From 0cc8bd6832573f4b9125e408a19bc801a53dc709 Mon Sep 17 00:00:00 2001 From: "deepsource-io[bot]" <42547082+deepsource-io[bot]@users.noreply.github.com> Date: Thu, 8 Feb 2024 20:48:59 +0000 Subject: [PATCH 01/39] ci: update .deepsource.toml --- .deepsource.toml | 16 ++-------------- 1 file changed, 2 insertions(+), 14 deletions(-) diff --git a/.deepsource.toml b/.deepsource.toml index 93c41638..6018e7c9 100644 --- a/.deepsource.toml +++ b/.deepsource.toml @@ -1,22 +1,10 @@ version = 1 [[analyzers]] -name = "secrets" -enabled = true - -[[analyzers]] -name = "docker" -enabled = true - -[[analyzers]] -name = "test-coverage" -enabled = false +name = "shell" [[analyzers]] name = "go" -enabled = true [analyzers.meta] - import_root = "github.com/kube-tarian/tarian" - dependencies_vendored = true - \ No newline at end of file + import_root = "github.com/kumari-anupam/tarian" \ No newline at end of file From 6d0e3e23cd76dea9ec63e4b8166a935cb2a185f4 Mon Sep 17 00:00:00 2001 From: "deepsource-io[bot]" <42547082+deepsource-io[bot]@users.noreply.github.com> Date: Thu, 8 Feb 2024 21:04:41 +0000 Subject: [PATCH 02/39] ci: update .deepsource.toml --- .deepsource.toml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.deepsource.toml b/.deepsource.toml index 6018e7c9..aacc76a6 100644 --- a/.deepsource.toml +++ b/.deepsource.toml @@ -1,5 +1,7 @@ version = 1 +exclude_patterns = ["test/k8s/test.sh"] + [[analyzers]] name = "shell" From 3250efabd1ba1aff94f1c35b4e8f6b931bdbdc54 Mon Sep 17 00:00:00 2001 From: Anupam kumari Date: Sat, 10 Feb 2024 01:46:54 +0530 Subject: [PATCH 03/39] tarian-detector integration --- cmd/tarian-node-agent/cmd/run.go | 5 + go.mod | 3 + go.sum | 12 +++ pkg/nodeagent/nodeagent.go | 94 +++++++++++++++++- pkg/server/ingestion_worker.go | 5 + pkg/tarianpb/const.go | 3 + pkg/tarianpb/types.pb.go | 159 +++++++++++++++++-------------- pkg/tarianpb/types.proto | 4 + 8 files changed, 215 insertions(+), 70 deletions(-) diff --git a/cmd/tarian-node-agent/cmd/run.go b/cmd/tarian-node-agent/cmd/run.go index 31fd567f..ddb39aac 100644 --- a/cmd/tarian-node-agent/cmd/run.go +++ b/cmd/tarian-node-agent/cmd/run.go @@ -6,6 +6,7 @@ import ( "os/signal" "syscall" + "github.com/cilium/ebpf/rlimit" "github.com/kube-tarian/tarian/cmd/tarian-node-agent/cmd/flags" "github.com/kube-tarian/tarian/pkg/log" "github.com/kube-tarian/tarian/pkg/nodeagent" @@ -65,6 +66,10 @@ func (c *runCommand) run(_ *cobra.Command, args []string) error { return fmt.Errorf("host proc is not mounted: %w", err) } + if err := rlimit.RemoveMemlock(); err != nil { + c.logger.Fatal(err) + } + addr := c.clusterAgentHost + ":" + c.clusterAgentPort agent := nodeagent.NewNodeAgent(c.logger, addr) agent.EnableAddConstraint(c.enableAddConstraint) diff --git a/go.mod b/go.mod index 02e83cdc..3a542a91 100644 --- a/go.mod +++ b/go.mod @@ -84,7 +84,9 @@ require ( require ( github.com/aquasecurity/libbpfgo v0.2.5-libbpf-0.7.0 + github.com/cilium/ebpf v0.12.3 github.com/dgraph-io/dgo/v210 v210.0.0-20220113041351-ba0e5dfc4c3e + github.com/intelops/tarian-detector v0.0.0-20230731211348-fd00556994bd github.com/nats-io/nats.go v1.22.1 github.com/sethvargo/go-retry v0.2.4 github.com/sirupsen/logrus v1.9.3 @@ -96,6 +98,7 @@ require github.com/mattn/go-runewidth v0.0.9 // indirect require ( github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/moby/spdystream v0.2.0 // indirect + golang.org/x/exp v0.0.0-20230224173230-c95f2b4c22f2 // indirect ) require ( diff --git a/go.sum b/go.sum index 433cf98d..3e4bd245 100644 --- a/go.sum +++ b/go.sum @@ -66,6 +66,8 @@ github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XL github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= +github.com/cilium/ebpf v0.12.3 h1:8ht6F9MquybnY97at+VDZb3eQQr8ev79RueWeVaEcG4= +github.com/cilium/ebpf v0.12.3/go.mod h1:TctK1ivibvI3znr66ljgi4hqOT8EYQjz1KWBfb1UVgM= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= @@ -97,6 +99,8 @@ github.com/fatih/color v1.10.0/go.mod h1:ELkj/draVOlAH/xkhN6mQ50Qd0MPOk5AAr3maGE github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= github.com/fatih/set v0.2.1 h1:nn2CaJyknWE/6txyUDGwysr3G5QC6xWB/PtVjPBbeaA= github.com/fatih/set v0.2.1/go.mod h1:+RKtMCH+favT2+3YecHGxcc0b4KyVWA1QWWJUs4E0CI= +github.com/frankban/quicktest v1.14.5 h1:dfYrrRyLtiqT9GyKXgdh+k4inNeTvmGbuSgZ3lx3GhA= +github.com/frankban/quicktest v1.14.5/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= @@ -272,6 +276,8 @@ github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= +github.com/intelops/tarian-detector v0.0.0-20230731211348-fd00556994bd h1:FKrUlVyRNON7U6/OvYKhc2xXe8yXZUkmDVGxDZS3wB0= +github.com/intelops/tarian-detector v0.0.0-20230731211348-fd00556994bd/go.mod h1:2K2wafY22B+k3YqSasoE5ql2J7uVFOSJQAWCpCmqu2A= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= @@ -302,6 +308,8 @@ github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxv github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= @@ -416,6 +424,8 @@ github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0ua github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.2.2/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= +github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= github.com/rs/cors v1.8.2/go.mod h1:XyqrcTp5zjWr1wsJ8PIRZssZ8b/WMcMf71DJnit4EMU= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= @@ -518,6 +528,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= +golang.org/x/exp v0.0.0-20230224173230-c95f2b4c22f2 h1:Jvc7gsqn21cJHCmAWx0LiimpP18LZmUxkT5Mp7EZ1mI= +golang.org/x/exp v0.0.0-20230224173230-c95f2b4c22f2/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= diff --git a/pkg/nodeagent/nodeagent.go b/pkg/nodeagent/nodeagent.go index e793e5c5..b88dbd2a 100644 --- a/pkg/nodeagent/nodeagent.go +++ b/pkg/nodeagent/nodeagent.go @@ -2,13 +2,19 @@ package nodeagent import ( "context" + "encoding/json" + "errors" "fmt" + "os" "regexp" "strconv" "strings" "sync" "time" + "github.com/intelops/tarian-detector/pkg/detector" + "github.com/intelops/tarian-detector/pkg/ebpf/c/process_entry" + "github.com/intelops/tarian-detector/pkg/ebpf/c/process_exit" "github.com/kube-tarian/tarian/pkg/tarianpb" "github.com/scylladb/go-set/strset" "github.com/sirupsen/logrus" @@ -101,7 +107,7 @@ func (n *NodeAgent) Run() { defer n.grpcConn.Close() wg := sync.WaitGroup{} - wg.Add(2) + wg.Add(3) go func() { _ = n.loopSyncConstraints(n.cancelCtx) @@ -113,6 +119,11 @@ func (n *NodeAgent) Run() { wg.Done() }() + go func() { + _ = n.loopTarianDetectorReadEvents(n.cancelCtx) + wg.Done() + }() + wg.Wait() } @@ -404,6 +415,87 @@ func (n *NodeAgent) RegisterViolationsAsNewConstraint(violation *ProcessViolatio } } +func (n *NodeAgent) loopTarianDetectorReadEvents(ctx context.Context) error { + processEntryDetector := process_entry.NewProcessEntryDetector() + processExitDetector := process_exit.NewProcessExitDetector() + + eventsDetector := detector.NewEventsDetector() + eventsDetector.Add(processEntryDetector) + eventsDetector.Add(processExitDetector) + + if err := eventsDetector.Start(); err != nil { + //return fmt.Errorf("error while starting tarian detectro: %v", err) + return err + } + + defer eventsDetector.Close() + + go func() { + for { + e, err := eventsDetector.ReadAsInterface() + if errors.Is(err, os.ErrClosed) { + break + } + + if err != nil { + n.logger.Error("tarian-detector: err on reading as interface", "err", err) + continue + } + + switch event := e.(type) { + case *process_entry.EntryEventData: + //binaryFilePath := unix.ByteSliceToString([]byte(event.BinaryFilepath[:])) + //comm := unix.ByteSliceToString([]byte(event.Comm[:])) + detectionDataType := "process_entry.EntryEventData" + data, err := json.Marshal(event) + if err != nil { + n.logger.Error("tarian-detector: error while marshaling json", "err", err, "detectionDataType", detectionDataType) + continue + } + + n.SendDetectionEventToClusterAgent(detectionDataType, string(data)) + n.logger.Info("tarian-detector: process_entry.EntryEventData", "binary_file_path", event.BinaryFilepath, "pid", event.Pid, "comm", event.Comm) + case *process_exit.ExitEventData: + //comm := unix.ByteSliceToString([]byte(event.Comm[:])) + detectionDataType := "process_exit.ExitEventData" + data, err := json.Marshal(event) + if err != nil { + n.logger.Error("tarian-detector: error while marshaling json", "err", err, "detectionDataType", detectionDataType) + continue + } + + n.SendDetectionEventToClusterAgent(detectionDataType, string(data)) + n.logger.Info("tarian-detector: process_exit.ExitEventData", "pid", event.Pid, "comm", event.Comm) + } + } + }() + + <-ctx.Done() + return ctx.Err() +} + +func (n *NodeAgent) SendDetectionEventToClusterAgent(detectionDataType, detectionData string) { + req := tarianpb.IngestEventRequest{ + Event: &tarianpb.Event{ + Type: tarianpb.EventTypeDetection, + ClientTimestamp: timestamppb.New(time.Now()), + Targets: []*tarianpb.Target{ + { + DetectionDataType: detectionDataType, + DetectionData: detectionData, + }, + }, + }, + } + + resp, err := n.eventClient.IngestEvent(context.Background(), &req) + if err != nil { + n.logger.Error("error while sending detection events", "err", err) + } else { + n.logger.Debug("ingest event response", "response", resp) + } +} + // matchLabelsFromPodLabels converts a map of labels to a slice of MatchLabel protobufs. // // Parameters: diff --git a/pkg/server/ingestion_worker.go b/pkg/server/ingestion_worker.go index 44fb73d0..13d646fd 100644 --- a/pkg/server/ingestion_worker.go +++ b/pkg/server/ingestion_worker.go @@ -1,6 +1,8 @@ package server import ( + "encoding/json" + "github.com/kube-tarian/tarian/pkg/protoqueue" "github.com/kube-tarian/tarian/pkg/store" "github.com/kube-tarian/tarian/pkg/tarianpb" @@ -53,7 +55,10 @@ func (iw *IngestionWorker) Start() { continue } + buf, err := json.Marshal(event) + event.ServerTimestamp = timestamppb.Now() + logrus.Info(">> DEBUG IngestionWorker", "event", string(buf)) err = iw.eventStore.Add(event) if err != nil { diff --git a/pkg/tarianpb/const.go b/pkg/tarianpb/const.go index 75a49764..931c7076 100644 --- a/pkg/tarianpb/const.go +++ b/pkg/tarianpb/const.go @@ -17,3 +17,6 @@ const EventTypeFalcoAlert = "falco_alert" // EventTypePodDeleted represents an event type for deleted pods. const EventTypePodDeleted = "pod_deleted" + +// EventTypeDetection represents an event type for tarain-detection. +const EventTypeDetection = "tarian-detection/detection" //prefix which is coming from tarian-detector library and type diff --git a/pkg/tarianpb/types.pb.go b/pkg/tarianpb/types.pb.go index 0af05b83..f49d0a90 100644 --- a/pkg/tarianpb/types.pb.go +++ b/pkg/tarianpb/types.pb.go @@ -748,6 +748,8 @@ type Target struct { ViolatedProcesses []*Process `protobuf:"bytes,2,rep,name=violatedProcesses,proto3" json:"violatedProcesses,omitempty"` ViolatedFiles []*ViolatedFile `protobuf:"bytes,3,rep,name=violatedFiles,proto3" json:"violatedFiles,omitempty"` FalcoAlert *FalcoAlert `protobuf:"bytes,4,opt,name=falcoAlert,proto3,oneof" json:"falcoAlert,omitempty"` + DetectionDataType string `protobuf:"bytes,5,opt,name=detectionDataType,proto3" json:"detectionDataType,omitempty"` + DetectionData string `protobuf:"bytes,6,opt,name=detectionData,proto3" json:"detectionData,omitempty"` } func (x *Target) Reset() { @@ -810,6 +812,20 @@ func (x *Target) GetFalcoAlert() *FalcoAlert { return nil } +func (x *Target) GetDetectionDataType() string { + if x != nil { + return x.DetectionDataType + } + return "" +} + +func (x *Target) GetDetectionData() string { + if x != nil { + return x.DetectionData + } + return "" +} + type Event struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -1096,7 +1112,7 @@ var file_tarianpb_types_proto_rawDesc = []byte{ 0x11, 0x4f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x8a, + 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0xde, 0x02, 0x0a, 0x06, 0x54, 0x61, 0x72, 0x67, 0x65, 0x74, 0x12, 0x25, 0x0a, 0x03, 0x70, 0x6f, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x74, 0x61, 0x72, 0x69, 0x61, 0x6e, 0x70, 0x62, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x50, 0x6f, 0x64, 0x52, 0x03, 0x70, 0x6f, 0x64, @@ -1112,75 +1128,80 @@ var file_tarianpb_types_proto_rawDesc = []byte{ 0x61, 0x6c, 0x63, 0x6f, 0x41, 0x6c, 0x65, 0x72, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x74, 0x61, 0x72, 0x69, 0x61, 0x6e, 0x70, 0x62, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x46, 0x61, 0x6c, 0x63, 0x6f, 0x41, 0x6c, 0x65, 0x72, 0x74, 0x48, 0x00, 0x52, 0x0a, 0x66, - 0x61, 0x6c, 0x63, 0x6f, 0x41, 0x6c, 0x65, 0x72, 0x74, 0x88, 0x01, 0x01, 0x42, 0x0d, 0x0a, 0x0b, - 0x5f, 0x66, 0x61, 0x6c, 0x63, 0x6f, 0x41, 0x6c, 0x65, 0x72, 0x74, 0x22, 0xbd, 0x02, 0x0a, 0x05, - 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x6b, 0x69, 0x6e, 0x64, 0x18, 0x01, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x04, 0x6b, 0x69, 0x6e, 0x64, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x79, 0x70, - 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x10, 0x0a, - 0x03, 0x75, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x75, 0x69, 0x64, 0x12, - 0x44, 0x0a, 0x0f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, - 0x6d, 0x70, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, - 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, - 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x54, 0x69, 0x6d, 0x65, - 0x73, 0x74, 0x61, 0x6d, 0x70, 0x12, 0x44, 0x0a, 0x0f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x54, - 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, - 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, - 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0f, 0x63, 0x6c, 0x69, 0x65, - 0x6e, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x12, 0x3c, 0x0a, 0x0b, 0x61, - 0x6c, 0x65, 0x72, 0x74, 0x53, 0x65, 0x6e, 0x74, 0x41, 0x74, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, - 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, - 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b, 0x61, 0x6c, - 0x65, 0x72, 0x74, 0x53, 0x65, 0x6e, 0x74, 0x41, 0x74, 0x12, 0x30, 0x0a, 0x07, 0x74, 0x61, 0x72, - 0x67, 0x65, 0x74, 0x73, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x74, 0x61, 0x72, - 0x69, 0x61, 0x6e, 0x70, 0x62, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x54, 0x61, 0x72, 0x67, - 0x65, 0x74, 0x52, 0x07, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x73, 0x22, 0xdb, 0x02, 0x0a, 0x06, - 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x12, 0x0a, 0x04, 0x6b, 0x69, 0x6e, 0x64, 0x18, 0x01, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6b, 0x69, 0x6e, 0x64, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x61, - 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6e, - 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, - 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x34, 0x0a, 0x08, - 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x18, + 0x61, 0x6c, 0x63, 0x6f, 0x41, 0x6c, 0x65, 0x72, 0x74, 0x88, 0x01, 0x01, 0x12, 0x2c, 0x0a, 0x11, + 0x64, 0x65, 0x74, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x44, 0x61, 0x74, 0x61, 0x54, 0x79, 0x70, + 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x64, 0x65, 0x74, 0x65, 0x63, 0x74, 0x69, + 0x6f, 0x6e, 0x44, 0x61, 0x74, 0x61, 0x54, 0x79, 0x70, 0x65, 0x12, 0x24, 0x0a, 0x0d, 0x64, 0x65, + 0x74, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x44, 0x61, 0x74, 0x61, 0x18, 0x06, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x0d, 0x64, 0x65, 0x74, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x44, 0x61, 0x74, 0x61, + 0x42, 0x0d, 0x0a, 0x0b, 0x5f, 0x66, 0x61, 0x6c, 0x63, 0x6f, 0x41, 0x6c, 0x65, 0x72, 0x74, 0x22, + 0xbd, 0x02, 0x0a, 0x05, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x6b, 0x69, 0x6e, + 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6b, 0x69, 0x6e, 0x64, 0x12, 0x12, 0x0a, + 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x74, 0x79, 0x70, + 0x65, 0x12, 0x10, 0x0a, 0x03, 0x75, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, + 0x75, 0x69, 0x64, 0x12, 0x44, 0x0a, 0x0f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x54, 0x69, 0x6d, + 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, + 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, + 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, + 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x12, 0x44, 0x0a, 0x0f, 0x63, 0x6c, 0x69, + 0x65, 0x6e, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x05, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, + 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0f, + 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x12, + 0x3c, 0x0a, 0x0b, 0x61, 0x6c, 0x65, 0x72, 0x74, 0x53, 0x65, 0x6e, 0x74, 0x41, 0x74, 0x18, 0x06, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, + 0x52, 0x0b, 0x61, 0x6c, 0x65, 0x72, 0x74, 0x53, 0x65, 0x6e, 0x74, 0x41, 0x74, 0x12, 0x30, 0x0a, + 0x07, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x73, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x74, 0x61, 0x72, 0x69, 0x61, 0x6e, 0x70, 0x62, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, - 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x52, 0x08, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, - 0x6f, 0x72, 0x12, 0x2c, 0x0a, 0x11, 0x6f, 0x6e, 0x56, 0x69, 0x6f, 0x6c, 0x61, 0x74, 0x65, 0x64, - 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x11, 0x6f, - 0x6e, 0x56, 0x69, 0x6f, 0x6c, 0x61, 0x74, 0x65, 0x64, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, - 0x12, 0x26, 0x0a, 0x0e, 0x6f, 0x6e, 0x56, 0x69, 0x6f, 0x6c, 0x61, 0x74, 0x65, 0x64, 0x46, 0x69, - 0x6c, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0e, 0x6f, 0x6e, 0x56, 0x69, 0x6f, 0x6c, - 0x61, 0x74, 0x65, 0x64, 0x46, 0x69, 0x6c, 0x65, 0x12, 0x22, 0x0a, 0x0c, 0x6f, 0x6e, 0x46, 0x61, - 0x6c, 0x63, 0x6f, 0x41, 0x6c, 0x65, 0x72, 0x74, 0x18, 0x07, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0c, - 0x6f, 0x6e, 0x46, 0x61, 0x6c, 0x63, 0x6f, 0x41, 0x6c, 0x65, 0x72, 0x74, 0x12, 0x43, 0x0a, 0x0d, - 0x66, 0x61, 0x6c, 0x63, 0x6f, 0x50, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x18, 0x08, 0x20, - 0x01, 0x28, 0x0e, 0x32, 0x1d, 0x2e, 0x74, 0x61, 0x72, 0x69, 0x61, 0x6e, 0x70, 0x62, 0x2e, 0x74, - 0x79, 0x70, 0x65, 0x73, 0x2e, 0x46, 0x61, 0x6c, 0x63, 0x6f, 0x50, 0x72, 0x69, 0x6f, 0x72, 0x69, - 0x74, 0x79, 0x52, 0x0d, 0x66, 0x61, 0x6c, 0x63, 0x6f, 0x50, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, - 0x79, 0x12, 0x16, 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x09, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2a, 0xd1, 0x02, 0x0a, 0x0d, 0x46, 0x61, - 0x6c, 0x63, 0x6f, 0x50, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, 0x0d, 0x0a, 0x09, 0x45, - 0x4d, 0x45, 0x52, 0x47, 0x45, 0x4e, 0x43, 0x59, 0x10, 0x00, 0x12, 0x0d, 0x0a, 0x09, 0x65, 0x6d, - 0x65, 0x72, 0x67, 0x65, 0x6e, 0x63, 0x79, 0x10, 0x00, 0x12, 0x0d, 0x0a, 0x09, 0x45, 0x6d, 0x65, - 0x72, 0x67, 0x65, 0x6e, 0x63, 0x79, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x41, 0x4c, 0x45, 0x52, - 0x54, 0x10, 0x01, 0x12, 0x09, 0x0a, 0x05, 0x61, 0x6c, 0x65, 0x72, 0x74, 0x10, 0x01, 0x12, 0x09, - 0x0a, 0x05, 0x41, 0x6c, 0x65, 0x72, 0x74, 0x10, 0x01, 0x12, 0x0c, 0x0a, 0x08, 0x43, 0x52, 0x49, - 0x54, 0x49, 0x43, 0x41, 0x4c, 0x10, 0x02, 0x12, 0x0c, 0x0a, 0x08, 0x63, 0x72, 0x69, 0x74, 0x69, - 0x63, 0x61, 0x6c, 0x10, 0x02, 0x12, 0x0c, 0x0a, 0x08, 0x43, 0x72, 0x69, 0x74, 0x69, 0x63, 0x61, - 0x6c, 0x10, 0x02, 0x12, 0x09, 0x0a, 0x05, 0x45, 0x52, 0x52, 0x4f, 0x52, 0x10, 0x03, 0x12, 0x09, - 0x0a, 0x05, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x10, 0x03, 0x12, 0x09, 0x0a, 0x05, 0x45, 0x72, 0x72, - 0x6f, 0x72, 0x10, 0x03, 0x12, 0x0b, 0x0a, 0x07, 0x57, 0x41, 0x52, 0x4e, 0x49, 0x4e, 0x47, 0x10, - 0x04, 0x12, 0x0b, 0x0a, 0x07, 0x77, 0x61, 0x72, 0x6e, 0x69, 0x6e, 0x67, 0x10, 0x04, 0x12, 0x0b, - 0x0a, 0x07, 0x57, 0x61, 0x72, 0x6e, 0x69, 0x6e, 0x67, 0x10, 0x04, 0x12, 0x0a, 0x0a, 0x06, 0x4e, - 0x4f, 0x54, 0x49, 0x43, 0x45, 0x10, 0x05, 0x12, 0x0a, 0x0a, 0x06, 0x6e, 0x6f, 0x74, 0x69, 0x63, - 0x65, 0x10, 0x05, 0x12, 0x0a, 0x0a, 0x06, 0x4e, 0x6f, 0x74, 0x69, 0x63, 0x65, 0x10, 0x05, 0x12, - 0x11, 0x0a, 0x0d, 0x49, 0x4e, 0x46, 0x4f, 0x52, 0x4d, 0x41, 0x54, 0x49, 0x4f, 0x4e, 0x41, 0x4c, - 0x10, 0x06, 0x12, 0x11, 0x0a, 0x0d, 0x69, 0x6e, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, - 0x6e, 0x61, 0x6c, 0x10, 0x06, 0x12, 0x11, 0x0a, 0x0d, 0x49, 0x6e, 0x66, 0x6f, 0x72, 0x6d, 0x61, - 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x10, 0x06, 0x12, 0x09, 0x0a, 0x05, 0x44, 0x45, 0x42, 0x55, - 0x47, 0x10, 0x07, 0x12, 0x09, 0x0a, 0x05, 0x64, 0x65, 0x62, 0x75, 0x67, 0x10, 0x07, 0x12, 0x09, - 0x0a, 0x05, 0x44, 0x65, 0x62, 0x75, 0x67, 0x10, 0x07, 0x1a, 0x02, 0x10, 0x01, 0x42, 0x2c, 0x5a, - 0x2a, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x6b, 0x75, 0x62, 0x65, - 0x2d, 0x74, 0x61, 0x72, 0x69, 0x61, 0x6e, 0x2f, 0x74, 0x61, 0x72, 0x69, 0x61, 0x6e, 0x2f, 0x70, - 0x6b, 0x67, 0x2f, 0x74, 0x61, 0x72, 0x69, 0x61, 0x6e, 0x70, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, - 0x74, 0x6f, 0x33, + 0x54, 0x61, 0x72, 0x67, 0x65, 0x74, 0x52, 0x07, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x73, 0x22, + 0xdb, 0x02, 0x0a, 0x06, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x12, 0x0a, 0x04, 0x6b, 0x69, + 0x6e, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6b, 0x69, 0x6e, 0x64, 0x12, 0x1c, + 0x0a, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x12, 0x0a, 0x04, + 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, + 0x12, 0x34, 0x0a, 0x08, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x18, 0x04, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x18, 0x2e, 0x74, 0x61, 0x72, 0x69, 0x61, 0x6e, 0x70, 0x62, 0x2e, 0x74, 0x79, + 0x70, 0x65, 0x73, 0x2e, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x52, 0x08, 0x73, 0x65, + 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x12, 0x2c, 0x0a, 0x11, 0x6f, 0x6e, 0x56, 0x69, 0x6f, 0x6c, + 0x61, 0x74, 0x65, 0x64, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, + 0x08, 0x52, 0x11, 0x6f, 0x6e, 0x56, 0x69, 0x6f, 0x6c, 0x61, 0x74, 0x65, 0x64, 0x50, 0x72, 0x6f, + 0x63, 0x65, 0x73, 0x73, 0x12, 0x26, 0x0a, 0x0e, 0x6f, 0x6e, 0x56, 0x69, 0x6f, 0x6c, 0x61, 0x74, + 0x65, 0x64, 0x46, 0x69, 0x6c, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0e, 0x6f, 0x6e, + 0x56, 0x69, 0x6f, 0x6c, 0x61, 0x74, 0x65, 0x64, 0x46, 0x69, 0x6c, 0x65, 0x12, 0x22, 0x0a, 0x0c, + 0x6f, 0x6e, 0x46, 0x61, 0x6c, 0x63, 0x6f, 0x41, 0x6c, 0x65, 0x72, 0x74, 0x18, 0x07, 0x20, 0x01, + 0x28, 0x08, 0x52, 0x0c, 0x6f, 0x6e, 0x46, 0x61, 0x6c, 0x63, 0x6f, 0x41, 0x6c, 0x65, 0x72, 0x74, + 0x12, 0x43, 0x0a, 0x0d, 0x66, 0x61, 0x6c, 0x63, 0x6f, 0x50, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, + 0x79, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1d, 0x2e, 0x74, 0x61, 0x72, 0x69, 0x61, 0x6e, + 0x70, 0x62, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x46, 0x61, 0x6c, 0x63, 0x6f, 0x50, 0x72, + 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x0d, 0x66, 0x61, 0x6c, 0x63, 0x6f, 0x50, 0x72, 0x69, + 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, 0x16, 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, + 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2a, 0xd1, 0x02, + 0x0a, 0x0d, 0x46, 0x61, 0x6c, 0x63, 0x6f, 0x50, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, + 0x0d, 0x0a, 0x09, 0x45, 0x4d, 0x45, 0x52, 0x47, 0x45, 0x4e, 0x43, 0x59, 0x10, 0x00, 0x12, 0x0d, + 0x0a, 0x09, 0x65, 0x6d, 0x65, 0x72, 0x67, 0x65, 0x6e, 0x63, 0x79, 0x10, 0x00, 0x12, 0x0d, 0x0a, + 0x09, 0x45, 0x6d, 0x65, 0x72, 0x67, 0x65, 0x6e, 0x63, 0x79, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, + 0x41, 0x4c, 0x45, 0x52, 0x54, 0x10, 0x01, 0x12, 0x09, 0x0a, 0x05, 0x61, 0x6c, 0x65, 0x72, 0x74, + 0x10, 0x01, 0x12, 0x09, 0x0a, 0x05, 0x41, 0x6c, 0x65, 0x72, 0x74, 0x10, 0x01, 0x12, 0x0c, 0x0a, + 0x08, 0x43, 0x52, 0x49, 0x54, 0x49, 0x43, 0x41, 0x4c, 0x10, 0x02, 0x12, 0x0c, 0x0a, 0x08, 0x63, + 0x72, 0x69, 0x74, 0x69, 0x63, 0x61, 0x6c, 0x10, 0x02, 0x12, 0x0c, 0x0a, 0x08, 0x43, 0x72, 0x69, + 0x74, 0x69, 0x63, 0x61, 0x6c, 0x10, 0x02, 0x12, 0x09, 0x0a, 0x05, 0x45, 0x52, 0x52, 0x4f, 0x52, + 0x10, 0x03, 0x12, 0x09, 0x0a, 0x05, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x10, 0x03, 0x12, 0x09, 0x0a, + 0x05, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x10, 0x03, 0x12, 0x0b, 0x0a, 0x07, 0x57, 0x41, 0x52, 0x4e, + 0x49, 0x4e, 0x47, 0x10, 0x04, 0x12, 0x0b, 0x0a, 0x07, 0x77, 0x61, 0x72, 0x6e, 0x69, 0x6e, 0x67, + 0x10, 0x04, 0x12, 0x0b, 0x0a, 0x07, 0x57, 0x61, 0x72, 0x6e, 0x69, 0x6e, 0x67, 0x10, 0x04, 0x12, + 0x0a, 0x0a, 0x06, 0x4e, 0x4f, 0x54, 0x49, 0x43, 0x45, 0x10, 0x05, 0x12, 0x0a, 0x0a, 0x06, 0x6e, + 0x6f, 0x74, 0x69, 0x63, 0x65, 0x10, 0x05, 0x12, 0x0a, 0x0a, 0x06, 0x4e, 0x6f, 0x74, 0x69, 0x63, + 0x65, 0x10, 0x05, 0x12, 0x11, 0x0a, 0x0d, 0x49, 0x4e, 0x46, 0x4f, 0x52, 0x4d, 0x41, 0x54, 0x49, + 0x4f, 0x4e, 0x41, 0x4c, 0x10, 0x06, 0x12, 0x11, 0x0a, 0x0d, 0x69, 0x6e, 0x66, 0x6f, 0x72, 0x6d, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x10, 0x06, 0x12, 0x11, 0x0a, 0x0d, 0x49, 0x6e, 0x66, + 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x10, 0x06, 0x12, 0x09, 0x0a, 0x05, + 0x44, 0x45, 0x42, 0x55, 0x47, 0x10, 0x07, 0x12, 0x09, 0x0a, 0x05, 0x64, 0x65, 0x62, 0x75, 0x67, + 0x10, 0x07, 0x12, 0x09, 0x0a, 0x05, 0x44, 0x65, 0x62, 0x75, 0x67, 0x10, 0x07, 0x1a, 0x02, 0x10, + 0x01, 0x42, 0x2c, 0x5a, 0x2a, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, + 0x6b, 0x75, 0x62, 0x65, 0x2d, 0x74, 0x61, 0x72, 0x69, 0x61, 0x6e, 0x2f, 0x74, 0x61, 0x72, 0x69, + 0x61, 0x6e, 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x74, 0x61, 0x72, 0x69, 0x61, 0x6e, 0x70, 0x62, 0x62, + 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/pkg/tarianpb/types.proto b/pkg/tarianpb/types.proto index 680038ec..2d3f1a34 100644 --- a/pkg/tarianpb/types.proto +++ b/pkg/tarianpb/types.proto @@ -95,6 +95,10 @@ message Target { repeated Process violatedProcesses = 2; repeated ViolatedFile violatedFiles = 3; optional FalcoAlert falcoAlert = 4; + + string detectionDataType = 5; + string detectionData = 6; + } message Event { From 7222a34ab7839f0a13d71ce9e7c707b61910cbd1 Mon Sep 17 00:00:00 2001 From: Anupam kumari Date: Thu, 22 Feb 2024 14:22:08 +0530 Subject: [PATCH 04/39] tarian-detector dev branch intgration --- go.mod | 89 +++++---- go.sum | 231 +++++++++++----------- pkg/clusteragent/webhookserver/manager.go | 2 - pkg/nodeagent/nodeagent.go | 90 ++++----- 4 files changed, 212 insertions(+), 200 deletions(-) diff --git a/go.mod b/go.mod index 3a542a91..ad6e9961 100644 --- a/go.mod +++ b/go.mod @@ -1,23 +1,24 @@ module github.com/kube-tarian/tarian -go 1.21.5 +go 1.22.0 require ( github.com/go-openapi/runtime v0.25.0 github.com/go-openapi/strfmt v0.21.3 github.com/gogo/status v1.1.1 + github.com/intelops/tarian-detector v0.0.0-20240221170533-a311820ee536 github.com/kelseyhightower/envconfig v1.4.0 - github.com/open-policy-agent/cert-controller v0.6.0 + github.com/open-policy-agent/cert-controller v0.10.0 github.com/prometheus/alertmanager v0.24.0 github.com/scylladb/go-set v1.0.2 github.com/stretchr/testify v1.8.4 - google.golang.org/grpc v1.56.3 - google.golang.org/protobuf v1.30.0 + google.golang.org/grpc v1.58.3 + google.golang.org/protobuf v1.31.0 gopkg.in/yaml.v3 v3.0.1 - k8s.io/api v0.26.1 - k8s.io/apimachinery v0.26.1 - k8s.io/client-go v0.26.1 - sigs.k8s.io/controller-runtime v0.14.2 + k8s.io/api v0.29.2 + k8s.io/apimachinery v0.29.2 + k8s.io/client-go v0.29.2 + sigs.k8s.io/controller-runtime v0.17.2 ) require ( @@ -26,28 +27,27 @@ require ( github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/falcosecurity/falcosidekick v0.0.0-20211206092417-aef760059143 - github.com/fsnotify/fsnotify v1.6.0 // indirect - github.com/go-logr/logr v1.2.3 // indirect + github.com/fsnotify/fsnotify v1.7.0 // indirect + github.com/go-logr/logr v1.4.1 // indirect github.com/go-openapi/analysis v0.21.2 // indirect github.com/go-openapi/errors v0.20.2 // indirect - github.com/go-openapi/jsonpointer v0.19.5 // indirect - github.com/go-openapi/jsonreference v0.20.0 // indirect + github.com/go-openapi/jsonpointer v0.19.6 // indirect + github.com/go-openapi/jsonreference v0.20.2 // indirect github.com/go-openapi/loads v0.21.1 // indirect github.com/go-openapi/spec v0.20.4 // indirect - github.com/go-openapi/swag v0.21.1 // indirect + github.com/go-openapi/swag v0.22.3 // indirect github.com/go-openapi/validate v0.21.0 // indirect github.com/gogo/googleapis v1.1.