Skip to content

Commit 1738c1a

Browse files
matthyxmatthyx
authored
Merge pull request #248 from kubescape/appprofile
use application profile instead of sbomp
2 parents 48f46b3 + bf8a747 commit 1738c1a

16 files changed

+645
-906
lines changed

admission/rulebinding/cache/cache.go

+12-16
Original file line numberDiff line numberDiff line change
@@ -4,9 +4,9 @@ import (
44
"context"
55
"strings"
66

7-
"github.com/kubescape/node-agent/pkg/rulebindingmanager/types"
87
typesv1 "github.com/kubescape/node-agent/pkg/rulebindingmanager/types/v1"
98
"github.com/kubescape/node-agent/pkg/watcher"
9+
"k8s.io/apimachinery/pkg/runtime"
1010

1111
"github.com/kubescape/node-agent/pkg/k8sclient"
1212

@@ -119,12 +119,10 @@ func (c *RBCache) AddNotifier(n *chan rulebindingmanager.RuleBindingNotify) {
119119

120120
// ------------------ watcher.Watcher methods -----------------------
121121

122-
func (c *RBCache) AddHandler(ctx context.Context, obj *unstructured.Unstructured) {
122+
func (c *RBCache) AddHandler(_ context.Context, obj runtime.Object) {
123123
var rbs []rulebindingmanager.RuleBindingNotify
124-
125-
switch obj.GetKind() {
126-
case types.RuntimeRuleBindingAlertKind:
127-
ruleBinding, err := unstructuredToRuleBinding(obj)
124+
if un, ok := obj.(*unstructured.Unstructured); ok {
125+
ruleBinding, err := unstructuredToRuleBinding(un)
128126
if err != nil {
129127
logger.L().Error("failed to convert unstructured to rule binding", helpers.Error(err))
130128
return
@@ -138,12 +136,11 @@ func (c *RBCache) AddHandler(ctx context.Context, obj *unstructured.Unstructured
138136
}
139137
}
140138
}
141-
func (c *RBCache) ModifyHandler(ctx context.Context, obj *unstructured.Unstructured) {
142-
var rbs []rulebindingmanager.RuleBindingNotify
143139

144-
switch obj.GetKind() {
145-
case types.RuntimeRuleBindingAlertKind:
146-
ruleBinding, err := unstructuredToRuleBinding(obj)
140+
func (c *RBCache) ModifyHandler(_ context.Context, obj runtime.Object) {
141+
var rbs []rulebindingmanager.RuleBindingNotify
142+
if un, ok := obj.(*unstructured.Unstructured); ok {
143+
ruleBinding, err := unstructuredToRuleBinding(un)
147144
if err != nil {
148145
logger.L().Error("failed to convert unstructured to rule binding", helpers.Error(err))
149146
return
@@ -157,13 +154,12 @@ func (c *RBCache) ModifyHandler(ctx context.Context, obj *unstructured.Unstructu
157154
}
158155
}
159156
}
160-
func (c *RBCache) DeleteHandler(_ context.Context, obj *unstructured.Unstructured) {
157+
158+
func (c *RBCache) DeleteHandler(_ context.Context, obj runtime.Object) {
161159
var rbs []rulebindingmanager.RuleBindingNotify
162-
switch obj.GetKind() {
163-
case types.RuntimeRuleBindingAlertKind:
164-
rbs = c.deleteRuleBinding(uniqueName(obj))
160+
if un, ok := obj.(*unstructured.Unstructured); ok {
161+
rbs = c.deleteRuleBinding(uniqueName(un))
165162
}
166-
167163
// notify
168164
for n := range c.notifiers {
169165
for i := range rbs {

go.mod

+51-45
Original file line numberDiff line numberDiff line change
@@ -5,12 +5,12 @@ go 1.23.0
55
toolchain go1.23.2
66

