feat(probe): send policy data along with policy name in Probe Service

Signed-off-by: daemon1024 <[email protected]>
kubearmor · Aug 2, 2024 · 5454c78 · 5454c78
1 parent 6aecc1a
commit 5454c78
Show file tree

Hide file tree

Showing 6 changed files with 171 additions and 96 deletions.
diff --git a/KubeArmor/core/karmorprobedata.go b/KubeArmor/core/karmorprobedata.go
@@ -5,11 +5,14 @@ package core
 
 import (
 	"context"
+	"encoding/json"
+	"fmt"
 
 	"github.com/golang/protobuf/ptypes/empty"
 	kl "github.com/kubearmor/KubeArmor/KubeArmor/common"
 	cfg "github.com/kubearmor/KubeArmor/KubeArmor/config"
 	tp "github.com/kubearmor/KubeArmor/KubeArmor/types"
+	"github.com/kubearmor/KubeArmor/protobuf"
 	pb "github.com/kubearmor/KubeArmor/protobuf"
 )
 
@@ -89,15 +92,21 @@ func (dm *KubeArmorDaemon) SetProbeContainerData() ([]string, map[string]*pb.Con
 	for _, ep := range dm.EndPoints {
 
 		var policyNames []string
+		var policyData []*protobuf.Policy
 
 		for _, policy := range ep.SecurityPolicies {
 
 			policyNames = append(policyNames, policy.Metadata["policyName"])
+			policyEventData, err := json.Marshal(policy)
+			if err == nil {
+				policyData = append(policyData, &protobuf.Policy{Policy: policyEventData})
+			}
 
 		}
 		containerMap[ep.EndPointName] = &pb.ContainerData{
-			PolicyList:    policyNames,
-			PolicyEnabled: int32(ep.PolicyEnabled),
+			PolicyList:     policyNames,
+			PolicyEnabled:  int32(ep.PolicyEnabled),
+			PolicyListData: policyData,
 		}
 	}
 	dm.EndPointsLock.Unlock()
@@ -113,12 +122,24 @@ func (dm *KubeArmorDaemon) SetProbeContainerData() ([]string, map[string]*pb.Con
 		if val, ok := hostMap[hostName]; ok {
 
 			val.PolicyList = append(val.PolicyList, hp.Metadata["policyName"])
+			policyEventData, err := json.Marshal(hp)
+			if err == nil {
+				dm.Logger.Warnf("adding data for %s", hp.Metadata["policyName"])
+				val.PolicyListData = append(val.PolicyListData, &protobuf.Policy{Policy: policyEventData})
+			} else {
+				dm.Logger.Errf(err.Error())
+			}
+
 			hostMap[hostName] = val
 
 		} else {
-
+			policyEventData, err := json.Marshal(hp)
+			if err != nil {
+				dm.Logger.Errf(err.Error())
+			}
 			hostMap[hostName] = &pb.HostSecurityPolicies{
-				PolicyList: []string{hp.Metadata["policyName"]},
+				PolicyList:     []string{hp.Metadata["policyName"]},
+				PolicyListData: []*protobuf.Policy{{Policy: policyEventData}},
 			}
 
 		}
@@ -133,6 +154,7 @@ func (dm *KubeArmorDaemon) SetProbeContainerData() ([]string, map[string]*pb.Con
 func (p *Probe) GetProbeData(c context.Context, in *empty.Empty) (*pb.ProbeResponse, error) {
 
 	containerList, containerMap, hostMap := p.GetContainerData()
+	fmt.Printf("\n\nProbe called : Host Data %v\n\n", hostMap["pop-os"].PolicyListData)
 	res := &pb.ProbeResponse{
 		ContainerList: containerList,
 		ContainerMap:  containerMap,

diff --git a/KubeArmor/go.mod b/KubeArmor/go.mod
@@ -121,7 +121,7 @@ require (
 	golang.org/x/time v0.5.0 // indirect
 	golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect
 	gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20240725223205-93522f1f2a9f // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240730163845-b1a4ccb954bf // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect

diff --git a/KubeArmor/go.sum b/KubeArmor/go.sum
@@ -341,8 +341,8 @@ gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuB
 google.golang.org/genproto v0.0.0-20231106174013-bbf56f31fb17 h1:wpZ8pe2x1Q3f2KyT5f8oP/fa9rHAKgFPr/HZdNuS+PQ=
 google.golang.org/genproto/googleapis/api v0.0.0-20240528184218-531527333157 h1:7whR9kGa5LUwFtpLm2ArCEejtnxlGeLbAyjFY8sGNFw=
 google.golang.org/genproto/googleapis/api v0.0.0-20240528184218-531527333157/go.mod h1:99sLkeliLXfdj2J75X3Ho+rrVCaJze0uwN7zDDkjPVU=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20240725223205-93522f1f2a9f h1:RARaIm8pxYuxyNPbBQf5igT7XdOyCNtat1qAT2ZxjU4=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20240725223205-93522f1f2a9f/go.mod h1:Ue6ibwXGpU+dqIcODieyLOcgj7z8+IcskoNIgZxtrFY=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20240730163845-b1a4ccb954bf h1:liao9UHurZLtiEwBgT9LMOnKYsHze6eA6w1KQCMVN2Q=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20240730163845-b1a4ccb954bf/go.mod h1:Ue6ibwXGpU+dqIcODieyLOcgj7z8+IcskoNIgZxtrFY=
 google.golang.org/grpc v1.65.0 h1:bs/cUb4lp1G5iImFFd3u5ixQzweKizoZJAwBNLR42lc=
 google.golang.org/grpc v1.65.0/go.mod h1:WgYC2ypjlB0EiQi6wdKixMqukr6lBc0Vo+oOgjrM5ZQ=
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=

diff --git a/protobuf/policy.pb.go b/protobuf/policy.pb.go