.2.0
@@ -52,7 +55,6 @@ require (
 
 require (
 	cloud.google.com/go v0.110.0 // indirect
-	cloud.google.com/go/compute v1.19.1 // indirect
 	cloud.google.com/go/compute/metadata v0.2.3 // indirect
 	cloud.google.com/go/iam v0.13.0 // indirect
 	cloud.google.com/go/storage v1.29.0 // indirect
@@ -221,7 +223,6 @@ require (
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
 	github.com/google/wire v0.5.0 // indirect
 	github.com/googleapis/enterprise-certificate-proxy v0.2.3 // indirect
-	github.com/googleapis/gax-go/v2 v2.8.0 // indirect
 	github.com/gorilla/mux v1.8.0 // indirect
 	github.com/gosuri/uitable v0.0.4 // indirect
 	github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect
@@ -414,7 +415,6 @@ require (
 	golang.org/x/tools v0.9.2 // indirect
 	golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
 	gonum.org/v1/gonum v0.7.0 // indirect
-	google.golang.org/api v0.122.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 // indirect
 	google.golang.org/protobuf v1.30.0 // indirect

diff --git a/runtime_scan/pkg/orchestrator/assetscanwatcher/watcher.go b/runtime_scan/pkg/orchestrator/assetscanwatcher/watcher.go
@@ -320,6 +320,8 @@ func (w *Watcher) reconcileDone(ctx context.Context, assetScan *models.AssetScan
 
 // nolint:cyclop
 func (w *Watcher) cleanupResources(ctx context.Context, assetScan *models.AssetScan) error {
+	logger := log.GetLoggerFromContextOrDiscard(ctx)
+
 	assetScanID, ok := assetScan.GetID()
 	if !ok {
 		return errors.New("invalid AssetScan: ID is nil")
@@ -383,11 +385,13 @@ func (w *Watcher) cleanupResources(ctx context.Context, assetScan *models.AssetS
 		switch {
 		case errors.As(err, &fatalError):
 			assetScan.ResourceCleanup = utils.PointerTo(models.ResourceCleanupStateFailed)
+			logger.Errorf("resource cleanup failed: %v", fatalError)
 		case errors.As(err, &retryableError):
 			// nolint:wrapcheck
 			return common.NewRequeueAfterError(retryableError.RetryAfter(), retryableError.Error())
 		case err != nil:
 			assetScan.ResourceCleanup = utils.PointerTo(models.ResourceCleanupStateFailed)
+			logger.Errorf("resource cleanup failed: %v", err)
 		default:
 			assetScan.ResourceCleanup = utils.PointerTo(models.ResourceCleanupStateDone)
 		}

diff --git a/runtime_scan/pkg/orchestrator/config.go b/runtime_scan/pkg/orchestrator/config.go
@@ -136,6 +136,8 @@ func LoadConfig(backendHost string, backendPort int, baseURL string) (*Config, e
 	switch strings.ToLower(viper.GetString(ProviderKind)) {
 	case strings.ToLower(string(models.Azure)):
 		providerKind = models.Azure
+	case strings.ToLower(string(models.GCP)):
+		providerKind = models.GCP
 	case strings.ToLower(string(models.AWS)):
 		fallthrough
 	default:

diff --git a/runtime_scan/pkg/orchestrator/orchestrator.go b/runtime_scan/pkg/orchestrator/orchestrator.go
@@ -29,6 +29,7 @@ import (
 	"github.com/openclarity/vmclarity/runtime_scan/pkg/provider"
 	"github.com/openclarity/vmclarity/runtime_scan/pkg/provider/aws"
 	"github.com/openclarity/vmclarity/runtime_scan/pkg/provider/azure"
+	"github.com/openclarity/vmclarity/runtime_scan/pkg/provider/gcp"
 	"github.com/openclarity/vmclarity/shared/pkg/backendclient"
 	"github.com/openclarity/vmclarity/shared/pkg/log"
 )
@@ -102,6 +103,8 @@ func NewProvider(ctx context.Context, kind models.CloudProvider) (provider.Provi
 		return azure.New(ctx)
 	case models.AWS:
 		return aws.New(ctx)
+	case models.GCP:
+		return gcp.New(ctx)
 	default:
 		return nil, fmt.Errorf("unsupported provider: %s", kind)
 	}