configure ark/oidc in chart and tests

Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>

Author: inteon

deploy/charts/disco-agent/templates/configmap.yaml

@@ -19,6 +19,8 @@ data:
       {{- . | toYaml | nindent 6 }}
     {{- end }}
     data-gatherers:
+    - kind: oidc
+      name: ark/oidc
     - kind: k8s-discovery
       name: ark/discovery
     - kind: k8s-dynamic

deploy/charts/disco-agent/tests/__snapshot__/configmap_test.yaml.snap

@@ -7,6 +7,8 @@ custom-cluster-description:
         cluster_description: "A cloud hosted Kubernetes cluster hosting production workloads.\n\nteam: team-1\nemail: team-1@example.com\npurpose: Production workloads\n"
         period: "12h0m0s"
         data-gatherers:
+        - kind: oidc
+          name: ark/oidc
         - kind: k8s-discovery
           name: ark/discovery
         - kind: k8s-dynamic
@@ -114,6 +116,8 @@ custom-cluster-name:
         cluster_description: ""
         period: "12h0m0s"
         data-gatherers:
+        - kind: oidc
+          name: ark/oidc
         - kind: k8s-discovery
           name: ark/discovery
         - kind: k8s-dynamic
@@ -221,6 +225,8 @@ custom-period:
         cluster_description: ""
         period: "1m"
         data-gatherers:
+        - kind: oidc
+          name: ark/oidc
         - kind: k8s-discovery
           name: ark/discovery
         - kind: k8s-dynamic
@@ -328,6 +334,8 @@ defaults:
         cluster_description: ""
         period: "12h0m0s"
         data-gatherers:
+        - kind: oidc
+          name: ark/oidc
         - kind: k8s-discovery
           name: ark/discovery
         - kind: k8s-dynamic

examples/machinehub.yaml

@@ -12,6 +12,10 @@
 #  go run . agent --one-shot --machine-hub -v 6 --agent-config-file ./examples/machinehub.yaml
 
 data-gatherers:
+# Gather Kubernetes OIDC information
+- name: ark/oidc
+  kind: oidc
+
 # Gather Kubernetes API server version information
 - name: ark/discovery
   kind: k8s-discovery

examples/machinehub/input.json

@@ -1,4 +1,34 @@
 [
+    {
+        "data-gatherer": "ark/oidc",
+        "data": {
+            "openid_configuration": {
+                "id_token_signing_alg_values_supported": [
+                    "RS256"
+                ],
+                "issuer": "https://kubernetes.default.svc.cluster.local",
+                "jwks_uri": "https://10.10.1.2:6443/openid/v1/jwks",
+                "response_types_supported": [
+                    "id_token"
+                ],
+                "subject_types_supported": [
+                    "public"
+                ]
+            },
+            "jwks": {
+                "keys": [
+                    {
+                        "alg": "RS256",
+                        "e": "AQAB",
+                        "kid": "C-2916LkMJqepqULK2nqhq6uzVB6So_yyGnqyuor71Q",
+                        "kty": "RSA",
+                        "n": "sYh6rDpl5DyzBk8qlnYXo6Sf9WbplnXJv3tPxWTvhCFsVu9G5oWjknkafVDq5UOJrlybJJNjBmUyiEi1wbdnuhceJS7rZ3sRnNp3aNoS0omCR6iHJCOuoboSlcaPuRmYw4oWXlVUXlKyw8PYPVbNCcTLuq9nqf8y33mIqe7XJsf5-Z5P05WbK9Rzj-SJvlZLQ4dSFtIiwqLkm_2fpRLj0d8Af1F6vuztnhhUE2_PDsfIWdl_kJKkrK3B5x7k5tgTyFrNQPzlRBgK9jmK0HskwAFIDaLKb7FUWuUiQjn94rjKCED4iy201YPAoZBKIHFDlFVkQ_S3quwPcRyOS18r7w",
+                        "use": "sig"
+                    }
+                ]
+            }
+        }
+    },
     {
         "data-gatherer": "ark/discovery",
         "data": {

pkg/client/client_cyberark_test.go

@@ -104,6 +104,13 @@ func fakeReadings() []*api.DataReading {
 	}
 
 	return append([]*api.DataReading{
+		{
+			DataGatherer: "ark/oidc",
+			Data: &api.OIDCDiscoveryData{
+				OIDCConfigError: "Failed to fetch /.well-known/openid-configuration: 404 Not Found",
+				JWKSError:       "Failed to fetch /openid/v1/jwks: 404 Not Found",
+			},
+		},
 		{
 			DataGatherer: "ark/discovery",
 			Data: &api.DiscoveryData{