Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

in terms of npx pepr monitor we need to check if there is a way to include a name when it is empty string #892

Closed
2 tasks
cmwylie19 opened this issue Jun 13, 2024 · 2 comments
Closed
2 tasks

in terms of npx pepr monitor we need to check if there is a way to include a name when it is empty string #892

cmwylie19 opened this issue Jun 13, 2024 · 2 comments
Labels
enhancement New feature or request uds Tracked by UDS project. Adds to UDS Inbox when applied.
Milestone
v0.32.4

Comments

@cmwylie19
Copy link
Collaborator

cmwylie19 commented Jun 13, 2024
edited
Loading

Is your feature request related to a problem? Please describe.

Try and make sure every log line in npx pepr monitor contains the name of the AdmissionReview object if possible incurring overhead that would make the command less meaningful.

 ✓ ALLOWED   gitlab/gitlab-gitaly-0 (repeated 11 times)
 ✎ MUTATED   gitlab
   ADDED:
             /spec/securityContext/runAsNonRoot=true
             /spec/securityContext/runAsGroup=1000
             /spec/containers/1/securityContext/capabilities={"drop":["ALL"]}
             /spec/initContainers/1/securityContext={"capabilities":{"drop":["ALL"]}}
             /spec/initContainers/0/securityContext={"capabilities":{"drop":["ALL"]}}
             /metadata/annotations/uds-core.pepr.dev~1uds-core-policies="succeeded"
             /metadata/annotations/uds-core.pepr.dev~1mutated="[\"require-non-root-user\",\"drop-all-capabilities\"]"
 ✓ ALLOWED   gitlab/gitlab-gitlab-shell-794495d496-7ft6t (repeated 11 times)
 ✎ MUTATED   gitlab
   ADDED:
             /spec/securityContext/runAsNonRoot=true
             /spec/containers/1/securityContext/capabilities={"drop":["ALL"]}
             /spec/initContainers/1/securityContext={"capabilities":{"drop":["ALL"]}}
             /spec/initContainers/0/securityContext={"capabilities":{"drop":["ALL"]}}
             /metadata/annotations/uds-core.pepr.dev~1uds-core-policies="succeeded"
             /metadata/annotations/uds-core.pepr.dev~1mutated="[\"require-non-root-user\",\"drop-all-capabilities\"]"
 ✓ ALLOWED   gitlab/gitlab-toolbox-5448b9fc99-rf7rf (repeated 11 times)
 ✎ MUTATED   gitlab
   ADDED:
             /spec/securityContext/runAsNonRoot=true
             /spec/securityContext/runAsGroup=1000
             /spec/containers/2/securityContext={"capabilities":{"drop":["ALL"]}}
             /spec/containers/1/securityContext/capabilities={"drop":["ALL"]}
             /spec/initContainers/2/securityContext={"capabilities":{"drop":["ALL"]}}
             /spec/initContainers/1/securityContext={"capabilities":{"drop":["ALL"]}}
             /spec/initContainers/0/securityContext={"capabilities":{"drop":["ALL"]}}
             /metadata/annotations/uds-core.pepr.dev~1uds-core-policies="succeeded"
             /metadata/annotations/uds-core.pepr.dev~1mutated="[\"require-non-root-user\",\"drop-all-capabilities\"]"
 ✓ ALLOWED   gitlab/gitlab-webservice-default-554f6f7dc6-4w6cc (repeated 11 times)
 ✎ MUTATED   gitlab
   ADDED:
             /spec/securityContext/runAsNonRoot=true
             /spec/securityContext/runAsGroup=1000
             /spec/containers/1/securityContext/capabilities={"drop":["ALL"]}
             /spec/initContainers/2/securityContext={"capabilities":{"drop":["ALL"]}}
             /spec/initContainers/1/securityContext={"capabilities":{"drop":["ALL"]}}
             /spec/initContainers/0/securityContext={"capabilities":{"drop":["ALL"]}}
             /metadata/annotations/uds-core.pepr.dev~1uds-core-policies="succeeded"
             /metadata/annotations/uds-core.pepr.dev~1mutated="[\"require-non-root-user\",\"drop-all-capabilities\"]"
 ✓ ALLOWED   gitlab/gitlab-sidekiq-all-in-1-v2-59b76b5679-dm6gr (repeated 11 times)
 ✎ MUTATED   gitlab
   ADDED:
             /spec/securityContext/runAsNonRoot=true
             /spec/securityContext/runAsGroup=1000
             /spec/containers/2/securityContext={"capabilities":{"drop":["ALL"]}}
             /spec/containers/1/securityContext/capabilities={"drop":["ALL"]}
             /spec/initContainers/2/securityContext={"capabilities":{"drop":["ALL"]}}
             /spec/initContainers/1/securityContext={"capabilities":{"drop":["ALL"]}}
             /spec/initContainers/0/securityContext={"capabilities":{"drop":["ALL"]}}
             /metadata/annotations/uds-core.pepr.dev~1uds-core-policies="succeeded"
             /metadata/annotations/uds-core.pepr.dev~1mutated="[\"require-non-root-user\",\"drop-all-capabilities\"]"
 ✓ ALLOWED   gitlab/gitlab-webservice-default-554f6f7dc6-9n8tf (repeated 11 times)

