Merge branch 'main' into matmerr/installfixes

.github/workflows/commit-message.yaml

@@ -1,7 +1,5 @@
 name: commit-message
 on:
-  push:
-    branches: [ main ]
   pull_request:
     branches: [ main ]
     types:

.github/workflows/markdownlint.yaml

@@ -1,7 +1,5 @@
 name: Markdown Lint
 on:
-  push:
-    branches: [main]
   pull_request:
     branches: [main]
 jobs:

.github/workflows/test.yaml

@@ -29,7 +29,7 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           PULL_REQUEST_NUMBER: ${{ github.event.pull_request.number }}
         run: |
-          make retina-test-image IMAGE_NAMESPACE=${{ github.repository }} PLATFORM=linux/amd64
+          make test-image IMAGE_NAMESPACE=${{ github.repository }} PLATFORM=linux/amd64
       - name: Upload Artifacts
         uses: actions/upload-artifact@v4
         with:

Makefile

@@ -232,10 +232,9 @@ buildx:
 	fi;
 
 container-docker: buildx # util target to build container images using docker buildx. do not invoke directly.
-	echo "Building for platform $(PLATFORM)"
-	os=$$(echo $(PLATFORM) | cut -d'/' -f1); \
-	arch=$$(echo $(PLATFORM) | cut -d'/' -f2); \
-	echo "Building for $$os/$$arch"; \
+	@os=$$(echo $(PLATFORM) | cut -d'/' -f1); \
+	@arch=$$(echo $(PLATFORM) | cut -d'/' -f2); \
+	@echo "Building for $$os/$$arch"; \
 	docker buildx build \
 		$(ACTION) \
 		--platform $(PLATFORM) \
@@ -360,34 +359,23 @@ manifest:
 # Make sure the layer has only one directory.
 # the test DockerFile needs to build the scratch stage with all the output files 
 # and we will untar the archive and copy the files from scratch stage
-retina-test-image: ## build the retina container image for testing.
+test-image: ## build the retina container image for testing.
 	$(MAKE) container-docker \
 			PLATFORM=$(PLATFORM) \
 			DOCKERFILE=./test/image/Dockerfile \
 			REGISTRY=$(IMAGE_REGISTRY) \
 			IMAGE=$(RETINA_IMAGE) \
 			CONTEXT_DIR=$(REPO_ROOT) \
 			TAG=$(RETINA_PLATFORM_TAG) \
-
-	docker save -o archives.tar $(IMAGE_REGISTRY)/$(RETINA_IMAGE):$(RETINA_PLATFORM_TAG) && \
-	mkdir -p archivelayers && \
-	cp archives.tar archivelayers/archives.tar && \
-	cd archivelayers/ && \
-	pwd && \
-	tar -xvf archives.tar && \
-	cd `ls -d */` && \
-	pwd && \
-	tar -xvf layer.tar && \
-	cp coverage.out ../../
-	$(MAKE) retina-cc
+			ACTION=--load
 
 COVER_PKG ?= .
 
-retina-ut: $(ENVTEST) # Run unit tests.
+test: $(ENVTEST) # Run unit tests.
 	go build -o test-summary ./test/utsummary/main.go
 	CGO_ENABLED=0 KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use -p path)" go test -tags=unit -coverprofile=coverage.out -v -json ./... | ./test-summary --progress --verbose
 
-retina-cc: # Code coverage.
+coverage: # Code coverage.
 #	go generate ./... && go test -tags=unit -coverprofile=coverage.out.tmp ./...
 	cat coverage.out | grep -v "_bpf.go\|_bpfel_x86.go\|_bpfel_arm64.go|_generated.go|mock_" | grep -v mock > coveragenew.out
 	go tool cover -html coveragenew.out -o coverage.html
@@ -409,10 +397,9 @@ manifests:
 
 # basic/node-level mode
 helm-install: manifests
-	helm install retina ./deploy/manifests/controller/helm/retina/ \
+	helm upgrade --install retina ./deploy/manifests/controller/helm/retina/ \
 		--namespace kube-system \
 		--set image.repository=$(IMAGE_REGISTRY)/$(RETINA_IMAGE) \
-		--set image.tag=$(RETINA_PLATFORM_TAG) \
 		--set image.initRepository=$(IMAGE_REGISTRY)/$(RETINA_INIT_IMAGE) \
 		--set image.pullPolicy=Always \
 		--set logLevel=info \
@@ -422,17 +409,15 @@ helm-install: manifests
 
