From 26a3850313778fc350d7d99dd39e7d1f5943d441 Mon Sep 17 00:00:00 2001 From: Anurag Rajawat Date: Wed, 18 Oct 2023 21:27:03 +0530 Subject: [PATCH 1/2] feat: Add support for microshift Signed-off-by: Anurag Rajawat --- pkg/KubeArmorController/handlers/pod_mutation.go | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/pkg/KubeArmorController/handlers/pod_mutation.go b/pkg/KubeArmorController/handlers/pod_mutation.go index a4341951e5..2d2d98cfba 100644 --- a/pkg/KubeArmorController/handlers/pod_mutation.go +++ b/pkg/KubeArmorController/handlers/pod_mutation.go @@ -58,9 +58,7 @@ func (a *PodAnnotator) Handle(ctx context.Context, req admission.Request) admiss // == LSM == // - if a.Enforcer == "" || a.Enforcer == "SELinux" { - pod.Annotations["kubearmor-policy"] = "audited" - } else if a.Enforcer == "AppArmor" { + if a.Enforcer == "AppArmor" { appArmorAnnotator(pod) } From 8e77814a9c0299641edc9cbe901d14e7579bd549 Mon Sep 17 00:00:00 2001 From: Anurag Rajawat Date: Wed, 18 Oct 2023 21:58:23 +0530 Subject: [PATCH 2/2] docs: Update support matrix for MicroShift Signed-off-by: Anurag Rajawat --- getting-started/support_matrix.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/getting-started/support_matrix.md b/getting-started/support_matrix.md index c8b7efeab0..9791fd5125 100644 --- a/getting-started/support_matrix.md +++ b/getting-started/support_matrix.md @@ -25,6 +25,7 @@ KubeArmor supports following types of workloads: | AWS | [Graviton] | Amazon Linux 2 | ARM | :heavy_check_mark: | :heavy_check_mark: | :x: | :heavy_check_mark: | SELinux | | RedHat | [OpenShift] | [RHEL] <=8.4 | x86_64 | :heavy_check_mark: | :heavy_check_mark: | :x: | :heavy_check_mark: | SELinux | | RedHat | [OpenShift] | [RHEL] >=8.5 | x86_64 | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | [BPFLSM] | +| RedHat | [MicroShift] | [RHEL] >=9.2 | x86_64 | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | [BPFLSM] | | Rancher | [RKE] | [SUSE] | x86_64 | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | [BPFLSM], AppArmor | | Rancher | [K3S] | [Distros] | x86_64 | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | [BPFLSM], AppArmor | | Oracle | [Ampere] | [UEK] | ARM | :heavy_check_mark: | :heavy_check_mark: | :x: | :heavy_check_mark: | SELinux | [1084] | @@ -41,6 +42,7 @@ KubeArmor supports following types of workloads: [GKE-REL]: https://cloud.google.com/kubernetes-engine/docs/concepts/release-channels [bottlerocket]: https://github.com/bottlerocket-os/bottlerocket#bottlerocket-os [OPENSHIFT]: https://www.redhat.com/en/technologies/cloud-computing/openshift +[MicroShift]: https://microshift.io/ [SUSE]: https://www.suse.com/ [RHEL]: https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux [RKE]: https://rancher.com/docs/rke/latest/en/