Merge pull request kubernetes-sigs#263 from justaugustus/consolidate-pkg

Consolidate packages (part two)

Makefile

@@ -38,8 +38,8 @@ test-mac:
 		//pkg/api/files:go_default_test \
 		//pkg/audit:go_default_test \
 		//pkg/dockerregistry:go_default_test \
-		//dashboard/adapter:go_default_test \
-		//pkg/cmd:go_default_test
+		//pkg/promobot:go_default_test \
+		//pkg/vulndash/adapter:go_default_test
 test-ci: download
 	make build
 	make test

cmd/promobot-files/BUILD.bazel

@@ -6,7 +6,7 @@ go_library(
     importpath = "sigs.k8s.io/k8s-container-image-promoter/cmd/promobot-files",
     visibility = ["//visibility:private"],
     deps = [
-        "//pkg/cmd:go_default_library",
+        "//pkg/promobot:go_default_library",
         "@io_k8s_klog//:go_default_library",
     ],
 )

cmd/promobot-files/main.go

@@ -23,13 +23,13 @@ import (
 	"os"
 
 	"k8s.io/klog"
-	"sigs.k8s.io/k8s-container-image-promoter/pkg/cmd"
+	"sigs.k8s.io/k8s-container-image-promoter/pkg/promobot"
 )
 
 func main() {
 	klog.InitFlags(nil)
 
-	var options cmd.PromoteFilesOptions
+	var options promobot.PromoteFilesOptions
 	options.PopulateDefaults()
 
 	flag.StringVar(
@@ -59,7 +59,7 @@ func main() {
 	flag.Parse()
 
 	ctx := context.Background()
-	if err := cmd.RunPromoteFiles(ctx, options); err != nil {
+	if err := promobot.RunPromoteFiles(ctx, options); err != nil {
 		fmt.Fprintf(os.Stderr, "%v\n", err)
 		// nolint[gomnd]
 		os.Exit(1)

cmd/promobot-generate-manifest/BUILD.bazel

@@ -6,7 +6,7 @@ go_library(
     importpath = "sigs.k8s.io/k8s-container-image-promoter/cmd/promobot-generate-manifest",
     visibility = ["//visibility:private"],
     deps = [
-        "//pkg/cmd:go_default_library",
+        "//pkg/promobot:go_default_library",
         "@io_k8s_klog//:go_default_library",
         "@io_k8s_sigs_yaml//:go_default_library",
         "@org_golang_x_xerrors//:go_default_library",

cmd/promobot-generate-manifest/main.go

@@ -24,8 +24,9 @@ import (
 	"path/filepath"
 
 	"golang.org/x/xerrors"
+
 	"k8s.io/klog"
-	"sigs.k8s.io/k8s-container-image-promoter/pkg/cmd"
+	"sigs.k8s.io/k8s-container-image-promoter/pkg/promobot"
 	"sigs.k8s.io/yaml"
 )
 
@@ -43,7 +44,7 @@ func main() {
 func run(ctx context.Context) error {
 	klog.InitFlags(nil)
 
-	var opt cmd.GenerateManifestOptions
+	var opt promobot.GenerateManifestOptions
 	opt.PopulateDefaults()
 
 	src := ""
@@ -71,7 +72,7 @@ func run(ctx context.Context) error {
 	}
 	opt.BaseDir = s
 
-	manifest, err := cmd.GenerateManifest(ctx, opt)
+	manifest, err := promobot.GenerateManifest(ctx, opt)
 	if err != nil {
 		return err
 	}

dashboard/BUILD.bazel

@@ -6,7 +6,7 @@ go_library(
     importpath = "sigs.k8s.io/k8s-container-image-promoter/dashboard",
     visibility = ["//visibility:private"],
     deps = [
-        "//dashboard/adapter:go_default_library",
+        "//pkg/vulndash/adapter:go_default_library",
         "@io_k8s_klog//:go_default_library",
     ],
 )

dashboard/dashboard.go

@@ -21,7 +21,7 @@ import (
 	"fmt"
 
 	"k8s.io/klog"
-	adapter "sigs.k8s.io/k8s-container-image-promoter/dashboard/adapter"
+	adapter "sigs.k8s.io/k8s-container-image-promoter/pkg/vulndash/adapter"
 )
 
 // nolint[gocyclo]

dashboard/vulnerability_dashboard.md

@@ -1,45 +1,49 @@
 # Image Vulnerability Dashboard
-The vulnerability dashboard is intended to surface the vulnerabilities of 
-images in the Kubernetes production project - k8s-artifacts-prod. The
-dashboard operates as a static HTML page hosted on Google Cloud Storage.
+
+The vulnerability dashboard is intended to surface the vulnerabilities of
+images in the Kubernetes production project - k8s-artifacts-prod. The dashboard
+operates as a static HTML page hosted on Google Cloud Storage.
+
 It can be accessed by visiting this
 [page](https://storage.googleapis.com/k8s-artifacts-prod-vuln-dashboard/dashboard.html).
 
