Backend support for CRDs visualization

Author: arikalon1

docs/setup-robusta/crds.rst

@@ -28,15 +28,16 @@ To enable CRD monitoring, add the ``customClusterRoleRules`` section to your Rob
 
 .. code-block:: yaml
 
-    customClusterRoleRules:
-      - apiGroups:
-          - "*"
-        resources:
-          - "*"
-        verbs:
-          - "list"
-          - "get"
-          - "watch"
+    runner:
+      customClusterRoleRules:
+        - apiGroups:
+            - "*"
+          resources:
+            - "*"
+          verbs:
+            - "list"
+            - "get"
+            - "watch"
 
 .. warning::
     The above configuration grants read access to all resources. For production environments, it's recommended to limit access to specific CRDs only.
@@ -50,7 +51,8 @@ For better security, specify only the CRDs you need to monitor:
 
 .. code-block:: yaml
 
-    customClusterRoleRules:
+    runner:
+      customClusterRoleRules:
       - apiGroups:
           - "cert-manager.io"
         resources:
@@ -98,14 +100,15 @@ Using Holmes to Generate Configuration
 
     I want to add read only cluster roles for all the crds in my cluster.
     This is the format for adding one:
-    customClusterRoleRules:
-      - apiGroups:
-          - "storage.k8s.io"
-        resources:
-          - "storageclasses"
-        verbs:
-          - "list"
-          - "get"
+    runner:
+      customClusterRoleRules:
+        - apiGroups:
+            - "storage.k8s.io"
+          resources:
+            - "storageclasses"
+          verbs:
+            - "list"
+            - "get"
     Prepare my config
 
 3. Holmes will analyze your cluster and generate a complete configuration including all CRDs

helm/robusta/templates/runner-service-account.yaml

@@ -7,6 +7,14 @@ rules:
   {{- if .Values.runner.customClusterRoleRules }}
 {{ toYaml .Values.runner.customClusterRoleRules | indent 2 }}
   {{- end }}
+  - apiGroups:
+      - "apiextensions.k8s.io"
+    resources:
+      - "customresourcedefinitions"
+    verbs:
+      - "list"
+      - "get"
+
   - apiGroups:
       - ""
     resources:

src/robusta/core/playbooks/internal/CRD_API_DOCUMENTATION.md

@@ -131,7 +131,7 @@ Lists all Custom Resource Definitions available in the cluster.
 
 #### Response
 - Returns a **JsonBlock** with detailed CRD information
-- Also returns a **TableBlock** with summary (Kind, API Version, Scope, Plural)
+- Also returns a **TableBlock** with summary (Kind, API Version, Scope, Plural, Created At)
 
 #### Example Usage
 ```yaml
@@ -148,6 +148,7 @@ action: fetch_crds
     "kind": "Certificate",
     "plural": "certificates",
     "scope": "Namespaced",
+    "createdAt": "2024-03-15T10:23:45Z",
     "additionalPrinterColumns": [
       {
         "name": "READY",
@@ -171,6 +172,7 @@ action: fetch_crds
     "kind": "Prometheus",
     "plural": "prometheuses",
     "scope": "Namespaced",
+    "createdAt": "2024-02-10T14:52:18Z",
     "additionalPrinterColumns": [
       {
         "name": "VERSION",
@@ -188,11 +190,11 @@ action: fetch_crds
 ```
 
 **Table Summary:**
-| Kind | API Version | Scope | Plural |
-|------|------------|-------|--------|
-| Certificate | cert-manager.io/v1 | Namespaced | certificates |
-| Prometheus | monitoring.coreos.com/v1 | Namespaced | prometheuses |
-| ServiceMonitor | monitoring.coreos.com/v1 | Namespaced | servicemonitors |
+| Kind | API Version | Scope | Plural | Created At |
+|------|------------|-------|--------|------------|
+| Certificate | cert-manager.io/v1 | Namespaced | certificates | 2024-03-15T10:23:45Z |
+| Prometheus | monitoring.coreos.com/v1 | Namespaced | prometheuses | 2024-02-10T14:52:18Z |
+| ServiceMonitor | monitoring.coreos.com/v1 | Namespaced | servicemonitors | 2024-02-10T14:53:01Z |
 