related to:

pepr/src/lib/k8s.ts

Line 66 in 9db7e06

* Name is the name of the object as presented in the request. On a CREATE operation, the client may omit name and 

  /**
   * Name is the name of the object as presented in the request. On a CREATE operation, the client may omit name and
   * rely on the server to generate the name. If that is the case, this method will return the empty string.
   */

Thread for context

DOD:

  • Can do/Can't do
  • Assign a name if possible

Maybe a placeholder name. Something to make it obvious there is not a name yet but there will be.

Describe the solution you'd like

  • Given a log line does not have a name
  • When npx pepr monitor is issued
  • Then we try to ensure all log lines have names

Describe alternatives you've considered

(optional) A clear and concise description of any alternative solutions or features you've considered.

Additional context

Slack Context
@cmwylie19 cmwylie19 added enhancement New feature or request uds Tracked by UDS project. Adds to UDS Inbox when applied. labels Jun 13, 2024
@cmwylie19 cmwylie19 added this to the v0.33.0 milestone Jun 17, 2024
@cmwylie19 cmwylie19 self-assigned this Jun 20, 2024
@cmwylie19
Copy link
Collaborator Author

Currently not seeing this happening anymore.

└─[130] <git:(main bbedaaa) > ./uds-cli monitor pepr 

 NOTE  Saving log file to
       /var/folders/v0/slmrzc4s6kx4n7jb77ch9fc80000gn/T/uds-2024-06-20-14-17-28-2706342275.log


 ✓ ALLOWED   pepr-demo-2/kube-root-ca.crt

 ✎ MUTATED   pepr-demo-2/pepr-demo-2         
   ADDED:
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"

 ✓ ALLOWED   pepr-demo-2/kube-root-ca.crt

 ✓ ALLOWED   pepr-demo-2/pepr-ssa-demo

 ✓ ALLOWED   pepr-demo/example-evil-cm

 ✗ DENIED    pepr-demo/example-evil-cm                                            
             No evil CM annotations allowed.

 ✎ MUTATED   pepr-demo/secret-1            
   REPLACED:
             /data/example="dW5pY29ybiBtYWdpYyAtIG1vZGlmaWVkIGJ5IFBlcHI="         
   ADDED:
             /data/magic="Y2hhbmdlLXdpdGhvdXQtZW5jb2Rpbmc="
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"

 ✓ ALLOWED   pepr-demo-2/pepr-ssa-demo

 ✎ MUTATED   pepr-demo/example-1         
   ADDED:
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"
             /metadata/annotations/pepr.dev="annotations-work-too"
             /metadata/labels={"pepr":"was-here"}

 ✓ ALLOWED   pepr-demo/example-1

 ✎ MUTATED   pepr-demo/example-2         
   ADDED:
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"
             /metadata/annotations/pepr.dev="annotations-work-too"
             /metadata/labels={"pepr":"was-here"}

 ✓ ALLOWED   pepr-demo/example-2 (repeated 1 time)

 ✓ ALLOWED   pepr-demo/example-evil-cm

 ✗ DENIED    pepr-demo/example-evil-cm                                            
             No evil CM annotations allowed.

