new commit

Signed-off-by: Aryan-sharma11 <[email protected]>
Aryan-sharma11 · Sep 5, 2023 · b306fe7 · b306fe7
1 parent 134ad50
commit b306fe7
Show file tree

Hide file tree

Showing 2 changed files with 111 additions and 68 deletions.
diff --git a/probe/print.go b/probe/print.go
@@ -114,3 +114,19 @@ func printAnnotatedPods(podData [][]string) {
 	table.SetAutoMergeCellsByColumnIndex([]int{0, 1, 2})
 	table.Render()
 }
+func printPodsSystemd(podData [][]string) {
+	_, err := boldWhite.Printf("Armored Up pods : \n")
+	if err != nil {
+		color.Red(" Error printing bold text")
+	}
+
+	table := tablewriter.NewWriter(os.Stdout)
+	table.SetHeader([]string{"Container Name", "POLICY"})
+	for _, v := range podData {
+		table.Append(v)
+	}
+	table.SetRowLine(true)
+	table.SetAutoMergeCellsByColumnIndex([]int{0, 1})
+	table.Render()
+
+}
diff --git a/probe/probe.go b/probe/probe.go
@@ -7,7 +7,6 @@ package probe
 import (
 	"bytes"
 	"context"
-	"encoding/json"
 	"fmt"
 	"io"
 	"log"
@@ -77,50 +76,50 @@ func PrintProbeResult(c *k8s.Client, o Options) error {
 			return errors.New("unsupported environment or cluster not configured correctly")
 		}
 	}
-	if isSystemdMode() {
+	if true {
 		err := probeSystemdMode()
 		if err != nil {
 			return err
 		}
 		return nil
 	}
-	isRunning, daemonsetStatus := isKubeArmorRunning(c, o)
-	if isRunning {
-		deploymentData := getKubeArmorDeployments(c, o)
-		containerData := getKubeArmorContainers(c, o)
-		probeData, nodeData, err := ProbeRunningKubeArmorNodes(c, o)
-		if err != nil {
-			log.Println("error occured when probing kubearmor nodes", err)
-		}
-		postureData := getPostureData(probeData)
-		armoredPodData, podData, err := getAnnotatedPods(c, o, postureData)
-		if err != nil {
-			log.Println("error occured when getting annotated pods", err)
-		}
-		if o.Output == "json" {
-			ProbeData := map[string]interface{}{"Probe Data": map[string]interface{}{
-				"DaemonsetStatus": daemonsetStatus,
-				"Deployments":     deploymentData,
-				"Containers":      containerData,
-				"Nodes":           nodeData,
-				"ArmoredPods":     armoredPodData,
-			},
-			}
-			out, err := json.Marshal(ProbeData)
-			if err != nil {
-				return err
-			}
-			fmt.Println(string(out))
-		} else {
-			printDaemonsetData(daemonsetStatus)
-			printKubearmorDeployments(deploymentData)
-			printKubeArmorContainers(containerData)
-			printKubeArmorprobe(probeData)
-			printAnnotatedPods(podData)
-		}
-
-		return nil
-	}
+	// isRunning, daemonsetStatus := isKubeArmorRunning(c, o)
+	// if isRunning {
+	// 	deploymentData := getKubeArmorDeployments(c, o)
+	// 	containerData := getKubeArmorContainers(c, o)
+	// 	probeData, nodeData, err := ProbeRunningKubeArmorNodes(c, o)
+	// 	if err != nil {
+	// 		log.Println("error occured when probing kubearmor nodes", err)
+	// 	}
+	// 	postureData := getPostureData(probeData)
+	// 	armoredPodData, podData, err := getAnnotatedPods(c, o, postureData)
+	// 	if err != nil {
+	// 		log.Println("error occured when getting annotated pods", err)
+	// 	}
+	// 	if o.Output == "json" {
+	// 		ProbeData := map[string]interface{}{"Probe Data": map[string]interface{}{
+	// 			"DaemonsetStatus": daemonsetStatus,
+	// 			"Deployments":     deploymentData,
+	// 			"Containers":      containerData,
+	// 			"Nodes":           nodeData,
+	// 			"ArmoredPods":     armoredPodData,
+	// 		},
+	// 		}
+	// 		out, err := json.Marshal(ProbeData)
+	// 		if err != nil {
+	// 			return err
+	// 		}
+	// 		fmt.Println(string(out))
+	// 	} else {
+	// 		printDaemonsetData(daemonsetStatus)
+	// 		printKubearmorDeployments(deploymentData)
+	// 		printKubeArmorContainers(containerData)
+	// 		printKubeArmorprobe(probeData)
+	// 		printAnnotatedPods(podData)
+	// 	}
+
+	// 	return nil
+	// }
 
