Skip to content

Commit

Permalink
feat(crd): support execname in Process spec
Browse files Browse the repository at this point in the history
Signed-off-by: daemon1024 <[email protected]>
  • Loading branch information
daemon1024 committed Mar 6, 2024
1 parent 4248f8b commit 84c907f
Show file tree
Hide file tree
Showing 8 changed files with 28 additions and 14 deletions.
3 changes: 2 additions & 1 deletion KubeArmor/types/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -333,7 +333,8 @@ type MatchSourceType struct {

// ProcessPathType Structure
type ProcessPathType struct {
Path string `json:"path"`
Path string `json:"path,omitempty"`
ExecName string `json:"execname,omitempty"`
OwnerOnly bool `json:"ownerOnly,omitempty"`
FromSource []MatchSourceType `json:"fromSource,omitempty"`

Expand Down
5 changes: 3 additions & 2 deletions deployments/CRD/KubeArmorHostPolicy.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -345,6 +345,9 @@ spec:
- Audit
- Block
type: string
execname:
pattern: ^[^\/]+$
type: string
fromSource:
items:
properties:
Expand All @@ -368,8 +371,6 @@ spec:
items:
type: string
type: array
required:
- path
type: object
type: array
matchPatterns:
Expand Down
5 changes: 3 additions & 2 deletions deployments/CRD/KubeArmorPolicy.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -335,6 +335,9 @@ spec:
- Audit
- Block
type: string
execname:
pattern: ^[^\/]+$
type: string
fromSource:
items:
properties:
Expand All @@ -358,8 +361,6 @@ spec:
items:
type: string
type: array
required:
- path
type: object
type: array
matchPatterns:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,9 @@ type NodeSelectorType struct {
MatchLabels map[string]string `json:"matchLabels,omitempty"`
}

// +kubebuilder:validation:Pattern=^[^\/]+$
type MatchBinType string

// +kubebuilder:validation:Pattern=^\/+.*[^\/]$
type MatchPathType string

Expand All @@ -25,7 +28,11 @@ type MatchSourceType struct {
}

type ProcessPathType struct {
Path MatchPathType `json:"path"`
// +kubebuilder:validation:Optional
Path MatchPathType `json:"path,omitempty"`

// +kubebuilder:validation:Optional
ExecName MatchBinType `json:"execname,omitempty"`

// +kubebuilder:validation:Optional
OwnerOnly bool `json:"ownerOnly,omitempty"`
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -345,6 +345,9 @@ spec:
- Audit
- Block
type: string
execname:
pattern: ^[^\/]+$
type: string
fromSource:
items:
properties:
Expand All @@ -368,8 +371,6 @@ spec:
items:
type: string
type: array
required:
- path
type: object
type: array
matchPatterns:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -335,6 +335,9 @@ spec:
- Audit
- Block
type: string
execname:
pattern: ^[^\/]+$
type: string
fromSource:
items:
properties:
Expand All @@ -358,8 +361,6 @@ spec:
items:
type: string
type: array
required:
- path
type: object
type: array
matchPatterns:
Expand Down
5 changes: 3 additions & 2 deletions pkg/KubeArmorController/crd/KubeArmorHostPolicy.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -345,6 +345,9 @@ spec:
- Audit
- Block
type: string
execname:
pattern: ^[^\/]+$
type: string
fromSource:
items:
properties:
Expand All @@ -368,8 +371,6 @@ spec:
items:
type: string
type: array
required:
- path
type: object
type: array
matchPatterns:
Expand Down
5 changes: 3 additions & 2 deletions pkg/KubeArmorController/crd/KubeArmorPolicy.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -335,6 +335,9 @@ spec:
- Audit
- Block
type: string
execname:
pattern: ^[^\/]+$
type: string
fromSource:
items:
properties:
Expand All @@ -358,8 +361,6 @@ spec:
items:
type: string
type: array
required:
- path
type: object
type: array
matchPatterns:
Expand Down

0 comments on commit 84c907f

Please sign in to comment.