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.3 // indirect - github.com/google/go-cmp v0.5.9 // indirect - github.com/google/gofuzz v1.1.0 // indirect + github.com/google/go-cmp v0.6.0 // indirect + github.com/google/gofuzz v1.2.0 // indirect github.com/google/uuid v1.3.0 // indirect github.com/imdario/mergo v0.3.12 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/mailru/easyjson v0.7.7 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.2 // indirect github.com/mitchellh/mapstructure v1.4.3 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect @@ -55,38 +55,36 @@ require ( github.com/opentracing/opentracing-go v1.2.0 // indirect github.com/pkg/errors v0.9.1 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/prometheus/client_golang v1.14.0 // indirect - github.com/prometheus/client_model v0.3.0 // indirect - github.com/prometheus/common v0.37.0 // indirect - github.com/prometheus/procfs v0.8.0 // indirect + github.com/prometheus/client_golang v1.18.0 // indirect + github.com/prometheus/client_model v0.5.0 // indirect + github.com/prometheus/common v0.45.0 // indirect + github.com/prometheus/procfs v0.12.0 // indirect github.com/spf13/pflag v1.0.5 go.mongodb.org/mongo-driver v1.10.0 // indirect - go.uber.org/atomic v1.10.0 // indirect - go.uber.org/multierr v1.9.0 // indirect - golang.org/x/net v0.17.0 - golang.org/x/oauth2 v0.7.0 // indirect - golang.org/x/sys v0.15.0 + go.uber.org/atomic v1.11.0 // indirect + golang.org/x/net v0.19.0 + golang.org/x/oauth2 v0.12.0 // indirect + golang.org/x/sys v0.16.0 golang.org/x/term v0.15.0 // indirect golang.org/x/text v0.14.0 // indirect golang.org/x/time v0.3.0 // indirect - gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect + gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect google.golang.org/appengine v1.6.7 // indirect - google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 - k8s.io/apiextensions-apiserver v0.26.1 // indirect - k8s.io/component-base v0.26.1 // indirect - k8s.io/klog/v2 v2.80.1 // indirect - k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect - sigs.k8s.io/yaml v1.3.0 // indirect + k8s.io/apiextensions-apiserver v0.29.0 // indirect + k8s.io/component-base v0.29.0 // indirect + k8s.io/klog/v2 v2.110.1 // indirect + k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect + sigs.k8s.io/yaml v1.4.0 // indirect ) require ( github.com/aquasecurity/libbpfgo v0.2.5-libbpf-0.7.0 github.com/cilium/ebpf v0.12.3 github.com/dgraph-io/dgo/v210 v210.0.0-20220113041351-ba0e5dfc4c3e - github.com/intelops/tarian-detector v0.0.0-20230731211348-fd00556994bd + //github.com/intelops/tarian-detector v0.0.0-20230731211348-fd00556994bd github.com/nats-io/nats.go v1.22.1 github.com/sethvargo/go-retry v0.2.4 github.com/sirupsen/logrus v1.9.3 @@ -96,24 +94,29 @@ require ( require github.com/mattn/go-runewidth v0.0.9 // indirect require ( + github.com/google/gnostic-models v0.6.8 // indirect + github.com/gorilla/websocket v1.5.0 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect + github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect github.com/moby/spdystream v0.2.0 // indirect - golang.org/x/exp v0.0.0-20230224173230-c95f2b4c22f2 // indirect + github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect + go.opentelemetry.io/otel/metric v1.19.0 // indirect + golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect ) require ( - github.com/emicklei/go-restful/v3 v3.9.0 // indirect - github.com/evanphx/json-patch/v5 v5.6.0 // indirect + github.com/emicklei/go-restful/v3 v3.11.0 // indirect + github.com/evanphx/json-patch/v5 v5.8.0 // indirect github.com/go-logr/stdr v1.2.2 // indirect - github.com/google/gnostic v0.5.7-v3refs // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/nats-io/nkeys v0.3.0 // indirect github.com/nats-io/nuid v1.0.1 // indirect github.com/olekukonko/tablewriter v0.0.5 - go.opentelemetry.io/otel v1.11.1 // indirect - go.opentelemetry.io/otel/trace v1.11.1 // indirect + go.opentelemetry.io/otel v1.19.0 // indirect + go.opentelemetry.io/otel/trace v1.19.0 // indirect golang.org/x/crypto v0.17.0 // indirect - golang.org/x/sync v0.3.0 - k8s.io/utils v0.0.0-20221128185143-99ec85e7a448 // indirect - sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect + golang.org/x/sync v0.5.0 + k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect + sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect ) diff --git a/go.sum b/go.sum index 3e4bd245..c23f0e17 100644 --- a/go.sum +++ b/go.sum @@ -78,20 +78,16 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/dgraph-io/dgo/v210 v210.0.0-20220113041351-ba0e5dfc4c3e h1:+RV+hvGYPEqTABBflJss35nBDU9GNq4aKVR85dKqSz0= github.com/dgraph-io/dgo/v210 v210.0.0-20220113041351-ba0e5dfc4c3e/go.mod h1:dCzdThGGTPYOAuNtrM6BiXj/86voHn7ZzkPL6noXR3s= github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= -github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153 h1:yUdfgN0XgIJw7foRItutHYUIhlcKzcSf5vDpdhQAKTc= -github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= -github.com/emicklei/go-restful/v3 v3.9.0 h1:XwGDlfxEnQZzuopoqxwSEllNcCOM9DhhFyhFIIGKwxE= -github.com/emicklei/go-restful/v3 v3.9.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= +github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/evanphx/json-patch v0.5.2/go.mod h1:ZWS5hhDbVDyob71nXKNL0+PWn6ToqBHMikGIFbs31qQ= github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84= github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww= -github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= +github.com/evanphx/json-patch/v5 v5.8.0 h1:lRj6N9Nci7MvzrXuX6HFzU8XjmhPiXPlsKEy1u0KQro= +github.com/evanphx/json-patch/v5 v5.8.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= github.com/falcosecurity/falcosidekick v0.0.0-20211206092417-aef760059143 h1:znwjvxOK0uYRfgwX7uqcfEPO15UT/aIOinIGlovxtVg= github.com/falcosecurity/falcosidekick v0.0.0-20211206092417-aef760059143/go.mod h1:P1RVbr7UONeIJHP5dyDa5439p7gUZvpLcK/V/6JP4LA= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= @@ -101,8 +97,8 @@ github.com/fatih/set v0.2.1 h1:nn2CaJyknWE/6txyUDGwysr3G5QC6xWB/PtVjPBbeaA= github.com/fatih/set v0.2.1/go.mod h1:+RKtMCH+favT2+3YecHGxcc0b4KyVWA1QWWJUs4E0CI= github.com/frankban/quicktest v1.14.5 h1:dfYrrRyLtiqT9GyKXgdh+k4inNeTvmGbuSgZ3lx3GhA= github.com/frankban/quicktest v1.14.5/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= -github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= -github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= +github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= +github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= @@ -114,14 +110,14 @@ github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9 github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs= -github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0= -github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= +github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= -github.com/go-logr/zapr v1.2.3 h1:a9vnzlIBPQBBkeaR9IuMUfmVOrQlkoC4YfPoFkX3T7A= -github.com/go-logr/zapr v1.2.3/go.mod h1:eIauM6P8qSvTw5o2ez6UEAfGjQKrxQTl5EoK+Qa2oG4= +github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= +github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= github.com/go-openapi/analysis v0.21.2 h1:hXFrOYFHUAMQdu6zwAiKKJHJQ8kqZs1ux/ru1P1wLJU= github.com/go-openapi/analysis v0.21.2/go.mod h1:HZwRk4RRisyG8vx2Oe6aqeSQcoxRp47Xkp3+K6q+LdY= github.com/go-openapi/errors v0.19.8/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= @@ -129,11 +125,12 @@ github.com/go-openapi/errors v0.19.9/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpX github.com/go-openapi/errors v0.20.2 h1:dxy7PGTqEh94zj2E3h1cUmQQWiM1+aeCROfAr02EmK8= github.com/go-openapi/errors v0.20.2/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonpointer v0.19.5 h1:gZr+CIYByUqjcgeLXnQu2gHYQC9o73G2XUeOFYEICuY= github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= +github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= +github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= github.com/go-openapi/jsonreference v0.19.6/go.mod h1:diGHMEHg2IqXZGKxqyvWdfWU/aim5Dprw5bqpKkTvns= -github.com/go-openapi/jsonreference v0.20.0 h1:MYlu0sBgChmCfJxxUKZ8g1cPWFOB37YSZqewK7OKeyA= -github.com/go-openapi/jsonreference v0.20.0/go.mod h1:Ag74Ico3lPc+zR+qjn4XBUmXymS4zJbYVCZmcgkasdo= +github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= +github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= github.com/go-openapi/loads v0.21.1 h1:Wb3nVZpdEzDTcly8S4HMkey6fjARRzb7iEaySimlDW0= github.com/go-openapi/loads v0.21.1/go.mod h1:/DtAMXXneXFjbQMGEtbamCZb+4x7eGwkvZCvBmwUG+g= github.com/go-openapi/runtime v0.23.1/go.mod h1:AKurw9fNre+h3ELZfk6ILsfvPN+bvvlaU/M9q/r9hpk= @@ -148,8 +145,9 @@ github.com/go-openapi/strfmt v0.21.3 h1:xwhj5X6CjXEZZHMWy1zKJxvW9AfHC9pkyUjLvHtK github.com/go-openapi/strfmt v0.21.3/go.mod h1:k+RzNO0Da+k3FrrynSNN8F7n/peCmQQqbbXjtDfvmGg= github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.15/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= -github.com/go-openapi/swag v0.21.1 h1:wm0rhTb5z7qpJRHBdPOMuY4QjVUMbF6/kwoYeRAOrKU= github.com/go-openapi/swag v0.21.1/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= +github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= +github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= github.com/go-openapi/validate v0.21.0 h1:+Wqk39yKOhfpLqNLEC0/eViCkzM5FVXVqrvt526+wcI= github.com/go-openapi/validate v0.21.0/go.mod h1:rjnrwK57VJ7A8xqfpAOEKRH8yQSGUriMu5/zuPSQ1hg= github.com/go-playground/assert/v2 v2.0.1/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4= @@ -158,6 +156,8 @@ github.com/go-playground/universal-translator v0.17.0/go.mod h1:UkSxE5sNxxRwHyU+ github.com/go-playground/validator/v10 v10.4.1/go.mod h1:nlOn6nFhuKACm19sB/8EGNn9GlaMV7XkbRSipzJ0Ii4= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-stack/stack v1.8.1/go.mod h1:dcoOX6HbPZSZptuspn9bctJ+N/CnF5gGygcUP3XYfe4= +github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= +github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= github.com/gobuffalo/attrs v0.0.0-20190224210810-a9411de4debd/go.mod h1:4duuawTqi2wkkpB4ePgWMaai6/Kc6WEz83bhFwpHzj0= github.com/gobuffalo/depgen v0.0.0-20190329151759-d478694a28d3/go.mod h1:3STtPUQYuzV0gBVOY3vy6CfMm/ljR4pABfrTeHNLHUY= github.com/gobuffalo/depgen v0.1.0/go.mod h1:+ifsuy7fhi15RWncXQQKjWS9JPkdah5sZvtHc2RXGlg= @@ -226,8 +226,8 @@ github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiu github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= -github.com/google/gnostic v0.5.7-v3refs h1:FhTMOKj2VhjpouxvWJAV1TL304uMlb9zcDqkl6cEI54= -github.com/google/gnostic v0.5.7-v3refs/go.mod h1:73MKFl6jIHelAJNaBGFzt3SPtZULs9dYrGFt8OiIsHQ= +github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= +github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= @@ -238,11 +238,12 @@ github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= -github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= +github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= @@ -252,6 +253,8 @@ github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hf github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= +github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= @@ -259,6 +262,8 @@ github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+ github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc= +github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM= @@ -276,9 +281,8 @@ github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= -github.com/intelops/tarian-detector v0.0.0-20230731211348-fd00556994bd h1:FKrUlVyRNON7U6/OvYKhc2xXe8yXZUkmDVGxDZS3wB0= -github.com/intelops/tarian-detector v0.0.0-20230731211348-fd00556994bd/go.mod h1:2K2wafY22B+k3YqSasoE5ql2J7uVFOSJQAWCpCmqu2A= -github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= +github.com/intelops/tarian-detector v0.0.0-20240221170533-a311820ee536 h1:SAs7pifuCKchXZr+6nnRY89qaCEvlsGoKetxYUnzL9Q= +github.com/intelops/tarian-detector v0.0.0-20240221170533-a311820ee536/go.mod h1:vhAXm+xQjOlj6iK3agSjo60PxzP68eFoSk7631FlEmU= github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= @@ -307,7 +311,7 @@ github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxv github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= @@ -333,8 +337,8 @@ github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27k github.com/mattn/go-runewidth v0.0.9 h1:Lm995f3rfxdpd6TSmuVCHVb/QhupuXlYr8sCI/QdE+0= github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/matttproud/golang_protobuf_extensions v1.0.2 h1:hAHbPm5IJGijwng3PWk09JkG9WeqChjprR5s9bBZ+OM= -github.com/matttproud/golang_protobuf_extensions v1.0.2/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= +github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg= +github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k= github.com/miekg/dns v1.1.26/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso= github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= @@ -356,6 +360,8 @@ github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f h1:y5//uYreIhSUg3J1GEMiLbxo1LJaP8RfCpH6pymGZus= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= github.com/nats-io/jwt v1.1.0 h1:+vOlgtM0ZsF46GbmUoadq0/2rChNS45gtxHEa3H1gqM= github.com/nats-io/jwt v1.1.0/go.mod h1:n3cvmLfBfnpV4JJRN7lRYCyZnw48ksGsbThGXEk4w9M= github.com/nats-io/nats-server/v2 v2.1.9 h1:Sxr2zpaapgpBT9ElTxTVe62W+qjnhPcKY/8W5cnA/Qk= @@ -366,19 +372,20 @@ github.com/nats-io/nkeys v0.3.0 h1:cgM5tL53EvYRU+2YLXIK0G2mJtK12Ft9oeooSZMA2G8= github.com/nats-io/nkeys v0.3.0/go.mod h1:gvUNGjVcM2IPr5rCsRsC6Wb3Hr2CQAm08dsxtV6A5y4= github.com/nats-io/nuid v1.0.1 h1:5iA8DT8V7q8WK2EScv2padNa/rTESc1KdnPw4TC2paw= github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/oklog/run v1.1.0/go.mod h1:sVPdnTZT1zYwAJeCMu2Th4T21pA3FPOQRfWjQlk7DVU= github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec= github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY= -github.com/onsi/ginkgo/v2 v2.6.0 h1:9t9b9vRUbFq3C4qKFCGkVuq/fIHji802N1nrtkh1mNc= -github.com/onsi/ginkgo/v2 v2.6.0/go.mod h1:63DOGlLAH8+REH8jUGdL3YpCpu7JODesutUjdENfUAc= -github.com/onsi/gomega v1.24.1 h1:KORJXNNTzJXzu4ScJWssJfJMnJ+2QJqhoQSRwNlze9E= -github.com/onsi/gomega v1.24.1/go.mod h1:3AOiACssS3/MajrniINInwbfOOtfZvplPzuRSmvt1jM= -github.com/open-policy-agent/cert-controller v0.6.0 h1:HBhe1kS0GTk5dRHdklwgJKoGIctWisueIYnIYJu65Q0= -github.com/open-policy-agent/cert-controller v0.6.0/go.mod h1:uOQW+2tMU51vSxy1Yt162oVUTMdqLuotC0aObQxrh6k= +github.com/onsi/ginkgo/v2 v2.14.0 h1:vSmGj2Z5YPb9JwCWT6z6ihcUvDhuXLc3sJiqd3jMKAY= +github.com/onsi/ginkgo/v2 v2.14.0/go.mod h1:JkUdW7JkN0V6rFvsHcJ478egV3XH9NxpD27Hal/PhZw= +github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8= +github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= +github.com/open-policy-agent/cert-controller v0.10.0 h1:9hBJsnpHsBqKR7VVtOHW19mk/a1vQvje6+QSJeRHuDg= +github.com/open-policy-agent/cert-controller v0.10.0/go.mod h1:4uRbBLY5DsPOog+a9pqk3JLxuuhrWsbUedQW65HcLTI= +github.com/open-policy-agent/frameworks/constraint v0.0.0-20230822235116-f0b62fe1e4c4 h1:5dum5SLEz+95JDLkMls7Z7IDPjvSq3UhJSFe4f5einQ= +github.com/open-policy-agent/frameworks/constraint v0.0.0-20230822235116-f0b62fe1e4c4/go.mod h1:54/KzLMvA5ndBVpm7B1OjLeV0cUtTLTz2bZ2OtydLpU= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= @@ -397,21 +404,21 @@ github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5Fsn github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0= github.com/prometheus/client_golang v1.12.1/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY= -github.com/prometheus/client_golang v1.14.0 h1:nJdhIvne2eSX/XRAFV9PcvFFRbrjbcTUj0VP62TMhnw= -github.com/prometheus/client_golang v1.14.0/go.mod h1:8vpkKitgIVNcqrRBWh1C4TIUQgYNtG/XQE4E/Zae36Y= +github.com/prometheus/client_golang v1.18.0 h1:HzFfmkOzH5Q8L8G+kSJKUx5dtG87sewO+FoDDqP5Tbk= +github.com/prometheus/client_golang v1.18.0/go.mod h1:T+GXkCk5wSJyOqMIzVgvvjFDlkOQntgjkJWKrN5txjA= github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.3.0 h1:UBgGFHqYdG/TPFD1B1ogZywDqEkwp3fBMvqdiQ7Xew4= -github.com/prometheus/client_model v0.3.0/go.mod h1:LDGWKZIo7rky3hgvBe+caln+Dr3dPggB5dvjtD7w9+w= +github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw= +github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI= github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc= github.com/prometheus/common v0.29.0/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= github.com/prometheus/common v0.32.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= -github.com/prometheus/common v0.37.0 h1:ccBbHCgIiT9uSoFY0vX8H3zsNR5eLt17/RQLUvn8pXE= -github.com/prometheus/common v0.37.0/go.mod h1:phzohg0JFMnBEFGxTDbfu3QyL5GI8gTQJFhYO5B3mfA= +github.com/prometheus/common v0.45.0 h1:2BGz0eBc2hdMDLnO/8n0jeB3oPrt2D08CekT0lneoxM= +github.com/prometheus/common v0.45.0/go.mod h1:YJmSTw9BoKxJplESWWxlbyttQR4uaEcGyv9MZjVOJsY= github.com/prometheus/common/sigv4 v0.1.0/go.mod h1:2Jkxxk9yYvCkE5G1sQT7GuEXm57JrvHu9k5YwTjsNtI= github.com/prometheus/exporter-toolkit v0.7.1/go.mod h1:ZUBIj498ePooX9t/2xtDjeQYwvRpiPP2lh5u4iblj2g= github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= @@ -419,13 +426,13 @@ github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsT github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= -github.com/prometheus/procfs v0.8.0 h1:ODq8ZFEaYeCaZOJlZZdJA2AbQR98dSHSM1KW/You5mo= -github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0uaxHdg830/4= +github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= +github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.2.2/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= -github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= +github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= +github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= github.com/rs/cors v1.8.2/go.mod h1:XyqrcTp5zjWr1wsJ8PIRZssZ8b/WMcMf71DJnit4EMU= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= @@ -450,18 +457,18 @@ github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRM github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= -github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4= @@ -488,21 +495,23 @@ go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opentelemetry.io/otel v1.11.1 h1:4WLLAmcfkmDk2ukNXJyq3/kiz/3UzCaYq6PskJsaou4= -go.opentelemetry.io/otel v1.11.1/go.mod h1:1nNhXBbWSD0nsL38H6btgnFN2k4i0sNLHNNMZMSbUGE= -go.opentelemetry.io/otel/sdk v1.11.1 h1:F7KmQgoHljhUuJyA+9BiU+EkJfyX5nVVF4wyzWZpKxs= -go.opentelemetry.io/otel/sdk v1.11.1/go.mod h1:/l3FE4SupHJ12TduVjUkZtlfFqDCQJlOlithYrdktys= -go.opentelemetry.io/otel/trace v1.11.1 h1:ofxdnzsNrGBYXbP7t7zpUK281+go5rF7dvdIZXF8gdQ= -go.opentelemetry.io/otel/trace v1.11.1/go.mod h1:f/Q9G7vzk5u91PhbmKbg1Qn0rzH1LJ4vbPHFGkTPtOk= +go.opentelemetry.io/otel v1.19.0 h1:MuS/TNf4/j4IXsZuJegVzI1cwut7Qc00344rgH7p8bs= +go.opentelemetry.io/otel v1.19.0/go.mod h1:i0QyjOq3UPoTzff0PJB2N66fb4S0+rSbSB15/oyH9fY= +go.opentelemetry.io/otel/metric v1.19.0 h1:aTzpGtV0ar9wlV4Sna9sdJyII5jTVJEvKETPiOKwvpE= +go.opentelemetry.io/otel/metric v1.19.0/go.mod h1:L5rUsV9kM1IxCj1MmSdS+JQAcVm319EUrDVLrt7jqt8= +go.opentelemetry.io/otel/sdk v1.19.0 h1:6USY6zH+L8uMH8L3t1enZPR3WFEmSTADlqldyHtJi3o= +go.opentelemetry.io/otel/sdk v1.19.0/go.mod h1:NedEbbS4w3C6zElbLdPJKOpJQOrGUJ+GfzpjUvI0v1A= +go.opentelemetry.io/otel/trace v1.19.0 h1:DFVQmlVbfVeOuBRrwdtaehRrWiL1JoVs9CPIQ1Dzxpg= +go.opentelemetry.io/otel/trace v1.19.0/go.mod h1:mfaSyvGyEJEI0nyV2I4qhNQnbBOUUmYZpYojqMnX2vo= go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ= -go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= -go.uber.org/goleak v1.2.0 h1:xqgm/S+aQvhWFTtR0XK3Jvg7z8kGV8P4X14IzwN3Eqk= -go.uber.org/goleak v1.2.0/go.mod h1:XJYK+MuIchqpmGmUSAzotztawfKvYLUIgg7guXrwVUo= -go.uber.org/multierr v1.9.0 h1:7fIwc/ZtS0q++VgcfqFDxSBZVv/Xo49/SYnDFupUwlI= -go.uber.org/multierr v1.9.0/go.mod h1:X2jQV1h+kxSjClGpnseKVIxpmcjrj7MNnI0bnlfKTVQ= -go.uber.org/zap v1.24.0 h1:FiJd5l1UOLj0wCgbSE0rwwXHzEdAZS6hiiSnxJN/D60= -go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= +go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE= +go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= +go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= +go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= +go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= +go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190422162423-af44ce270edf/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE= @@ -528,8 +537,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/exp v0.0.0-20230224173230-c95f2b4c22f2 h1:Jvc7gsqn21cJHCmAWx0LiimpP18LZmUxkT5Mp7EZ1mI= -golang.org/x/exp v0.0.0-20230224173230-c95f2b4c22f2/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc= +golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa h1:FRnLl4eNAQl8hwxVVC17teOw8kdjVDVAiFMtgUdTSRQ= +golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa/go.mod h1:zk2irFbV9DP96SEBUUAy67IdHUaZuSnrz1n472HUCLE= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -589,17 +598,16 @@ golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= -golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= +golang.org/x/net v0.19.0 h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c= +golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= -golang.org/x/oauth2 v0.7.0 h1:qe6s0zUXlPX80/dITx3440hWZ7GwMwgDDyrSGTPJG/g= -golang.org/x/oauth2 v0.7.0/go.mod h1:hPLQkd9LyjfXTiRohC/41GhcFqxisoUQ99sCUOHO9x4= +golang.org/x/oauth2 v0.12.0 h1:smVPGxink+n1ZI5pkQa8y6fZT0RW0MgCO5bFpepy4B4= +golang.org/x/oauth2 v0.12.0/go.mod h1:A74bZ3aGXgCY0qaIC9Ahg6Lglin4AMAco8cIv9baba4= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -612,8 +620,8 @@ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E= -golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= +golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE= +golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -668,9 +676,8 @@ golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= -golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU= +golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= @@ -739,12 +746,14 @@ golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.9/go.mod h1:nABZi5QlRsZVlzPpHl034qft6wpY4eDcsTt5AaioBiU= +golang.org/x/tools v0.16.1 h1:TLyB3WofjdOEepBHAU20JdNC1Zbg87elYofWYAY5oZA= +golang.org/x/tools v0.16.1/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -gomodules.xyz/jsonpatch/v2 v2.2.0 h1:4pT439QV83L+G9FkcCriY6EkpcK6r6bK+A5FBUMI7qY= -gomodules.xyz/jsonpatch/v2 v2.2.0/go.mod h1:WXp+iVDkoLQqPudfQ9GBlwB2eZ5DKOnjQZCYdOS8GPY= +gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= +gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= @@ -799,9 +808,8 @@ google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7Fc google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 h1:KpwkzHKEF7B9Zxg18WzOa7djJ+Ha5DzthMyZYQfEn2A= -google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1/go.mod h1:nKE/iIaLqn2bQwXBg8f1g2Ylh6r5MN5CmZvuzZCgsCU= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d h1:uvYuEyMHKNt+lT4K3bN6fGswmK8qSvcreM3BwjDh+y4= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= google.golang.org/grpc v1.12.