-
Notifications
You must be signed in to change notification settings - Fork 80
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
option names for karmor #76
Open
s1ntaxe770r
wants to merge
7
commits into
kubearmor:main
Choose a base branch
from
s1ntaxe770r:main
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Commits on Aug 31, 2022
-
modify option names for karmor
initial sysdump utility Collect required System Information to troubleshoot issues from the various k8s resources available Signed-off-by: Barun Acharya <barun.acharya@accuknox.com> collect logs from kubearmor pod Signed-off-by: Barun Acharya <barun.acharya@accuknox.com> Archive sysdump Create dump files in the temp directory and then archive them into `karmor-sysdump.zip` Signed-off-by: Barun Acharya <barun.acharya@accuknox.com> dump more infromation using exec syscalls added boot-config, ls,m, apparmor, dmesg to dump Signed-off-by: Barun Acharya <barun.acharya@accuknox.com> add timestamp to sysdump archive name Signed-off-by: Barun Acharya <barun.acharya@accuknox.com> copy from inside kubearmor pod * Removed host side deps * Used Remote Command executor for streaming file for sysdump ( inspired from kubectl cp ) * Fixed sec vuln for file permission bits Signed-off-by: Barun Acharya <barun.acharya@accuknox.com> volume mount apparmor.d if not minikube env Signed-off-by: Barun Acharya <barun.acharya@accuknox.com> Add description of annotated pods to sysdump Signed-off-by: Barun Acharya <barun.acharya@accuknox.com> concurrently dump resources Fetch all the resources for sysdump concurrently, if there's an empty dump we return err, else if we have dump but there's an error, we create the partial sysdump and return error. Signed-off-by: Barun Acharya <barun.acharya@accuknox.com> Add pod events to sysdump Signed-off-by: Barun Acharya <barun.acharya@accuknox.com> Add sysdump usage to README Signed-off-by: Barun Acharya <barun.acharya@accuknox.com> update deps updated direct dependencies pinned archiver dep to latest commit to fix vulnerability in a transitive dep Signed-off-by: Barun Acharya <barun.acharya@accuknox.com> add codeql analysis workflow Signed-off-by: Barun Acharya <barun.acharya@accuknox.com> docs: updates README.md Signed-off-by: Thiago Navarro <navarro@accuknox.com> add namespace flag to install and unistall Increase timeout for lint action Add troubleshoot information in log client Failure to connect to log grpc server is mostly due to not port-forwarding, so added relevant commands in the error message for convenience Signed-off-by: Barun Acharya <barun.acharya@accuknox.com> Add eks environment detection Configure daemonset options w.r.t. eks Signed-off-by: Barun Acharya <barun.acharya@accuknox.com> reconfigure daemonset - added k3s support - use maps to store environment specific configuration Signed-off-by: Barun Acharya <barun.acharya@accuknox.com> [VM] Added new command to download vm installation script from kvmsoperator [VM Support]Added option for providing external IP as input Support for VM command : 1. added option to provide namespace 2. option to provide port value Karmor VM support -- Addressed review comments using revive for go-lint [VM Support] Modified code to identify the namespace of kvmservice instead of inputting the same [VM Support] Modified code to identify the namespace of kvmservice instead of inputting the same Fixed protobuf package definition to match the same as KVMService protobuf package Fixed protobuf package definition to match the same as KVMService proto added karmor install --image option fixed lint warnings add GH workflow for just code build fixed gosec issue with kvm option prepare for release 0.3 * cleanup duplicate protobuf * add vm usage to README Signed-off-by: Barun Acharya <barun.acharya@accuknox.com> Modifying/Adding support for karmor to support non-k8s control plane Signed-off-by: Eswar Rajan Subramanian <eswar@accuknox.com> refactor vm policy boilerplate code added argument validation Signed-off-by: daemon1024 <barun.acharya@accuknox.com> Add policy handling mechanism configure gRPC client in kArmor to send host policy event based on argument policy YAML Signed-off-by: daemon1024 <barun.acharya@accuknox.com> Prepare for release 0.4 - Update README with vm related commands - Remove fork based KubeArmor dep - Remove duplicate VM policy subcommand Signed-off-by: daemon1024 <barun.acharya@accuknox.com> fix: fix mounts for minikube Karmor now works with minikube. Signed-off-by: Gaurav Genani <h3llix.pvt@gmail.com> sync with deploygen Signed-off-by: Jaehyun Nam <jn@accuknox.com> add license headers Signed-off-by: Jaehyun Nam <jn@accuknox.com> fix golint issues Signed-off-by: Jaehyun Nam <jn@accuknox.com> clean up whitespaces Signed-off-by: Jaehyun Nam <jn@accuknox.com> add license headers Signed-off-by: Jaehyun Nam <jn@accuknox.com> update Makefile Signed-off-by: Jaehyun Nam <jn@accuknox.com> fix typo Signed-off-by: Jaehyun Nam <jn@accuknox.com> update log Signed-off-by: Jaehyun Nam <jn@accuknox.com> update logClient Signed-off-by: Jaehyun Nam <jn@accuknox.com> Fetch installation deployments from KubeArmor Signed-off-by: daemon1024 <barun.acharya@accuknox.com> new containerImage field added Signed-off-by: Rahul Jadhav <nyrahul@gmail.com> update karmor to use stable KubeArmor release instead of latest Signed-off-by: Ankur Kothiwal <ankur.kothiwal@accuknox.com> update deployment package Signed-off-by: daemon1024 <barun.acharya@accuknox.com> Added new commands and modified existing vm commands for vm onboarding, policy enforcement for nonk8s control plane Signed-off-by: Eswar Rajan Subramanian <eswar@accuknox.com> Signed-off-by: s1ntaxe770r <jubril@accuknox.com>
Configuration menu - View commit details
-
Copy full SHA for 62d76d0 - Browse repository at this point
Copy the full SHA 62d76d0View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7a15ab6 - Browse repository at this point
Copy the full SHA 7a15ab6View commit details -
Configuration menu - View commit details
-
Copy full SHA for a210d93 - Browse repository at this point
Copy the full SHA a210d93View commit details
Commits on Oct 2, 2022
-
Co-authored-by: Rahul Jadhav <nyrahul@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 57ed633 - Browse repository at this point
Copy the full SHA 57ed633View commit details -
Co-authored-by: Rahul Jadhav <nyrahul@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 47e7544 - Browse repository at this point
Copy the full SHA 47e7544View commit details -
Co-authored-by: Rahul Jadhav <nyrahul@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 142f95d - Browse repository at this point
Copy the full SHA 142f95dView commit details -
Co-authored-by: Rahul Jadhav <nyrahul@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 70611af - Browse repository at this point
Copy the full SHA 70611afView commit details
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.