77
require (
8-
github.com/armosec/armoapi-go v0.0.487
8+
github.com/armosec/armoapi-go v0.0.496
99
github.com/armosec/cluster-notifier-api-go v0.0.5
1010
github.com/armosec/registryx v0.0.23
1111
github.com/armosec/utils-go v0.0.58
1212
github.com/armosec/utils-k8s-go v0.0.30
13-
github.com/aws/aws-sdk-go v1.50.8
13+
github.com/aws/aws-sdk-go v1.55.5
1414
github.com/cenkalti/backoff v2.2.1+incompatible
1515
github.com/cenkalti/backoff/v4 v4.3.0
1616
github.com/deckarep/golang-set/v2 v2.6.0
@@ -23,29 +23,29 @@ require (
2323
github.com/gorilla/mux v1.8.1
2424
github.com/gorilla/websocket v1.5.1
2525
github.com/kubescape/backend v0.0.25
26-
github.com/kubescape/go-logger v0.0.22
27-
github.com/kubescape/k8s-interface v0.0.170
26+
github.com/kubescape/go-logger v0.0.23
27+
github.com/kubescape/k8s-interface v0.0.176
2828
github.com/kubescape/kubescape-network-scanner v0.0.15
29-
github.com/kubescape/node-agent v0.2.111
29+
github.com/kubescape/node-agent v0.2.152
3030
github.com/kubescape/opa-utils v0.0.278
31-
github.com/kubescape/storage v0.0.89
31+
github.com/kubescape/storage v0.0.127
3232
github.com/mitchellh/mapstructure v1.5.0
3333
github.com/panjf2000/ants/v2 v2.9.1
3434
github.com/spf13/viper v1.19.0
3535
github.com/stretchr/testify v1.9.0
3636
github.com/testcontainers/testcontainers-go/modules/k3s v0.34.0
3737
github.com/zeebo/assert v1.3.1
3838
go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux v0.44.0
39-
go.opentelemetry.io/otel v1.28.0
40-
go.opentelemetry.io/otel/trace v1.28.0
39+
go.opentelemetry.io/otel v1.30.0
40+
go.opentelemetry.io/otel/trace v1.30.0
4141
golang.org/x/sync v0.10.0
4242
gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22
4343
istio.io/pkg v0.0.0-20231221211216-7635388a563e
44-
k8s.io/api v0.30.2
45-
k8s.io/apimachinery v0.30.2
46-
k8s.io/apiserver v0.30.2
47-
k8s.io/client-go v0.30.2
48-
k8s.io/utils v0.0.0-20240502163921-fe8a2dddb1d0
44+
k8s.io/api v0.31.0
45+
k8s.io/apimachinery v0.31.0
46+
k8s.io/apiserver v0.31.0
47+
k8s.io/client-go v0.31.0
48+
k8s.io/utils v0.0.0-20240711033017-18e509b52bc8
4949
sigs.k8s.io/yaml v1.4.0
5050
)
5151

@@ -83,7 +83,7 @@ require (
8383
go.etcd.io/etcd/api/v3 v3.5.14 // indirect
8484
go.etcd.io/etcd/client/pkg/v3 v3.5.14 // indirect
8585
go.etcd.io/etcd/client/v3 v3.5.14 // indirect
86-
k8s.io/apiextensions-apiserver v0.30.2 // indirect
86+
k8s.io/apiextensions-apiserver v0.31.0 // indirect
8787
)
8888