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= @@ -815,8 +823,8 @@ google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKa google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.56.3 h1:8I4C0Yq1EjstUzUJzpcRVbuYA2mODtEmpWiQoN/b2nc= -google.golang.org/grpc v1.56.3/go.mod h1:I9bI3vqKfayGqPUAwGdOSu7kt6oIJLixfffKrpXqQ9s= +google.golang.org/grpc v1.58.3 h1:BjnpXut1btbtgN/6sp+brB2Kbm2LjNXnidYujAVbSoQ= +google.golang.org/grpc v1.58.3/go.mod h1:tgX3ZQDlNJGU96V6yHh1T/JeoBQ2TXdr43YbYSsCJk0= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -829,14 +837,15 @@ google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGj google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng= -google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= +google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU= gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= @@ -862,32 +871,32 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.26.1 h1:f+SWYiPd/GsiWwVRz+NbFyCgvv75Pk9NK6dlkZgpCRQ= -k8s.io/api v0.26.1/go.mod h1:xd/GBNgR0f707+ATNyPmQ1oyKSgndzXij81FzWGsejg= -k8s.io/apiextensions-apiserver v0.26.1 h1:cB8h1SRk6e/+i3NOrQgSFij1B2S0Y0wDoNl66bn8RMI= -k8s.io/apiextensions-apiserver v0.26.1/go.mod h1:AptjOSXDGuE0JICx/Em15PaoO7buLwTs0dGleIHixSM= -k8s.io/apimachinery v0.26.1 h1:8EZ/eGJL+hY/MYCNwhmDzVqq2lPl3N3Bo8rvweJwXUQ= -k8s.io/apimachinery v0.26.1/go.mod h1:tnPmbONNJ7ByJNz9+n9kMjNP8ON+1qoAIIC70lztu74= -k8s.io/client-go v0.26.1 h1:87CXzYJnAMGaa/IDDfRdhTzxk/wzGZ+/HUQpqgVSZXU= -k8s.io/client-go v0.26.1/go.mod h1:IWNSglg+rQ3OcvDkhY6+QLeasV4OYHDjdqeWkDQZwGE= -k8s.io/component-base v0.26.1 h1:4ahudpeQXHZL5kko+iDHqLj/FSGAEUnSVO0EBbgDd+4= -k8s.io/component-base v0.26.1/go.mod h1:VHrLR0b58oC035w6YQiBSbtsf0ThuSwXP+p5dD/kAWU= -k8s.io/klog/v2 v2.80.1 h1:atnLQ121W371wYYFawwYx1aEY2eUfs4l3J72wtgAwV4= -k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kube-aggregator v0.23.2 h1:6CoZZqNdFc9benrgSJJ0GQGgFtKjI0y3UwlBbioXtc8= -k8s.io/kube-aggregator v0.23.2/go.mod h1:hoxP4rZREnjCJmrb0pHFPqm7+pkxoFjh8IpXL7OBWRA= -k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 h1:+70TFaan3hfJzs+7VK2o+OGxg8HsuBr/5f6tVAjDu6E= -k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280/go.mod h1:+Axhij7bCpeqhklhUTe3xmOn6bWxolyZEeyaFpjGtl4= -k8s.io/utils v0.0.0-20221128185143-99ec85e7a448 h1:KTgPnR10d5zhztWptI952TNtt/4u5h3IzDXkdIMuo2Y= -k8s.io/utils v0.0.0-20221128185143-99ec85e7a448/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/api v0.29.2 h1:hBC7B9+MU+ptchxEqTNW2DkUosJpp1P+Wn6YncZ474A= +k8s.io/api v0.29.2/go.mod h1:sdIaaKuU7P44aoyyLlikSLayT6Vb7bvJNCX105xZXY0= +k8s.io/apiextensions-apiserver v0.29.0 h1:0VuspFG7Hj+SxyF/Z/2T0uFbI5gb5LRgEyUVE3Q4lV0= +k8s.io/apiextensions-apiserver v0.29.0/go.mod h1:TKmpy3bTS0mr9pylH0nOt/QzQRrW7/h7yLdRForMZwc= +k8s.io/apimachinery v0.29.2 h1:EWGpfJ856oj11C52NRCHuU7rFDwxev48z+6DSlGNsV8= +k8s.io/apimachinery v0.29.2/go.mod h1:6HVkd1FwxIagpYrHSwJlQqZI3G9LfYWRPAkUvLnXTKU= +k8s.io/client-go v0.29.2 h1:FEg85el1TeZp+/vYJM7hkDlSTFZ+c5nnK44DJ4FyoRg= +k8s.io/client-go v0.29.2/go.mod h1:knlvFZE58VpqbQpJNbCbctTVXcd35mMyAAwBdpt4jrA= +k8s.io/component-base v0.29.0 h1:T7rjd5wvLnPBV1vC4zWd/iWRbV8Mdxs+nGaoaFzGw3s= +k8s.io/component-base v0.29.0/go.mod h1:sADonFTQ9Zc9yFLghpDpmNXEdHyQmFIGbiuZbqAXQ1M= +k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0= +k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo= +k8s.io/kube-aggregator v0.28.1 h1:rvG4llYnQKHjj6YjjoBPEJxfD1uH0DJwkrJTNKGAaCs= +k8s.io/kube-aggregator v0.28.1/go.mod h1:JaLizMe+AECSpO2OmrWVsvnG0V3dX1RpW+Wq/QHbu18= +k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780= +k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= -sigs.k8s.io/controller-runtime v0.14.2 h1:P6IwDhbsRWsBClt/8/h8Zy36bCuGuW5Op7MHpFrN/60= -sigs.k8s.io/controller-runtime v0.14.2/go.mod h1:WqIdsAY6JBsjfc/CqO0CORmNtoCtE4S6qbPc9s68h+0= -sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 h1:iXTIw73aPyC+oRdyqqvVJuloN1p0AC/kzH07hu3NE+k= -sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= -sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= -sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= +sigs.k8s.io/controller-runtime v0.17.2 h1:FwHwD1CTUemg0pW2otk7/U5/i5m2ymzvOXdbeGOUvw0= +sigs.k8s.io/controller-runtime v0.17.2/go.mod h1:+MngTvIQQQhfXtwfdGw/UOQ/aIaqsYywfCINOtwMO/s= +sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= +sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= +sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= +sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= diff --git a/pkg/clusteragent/webhookserver/manager.go b/pkg/clusteragent/webhookserver/manager.go index b3c2e9f1..b2f9a73a 100644 --- a/pkg/clusteragent/webhookserver/manager.go +++ b/pkg/clusteragent/webhookserver/manager.go @@ -45,8 +45,6 @@ func init() { func NewManager(logger *logrus.Logger, port int, healthProbeBindAddress string, leaderElection bool) (manager.Manager, error) { mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{ Scheme: scheme, - MetricsBindAddress: "0", - Port: port, HealthProbeBindAddress: healthProbeBindAddress, LeaderElection: leaderElection, LeaderElectionID: leaderElectionID, diff --git a/pkg/nodeagent/nodeagent.go b/pkg/nodeagent/nodeagent.go index b88dbd2a..37b835df 100644 --- a/pkg/nodeagent/nodeagent.go +++ b/pkg/nodeagent/nodeagent.go @@ -3,9 +3,8 @@ package nodeagent import ( "context" "encoding/json" - "errors" "fmt" - "os" + "log" "regexp" "strconv" "strings" @@ -13,8 +12,7 @@ import ( "time" "github.com/intelops/tarian-detector/pkg/detector" - "github.com/intelops/tarian-detector/pkg/ebpf/c/process_entry" - "github.com/intelops/tarian-detector/pkg/ebpf/c/process_exit" + "github.com/intelops/tarian-detector/tarian" "github.com/kube-tarian/tarian/pkg/tarianpb" "github.com/scylladb/go-set/strset" "github.com/sirupsen/logrus" @@ -107,17 +105,17 @@ func (n *NodeAgent) Run() { defer n.grpcConn.Close() wg := sync.WaitGroup{} - wg.Add(3) + wg.Add(2) go func() { _ = n.loopSyncConstraints(n.cancelCtx) wg.Done() }() - go func() { + /*go func() { _ = n.loopValidateProcesses(n.cancelCtx) wg.Done() - }() + }()*/ go func() { _ = n.loopTarianDetectorReadEvents(n.cancelCtx) @@ -416,57 +414,61 @@ func (n *NodeAgent) RegisterViolationsAsNewConstraint(violation *ProcessViolatio } func (n *NodeAgent) loopTarianDetectorReadEvents(ctx context.Context) error { - processEntryDetector := process_entry.NewProcessEntryDetector() - processExitDetector := process_exit.NewProcessExitDetector() + //---------------tarian-detector dev branch code integration--------------- + tarianEbpfModule, err := tarian.GetModule() + if err != nil { + log.Fatal(err) + } + + tarianDetector, err := tarianEbpfModule.Prepare() + if err != nil { + log.Fatal(err) + } + // Instantiate event detectors eventsDetector := detector.NewEventsDetector() - eventsDetector.Add(processEntryDetector) - eventsDetector.Add(processExitDetector) - if err := eventsDetector.Start(); err != nil { - //return fmt.Errorf("error while starting tarian detectro: %v", err) - return err - } + // Add ebpf programs to detectors + eventsDetector.Add(tarianDetector) + // Start and defer Close + err = eventsDetector.Start() + if err != nil { + log.Fatal(err) + } defer eventsDetector.Close() + log.Printf("%d probes running...\n", eventsDetector.Count()) + go func() { for { - e, err := eventsDetector.ReadAsInterface() - if errors.Is(err, os.ErrClosed) { - break + event, err := eventsDetector.ReadAsInterface() + if err != nil { + log.Print(err) + continue } + /*k8sCtx, err := GetK8sContext(watcher, e["hostProcessId"].(uint32)) if err != nil { - n.logger.Error("tarian-detector: err on reading as interface", "err", err) + e["kubernetes"] = err.Error() + } else { + e["kubernetes"] = k8sCtx + }*/ + + // utils.PrintEvent(e, eventsDetector.GetTotalCount()) + detectionDataType := event["eventId"].(string) + byteData, err := json.Marshal(event) + if err != nil { + fmt.Errorf("********tarian-detector: error while marshaling json", "err", err, "detectionDataType", detectionDataType) + n.logger.Error("tarian-detector: error while marshaling json", "err", err, "detectionDataType", detectionDataType) continue } - switch event := e.(type) { - case *process_entry.EntryEventData: - //binaryFilePath := unix.ByteSliceToString([]byte(event.BinaryFilepath[:])) - //comm := unix.ByteSliceToString([]byte(event.Comm[:])) - detectionDataType := "process_entry.EntryEventData" - data, err := json.Marshal(event) - if err != nil { - n.logger.Error("tarian-detector: error while marshaling json", "err", err, "detectionDataType", detectionDataType) - continue - } - - n.SendDetectionEventToClusterAgent(detectionDataType, string(data)) - n.logger.Info("tarian-detector: process_entry.EntryEventData", "binary_file_path", event.BinaryFilepath, "pid", event.Pid, "comm", event.Comm) - case *process_exit.ExitEventData: - //comm := unix.ByteSliceToString([]byte(event.Comm[:])) - detectionDataType := "process_exit.ExitEventData" - data, err := json.Marshal(event) - if err != nil { - n.logger.Error("tarian-detector: error while marshaling json", "err", err, "detectionDataType", detectionDataType) - continue - } - - n.SendDetectionEventToClusterAgent(detectionDataType, string(data)) - n.logger.Info("tarian-detector: process_exit.ExitEventData", "pid", event.Pid, "comm", event.Comm) - } + n.SendDetectionEventToClusterAgent(detectionDataType, string(byteData)) + fmt.Println("********tarian-detector: ", detectionDataType, "binary_file_path", event["directory"], "hostProcessId", event["hostProcessId"], "processId", + event["processId"], "comm", event["processName"]) + n.logger.Info("tarian-detector: ", detectionDataType, "binary_file_path", event["directory"], "hostProcessId", event["hostProcessId"], + "processId", event["processId"], "comm", event["processName"]) } }() From 0c92a5363e07720e4d99fbfb3a917e5d9c65b019 Mon Sep 17 00:00:00 2001 From: Anupam kumari Date: Thu, 22 Feb 2024 14:30:06 +0530 Subject: [PATCH 05/39] reverting unwanted file changes --- .deepsource.toml | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/.deepsource.toml b/.deepsource.toml index aacc76a6..93c41638 100644 --- a/.deepsource.toml +++ b/.deepsource.toml @@ -1,12 +1,22 @@ version = 1 -exclude_patterns = ["test/k8s/test.sh"] +[[analyzers]] +name = "secrets" +enabled = true + +[[analyzers]] +name = "docker" +enabled = true [[analyzers]] -name = "shell" +name = "test-coverage" +enabled = false [[analyzers]] name = "go" +enabled = true [analyzers.meta] - import_root = "github.com/kumari-anupam/tarian" \ No newline at end of file + import_root = "github.com/kube-tarian/tarian" + dependencies_vendored = true + \ No newline at end of file From 5529847992669f35c00a0568ed3d8035b7a36532 Mon Sep 17 00:00:00 2001 From: Anupam kumari Date: Sun, 25 Feb 2024 18:00:23 +0530 Subject: [PATCH 06/39] rebase tarian-detector code integration --- go.mod | 39 +++++++------- go.sum | 101 +++++++++++++++++++------------------ pkg/nodeagent/nodeagent.go | 36 ++++++------- 3 files changed, 87 insertions(+), 89 deletions(-) diff --git a/go.mod b/go.mod index ad6e9961..a49041ea 100644 --- a/go.mod +++ b/go.mod @@ -6,14 +6,13 @@ require ( github.com/go-openapi/runtime v0.25.0 github.com/go-openapi/strfmt v0.21.3 github.com/gogo/status v1.1.1 - github.com/intelops/tarian-detector v0.0.0-20240221170533-a311820ee536 github.com/kelseyhightower/envconfig v1.4.0 github.com/open-policy-agent/cert-controller v0.10.0 github.com/prometheus/alertmanager v0.24.0 github.com/scylladb/go-set v1.0.2 github.com/stretchr/testify v1.8.4 google.golang.org/grpc v1.58.3 - google.golang.org/protobuf v1.31.0 + google.golang.org/protobuf v1.32.0 gopkg.in/yaml.v3 v3.0.1 k8s.io/api v0.29.2 k8s.io/apimachinery v0.29.2 @@ -31,11 +30,11 @@ require ( github.com/go-logr/logr v1.4.1 // indirect github.com/go-openapi/analysis v0.21.2 // indirect github.com/go-openapi/errors v0.20.2 // indirect - github.com/go-openapi/jsonpointer v0.19.6 // indirect - github.com/go-openapi/jsonreference v0.20.2 // indirect + github.com/go-openapi/jsonpointer v0.20.2 // indirect + github.com/go-openapi/jsonreference v0.20.4 // indirect github.com/go-openapi/loads v0.21.1 // indirect github.com/go-openapi/spec v0.20.4 // indirect - github.com/go-openapi/swag v0.22.3 // indirect + github.com/go-openapi/swag v0.22.9 // indirect github.com/go-openapi/validate v0.21.0 // indirect github.com/gogo/googleapis v1.1.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect @@ -43,7 +42,7 @@ require ( github.com/golang/protobuf v1.5.3 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect - github.com/google/uuid v1.3.0 // indirect + github.com/google/uuid v1.6.0 // indirect github.com/imdario/mergo v0.3.12 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect @@ -62,29 +61,29 @@ require ( github.com/spf13/pflag v1.0.5 go.mongodb.org/mongo-driver v1.10.0 // indirect go.uber.org/atomic v1.11.0 // indirect - golang.org/x/net v0.19.0 - golang.org/x/oauth2 v0.12.0 // indirect - golang.org/x/sys v0.16.0 - golang.org/x/term v0.15.0 // indirect + golang.org/x/net v0.21.0 + golang.org/x/oauth2 v0.17.0 // indirect + golang.org/x/sys v0.17.0 + golang.org/x/term v0.17.0 // indirect golang.org/x/text v0.14.0 // indirect - golang.org/x/time v0.3.0 // indirect + golang.org/x/time v0.5.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/appengine v1.6.7 // indirect + google.golang.org/appengine v1.6.8 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 k8s.io/apiextensions-apiserver v0.29.0 // indirect k8s.io/component-base v0.29.0 // indirect - k8s.io/klog/v2 v2.110.1 // indirect - k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect + k8s.io/klog/v2 v2.120.1 // indirect + k8s.io/kube-openapi v0.0.0-20240221221325-2ac9dc51f3f1 // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect sigs.k8s.io/yaml v1.4.0 // indirect ) require ( github.com/aquasecurity/libbpfgo v0.2.5-libbpf-0.7.0 - github.com/cilium/ebpf v0.12.3 + github.com/cilium/ebpf v0.13.1 github.com/dgraph-io/dgo/v210 v210.0.0-20220113041351-ba0e5dfc4c3e - //github.com/intelops/tarian-detector v0.0.0-20230731211348-fd00556994bd + github.com/intelops/tarian-detector v0.0.0-20240223205958-674f5351cece github.com/nats-io/nats.go v1.22.1 github.com/sethvargo/go-retry v0.2.4 github.com/sirupsen/logrus v1.9.3 @@ -101,12 +100,12 @@ require ( github.com/moby/spdystream v0.2.0 // indirect github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect go.opentelemetry.io/otel/metric v1.19.0 // indirect - golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa // indirect + golang.org/x/exp v0.0.0-20240213143201-ec583247a57a // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect ) require ( - github.com/emicklei/go-restful/v3 v3.11.0 // indirect + github.com/emicklei/go-restful/v3 v3.11.2 // indirect github.com/evanphx/json-patch/v5 v5.8.0 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect @@ -115,8 +114,8 @@ require ( github.com/olekukonko/tablewriter v0.0.5 go.opentelemetry.io/otel v1.19.0 // indirect go.opentelemetry.io/otel/trace v1.19.0 // indirect - golang.org/x/crypto v0.17.0 // indirect + golang.org/x/crypto v0.19.0 // indirect golang.org/x/sync v0.5.0 - k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect + k8s.io/utils v0.0.0-20240102154912-e7106e64919e // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect ) diff --git a/go.sum b/go.sum index c23f0e17..34690922 100644 --- a/go.sum +++ b/go.sum @@ -66,8 +66,8 @@ github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XL github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/cilium/ebpf v0.12.3 h1:8ht6F9MquybnY97at+VDZb3eQQr8ev79RueWeVaEcG4= -github.com/cilium/ebpf v0.12.3/go.mod h1:TctK1ivibvI3znr66ljgi4hqOT8EYQjz1KWBfb1UVgM= +github.com/cilium/ebpf v0.13.1 h1:HS+79DRNPhE0fp5wUz8QiYfp2kF34ndLEZHtUAJE52U= +github.com/cilium/ebpf v0.13.1/go.mod h1:DHp1WyrLeiBh19Cf/tfiSMhqheEiK8fXFZ4No0P1Hso= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= @@ -78,8 +78,8 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/dgraph-io/dgo/v210 v210.0.0-20220113041351-ba0e5dfc4c3e h1:+RV+hvGYPEqTABBflJss35nBDU9GNq4aKVR85dKqSz0= github.com/dgraph-io/dgo/v210 v210.0.0-20220113041351-ba0e5dfc4c3e/go.mod h1:dCzdThGGTPYOAuNtrM6BiXj/86voHn7ZzkPL6noXR3s= github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= -github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= -github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.11.2 h1:1onLa9DcsMYO9P+CXaL0dStDqQ2EHHXLiz+BtnqkLAU= +github.com/emicklei/go-restful/v3 v3.11.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= @@ -95,8 +95,6 @@ github.com/fatih/color v1.10.0/go.mod h1:ELkj/draVOlAH/xkhN6mQ50Qd0MPOk5AAr3maGE github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= github.com/fatih/set v0.2.1 h1:nn2CaJyknWE/6txyUDGwysr3G5QC6xWB/PtVjPBbeaA= github.com/fatih/set v0.2.1/go.mod h1:+RKtMCH+favT2+3YecHGxcc0b4KyVWA1QWWJUs4E0CI= -github.com/frankban/quicktest v1.14.5 h1:dfYrrRyLtiqT9GyKXgdh+k4inNeTvmGbuSgZ3lx3GhA= -github.com/frankban/quicktest v1.14.5/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= @@ -111,7 +109,6 @@ github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= @@ -126,11 +123,11 @@ github.com/go-openapi/errors v0.20.2 h1:dxy7PGTqEh94zj2E3h1cUmQQWiM1+aeCROfAr02E github.com/go-openapi/errors v0.20.2/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= -github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= +github.com/go-openapi/jsonpointer v0.20.2 h1:mQc3nmndL8ZBzStEo3JYF8wzmeWffDH4VbXz58sAx6Q= +github.com/go-openapi/jsonpointer v0.20.2/go.mod h1:bHen+N0u1KEO3YlmqOjTT9Adn1RfD91Ar825/PuiRVs= github.com/go-openapi/jsonreference v0.19.6/go.mod h1:diGHMEHg2IqXZGKxqyvWdfWU/aim5Dprw5bqpKkTvns= -github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= -github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= +github.com/go-openapi/jsonreference v0.20.4 h1:bKlDxQxQJgwpUSgOENiMPzCTBVuc7vTdXSSgNeAhojU= +github.com/go-openapi/jsonreference v0.20.4/go.mod h1:5pZJyJP2MnYCpoeoMAql78cCHauHj0V9Lhc506VOpw4= github.com/go-openapi/loads v0.21.1 h1:Wb3nVZpdEzDTcly8S4HMkey6fjARRzb7iEaySimlDW0= github.com/go-openapi/loads v0.21.1/go.mod h1:/DtAMXXneXFjbQMGEtbamCZb+4x7eGwkvZCvBmwUG+g= github.com/go-openapi/runtime v0.23.1/go.mod h1:AKurw9fNre+h3ELZfk6ILsfvPN+bvvlaU/M9q/r9hpk= @@ -146,14 +143,16 @@ github.com/go-openapi/strfmt v0.21.3/go.mod h1:k+RzNO0Da+k3FrrynSNN8F7n/peCmQQqb github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.15/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-openapi/swag v0.21.1/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= -github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= -github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-openapi/swag v0.22.9 h1:XX2DssF+mQKM2DHsbgZK74y/zj4mo9I99+89xUmuZCE= +github.com/go-openapi/swag v0.22.9/go.mod h1:3/OXnFfnMAwBD099SwYRk7GD3xOrr1iL7d/XNLXVVwE= github.com/go-openapi/validate v0.21.0 h1:+Wqk39yKOhfpLqNLEC0/eViCkzM5FVXVqrvt526+wcI= github.com/go-openapi/validate v0.21.0/go.mod h1:rjnrwK57VJ7A8xqfpAOEKRH8yQSGUriMu5/zuPSQ1hg= github.com/go-playground/assert/v2 v2.0.1/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4= github.com/go-playground/locales v0.13.0/go.mod h1:taPMhCMXrRLJO55olJkUXHZBHCxTMfnGwq/HNwmWNS8= github.com/go-playground/universal-translator v0.17.0/go.mod h1:UkSxE5sNxxRwHyU+Scu5vgOQjsIJAF8j9muTVoKLVtA= github.com/go-playground/validator/v10 v10.4.1/go.mod h1:nlOn6nFhuKACm19sB/8EGNn9GlaMV7XkbRSipzJ0Ii4= +github.com/go-quicktest/qt v1.101.0 h1:O1K29Txy5P2OK0dGo59b7b0LR6wKfIhttaAhHUyn7eI= +github.com/go-quicktest/qt v1.101.0/go.mod h1:14Bz/f7NwaXPtdYEgzsx46kqSxVwTbzVZsDC26tQJow= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-stack/stack v1.8.1/go.mod h1:dcoOX6HbPZSZptuspn9bctJ+N/CnF5gGygcUP3XYfe4= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= @@ -257,8 +256,8 @@ github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJY github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= -github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= @@ -281,8 +280,8 @@ github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= -github.com/intelops/tarian-detector v0.0.0-20240221170533-a311820ee536 h1:SAs7pifuCKchXZr+6nnRY89qaCEvlsGoKetxYUnzL9Q= -github.com/intelops/tarian-detector v0.0.0-20240221170533-a311820ee536/go.mod h1:vhAXm+xQjOlj6iK3agSjo60PxzP68eFoSk7631FlEmU= +github.com/intelops/tarian-detector v0.0.0-20240223205958-674f5351cece h1:lai7AMQVv7tyoNqYdt4u4ibaxT5CjvoCI0paH2rpVJY= +github.com/intelops/tarian-detector v0.0.0-20240223205958-674f5351cece/go.mod h1:u7VW9+KOi2ujvIevz/LtfaXkjfkBp7BKgGuPcSq814E= github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= @@ -311,7 +310,6 @@ github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxv github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= @@ -431,8 +429,8 @@ github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3c github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.2.2/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= -github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= +github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= +github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= github.com/rs/cors v1.8.2/go.mod h1:XyqrcTp5zjWr1wsJ8PIRZssZ8b/WMcMf71DJnit4EMU= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= @@ -460,7 +458,6 @@ github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= @@ -468,7 +465,6 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4= @@ -485,6 +481,7 @@ github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= go.mongodb.org/mongo-driver v1.7.3/go.mod h1:NqaYOwnXWr5Pm7AOpO5QFxKJ503nbMse/R79oO62zWg= go.mongodb.org/mongo-driver v1.7.5/go.mod h1:VXEWRZ6URJIkUq2SCAyapmhH0ZLRBP+FT4xhp5Zvxng= go.mongodb.org/mongo-driver v1.8.3/go.mod h1:0sQWfOeY63QTntERDJJ/0SuKK0T1uVSgKCuAROlKEPY= @@ -524,9 +521,10 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20201216223049-8b5274cf687f/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210314154223-e6e6c4f2bb5b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k= -golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= +golang.org/x/crypto v0.19.0 h1:ENy+Az/9Y1vSrlrvBSyna3PITt4tiZLf7sgCjZBX7Wo= +golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -537,8 +535,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa h1:FRnLl4eNAQl8hwxVVC17teOw8kdjVDVAiFMtgUdTSRQ= -golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa/go.mod h1:zk2irFbV9DP96SEBUUAy67IdHUaZuSnrz1n472HUCLE= +golang.org/x/exp v0.0.0-20240213143201-ec583247a57a h1:HinSgX1tJRX3KsL//Gxynpw5CTOAIPhgL4W8PNiIpVE= +golang.org/x/exp v0.0.0-20240213143201-ec583247a57a/go.mod h1:CxmFvTBINI24O/j8iY7H1xHzx2i4OsyguNBmN/uPtqc= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -560,6 +558,7 @@ golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzB golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.5.1/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro= +golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -598,16 +597,17 @@ golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.19.0 h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c= -golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= +golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4= +golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.12.0 h1:smVPGxink+n1ZI5pkQa8y6fZT0RW0MgCO5bFpepy4B4= -golang.org/x/oauth2 v0.12.0/go.mod h1:A74bZ3aGXgCY0qaIC9Ahg6Lglin4AMAco8cIv9baba4= +golang.org/x/oauth2 v0.17.0 h1:6m3ZPmLEFdVxKKWnKq4VqZ60gutO35zm+zrAHVmHyDQ= +golang.org/x/oauth2 v0.17.0/go.mod h1:OzPDGQiuQMguemayvdylqddI7qcD9lnSDb+1FiwQ5HA= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -620,6 +620,7 @@ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE= golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -675,14 +676,16 @@ golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU= -golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y= +golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4= -golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= +golang.org/x/term v0.17.0 h1:mkTF7LCd6WGJNL3K1Ad7kwxNfYAW6a8a8QqtMblp/4U= +golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -691,13 +694,14 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= +golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= @@ -746,8 +750,9 @@ golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.9/go.mod h1:nABZi5QlRsZVlzPpHl034qft6wpY4eDcsTt5AaioBiU= -golang.org/x/tools v0.16.1 h1:TLyB3WofjdOEepBHAU20JdNC1Zbg87elYofWYAY5oZA= -golang.org/x/tools v0.16.1/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0= +golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= +golang.org/x/tools v0.18.0 h1:k8NLag8AGHnn+PHbl7g43CtqZAwG60vZkLqgyZgIHgQ= +golang.org/x/tools v0.18.0/go.mod h1:GL7B4CwcLLeo59yx/9UWWuNOW1n3VZ4f5axWfML7Lcg= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -776,8 +781,8 @@ google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7 google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= +google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= google.golang.org/genproto v0.0.0-20180518175338-11a468237815/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= @@ -837,8 +842,8 @@ google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGj google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= -google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I= +google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -881,14 +886,14 @@ k8s.io/client-go v0.29.2 h1:FEg85el1TeZp+/vYJM7hkDlSTFZ+c5nnK44DJ4FyoRg= k8s.io/client-go v0.29.2/go.mod h1:knlvFZE58VpqbQpJNbCbctTVXcd35mMyAAwBdpt4jrA= k8s.io/component-base v0.29.0 h1:T7rjd5wvLnPBV1vC4zWd/iWRbV8Mdxs+nGaoaFzGw3s= k8s.io/component-base v0.29.0/go.mod h1:sADonFTQ9Zc9yFLghpDpmNXEdHyQmFIGbiuZbqAXQ1M= -k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0= -k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo= +k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= +k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-aggregator v0.28.1 h1:rvG4llYnQKHjj6YjjoBPEJxfD1uH0DJwkrJTNKGAaCs= k8s.io/kube-aggregator v0.28.1/go.mod h1:JaLizMe+AECSpO2OmrWVsvnG0V3dX1RpW+Wq/QHbu18= -k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780= -k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/kube-openapi v0.0.0-20240221221325-2ac9dc51f3f1 h1:rtdnaWfP40MTKv7izH81gkWpZB45pZrwIxyZdPSn1mI= +k8s.io/kube-openapi v0.0.0-20240221221325-2ac9dc51f3f1/go.mod h1:Pa1PvrP7ACSkuX6I7KYomY6cmMA0Tx86waBhDUgoKPw= +k8s.io/utils v0.0.0-20240102154912-e7106e64919e h1:eQ/4ljkx21sObifjzXwlPKpdGLrCfRziVtos3ofG/sQ= +k8s.io/utils v0.0.0-20240102154912-e7106e64919e/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= diff --git a/pkg/nodeagent/nodeagent.go b/pkg/nodeagent/nodeagent.go index 37b835df..0ffd62b9 100644 --- a/pkg/nodeagent/nodeagent.go +++ b/pkg/nodeagent/nodeagent.go @@ -105,17 +105,17 @@ func (n *NodeAgent) Run() { defer n.grpcConn.Close() wg := sync.WaitGroup{} - wg.Add(2) + wg.Add(3) go func() { _ = n.loopSyncConstraints(n.cancelCtx) wg.Done() }() - /*go func() { + go func() { _ = n.loopValidateProcesses(n.cancelCtx) wg.Done() - }()*/ + }() go func() { _ = n.loopTarianDetectorReadEvents(n.cancelCtx) @@ -414,15 +414,17 @@ func (n *NodeAgent) RegisterViolationsAsNewConstraint(violation *ProcessViolatio } func (n *NodeAgent) loopTarianDetectorReadEvents(ctx context.Context) error { - //---------------tarian-detector dev branch code integration--------------- + // tarian-detector dev branch code integration tarianEbpfModule, err := tarian.GetModule() if err != nil { - log.Fatal(err) + fmt.Errorf("error while get tarian ebpf module: %w", err) + return fmt.Errorf("error while get tarian-detector ebpf module: %w", err) } tarianDetector, err := tarianEbpfModule.Prepare() if err != nil { - log.Fatal(err) + fmt.Errorf("error while prepare tarian detector: %w", err) + return fmt.Errorf("error while prepare tarian-detector: %w", err) } // Instantiate event detectors @@ -434,39 +436,31 @@ func (n *NodeAgent) loopTarianDetectorReadEvents(ctx context.Context) error { // Start and defer Close err = eventsDetector.Start() if err != nil { - log.Fatal(err) + fmt.Errorf("error while start tarian detector: %w", err) + return fmt.Errorf("error while start tarian-detector: %w", err) } defer eventsDetector.Close() - log.Printf("%d probes running...