owner info fixes

Signed-off-by: Prateek Nandle <[email protected]>
Shreyas220 · May 24, 2024 · 3adf0b0 · 3adf0b0
1 parent 0503141
commit 3adf0b0
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 0 deletions.
diff --git a/KubeArmor/core/k8sHandler.go b/KubeArmor/core/k8sHandler.go
@@ -591,6 +591,24 @@ func getTopLevelOwner(obj metav1.ObjectMeta, namespace string, objkind string) (
 		if len(pod.OwnerReferences) > 0 {
 			return getTopLevelOwner(pod.ObjectMeta, namespace, "Pod")
 		}
+	case "Job":
+		job, err := K8s.K8sClient.BatchV1().Jobs(namespace).Get(context.Background(), ownerRef.Name, metav1.GetOptions{})
+		if err != nil {
+			return "", "", "", err
+		}
+		if len(job.OwnerReferences) > 0 {
+			return getTopLevelOwner(job.ObjectMeta, namespace, "CronJob")
+		}
+		return job.Name, "Job", job.Namespace, nil
+	case "CronJob":
+		cronJob, err := K8s.K8sClient.BatchV1().CronJobs(namespace).Get(context.Background(), ownerRef.Name, metav1.GetOptions{})
+		if err != nil {
+			return "", "", "", err
+		}
+		if len(cronJob.OwnerReferences) > 0 {
+			return getTopLevelOwner(cronJob.ObjectMeta, namespace, "CronJob")
+		}
+		return cronJob.Name, "CronJob", cronJob.Namespace, nil
 	case "Deployment":
 		deployment, err := K8s.K8sClient.AppsV1().Deployments(namespace).Get(context.Background(), ownerRef.Name, metav1.GetOptions{})
 		if err != nil {

diff --git a/KubeArmor/core/kubeUpdate.go b/KubeArmor/core/kubeUpdate.go
@@ -763,6 +763,22 @@ func (dm *KubeArmorDaemon) WatchK8sPods() {
 								}
 							}
 
+						} else if dm.OwnerInfo[pod.Metadata["podName"]].Ref == "Job" {
+							job, err := K8s.K8sClient.BatchV1().Jobs(pod.Metadata["namespaceName"]).Get(context.Background(), podOwnerName, metav1.GetOptions{})
+							if err == nil {
+								for _, c := range job.Spec.Template.Spec.Containers {
+									containers = append(containers, c.Name)
+								}
+							}
+
+						} else if dm.OwnerInfo[pod.Metadata["podName"]].Ref == "CronJob" {
+							cronJob, err := K8s.K8sClient.BatchV1().CronJobs(pod.Metadata["namespaceName"]).Get(context.Background(), podOwnerName, metav1.GetOptions{})
+							if err == nil {
+								for _, c := range cronJob.Spec.JobTemplate.Spec.Template.Spec.Containers {
+									containers = append(containers, c.Name)
+								}
+							}
+
 						}
 
 					}