 ---
 

src/robusta/core/playbooks/internal/crds.py

@@ -1,5 +1,6 @@
 import json
 import logging
+import re
 import subprocess
 from typing import Optional, List
 
@@ -179,7 +180,7 @@ def fetch_resource_events(event: ExecutionBaseEvent, params: ResourceParams):
 def fetch_crds(event: ExecutionBaseEvent):
     """
     Fetch all custom resource definitions.
-    Returns a JsonBlock with apiVersion, kind, scope, and additionalPrinterColumns for each CRD.
+    Returns a JsonBlock with apiVersion, kind, scope, createdAt, and additionalPrinterColumns for each CRD.
     """
     finding = Finding(
         title="Custom Resource Definitions",
@@ -195,6 +196,7 @@ def fetch_crds(event: ExecutionBaseEvent):
 
         crd_list = []
         for item in items:
+            metadata = item.get("metadata", {})
             spec = item.get("spec", {})
             versions = spec.get("versions", [])
 
@@ -222,6 +224,7 @@ def fetch_crds(event: ExecutionBaseEvent):
                 "kind": spec.get("names", {}).get("kind", ""),
                 "plural": spec.get("names", {}).get("plural", ""),
                 "scope": spec.get("scope", ""),
+                "createdAt": metadata.get("creationTimestamp", ""),
                 "additionalPrinterColumns": additional_columns
             }
             crd_list.append(crd_info)
@@ -281,19 +284,66 @@ def fetch_cr_instances(event: ExecutionBaseEvent, params: CRInstancesParams):
                 for field in params.fields:
                     # Support nested field paths using dot notation. Remove leading dot if present (JSONPath style)
                     clean_field = field.lstrip('.')
-                    field_parts = clean_field.split(".")
-                    value = item
 
-                    try:
-                        for part in field_parts:
-                            if isinstance(value, dict):
-                                value = value.get(part, None)
+                    # Check if this is a JSONPath filter pattern like "status.conditions[?(@.type == 'Reconciled')].status"
+                    # or "spec.containers[?(@.name == 'main')].image"
+                    # Pattern: (path).(array)[?(@.field == 'value')](.afterField)
+                    filter_pattern = r"^((?:.*?\.)?)([^.\[]+)\[\?\(@\.(\w+)\s*==\s*['\"]([^'\"]+)['\"]\)\](?:\.(.+))?$"
+                    match = re.match(filter_pattern, clean_field)
+
+                    if match:
+                        path_to_array = match.group(1).rstrip('.')  # e.g., "status" or "" (empty for root-level)
+                        array_name = match.group(2)                  # e.g., "conditions", "containers", "volumes"
+                        filter_field = match.group(3)                # e.g., "type", "name", "id"
+                        filter_value = match.group(4)                # e.g., "Reconciled", "main", "data"
+                        field_after = match.group(5)                 # e.g., "status", "image", None
+
+                        try:
+                            value = item
+                            if path_to_array:
+                                for part in path_to_array.split("."):
+                                    if isinstance(value, dict):
+                                        value = value.get(part, None)
+                                    else:
+                                        value = None
+                                        break
+
+                            if value and isinstance(value, dict):
+                                array_items = value.get(array_name, [])
+                            else:
+                                array_items = None
+
+                            if array_items and isinstance(array_items, list):
+                                for array_item in array_items:
+                                    if isinstance(array_item, dict) and array_item.get(filter_field) == filter_value:
+                                        if field_after:
+                                            value = array_item.get(field_after)
+                                        else:
+                                            value = array_item
+                                        break
+                                else:
+                                    value = None
                             else:
                                 value = None
-                                break
-                        instance_info[field] = value
-                    except (KeyError, TypeError):
-                        instance_info[field] = None
+
+                            instance_info[field] = value
+                        except (KeyError, TypeError, AttributeError):
+                            instance_info[field] = None
+                    else:
+                        # Regular dot notation path
+                        field_parts = clean_field.split(".")
+                        value = item
+
+                        try:
+                            for part in field_parts:
+                                if isinstance(value, dict):
+                                    value = value.get(part, None)
+                                else:
+                                    value = None
+                                    break
+                            instance_info[field] = value
+                        except (KeyError, TypeError):
+                            instance_info[field] = None
 
             instance_list.append(instance_info)