 ## Information Flow
 
 ### CAS Adapter
+
 The dashboard utilizes the Container Analysis Service in order to actually get
-the vulnerabilities it displays. However, the vulnerability information can't be used
-as provided by CAS. This is because CAS provides lots of unnecessary information which
-make it difficult to parse into an HTML table; not to mention, the large file size due
-to the sheer amount of information for each of Kubernetes' production images.
-
-In order to use this information, we use an adapter which processes the vulnerability
-occurrences returned from the CAS into a new
-[struct](https://github.com/kubernetes-sigs/k8s-container-image-promoter/blob/master/dashboard/adapter/types.go)
-containing only the info that the dashboard needs in order to create its table. This
-information is then uploaded as a JSON file to Google Cloud Storage, where it can be parsed
-into an easy-to-read HTML table. The adapter is implemented in
-[adapter.go](https://github.com/kubernetes-sigs/k8s-container-image-promoter/blob/master/dashboard/adapter/adapter.go).
+the vulnerabilities it displays. However, the vulnerability information can't
+be used as provided by CAS. This is because CAS provides lots of unnecessary
+information which make it difficult to parse into an HTML table; not to
+mention, the large file size due to the sheer amount of information for each of
+Kubernetes' production images.
+
+In order to use this information, we use an adapter which processes the
+vulnerability occurrences returned from the CAS into a new
+[struct](/pkg/vulndash/adapter/types.go) containing only the info that the
+dashboard needs in order to create its table. This information is then uploaded
+as a JSON file to Google Cloud Storage, where it can be parsed into an
+easy-to-read HTML table. The adapter is implemented in
+[`/pkg/vulndash/adapter`](/pkg/vulndash/adapter/adapter.go).
 
 ### JS Parser
-The CAS adapter described above writes the processed vulnerability information to a JSON
-stored in the vulnerability dashbaord's GCS bucket. In order to convert this JSON to a
-HTML table, a simple JavaScript file is also placed in the GCS bucket which can read in
-the contents of the JSON and create the table.
 
-The most updated versions of both the
-[JavaScript](https://github.com/kubernetes-sigs/k8s-container-image-promoter/blob/master/dashboard/dashboard.js)
-file and the static
-[HTML](https://github.com/kubernetes-sigs/k8s-container-image-promoter/blob/master/dashboard/dashboard.html)
-page are also uploaded to Google Cloud Storage whenever the adapter runs.
+The CAS adapter described above writes the processed vulnerability information
+to a JSON stored in the vulnerability dashbaord's GCS bucket. In order to
+convert this JSON to a HTML table, a simple JavaScript file is also placed in
+the GCS bucket which can read in the contents of the JSON and create the table.
+
+The most updated versions of both the [JavaScript](dashboard.js) file and the
+static [HTML](dashboard.html) page are also uploaded to Google Cloud Storage
+whenever the adapter runs.
 
 ## Integration With Prow
-In order to have the dashboard display the most up to date vulnerability information
-from the Container Analysis Service, a
-[periodic](https://github.com/kubernetes/test-infra/blob/master/prow/jobs.md)
-Prow job has been set up -
-[k8sio-vuln-dashboard-cron](https://github.com/kubernetes/test-infra/blob/master/config/jobs/kubernetes/test-infra/test-infra-trusted.yaml).
-This Prow job runs once every 24 hours, and runs the adapter in order to get the most
-recent vulnerabilities and upload any new updates to the dashboard files stored in
-Google Cloud Storage.
+
+In order to have the dashboard display the most up to date vulnerability
+information from the Container Analysis Service, a
+[periodic](https://git.k8s.io/test-infra/prow/jobs.md) Prow job has been set up
+([k8sio-vuln-dashboard-cron](https://git.k8s.io/test-infra/config/jobs/kubernetes/test-infra/test-infra-trusted.yaml)).
+
+This Prow job runs once every 24 hours, and runs the adapter in order to get
+the most recent vulnerabilities and upload any new updates to the dashboard
+files stored in Google Cloud Storage.

go.mod

@@ -3,13 +3,8 @@ module sigs.k8s.io/k8s-container-image-promoter
 go 1.15
 
 require (
-	cloud.google.com/go v0.64.0
-	cloud.google.com/go/storage v1.10.0
 	github.com/google/uuid v1.1.1
-	golang.org/x/net v0.0.0-20200822124328-c89045814202
 	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1
-	google.golang.org/api v0.30.0
-	google.golang.org/genproto v0.0.0-20200827165113-ac2560b5e952
 	gopkg.in/yaml.v2 v2.3.0
 	k8s.io/klog v1.0.0
 	sigs.k8s.io/k8s-container-image-promoter/pkg v0.0.0

pkg/go.mod

@@ -7,6 +7,7 @@ require (
 	cloud.google.com/go/logging v1.1.0
 	cloud.google.com/go/storage v1.10.0
 	github.com/google/go-containerregistry v0.1.3
+	golang.org/x/net v0.0.0-20200822124328-c89045814202
 	golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d
 	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1
 	google.golang.org/api v0.30.0