 	/*** if kubearmor is not running: ***/
 
@@ -369,33 +368,33 @@ func probeNode(c *k8s.Client, o Options) {
 	}
 }
 
-func isKubeArmorRunning(c *k8s.Client, o Options) (bool, *Status) {
-	isRunning, DaemonsetStatus := getKubeArmorDaemonset(c, o)
-	return isRunning, DaemonsetStatus
-
-}
-
-func getKubeArmorDaemonset(c *k8s.Client, o Options) (bool, *Status) {
-
-	// KubeArmor DaemonSet
-	w, err := c.K8sClientset.AppsV1().DaemonSets(o.Namespace).Get(context.Background(), "kubearmor", metav1.GetOptions{})
-	if err != nil {
-		log.Println("error when getting kubearmor daemonset", err)
-		return false, nil
-	}
-	desired, ready, available := w.Status.DesiredNumberScheduled, w.Status.NumberReady, w.Status.NumberAvailable
-	if desired != ready && desired != available {
-		return false, nil
-	}
-
-	DaemonSetStatus := Status{
-		Desired:   strconv.Itoa(int(desired)),
-		Ready:     strconv.Itoa(int(ready)),
-		Available: strconv.Itoa(int(available)),
-	}
-	return true, &DaemonSetStatus
-
-}
+// func isKubeArmorRunning(c *k8s.Client, o Options) (bool, *Status) {
+// 	isRunning, DaemonsetStatus := getKubeArmorDaemonset(c, o)
+// 	return isRunning, DaemonsetStatus
+
+// }
+
+// func getKubeArmorDaemonset(c *k8s.Client, o Options) (bool, *Status) {
+
+// 	// KubeArmor DaemonSet
+// 	w, err := c.K8sClientset.AppsV1().DaemonSets(o.Namespace).Get(context.Background(), "kubearmor", metav1.GetOptions{})
+// 	if err != nil {
+// 		log.Println("error when getting kubearmor daemonset", err)
+// 		return false, nil
+// 	}
+// 	desired, ready, available := w.Status.DesiredNumberScheduled, w.Status.NumberReady, w.Status.NumberAvailable
+// 	if desired != ready && desired != available {
+// 		return false, nil
+// 	}
+
+// 	DaemonSetStatus := Status{
+// 		Desired:   strconv.Itoa(int(desired)),
+// 		Ready:     strconv.Itoa(int(ready)),
+// 		Available: strconv.Itoa(int(available)),
+// 	}
+// 	return true, &DaemonSetStatus
+
+// }
 func getKubeArmorDeployments(c *k8s.Client, o Options) map[string]*Status {
 
 	kubearmorDeployments, err := c.K8sClientset.AppsV1().Deployments(o.Namespace).List(context.Background(), metav1.ListOptions{
@@ -576,6 +575,13 @@ func probeSystemdMode() error {
 
 func printContainers() error {
 	gRPC := ""
+
+	if val, ok := os.LookupEnv("KUBEARMOR_SERVICE"); ok {
+		gRPC = val
+	} else {
+		gRPC = "localhost:32767"
+	}
+
 	conn, err := grpc.Dial(gRPC, grpc.WithInsecure())
 	if err != nil {
 		return err
@@ -584,10 +590,31 @@ func printContainers() error {
 	client := pb.NewKarmorClient(conn)
 
 	resp, err := client.GetKarmorData(context.Background(), &emptypb.Empty{})
+	if err != nil {
 
-	fmt.Println(resp.Containers)
+		fmt.Println(err)
+		return err
+	}
 
-	return err
+	var data [][]string
+	for i, containerName := range resp.Containers {
+
+		var policyNames = ""
+
+		if resp.Condata[containerName].PolicyEnabled == 1 {
+			for _, policyName := range resp.Condata[containerName].PolicyList {
+				policyNames = policyNames + policyName
+			}
+		}
+		data[i][0] = containerName
+		data[i][1] = policyNames
+
+	}
+	printPodsSystemd(data)
+
+	fmt.Println(resp.Containers)
+	fmt.Println(resp.Condata)
+	return nil
 
 }