\n", eventsDetector.Count()) - go func() { for { event, err := eventsDetector.ReadAsInterface() if err != nil { - log.Print(err) + fmt.Errorf("error while read event: %w", err) + log.Print("error: ", err) continue } - /*k8sCtx, err := GetK8sContext(watcher, e["hostProcessId"].(uint32)) - if err != nil { - e["kubernetes"] = err.Error() - } else { - e["kubernetes"] = k8sCtx - }*/ - - // utils.PrintEvent(e, eventsDetector.GetTotalCount()) + if event == nil { + continue + } detectionDataType := event["eventId"].(string) byteData, err := json.Marshal(event) if err != nil { - fmt.Errorf("********tarian-detector: error while marshaling json", "err", err, "detectionDataType", detectionDataType) n.logger.Error("tarian-detector: error while marshaling json", "err", err, "detectionDataType", detectionDataType) continue } n.SendDetectionEventToClusterAgent(detectionDataType, string(byteData)) - fmt.Println("********tarian-detector: ", detectionDataType, "binary_file_path", event["directory"], "hostProcessId", event["hostProcessId"], "processId", - event["processId"], "comm", event["processName"]) n.logger.Info("tarian-detector: ", detectionDataType, "binary_file_path", event["directory"], "hostProcessId", event["hostProcessId"], "processId", event["processId"], "comm", event["processName"]) } From 466a195920b4fa8c9e76eec6209474c93d545ced Mon Sep 17 00:00:00 2001 From: Anupam kumari Date: Mon, 26 Feb 2024 03:03:40 +0530 Subject: [PATCH 07/39] fixed controller-runtime admission decode error --- pkg/clusteragent/webhookserver/manager.go | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/pkg/clusteragent/webhookserver/manager.go b/pkg/clusteragent/webhookserver/manager.go index b2f9a73a..c758facc 100644 --- a/pkg/clusteragent/webhookserver/manager.go +++ b/pkg/clusteragent/webhookserver/manager.go @@ -13,6 +13,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/healthz" "sigs.k8s.io/controller-runtime/pkg/manager" "sigs.k8s.io/controller-runtime/pkg/webhook" + "sigs.k8s.io/controller-runtime/pkg/webhook/admission" ) var ( @@ -79,9 +80,10 @@ func RegisterControllers(logger *logrus.Logger, mgr manager.Manager, cfg PodAgen "/inject-pod-agent", &webhook.Admission{ Handler: &PodAgentInjector{ - Client: mgr.GetClient(), - config: cfg, - logger: logger, + Client: mgr.GetClient(), + decoder: admission.NewDecoder(scheme), + config: cfg, + logger: logger, }, }, ) From b1a819adeea1c5bce3b3588b6efde9db1be213e8 Mon Sep 17 00:00:00 2001 From: Anupam kumari Date: Mon, 26 Feb 2024 18:29:51 +0530 Subject: [PATCH 08/39] code cleanup --- pkg/nodeagent/nodeagent.go | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/pkg/nodeagent/nodeagent.go b/pkg/nodeagent/nodeagent.go index 0ffd62b9..38af8471 100644 --- a/pkg/nodeagent/nodeagent.go +++ b/pkg/nodeagent/nodeagent.go @@ -4,7 +4,6 @@ import ( "context" "encoding/json" "fmt" - "log" "regexp" "strconv" "strings" @@ -417,13 +416,13 @@ func (n *NodeAgent) loopTarianDetectorReadEvents(ctx context.Context) error { // tarian-detector dev branch code integration tarianEbpfModule, err := tarian.GetModule() if err != nil { - fmt.Errorf("error while get tarian ebpf module: %w", err) + n.logger.Errorf("error while get tarian ebpf module: %w", err) return fmt.Errorf("error while get tarian-detector ebpf module: %w", err) } tarianDetector, err := tarianEbpfModule.Prepare() if err != nil { - fmt.Errorf("error while prepare tarian detector: %w", err) + n.logger.Errorf("error while prepare tarian detector: %w", err) return fmt.Errorf("error while prepare tarian-detector: %w", err) } @@ -436,7 +435,7 @@ func (n *NodeAgent) loopTarianDetectorReadEvents(ctx context.Context) error { // Start and defer Close err = eventsDetector.Start() if err != nil { - fmt.Errorf("error while start tarian detector: %w", err) + n.logger.Errorf("error while start tarian detector: %w", err) return fmt.Errorf("error while start tarian-detector: %w", err) } defer eventsDetector.Close() @@ -445,8 +444,7 @@ func (n *NodeAgent) loopTarianDetectorReadEvents(ctx context.Context) error { for { event, err := eventsDetector.ReadAsInterface() if err != nil { - fmt.Errorf("error while read event: %w", err) - log.Print("error: ", err) + n.logger.Errorf("error while read event: %w", err) continue } From 36304b4a2f9fb296c06cee55215c851e343665dc Mon Sep 17 00:00:00 2001 From: Anupam kumari Date: Sun, 3 Mar 2024 22:59:42 +0530 Subject: [PATCH 09/39] replaced existing ebpf with tarian-detector --- Dockerfile-node-agent | 8 +++ Makefile | 16 ++++- cmd/tarian-node-agent/cmd/run.go | 5 +- pkg/nodeagent/capture_exec.go | 105 ++++++++++++++++++++++--------- pkg/nodeagent/nodeagent.go | 48 +++++++++----- 5 files changed, 137 insertions(+), 45 deletions(-) diff --git a/Dockerfile-node-agent b/Dockerfile-node-agent index 7bb28658..7853c61b 100644 --- a/Dockerfile-node-agent +++ b/Dockerfile-node-agent @@ -1,6 +1,14 @@ # FROM cgr.dev/chainguard/static:latest FROM cgr.dev/chainguard/static@sha256:2ea44d9bdd177a07e6fba8a60f7d45cb8a7358586a5f740187866566e6df310d +ARG KERNEL_VERSION_MAJOR +ARG KERNEL_VERSION_MINOR +ARG KERNEL_VERSION_PATCH + +ENV LINUX_VERSION_MAJOR=$KERNEL_VERSION_MAJOR +ENV LINUX_VERSION_MINOR=$KERNEL_VERSION_MINOR +ENV LINUX_VERSION_PATCH=$KERNEL_VERSION_PATCH + COPY ./tarian-node-agent . ENTRYPOINT ["./tarian-node-agent"] diff --git a/Makefile b/Makefile index 2f5431ef..0f54fec6 100644 --- a/Makefile +++ b/Makefile @@ -62,6 +62,14 @@ BPFTOOL = $(shell which bpftool || /bin/false) VMLINUXH = $(OUTPUT)/vmlinux.h NODEAGENT_EBPF_DIR = pkg/nodeagent/ebpf +# extracts the major, minor, and patch version numbers of the kernel version +KERNEL_VERSION = $(word 1, $(subst -, ,$(shell uname -r))) +KV_S = $(subst ., ,$(KERNEL_VERSION)) +KV_MAJOR = $(word 1,$(KV_S)) +KV_MINOR = $(word 2,$(KV_S)) +KV_PATCH = $(word 3,$(KV_S)) + + # output $(OUTPUT): @@ -117,7 +125,13 @@ vet: ## Run go vet against code. ebpf: $(NODEAGENT_EBPF_DIR)/capture_exec.bpf.o +# recipe to execute the executable file +execute: export LINUX_VERSION_MAJOR := $(KV_MAJOR) +execute: export LINUX_VERSION_MINOR := $(KV_MINOR) +execute: export LINUX_VERSION_PATCH := $(KV_PATCH) + build: bin/goreleaser generate proto ebpf ## Build binaries and copy to ./bin/ + echo "linux version: $(KV_MAJOR).$(KV_MINOR).$(KV_PATCH)" ./bin/goreleaser build --single-target --snapshot --rm-dist --single-target cp dist/*/tarian* ./bin/ @@ -132,7 +146,7 @@ local-images: build docker build -f Dockerfile-server -t localhost:5000/tarian-server dist/tarian-server_linux_amd64/ && docker push localhost:5000/tarian-server docker build -f Dockerfile-cluster-agent -t localhost:5000/tarian-cluster-agent dist/tarian-cluster-agent_linux_amd64/ && docker push localhost:5000/tarian-cluster-agent docker build -f Dockerfile-pod-agent -t localhost:5000/tarian-pod-agent dist/tarian-pod-agent_linux_amd64/ && docker push localhost:5000/tarian-pod-agent - docker build -f Dockerfile-node-agent -t localhost:5000/tarian-node-agent dist/tarian-node-agent_linux_amd64/ && docker push localhost:5000/tarian-node-agent + docker build --build-arg KERNEL_VERSION_MAJOR=$(KV_MAJOR) --build-arg KERNEL_VERSION_MINOR=$(KV_MINOR) --build-arg KERNEL_VERSION_PATCH=$(KV_PATCH) -f Dockerfile-node-agent -t localhost:5000/tarian-node-agent dist/tarian-node-agent_linux_amd64/ && docker push localhost:5000/tarian-node-agent docker build -f Dockerfile-tarianctl -t localhost:5000/tarianctl dist/tarianctl_linux_amd64/ && docker push localhost:5000/tarianctl push-local-images: diff --git a/cmd/tarian-node-agent/cmd/run.go b/cmd/tarian-node-agent/cmd/run.go index ddb39aac..5302a188 100644 --- a/cmd/tarian-node-agent/cmd/run.go +++ b/cmd/tarian-node-agent/cmd/run.go @@ -71,7 +71,10 @@ func (c *runCommand) run(_ *cobra.Command, args []string) error { } addr := c.clusterAgentHost + ":" + c.clusterAgentPort - agent := nodeagent.NewNodeAgent(c.logger, addr) + agent, err := nodeagent.NewNodeAgent(c.logger, addr) + if err != nil { + return fmt.Errorf("error while creating tarian-node-agent: %w", err) + } agent.EnableAddConstraint(c.enableAddConstraint) agent.SetNodeName(c.nodeNmae) diff --git a/pkg/nodeagent/capture_exec.go b/pkg/nodeagent/capture_exec.go index 77139660..08bf79fb 100644 --- a/pkg/nodeagent/capture_exec.go +++ b/pkg/nodeagent/capture_exec.go @@ -2,11 +2,11 @@ package nodeagent import ( "fmt" - "path/filepath" + "github.com/intelops/tarian-detector/pkg/detector" + "github.com/intelops/tarian-detector/tarian" "github.com/kube-tarian/tarian/pkg/nodeagent/ebpf" "github.com/sirupsen/logrus" - "golang.org/x/sys/unix" "k8s.io/client-go/kubernetes" "k8s.io/client-go/rest" ) @@ -48,11 +48,12 @@ type ExecEvent struct { // CaptureExec captures and processes execution events, associating them with Kubernetes Pods. // It uses eBPF (Extended Berkeley Packet Filter) to capture execution events in the Linux kernel. type CaptureExec struct { - eventsChan chan ExecEvent // Channel for sending captured execution events - shouldClose bool // Flag indicating whether the capture should be closed - bpfCaptureExec *ebpf.BpfCaptureExec // Instance of eBPF capture execution - nodeName string // The name of the node where the capture is running - logger *logrus.Logger // Logger instance for logging + eventsChan chan ExecEvent // Channel for sending captured execution events + shouldClose bool // Flag indicating whether the capture should be closed + bpfCaptureExec *ebpf.BpfCaptureExec // Instance of eBPF capture execution + nodeName string // The name of the node where the capture is running + logger *logrus.Logger // Logger instance for logging + eventsDetectorChan chan map[string]any } // NewCaptureExec creates a new CaptureExec instance for capturing and processing execution events. @@ -66,15 +67,16 @@ type CaptureExec struct { // - error: An error if creating the eBPF capture execution instance fails. func NewCaptureExec(logger *logrus.Logger) (*CaptureExec, error) { // Create a new instance of eBPF capture execution. - bpfCaptureExec, err := ebpf.NewBpfCaptureExec(logger) - if err != nil { - return nil, fmt.Errorf("NewCaptureExec: failed to create bpf capture exec: %w", err) - } + // bpfCaptureExec, err := ebpf.NewBpfCaptureExec(logger) + // if err != nil { + // return nil, fmt.Errorf("NewCaptureExec: failed to create bpf capture exec: %w", err) + // } return &CaptureExec{ - eventsChan: make(chan ExecEvent, 1000), - bpfCaptureExec: bpfCaptureExec, - logger: logger, + eventsChan: make(chan ExecEvent, 1000), + // bpfCaptureExec: bpfCaptureExec, + logger: logger, + eventsDetectorChan: make(chan map[string]any, 1000), }, nil } @@ -105,31 +107,28 @@ func (c *CaptureExec) Start() error { } watcher.Start() - // Start capturing execution events with eBPF. - go c.bpfCaptureExec.Start() - - // Get the channel for eBPF execution events. - bpfExecEventsChan := c.bpfCaptureExec.GetExecEventsChannel() + err = c.GetTarianDetectorEvents() + if err != nil { + return fmt.Errorf("CaptureExec.Start: failed to get tarian detector events: %w", err) + } for { // Wait for eBPF execution events. - bpfEvt := <-bpfExecEventsChan + bpfEvt := <-c.eventsDetectorChan // Check if the capture should be closed. if c.shouldClose { break } + pid := bpfEvt["processId"].(uint32) // Retrieve the container ID. - containerID, err := procsContainerID(bpfEvt.Pid) + containerID, err := procsContainerID(pid) + fmt.Println("containerID", containerID, "err", err) if err != nil { continue } - // Extract the command name and filename from the event. - filename := unix.ByteSliceToString(bpfEvt.Filename[:]) - command := filepath.Base(filename) - // Find the corresponding Kubernetes Pod. pod := watcher.FindPod(containerID) @@ -149,9 +148,9 @@ func (c *CaptureExec) Start() error { // Create an ExecEvent and send it to the events channel. execEvent := ExecEvent{ - Pid: bpfEvt.Pid, - Command: command, - Filename: filename, + Pid: pid, + //Command: command, + // Filename: filename, ContainerID: containerID, K8sPodName: podName, K8sPodUID: podUID, @@ -168,10 +167,58 @@ func (c *CaptureExec) Start() error { // Close stops the capture process and closes associated resources. func (c *CaptureExec) Close() { c.shouldClose = true - c.bpfCaptureExec.Close() } // GetEventsChannel returns the channel for receiving execution events. func (c *CaptureExec) GetEventsChannel() chan ExecEvent { return c.eventsChan } + +func (c *CaptureExec) GetTarianDetectorEvents() error { + tarianEbpfModule, err := tarian.GetModule() + if err != nil { + c.logger.Error("error while get tarian ebpf module: %v", err) + return fmt.Errorf("error while get tarian-detector ebpf module: %w", err) + } + + tarianDetector, err := tarianEbpfModule.Prepare() + if err != nil { + c.logger.Error("error while prepare tarian detector: %v", err) + return fmt.Errorf("error while prepare tarian-detector: %w", err) + } + + // Instantiate event detectors + eventsDetector := detector.NewEventsDetector() + + // Add ebpf programs to detectors + eventsDetector.Add(tarianDetector) + + // Start and defer Close + err = eventsDetector.Start() + if err != nil { + c.logger.Errorf("error while start tarian detector: %v", err) + return fmt.Errorf("error while start tarian-detector: %w", err) + } + + defer eventsDetector.Close() + + go func() { + for { + event, err := eventsDetector.ReadAsInterface() + if err != nil { + fmt.Print("error while read event as interface: ", err) + c.logger.WithError(err).Error("error while read event") + continue + } + + if event == nil { + continue + } + + c.eventsDetectorChan <- event + } + }() + + return nil + +} diff --git a/pkg/nodeagent/nodeagent.go b/pkg/nodeagent/nodeagent.go index 38af8471..9382b9bf 100644 --- a/pkg/nodeagent/nodeagent.go +++ b/pkg/nodeagent/nodeagent.go @@ -43,6 +43,7 @@ type NodeAgent struct { enableAddConstraint bool nodeName string + eventsDetector *detector.EventsDetector } // NewNodeAgent creates a new instance of the NodeAgent. @@ -53,16 +54,23 @@ type NodeAgent struct { // // Returns: // - *NodeAgent: A new NodeAgent instance. -func NewNodeAgent(logger *logrus.Logger, clusterAgentAddress string) *NodeAgent { +func NewNodeAgent(logger *logrus.Logger, clusterAgentAddress string) (*NodeAgent, error) { ctx, cancel := context.WithCancel(context.Background()) + eventsDetector, err := integrateTarianDetector(logger) + if err != nil { + fmt.Errorf("error while integrate tarian detector: %v", err) + return nil, fmt.Errorf("error while integrate tarian-detector: %w", err) + } + return &NodeAgent{ clusterAgentAddress: clusterAgentAddress, cancelCtx: ctx, cancelFunc: cancel, constraintsInitialized: false, logger: logger, - } + eventsDetector: eventsDetector, + }, nil } // EnableAddConstraint sets whether the NodeAgent should enable adding new constraints. @@ -412,18 +420,21 @@ func (n *NodeAgent) RegisterViolationsAsNewConstraint(violation *ProcessViolatio } } -func (n *NodeAgent) loopTarianDetectorReadEvents(ctx context.Context) error { - // tarian-detector dev branch code integration +// integrateTarianDetector integrates tarian-detector and returns an EventsDetector and an error. +// +// It takes a logger of type *logrus.Logger as a parameter. +// Returns a pointer to detector.EventsDetector and an error. +func integrateTarianDetector(logger *logrus.Logger) (*detector.EventsDetector, error) { tarianEbpfModule, err := tarian.GetModule() if err != nil { - n.logger.Errorf("error while get tarian ebpf module: %w", err) - return fmt.Errorf("error while get tarian-detector ebpf module: %w", err) + logger.Error("error while get tarian ebpf module: %v", err) + return nil, fmt.Errorf("error while get tarian-detector ebpf module: %w", err) } tarianDetector, err := tarianEbpfModule.Prepare() if err != nil { - n.logger.Errorf("error while prepare tarian detector: %w", err) - return fmt.Errorf("error while prepare tarian-detector: %w", err) + logger.Error("error while prepare tarian detector: %v", err) + return nil, fmt.Errorf("error while prepare tarian-detector: %w", err) } // Instantiate event detectors @@ -435,16 +446,25 @@ func (n *NodeAgent) loopTarianDetectorReadEvents(ctx context.Context) error { // Start and defer Close err = eventsDetector.Start() if err != nil { - n.logger.Errorf("error while start tarian detector: %w", err) - return fmt.Errorf("error while start tarian-detector: %w", err) + logger.Errorf("error while start tarian detector: %v", err) + return nil, fmt.Errorf("error while start tarian-detector: %w", err) } - defer eventsDetector.Close() + + return eventsDetector, nil +} + +// loopTarianDetectorReadEvents reads events from the Tarian detector and sends them to the cluster agent. +// +// ctx context.Context +// error +func (n *NodeAgent) loopTarianDetectorReadEvents(ctx context.Context) error { + defer n.eventsDetector.Close() go func() { for { - event, err := eventsDetector.ReadAsInterface() + event, err := n.eventsDetector.ReadAsInterface() if err != nil { - n.logger.Errorf("error while read event: %w", err) + n.logger.Errorf("tarian-detector: error while read event: %w", err) continue } @@ -454,7 +474,7 @@ func (n *NodeAgent) loopTarianDetectorReadEvents(ctx context.Context) error { detectionDataType := event["eventId"].(string) byteData, err := json.Marshal(event) if err != nil { - n.logger.Error("tarian-detector: error while marshaling json", "err", err, "detectionDataType", detectionDataType) + n.logger.Error("tarian-detector: error while marshaling event", "err", err) continue } From 36d7e0eb0e5f762fb740d9db3e3d301ce6745bc2 Mon Sep 17 00:00:00 2001 From: Anupam kumari Date: Sun, 3 Mar 2024 23:54:17 +0530 Subject: [PATCH 10/39] code cleanup --- Makefile | 13 +------------ go.mod | 4 ++-- go.sum | 2 ++ pkg/nodeagent/capture_exec.go | 11 +---------- 4 files changed, 6 insertions(+), 24 deletions(-) diff --git a/Makefile b/Makefile index 0f54fec6..aedd51c6 100644 --- a/Makefile +++ b/Makefile @@ -109,9 +109,6 @@ $(LIBBPF_OBJ): $(LIBBPF_SRC) $(wildcard $(LIBBPF_SRC)/*.[ch]) | $(OUTPUT)/libbpf libbpfgo-static: $(VMLINUXH) | $(LIBBPF_OBJ) -$(NODEAGENT_EBPF_DIR)/capture_exec.bpf.o: vmlinuxh libbpfgo-static ## Build eBPF object - $(CLANG) $(CFLAGS) -target bpf -D__TARGET_ARCH_$(ARCH) -I$(OUTPUT) -c $(NODEAGENT_EBPF_DIR)/c/capture_exec.bpf.c -o $@ - ##@ Development generate: bin/controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. @@ -123,15 +120,7 @@ fmt: ## Run go fmt against code. vet: ## Run go vet against code. CGO_CFLAGS=$(CGO_CFLAGS_STATIC) CGO_LDFLAGS=$(CGO_LDFLAGS_STATIC) go vet ./... -ebpf: $(NODEAGENT_EBPF_DIR)/capture_exec.bpf.o - -# recipe to execute the executable file -execute: export LINUX_VERSION_MAJOR := $(KV_MAJOR) -execute: export LINUX_VERSION_MINOR := $(KV_MINOR) -execute: export LINUX_VERSION_PATCH := $(KV_PATCH) - -build: bin/goreleaser generate proto ebpf ## Build binaries and copy to ./bin/ - echo "linux version: $(KV_MAJOR).$(KV_MINOR).$(KV_PATCH)" +build: bin/goreleaser generate proto ## Build binaries and copy to ./bin/ ./bin/goreleaser build --single-target --snapshot --rm-dist --single-target cp dist/*/tarian* ./bin/ diff --git a/go.mod b/go.mod index a49041ea..37a0642e 100644 --- a/go.mod +++ b/go.mod @@ -63,7 +63,7 @@ require ( go.uber.org/atomic v1.11.0 // indirect golang.org/x/net v0.21.0 golang.org/x/oauth2 v0.17.0 // indirect - golang.org/x/sys v0.17.0 + golang.org/x/sys v0.17.0 // indirect golang.org/x/term v0.17.0 // indirect golang.org/x/text v0.14.0 // indirect golang.org/x/time v0.5.0 // indirect @@ -83,7 +83,7 @@ require ( github.com/aquasecurity/libbpfgo v0.2.5-libbpf-0.7.0 github.com/cilium/ebpf v0.13.1 github.com/dgraph-io/dgo/v210 v210.0.0-20220113041351-ba0e5dfc4c3e - github.com/intelops/tarian-detector v0.0.0-20240223205958-674f5351cece + github.com/intelops/tarian-detector v0.0.0-20240226164335-7701e4e67daa github.com/nats-io/nats.go v1.22.1 github.com/sethvargo/go-retry v0.2.4 github.com/sirupsen/logrus v1.9.3 diff --git a/go.sum b/go.sum index 34690922..23772d28 100644 --- a/go.sum +++ b/go.sum @@ -282,6 +282,8 @@ github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2 github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/intelops/tarian-detector v0.0.0-20240223205958-674f5351cece h1:lai7AMQVv7tyoNqYdt4u4ibaxT5CjvoCI0paH2rpVJY= github.com/intelops/tarian-detector v0.0.0-20240223205958-674f5351cece/go.mod h1:u7VW9+KOi2ujvIevz/LtfaXkjfkBp7BKgGuPcSq814E= +github.com/intelops/tarian-detector v0.0.0-20240226164335-7701e4e67daa h1:ExaZjScIYDDIfCOygau+d09cvJdJdrWEN3yfHdehgbE= +github.com/intelops/tarian-detector v0.0.0-20240226164335-7701e4e67daa/go.mod h1:u7VW9+KOi2ujvIevz/LtfaXkjfkBp7BKgGuPcSq814E= github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= diff --git a/pkg/nodeagent/capture_exec.go b/pkg/nodeagent/capture_exec.go index 08bf79fb..088eecfc 100644 --- a/pkg/nodeagent/capture_exec.go +++ b/pkg/nodeagent/capture_exec.go @@ -66,15 +66,8 @@ type CaptureExec struct { // - *CaptureExec: A new instance of CaptureExec. // - error: An error if creating the eBPF capture execution instance fails. func NewCaptureExec(logger *logrus.Logger) (*CaptureExec, error) { - // Create a new instance of eBPF capture execution. - // bpfCaptureExec, err := ebpf.NewBpfCaptureExec(logger) - // if err != nil { - // return nil, fmt.Errorf("NewCaptureExec: failed to create bpf capture exec: %w", err) - // } - return &CaptureExec{ - eventsChan: make(chan ExecEvent, 1000), - // bpfCaptureExec: bpfCaptureExec, + eventsChan: make(chan ExecEvent, 1000), logger: logger, eventsDetectorChan: make(chan map[string]any, 1000), }, nil @@ -149,8 +142,6 @@ func (c *CaptureExec) Start() error { // Create an ExecEvent and send it to the events channel. execEvent := ExecEvent{ Pid: pid, - //Command: command, - // Filename: filename, ContainerID: containerID, K8sPodName: podName, K8sPodUID: podUID, From c2a4b26771591db72be31a03a6c5b4592aea24cd Mon Sep 17 00:00:00 2001 From: Anupam kumari Date: Wed, 6 Mar 2024 23:13:53 +0530 Subject: [PATCH 11/39] removed existing ebpf code --- .github/workflows/ci.yaml | 6 -- .gitignore | 1 - .golangci.yml | 2 - Makefile | 14 --- go.sum | 2 - pkg/nodeagent/capture_exec.go | 44 ++++++--- pkg/nodeagent/ebpf/c/capture_exec.bpf.c | 77 --------------- pkg/nodeagent/ebpf/doc.go | 2 - pkg/nodeagent/ebpf/exec.go | 126 ------------------------ pkg/nodeagent/nodeagent.go | 2 +- 10 files changed, 30 insertions(+), 246 deletions(-) delete mode 100644 pkg/nodeagent/ebpf/c/capture_exec.bpf.c delete mode 100644 pkg/nodeagent/ebpf/doc.go delete mode 100644 pkg/nodeagent/ebpf/exec.go diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index c32e488c..9f4863af 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -58,12 +58,6 @@ jobs: go-version: "1.21" cache: false - - name: EBPF prerequisites - run: | - set -x - sudo apt update && sudo apt install -y jq pkg-config libelf-dev clang - make ebpf - - name: Run unit tests run: make unit-test diff --git a/.gitignore b/.gitignore index 34a013c3..0c2362d9 100644 --- a/.gitignore +++ b/.gitignore @@ -4,7 +4,6 @@ /vendor /.local /.vscode -/pkg/**/capture_exec.bpf.o /pkg/tarianpb/api.pb.go /pkg/tarianpb/types.pb.go coverage.xml diff --git a/.golangci.yml b/.golangci.yml index 1c891453..d9fe769e 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,8 +1,6 @@ run: timeout: 10m concurrency: 4 - skip-files: - - pkg/nodeagent/ebpf/exec.go linters: disable-all: true diff --git a/Makefile b/Makefile index aedd51c6..c01c7fd3 100644 --- a/Makefile +++ b/Makefile @@ -34,7 +34,6 @@ default: help help: ## Display this help. @awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m\033[0m\n"} /^[a-zA-Z_0-9-]+:.*?##/ { printf " \033[36m%-15s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST) -##@ eBPF BASEDIR = $(abspath ./) OUTPUT = ./output @@ -60,7 +59,6 @@ CGO_LDFLAGS_DYN = "-lelf -lz -lbpf" BTFFILE = /sys/kernel/btf/vmlinux BPFTOOL = $(shell which bpftool || /bin/false) VMLINUXH = $(OUTPUT)/vmlinux.h -NODEAGENT_EBPF_DIR = pkg/nodeagent/ebpf # extracts the major, minor, and patch version numbers of the kernel version KERNEL_VERSION = $(word 1, $(subst -, ,$(shell uname -r))) @@ -97,18 +95,6 @@ $(VMLINUXH): $(OUTPUT) $(BPFTOOL) btf dump file $(BTFFILE) format c > $(VMLINUXH); \ fi -# libbpf - -$(LIBBPF_OBJ): $(LIBBPF_SRC) $(wildcard $(LIBBPF_SRC)/*.