 # advanced/pod-level mode with scale limitations, where metrics are aggregated by source and destination Pod
 helm-install-advanced-remote-context: manifests
-	helm install retina ./deploy/manifests/controller/helm/retina/ \
+	helm upgrade --install retina ./deploy/manifests/controller/helm/retina/ \
 		--namespace kube-system \
 		--set image.repository=$(IMAGE_REGISTRY)/$(RETINA_IMAGE) \
-		--set image.tag=$(RETINA_PLATFORM_TAG) \
 		--set image.initRepository=$(IMAGE_REGISTRY)/$(RETINA_INIT_IMAGE) \
 		--set image.pullPolicy=Always \
 		--set logLevel=info \
 		--set os.windows=true \
 		--set operator.enabled=true \
 		--set operator.enableRetinaEndpoint=true \
-		--set operator.tag=$(RETINA_PLATFORM_TAG) \
 		--set operator.repository=$(IMAGE_REGISTRY)/$(RETINA_OPERATOR_IMAGE) \
 		--skip-crds \
 		--set enabledPlugin_linux="\[dropreason\,packetforward\,linuxutil\,dns\,packetparser\]" \
@@ -441,17 +426,15 @@ helm-install-advanced-remote-context: manifests
 
 # advanced/pod-level mode designed for scale, where metrics are aggregated by "local" Pod (source for outgoing traffic, destination for incoming traffic)
 helm-install-advanced-local-context: manifests
-	helm install retina ./deploy/manifests/controller/helm/retina/ \
+	helm upgrade --install retina ./deploy/manifests/controller/helm/retina/ \
 		--namespace kube-system \
 		--set image.repository=$(IMAGE_REGISTRY)/$(RETINA_IMAGE) \
-		--set image.tag=$(RETINA_PLATFORM_TAG) \
 		--set image.initRepository=$(IMAGE_REGISTRY)/$(RETINA_INIT_IMAGE) \
 		--set image.pullPolicy=Always \
 		--set logLevel=info \
 		--set os.windows=true \
 		--set operator.enabled=true \
 		--set operator.enableRetinaEndpoint=true \
-		--set operator.tag=$(RETINA_PLATFORM_TAG) \
 		--set operator.repository=$(IMAGE_REGISTRY)/$(RETINA_OPERATOR_IMAGE) \
 		--skip-crds \
 		--set enabledPlugin_linux="\[dropreason\,packetforward\,linuxutil\,dns\,packetparser\]" \

README.md

@@ -1,6 +1,8 @@
 # Retina
 
-[![goreport][goreport-img]][goreport] ![GitHub release][release-img] [![retina-publish][godoc-badge]][godoc] ![license] [![retina-test][retina-test-image-badge]][retina-test-image] [![retinash][retinash-badge]][retinash] [![retina-publish][retina-publish-badge]][retina-publish] [![retina-publish-ghcr][retina-publish-ghcr-badge]][retina-publish-ghcr] ![retina-codeql-img][retina-codeql-badge] ![retina-golangci-lint-img][retina-golangci-lint-badge]
+[![goreport][goreport-img]][goreport] ![GitHub release][release-img] [![retina-publish][godoc-badge]][godoc] ![license]
+
+[![retina-test][retina-test-image-badge]][retina-test-image] [![retinash][retinash-badge]][retinash] [![retina-publish][retina-publish-badge]][retina-publish] ![retina-codeql-img][retina-codeql-badge] ![retina-golangci-lint-img][retina-golangci-lint-badge]
 
 ## Overview
 
@@ -22,8 +24,15 @@ Retina is currently supported in AKS. It has two major features:
 
 ### Quick Install Guide
 
-1. Create a Kubernetes cluster with a minimum of 2 nodes. Retina supports Linux (Ubuntu) and Windows (2019 and 2022) nodes.
-2. Follow steps in [Using Managed Prometheus and Grafana](https://retina.sh/docs/installation/prometheus-azure-managed)
+Prerequisites: Go, Helm
+
+1. Clone the repo, then install Retina on your Kubernetes cluster
+
+    ```bash
+    make helm-install
+    ```
+
+2. Follow steps in [Using Managed Prometheus and Grafana](https://retina.sh/docs/installation/prometheus-azure-managed) to set up metrics collection and visualization.
 
