in pkg/asset/asset.go [103:164]
func ConvertCAIToK8s(asset map[string]interface{}) (*unstructured.Unstructured, error) {
groupKind, found, err := unstructured.NestedString(asset, "asset_type")
if err != nil {
return nil, errors.Wrapf(err, "failed to access asset_type field")
}
if !found {
return nil, errors.Errorf("asset_type field not found")
}
parts := strings.Split(groupKind, "/")
if len(parts) != 2 {
return nil, errors.Errorf("expected asset_type to be of form \"<group>/<kind>\", got %s", groupKind)
}
group := parts[0]
kind := parts[1]
// CAI pretends that the core resources are part of the "k8s.io" apiGroup. For compatibility with what one would
// see in kubernetes, we set the group to empty string ("").
if group == "k8s.io" {
group = ""
}
version, found, err := unstructured.NestedString(asset, "resource", "version")
if err != nil {
return nil, errors.Wrapf(err, "failed to access resource.version field")
}
if !found {
return nil, errors.Errorf("resource.version field not found")
}
resource, found, err := unstructured.NestedMap(asset, "resource", "data")
if err != nil {
return nil, errors.Wrapf(err, "failed to access resource.data field")
}
if !found {
return nil, errors.Errorf("resource.data field not found")
}
u := &unstructured.Unstructured{Object: resource}
u.SetGroupVersionKind(schema.GroupVersionKind{
Group: group,
Version: version,
Kind: kind,
})
ancestors, found, err := unstructured.NestedStringSlice(asset, "ancestors")
if err != nil {
return nil, errors.Wrapf(err, "failed to access ancestors field")
}
if !found {
return nil, errors.Errorf("ancestors field not found")
}
annotations := u.GetAnnotations()
if annotations == nil {
annotations = map[string]string{}
}
annotations["validator.forsetisecurity.org/ancestorPath"] = AncestryPath(ancestors)
u.SetAnnotations(annotations)
return u, nil
}