[ch]) | $(OUTPUT)/libbpf - CC="$(CC)" CFLAGS="$(CFLAGS)" LD_FLAGS="$(LDFLAGS)" \ - $(MAKE) -C $(LIBBPF_SRC) \ - BUILD_STATIC_ONLY=1 \ - OBJDIR=$(LIBBPF_OBJDIR) \ - DESTDIR=$(LIBBPF_DESTDIR) \ - INCLUDEDIR= LIBDIR= UAPIDIR= install - -libbpfgo-static: $(VMLINUXH) | $(LIBBPF_OBJ) - ##@ Development generate: bin/controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. diff --git a/go.sum b/go.sum index 23772d28..033536ee 100644 --- a/go.sum +++ b/go.sum @@ -280,8 +280,6 @@ github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= -github.com/intelops/tarian-detector v0.0.0-20240223205958-674f5351cece h1:lai7AMQVv7tyoNqYdt4u4ibaxT5CjvoCI0paH2rpVJY= -github.com/intelops/tarian-detector v0.0.0-20240223205958-674f5351cece/go.mod h1:u7VW9+KOi2ujvIevz/LtfaXkjfkBp7BKgGuPcSq814E= github.com/intelops/tarian-detector v0.0.0-20240226164335-7701e4e67daa h1:ExaZjScIYDDIfCOygau+d09cvJdJdrWEN3yfHdehgbE= github.com/intelops/tarian-detector v0.0.0-20240226164335-7701e4e67daa/go.mod h1:u7VW9+KOi2ujvIevz/LtfaXkjfkBp7BKgGuPcSq814E= github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= diff --git a/pkg/nodeagent/capture_exec.go b/pkg/nodeagent/capture_exec.go index 088eecfc..fb37179a 100644 --- a/pkg/nodeagent/capture_exec.go +++ b/pkg/nodeagent/capture_exec.go @@ -1,11 +1,12 @@ package nodeagent import ( + "context" "fmt" + "github.com/aquasecurity/libbpfgo" "github.com/intelops/tarian-detector/pkg/detector" "github.com/intelops/tarian-detector/tarian" - "github.com/kube-tarian/tarian/pkg/nodeagent/ebpf" "github.com/sirupsen/logrus" "k8s.io/client-go/kubernetes" "k8s.io/client-go/rest" @@ -48,12 +49,16 @@ type ExecEvent struct { // CaptureExec captures and processes execution events, associating them with Kubernetes Pods. // It uses eBPF (Extended Berkeley Packet Filter) to capture execution events in the Linux kernel. type CaptureExec struct { - eventsChan chan ExecEvent // Channel for sending captured execution events - shouldClose bool // Flag indicating whether the capture should be closed - bpfCaptureExec *ebpf.BpfCaptureExec // Instance of eBPF capture execution - nodeName string // The name of the node where the capture is running - logger *logrus.Logger // Logger instance for logging + ctx context.Context + eventsChan chan ExecEvent // Channel for sending captured execution events + shouldClose bool // Flag indicating whether the capture should be closed + bpfModule *libbpfgo.Module + bpfProg *libbpfgo.BPFProg + bpfRingBuffer *libbpfgo.RingBuffer + nodeName string // The name of the node where the capture is running + logger *logrus.Logger // Logger instance for logging eventsDetectorChan chan map[string]any + eventsDetector *detector.EventsDetector } // NewCaptureExec creates a new CaptureExec instance for capturing and processing execution events. @@ -65,8 +70,9 @@ type CaptureExec struct { // Returns: // - *CaptureExec: A new instance of CaptureExec. // - error: An error if creating the eBPF capture execution instance fails. -func NewCaptureExec(logger *logrus.Logger) (*CaptureExec, error) { +func NewCaptureExec(ctx context.Context, logger *logrus.Logger) (*CaptureExec, error) { return &CaptureExec{ + ctx: ctx, eventsChan: make(chan ExecEvent, 1000), logger: logger, eventsDetectorChan: make(chan map[string]any, 1000), @@ -100,7 +106,7 @@ func (c *CaptureExec) Start() error { } watcher.Start() - err = c.GetTarianDetectorEvents() + err = c.GetTarianDetectorEbpfEvents() if err != nil { return fmt.Errorf("CaptureExec.Start: failed to get tarian detector events: %w", err) } @@ -141,7 +147,7 @@ func (c *CaptureExec) Start() error { // Create an ExecEvent and send it to the events channel. execEvent := ExecEvent{ - Pid: pid, + Pid: pid, ContainerID: containerID, K8sPodName: podName, K8sPodUID: podUID, @@ -158,6 +164,7 @@ func (c *CaptureExec) Start() error { // Close stops the capture process and closes associated resources. func (c *CaptureExec) Close() { c.shouldClose = true + c.eventsDetector.Close() } // GetEventsChannel returns the channel for receiving execution events. @@ -165,16 +172,18 @@ func (c *CaptureExec) GetEventsChannel() chan ExecEvent { return c.eventsChan } -func (c *CaptureExec) GetTarianDetectorEvents() error { +func (c *CaptureExec) GetTarianDetectorEbpfEvents() error { tarianEbpfModule, err := tarian.GetModule() if err != nil { - c.logger.Error("error while get tarian ebpf module: %v", err) + fmt.Println("error while get tarian ebpf module: ", err) + c.logger.Errorf("error while get tarian ebpf module: %v", err) return fmt.Errorf("error while get tarian-detector ebpf module: %w", err) } tarianDetector, err := tarianEbpfModule.Prepare() if err != nil { - c.logger.Error("error while prepare tarian detector: %v", err) + fmt.Printf("error while prepare tarian detector: %v", err) + c.logger.Errorf("error while prepare tarian detector: %v", err) return fmt.Errorf("error while prepare tarian-detector: %w", err) } @@ -187,16 +196,20 @@ func (c *CaptureExec) GetTarianDetectorEvents() error { // Start and defer Close err = eventsDetector.Start() if err != nil { + fmt.Printf("error while start tarian detector: %v", err) c.logger.Errorf("error while start tarian detector: %v", err) return fmt.Errorf("error while start tarian-detector: %w", err) } - defer eventsDetector.Close() + c.eventsDetector = eventsDetector + + defer c.eventsDetector.Close() go func() { for { - event, err := eventsDetector.ReadAsInterface() + event, err := c.eventsDetector.ReadAsInterface() if err != nil { + fmt.Printf("error while read event: %v", err) fmt.Print("error while read event as interface: ", err) c.logger.WithError(err).Error("error while read event") continue @@ -210,6 +223,7 @@ func (c *CaptureExec) GetTarianDetectorEvents() error { } }() - return nil + <-c.ctx.Done() + return c.ctx.Err() } diff --git a/pkg/nodeagent/ebpf/c/capture_exec.bpf.c b/pkg/nodeagent/ebpf/c/capture_exec.bpf.c deleted file mode 100644 index 9b7d75e0..00000000 --- a/pkg/nodeagent/ebpf/c/capture_exec.bpf.c +++ /dev/null @@ -1,77 +0,0 @@ -//+build ignore -#include "vmlinux.h" -#include - -#ifdef asm_inline -#undef asm_inline -#define asm_inline asm -#endif - -#define ARGLEN 32 -#define ARGSIZE 1024 - -char __license[] SEC("license") = "Dual MIT/GPL"; - -struct event { - u32 pid; - u8 comm[80]; - u8 filename[ARGSIZE]; -}; - -// /sys/kernel/debug/tracing/events/syscalls/sys_enter_execve/format -struct trace_event_execve { - u16 common_type; // offset:0; size:2; signed:0; - u8 common_flags; // offset:2; size:1; signed:0; - u8 common_preempt_count; // offset:3; size:1; signed:0; - s32 common_pid; // offset:4; size:4; signed:1; - - s32 syscall_nr; // offset:8; size:4; signed:1; - u32 pad; // offset:12; size:4; signed:0; (pad) - const u8 *filename; // offset:16; size:8; signed:0; (ptr) - const u8 *const *argv; // offset:24; size:8; signed:0; (ptr) - const u8 *const *envp; // offset:32; size:8; signed:0; (ptr) -}; - -struct { - __uint(type, BPF_MAP_TYPE_RINGBUF); - __uint(max_entries, 1 << 24); -} events SEC(".maps"); - -// Zero values of any char[ARGSIZE] or char[ARGLEN][ARGSIZE] arrays. -static char zero[ARGSIZE] SEC(".rodata") = {0}; -static char zero_argv[ARGLEN][ARGSIZE] SEC(".rodata") = {0}; - -// Force emitting struct event into the ELF. -const struct event *unused __attribute__((unused)); - -SEC("tracepoint/syscalls/sys_enter_execve") -s32 enter_execve(struct trace_event_execve *trace_evt) { - u64 id = bpf_get_current_pid_tgid(); - u32 tgid = id >> 32; - struct event *evt; - - evt = bpf_ringbuf_reserve(&events, sizeof(struct event), 0); - if (!evt) { - return 0; - } - - s64 ret = bpf_probe_read_kernel(&evt->filename, sizeof(zero), &zero); - if (ret) { - bpf_printk("zero out filename: %d", ret); - bpf_ringbuf_discard(evt, 0); - return 1; - } - - evt->pid = tgid; - bpf_get_current_comm(&evt->comm, 80); - ret = bpf_probe_read_user_str(evt->filename, sizeof(evt->filename), trace_evt->filename); - if (ret < 0) { - bpf_printk("could not read filename into event struct: %d", ret); - bpf_ringbuf_discard(evt, 0); - return 1; - } - - bpf_ringbuf_submit(evt, 0); - - return 0; -} diff --git a/pkg/nodeagent/ebpf/doc.go b/pkg/nodeagent/ebpf/doc.go deleted file mode 100644 index df7d7aa5..00000000 --- a/pkg/nodeagent/ebpf/doc.go +++ /dev/null @@ -1,2 +0,0 @@ -// Package ebpf wraps ebpf programs and provides simpler abstraction -package ebpf diff --git a/pkg/nodeagent/ebpf/exec.go b/pkg/nodeagent/ebpf/exec.go deleted file mode 100644 index 69a9c56e..00000000 --- a/pkg/nodeagent/ebpf/exec.go +++ /dev/null @@ -1,126 +0,0 @@ -package ebpf - -import ( - "bytes" - "encoding/binary" - "fmt" - - "github.com/aquasecurity/libbpfgo" - "github.com/sirupsen/logrus" - - _ "embed" -) - -var bpfObjName = "capture_exec.bpf.o" - -//go:embed capture_exec.bpf.o -var captureExecBpfObj []byte - -// BpfExecEvent represents the structure of an eBPF execution event. -type BpfExecEvent struct { - Pid uint32 - Comm [80]uint8 - Filename [1024]uint8 -} - -// BpfCaptureExec handles the capturing and processing of eBPF events. -type BpfCaptureExec struct { - shouldClose bool - - bpfEventsChan chan []byte - execEventsChan chan BpfExecEvent - - bpfModule *libbpfgo.Module - bpfProg *libbpfgo.BPFProg - bpfRingBuffer *libbpfgo.RingBuffer - - logger *logrus.Logger -} - -// NewBpfCaptureExec creates a new BpfCaptureExec instance for capturing and processing eBPF events. -// It takes a logger as input. -// -// Parameters: -// - logger: A logger instance for logging. -// -// Returns: -// - *BpfCaptureExec: A new instance of BpfCaptureExec. -// - error: An error if loading the eBPF object or initializing the capture fails. -func NewBpfCaptureExec(logger *logrus.Logger) (*BpfCaptureExec, error) { - b := &BpfCaptureExec{ - bpfEventsChan: make(chan []byte, 1000), - execEventsChan: make(chan BpfExecEvent, 1000), - logger: logger, - } - - // Load the eBPF object and initialize the capture. - err := b.loadBpfObject() - if err != nil { - return nil, fmt.Errorf("NewBpfCaptureExec: failed to load bpf object: %w", err) - } - - return b, nil -} - -// loadBpfObject loads the eBPF object and sets up the eBPF program and ring buffer. -// It returns an error if any of these steps fails. -func (b *BpfCaptureExec) loadBpfObject() error { - var err error - b.bpfModule, err = libbpfgo.NewModuleFromBuffer(captureExecBpfObj, bpfObjName) - if err != nil { - return err - } - - b.bpfModule.BPFLoadObject() - - b.bpfRingBuffer, err = b.bpfModule.InitRingBuf("events", b.bpfEventsChan) - if err != nil { - return err - } - - b.bpfProg, err = b.bpfModule.GetProgram("enter_execve") - if err != nil { - return err - } - - _, err = b.bpfProg.AttachTracepoint("syscalls", "sys_enter_execve") - if err != nil { - return err - } - - return nil -} - -// Start starts the eBPF ring buffer and processes captured events. -// It continues processing events until the shouldClose flag is set to true. -func (b *BpfCaptureExec) Start() { - b.bpfRingBuffer.Start() - - for { - evt := <-b.bpfEventsChan - - if b.shouldClose { - break - } - - var bpfExecEvent BpfExecEvent - if err := binary.Read(bytes.NewBuffer(evt), binary.LittleEndian, &bpfExecEvent); err != nil { - b.logger.WithError(err).Error("error parsing ringbuf event") - continue - } - - b.execEventsChan <- bpfExecEvent - } -} - -// Close stops the eBPF ring buffer and closes the eBPF module. -func (b *BpfCaptureExec) Close() { - b.shouldClose = true - b.bpfRingBuffer.Close() - b.bpfModule.Close() -} - -// GetExecEventsChannel returns the channel for receiving eBPF execution events. -func (b *BpfCaptureExec) GetExecEventsChannel() chan BpfExecEvent { - return b.execEventsChan -} diff --git a/pkg/nodeagent/nodeagent.go b/pkg/nodeagent/nodeagent.go index 9382b9bf..235e54f1 100644 --- a/pkg/nodeagent/nodeagent.go +++ b/pkg/nodeagent/nodeagent.go @@ -196,7 +196,7 @@ func (n *NodeAgent) SyncConstraints() { // Returns: // - error: An error, if any, encountered during the loop. func (n *NodeAgent) loopValidateProcesses(ctx context.Context) error { - captureExec, err := NewCaptureExec(n.logger) + captureExec, err := NewCaptureExec(ctx, n.logger) if err != nil { return fmt.Errorf("nodeagent: %w", err) } From 941c87f451021b254d216ba21caa9ce8a6aeefc4 Mon Sep 17 00:00:00 2001 From: Anupam kumari Date: Thu, 7 Mar 2024 00:20:28 +0530 Subject: [PATCH 12/39] fixed lint and unit tests --- .github/workflows/charts.yaml | 2 +- .github/workflows/ci.yaml | 2 +- cmd/tarian-node-agent/cmd/mount_debugfs.go | 1 + pkg/nodeagent/capture_exec.go | 12 ++++++------ pkg/nodeagent/nodeagent.go | 12 ++++++++---- pkg/server/ingestion_worker.go | 4 ++++ 6 files changed, 21 insertions(+), 12 deletions(-) diff --git a/.github/workflows/charts.yaml b/.github/workflows/charts.yaml index 6e5c0ec5..a88d7927 100644 --- a/.github/workflows/charts.yaml +++ b/.github/workflows/charts.yaml @@ -107,7 +107,7 @@ jobs: go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@938f6e2f7550e542bd78f3b9e8812665db109e02 # @v1.1.0 make bin/protoc bin/goreleaser bash ./dev/run-kind-registry.sh - make ebpf generate + make generate ./bin/goreleaser release --snapshot --rm-dist make push-local-images cp dist/tarianctl_linux_amd64/tarianctl ./bin/ diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 9f4863af..14cf477c 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -125,7 +125,7 @@ jobs: go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@938f6e2f7550e542bd78f3b9e8812665db109e02 # @v1.1.0 make bin/protoc bin/goreleaser bash ./dev/run-kind-registry.sh - make ebpf generate + make generate ./bin/goreleaser release --snapshot --rm-dist make push-local-images cp dist/tarianctl_linux_amd64/tarianctl ./bin/ diff --git a/cmd/tarian-node-agent/cmd/mount_debugfs.go b/cmd/tarian-node-agent/cmd/mount_debugfs.go index 682a0ac0..eb123bac 100644 --- a/cmd/tarian-node-agent/cmd/mount_debugfs.go +++ b/cmd/tarian-node-agent/cmd/mount_debugfs.go @@ -9,6 +9,7 @@ import ( // https://man7.org/linux/man-pages/man2/statfs.2.html const DebugFSMagic = 0x64626720 +// DebugFSRoot is the location of the DebugFS filesystem const DebugFSRoot = "/sys/kernel/debug" func isDebugFsMounted() bool { diff --git a/pkg/nodeagent/capture_exec.go b/pkg/nodeagent/capture_exec.go index fb37179a..8f4ef1a4 100644 --- a/pkg/nodeagent/capture_exec.go +++ b/pkg/nodeagent/capture_exec.go @@ -4,7 +4,6 @@ import ( "context" "fmt" - "github.com/aquasecurity/libbpfgo" "github.com/intelops/tarian-detector/pkg/detector" "github.com/intelops/tarian-detector/tarian" "github.com/sirupsen/logrus" @@ -52,9 +51,6 @@ type CaptureExec struct { ctx context.Context eventsChan chan ExecEvent // Channel for sending captured execution events shouldClose bool // Flag indicating whether the capture should be closed - bpfModule *libbpfgo.Module - bpfProg *libbpfgo.BPFProg - bpfRingBuffer *libbpfgo.RingBuffer nodeName string // The name of the node where the capture is running logger *logrus.Logger // Logger instance for logging eventsDetectorChan chan map[string]any @@ -106,7 +102,7 @@ func (c *CaptureExec) Start() error { } watcher.Start() - err = c.GetTarianDetectorEbpfEvents() + err = c.getTarianDetectorEbpfEvents() if err != nil { return fmt.Errorf("CaptureExec.Start: failed to get tarian detector events: %w", err) } @@ -172,7 +168,11 @@ func (c *CaptureExec) GetEventsChannel() chan ExecEvent { return c.eventsChan } -func (c *CaptureExec) GetTarianDetectorEbpfEvents() error { +// getTarianDetectorEbpfEvents retrieves Tarian detector EBPF events. +// +// No parameters. +// Returns an error. +func (c *CaptureExec) getTarianDetectorEbpfEvents() error { tarianEbpfModule, err := tarian.GetModule() if err != nil { fmt.Println("error while get tarian ebpf module: ", err) diff --git a/pkg/nodeagent/nodeagent.go b/pkg/nodeagent/nodeagent.go index 235e54f1..bcffd332 100644 --- a/pkg/nodeagent/nodeagent.go +++ b/pkg/nodeagent/nodeagent.go @@ -59,7 +59,8 @@ func NewNodeAgent(logger *logrus.Logger, clusterAgentAddress string) (*NodeAgent eventsDetector, err := integrateTarianDetector(logger) if err != nil { - fmt.Errorf("error while integrate tarian detector: %v", err) + logger.Errorf("error while integrate tarian detector: %v", err) + cancel() return nil, fmt.Errorf("error while integrate tarian-detector: %w", err) } @@ -427,13 +428,13 @@ func (n *NodeAgent) RegisterViolationsAsNewConstraint(violation *ProcessViolatio func integrateTarianDetector(logger *logrus.Logger) (*detector.EventsDetector, error) { tarianEbpfModule, err := tarian.GetModule() if err != nil { - logger.Error("error while get tarian ebpf module: %v", err) + logger.Errorf("error while get tarian ebpf module: %v", err) return nil, fmt.Errorf("error while get tarian-detector ebpf module: %w", err) } tarianDetector, err := tarianEbpfModule.Prepare() if err != nil { - logger.Error("error while prepare tarian detector: %v", err) + logger.Errorf("error while prepare tarian detector: %v", err) return nil, fmt.Errorf("error while prepare tarian-detector: %w", err) } @@ -464,7 +465,7 @@ func (n *NodeAgent) loopTarianDetectorReadEvents(ctx context.Context) error { for { event, err := n.eventsDetector.ReadAsInterface() if err != nil { - n.logger.Errorf("tarian-detector: error while read event: %w", err) + n.logger.Errorf("tarian-detector: error while read event: %v", err) continue } @@ -488,6 +489,9 @@ func (n *NodeAgent) loopTarianDetectorReadEvents(ctx context.Context) error { return ctx.Err() } +// SendDetectionEventToClusterAgent sends a detection event to the cluster agent. +// +// It takes two parameters: detectionDataType of type string, and detectionData of type string. func (n *NodeAgent) SendDetectionEventToClusterAgent(detectionDataType, detectionData string) { req := tarianpb.IngestEventRequest{ Event: &tarianpb.Event{ diff --git a/pkg/server/ingestion_worker.go b/pkg/server/ingestion_worker.go index 13d646fd..12e4233b 100644 --- a/pkg/server/ingestion_worker.go +++ b/pkg/server/ingestion_worker.go @@ -56,6 +56,10 @@ func (iw *IngestionWorker) Start() { } buf, err := json.Marshal(event) + if err != nil { + iw.logger.WithError(err).Error("marshaling error: error while processing event") + continue + } event.ServerTimestamp = timestamppb.Now() logrus.Info(">> DEBUG IngestionWorker", "event", string(buf)) From f6cc4cd2331dd8c74a0829f3901a76c96294ad9c Mon Sep 17 00:00:00 2001 From: Anupam kumari Date: Fri, 8 Mar 2024 00:52:36 +0530 Subject: [PATCH 13/39] fixed lint --- .github/workflows/ci.yaml | 5 +++ Makefile | 11 ++++++- cmd/tarian-node-agent/cmd/run.go | 6 ++-- go.mod | 1 - go.sum | 3 -- pkg/nodeagent/capture_exec.go | 31 +++++++++++------- pkg/nodeagent/nodeagent.go | 52 +++++++++++-------------------- pkg/util/kubeclient/kubeclient.go | 5 +-- 8 files changed, 59 insertions(+), 55 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 14cf477c..102018c6 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -58,6 +58,11 @@ jobs: go-version: "1.21" cache: false + - name: EBPF prerequisites + run: | + set -x + sudo apt update && sudo apt install -y jq pkg-config libelf-dev clang + - name: Run unit tests run: make unit-test diff --git a/Makefile b/Makefile index c01c7fd3..667c18c4 100644 --- a/Makefile +++ b/Makefile @@ -45,7 +45,6 @@ LIBBPF_OBJDIR = $(abspath $(OUTPUT)/libbpf) LIBBPF_DESTDIR = $(abspath $(OUTPUT)) CC = gcc -CLANG = clang GO = go CFLAGS = -g -O2 -Wall -fpie LDFLAGS = @@ -94,6 +93,16 @@ $(VMLINUXH): $(OUTPUT) echo "INFO: generating $(VMLINUXH) from $(BTFFILE)"; \ $(BPFTOOL) btf dump file $(BTFFILE) format c > $(VMLINUXH); \ fi + +# libbpf + +$(LIBBPF_OBJ): $(LIBBPF_SRC) $(wildcard $(LIBBPF_SRC)/*.[ch]) | $(OUTPUT)/libbpf + CC="$(CC)" CFLAGS="$(CFLAGS)" LD_FLAGS="$(LDFLAGS)" \ + $(MAKE) -C $(LIBBPF_SRC) \ + BUILD_STATIC_ONLY=1 \ + OBJDIR=$(LIBBPF_OBJDIR) \ + DESTDIR=$(LIBBPF_DESTDIR) \ + INCLUDEDIR= LIBDIR= UAPIDIR= install ##@ Development diff --git a/cmd/tarian-node-agent/cmd/run.go b/cmd/tarian-node-agent/cmd/run.go index 5302a188..2bd92e64 100644 --- a/cmd/tarian-node-agent/cmd/run.go +++ b/cmd/tarian-node-agent/cmd/run.go @@ -71,10 +71,10 @@ func (c *runCommand) run(_ *cobra.Command, args []string) error { } addr := c.clusterAgentHost + ":" + c.clusterAgentPort - agent, err := nodeagent.NewNodeAgent(c.logger, addr) - if err != nil { + agent := nodeagent.NewNodeAgent(c.logger, addr) + /*if err != nil { return fmt.Errorf("error while creating tarian-node-agent: %w", err) - } + }*/ agent.EnableAddConstraint(c.enableAddConstraint) agent.SetNodeName(c.nodeNmae) diff --git a/go.mod b/go.mod index 37a0642e..73878cfc 100644 --- a/go.mod +++ b/go.mod @@ -80,7 +80,6 @@ require ( ) require ( - github.com/aquasecurity/libbpfgo v0.2.5-libbpf-0.7.0 github.com/cilium/ebpf v0.13.1 github.com/dgraph-io/dgo/v210 v210.0.0-20220113041351-ba0e5dfc4c3e github.com/intelops/tarian-detector v0.0.0-20240226164335-7701e4e67daa diff --git a/go.sum b/go.sum index 033536ee..536a547d 100644 --- a/go.sum +++ b/go.sum @@ -41,8 +41,6 @@ github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRF github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE= -github.com/aquasecurity/libbpfgo v0.2.5-libbpf-0.7.0 h1:BpW7qxkveYXx8TCtvYWIvmliPqaTCz/IYs1i+Gyj0MQ= -github.com/aquasecurity/libbpfgo v0.2.5-libbpf-0.7.0/go.mod h1:/+clceXE103FaXvVTIY2HAkQjxNtkra4DRWvZYr2SKw= github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= @@ -668,7 +666,6 @@ golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210420072515-93ed5bcd2bfe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= diff --git a/pkg/nodeagent/capture_exec.go b/pkg/nodeagent/capture_exec.go index 8f4ef1a4..11b1a1ad 100644 --- a/pkg/nodeagent/capture_exec.go +++ b/pkg/nodeagent/capture_exec.go @@ -49,7 +49,7 @@ type ExecEvent struct { // It uses eBPF (Extended Berkeley Packet Filter) to capture execution events in the Linux kernel. type CaptureExec struct { ctx context.Context - eventsChan chan ExecEvent // Channel for sending captured execution events + event Event // captured Event shouldClose bool // Flag indicating whether the capture should be closed nodeName string // The name of the node where the capture is running logger *logrus.Logger // Logger instance for logging @@ -57,6 +57,12 @@ type CaptureExec struct { eventsDetector *detector.EventsDetector } +// Event contains the events channel and the error channel +type Event struct { + eventsChan chan ExecEvent + errChan chan error +} + // NewCaptureExec creates a new CaptureExec instance for capturing and processing execution events. // It initializes the eBPF capture execution instance and sets up a channel for sending events. // @@ -69,7 +75,7 @@ type CaptureExec struct { func NewCaptureExec(ctx context.Context, logger *logrus.Logger) (*CaptureExec, error) { return &CaptureExec{ ctx: ctx, - eventsChan: make(chan ExecEvent, 1000), + event: Event{eventsChan: make(chan ExecEvent, 1000), errChan: make(chan error)}, logger: logger, eventsDetectorChan: make(chan map[string]any, 1000), }, nil @@ -85,11 +91,12 @@ func (c *CaptureExec) SetNodeName(name string) { // Start begins capturing execution events and associating them with Kubernetes Pods. // It returns an error if any of the setup steps fail. -func (c *CaptureExec) Start() error { +func (c *CaptureExec) Start() { // Get in-cluster configuration for Kubernetes. config, err := rest.InClusterConfig() if err != nil { - return fmt.Errorf("CaptureExec.Start: failed to get in cluster config: %w", err) + c.event.errChan <- fmt.Errorf("CaptureExec.Start: failed to get in cluster config: %w", err) + return } // Create a Kubernetes client. @@ -98,13 +105,15 @@ func (c *CaptureExec) Start() error { // Create a PodWatcher to watch for Pods on the node. watcher, err := NewPodWatcher(c.logger, k8sClient, c.nodeName) if err != nil { - return fmt.Errorf("CaptureExec.Start: failed to create pod watcher: %w", err) + c.event.errChan <- fmt.Errorf("CaptureExec.Start: failed to create pod watcher: %w", err) + return } watcher.Start() err = c.getTarianDetectorEbpfEvents() if err != nil { - return fmt.Errorf("CaptureExec.Start: failed to get tarian detector events: %w", err) + c.event.errChan <- fmt.Errorf("CaptureExec.Start: failed to get tarian detector events: %w", err) + return } for { @@ -151,10 +160,8 @@ func (c *CaptureExec) Start() error { K8sPodLabels: podLabels, K8sPodAnnotations: podAnnotations, } - - c.eventsChan <- execEvent + c.event.eventsChan <- execEvent } - return nil } // Close stops the capture process and closes associated resources. @@ -163,9 +170,9 @@ func (c *CaptureExec) Close() { c.eventsDetector.Close() } -// GetEventsChannel returns the channel for receiving execution events. -func (c *CaptureExec) GetEventsChannel() chan ExecEvent { - return c.eventsChan +// GetEvent returns the Event which contains channel for receiving events and error channel. +func (c *CaptureExec) GetEvent() Event { + return c.event } // getTarianDetectorEbpfEvents retrieves Tarian detector EBPF events. diff --git a/pkg/nodeagent/nodeagent.go b/pkg/nodeagent/nodeagent.go index bcffd332..85e51eba 100644 --- a/pkg/nodeagent/nodeagent.go +++ b/pkg/nodeagent/nodeagent.go @@ -43,7 +43,6 @@ type NodeAgent struct { enableAddConstraint bool nodeName string - eventsDetector *detector.EventsDetector } // NewNodeAgent creates a new instance of the NodeAgent. @@ -54,24 +53,16 @@ type NodeAgent struct { // // Returns: // - *NodeAgent: A new NodeAgent instance. -func NewNodeAgent(logger *logrus.Logger, clusterAgentAddress string) (*NodeAgent, error) { +func NewNodeAgent(logger *logrus.Logger, clusterAgentAddress string) *NodeAgent { ctx, cancel := context.WithCancel(context.Background()) - eventsDetector, err := integrateTarianDetector(logger) - if err != nil { - logger.Errorf("error while integrate tarian detector: %v", err) - cancel() - return nil, fmt.Errorf("error while integrate tarian-detector: %w", err) - } - return &NodeAgent{ clusterAgentAddress: clusterAgentAddress, cancelCtx: ctx, cancelFunc: cancel, constraintsInitialized: false, logger: logger, - eventsDetector: eventsDetector, - }, nil + } } // EnableAddConstraint sets whether the NodeAgent should enable adding new constraints. @@ -204,15 +195,18 @@ func (n *NodeAgent) loopValidateProcesses(ctx context.Context) error { captureExec.SetNodeName(n.nodeName) - execEvent := captureExec.GetEventsChannel() + exeEvent := captureExec.GetEvent() go captureExec.Start() for { select { + case err := <-exeEvent.errChan: + captureExec.Close() + return fmt.Errorf("nodeagent: %w", err) case <-ctx.Done(): captureExec.Close() return fmt.Errorf("nodeagent: %w", ctx.Err()) - case evt := <-execEvent: + case evt := <-exeEvent.eventsChan: if !n.constraintsInitialized { continue } @@ -421,21 +415,21 @@ func (n *NodeAgent) RegisterViolationsAsNewConstraint(violation *ProcessViolatio } } -// integrateTarianDetector integrates tarian-detector and returns an EventsDetector and an error. +// loopTarianDetectorReadEvents reads events from the Tarian detector and sends them to the cluster agent. // -// It takes a logger of type *logrus.Logger as a parameter. -// Returns a pointer to detector.EventsDetector and an error. -func integrateTarianDetector(logger *logrus.Logger) (*detector.EventsDetector, error) { +// ctx context.Context +// error +func (n *NodeAgent) loopTarianDetectorReadEvents(ctx context.Context) error { tarianEbpfModule, err := tarian.GetModule() if err != nil { - logger.Errorf("error while get tarian ebpf module: %v", err) - return nil, fmt.Errorf("error while get tarian-detector ebpf module: %w", err) + n.logger.Errorf("error while get tarian ebpf module: %v", err) + return fmt.Errorf("error while get tarian-detector ebpf module: %w", err) } tarianDetector, err := tarianEbpfModule.Prepare() if err != nil { - logger.Errorf("error while prepare tarian detector: %v", err) - return nil, fmt.Errorf("error while prepare tarian-detector: %w", err) + n.logger.Errorf("error while prepare tarian detector: %v", err) + return fmt.Errorf("error while prepare tarian-detector: %w", err) } // Instantiate event detectors @@ -447,23 +441,15 @@ func integrateTarianDetector(logger *logrus.Logger) (*detector.EventsDetector, e // Start and defer Close err = eventsDetector.Start() if err != nil { - logger.Errorf("error while start tarian detector: %v", err) - return nil, fmt.Errorf("error while start tarian-detector: %w", err) + n.logger.Errorf("error while start tarian detector: %v", err) + return fmt.Errorf("error while start tarian-detector: %w", err) } - return eventsDetector, nil -} - -// loopTarianDetectorReadEvents reads events from the Tarian detector and sends them to the cluster agent. -// -// ctx context.Context -// error -func (n *NodeAgent) loopTarianDetectorReadEvents(ctx context.Context) error { - defer n.eventsDetector.Close() + defer eventsDetector.Close() go func() { for { - event, err := n.eventsDetector.ReadAsInterface() + event, err := eventsDetector.ReadAsInterface() if err != nil { n.logger.Errorf("tarian-detector: error while read event: %v", err) continue diff --git a/pkg/util/kubeclient/kubeclient.go b/pkg/util/kubeclient/kubeclient.go index 43ad265e..32767214 100644 --- a/pkg/util/kubeclient/kubeclient.go +++ b/pkg/util/kubeclient/kubeclient.go @@ -55,7 +55,8 @@ func NewKubeClient(logger *logrus.Logger, kubeconfig string, kubeContext string) // WaitForPodsToBeReady waits for pods to be ready in the specified namespace and with the given label selector. func (k *client) WaitForPodsToBeReady(namespace, labelSelector string) error { - return wait.Poll(2*time.Second, 5*time.Minute, func() (bool, error) { + ctx := context.Background() + return wait.PollUntilContextTimeout(ctx, 2*time.Second, 5*time.Minute, false, wait.ConditionWithContextFunc(func(ctx context.Context) (bool, error) { k.logger.Debugf(`Waiting for pods "%v" to be in the "Running" state...