TODO

[Issif]

I'll use this issue to list the ideas of features, feel free to propose yours and I'll add them if I think they're relevant:

• OpenTelemetry
  • Prometheus metrics
  • Traces
• Authentication:
  • Auth with Token
  • Auth with mTLS
  • TLS (cert + ca)
• dry-run option in the rule
• New Actionners:
  • kubernetes:delete to delete resources other than Pods (secrets/configmaps/deployment/statefulset/replicaset/daemonset)
  • kubernetes:script to run a shell script in a pod
  • kubernetes:disableuser disable a control plane user
  • kubernetes:log get last logs from a pod
  • kubernetes:checkpoint create a checkpoint
  • kubernetes:tshark, kubernetes:tcpdump
  • kubernetes:cordon
  • kubernetes:drain
  • ansible:playbook run an ansible playbook locally/remotely
  • shell:command run a shell command locally
  • shell:script run a shell script locally
  • aws:lambda run an AWS Lambda function
  • aws:cli run an AWS CLI Command (maybe aws:command is a better name?)
  • calico:networkpolicy
  • cilium:networkpolicy
• New Notifiers:
  • Elasticsearch
  • Loki
  • Grafana Annotations
  • Syslog
  • AWS S3
• Improvements
  • Allow to set http method and headers for the notifier webhook
  • Deduplication of received events
  • Allow to specify namespaces in the allow parameter of *:networkpolicy
• UX:
  • Add a debug mode: only display the received event which match, except if debug=true
  • Check the unicity of the rule names
  • Alllow to use env vars for the static configuration
  • Allow sequential actions by rule
  • Allow to specify multiple rule files (with merge + override)
• Docs:
  • Specify required fields in the events for the actionners
• Tests:
  • Unit tests
  • Run the Units tests in GitHub Actions

[Issif]

Replace by an opened discussion #277