Skip to content

Commit

Permalink
Merge pull request #1753 from Prateeknandle/owner-info
Browse files Browse the repository at this point in the history
fix(core) : owner information in logs
  • Loading branch information
daemon1024 authored May 15, 2024
2 parents a5f584c + 0711271 commit 294ed3b
Showing 1 changed file with 25 additions and 14 deletions.
39 changes: 25 additions & 14 deletions KubeArmor/core/kubeUpdate.go
Original file line number Diff line number Diff line change
Expand Up @@ -550,9 +550,6 @@ func (dm *KubeArmorDaemon) HandleUnknownNamespaceNsMap(container *tp.Container)

// WatchK8sPods Function
func (dm *KubeArmorDaemon) WatchK8sPods() {
var controllerName, controller, namespace string
var err error

nodeName := os.Getenv("KUBEARMOR_NODENAME")
if nodeName == "" {
nodeName = cfg.GlobalCfg.Host
Expand Down Expand Up @@ -591,29 +588,43 @@ func (dm *KubeArmorDaemon) WatchK8sPods() {
pod.Metadata["namespaceName"] = event.Object.ObjectMeta.Namespace
pod.Metadata["podName"] = event.Object.ObjectMeta.Name

var controllerName, controller, namespace string
var err error

if event.Type == "ADDED" {
controllerName, controller, namespace, err = getTopLevelOwner(event.Object.ObjectMeta, event.Object.Namespace, event.Object.Kind)
if err != nil {
dm.Logger.Warnf("Failed to get ownerRef (%s, %s)", event.Object.ObjectMeta.Name, err.Error())
}

owner := tp.PodOwner{
Name: controllerName,
Ref: controller,
Namespace: namespace,
}

dm.OwnerInfo[pod.Metadata["podName"]] = owner
podOwnerName = controllerName
}
_, err := K8s.K8sClient.CoreV1().Pods(namespace).Get(context.Background(), event.Object.ObjectMeta.Name, metav1.GetOptions{})
if err == nil && (event.Type == "MODIFIED" || event.Type != "DELETED") {

// for event = "MODIFIED" we first check pod's existence to update current dm.OwnerInfo of the pod, because when pod is in terminating state then we cannot get the owner info from it.
// we do not update owner info in terminating state. After pod is deleted we delete the owner info from the map.
_, err = K8s.K8sClient.CoreV1().Pods(namespace).Get(context.Background(), event.Object.ObjectMeta.Name, metav1.GetOptions{})
if err == nil && event.Type == "MODIFIED" {
controllerName, controller, namespace, err = getTopLevelOwner(event.Object.ObjectMeta, event.Object.Namespace, event.Object.Kind)
if err != nil {
dm.Logger.Warnf("Failed to get ownerRef (%s, %s)", event.Object.ObjectMeta.Name, err.Error())
}
}

owner := tp.PodOwner{
Name: controllerName,
Ref: controller,
Namespace: namespace,
}

dm.OwnerInfo[pod.Metadata["podName"]] = owner
owner := tp.PodOwner{
Name: controllerName,
Ref: controller,
Namespace: namespace,
}

podOwnerName = controllerName
dm.OwnerInfo[pod.Metadata["podName"]] = owner
podOwnerName = controllerName
}

//get the owner , then check if that owner has owner if...do it recusivelt until you get the no owner

Expand Down

0 comments on commit 294ed3b

Please sign in to comment.