 ### Captures
 
@@ -33,6 +42,10 @@ Retina is currently supported in AKS. It has two major features:
 
 [Read more](https://retina.sh/docs/contributing)
 
+## Office Hours and Community Meetings
+
+[Read more](https://retina.sh/docs/contributing/#office-hours-and-community-meetings)
+
 This project welcomes contributions and suggestions.  Most contributions require you to agree to a
 Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us
 the rights to use your contribution. For details, visit <https://cla.opensource.microsoft.com>.
@@ -76,7 +89,5 @@ This project has adopted the [Microsoft Open Source Code of Conduct](https://ope
 [retinash]: https://retina.sh/
 [retina-publish-badge]: https://github.com/microsoft/retina/actions/workflows/images.yaml/badge.svg?branch=main
 [retina-publish]: https://github.com/microsoft/retina/actions/workflows/images.yaml?query=branch%3Amain
-[retina-publish-ghcr-badge]: https://github.com/microsoft/retina/actions/workflows/images-ghcr.yaml/badge.svg?branch=main
-[retina-publish-ghcr]: https://github.com/microsoft/retina/actions/workflows/images-ghcr.yaml?query=branch%3Amain
 [retina-codeql-badge]: https://github.com/microsoft/retina/actions/workflows/codeql.yaml/badge.svg?branch=main
 [retina-golangci-lint-badge]: https://github.com/microsoft/retina/actions/workflows/golangci-lint.yaml/badge.svg?branch=main

deploy/manifests/controller/helm/retina/templates/daemonset.yaml

@@ -35,6 +35,10 @@ spec:
           - name: bpf
             mountPath: /sys/fs/bpf
             mountPropagation: Bidirectional
+        {{- range $name, $mountPath := .Values.volumeMounts }}
+          - name: {{ $name }}
+            mountPath: {{ $mountPath }}
+        {{- end }}
       containers:
         - name: {{ include "retina.name" . }} 
           livenessProbe:

deploy/manifests/controller/helm/retina/values.yaml

@@ -50,7 +50,7 @@ apiServer:
 # Supported - debug, info, error, warn, panic, fatal.
 logLevel: debug
 
-enabledPlugin_linux: '["dropreason","packetforward","linuxutil", "dns"]'
+enabledPlugin_linux: '["dropreason","packetforward","linuxutil","dns"]'
 enabledPlugin_win: '["hnsstats"]'
 
 enableTelemetry: true
@@ -84,7 +84,7 @@ volumeMounts:
   tmp: /tmp
   config: /retina/config
 
-#volume mounts for indows
+#volume mounts for windows
 volumeMounts_win:
   retina-config-win: retina
 

docs/contributing/readme.md

@@ -12,6 +12,22 @@ This project has adopted the [Microsoft Open Source Code of Conduct](https://ope
 For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or
 contact [[email protected]](mailto:[email protected]) with any additional questions or comments.
 
+## Office Hours and Community Meetings
+
+### Office Hours occur Every Friday at 11:30 AM PST
+
+[Meeting Link](https://teams.microsoft.com/l/meetup-join/19%3ameeting_OGE5ZTljM2ItNmNmMC00ZmMzLThjMjktNmNjZGE3ODAyZDVj%40thread.v2/0?context=%7b%22Tid%22%3a%2272f988bf-86f1-41af-91ab-2d7cd011db47%22%2c%22Oid%22%3a%22e430e8c5-dd91-4c3c-88c2-6e258812501b%22%7d)
+
+```shell
+Meeting ID: 212 979 978 795 
+Passcode: YjWUEA 
+________________________________________
+Dial-in by phone 
++1 323-849-4874,,951863362# United States, Los Angeles 
+Find a local number 
+Phone conference ID: 951 863 362# 
+```
+
 ## Development
 
 ### Configurations
@@ -43,8 +59,8 @@ Download [Helm](https://helm.sh/) as well.
 ### Test
 
 ```bash
-make retina-ut # run unit-test locally
-make retina-test-image # run tests in docker container
+make test # run unit-test locally
+make test-image # run tests in docker container
 ```
 
