From 19acf50d88736b231d155e6ca18f36a8d3c5e89d Mon Sep 17 00:00:00 2001 From: dqsully Date: Thu, 22 Feb 2024 13:28:24 -0700 Subject: [PATCH] Treat duplicate pod added events as modified in endpoint policy (#1553) Signed-off-by: Dakota Sullivan --- KubeArmor/core/kubeUpdate.go | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/KubeArmor/core/kubeUpdate.go b/KubeArmor/core/kubeUpdate.go index 20dd92acc..cf9877285 100644 --- a/KubeArmor/core/kubeUpdate.go +++ b/KubeArmor/core/kubeUpdate.go @@ -829,6 +829,7 @@ func (dm *KubeArmorDaemon) WatchK8sPods() { if event.Type == "ADDED" { new := true + for _, k8spod := range dm.K8sPods { if k8spod.Metadata["namespaceName"] == pod.Metadata["namespaceName"] && k8spod.Metadata["podName"] == pod.Metadata["podName"] { new = false @@ -837,8 +838,16 @@ func (dm *KubeArmorDaemon) WatchK8sPods() { } if new { dm.K8sPods = append(dm.K8sPods, pod) + } else { + // Kubernetes can send us 'ADDED' events for a pod we + // already know about when our Kubernetes watch request + // restarts, so treat that like a 'MODIFIED' event + // instead + event.Type = "MODIFIED" } - } else if event.Type == "MODIFIED" { + } + + if event.Type == "MODIFIED" { for idx, k8spod := range dm.K8sPods { if k8spod.Metadata["namespaceName"] == pod.Metadata["namespaceName"] && k8spod.Metadata["podName"] == pod.Metadata["podName"] { dm.K8sPods[idx] = pod