8989
require (
@@ -115,8 +115,8 @@ require (
115115
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.24 // indirect
116116
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 // indirect
117117
github.com/aws/aws-sdk-go-v2/service/ecr v1.36.6 // indirect
118-
github.com/aws/aws-sdk-go-v2/service/eks v1.28.1 // indirect
119-
github.com/aws/aws-sdk-go-v2/service/iam v1.21.1 // indirect
118+
github.com/aws/aws-sdk-go-v2/service/eks v1.48.5 // indirect
119+
github.com/aws/aws-sdk-go-v2/service/iam v1.35.3 // indirect
120120
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1 // indirect
121121
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.5 // indirect
122122
github.com/aws/aws-sdk-go-v2/service/sso v1.24.6 // indirect
@@ -127,30 +127,31 @@ require (
127127
github.com/beorn7/perks v1.0.1 // indirect
128128
github.com/blang/semver/v4 v4.0.0 // indirect
129129
github.com/bmatcuk/doublestar/v4 v4.6.1 // indirect
130-
github.com/briandowns/spinner v1.23.0 // indirect
130+
github.com/briandowns/spinner v1.23.1 // indirect
131131
github.com/cespare/xxhash/v2 v2.3.0 // indirect
132132
github.com/cilium/cilium v1.16.4 // indirect
133133
github.com/containerd/containerd v1.7.21 // indirect
134134
github.com/containerd/errdefs v0.1.0 // indirect
135135
github.com/containerd/log v0.1.0 // indirect
136136
github.com/containerd/platforms v0.2.1 // indirect
137137
github.com/containerd/stargz-snapshotter/estargz v0.15.1 // indirect
138-
github.com/containers/common v0.60.4 // indirect
138+
github.com/containers/common v0.60.2 // indirect
139139
github.com/coreos/go-oidc v2.2.1+incompatible // indirect
140140
github.com/cpuguy83/dockercfg v0.3.2 // indirect
141141
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
142-
github.com/docker/cli v27.1.1+incompatible // indirect
142+
github.com/docker/cli v27.2.1+incompatible // indirect
143143
github.com/docker/distribution v2.8.3+incompatible // indirect
144144
github.com/docker/docker-credential-helpers v0.8.2 // indirect
145145
github.com/docker/go-connections v0.5.0 // indirect
146146
github.com/docker/go-units v0.5.0 // indirect
147-
github.com/emicklei/go-restful/v3 v3.12.0 // indirect
147+
github.com/emicklei/go-restful/v3 v3.12.1 // indirect
148148
github.com/evanphx/json-patch v5.9.0+incompatible // indirect
149149
github.com/facebookincubator/nvdtools v0.1.5 // indirect
150150
github.com/fatih/color v1.17.0 // indirect
151151
github.com/felixge/httpsnoop v1.0.4 // indirect
152152
github.com/francoispqt/gojay v1.2.13 // indirect
153153
github.com/fsnotify/fsnotify v1.7.0 // indirect
154+
github.com/fxamacker/cbor/v2 v2.7.0 // indirect
154155
github.com/gabriel-vasile/mimetype v1.4.5 // indirect
155156
github.com/github/go-spdx/v2 v2.3.2 // indirect
156157
github.com/go-gota/gota v0.12.0 // indirect
@@ -170,7 +171,7 @@ require (
170171
github.com/gobwas/glob v0.2.3 // indirect
171172
github.com/gogo/protobuf v1.3.2 // indirect
172173
github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
173-
github.com/golang/glog v1.2.1 // indirect
174+
github.com/golang/glog v1.2.2 // indirect
174175
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
175176
github.com/golang/protobuf v1.5.4 // indirect
176177
github.com/golang/snappy v0.0.4 // indirect
@@ -180,14 +181,14 @@ require (
180181
github.com/google/s2a-go v0.1.7 // indirect
181182
github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
182183
github.com/googleapis/gax-go/v2 v2.12.3 // indirect
183-
github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 // indirect
184+
github.com/grpc-ecosystem/grpc-gateway/v2 v2.22.0 // indirect
184185
github.com/hashicorp/errwrap v1.1.0 // indirect
185186
github.com/hashicorp/go-multierror v1.1.1 // indirect
186187
github.com/hashicorp/go-version v1.7.0 // indirect
187188
github.com/hashicorp/hcl v1.0.1-vault-5 // indirect
188189
github.com/imdario/mergo v0.3.16 // indirect
189190
github.com/inconshreveable/mousetrap v1.1.0 // indirect
190-
github.com/inspektor-gadget/inspektor-gadget v0.30.0 // indirect
191+
github.com/inspektor-gadget/inspektor-gadget v0.32.1-0.20240910080600-c7396e29cbf6 // indirect
191192
github.com/jinzhu/copier v0.4.0 // indirect
192193
github.com/jmespath/go-jmespath v0.4.0 // indirect
193194
github.com/josharian/intern v1.0.0 // indirect
@@ -229,7 +230,7 @@ require (
229230
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
230231
github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
231232
github.com/pquerna/cachecontrol v0.2.0 // indirect
232-
github.com/prometheus/client_golang v1.20.2 // indirect
233+
github.com/prometheus/client_golang v1.20.3 // indirect
233234
github.com/prometheus/client_model v0.6.1 // indirect
234235
github.com/prometheus/common v0.55.0 // indirect
235236
github.com/prometheus/procfs v0.15.1 // indirect
@@ -256,36 +257,40 @@ require (
256257
github.com/tklauser/go-sysconf v0.3.12 // indirect
257258