 ✎ MUTATED   pepr-demo/example-3         
   ADDED:
             /data/username="system:admin"
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"
             /metadata/annotations/pepr.dev="making-waves"

 ✓ ALLOWED   pepr-demo/example-3

 ✎ MUTATED   pepr-demo/example-4         
   ADDED:
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"
             /metadata/labels={"pepr.dev/first":"true","pepr.dev/second":"true","pepr.dev/third":"true"}

 ✓ ALLOWED   pepr-demo/example-4

 ✎ MUTATED   pepr-demo-2/example-4a         
   ADDED:
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"
             /metadata/labels={"pepr.dev/first":"true","pepr.dev/second":"true","pepr.dev/third":"true"}

 ✓ ALLOWED   pepr-demo-2/example-4a

 ✎ MUTATED   pepr-demo/example-5         
   ADDED:
             /data/chuck-says="What did the Buffalo say to his little boy when he dropped him off at school? Bison."
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"

 ✓ ALLOWED   pepr-demo/example-5

 ✓ ALLOWED   pepr-demo/example-2 (repeated 1 time)

 ✎ MUTATED   pepr-demo/example-2         
   ADDED:
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"
             /metadata/annotations/pepr.dev="annotations-work-too"
             /metadata/labels={"pepr":"was-here"}

 ✓ ALLOWED   pepr-demo/example-2 (repeated 1 time)

 ✎ MUTATED   pepr-demo/example-2         
   ADDED:
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"
             /metadata/annotations/pepr.dev="annotations-work-too"
             /metadata/labels={"pepr":"was-here"}

 ✎ MUTATED   pepr-demo/pepr-demo         
   ADDED:
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"           
   REMOVED:
              /metadata/labels/remove-me%!(EXTRA string=)

 ✓ ALLOWED   pepr-demo/kube-root-ca.crt

 ✎ MUTATED   pepr-demo-2/pepr-demo-2         
   ADDED:
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"

 ✓ ALLOWED   pepr-demo-2/kube-root-ca.crt

 ✎ MUTATED   pepr-demo/secret-1            
   REPLACED:
             /data/example="dW5pY29ybiBtYWdpYyAtIG1vZGlmaWVkIGJ5IFBlcHI="         
   ADDED:
             /data/magic="Y2hhbmdlLXdpdGhvdXQtZW5jb2Rpbmc="
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"

 ✓ ALLOWED   pepr-demo-2/pepr-ssa-demo

 ✎ MUTATED   pepr-demo/example-1         
   ADDED:
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"
             /metadata/annotations/pepr.dev="annotations-work-too"
             /metadata/labels={"pepr":"was-here"}

 ✎ MUTATED   pepr-demo/example-2         
   ADDED:
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"
             /metadata/annotations/pepr.dev="annotations-work-too"
             /metadata/labels={"pepr":"was-here"}

 ✓ ALLOWED   pepr-demo/example-evil-cm

 ✎ MUTATED   pepr-demo/example-3         
   ADDED:
             /data/username="system:admin"
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"
             /metadata/annotations/pepr.dev="making-waves"

 ✎ MUTATED   pepr-demo/example-4         
   ADDED:
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"
             /metadata/labels={"pepr.dev/first":"true","pepr.dev/second":"true","pepr.dev/third":"true"}

 ✎ MUTATED   pepr-demo-2/example-4a         
   ADDED:
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"
             /metadata/labels={"pepr.dev/first":"true","pepr.dev/second":"true","pepr.dev/third":"true"}

 ✎ MUTATED   pepr-demo/example-5         
   ADDED:
             /data/chuck-says="I started a new business making yachts in my attic this year...the sails are going through the roof"
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"

 ✓ ALLOWED   pepr-demo/example-3

 ✓ ALLOWED   pepr-demo/kube-root-ca.crt

 ✓ ALLOWED   pepr-demo-2/kube-root-ca.crt

 ✓ ALLOWED   pepr-demo-2/pepr-ssa-demo

 ✓ ALLOWED   pepr-demo/example-1

 ✓ ALLOWED   pepr-demo/example-2 (repeated 1 time)

 ✗ DENIED    pepr-demo/example-evil-cm                                            
             No evil CM annotations allowed.

