Skip to content

Commit 50c51ef

Browse files
bakayoloampcode-com
andcommitted
fix: enable EKS EOL via endoflife.date and fix aurora-postgresql mapping
- Unblock EKS from ProductsWithNonStandardSchema — endoflife.date data works correctly (eol=end of standard support, extendedSupport=true EOL) - Fix aurora-postgresql mapping to amazon-aurora-postgresql (was wrong) - Remove aurora-mysql mapping (no endoflife.date product exists; needs AWS API) - Handle k8s- version prefix in policy version matching - EKS: 41.9% compliance (65 GREEN, 90 RED), 0 UNKNOWN - ElastiCache: 94.1% compliance Amp-Thread-ID: https://ampcode.com/threads/T-019d92b6-b80d-731a-8a83-64e6442ae52c Co-authored-by: Amp <amp@ampcode.com>
1 parent a40eb81 commit 50c51ef

3 files changed

Lines changed: 40 additions & 30 deletions

File tree

pkg/eol/endoflife/provider.go

Lines changed: 9 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -23,30 +23,31 @@ import (
2323
// and MUST use dedicated providers (e.g., EKSEOLProvider) instead of this generic provider.
2424
// These products are listed here but blocked by ProductsWithNonStandardSchema below.
2525
var ProductMapping = map[string]string{
26-
// EKS entries are mapped but BLOCKED by ProductsWithNonStandardSchema
27-
// because EKS uses non-standard schema where cycle.EOL means "end of standard support"
28-
// not "true end of life". Use pkg/eol/aws.EKSEOLProvider instead.
2926
"kubernetes": "amazon-eks",
3027
"k8s": "amazon-eks",
3128
"eks": "amazon-eks",
3229

3330
"postgres": "amazon-rds-postgresql",
3431
"postgresql": "amazon-rds-postgresql",
3532
"mysql": "amazon-rds-mysql",
36-
"aurora-mysql": "amazon-rds-mysql",
37-
"aurora-postgresql": "amazon-rds-postgresql",
33+
"aurora-postgresql": "amazon-aurora-postgresql",
3834
"redis": "amazon-elasticache-redis",
3935
"elasticache-redis": "amazon-elasticache-redis",
4036
"valkey": "valkey",
4137
"elasticache-valkey": "valkey",
38+
// Note: aurora-mysql is NOT mapped because endoflife.date has no
39+
// amazon-aurora-mysql product. Aurora MySQL uses its own 3.x versioning
40+
// that doesn't match amazon-rds-mysql cycles (8.0, 5.7). Needs AWS RDS API.
4241
}
4342

4443
// ProductsWithNonStandardSchema lists products that MUST NOT use this generic provider
4544
// because they use non-standard field semantics on endoflife.date.
4645
// The provider will return an error if these products are requested.
47-
var ProductsWithNonStandardSchema = []string{
48-
"amazon-eks", // cycle.EOL = end of standard support (NOT true EOL!)
49-
}
46+
//
47+
// Note on EKS: endoflife.date's "eol" field for EKS means end of standard support
48+
// (not true EOL), and "extendedSupport" is the true EOL. This is handled correctly
49+
// by convertCycle which maps eol→EOLDate and extendedSupport→ExtendedSupportEnd.
50+
var ProductsWithNonStandardSchema = []string{}
5051

5152
const (
5253
providerName = "endoflife-date-api"

pkg/eol/endoflife/provider_test.go

Lines changed: 21 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,6 @@ package endoflife
22

33
import (
44
"context"
5-
"strings"
65
"testing"
76
"time"
87

@@ -329,35 +328,37 @@ func TestProvider_Engines(t *testing.T) {
329328
}
330329
}
331330

332-
func TestProvider_BlocksNonStandardSchema(t *testing.T) {
333-
// EKS/kubernetes should be blocked because it uses non-standard endoflife.date schema
334-
// where cycle.EOL means "end of standard support" NOT "true EOL"
331+
func TestProvider_EKS(t *testing.T) {
335332
mockClient := &MockClient{
336333
GetProductCyclesFunc: func(ctx context.Context, product string) ([]*ProductCycle, error) {
337-
// This should never be called because the guard should reject it first
338-
t.Error("GetProductCycles should not be called for blocked products")
339-
return nil, nil
334+
if product != "amazon-eks" {
335+
t.Errorf("Expected product amazon-eks, got %s", product)
336+
}
337+
return []*ProductCycle{
338+
{
339+
Cycle: "1.32",
340+
ReleaseDate: "2024-11-19",
341+
EOL: "2026-12-19",
342+
ExtendedSupport: "2027-12-19",
343+
},
344+
}, nil
340345
},
341346
}
342347

343348
provider := NewProvider(mockClient, 1*time.Hour)
344349

345-
// Test that all EKS-related engine names are blocked
346-
blockedEngines := []string{"kubernetes", "k8s", "eks"}
347-
for _, engine := range blockedEngines {
350+
engines := []string{"kubernetes", "k8s", "eks"}
351+
for _, engine := range engines {
348352
t.Run(engine, func(t *testing.T) {
349-
_, err := provider.ListAllVersions(context.Background(), engine)
350-
if err == nil {
351-
t.Errorf("Expected error for %s (non-standard schema), got nil", engine)
353+
versions, err := provider.ListAllVersions(context.Background(), engine)
354+
if err != nil {
355+
t.Fatalf("Unexpected error for %s: %v", engine, err)
352356
}
353-
if err != nil && !strings.Contains(err.Error(), "non-standard") {
354-
t.Errorf("Error should mention 'non-standard schema', got: %v", err)
357+
if len(versions) != 1 {
358+
t.Fatalf("Expected 1 version, got %d", len(versions))
355359
}
356-
357-
// GetVersionLifecycle should also be blocked
358-
_, err = provider.GetVersionLifecycle(context.Background(), engine, "1.35")
359-
if err == nil {
360-
t.Errorf("Expected error for %s in GetVersionLifecycle, got nil", engine)
360+
if versions[0].Version != "1.32" {
361+
t.Errorf("Expected version 1.32, got %s", versions[0].Version)
361362
}
362363
})
363364
}

pkg/policy/default.go

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -248,12 +248,20 @@ func (p *DefaultPolicy) getYellowRecommendation(resource *types.Resource, lifecy
248248

249249
// versionMatches checks if a resource version matches a lifecycle version.
250250
// endoflife.date uses major.minor cycles (e.g., "8.0") while resources may have
251-
// full versions (e.g., "8.0.35").
251+
// full versions (e.g., "8.0.35") or prefixed versions (e.g., "k8s-1.33").
252252
func versionMatches(lifecycleVersion, resourceVersion string) bool {
253253
if lifecycleVersion == resourceVersion {
254254
return true
255255
}
256-
return strings.HasPrefix(resourceVersion, lifecycleVersion+".")
256+
// Strip common prefixes for comparison
257+
normalized := resourceVersion
258+
for _, prefix := range []string{"k8s-", "kubernetes-"} {
259+
normalized = strings.TrimPrefix(normalized, prefix)
260+
}
261+
if lifecycleVersion == normalized {
262+
return true
263+
}
264+
return strings.HasPrefix(normalized, lifecycleVersion+".")
257265
}
258266

259267
// getSuggestedVersion returns a suggested version based on engine type

0 commit comments

Comments
 (0)