github.com/tklauser/numcpus v0.8.0 // indirect
258259
github.com/ulikunitz/xz v0.5.12 // indirect
259-
github.com/uptrace/opentelemetry-go-extra/otelutil v0.2.4 // indirect
260-
github.com/uptrace/opentelemetry-go-extra/otelzap v0.2.4 // indirect
261-
github.com/uptrace/uptrace-go v1.26.2 // indirect
260+
github.com/uptrace/opentelemetry-go-extra/otelutil v0.3.2 // indirect
261+
github.com/uptrace/opentelemetry-go-extra/otelzap v0.3.2 // indirect
262+
github.com/uptrace/uptrace-go v1.30.1 // indirect
262263
github.com/vbatts/tar-split v0.11.5 // indirect
263264
github.com/vishvananda/netlink v1.3.1-0.20241022031324-976bd8de7d81 // indirect
264265
github.com/vishvananda/netns v0.0.4 // indirect
265266
github.com/wagoodman/go-partybus v0.0.0-20230516145632-8ccac152c651 // indirect
266267
github.com/wagoodman/go-progress v0.0.0-20230925121702-07e42b3cdba0 // indirect
268+
github.com/x448/float16 v0.8.4 // indirect
267269
github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
268270
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
269271
github.com/yashtewari/glob-intersection v0.2.0 // indirect
270272
github.com/yusufpapurcu/wmi v1.2.3 // indirect
271273
go.mongodb.org/mongo-driver v1.15.0 // indirect
272274
go.opencensus.io v0.24.0 // indirect
273-
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.49.0 // indirect
275+
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.53.0 // indirect
274276
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0 // indirect
275-
go.opentelemetry.io/contrib/instrumentation/runtime v0.51.0 // indirect
276-
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.26.0 // indirect
277-
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 // indirect
278-
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.26.0 // indirect
279-
go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.26.0 // indirect
280-
go.opentelemetry.io/otel/metric v1.28.0 // indirect
281-
go.opentelemetry.io/otel/sdk v1.28.0 // indirect
282-
go.opentelemetry.io/otel/sdk/metric v1.27.0 // indirect
277+
go.opentelemetry.io/contrib/instrumentation/runtime v0.55.0 // indirect
278+
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.6.0 // indirect
279+
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.30.0 // indirect
280+
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.30.0 // indirect
281+
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.30.0 // indirect
282+
go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.30.0 // indirect
283+
go.opentelemetry.io/otel/log v0.6.0 // indirect
284+
go.opentelemetry.io/otel/metric v1.30.0 // indirect
285+
go.opentelemetry.io/otel/sdk v1.30.0 // indirect
286+
go.opentelemetry.io/otel/sdk/log v0.6.0 // indirect
287+
go.opentelemetry.io/otel/sdk/metric v1.30.0 // indirect
283288
go.opentelemetry.io/proto/otlp v1.3.1 // indirect
284289
go.uber.org/multierr v1.11.0 // indirect
285290
go.uber.org/zap v1.27.0 // indirect
286291
go4.org/netipx v0.0.0-20231129151722-fdeea329fbba // indirect
287-
golang.org/x/crypto v0.31.0 // indirect
288-
golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect
292+
golang.org/x/crypto v0.27.0 // indirect
293+
golang.org/x/exp v0.0.0-20240808152545-0cdaa3abc0fa // indirect
289294
golang.org/x/mod v0.21.0 // indirect
290295
golang.org/x/net v0.29.0 // indirect
291296
golang.org/x/oauth2 v0.23.0 // indirect
@@ -296,19 +301,20 @@ require (
296301
gonum.org/v1/gonum v0.9.1 // indirect
297302
google.golang.org/api v0.177.0 // indirect
298303
google.golang.org/genproto v0.0.0-20240515191416-fc5f0ca64291 // indirect
299-
google.golang.org/genproto/googleapis/api v0.0.0-20240701130421-f6361c86f094 // indirect
300-
google.golang.org/genproto/googleapis/rpc v0.0.0-20240701130421-f6361c86f094 // indirect
301-
google.golang.org/grpc v1.66.0 // indirect
304+
google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1 // indirect
305+
google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 // indirect
306+
google.golang.org/grpc v1.67.0 // indirect
302307
google.golang.org/protobuf v1.34.2 // indirect
308+
gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
303309
gopkg.in/inf.v0 v0.9.1 // indirect
304310
gopkg.in/ini.v1 v1.67.0 // indirect
305311
gopkg.in/square/go-jose.v2 v2.6.0 // indirect
306312
gopkg.in/yaml.v2 v2.4.0 // indirect
307313
gopkg.in/yaml.v3 v3.0.1 // indirect
308-
k8s.io/component-base v0.30.2 // indirect
309-
k8s.io/klog/v2 v2.120.1 // indirect
310-
k8s.io/kube-openapi v0.0.0-20240430033511-f0e62f92d13f // indirect
311-
sigs.k8s.io/controller-runtime v0.18.4 // indirect
314+
k8s.io/component-base v0.31.0 // indirect
315+
k8s.io/klog/v2 v2.130.1 // indirect
316+
k8s.io/kube-openapi v0.0.0-20240812233141-91dab695df6f // indirect
317+
sigs.k8s.io/controller-runtime v0.19.0 // indirect
312318
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
313319
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
314320
)

0 commit comments

Comments
 (0)