`, labelSelector) podList, err := k.client.CoreV1().Pods(namespace).List(context.Background(), metav1.ListOptions{ @@ -80,7 +81,7 @@ func (k *client) WaitForPodsToBeReady(namespace, labelSelector string) error { k.logger.Infof("All pods '%v' are in the 'Running' state.", labelSelector) return true, nil - }) + })) } // ExecPodWithOneContainer executes a command in a pod with one container. From 304d1f89fb8bbfd10d6753ba13223f3cbbc515eb Mon Sep 17 00:00:00 2001 From: Anupam kumari Date: Sat, 9 Mar 2024 14:30:30 +0530 Subject: [PATCH 14/39] remove 3rdparty/libbpf and fixed nodeagent running issue --- .goreleaser.yml | 2 -- 3rdparty/libbpf | 1 - Dockerfile-node-agent | 3 ++- Makefile | 18 ------------------ cmd/tarianctl/cmd/flags/flag.go | 1 - .../tarian-cluster-agent.yaml | 1 + .../tarian-node-agent/tarian-node-agent.yaml | 1 + dev/config/tarian-server/tarian-server.yaml | 2 +- pkg/clusteragent/grpc_servers.go | 2 +- pkg/nodeagent/capture_exec.go | 13 +++++-------- pkg/nodeagent/nodeagent.go | 4 ++-- pkg/server/ingestion_worker.go | 9 --------- 12 files changed, 13 insertions(+), 44 deletions(-) delete mode 160000 3rdparty/libbpf diff --git a/.goreleaser.yml b/.goreleaser.yml index 28369274..7b4f32fd 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -1,7 +1,6 @@ env: - CONTAINER_REGISTRY={{ if index .Env "CONTAINER_REGISTRY" }}{{ .Env.CONTAINER_REGISTRY }}{{ else }}localhost:5000{{ end }} - CGO_CFLAGS=-I{{ abs .ModulePath }}/output -Wno-unknown-attributes - - CGO_LDFLAGS=-lelf -lz {{ abs .ModulePath}}/output/libbpf.a builds: - id: tarian-server main: ./cmd/tarian-server/ @@ -39,7 +38,6 @@ builds: main: ./cmd/tarian-node-agent/ binary: tarian-node-agent env: - - CC=clang goos: - linux goarch: diff --git a/3rdparty/libbpf b/3rdparty/libbpf deleted file mode 160000 index 2cd2d03f..00000000 --- a/3rdparty/libbpf +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 2cd2d03f63242c048a896179398c68d2dbefe3d6 diff --git a/Dockerfile-node-agent b/Dockerfile-node-agent index 7853c61b..8ce6ccd6 100644 --- a/Dockerfile-node-agent +++ b/Dockerfile-node-agent @@ -1,5 +1,6 @@ # FROM cgr.dev/chainguard/static:latest -FROM cgr.dev/chainguard/static@sha256:2ea44d9bdd177a07e6fba8a60f7d45cb8a7358586a5f740187866566e6df310d +#FROM cgr.dev/chainguard/static@sha256:2ea44d9bdd177a07e6fba8a60f7d45cb8a7358586a5f740187866566e6df310d +FROM ubuntu:jammy ARG KERNEL_VERSION_MAJOR ARG KERNEL_VERSION_MINOR diff --git a/Makefile b/Makefile index 667c18c4..ee30c794 100644 --- a/Makefile +++ b/Makefile @@ -39,11 +39,6 @@ BASEDIR = $(abspath ./) OUTPUT = ./output ARCH := $(shell uname -m | sed 's/x86_64/amd64/g; s/aarch64/arm64/g') -LIBBPF_SRC = $(abspath ./3rdparty/libbpf/src) -LIBBPF_OBJ = $(abspath $(OUTPUT)/libbpf.a) -LIBBPF_OBJDIR = $(abspath $(OUTPUT)/libbpf) -LIBBPF_DESTDIR = $(abspath $(OUTPUT)) - CC = gcc GO = go CFLAGS = -g -O2 -Wall -fpie @@ -72,9 +67,6 @@ KV_PATCH = $(word 3,$(KV_S)) $(OUTPUT): mkdir -p $(OUTPUT) -$(OUTPUT)/libbpf: - mkdir -p $(OUTPUT)/libbpf - # vmlinux header file .PHONY: vmlinuxh @@ -94,16 +86,6 @@ $(VMLINUXH): $(OUTPUT) $(BPFTOOL) btf dump file $(BTFFILE) format c > $(VMLINUXH); \ fi -# libbpf - -$(LIBBPF_OBJ): $(LIBBPF_SRC) $(wildcard $(LIBBPF_SRC)/*.[ch]) | $(OUTPUT)/libbpf - CC="$(CC)" CFLAGS="$(CFLAGS)" LD_FLAGS="$(LDFLAGS)" \ - $(MAKE) -C $(LIBBPF_SRC) \ - BUILD_STATIC_ONLY=1 \ - OBJDIR=$(LIBBPF_OBJDIR) \ - DESTDIR=$(LIBBPF_DESTDIR) \ - INCLUDEDIR= LIBDIR= UAPIDIR= install - ##@ Development generate: bin/controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. diff --git a/cmd/tarianctl/cmd/flags/flag.go b/cmd/tarianctl/cmd/flags/flag.go index 34487dde..b1e30684 100644 --- a/cmd/tarianctl/cmd/flags/flag.go +++ b/cmd/tarianctl/cmd/flags/flag.go @@ -93,7 +93,6 @@ func (globalFlags *GlobalFlags) ValidateGlobalFlags() error { func (globalFlags *GlobalFlags) GetFlagValuesFromEnvVar(logger *logrus.Logger) { // Read environment variable for "server-address" flag if globalFlags.ServerAddr == defaultServerAddress || globalFlags.ServerAddr == "" { - fmt.Println("here") if serverAddressEnv := os.Getenv(tarianServerAddressEnv); serverAddressEnv != "" { logger.Debugf("Setting server address from environment variable, TARIAN_SERVER_ADDRESS=%s", serverAddressEnv) globalFlags.ServerAddr = serverAddressEnv diff --git a/dev/config/tarian-cluster-agent/tarian-cluster-agent.yaml b/dev/config/tarian-cluster-agent/tarian-cluster-agent.yaml index 39be5765..a6362b28 100644 --- a/dev/config/tarian-cluster-agent/tarian-cluster-agent.yaml +++ b/dev/config/tarian-cluster-agent/tarian-cluster-agent.yaml @@ -17,6 +17,7 @@ spec: image: localhost:5000/tarian-cluster-agent:latest args: - --log-level=debug + - --log-formatter=json - run - "--server-address=tarian-server:80" - --enable-add-constraint diff --git a/dev/config/tarian-node-agent/tarian-node-agent.yaml b/dev/config/tarian-node-agent/tarian-node-agent.yaml index 86ea7821..ed58028f 100644 --- a/dev/config/tarian-node-agent/tarian-node-agent.yaml +++ b/dev/config/tarian-node-agent/tarian-node-agent.yaml @@ -16,6 +16,7 @@ spec: image: localhost:5000/tarian-node-agent:latest args: - --log-level=debug + - --log-formatter=json - run - --cluster-agent-host=tarian-cluster-agent.tarian-system.svc - --cluster-agent-port=80 diff --git a/dev/config/tarian-server/tarian-server.yaml b/dev/config/tarian-server/tarian-server.yaml index 94caa11e..ca88143f 100644 --- a/dev/config/tarian-server/tarian-server.yaml +++ b/dev/config/tarian-server/tarian-server.yaml @@ -16,7 +16,7 @@ spec: - name: tarian-server image: "localhost:5000/tarian-server:latest" args: - - "--log-formatter=text" + - "--log-formatter=json" - "--log-level=debug" - run - "--alertmanager-address=http://alertmanager:9093" diff --git a/pkg/clusteragent/grpc_servers.go b/pkg/clusteragent/grpc_servers.go index 85f171fc..a1b4341f 100644 --- a/pkg/clusteragent/grpc_servers.go +++ b/pkg/clusteragent/grpc_servers.go @@ -187,7 +187,7 @@ func NewEventServer(logger *logrus.Logger, tarianServerAddress string, opts []gr // - *tarianpb.IngestEventResponse: The response indicating the result of ingesting the event. // - error: An error if the request fails. func (es *EventServer) IngestEvent(requestContext context.Context, request *tarianpb.IngestEventRequest) (*tarianpb.IngestEventResponse, error) { - es.logger.Debug("Received ingest violation event RPC") + es.logger.Debug("Received ingest event RPC") ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second) defer cancel() diff --git a/pkg/nodeagent/capture_exec.go b/pkg/nodeagent/capture_exec.go index 11b1a1ad..35f94e42 100644 --- a/pkg/nodeagent/capture_exec.go +++ b/pkg/nodeagent/capture_exec.go @@ -125,7 +125,7 @@ func (c *CaptureExec) Start() { break } - pid := bpfEvt["processId"].(uint32) + pid := bpfEvt["hostProcessId"].(uint32) // Retrieve the container ID. containerID, err := procsContainerID(pid) fmt.Println("containerID", containerID, "err", err) @@ -153,6 +153,8 @@ func (c *CaptureExec) Start() { // Create an ExecEvent and send it to the events channel. execEvent := ExecEvent{ Pid: pid, + Filename: bpfEvt["directory"].(string) + "/" + bpfEvt["processName"].(string), + Command: bpfEvt["processName"].(string), ContainerID: containerID, K8sPodName: podName, K8sPodUID: podUID, @@ -182,15 +184,13 @@ func (c *CaptureExec) GetEvent() Event { func (c *CaptureExec) getTarianDetectorEbpfEvents() error { tarianEbpfModule, err := tarian.GetModule() if err != nil { - fmt.Println("error while get tarian ebpf module: ", err) - c.logger.Errorf("error while get tarian ebpf module: %v", err) + c.logger.Errorf("error while get tarian-detector ebpf module: %v", err) return fmt.Errorf("error while get tarian-detector ebpf module: %w", err) } tarianDetector, err := tarianEbpfModule.Prepare() if err != nil { - fmt.Printf("error while prepare tarian detector: %v", err) - c.logger.Errorf("error while prepare tarian detector: %v", err) + c.logger.Errorf("error while prepare tarian-detector: %v", err) return fmt.Errorf("error while prepare tarian-detector: %w", err) } @@ -203,7 +203,6 @@ func (c *CaptureExec) getTarianDetectorEbpfEvents() error { // Start and defer Close err = eventsDetector.Start() if err != nil { - fmt.Printf("error while start tarian detector: %v", err) c.logger.Errorf("error while start tarian detector: %v", err) return fmt.Errorf("error while start tarian-detector: %w", err) } @@ -216,8 +215,6 @@ func (c *CaptureExec) getTarianDetectorEbpfEvents() error { for { event, err := c.eventsDetector.ReadAsInterface() if err != nil { - fmt.Printf("error while read event: %v", err) - fmt.Print("error while read event as interface: ", err) c.logger.WithError(err).Error("error while read event") continue } diff --git a/pkg/nodeagent/nodeagent.go b/pkg/nodeagent/nodeagent.go index 85e51eba..bb4f9ab2 100644 --- a/pkg/nodeagent/nodeagent.go +++ b/pkg/nodeagent/nodeagent.go @@ -422,13 +422,13 @@ func (n *NodeAgent) RegisterViolationsAsNewConstraint(violation *ProcessViolatio func (n *NodeAgent) loopTarianDetectorReadEvents(ctx context.Context) error { tarianEbpfModule, err := tarian.GetModule() if err != nil { - n.logger.Errorf("error while get tarian ebpf module: %v", err) + n.logger.Errorf("error while get tarian-detector ebpf module: %v", err) return fmt.Errorf("error while get tarian-detector ebpf module: %w", err) } tarianDetector, err := tarianEbpfModule.Prepare() if err != nil { - n.logger.Errorf("error while prepare tarian detector: %v", err) + n.logger.Errorf("error while prepare tarian-detector: %v", err) return fmt.Errorf("error while prepare tarian-detector: %w", err) } diff --git a/pkg/server/ingestion_worker.go b/pkg/server/ingestion_worker.go index 12e4233b..44fb73d0 100644 --- a/pkg/server/ingestion_worker.go +++ b/pkg/server/ingestion_worker.go @@ -1,8 +1,6 @@ package server import ( - "encoding/json" - "github.com/kube-tarian/tarian/pkg/protoqueue" "github.com/kube-tarian/tarian/pkg/store" "github.com/kube-tarian/tarian/pkg/tarianpb" @@ -55,14 +53,7 @@ func (iw *IngestionWorker) Start() { continue } - buf, err := json.Marshal(event) - if err != nil { - iw.logger.WithError(err).Error("marshaling error: error while processing event") - continue - } - event.ServerTimestamp = timestamppb.Now() - logrus.Info(">> DEBUG IngestionWorker", "event", string(buf)) err = iw.eventStore.Add(event) if err != nil { From bbeba85a0969e5793fdeff2c8041394d60bb4601 Mon Sep 17 00:00:00 2001 From: Andy Librian Date: Sat, 9 Mar 2024 11:31:23 +0700 Subject: [PATCH 15/39] workaround: node-agent/tarian-detector needs libelf-dev --- Dockerfile-node-agent | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Dockerfile-node-agent b/Dockerfile-node-agent index 8ce6ccd6..1ce29a92 100644 --- a/Dockerfile-node-agent +++ b/Dockerfile-node-agent @@ -10,6 +10,8 @@ ENV LINUX_VERSION_MAJOR=$KERNEL_VERSION_MAJOR ENV LINUX_VERSION_MINOR=$KERNEL_VERSION_MINOR ENV LINUX_VERSION_PATCH=$KERNEL_VERSION_PATCH +RUN apt-get update && apt-get install -y libelf-dev + COPY ./tarian-node-agent . ENTRYPOINT ["./tarian-node-agent"] From 4f845d93bb8215743ad298770269c38846d60f1b Mon Sep 17 00:00:00 2001 From: Andy Librian Date: Sat, 9 Mar 2024 11:33:30 +0700 Subject: [PATCH 16/39] fix Anupam's code --- pkg/nodeagent/capture_exec.go | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/pkg/nodeagent/capture_exec.go b/pkg/nodeagent/capture_exec.go index 35f94e42..4cdefa80 100644 --- a/pkg/nodeagent/capture_exec.go +++ b/pkg/nodeagent/capture_exec.go @@ -110,11 +110,8 @@ func (c *CaptureExec) Start() { } watcher.Start() - err = c.getTarianDetectorEbpfEvents() - if err != nil { - c.event.errChan <- fmt.Errorf("CaptureExec.Start: failed to get tarian detector events: %w", err) - return - } + // Can't get the returned error with Goroutine. If it's needed, we can use a channel. + go c.getTarianDetectorEbpfEvents() for { // Wait for eBPF execution events. From 82e5793e6de4d74df9b18bb23bf64e94059ae2d9 Mon Sep 17 00:00:00 2001 From: Andy Librian Date: Sun, 10 Mar 2024 10:17:53 +0700 Subject: [PATCH 17/39] initial work on removing loopValidateProcesses --- pkg/nodeagent/capture_exec.go | 195 -------------------- pkg/nodeagent/nodeagent.go | 335 ++++++++++++++++++++-------------- test/k8s/test.sh | 5 +- 3 files changed, 206 insertions(+), 329 deletions(-) diff --git a/pkg/nodeagent/capture_exec.go b/pkg/nodeagent/capture_exec.go index 4cdefa80..0b9e87cf 100644 --- a/pkg/nodeagent/capture_exec.go +++ b/pkg/nodeagent/capture_exec.go @@ -1,16 +1,5 @@ package nodeagent -import ( - "context" - "fmt" - - "github.com/intelops/tarian-detector/pkg/detector" - "github.com/intelops/tarian-detector/tarian" - "github.com/sirupsen/logrus" - "k8s.io/client-go/kubernetes" - "k8s.io/client-go/rest" -) - // ExecEvent represents the structure of an execution event captured by the CaptureExec. // It stores information about a process execution event, including its process ID (Pid), // command name (Command), executable filename (Filename), associated container ID (ContainerID), @@ -44,187 +33,3 @@ type ExecEvent struct { // K8sPodAnnotations are the annotations associated with the Kubernetes Pod. K8sPodAnnotations map[string]string } - -// CaptureExec captures and processes execution events, associating them with Kubernetes Pods. -// It uses eBPF (Extended Berkeley Packet Filter) to capture execution events in the Linux kernel. -type CaptureExec struct { - ctx context.Context - event Event // captured Event - shouldClose bool // Flag indicating whether the capture should be closed - nodeName string // The name of the node where the capture is running - logger *logrus.Logger // Logger instance for logging - eventsDetectorChan chan map[string]any - eventsDetector *detector.EventsDetector -} - -// Event contains the events channel and the error channel -type Event struct { - eventsChan chan ExecEvent - errChan chan error -} - -// NewCaptureExec creates a new CaptureExec instance for capturing and processing execution events. -// It initializes the eBPF capture execution instance and sets up a channel for sending events. -// -// Parameters: -// - logger: A logger instance for logging. -// -// Returns: -// - *CaptureExec: A new instance of CaptureExec. -// - error: An error if creating the eBPF capture execution instance fails. -func NewCaptureExec(ctx context.Context, logger *logrus.Logger) (*CaptureExec, error) { - return &CaptureExec{ - ctx: ctx, - event: Event{eventsChan: make(chan ExecEvent, 1000), errChan: make(chan error)}, - logger: logger, - eventsDetectorChan: make(chan map[string]any, 1000), - }, nil -} - -// SetNodeName sets the name of the node where the capture is running. -// -// Parameters: -// - name: The name of the node. -func (c *CaptureExec) SetNodeName(name string) { - c.nodeName = name -} - -// Start begins capturing execution events and associating them with Kubernetes Pods. -// It returns an error if any of the setup steps fail. -func (c *CaptureExec) Start() { - // Get in-cluster configuration for Kubernetes. - config, err := rest.InClusterConfig() - if err != nil { - c.event.errChan <- fmt.Errorf("CaptureExec.Start: failed to get in cluster config: %w", err) - return - } - - // Create a Kubernetes client. - k8sClient := kubernetes.NewForConfigOrDie(config) - - // Create a PodWatcher to watch for Pods on the node. - watcher, err := NewPodWatcher(c.logger, k8sClient, c.nodeName) - if err != nil { - c.event.errChan <- fmt.Errorf("CaptureExec.Start: failed to create pod watcher: %w", err) - return - } - watcher.Start() - - // Can't get the returned error with Goroutine. If it's needed, we can use a channel. - go c.getTarianDetectorEbpfEvents() - - for { - // Wait for eBPF execution events. - bpfEvt := <-c.eventsDetectorChan - - // Check if the capture should be closed. - if c.shouldClose { - break - } - - pid := bpfEvt["hostProcessId"].(uint32) - // Retrieve the container ID. - containerID, err := procsContainerID(pid) - fmt.Println("containerID", containerID, "err", err) - if err != nil { - continue - } - - // Find the corresponding Kubernetes Pod. - pod := watcher.FindPod(containerID) - - var podName string - var podUID string - var namespace string - var podLabels map[string]string - var podAnnotations map[string]string - - if pod != nil { - podName = pod.GetName() - podUID = string(pod.GetUID()) - namespace = pod.GetNamespace() - podLabels = pod.GetLabels() - podAnnotations = pod.GetAnnotations() - } - - // Create an ExecEvent and send it to the events channel. - execEvent := ExecEvent{ - Pid: pid, - Filename: bpfEvt["directory"].(string) + "/" + bpfEvt["processName"].(string), - Command: bpfEvt["processName"].(string), - ContainerID: containerID, - K8sPodName: podName, - K8sPodUID: podUID, - K8sNamespace: namespace, - K8sPodLabels: podLabels, - K8sPodAnnotations: podAnnotations, - } - c.event.eventsChan <- execEvent - } -} - -// Close stops the capture process and closes associated resources. -func (c *CaptureExec) Close() { - c.shouldClose = true - c.eventsDetector.Close() -} - -// GetEvent returns the Event which contains channel for receiving events and error channel. -func (c *CaptureExec) GetEvent() Event { - return c.event -} - -// getTarianDetectorEbpfEvents retrieves Tarian detector EBPF events. -// -// No parameters. -// Returns an error. -func (c *CaptureExec) getTarianDetectorEbpfEvents() error { - tarianEbpfModule, err := tarian.GetModule() - if err != nil { - c.logger.Errorf("error while get tarian-detector ebpf module: %v", err) - return fmt.Errorf("error while get tarian-detector ebpf module: %w", err) - } - - tarianDetector, err := tarianEbpfModule.Prepare() - if err != nil { - c.logger.Errorf("error while prepare tarian-detector: %v", err) - return fmt.Errorf("error while prepare tarian-detector: %w", err) - } - - // Instantiate event detectors - eventsDetector := detector.NewEventsDetector() - - // Add ebpf programs to detectors - eventsDetector.Add(tarianDetector) - - // Start and defer Close - err = eventsDetector.Start() - if err != nil { - c.logger.Errorf("error while start tarian detector: %v", err) - return fmt.Errorf("error while start tarian-detector: %w", err) - } - - c.eventsDetector = eventsDetector - - defer c.eventsDetector.Close() - - go func() { - for { - event, err := c.eventsDetector.ReadAsInterface() - if err != nil { - c.logger.WithError(err).Error("error while read event") - continue - } - - if event == nil { - continue - } - - c.eventsDetectorChan <- event - } - }() - - <-c.ctx.Done() - return c.ctx.Err() - -} diff --git a/pkg/nodeagent/nodeagent.go b/pkg/nodeagent/nodeagent.go index bb4f9ab2..2cb2c706 100644 --- a/pkg/nodeagent/nodeagent.go +++ b/pkg/nodeagent/nodeagent.go @@ -18,6 +18,9 @@ import ( "google.golang.org/grpc" "google.golang.org/grpc/credentials/insecure" "google.golang.org/protobuf/types/known/timestamppb" + corev1 "k8s.io/api/core/v1" + "k8s.io/client-go/kubernetes" + "k8s.io/client-go/rest" ) // ThreatScanAnnotation is the annotation key used to enable threat scans on pods. @@ -104,18 +107,13 @@ func (n *NodeAgent) Run() { defer n.grpcConn.Close() wg := sync.WaitGroup{} - wg.Add(3) + wg.Add(2) go func() { _ = n.loopSyncConstraints(n.cancelCtx) wg.Done() }() - go func() { - _ = n.loopValidateProcesses(n.cancelCtx) - wg.Done() - }() - go func() { _ = n.loopTarianDetectorReadEvents(n.cancelCtx) wg.Done() @@ -180,73 +178,231 @@ func (n *NodeAgent) SyncConstraints() { n.constraintsInitialized = true } -// loopValidateProcesses continuously validates processes against constraints. -// -// Parameters: -// - ctx: The context for the loop. +// loopTarianDetectorReadEvents reads events from the Tarian detector and sends them to the cluster agent. // -// Returns: -// - error: An error, if any, encountered during the loop. -func (n *NodeAgent) loopValidateProcesses(ctx context.Context) error { - captureExec, err := NewCaptureExec(ctx, n.logger) +// ctx context.Context +// error +func (n *NodeAgent) loopTarianDetectorReadEvents(ctx context.Context) error { + // Create a PodWatcher to watch for Pods on the node. + podWatcher, err := n.setupPodWatcher() if err != nil { - return fmt.Errorf("nodeagent: %w", err) + return err } + podWatcher.Start() - captureExec.SetNodeName(n.nodeName) + eventsDetector, err := n.setupEventsDetector() + if err != nil { + return err + } - exeEvent := captureExec.GetEvent() - go captureExec.Start() + // Start eventsDetector and defer Close + err = eventsDetector.Start() + if err != nil { + n.logger.Errorf("error while starting tarian detector: %v", err) + return fmt.Errorf("error while starting tarian-detector: %w", err) + } + defer eventsDetector.Close() for { select { - case err := <-exeEvent.errChan: - captureExec.Close() - return fmt.Errorf("nodeagent: %w", err) case <-ctx.Done(): - captureExec.Close() - return fmt.Errorf("nodeagent: %w", ctx.Err()) - case evt := <-exeEvent.eventsChan: - if !n.constraintsInitialized { + return ctx.Err() + default: + event, err := eventsDetector.ReadAsInterface() + if err != nil { + n.logger.Errorf("tarian-detector: error while read event: %v", err) + continue + } + + if event == nil { + continue + } + + pid := event["hostProcessId"].(uint32) + + // Retrieve the container ID. + containerID, err := procsContainerID(pid) + if err != nil { continue } - _, threatScanAnnotationPresent := evt.K8sPodAnnotations[ThreatScanAnnotation] - registerAnnotationValue, registerAnnotationPresent := evt.K8sPodAnnotations[RegisterAnnotation] - if !threatScanAnnotationPresent && !registerAnnotationPresent { + if containerID == "" { continue } - // Pod has a register annotation but the cluster disables registration - if registerAnnotationPresent && !n.enableAddConstraint { + // Find the corresponding Kubernetes Pod. + pod := podWatcher.FindPod(containerID) + if pod == nil { continue } - violation := n.ValidateProcess(&evt) - if violation != nil { - registerProcess := false - registerRules := strings.Split(registerAnnotationValue, ",") - for _, rule := range registerRules { - switch strings.TrimSpace(rule) { - case "processes": - registerProcess = true - case "all": - registerProcess = true - } + // TODO: sys_execve_entry could be added here + // But for kubectl exec, the detected entry comm is still the wrapper: runc:init + // With sys_execve_exit, the comm is the target process + detectionDataType := event["eventId"].