Skip to content

Commit

Permalink
Merge pull request #474 from redhatrises/use_gofalcon_config
Browse files Browse the repository at this point in the history 
feat: use gofalcon registry config and sensor types
  • Loading branch information
@redhatrises
redhatrises authored Jan 12, 2024
2 parents f211054 + 19309dd commit bbc9aae
Show file tree
Hide file tree
Showing 13 changed files with 379 additions and 1,173 deletions.
7 changes: 3 additions & 4 deletions cmd/main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ import (
clientgoscheme "k8s.io/client-go/kubernetes/scheme"
ctrl "sigs.k8s.io/controller-runtime"
"sigs.k8s.io/controller-runtime/pkg/cache"
"sigs.k8s.io/controller-runtime/pkg/client"
"sigs.k8s.io/controller-runtime/pkg/healthz"
"sigs.k8s.io/controller-runtime/pkg/log/zap"

Expand Down Expand Up @@ -100,9 +101,8 @@ func main() {
HealthProbeBindAddress: probeAddr,
LeaderElection: enableLeaderElection,
LeaderElectionID: "70435a7a.crowdstrike.com",

NewCache: cache.BuilderWithOptions(cache.Options{
SelectorsByObject: cache.SelectorsByObject{
Cache: cache.Options{
ByObject: map[client.Object]cache.ByObject{
&falconv1alpha1.FalconAdmission{}: {},
&falconv1alpha1.FalconNodeSensor{}: {},
&falconv1alpha1.FalconContainer{}: {},
Expand Down Expand Up @@ -139,7 +139,6 @@ func main() {
},
},
},
),
}

mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), options)
Expand Down
12 changes: 8 additions & 4 deletions config/crd/bases/falcon.crowdstrike.com_falconadmissions.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -125,7 +125,8 @@ spec:
description: "Claims lists the names of resources, defined
in spec.resourceClaims, that are used by this container.
\n This is an alpha field and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
feature gate. \n This field is immutable. It can only be
set for containers."
items:
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
properties:
Expand Down Expand Up @@ -162,7 +163,8 @@ spec:
description: 'Requests describes the minimum amount of compute
resources required. If Requests is omitted for a container,
it defaults to Limits if that is explicitly specified, otherwise
to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
to an implementation-defined value. Requests cannot exceed
Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
resourcesClient:
Expand All @@ -180,7 +182,8 @@ spec:
description: "Claims lists the names of resources, defined
in spec.resourceClaims, that are used by this container.
\n This is an alpha field and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
feature gate. \n This field is immutable. It can only be
set for containers."
items:
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
properties:
Expand Down Expand Up @@ -217,7 +220,8 @@ spec:
description: 'Requests describes the minimum amount of compute
resources required. If Requests is omitted for a container,
it defaults to Limits if that is explicitly specified, otherwise
to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
to an implementation-defined value. Requests cannot exceed
Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
serviceAccount:
Expand Down
20 changes: 13 additions & 7 deletions config/crd/bases/falcon.crowdstrike.com_falconcontainers.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -557,7 +557,7 @@ spec:
between the SizeLimit specified here and the sum of
memory limits of all containers in a pod. The default
is nil which means that the limit is undefined. More
info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
Expand Down Expand Up @@ -735,7 +735,8 @@ spec:
defined in spec.resourceClaims, that are
used by this container. \n This is an alpha
field and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
feature gate. \n This field is immutable.
It can only be set for containers."
items:
description: ResourceClaim references one
entry in PodSpec.ResourceClaims.
Expand Down Expand Up @@ -777,7 +778,8 @@ spec:
Requests is omitted for a container, it
defaults to Limits if that is explicitly
specified, otherwise to an implementation-defined
value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
value. Requests cannot exceed Limits. More
info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
selector:
Expand Down Expand Up @@ -1762,7 +1764,8 @@ spec:
description: "Claims lists the names of resources, defined
in spec.resourceClaims, that are used by this container.
\n This is an alpha field and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
feature gate. \n This field is immutable. It can only be
set for containers."
items:
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
properties:
Expand Down Expand Up @@ -1799,7 +1802,8 @@ spec:
description: 'Requests describes the minimum amount of compute
resources required. If Requests is omitted for a container,
it defaults to Limits if that is explicitly specified, otherwise
to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
to an implementation-defined value. Requests cannot exceed
Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
sensorResources:
Expand All @@ -1810,7 +1814,8 @@ spec:
description: "Claims lists the names of resources, defined
in spec.resourceClaims, that are used by this container.
\n This is an alpha field and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
feature gate. \n This field is immutable. It can only be
set for containers."
items:
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
properties:
Expand Down Expand Up @@ -1847,7 +1852,8 @@ spec:
description: 'Requests describes the minimum amount of compute
resources required. If Requests is omitted for a container,
it defaults to Limits if that is explicitly specified, otherwise
to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
to an implementation-defined value. Requests cannot exceed
Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
serviceAccount:
Expand Down
32 changes: 21 additions & 11 deletions deploy/falcon-operator.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -139,7 +139,8 @@ spec:
description: "Claims lists the names of resources, defined
in spec.resourceClaims, that are used by this container.
\n This is an alpha field and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
feature gate. \n This field is immutable. It can only be
set for containers."
items:
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
properties:
Expand Down Expand Up @@ -176,7 +177,8 @@ spec:
description: 'Requests describes the minimum amount of compute
resources required. If Requests is omitted for a container,
it defaults to Limits if that is explicitly specified, otherwise
to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
to an implementation-defined value. Requests cannot exceed
Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
resourcesClient:
Expand All @@ -194,7 +196,8 @@ spec:
description: "Claims lists the names of resources, defined
in spec.resourceClaims, that are used by this container.
\n This is an alpha field and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
feature gate. \n This field is immutable. It can only be
set for containers."
items:
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
properties:
Expand Down Expand Up @@ -231,7 +234,8 @@ spec:
description: 'Requests describes the minimum amount of compute
resources required. If Requests is omitted for a container,
it defaults to Limits if that is explicitly specified, otherwise
to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
to an implementation-defined value. Requests cannot exceed
Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
serviceAccount:
Expand Down Expand Up @@ -1113,7 +1117,7 @@ spec:
between the SizeLimit specified here and the sum of
memory limits of all containers in a pod. The default
is nil which means that the limit is undefined. More
info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
Expand Down Expand Up @@ -1291,7 +1295,8 @@ spec:
defined in spec.resourceClaims, that are
used by this container. \n This is an alpha
field and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
feature gate. \n This field is immutable.
It can only be set for containers."
items:
description: ResourceClaim references one
entry in PodSpec.ResourceClaims.
Expand Down Expand Up @@ -1333,7 +1338,8 @@ spec:
Requests is omitted for a container, it
defaults to Limits if that is explicitly
specified, otherwise to an implementation-defined
value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
value. Requests cannot exceed Limits. More
info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
selector:
Expand Down Expand Up @@ -2318,7 +2324,8 @@ spec:
description: "Claims lists the names of resources, defined
in spec.resourceClaims, that are used by this container.
\n This is an alpha field and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
feature gate. \n This field is immutable. It can only be
set for containers."
items:
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
properties:
Expand Down Expand Up @@ -2355,7 +2362,8 @@ spec:
description: 'Requests describes the minimum amount of compute
resources required. If Requests is omitted for a container,
it defaults to Limits if that is explicitly specified, otherwise
to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
to an implementation-defined value. Requests cannot exceed
Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
sensorResources:
Expand All @@ -2366,7 +2374,8 @@ spec:
description: "Claims lists the names of resources, defined
in spec.resourceClaims, that are used by this container.
\n This is an alpha field and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
feature gate. \n This field is immutable. It can only be
set for containers."
items:
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
properties:
Expand Down Expand Up @@ -2403,7 +2412,8 @@ spec:
description: 'Requests describes the minimum amount of compute
resources required. If Requests is omitted for a container,
it defaults to Limits if that is explicitly specified, otherwise
to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
to an implementation-defined value. Requests cannot exceed
Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
serviceAccount:
Expand Down
Loading

0 comments on commit bbc9aae

Please sign in to comment.