 ✓ ALLOWED   pepr-demo/example-3

 ✓ ALLOWED   pepr-demo/example-4

 ✓ ALLOWED   pepr-demo-2/example-4a

 ✓ ALLOWED   pepr-demo/example-5

 ✎ MUTATED   pepr-demo/pepr-demo         
   ADDED:
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"           
   REMOVED:
              /metadata/labels/remove-me%!(EXTRA string=)

 ✓ ALLOWED   pepr-demo/kube-root-ca.crt

 ✎ MUTATED   pepr-demo-2/pepr-demo-2         
   ADDED:
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"

 ✓ ALLOWED   pepr-demo-2/kube-root-ca.crt

 ✎ MUTATED   pepr-demo/secret-1         
   ADDED:
             /data/magic="Y2hhbmdlLXdpdGhvdXQtZW5jb2Rpbmc="
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"            
   REPLACED:
             /data/example="dW5pY29ybiBtYWdpYyAtIG1vZGlmaWVkIGJ5IFBlcHI="

 ✎ MUTATED   pepr-demo/example-1         
   ADDED:
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"
             /metadata/annotations/pepr.dev="annotations-work-too"
             /metadata/labels={"pepr":"was-here"}

 ✎ MUTATED   pepr-demo/example-2         
   ADDED:
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"
             /metadata/annotations/pepr.dev="annotations-work-too"
             /metadata/labels={"pepr":"was-here"}

 ✓ ALLOWED   pepr-demo/example-evil-cm

 ✎ MUTATED   pepr-demo/example-3         
   ADDED:
             /data/username="system:admin"
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"
             /metadata/annotations/pepr.dev="making-waves"

 ✎ MUTATED   pepr-demo/example-4         
   ADDED:
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"
             /metadata/labels={"pepr.dev/first":"true","pepr.dev/second":"true","pepr.dev/third":"true"}

 ✎ MUTATED   pepr-demo-2/example-4a         
   ADDED:
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"
             /metadata/labels={"pepr.dev/first":"true","pepr.dev/second":"true","pepr.dev/third":"true"}

 ✎ MUTATED   pepr-demo/example-5         
   ADDED:
             /data/chuck-says="How do you make Lady Gaga cry? Poker face. "
             /metadata/annotations/static-test.pepr.dev~1hello-pepr="succeeded"

 ✓ ALLOWED   pepr-demo/example-3

 ✓ ALLOWED   pepr-demo/kube-root-ca.crt

 ✓ ALLOWED   pepr-demo-2/kube-root-ca.crt

 ✓ ALLOWED   pepr-demo/example-1

 ✓ ALLOWED   pepr-demo/example-2 (repeated 1 time)

 ✗ DENIED    pepr-demo/example-evil-cm                                            
             No evil CM annotations allowed.

 ✓ ALLOWED   pepr-demo/example-3

 ✓ ALLOWED   pepr-demo/example-4

 ✓ ALLOWED   pepr-demo-2/example-4a

 ✓ ALLOWED   pepr-demo/example-5%

@cmwylie19 cmwylie19 removed their assignment Jun 20, 2024
@cmwylie19
Copy link
Collaborator Author

closing this seems like it was fixed in UDS CLI, reached back out in slack and receieved no answer and chatted with Gedd who is not aware of a continued problem. If this pops back up we will re-open

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request uds Tracked by UDS project. Adds to UDS Inbox when applied.
Projects
Pepr Project Board
Archived in project
Milestone
v0.32.4
Development

No branches or pull requests
1 participant
@cmwylie19