 ### Build

go.mod

@@ -206,7 +206,7 @@ require (
 	golang.org/x/sys v0.17.0
 	golang.org/x/term v0.17.0 // indirect
 	google.golang.org/appengine v1.6.8 // indirect
-	google.golang.org/protobuf v1.32.0
+	google.golang.org/protobuf v1.33.0
 	gopkg.in/yaml.v2 v2.4.0
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	k8s.io/api v0.29.2

go.sum

@@ -918,8 +918,8 @@ google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlba
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
 google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I=
-google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
+google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
+google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
 gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=

hack/tools/go.sum

@@ -98,8 +98,8 @@ github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6r
 github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
 github.com/bkielbasa/cyclop v1.2.0 h1:7Jmnh0yL2DjKfw28p86YTd/B4lRGcNuu12sKE35sM7A=
 github.com/bkielbasa/cyclop v1.2.0/go.mod h1:qOI0yy6A7dYC4Zgsa72Ppm9kONl0RoIlPbzot9mhmeI=
-github.com/blizzy78/varnamelen v0.6.1 h1:iYAU/3A6cpfRm2ZI0P/lece4jsc7GEbzsxTu+vBCChQ=
-github.com/blizzy78/varnamelen v0.6.1/go.mod h1:mGBHm+Uo4e8JnZEKHRoZgVEOQdSBdQfY/x+k4NAXBWA=
+github.com/blizzy78/varnamelen v0.6.1 h1:kttPCLzXFa+0nt++Cw9fb7GrSSM4KkyIAoX/vXsbuqA=
+github.com/blizzy78/varnamelen v0.6.1/go.mod h1:zy2Eic4qWqjrxa60jG34cfL0VXcSwzUrIx68eJPb4Q8=
 github.com/bombsimon/wsl/v3 v3.3.0 h1:Mka/+kRLoQJq7g2rggtgQsjuI/K5Efd87WX96EWFxjM=
 github.com/bombsimon/wsl/v3 v3.3.0/go.mod h1:st10JtZYLE4D5sC7b8xV4zTKZwAQjCH/Hy2Pm1FNZIc=
 github.com/breml/bidichk v0.2.2 h1:w7QXnpH0eCBJm55zGCTJveZEkQBt6Fs5zThIdA6qQ9Y=
@@ -852,7 +852,6 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
@@ -891,7 +890,6 @@ golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.5.1/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro=
-golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY=
 golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0=
 golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -1175,7 +1173,6 @@ golang.org/x/tools v0.1.7/go.mod h1:LGqMHiF4EqQNHR1JncWGqT5BVaXmza+X+BDGol+dOxo=
 golang.org/x/tools v0.1.8/go.mod h1:nABZi5QlRsZVlzPpHl034qft6wpY4eDcsTt5AaioBiU=
 golang.org/x/tools v0.1.9-0.20211228192929-ee1ca4ffc4da/go.mod h1:nABZi5QlRsZVlzPpHl034qft6wpY4eDcsTt5AaioBiU=
 golang.org/x/tools v0.1.9/go.mod h1:nABZi5QlRsZVlzPpHl034qft6wpY4eDcsTt5AaioBiU=
-golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E=
 golang.org/x/tools v0.16.1 h1:TLyB3WofjdOEepBHAU20JdNC1Zbg87elYofWYAY5oZA=
 golang.org/x/tools v0.16.1/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=

pkg/capture/crd_to_job_test.go

@@ -40,7 +40,7 @@ func NewCaptureToPodTranslatorForTest(kubeClient kubernetes.Interface) *CaptureT
 	log.SetupZapLogger(log.GetDefaultLogOpts())
 	config := config.CaptureConfig{
 		CaptureDebug:              true,
-		CaptureImageVersion:       "v0.0.6-52-g07caaaf",
+		CaptureImageVersion:       "v0.0.1-pre",
 		CaptureImageVersionSource: captureUtils.VersionSourceOperatorImageVersion,
 		CaptureJobNumLimit:        10,
 	}

pkg/controllers/daemon/retinaendpoint/suite_test.go

@@ -37,6 +37,10 @@ var (
 func TestAPIs(t *testing.T) {
 	RegisterFailHandler(Fail)
 
+	if testing.Short() {
+		t.Skip("skipping more involved tests with -short")
+	}
+
 	RunSpecs(t, "Capture Controller Suite")
 }