initial sysdump utility

Collect required System Information to troubleshoot issues from the various k8s resources available

Signed-off-by: Barun Acharya <barun.acharya@accuknox.com>

collect logs from kubearmor pod

Signed-off-by: Barun Acharya <barun.acharya@accuknox.com>

Archive sysdump

Create dump files in the temp directory and then archive them into `karmor-sysdump.zip`

Signed-off-by: Barun Acharya <barun.acharya@accuknox.com>

dump more infromation using exec syscalls

added boot-config, ls,m, apparmor, dmesg to dump

Signed-off-by: Barun Acharya <barun.acharya@accuknox.com>

add timestamp to sysdump archive name

Signed-off-by: Barun Acharya <barun.acharya@accuknox.com>

copy from inside kubearmor pod

* Removed host side deps
* Used Remote Command executor for streaming file for sysdump ( inspired from kubectl cp )
* Fixed sec vuln for file permission bits

Signed-off-by: Barun Acharya <barun.acharya@accuknox.com>

volume mount apparmor.d if not minikube env

Signed-off-by: Barun Acharya <barun.acharya@accuknox.com>

Add description of annotated pods to sysdump

Signed-off-by: Barun Acharya <barun.acharya@accuknox.com>

concurrently dump resources

Fetch all the resources for sysdump concurrently, if there's an empty dump we return err, else if we have dump but there's an error, we create the partial sysdump and return error.

Signed-off-by: Barun Acharya <barun.acharya@accuknox.com>

Add pod events to sysdump

Signed-off-by: Barun Acharya <barun.acharya@accuknox.com>

Add sysdump usage to README

Signed-off-by: Barun Acharya <barun.acharya@accuknox.com>

update deps

updated direct dependencies
pinned archiver dep to latest commit to fix vulnerability in a transitive dep

Signed-off-by: Barun Acharya <barun.acharya@accuknox.com>

add codeql analysis workflow

Signed-off-by: Barun Acharya <barun.acharya@accuknox.com>

docs: updates README.md

Signed-off-by: Thiago Navarro <navarro@accuknox.com>

add namespace flag to install and unistall

Increase timeout for lint action

Add troubleshoot information in log client

Failure to connect to log grpc server is mostly due to not port-forwarding, so added relevant commands in the error message for convenience

Signed-off-by: Barun Acharya <barun.acharya@accuknox.com>

Add eks environment detection

Configure daemonset options w.r.t. eks

Signed-off-by: Barun Acharya <barun.acharya@accuknox.com>

reconfigure daemonset

- added k3s support
- use maps to store environment specific configuration

Signed-off-by: Barun Acharya <barun.acharya@accuknox.com>

[VM] Added new command to download vm installation script from kvmsoperator

[VM Support]Added option for providing external IP as input

Support for VM command :
1. added option to provide namespace
2. option to provide port value

Karmor VM support -- Addressed review comments

using revive for go-lint

[VM Support] Modified code to identify the namespace of kvmservice instead of inputting the same

[VM Support] Modified code to identify the namespace of kvmservice instead of inputting the same

Fixed protobuf package definition to match the same as KVMService protobuf package

Fixed protobuf package definition to match the same as KVMService proto

added karmor install --image option

fixed lint warnings

add GH workflow for just code build

fixed gosec issue with kvm option

prepare for release 0.3

* cleanup duplicate protobuf
* add vm usage to README

Signed-off-by: Barun Acharya <barun.acharya@accuknox.com>

Modifying/Adding support for karmor to support non-k8s control plane

Signed-off-by: Eswar Rajan Subramanian <eswar@accuknox.com>

refactor vm policy boilerplate code

added argument validation

Signed-off-by: daemon1024 <barun.acharya@accuknox.com>

Add policy handling mechanism

configure gRPC client in kArmor to send host policy event based on argument policy YAML

Signed-off-by: daemon1024 <barun.acharya@accuknox.com>

Prepare for release 0.4

- Update README with vm related commands
- Remove fork based KubeArmor dep
- Remove duplicate VM policy subcommand

Signed-off-by: daemon1024 <barun.acharya@accuknox.com>

fix: fix mounts for minikube

Karmor now works with minikube.

Signed-off-by: Gaurav Genani <h3llix.pvt@gmail.com>

sync with deploygen

Signed-off-by: Jaehyun Nam <jn@accuknox.com>

add license headers

Signed-off-by: Jaehyun Nam <jn@accuknox.com>

fix golint issues

Signed-off-by: Jaehyun Nam <jn@accuknox.com>

clean up whitespaces

Signed-off-by: Jaehyun Nam <jn@accuknox.com>

add license headers

Signed-off-by: Jaehyun Nam <jn@accuknox.com>

update Makefile

Signed-off-by: Jaehyun Nam <jn@accuknox.com>

fix typo

Signed-off-by: Jaehyun Nam <jn@accuknox.com>

update log

Signed-off-by: Jaehyun Nam <jn@accuknox.com>

update logClient

Signed-off-by: Jaehyun Nam <jn@accuknox.com>

Fetch installation deployments from KubeArmor

Signed-off-by: daemon1024 <barun.acharya@accuknox.com>

new containerImage field added

Signed-off-by: Rahul Jadhav <nyrahul@gmail.com>

update karmor to use stable KubeArmor release instead of latest

Signed-off-by: Ankur Kothiwal <ankur.kothiwal@accuknox.com>

update deployment package

Signed-off-by: daemon1024 <barun.acharya@accuknox.com>

Added new commands and modified existing vm commands for vm onboarding,
policy enforcement for nonk8s control plane

Signed-off-by: Eswar Rajan Subramanian <eswar@accuknox.com>
Signed-off-by: s1ntaxe770r <jubril@accuknox.com>

Signed-off-by: s1ntaxe770r <jubril@accuknox.com>

Co-authored-by: Rahul Jadhav <nyrahul@gmail.com>

Co-authored-by: Rahul Jadhav <nyrahul@gmail.com>

Co-authored-by: Rahul Jadhav <nyrahul@gmail.com>

Co-authored-by: Rahul Jadhav <nyrahul@gmail.com>