pkg/cmd/BUILD.bazel → pkg/promobot/BUILD.bazel

@@ -6,7 +6,7 @@ go_library(
         "hash.go",
         "promotefiles.go",
     ],
-    importpath = "sigs.k8s.io/k8s-container-image-promoter/pkg/cmd",
+    importpath = "sigs.k8s.io/k8s-container-image-promoter/pkg/promobot",
     visibility = ["//visibility:public"],
     deps = [
         "//pkg/api/files:go_default_library",

pkg/cmd/hash.go → pkg/promobot/hash.go

@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package cmd
+package promobot
 
 import (
 	"context"

pkg/cmd/hash_test.go → pkg/promobot/hash_test.go

@@ -1,4 +1,4 @@
-package cmd_test
+package promobot_test
 
 import (
 	"context"
@@ -7,20 +7,19 @@ import (
 	"testing"
 
 	"k8s.io/utils/diff"
+	"sigs.k8s.io/k8s-container-image-promoter/pkg/promobot"
 	"sigs.k8s.io/yaml"
-
-	"sigs.k8s.io/k8s-container-image-promoter/pkg/cmd"
 )
 
 func TestHash(t *testing.T) {
 	ctx := context.Background()
 
-	var opt cmd.GenerateManifestOptions
+	var opt promobot.GenerateManifestOptions
 	opt.PopulateDefaults()
 
 	opt.BaseDir = "testdata/files"
 
-	manifest, err := cmd.GenerateManifest(ctx, opt)
+	manifest, err := promobot.GenerateManifest(ctx, opt)
 	if err != nil {
 		t.Fatalf("failed to generate manifest: %v", err)
 	}

pkg/cmd/promotefiles.go → pkg/promobot/promotefiles.go

@@ -15,7 +15,7 @@ limitations under the License.
 */
 
 // nolint[lll]
-package cmd
+package promobot
 
 import (
 	"context"

pkg/cmd/readmanifest_test.go → pkg/promobot/readmanifest_test.go

@@ -14,31 +14,30 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package cmd_test
+package promobot_test
 
 import (
 	"testing"
 
+	"sigs.k8s.io/k8s-container-image-promoter/pkg/promobot"
 	"sigs.k8s.io/yaml"
-
-	"sigs.k8s.io/k8s-container-image-promoter/pkg/cmd"
 )
 
 func TestReadManifests(t *testing.T) {
 	grid := []struct {
 		Expected string
-		Options  cmd.PromoteFilesOptions
+		Options  promobot.PromoteFilesOptions
 	}{
 		{
 			Expected: "testdata/manifests/onefiles/expected.yaml",
-			Options: cmd.PromoteFilesOptions{
+			Options: promobot.PromoteFilesOptions{
 				FilestoresPath: "testdata/manifests/onefiles/filestores.yaml",
 				FilesPath:      "testdata/manifests/onefiles/files.yaml",
 			},
 		},
 		{
 			Expected: "testdata/manifests/manyfiles/expected.yaml",
-			Options: cmd.PromoteFilesOptions{
+			Options: promobot.PromoteFilesOptions{
 				FilestoresPath: "testdata/manifests/manyfiles/filestores.yaml",
 				FilesPath:      "testdata/manifests/manyfiles/files/",
 			},
@@ -48,7 +47,7 @@ func TestReadManifests(t *testing.T) {
 	for _, g := range grid {
 		g := g // avoid closure go-tcha
 		t.Run(g.Expected, func(t *testing.T) {
-			manifest, err := cmd.ReadManifest(g.Options)
+			manifest, err := promobot.ReadManifest(g.Options)
 			if err != nil {
 				t.Fatalf("failed to read manifest: %v", err)
 			}

dashboard/adapter/BUILD.bazel → pkg/vulndash/adapter/BUILD.bazel

@@ -6,7 +6,7 @@ go_library(
         "adapter.go",
         "types.go",
     ],
-    importpath = "sigs.k8s.io/k8s-container-image-promoter/dashboard/adapter",
+    importpath = "sigs.k8s.io/k8s-container-image-promoter/pkg/vulndash/adapter",
     visibility = ["//visibility:public"],
     deps = [
         "@com_google_cloud_go//containeranalysis/apiv1:go_default_library",

dashboard/adapter/adapter_test.go → pkg/vulndash/adapter/adapter_test.go

@@ -22,7 +22,7 @@ import (
 	"testing"
 
 	grafeaspb "google.golang.org/genproto/googleapis/grafeas/v1"
-	adapter "sigs.k8s.io/k8s-container-image-promoter/dashboard/adapter"
+	adapter "sigs.k8s.io/k8s-container-image-promoter/pkg/vulndash/adapter"
 )
 
 func checkEqual(got, expected interface{}) error {

dashboard/adapter/types.go → pkg/vulndash/adapter/types.go

@@ -17,7 +17,7 @@ limitations under the License.
 package adapter
 
 // ImageVulnBreakdown is used by the adapter in order to store the information
-// from image vulnerability occurrencess that the dashboard needs.
+// from image vulnerability occurrences that the dashboard needs.
 type ImageVulnBreakdown struct {
 	ResourceURI             string
 	ImageName               string