(string) + if detectionDataType == "sys_execve_exit" { + execEvent, err2 := n.execEventFromTarianDetector(event, containerID, pod) + if err2 != nil { + n.logger.WithField("err", err2).Error("tarian-detector: error while converting tarian-detector to execEvent") } - if registerProcess { - n.logger.WithField("comm", evt).Debug("violated process detected, going to register") - n.RegisterViolationsAsNewConstraint(violation) - } else { - n.logger.WithField("comm", evt).Debug("violated process detected") - n.ReportViolationsToClusterAgent(violation) + if execEvent != nil { + n.handleExecEvent(execEvent) } } + + byteData, err := json.Marshal(event) + if err != nil { + n.logger.Error("tarian-detector: error while marshaling event", "err", err) + continue + } + + n.SendDetectionEventToClusterAgent(detectionDataType, string(byteData)) + n.logger.WithField("binary_file_path", event["directory"]).WithField("hostProcessId", event["hostProcessId"]). + WithField("processId", event["processId"]).WithField("comm", event["processName"]).Info("tarian-detector: ", detectionDataType) } } } +func (n *NodeAgent) setupEventsDetector() (*detector.EventsDetector, error) { + tarianEbpfModule, err := tarian.GetModule() + if err != nil { + n.logger.Errorf("error while get tarian-detector ebpf module: %v", err) + return nil, fmt.Errorf("error while get tarian-detector ebpf module: %w", err) + } + + tarianDetector, err := tarianEbpfModule.Prepare() + if err != nil { + n.logger.Errorf("error while prepare tarian-detector: %v", err) + return nil, fmt.Errorf("error while prepare tarian-detector: %w", err) + } + + // Instantiate event detectors + eventsDetector := detector.NewEventsDetector() + + // Add ebpf programs to detectors + eventsDetector.Add(tarianDetector) + + return eventsDetector, nil +} + +func (n *NodeAgent) setupPodWatcher() (*PodWatcher, error) { + // Get in-cluster configuration for Kubernetes. + config, err := rest.InClusterConfig() + if err != nil { + n.logger.Errorf("error while creating k8s client config: %v", err) + return nil, fmt.Errorf("error while creating k8s client config: %w", err) + } + + // Create a Kubernetes client. + k8sClient := kubernetes.NewForConfigOrDie(config) + + watcher, err := NewPodWatcher(n.logger, k8sClient, n.nodeName) + if err != nil { + n.logger.Errorf("error while starting pod-watcher: %v", err) + return nil, fmt.Errorf("error while starting pod-watcher: %w", err) + } + + return watcher, nil +} + +func (n *NodeAgent) execEventFromTarianDetector(bpfEvt map[string]any, containerID string, pod *corev1.Pod) (*ExecEvent, error) { + pid := bpfEvt["hostProcessId"].(uint32) + + var podName string + var podUID string + var namespace string + var podLabels map[string]string + var podAnnotations map[string]string + + podName = pod.GetName() + podUID = string(pod.GetUID()) + namespace = pod.GetNamespace() + podLabels = pod.GetLabels() + podAnnotations = pod.GetAnnotations() + + // Create an ExecEvent and send it to the events channel. + execEvent := &ExecEvent{ + Pid: pid, + Filename: bpfEvt["directory"].(string) + "/" + bpfEvt["processName"].(string), + Command: bpfEvt["processName"].(string), + ContainerID: containerID, + K8sPodName: podName, + K8sPodUID: podUID, + K8sNamespace: namespace, + K8sPodLabels: podLabels, + K8sPodAnnotations: podAnnotations, + } + + return execEvent, nil +} + +func (n *NodeAgent) handleExecEvent(evt *ExecEvent) error { + if !n.constraintsInitialized { + return nil + } + + _, threatScanAnnotationPresent := evt.K8sPodAnnotations[ThreatScanAnnotation] + registerAnnotationValue, registerAnnotationPresent := evt.K8sPodAnnotations[RegisterAnnotation] + if !threatScanAnnotationPresent && !registerAnnotationPresent { + return nil + } + + // Pod has a register annotation but the cluster disables registration + if registerAnnotationPresent && !n.enableAddConstraint { + return nil + } + + violation := n.ValidateProcess(evt) + if violation != nil { + registerProcess := false + registerRules := strings.Split(registerAnnotationValue, ",") + for _, rule := range registerRules { + switch strings.TrimSpace(rule) { + case "processes": + registerProcess = true + case "all": + registerProcess = true + } + } + + if registerProcess { + n.logger.WithField("comm", evt).Debug("violated process detected, going to register") + n.RegisterViolationsAsNewConstraint(violation) + } else { + n.logger.WithField("comm", evt).Debug("violated process detected") + n.ReportViolationsToClusterAgent(violation) + } + } + + return nil +} + +// SendDetectionEventToClusterAgent sends a detection event to the cluster agent. +// +// It takes two parameters: detectionDataType of type string, and detectionData of type string. +func (n *NodeAgent) SendDetectionEventToClusterAgent(detectionDataType, detectionData string) { + req := tarianpb.IngestEventRequest{ + Event: &tarianpb.Event{ + Type: tarianpb.EventTypeDetection, + ClientTimestamp: timestamppb.New(time.Now()), + Targets: []*tarianpb.Target{ + { + DetectionDataType: detectionDataType, + DetectionData: detectionData, + }, + }, + }, + } + + resp, err := n.eventClient.IngestEvent(context.Background(), &req) + if err != nil { + n.logger.Error("error while sending detection events", "err", err) + } else { + n.logger.Debug("ingest event response", "response", resp) + } +} + // ValidateProcess validates a process event against constraints. // // Parameters: @@ -415,91 +571,6 @@ func (n *NodeAgent) RegisterViolationsAsNewConstraint(violation *ProcessViolatio } } -// loopTarianDetectorReadEvents reads events from the Tarian detector and sends them to the cluster agent. -// -// ctx context.Context -// error -func (n *NodeAgent) loopTarianDetectorReadEvents(ctx context.Context) error { - tarianEbpfModule, err := tarian.GetModule() - if err != nil { - n.logger.Errorf("error while get tarian-detector ebpf module: %v", err) - return fmt.Errorf("error while get tarian-detector ebpf module: %w", err) - } - - tarianDetector, err := tarianEbpfModule.Prepare() - if err != nil { - n.logger.Errorf("error while prepare tarian-detector: %v", err) - return fmt.Errorf("error while prepare tarian-detector: %w", err) - } - - // Instantiate event detectors - eventsDetector := detector.NewEventsDetector() - - // Add ebpf programs to detectors - eventsDetector.Add(tarianDetector) - - // Start and defer Close - err = eventsDetector.Start() - if err != nil { - n.logger.Errorf("error while start tarian detector: %v", err) - return fmt.Errorf("error while start tarian-detector: %w", err) - } - - defer eventsDetector.Close() - - go func() { - for { - event, err := eventsDetector.ReadAsInterface() - if err != nil { - n.logger.Errorf("tarian-detector: error while read event: %v", err) - continue - } - - if event == nil { - continue - } - detectionDataType := event["eventId"].(string) - byteData, err := json.Marshal(event) - if err != nil { - n.logger.Error("tarian-detector: error while marshaling event", "err", err) - continue - } - - n.SendDetectionEventToClusterAgent(detectionDataType, string(byteData)) - n.logger.Info("tarian-detector: ", detectionDataType, "binary_file_path", event["directory"], "hostProcessId", event["hostProcessId"], - "processId", event["processId"], "comm", event["processName"]) - } - }() - - <-ctx.Done() - return ctx.Err() -} - -// SendDetectionEventToClusterAgent sends a detection event to the cluster agent. -// -// It takes two parameters: detectionDataType of type string, and detectionData of type string. -func (n *NodeAgent) SendDetectionEventToClusterAgent(detectionDataType, detectionData string) { - req := tarianpb.IngestEventRequest{ - Event: &tarianpb.Event{ - Type: tarianpb.EventTypeDetection, - ClientTimestamp: timestamppb.New(time.Now()), - Targets: []*tarianpb.Target{ - { - DetectionDataType: detectionDataType, - DetectionData: detectionData, - }, - }, - }, - } - - resp, err := n.eventClient.IngestEvent(context.Background(), &req) - if err != nil { - n.logger.Error("error while sending detection events", "err", err) - } else { - n.logger.Debug("ingest event response", "response", resp) - } -} - // matchLabelsFromPodLabels converts a map of labels to a slice of MatchLabel protobufs. // // Parameters: diff --git a/test/k8s/test.sh b/test/k8s/test.sh index 864d7f45..132f3d80 100755 --- a/test/k8s/test.sh +++ b/test/k8s/test.sh @@ -59,8 +59,9 @@ test $(kubectl run -ti --restart=Never verify-alerts --image=curlimages/curl -- || (echo "expected alerts created" && false) # run command to register constraints -kubectl exec -ti nginx2 -c nginx -- pwd -kubectl exec -ti nginx2 -c nginx -- ls / +# multiple times to compensate occassional eBPF missing events +for i in {1..5}; do kubectl exec -ti nginx2 -c nginx -- pwd; sleep 1; done +for i in {1..5}; do kubectl exec -ti nginx2 -c nginx -- ls /; sleep 1; done # give time for tarian-cluser-agent to process data from node agents sleep 5 From 118fbdf8bc59f280f89c03ce9e9c7ae58358dec6 Mon Sep 17 00:00:00 2001 From: Andy Librian Date: Mon, 11 Mar 2024 12:06:37 +0700 Subject: [PATCH 18/39] attempt to fix CI - 1 --- pkg/nodeagent/nodeagent.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/pkg/nodeagent/nodeagent.go b/pkg/nodeagent/nodeagent.go index 2cb2c706..dc1aae79 100644 --- a/pkg/nodeagent/nodeagent.go +++ b/pkg/nodeagent/nodeagent.go @@ -247,7 +247,10 @@ func (n *NodeAgent) loopTarianDetectorReadEvents(ctx context.Context) error { } if execEvent != nil { - n.handleExecEvent(execEvent) + err3 := n.handleExecEvent(execEvent) + if err3 != nil { + n.logger.WithField("err", err3).Error("node-agent: error while handling exec event") + } } } From 0389c2677733fad2ea2d3cbd89267a6dda0da1a3 Mon Sep 17 00:00:00 2001 From: Andy Librian Date: Mon, 11 Mar 2024 13:05:09 +0700 Subject: [PATCH 19/39] attempt to fix CI - 2 --- .../tarian-node-agent/tarian-node-agent.yaml | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/dev/config/tarian-node-agent/tarian-node-agent.yaml b/dev/config/tarian-node-agent/tarian-node-agent.yaml index ed58028f..040a5261 100644 --- a/dev/config/tarian-node-agent/tarian-node-agent.yaml +++ b/dev/config/tarian-node-agent/tarian-node-agent.yaml @@ -32,10 +32,16 @@ spec: mountPath: /sys/fs/bpf mountPropagation: Bidirectional env: - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: LINUX_VERSION_MAJOR + value: "6" + - name: LINUX_VERSION_MINOR + value: "5" + - name: LINUX_VERSION_PATCH + value: "0" serviceAccountName: tarian-node-agent volumes: - name: host-proc From f871b26ed7160784b76fa3d1b23fb78ed85dd32e Mon Sep 17 00:00:00 2001 From: Andy Librian Date: Mon, 11 Mar 2024 14:22:10 +0700 Subject: [PATCH 20/39] attempt to fix CI - 3 --- .../templates/tarian-node-agent-daemonset.yaml | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/charts/tarian-cluster-agent/templates/tarian-node-agent-daemonset.yaml b/charts/tarian-cluster-agent/templates/tarian-node-agent-daemonset.yaml index 078450f0..b3418061 100644 --- a/charts/tarian-cluster-agent/templates/tarian-node-agent-daemonset.yaml +++ b/charts/tarian-cluster-agent/templates/tarian-node-agent-daemonset.yaml @@ -37,10 +37,16 @@ spec: mountPath: /sys/fs/bpf mountPropagation: Bidirectional env: - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: LINUX_VERSION_MAJOR + value: "6" + - name: LINUX_VERSION_MINOR + value: "5" + - name: LINUX_VERSION_PATCH + value: "0" serviceAccountName: {{ .Release.Name }}-node-sa volumes: - name: host-proc From 60fed95fb7aa28494c49f8e43c50c18a4d922eee Mon Sep 17 00:00:00 2001 From: Andy Librian Date: Thu, 14 Mar 2024 17:13:59 +0700 Subject: [PATCH 21/39] attempt to fix CI - 4 --- go.mod | 34 +++++++++++++++-------------- go.sum | 68 +++++++++++++++++++++++++++++----------------------------- 2 files changed, 52 insertions(+), 50 deletions(-) diff --git a/go.mod b/go.mod index 73878cfc..ac787528 100644 --- a/go.mod +++ b/go.mod @@ -10,9 +10,9 @@ require ( github.com/open-policy-agent/cert-controller v0.10.0 github.com/prometheus/alertmanager v0.24.0 github.com/scylladb/go-set v1.0.2 - github.com/stretchr/testify v1.8.4 + github.com/stretchr/testify v1.9.0 google.golang.org/grpc v1.58.3 - google.golang.org/protobuf v1.32.0 + google.golang.org/protobuf v1.33.0 gopkg.in/yaml.v3 v3.0.1 k8s.io/api v0.29.2 k8s.io/apimachinery v0.29.2 @@ -30,16 +30,16 @@ require ( github.com/go-logr/logr v1.4.1 // indirect github.com/go-openapi/analysis v0.21.2 // indirect github.com/go-openapi/errors v0.20.2 // indirect - github.com/go-openapi/jsonpointer v0.20.2 // indirect - github.com/go-openapi/jsonreference v0.20.4 // indirect + github.com/go-openapi/jsonpointer v0.21.0 // indirect + github.com/go-openapi/jsonreference v0.21.0 // indirect github.com/go-openapi/loads v0.21.1 // indirect github.com/go-openapi/spec v0.20.4 // indirect - github.com/go-openapi/swag v0.22.9 // indirect + github.com/go-openapi/swag v0.23.0 // indirect github.com/go-openapi/validate v0.21.0 // indirect github.com/gogo/googleapis v1.1.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect - github.com/golang/protobuf v1.5.3 // indirect + github.com/golang/protobuf v1.5.4 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect github.com/google/uuid v1.6.0 // indirect @@ -61,10 +61,10 @@ require ( github.com/spf13/pflag v1.0.5 go.mongodb.org/mongo-driver v1.10.0 // indirect go.uber.org/atomic v1.11.0 // indirect - golang.org/x/net v0.21.0 - golang.org/x/oauth2 v0.17.0 // indirect - golang.org/x/sys v0.17.0 // indirect - golang.org/x/term v0.17.0 // indirect + golang.org/x/net v0.22.0 + golang.org/x/oauth2 v0.18.0 // indirect + golang.org/x/sys v0.18.0 // indirect + golang.org/x/term v0.18.0 // indirect golang.org/x/text v0.14.0 // indirect golang.org/x/time v0.5.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect @@ -74,13 +74,13 @@ require ( k8s.io/apiextensions-apiserver v0.29.0 // indirect k8s.io/component-base v0.29.0 // indirect k8s.io/klog/v2 v2.120.1 // indirect - k8s.io/kube-openapi v0.0.0-20240221221325-2ac9dc51f3f1 // indirect + k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect sigs.k8s.io/yaml v1.4.0 // indirect ) require ( - github.com/cilium/ebpf v0.13.1 + github.com/cilium/ebpf v0.13.2 github.com/dgraph-io/dgo/v210 v210.0.0-20220113041351-ba0e5dfc4c3e github.com/intelops/tarian-detector v0.0.0-20240226164335-7701e4e67daa github.com/nats-io/nats.go v1.22.1 @@ -99,12 +99,12 @@ require ( github.com/moby/spdystream v0.2.0 // indirect github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect go.opentelemetry.io/otel/metric v1.19.0 // indirect - golang.org/x/exp v0.0.0-20240213143201-ec583247a57a // indirect + golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect ) require ( - github.com/emicklei/go-restful/v3 v3.11.2 // indirect + github.com/emicklei/go-restful/v3 v3.11.3 // indirect github.com/evanphx/json-patch/v5 v5.8.0 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect @@ -113,8 +113,10 @@ require ( github.com/olekukonko/tablewriter v0.0.5 go.opentelemetry.io/otel v1.19.0 // indirect go.opentelemetry.io/otel/trace v1.19.0 // indirect - golang.org/x/crypto v0.19.0 // indirect + golang.org/x/crypto v0.21.0 // indirect golang.org/x/sync v0.5.0 - k8s.io/utils v0.0.0-20240102154912-e7106e64919e // indirect + k8s.io/utils v0.0.0-20240310230437-4693a0247e57 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect ) + +replace github.com/intelops/tarian-detector => github.com/andylibrian/tarian-detector v0.0.0-20240314095358-bd4d5419e74a diff --git a/go.sum b/go.sum index 536a547d..26ae7356 100644 --- a/go.sum +++ b/go.sum @@ -41,6 +41,8 @@ github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRF github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE= +github.com/andylibrian/tarian-detector v0.0.0-20240314095358-bd4d5419e74a h1:8nYnMuaN3B0iflTDJrjh1SOQUijvIR4Qw+0Q+GHQYYk= +github.com/andylibrian/tarian-detector v0.0.0-20240314095358-bd4d5419e74a/go.mod h1:dXcRWq8AHABseHsjcnM8iJqwXCGX+dGGOR8kiXw1acY= github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= @@ -64,8 +66,8 @@ github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XL github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/cilium/ebpf v0.13.1 h1:HS+79DRNPhE0fp5wUz8QiYfp2kF34ndLEZHtUAJE52U= -github.com/cilium/ebpf v0.13.1/go.mod h1:DHp1WyrLeiBh19Cf/tfiSMhqheEiK8fXFZ4No0P1Hso= +github.com/cilium/ebpf v0.13.2 h1:uhLimLX+jF9BTPPvoCUYh/mBeoONkjgaJ9w9fn0mRj4= +github.com/cilium/ebpf v0.13.2/go.mod h1:DHp1WyrLeiBh19Cf/tfiSMhqheEiK8fXFZ4No0P1Hso= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= @@ -76,8 +78,8 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/dgraph-io/dgo/v210 v210.0.0-20220113041351-ba0e5dfc4c3e h1:+RV+hvGYPEqTABBflJss35nBDU9GNq4aKVR85dKqSz0= github.com/dgraph-io/dgo/v210 v210.0.0-20220113041351-ba0e5dfc4c3e/go.mod h1:dCzdThGGTPYOAuNtrM6BiXj/86voHn7ZzkPL6noXR3s= github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= -github.com/emicklei/go-restful/v3 v3.11.2 h1:1onLa9DcsMYO9P+CXaL0dStDqQ2EHHXLiz+BtnqkLAU= -github.com/emicklei/go-restful/v3 v3.11.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.11.3 h1:yagOQz/38xJmcNeZJtrUcKjkHRltIaIFXKWeG1SkWGE= +github.com/emicklei/go-restful/v3 v3.11.3/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= @@ -121,11 +123,11 @@ github.com/go-openapi/errors v0.20.2 h1:dxy7PGTqEh94zj2E3h1cUmQQWiM1+aeCROfAr02E github.com/go-openapi/errors v0.20.2/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonpointer v0.20.2 h1:mQc3nmndL8ZBzStEo3JYF8wzmeWffDH4VbXz58sAx6Q= -github.com/go-openapi/jsonpointer v0.20.2/go.mod h1:bHen+N0u1KEO3YlmqOjTT9Adn1RfD91Ar825/PuiRVs= +github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ= +github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY= github.com/go-openapi/jsonreference v0.19.6/go.mod h1:diGHMEHg2IqXZGKxqyvWdfWU/aim5Dprw5bqpKkTvns= -github.com/go-openapi/jsonreference v0.20.4 h1:bKlDxQxQJgwpUSgOENiMPzCTBVuc7vTdXSSgNeAhojU= -github.com/go-openapi/jsonreference v0.20.4/go.mod h1:5pZJyJP2MnYCpoeoMAql78cCHauHj0V9Lhc506VOpw4= +github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ= +github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4= github.com/go-openapi/loads v0.21.1 h1:Wb3nVZpdEzDTcly8S4HMkey6fjARRzb7iEaySimlDW0= github.com/go-openapi/loads v0.21.1/go.mod h1:/DtAMXXneXFjbQMGEtbamCZb+4x7eGwkvZCvBmwUG+g= github.com/go-openapi/runtime v0.23.1/go.mod h1:AKurw9fNre+h3ELZfk6ILsfvPN+bvvlaU/M9q/r9hpk= @@ -141,8 +143,8 @@ github.com/go-openapi/strfmt v0.21.3/go.mod h1:k+RzNO0Da+k3FrrynSNN8F7n/peCmQQqb github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.15/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-openapi/swag v0.21.1/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= -github.com/go-openapi/swag v0.22.9 h1:XX2DssF+mQKM2DHsbgZK74y/zj4mo9I99+89xUmuZCE= -github.com/go-openapi/swag v0.22.9/go.mod h1:3/OXnFfnMAwBD099SwYRk7GD3xOrr1iL7d/XNLXVVwE= +github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= +github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= github.com/go-openapi/validate v0.21.0 h1:+Wqk39yKOhfpLqNLEC0/eViCkzM5FVXVqrvt526+wcI= github.com/go-openapi/validate v0.21.0/go.mod h1:rjnrwK57VJ7A8xqfpAOEKRH8yQSGUriMu5/zuPSQ1hg= github.com/go-playground/assert/v2 v2.0.1/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4= @@ -218,8 +220,8 @@ github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= -github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= +github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= @@ -278,8 +280,6 @@ github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= -github.com/intelops/tarian-detector v0.0.0-20240226164335-7701e4e67daa h1:ExaZjScIYDDIfCOygau+d09cvJdJdrWEN3yfHdehgbE= -github.com/intelops/tarian-detector v0.0.0-20240226164335-7701e4e67daa/go.mod h1:u7VW9+KOi2ujvIevz/LtfaXkjfkBp7BKgGuPcSq814E= github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= @@ -463,8 +463,8 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= -github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI= @@ -521,8 +521,8 @@ golang.org/x/crypto v0.0.0-20210314154223-e6e6c4f2bb5b/go.mod h1:T9bdIzuCu7OtxOm golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.19.0 h1:ENy+Az/9Y1vSrlrvBSyna3PITt4tiZLf7sgCjZBX7Wo= -golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= +golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA= +golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -533,8 +533,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/exp v0.0.0-20240213143201-ec583247a57a h1:HinSgX1tJRX3KsL//Gxynpw5CTOAIPhgL4W8PNiIpVE= -golang.org/x/exp v0.0.0-20240213143201-ec583247a57a/go.mod h1:CxmFvTBINI24O/j8iY7H1xHzx2i4OsyguNBmN/uPtqc= +golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 h1:LfspQV/FYTatPTr/3HzIcmiUFH7PGP+OQ6mgDYo3yuQ= +golang.org/x/exp v0.0.0-20240222234643-814bf88cf225/go.mod h1:CxmFvTBINI24O/j8iY7H1xHzx2i4OsyguNBmN/uPtqc= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -596,16 +596,16 @@ golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4= -golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= +golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc= +golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.17.0 h1:6m3ZPmLEFdVxKKWnKq4VqZ60gutO35zm+zrAHVmHyDQ= -golang.org/x/oauth2 v0.17.0/go.mod h1:OzPDGQiuQMguemayvdylqddI7qcD9lnSDb+1FiwQ5HA= +golang.org/x/oauth2 v0.18.0 h1:09qnuIAgzdx1XplqJvW6CQqMCtGZykZWcXzPMPUusvI= +golang.org/x/oauth2 v0.18.0/go.mod h1:Wf7knwG0MPoWIMMBgFlEaSUDaKskp0dCfrlJRJXbBi8= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -676,13 +676,13 @@ golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y= -golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4= +golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.17.0 h1:mkTF7LCd6WGJNL3K1Ad7kwxNfYAW6a8a8QqtMblp/4U= -golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= +golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8= +golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -839,8 +839,8 @@ google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGj google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I= -google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= +google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -887,10 +887,10 @@ k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-aggregator v0.28.1 h1:rvG4llYnQKHjj6YjjoBPEJxfD1uH0DJwkrJTNKGAaCs= k8s.io/kube-aggregator v0.28.1/go.mod h1:JaLizMe+AECSpO2OmrWVsvnG0V3dX1RpW+Wq/QHbu18= -k8s.io/kube-openapi v0.0.0-20240221221325-2ac9dc51f3f1 h1:rtdnaWfP40MTKv7izH81gkWpZB45pZrwIxyZdPSn1mI= -k8s.io/kube-openapi v0.0.0-20240221221325-2ac9dc51f3f1/go.mod h1:Pa1PvrP7ACSkuX6I7KYomY6cmMA0Tx86waBhDUgoKPw= -k8s.io/utils v0.0.0-20240102154912-e7106e64919e h1:eQ/4ljkx21sObifjzXwlPKpdGLrCfRziVtos3ofG/sQ= -k8s.io/utils v0.0.0-20240102154912-e7106e64919e/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag= +k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= +k8s.io/utils v0.0.0-20240310230437-4693a0247e57 h1:gbqbevonBh57eILzModw6mrkbwM0gQBEuevE/AaBsHY= +k8s.io/utils v0.0.0-20240310230437-4693a0247e57/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= From 7f9f7a6934d5801a6dc0410c49b59a940342a7f4 Mon Sep 17 00:00:00 2001 From: Andy Librian Date: Sat, 16 Mar 2024 15:20:09 +0700 Subject: [PATCH 22/39] attempt to fix CI - 5 --- test/k8s/test.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/test/k8s/test.sh b/test/k8s/test.sh index 132f3d80..368b51aa 100755 --- a/test/k8s/test.sh +++ b/test/k8s/test.sh @@ -6,7 +6,11 @@ export TARIAN_SERVER_ADDRESS=localhost:31051 export PATH=$PATH:./bin # run db migration and seed data +kubectl exec -ti deploy/tarian-server -n tarian-system -- ./tarian-server dgraph apply-schema || sleep 1 +# Retry in case of failure +kubectl exec -ti deploy/tarian-server -n tarian-system -- ./tarian-server dgraph apply-schema || sleep 1 kubectl exec -ti deploy/tarian-server -n tarian-system -- ./tarian-server dgraph apply-schema + tarianctl add constraint --name nginx --namespace default --match-labels run=nginx --allowed-processes=pause,tarian-pod-agent,nginx tarianctl add constraint --name nginx-files --namespace default --match-labels run=nginx --allowed-file-sha256sums=/usr/share/nginx/html/index.html=38ffd4972ae513a0c79a8be4573403edcd709f0f572105362b08ff50cf6de521 tarianctl get constraints From f977532566dfefbcd6b2a80e4082a6cf48f7e020 Mon Sep 17 00:00:00 2001 From: Andy Librian Date: Sat, 16 Mar 2024 16:53:20 +0700 Subject: [PATCH 23/39] Fix tarian-node-agent issue running on cgr static image --- .goreleaser.yml | 1 + Dockerfile-node-agent | 6 +----- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/.goreleaser.yml b/.goreleaser.yml index 7b4f32fd..5a948c41 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -38,6 +38,7 @@ builds: main: ./cmd/tarian-node-agent/ binary: tarian-node-agent env: + - CGO_ENABLED=0 goos: - linux goarch: diff --git a/Dockerfile-node-agent b/Dockerfile-node-agent index 1ce29a92..cc66aea9 100644 --- a/Dockerfile-node-agent +++ b/Dockerfile-node-agent @@ -1,6 +1,4 @@ -# FROM cgr.dev/chainguard/static:latest -#FROM cgr.dev/chainguard/static@sha256:2ea44d9bdd177a07e6fba8a60f7d45cb8a7358586a5f740187866566e6df310d -FROM ubuntu:jammy +FROM cgr.dev/chainguard/static@sha256:2ea44d9bdd177a07e6fba8a60f7d45cb8a7358586a5f740187866566e6df310d ARG KERNEL_VERSION_MAJOR ARG KERNEL_VERSION_MINOR @@ -10,8 +8,6 @@ ENV LINUX_VERSION_MAJOR=$KERNEL_VERSION_MAJOR ENV LINUX_VERSION_MINOR=$KERNEL_VERSION_MINOR ENV LINUX_VERSION_PATCH=$KERNEL_VERSION_PATCH -RUN apt-get update && apt-get install -y libelf-dev - COPY ./tarian-node-agent . ENTRYPOINT ["./tarian-node-agent"] From 9fb2ec13c0ea5de937c74e7e506dbd9f1f9c563d Mon Sep 17 00:00:00 2001 From: Anupam kumari Date: Mon, 18 Mar 2024 18:18:44 +0530 Subject: [PATCH 24/39] adding tarian-detection event to dgraph store --- .gitmodules | 3 - 3rdparty/libbpf | 1 + cmd/tarianctl/cmd/get/events.go | 6 ++ pkg/nodeagent/ebpf/capture_exec.bpf.o | Bin 0 -> 44160 bytes pkg/nodeagent/nodeagent.go | 85 +++++++++++++++++++ pkg/server/dgraphstore/dgraph_event_store.go | 18 +++- pkg/server/dgraphstore/schema.go | 4 + pkg/server/dgraphstore/types.go | 14 +-- 8 files changed, 118 insertions(+), 13 deletions(-) delete mode 100644 .gitmodules create mode 160000 3rdparty/libbpf create mode 100644 pkg/nodeagent/ebpf/capture_exec.bpf.o diff --git a/.gitmodules b/.gitmodules deleted file mode 100644 index 20e5bb24..00000000 --- a/.gitmodules +++ /dev/null @@ -1,3 +0,0 @@ -[submodule "3rdparty/libbpf"] - path = 3rdparty/libbpf - url = https://github.com/libbpf/libbpf.git diff --git a/3rdparty/libbpf b/3rdparty/libbpf new file mode 160000 index 00000000..2cd2d03f --- /dev/null +++ b/3rdparty/libbpf @@ -0,0 +1 @@ +Subproject commit 2cd2d03f63242c048a896179398c68d2dbefe3d6 diff --git a/cmd/tarianctl/cmd/get/events.go b/cmd/tarianctl/cmd/get/events.go index 11a08258..b6864f67 100644 --- a/cmd/tarianctl/cmd/get/events.go +++ b/cmd/tarianctl/cmd/get/events.go @@ -161,6 +161,12 @@ func eventsTableOutput(events []*tarianpb.Event, logger *logrus.Logger) { evt.WriteString("pod deleted") } + if e.GetType() == tarianpb.EventTypeDetection { + detectionEventStr := fmt.Sprintf("detection: %s: %s", t.DetectionDataType, t.DetectionData) + evt.WriteString("tarian detection event\n") + evt.WriteString(detectionEventStr) + } + evt.WriteString("\n") table.Append( diff --git a/pkg/nodeagent/ebpf/capture_exec.bpf.o b/pkg/nodeagent/ebpf/capture_exec.bpf.o new file mode 100644 index 0000000000000000000000000000000000000000..ad05572106342947c66ef68fd9c651aac431a7b4 GIT binary patch literal 44160 zcmeHNeQX@Zb$`2icRcdQJMt)g=zH}+=_E^cq%F&=EX$N2DUqYbw9UqHn&fokEy;t9 zcl3QQl$sABksTuuS_Oy`#Z6) z%<+Wyem`DXiMXE!p*_?lOk&*AsuklQt{3o9U|b&ZQcn7aeo^IqSUG=AJxtxW5`7f& za#2n^%xE#L1x`pu^goJ{V>_WIt9)IaH@8=y9-?kQIL}@!