From 9731d07125648a207e48631a42be3b63997b62d4 Mon Sep 17 00:00:00 2001
From: Seungsoo Lee <seungsoo365@gmail.com>
Date: Tue, 10 Aug 2021 11:51:06 +0000
Subject: [PATCH 1/3] Updated minor

---
 src/networkpolicy/networkPolicy.go | 48 ++++++++++++++----------------
 1 file changed, 23 insertions(+), 25 deletions(-)

diff --git a/src/networkpolicy/networkPolicy.go b/src/networkpolicy/networkPolicy.go
index 0bf42efe..ef1b4700 100644
--- a/src/networkpolicy/networkPolicy.go
+++ b/src/networkpolicy/networkPolicy.go
@@ -101,6 +101,28 @@ func init() {
 	NetworkWaitG = sync.WaitGroup{}
 }
 
+func initNetPolicyDiscoveryConfiguration() {
+	CfgDB = cfg.GetCfgDB()
+
+	OneTimeJobTime = cfg.GetCfgNetOneTime()
+
+	OperationTrigger = cfg.GetCfgNetOperationTrigger()
+
+	NetworkLogFrom = cfg.GetCfgNetworkLogFrom()
+	NetworkLogFile = cfg.GetCfgNetworkLogFile()
+	NetworkPolicyTo = cfg.GetCfgNetworkPolicyTo()
+
+	L3DiscoveryLevel = cfg.GetCfgNetworkL3Level()
+	L4DiscoveryLevel = cfg.GetCfgNetworkL4Level()
+	L7DiscoveryLevel = cfg.GetCfgNetworkL7Level()
+
+	CIDRBits = cfg.GetCfgCIDRBits()
+	HTTPThreshold = cfg.GetCfgNetworkHTTPThreshold()
+
+	NetworkLogFilters = cfg.GetCfgNetworkLogFilters()
+	NamespaceFilters = cfg.GetCfgNetworkSkipNamespaces()
+}
+
 // ============================= //
 // == Multi Cluster Variables == //
 // ============================= //
@@ -1491,28 +1513,6 @@ func DiscoverNetworkPolicy(namespace string,
 	return networkPolicies
 }
 
-func initNetPolicyDiscoveryConfiguration() {
-	CfgDB = cfg.GetCfgDB()
-
-	OneTimeJobTime = cfg.GetCfgNetOneTime()
-
-	OperationTrigger = cfg.GetCfgNetOperationTrigger()
-
-	NetworkLogFrom = cfg.GetCfgNetworkLogFrom()
-	NetworkLogFile = cfg.GetCfgNetworkLogFile()
-	NetworkPolicyTo = cfg.GetCfgNetworkPolicyTo()
-
-	L3DiscoveryLevel = cfg.GetCfgNetworkL3Level()
-	L4DiscoveryLevel = cfg.GetCfgNetworkL4Level()
-	L7DiscoveryLevel = cfg.GetCfgNetworkL7Level()
-
-	CIDRBits = cfg.GetCfgCIDRBits()
-	HTTPThreshold = cfg.GetCfgNetworkHTTPThreshold()
-
-	NetworkLogFilters = cfg.GetCfgNetworkLogFilters()
-	NamespaceFilters = cfg.GetCfgNetworkSkipNamespaces()
-}
-
 func DiscoverNetworkPolicyMain() {
 	if NetworkWorkerStatus == STATUS_RUNNING {
 		return
@@ -1568,9 +1568,7 @@ func DiscoverNetworkPolicyMain() {
 			// reset flow id track at each target namespace
 			clearTrackFlowIDMaps()
 
-			// ========================================================= //
-			// == discover network policies based on the network logs == //
-			// ========================================================= //
+			// discover network policies based on the network logs
 			discoveredNetPolicies := DiscoverNetworkPolicy(targetNamespace, namespaceFilteredLogs, services, endpoints, pods)
 
 			// get existing network policies in db

From d34c41438f59ee200b2816921dadcb0a9e254b96 Mon Sep 17 00:00:00 2001
From: Seungsoo Lee <seungsoo365@gmail.com>
Date: Tue, 10 Aug 2021 12:20:43 +0000
Subject: [PATCH 2/3] Updated minor

---
 deployments/k8s/dev-config.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/deployments/k8s/dev-config.yaml b/deployments/k8s/dev-config.yaml
index 5ee703db..d28ea253 100644
--- a/deployments/k8s/dev-config.yaml
+++ b/deployments/k8s/dev-config.yaml
@@ -25,7 +25,7 @@ data:
         system-policy-to: "db|file"               # db, file
         system-policy-dir: "./"
       cluster:
-        cluster-info-from: "accuknox"            # k8sclient|accuknox
+        cluster-info-from: "k8sclient"            # k8sclient|accuknox
         cluster-mgmt-url: "http://cluster-management-service.accuknox-dev-cluster-mgmt.svc.cluster.local/cm"
 
     database:
@@ -39,6 +39,7 @@ data:
       table-network-log: network_log
       table-network-policy: network_policy
       table-system-log: system_log
+      table-system-alert: system_alert
       table-system-policy: system_policy
 
     feed-consumer:

From 8b01b7da5277da95813e33bcbf54881e00923467 Mon Sep 17 00:00:00 2001
From: Seungsoo Lee <seungsoo365@gmail.com>
Date: Thu, 12 Aug 2021 02:03:01 +0000
Subject: [PATCH 3/3] Updated minor

---
 src/conf/local.yaml                  |  2 +-
 src/networkpolicy/helperFunctions.go |  2 +-
 src/server/grpcServer.go             | 10 +++++-----
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/conf/local.yaml b/src/conf/local.yaml
index 7f621cd8..56d0398c 100644
--- a/src/conf/local.yaml
+++ b/src/conf/local.yaml
@@ -9,7 +9,7 @@ application:
     network-policy-to: "db|file"              # db, file
     network-policy-dir: "./"
   system:
-    operation-mode: 2                         # 1: cronjob | 2: one-time-job
+    operation-mode: 1                         # 1: cronjob | 2: one-time-job
     cron-job-time-interval: "0h0m10s"         # format: XhYmZs
     operation-trigger: 100 
     system-log-from: "db"                     # db|kubearmor
diff --git a/src/networkpolicy/helperFunctions.go b/src/networkpolicy/helperFunctions.go
index de63e2be..b5a3b62b 100644
--- a/src/networkpolicy/helperFunctions.go
+++ b/src/networkpolicy/helperFunctions.go
@@ -211,7 +211,7 @@ func getNetworkLogs() []types.KnoxNetworkLog {
 
 		// get flows from hubble relay
 		flows := plugin.GetCiliumFlowsFromHubble(OperationTrigger)
-		if len(flows) == 0 {
+		if len(flows) == 0 || len(flows) < OperationTrigger {
 			return nil
 		}
 
diff --git a/src/server/grpcServer.go b/src/server/grpcServer.go
index c8803271..114b0856 100644
--- a/src/server/grpcServer.go
+++ b/src/server/grpcServer.go
@@ -240,13 +240,13 @@ func GetNewServer() *grpc.Server {
 	if cfg.GetCurrentCfg().ConfigClusterMgmt.ClusterInfoFrom != "k8sclient" {
 		// start consumer automatically
 		feedconsumer.StartConsumer()
+	}
 
-		// start net worker automatically
-		networker.StartNetworkWorker()
+	// start net worker automatically
+	networker.StartNetworkWorker()
 
-		// start sys worker automatically
-		sysworker.StartSystemWorker()
-	}
+	// start sys worker automatically
+	sysworker.StartSystemWorker()
 
 	return s
 }