&otV@^e;D1h&;G#mM4c@ zI?Js@kII4$)^kPow~vfv-ZOgCH<`jPU>GnA7zPXjh5^HXVZbn87%&VN1`Gp+0mFb{ zz%XDKFbo(53GHFkl!k3>XFs1BL;^fMLKeU>GnA7zPXjh5^HXVZbn87%&VN z1`Gp+0mFb{z%XDKFbo(53GHFkl!k3>XFs1BL;^fMLKeU>GnA7zPXjh5^HX zVZbn87%&VN1`Gp+0mFb{z%XDKFbo(53GHFkl!k3>XFs1BL;^fMLKeU>GnA z7zPXjh5^HXVZbn87%&VN1`Gp+0mFb{z%XDKFbo(53GHFkl!k3>XFs1BL;^ zfMLKe@c)y6Q(mR)mg_ZlvQYF&xfySdJCLV|a=n;$OXZqd@pAb_n_DQ=%C0x(m1=Ia zR;f?ag!kJpHwAl`qEMn0P#2np9)KQ!hA3*?6N;X7totd{|D0tV3thFYp`g$;Yr*N5 zr;AT5EYQWLae16Vqj3BHh0a=+Eo&5>=WG-&*b9y|N>-OOFwh-#1}c4>eX9q$RwpCX zzB5)Ik-eFmfqk)9jL6xA>XGg{SMG`39<%$AfMp%&MvfckNcU}Uh_G)gwhz@7>8m`W z!UYp)OEMs zVnlW*VnxEymX^o^+`P@cV2S1^H{*u4v^>a_?e+zGG0au1tzszag99}91snGu`eSz9 zYhQ3$qF1?k$i5J2qZAE3iRPGfD-ETPcFewwZk|JuF=v==8DvZ7w`k9;s8Hx1a1qJ% zQadNQXh@UOdIJ{PVqXY%bke4HTQ54H%@l9Hi7Nw9N~}gDv=tZ8$7-@;;ZR~w89T+a zm@uc~E)LmgUx*~`My-7em#)6C5GCSq&W$=Lp8PCVx)gDzJ@E$0o?qkAD=zHV%NOeFUgLmG`=z!-6lKp^T%-@@*1G|a?6u)&Vhd{h zE7xUE*v}+(p^(0ZQ0ryiRg_@1yVu{xF2~yw$55_b9FMx)8E$#VN>os4BT@GTk;nD6 z?v0{@_qQj%0=KPJf0A#&7OOq+P2e@VQq&vYMtpbsD87@~qJBG`7L}DwJj2fptqR4( zLquz$@gZ>o*0#rcS8&w2&iKvixU#-Kev7EME+wO|?67*1ohWaz+U)Huc48&!?c8r- z6W2I8$)xSJ)+P7`C+~n|ueBz52<7cor@bc}rR(UKmpqoO(7T}}=sfh}(9c7^2t5zI z2z?g%ZRiWo7ok6Z{tfgs=+B`41pPVm*UYx(lDhbC^KE2@iMtmeKt3fnJQ=Ab7U-2@;;iWo+YT(Y^!)Er#0*~yt2i7l*3wUe_R zVNau(+{|>ZN+s%hPNjk7~6rRr2z@?;*B+%gw|(QJ$GuZ1cyi4-@{WT~v-h zm_~NWt7RwZl?wXLqSI_`D%f+e45s+P{qNo-A}WQ_)OdX|Tk)!1WzG|}*-ClbgC&>G zp71IquSg<@2dGtY6JB-}QMD6G;`4>-M6QxwmW9ZlBLkgc&Xp|o^d%is>*F(p8Xdep zyMOFZRGeXd!@PA#-Pl(pAnOeECu_VO~tDT z3KjWPG_oGVPmE73%OvDmPRp{_FPHf>43GcZBHnLVqKIZ)5B0^ynt`1|h{a~N0mb4* z_&s6E#1abi7Zl|Oix4}aYB=6-RmGqxx&{t)0${&aW6?U)xxW$Ub|@s?f{ULEW4jHP zA!sY&Qz#EYaefdoifbIo{eIZ5^E@liE~pFTg^ueZ&_|#+{Lpde8E7wb0s1JE<1RxV z^Xr_%+?tCzb`g(>q{HYjRj+O@cjQ33J%5M4O{yv)Snc0 zO046YAE(J8tZPu=doJcH{o-qZm6Ptr&VTCrtw&=(mh>k&m5su_0d*e7g}&g&Z$v#H zZJdiQ!ecW4$M78g(vKPN9sFX6UmC_A`+mF;2E_KCJ2ti5gv(p-!@m#?O!P}s_<3Qu zj`|LiE|j00ozU}q^Q53vK8u_eKbO8Nv2)V@DJ+C@gXA&<8#v`hN4%48$-nv5fSoZ5 zKT`?V@lW`>Y-E99lV8#TPAFVIE%`~I$}0qO&<8&?7XS8G`2LEWr`e_@R>WqcEz;jCl?U&i ziyOg`okEyr%kaqf%XyV6yd5uYC+~a^$h_P01afqP{iftgtgBL6+%DYh%2wOv{vNer z>u?Ks*LCl3-)>J&ZM&UXv9tIt+9sabB5&djw^}&ml_%BE!n$pTJIK+6NjJ3tU5FvE z8R6|)br;yG<^Ind)^_ewH?GkypLo#U7E$_rq8rg=tK9VYppe?w^v!?c4j$8=$~LB7GkzM{ z@gkAyxBne*^oMf&zrHJ`0{t|eCn~jtM7a3^)s(LeysCP__$;}xwhlj-#(iA z$ig!>e(>h^?<4+BX1{*rbDKYW^KB!)JN>KBN%!BUv1jm$niMBvg*)0dM4Y?R;b_FU z)eT3c!l}*S_DDJ$i98T?HiRkS9NZg@MV!B&PleZR2-|47Cz63XoFjL@CE|SdlXt=H zyi9J`y3@9i`#Z0zl+NJG;B39tsATYKdDm}mb2G(4sXm{c7Vi|(UU3!+dfuC?!tzeC z3ABdj7vkHD?&rv3(h~Fi;yyXz{stSq0bo&N(F9IeJl`LW@Dky3hVVZv&FU=2FV%cH z;paIhAMx$SMY-5g1?GO#8v>sJlsLhBd?Sa8asB*gL3#72e0p3i4)FIO3GIyvb?2(JXCq@byQRH(*Ex?w9&K-2;0U@f(K}mBB9nyVRQw>f(%q zat#RT604o`kII5vzhwUS+&&+`%nq+dEZoj`gewq*RX_am<+1p@&cc|__uMB7V_r|y z`I<53ya~#}nAehEe|%768wc!H8Xnc~n1+vO_(K{#uHn3fr!`#E@T`Vw8lKni$27d4;nNy^ zM8jt^d{)C>(C|48e?`ORHT58g@0D((qsa^V%{T!2E4t zB!GF$XZVK;2|>C2#Q^5`*L=(c=W|uV{2tAs+C@hJ+|M0DxZwHiU;tsvKP#KC9vL8h%d0moYAw?kPJ-YsDRzfZ%*HGIm)JQnMU-cYP3(i-^Ooz8pX z^{H%be7xe#QM%^M<0x10is=Jmhtmw2zQFiV#qvb4P_0$f$8r%UJH%^qwmdmm_0Sr8 zgK4yq>Z4Hd#8>4&a4w&($nWw2W1%!zrgX75HsYMMn=D7|h-#i`}x=C5u~{(uh~S|0CIr z=g$8rFX{2wCnWr=|6Hm@4K}|022R4lbwmYdB|q;$;dPw*e7kscu2V5;-BkD`RQMD- zq6~g{&fnmaeGTk9PZi(k`~4eA9$)9+ia$|xPW0V{uc~u-7=G-^zmcH)y&r$@bkHh& zgO(ZqyXxbo9+qAzPZgu`SGbG{+w}NhKVJ9O@qWbmsj4nTsp3y8u`c)J@Al2&pYX@$ zKOP1}gY?I56aSB&kx_SP6Vv0r1-EAR|5g9~kNSi2{pVcO{1vYsf=%y}Lo%P^EB>e{ zi^f&=J%*NMErV{%Y6<)gL2auiN2>jSZaJ#ei?469*lqM_a%C7 z(AdQHQP`U0fBn1+T#yBE{>+)4|GgNz+4#eMAOr7I0e(OF@BjS>ZZ`h>1sO2w$MN|5 zo}{`{_iqzy&BmYqk_ Date: Tue, 19 Mar 2024 10:46:21 +0530 Subject: [PATCH 25/39] removed duplicate added function from nodeagent --- pkg/nodeagent/nodeagent.go | 85 -------------------------------------- 1 file changed, 85 deletions(-) diff --git a/pkg/nodeagent/nodeagent.go b/pkg/nodeagent/nodeagent.go index 2919270c..dc1aae79 100644 --- a/pkg/nodeagent/nodeagent.go +++ b/pkg/nodeagent/nodeagent.go @@ -574,91 +574,6 @@ func (n *NodeAgent) RegisterViolationsAsNewConstraint(violation *ProcessViolatio } } -// loopTarianDetectorReadEvents reads events from the Tarian detector and sends them to the cluster agent. -// -// ctx context.Context -// error -func (n *NodeAgent) loopTarianDetectorReadEvents(ctx context.Context) error { - tarianEbpfModule, err := tarian.GetModule() - if err != nil { - n.logger.Errorf("error while get tarian-detector ebpf module: %v", err) - return fmt.Errorf("error while get tarian-detector ebpf module: %w", err) - } - - tarianDetector, err := tarianEbpfModule.Prepare() - if err != nil { - n.logger.Errorf("error while prepare tarian-detector: %v", err) - return fmt.Errorf("error while prepare tarian-detector: %w", err) - } - - // Instantiate event detectors - eventsDetector := detector.NewEventsDetector() - - // Add ebpf programs to detectors - eventsDetector.Add(tarianDetector) - - // Start and defer Close - err = eventsDetector.Start() - if err != nil { - n.logger.Errorf("error while start tarian detector: %v", err) - return fmt.Errorf("error while start tarian-detector: %w", err) - } - - defer eventsDetector.Close() - - go func() { - for { - event, err := eventsDetector.ReadAsInterface() - if err != nil { - n.logger.Errorf("tarian-detector: error while read event: %v", err) - continue - } - - if event == nil { - continue - } - detectionDataType := event["eventId"].(string) - byteData, err := json.Marshal(event) - if err != nil { - n.logger.Error("tarian-detector: error while marshaling event", "err", err) - continue - } - - n.SendDetectionEventToClusterAgent(detectionDataType, string(byteData)) - n.logger.Info("tarian-detector: ", detectionDataType, "binary_file_path", event["directory"], "hostProcessId", event["hostProcessId"], - "processId", event["processId"], "comm", event["processName"]) - } - }() - - <-ctx.Done() - return ctx.Err() -} - -// SendDetectionEventToClusterAgent sends a detection event to the cluster agent. -// -// It takes two parameters: detectionDataType of type string, and detectionData of type string. -func (n *NodeAgent) SendDetectionEventToClusterAgent(detectionDataType, detectionData string) { - req := tarianpb.IngestEventRequest{ - Event: &tarianpb.Event{ - Type: tarianpb.EventTypeDetection, - ClientTimestamp: timestamppb.New(time.Now()), - Targets: []*tarianpb.Target{ - { - DetectionDataType: detectionDataType, - DetectionData: detectionData, - }, - }, - }, - } - - resp, err := n.eventClient.IngestEvent(context.Background(), &req) - if err != nil { - n.logger.Error("error while sending detection events", "err", err) - } else { - n.logger.Debug("ingest event response", "response", resp) - } -} - // matchLabelsFromPodLabels converts a map of labels to a slice of MatchLabel protobufs. // // Parameters: From 3cc4472c5e6f7cd7b062326f88004c1bb6f5f116 Mon Sep 17 00:00:00 2001 From: kumari-anupam <119656911+kumari-anupam@users.noreply.github.com> Date: Tue, 19 Mar 2024 11:07:24 +0530 Subject: [PATCH 26/39] removing ebpf code added while resolving merge conflict --- pkg/nodeagent/ebpf/capture_exec.bpf.o | Bin 44160 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 pkg/nodeagent/ebpf/capture_exec.bpf.o diff --git a/pkg/nodeagent/ebpf/capture_exec.bpf.o b/pkg/nodeagent/ebpf/capture_exec.bpf.o deleted file mode 100644 index ad05572106342947c66ef68fd9c651aac431a7b4..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 44160 zcmeHNeQX@Zb$`2icRcdQJMt)g=zH}+=_E^cq%F&=EX$N2DUqYbw9UqHn&fokEy;t9 zcl3QQl$sABksTuuS_Oy`#Z6) z%<+Wyem`DXiMXE!p*_?lOk&*AsuklQt{3o9U|b&ZQcn7aeo^IqSUG=AJxtxW5`7f& za#2n^%xE#L1x`pu^goJ{V>_WIt9)IaH@8=y9-?kQIL}@!&otV@^e;D1h&;G#mM4c@ zI?Js@kII4$)^kPow~vfv-ZOgCH<`jPU>GnA7zPXjh5^HXVZbn87%&VN1`Gp+0mFb{ zz%XDKFbo(53GHFkl!k3>XFs1BL;^fMLKeU>GnA7zPXjh5^HXVZbn87%&VN z1`Gp+0mFb{z%XDKFbo(53GHFkl!k3>XFs1BL;^fMLKeU>GnA7zPXjh5^HX zVZbn87%&VN1`Gp+0mFb{z%XDKFbo(53GHFkl!k3>XFs1BL;^fMLKeU>GnA z7zPXjh5^HXVZbn87%&VN1`Gp+0mFb{z%XDKFbo(53GHFkl!k3>XFs1BL;^ zfMLKe@c)y6Q(mR)mg_ZlvQYF&xfySdJCLV|a=n;$OXZqd@pAb_n_DQ=%C0x(m1=Ia zR;f?ag!kJpHwAl`qEMn0P#2np9)KQ!hA3*?6N;X7totd{|D0tV3thFYp`g$;Yr*N5 zr;AT5EYQWLae16Vqj3BHh0a=+Eo&5>=WG-&*b9y|N>-OOFwh-#1}c4>eX9q$RwpCX zzB5)Ik-eFmfqk)9jL6xA>XGg{SMG`39<%$AfMp%&MvfckNcU}Uh_G)gwhz@7>8m`W z!UYp)OEMs zVnlW*VnxEymX^o^+`P@cV2S1^H{*u4v^>a_?e+zGG0au1tzszag99}91snGu`eSz9 zYhQ3$qF1?k$i5J2qZAE3iRPGfD-ETPcFewwZk|JuF=v==8DvZ7w`k9;s8Hx1a1qJ% zQadNQXh@UOdIJ{PVqXY%bke4HTQ54H%@l9Hi7Nw9N~}gDv=tZ8$7-@;;ZR~w89T+a zm@uc~E)LmgUx*~`My-7em#)6C5GCSq&W$=Lp8PCVx)gDzJ@E$0o?qkAD=zHV%NOeFUgLmG`=z!-6lKp^T%-@@*1G|a?6u)&Vhd{h zE7xUE*v}+(p^(0ZQ0ryiRg_@1yVu{xF2~yw$55_b9FMx)8E$#VN>os4BT@GTk;nD6 z?v0{@_qQj%0=KPJf0A#&7OOq+P2e@VQq&vYMtpbsD87@~qJBG`7L}DwJj2fptqR4( zLquz$@gZ>o*0#rcS8&w2&iKvixU#-Kev7EME+wO|?67*1ohWaz+U)Huc48&!?c8r- z6W2I8$)xSJ)+P7`C+~n|ueBz52<7cor@bc}rR(UKmpqoO(7T}}=sfh}(9c7^2t5zI z2z?g%ZRiWo7ok6Z{tfgs=+B`41pPVm*UYx(lDhbC^KE2@iMtmeKt3fnJQ=Ab7U-2@;;iWo+YT(Y^!)Er#0*~yt2i7l*3wUe_R zVNau(+{|>ZN+s%hPNjk7~6rRr2z@?;*B+%gw|(QJ$GuZ1cyi4-@{WT~v-h zm_~NWt7RwZl?wXLqSI_`D%f+e45s+P{qNo-A}WQ_)OdX|Tk)!1WzG|}*-ClbgC&>G zp71IquSg<@2dGtY6JB-}QMD6G;`4>-M6QxwmW9ZlBLkgc&Xp|o^d%is>*F(p8Xdep zyMOFZRGeXd!@PA#-Pl(pAnOeECu_VO~tDT z3KjWPG_oGVPmE73%OvDmPRp{_FPHf>43GcZBHnLVqKIZ)5B0^ynt`1|h{a~N0mb4* z_&s6E#1abi7Zl|Oix4}aYB=6-RmGqxx&{t)0${&aW6?U)xxW$Ub|@s?f{ULEW4jHP zA!sY&Qz#EYaefdoifbIo{eIZ5^E@liE~pFTg^ueZ&_|#+{Lpde8E7wb0s1JE<1RxV z^Xr_%+?tCzb`g(>q{HYjRj+O@cjQ33J%5M4O{yv)Snc0 zO046YAE(J8tZPu=doJcH{o-qZm6Ptr&VTCrtw&=(mh>k&m5su_0d*e7g}&g&Z$v#H zZJdiQ!ecW4$M78g(vKPN9sFX6UmC_A`+mF;2E_KCJ2ti5gv(p-!@m#?O!P}s_<3Qu zj`|LiE|j00ozU}q^Q53vK8u_eKbO8Nv2)V@DJ+C@gXA&<8#v`hN4%48$-nv5fSoZ5 zKT`?V@lW`>Y-E99lV8#TPAFVIE%`~I$}0qO&<8&?7XS8G`2LEWr`e_@R>WqcEz;jCl?U&i ziyOg`okEyr%kaqf%XyV6yd5uYC+~a^$h_P01afqP{iftgtgBL6+%DYh%2wOv{vNer z>u?Ks*LCl3-)>J&ZM&UXv9tIt+9sabB5&djw^}&ml_%BE!n$pTJIK+6NjJ3tU5FvE z8R6|)br;yG<^Ind)^_ewH?GkypLo#U7E$_rq8rg=tK9VYppe?w^v!?c4j$8=$~LB7GkzM{ z@gkAyxBne*^oMf&zrHJ`0{t|eCn~jtM7a3^)s(LeysCP__$;}xwhlj-#(iA z$ig!>e(>h^?<4+BX1{*rbDKYW^KB!)JN>KBN%!BUv1jm$niMBvg*)0dM4Y?R;b_FU z)eT3c!l}*S_DDJ$i98T?HiRkS9NZg@MV!B&PleZR2-|47Cz63XoFjL@CE|SdlXt=H zyi9J`y3@9i`#Z0zl+NJG;B39tsATYKdDm}mb2G(4sXm{c7Vi|(UU3!+dfuC?!tzeC z3ABdj7vkHD?&rv3(h~Fi;yyXz{stSq0bo&N(F9IeJl`LW@Dky3hVVZv&FU=2FV%cH z;paIhAMx$SMY-5g1?GO#8v>sJlsLhBd?Sa8asB*gL3#72e0p3i4)FIO3GIyvb?2(JXCq@byQRH(*Ex?w9&K-2;0U@f(K}mBB9nyVRQw>f(%q zat#RT604o`kII5vzhwUS+&&+`%nq+dEZoj`gewq*RX_am<+1p@&cc|__uMB7V_r|y z`I<53ya~#}nAehEe|%768wc!H8Xnc~n1+vO_(K{#uHn3fr!`#E@T`Vw8lKni$27d4;nNy^ zM8jt^d{)C>(C|48e?`ORHT58g@0D((qsa^V%{T!2E4t zB!GF$XZVK;2|>C2#Q^5`*L=(c=W|uV{2tAs+C@hJ+|M0DxZwHiU;tsvKP#KC9vL8h%d0moYAw?kPJ-YsDRzfZ%*HGIm)JQnMU-cYP3(i-^Ooz8pX z^{H%be7xe#QM%^M<0x10is=Jmhtmw2zQFiV#qvb4P_0$f$8r%UJH%^qwmdmm_0Sr8 zgK4yq>Z4Hd#8>4&a4w&($nWw2W1%!zrgX75HsYMMn=D7|h-#i`}x=C5u~{(uh~S|0CIr z=g$8rFX{2wCnWr=|6Hm@4K}|022R4lbwmYdB|q;$;dPw*e7kscu2V5;-BkD`RQMD- zq6~g{&fnmaeGTk9PZi(k`~4eA9$)9+ia$|xPW0V{uc~u-7=G-^zmcH)y&r$@bkHh& zgO(ZqyXxbo9+qAzPZgu`SGbG{+w}NhKVJ9O@qWbmsj4nTsp3y8u`c)J@Al2&pYX@$ zKOP1}gY?I56aSB&kx_SP6Vv0r1-EAR|5g9~kNSi2{pVcO{1vYsf=%y}Lo%P^EB>e{ zi^f&=J%*NMErV{%Y6<)gL2auiN2>jSZaJ#ei?469*lqM_a%C7 z(AdQHQP`U0fBn1+T#yBE{>+)4|GgNz+4#eMAOr7I0e(OF@BjS>ZZ`h>1sO2w$MN|5 zo}{`{_iqzy&BmYqk_ Date: Tue, 19 Mar 2024 14:32:31 +0530 Subject: [PATCH 27/39] removed 3rdparty directory --- 3rdparty/libbpf | 1 - 1 file changed, 1 deletion(-) delete mode 160000 3rdparty/libbpf diff --git a/3rdparty/libbpf b/3rdparty/libbpf deleted file mode 160000 index 2cd2d03f..00000000 --- a/3rdparty/libbpf +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 2cd2d03f63242c048a896179398c68d2dbefe3d6 From 21b65df915678ef74aa7da8ead080f5cb525a2db Mon Sep 17 00:00:00 2001 From: kumari-anupam <119656911+kumari-anupam@users.noreply.github.com> Date: Thu, 21 Mar 2024 23:32:03 +0530 Subject: [PATCH 28/39] fixed dgraph_schema --- pkg/server/dgraphstore/schema.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/server/dgraphstore/schema.go b/pkg/server/dgraphstore/schema.go index bcd958a0..105a6703 100644 --- a/pkg/server/dgraphstore/schema.go +++ b/pkg/server/dgraphstore/schema.go @@ -89,8 +89,8 @@ var schema = ` target_violated_processes target_violated_files target_falco_alert - tarian_detection_data_type - tarian_detection_data + target_detection_data_type + target_detection_data } ` From f7618836f98cb8e0c652ed1e7e18d62005fc8330 Mon Sep 17 00:00:00 2001 From: kumari-anupam <119656911+kumari-anupam@users.noreply.github.com> Date: Sat, 23 Mar 2024 18:40:34 +0530 Subject: [PATCH 29/39] updated dgraph query to ignore tarian-detection event --- cmd/tarianctl/cmd/get/events.go | 2 +- pkg/server/dgraphstore/dgraph_event_store.go | 27 +++++++++++++------- 2 files changed, 19 insertions(+), 10 deletions(-) diff --git a/cmd/tarianctl/cmd/get/events.go b/cmd/tarianctl/cmd/get/events.go index b6864f67..c3189f8e 100644 --- a/cmd/tarianctl/cmd/get/events.go +++ b/cmd/tarianctl/cmd/get/events.go @@ -162,7 +162,7 @@ func eventsTableOutput(events []*tarianpb.Event, logger *logrus.Logger) { } if e.GetType() == tarianpb.EventTypeDetection { - detectionEventStr := fmt.Sprintf("detection: %s: %s", t.DetectionDataType, t.DetectionData) + detectionEventStr := fmt.Sprintf("detection: %s: %s", t.GetDetectionDataType(), t.GetDetectionData()) evt.WriteString("tarian detection event\n") evt.WriteString(detectionEventStr) } diff --git a/pkg/server/dgraphstore/dgraph_event_store.go b/pkg/server/dgraphstore/dgraph_event_store.go index a4cd37ff..016c2eaf 100644 --- a/pkg/server/dgraphstore/dgraph_event_store.go +++ b/pkg/server/dgraphstore/dgraph_event_store.go @@ -34,13 +34,12 @@ func newDgraphEventStore(dgraphClient *dgo.Dgraph) store.EventStore { // - An array of protobuf Event messages representing the retrieved events. // - An error if there was an issue with the database query. func (d *dgraphEventStore) GetAll(limit uint) ([]*tarianpb.Event, error) { - // Dgraph query to retrieve all events, ignoring events with - // target_detection_data_type and target_detection_data. + // Dgraph query to retrieve all events, ignoring events with eventType as tarian-detection/detection. q := fmt.Sprintf(` - { - events(func: type(Event)) @filter(not has(target_detection_data_type) and not has(target_detection_data)) { + { + events(func: type(Event)) @filter(not eq(event_type, "tarian-detection/detection")) { %s - } + } } `, eventFields) @@ -129,8 +128,13 @@ func (d *dgraphEventList) toPbEvents() []*tarianpb.Event { } } - t.DetectionDataType = evtTarget.DetectionDataType - t.DetectionData = evtTarget.DetectionData + if t.DetectionDataType != "" { + t.DetectionDataType = evtTarget.DetectionDataType + } + + if t.DetectionData != "" { + t.DetectionData = evtTarget.DetectionData + } event.Targets = append(event.Targets, t) } @@ -297,8 +301,13 @@ func dgraphEventFromPb(pbEvent *tarianpb.Event) (*Event, error) { } } - t.DetectionDataType = pbTarget.GetDetectionDataType() - t.DetectionData = pbTarget.GetDetectionData() + if pbTarget.DetectionDataType != "" { + t.DetectionDataType = pbTarget.GetDetectionDataType() + } + + if pbTarget.DetectionData != "" { + t.DetectionData = pbTarget.GetDetectionData() + } dgraphEvent.Targets = append(dgraphEvent.Targets, t) } From 70448ac1424de5076bdf15e2be948545452b6e38 Mon Sep 17 00:00:00 2001 From: kumari-anupam <119656911+kumari-anupam@users.noreply.github.com> Date: Wed, 27 Mar 2024 17:04:43 +0530 Subject: [PATCH 30/39] k8s node linux kernel major version inside daemonset --- Dockerfile-node-agent | 8 -------- Makefile | 10 +--------- .../tarian-node-agent-configmap.yaml | 20 +++++++++++++++++++ .../tarian-node-agent-daemonset.yaml | 15 +++++++++++--- pkg/nodeagent/nodeagent.go | 2 +- 5 files changed, 34 insertions(+), 21 deletions(-) create mode 100644 charts/tarian-cluster-agent/templates/tarian-node-agent-configmap.yaml diff --git a/Dockerfile-node-agent b/Dockerfile-node-agent index cc66aea9..63e8f851 100644 --- a/Dockerfile-node-agent +++ b/Dockerfile-node-agent @@ -1,13 +1,5 @@ FROM cgr.dev/chainguard/static@sha256:2ea44d9bdd177a07e6fba8a60f7d45cb8a7358586a5f740187866566e6df310d -ARG KERNEL_VERSION_MAJOR -ARG KERNEL_VERSION_MINOR -ARG KERNEL_VERSION_PATCH - -ENV LINUX_VERSION_MAJOR=$KERNEL_VERSION_MAJOR -ENV LINUX_VERSION_MINOR=$KERNEL_VERSION_MINOR -ENV LINUX_VERSION_PATCH=$KERNEL_VERSION_PATCH - COPY ./tarian-node-agent . ENTRYPOINT ["./tarian-node-agent"] diff --git a/Makefile b/Makefile index ee30c794..48e29da0 100644 --- a/Makefile +++ b/Makefile @@ -54,14 +54,6 @@ BTFFILE = /sys/kernel/btf/vmlinux BPFTOOL = $(shell which bpftool || /bin/false) VMLINUXH = $(OUTPUT)/vmlinux.h -# extracts the major, minor, and patch version numbers of the kernel version -KERNEL_VERSION = $(word 1, $(subst -, ,$(shell uname -r))) -KV_S = $(subst ., ,$(KERNEL_VERSION)) -KV_MAJOR = $(word 1,$(KV_S)) -KV_MINOR = $(word 2,$(KV_S)) -KV_PATCH = $(word 3,$(KV_S)) - - # output $(OUTPUT): @@ -112,7 +104,7 @@ local-images: build docker build -f Dockerfile-server -t localhost:5000/tarian-server dist/tarian-server_linux_amd64/ && docker push localhost:5000/tarian-server docker build -f Dockerfile-cluster-agent -t localhost:5000/tarian-cluster-agent dist/tarian-cluster-agent_linux_amd64/ && docker push localhost:5000/tarian-cluster-agent docker build -f Dockerfile-pod-agent -t localhost:5000/tarian-pod-agent dist/tarian-pod-agent_linux_amd64/ && docker push localhost:5000/tarian-pod-agent - docker build --build-arg KERNEL_VERSION_MAJOR=$(KV_MAJOR) --build-arg KERNEL_VERSION_MINOR=$(KV_MINOR) --build-arg KERNEL_VERSION_PATCH=$(KV_PATCH) -f Dockerfile-node-agent -t localhost:5000/tarian-node-agent dist/tarian-node-agent_linux_amd64/ && docker push localhost:5000/tarian-node-agent + docker build -f Dockerfile-node-agent -t localhost:5000/tarian-node-agent dist/tarian-node-agent_linux_amd64/ && docker push localhost:5000/tarian-node-agent docker build -f Dockerfile-tarianctl -t localhost:5000/tarianctl dist/tarianctl_linux_amd64/ && docker push localhost:5000/tarianctl push-local-images: diff --git a/charts/tarian-cluster-agent/templates/tarian-node-agent-configmap.yaml b/charts/tarian-cluster-agent/templates/tarian-node-agent-configmap.yaml new file mode 100644 index 00000000..03db5607 --- /dev/null +++ b/charts/tarian-cluster-agent/templates/tarian-node-agent-configmap.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: kernel-version-script +data: + get-kernel-version.sh: | + #!/bin/bash + + # Get the Linux kernel version string + KERNEL_VERSION=$(uname -r) + + # Extract major and minor version + LINUX_VERSION_MAJOR=$(echo "$KERNEL_VERSION" | cut -d'.' -f1) + LINUX_VERSION_MINOR=$(echo "$KERNEL_VERSION" | cut -d'.' -f2) + LINUX_VERSION_PATCH=$(echo "$kernel_version" | cut -d'.' -f3) + + # Export major and minor version as environment variables + export LINUX_VERSION_MAJOR + export LINUX_VERSION_MINOR + export LINUX_VERSION_PATCH \ No newline at end of file diff --git a/charts/tarian-cluster-agent/templates/tarian-node-agent-daemonset.yaml b/charts/tarian-cluster-agent/templates/tarian-node-agent-daemonset.yaml index b3418061..701034a5 100644 --- a/charts/tarian-cluster-agent/templates/tarian-node-agent-daemonset.yaml +++ b/charts/tarian-cluster-agent/templates/tarian-node-agent-daemonset.yaml @@ -42,11 +42,20 @@ spec: fieldRef: fieldPath: spec.nodeName - name: LINUX_VERSION_MAJOR - value: "6" + valueFrom: + configMapKeyRef: + name: kernel-version-script + key: get-kernel-version.sh - name: LINUX_VERSION_MINOR - value: "5" + valueFrom: + configMapKeyRef: + name: kernel-version-script + key: get-kernel-version.sh - name: LINUX_VERSION_PATCH - value: "0" + valueFrom: + configMapKeyRef: + name: kernel-version-script + key: get-kernel-version.sh serviceAccountName: {{ .Release.Name }}-node-sa volumes: - name: host-proc diff --git a/pkg/nodeagent/nodeagent.go b/pkg/nodeagent/nodeagent.go index dc1aae79..0c94e25c 100644 --- a/pkg/nodeagent/nodeagent.go +++ b/pkg/nodeagent/nodeagent.go @@ -400,7 +400,7 @@ func (n *NodeAgent) SendDetectionEventToClusterAgent(detectionDataType, detectio resp, err := n.eventClient.IngestEvent(context.Background(), &req) if err != nil { - n.logger.Error("error while sending detection events", "err", err) + n.logger.Error("error while sending detection events ", "err ", err) } else { n.logger.Debug("ingest event response", "response", resp) } From 80b9db7f8f2dab7dfe693ff2f342144e03d74da6 Mon Sep 17 00:00:00 2001 From: kumari-anupam <119656911+kumari-anupam@users.noreply.github.com> Date: Thu, 28 Mar 2024 11:22:04 +0530 Subject: [PATCH 31/39] added script to set node kernel version for k8s-test --- .github/workflows/ci.yaml | 1 + dev/kernel-version-script.sh | 16 ++++++++++++++++ 2 files changed, 17 insertions(+) create mode 100644 dev/kernel-version-script.sh diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 102018c6..46366196 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -138,6 +138,7 @@ jobs: - name: Install Tarian run: | set -x + bash ./dev/kernel-version-script.sh ./bin/tarianctl install --charts ./charts -l debug --agents-values ./dev/values/agents.yaml --server-values ./dev/values/server.yaml continue-on-error: true diff --git a/dev/kernel-version-script.sh b/dev/kernel-version-script.sh new file mode 100644 index 00000000..c2d2d45a --- /dev/null +++ b/dev/kernel-version-script.sh @@ -0,0 +1,16 @@ +#!/bin/bash + +# Get the Linux kernel version string +KERNEL_VERSION=$(uname -r) + +# Extract major and minor version +LINUX_VERSION_MAJOR=$(echo "$KERNEL_VERSION" | cut -d'.' -f1) +LINUX_VERSION_MINOR=$(echo "$KERNEL_VERSION" | cut -d'.' -f2) +LINUX_VERSION_PATCH=$(echo "$kernel_version" | cut -d'.' -f3) + +# Export major and minor version as environment variables +export LINUX_VERSION_MAJOR +export LINUX_VERSION_MINOR +export LINUX_VERSION_PATCH + +echo "Kernel major, minor and patch version set as environment variable: $LINUX_VERSION_MAJOR, $LINUX_VERSION_MINOR, $LINUX_VERSION_PATCH" From 78478326f4dd23659db0de10cb569e58e664c55c Mon Sep 17 00:00:00 2001 From: kumari-anupam <119656911+kumari-anupam@users.noreply.github.com> Date: Fri, 29 Mar 2024 23:49:02 +0530 Subject: [PATCH 32/39] fixed typo in previous commit --- .../templates/tarian-node-agent-configmap.yaml | 2 +- dev/kernel-version-script.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/tarian-cluster-agent/templates/tarian-node-agent-configmap.yaml b/charts/tarian-cluster-agent/templates/tarian-node-agent-configmap.yaml index 03db5607..dd18c500 100644 --- a/charts/tarian-cluster-agent/templates/tarian-node-agent-configmap.yaml +++ b/charts/tarian-cluster-agent/templates/tarian-node-agent-configmap.yaml @@ -12,7 +12,7 @@ data: # Extract major and minor version LINUX_VERSION_MAJOR=$(echo "$KERNEL_VERSION" | cut -d'.' -f1) LINUX_VERSION_MINOR=$(echo "$KERNEL_VERSION" | cut -d'.' -f2) - LINUX_VERSION_PATCH=$(echo "$kernel_version" | cut -d'.' -f3) + LINUX_VERSION_PATCH=$(echo "$KERNEL_VERSION" | cut -d'.' -f3) # Export major and minor version as environment variables export LINUX_VERSION_MAJOR diff --git a/dev/kernel-version-script.sh b/dev/kernel-version-script.sh index c2d2d45a..028ad3d8 100644 --- a/dev/kernel-version-script.sh +++ b/dev/kernel-version-script.sh @@ -6,7 +6,7 @@ KERNEL_VERSION=$(uname -r) # Extract major and minor version LINUX_VERSION_MAJOR=$(echo "$KERNEL_VERSION" | cut -d'.' -f1) LINUX_VERSION_MINOR=$(echo "$KERNEL_VERSION" | cut -d'.' -f2) -LINUX_VERSION_PATCH=$(echo "$kernel_version" | cut -d'.' -f3) +LINUX_VERSION_PATCH=$(echo "$KERNEL_VERSION" | cut -d'.' -f3) # Export major and minor version as environment variables export LINUX_VERSION_MAJOR From 85731b06812c184a46f847385f16730a855e7b50 Mon Sep 17 00:00:00 2001 From: kumari-anupam <119656911+kumari-anupam@users.noreply.github.com> Date: Sat, 30 Mar 2024 00:01:44 +0530 Subject: [PATCH 33/39] removed kernel-script --- .github/workflows/ci.yaml | 1 - .../templates/tarian-node-agent-configmap.yaml | 6 +----- dev/kernel-version-script.sh | 16 ---------------- 3 files changed, 1 insertion(+), 22 deletions(-) delete mode 100644 dev/kernel-version-script.sh diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 46366196..102018c6 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -138,7 +138,6 @@ jobs: - name: Install Tarian run: | set -x - bash ./dev/kernel-version-script.sh ./bin/tarianctl install --charts ./charts -l debug --agents-values ./dev/values/agents.yaml --server-values ./dev/values/server.yaml continue-on-error: true diff --git a/charts/tarian-cluster-agent/templates/tarian-node-agent-configmap.yaml b/charts/tarian-cluster-agent/templates/tarian-node-agent-configmap.yaml index dd18c500..7f271a00 100644 --- a/charts/tarian-cluster-agent/templates/tarian-node-agent-configmap.yaml +++ b/charts/tarian-cluster-agent/templates/tarian-node-agent-configmap.yaml @@ -6,15 +6,11 @@ data: get-kernel-version.sh: | #!/bin/bash - # Get the Linux kernel version string KERNEL_VERSION=$(uname -r) - - # Extract major and minor version LINUX_VERSION_MAJOR=$(echo "$KERNEL_VERSION" | cut -d'.' -f1) LINUX_VERSION_MINOR=$(echo "$KERNEL_VERSION" | cut -d'.' -f2) LINUX_VERSION_PATCH=$(echo "$KERNEL_VERSION" | cut -d'.' -f3) - - # Export major and minor version as environment variables + export LINUX_VERSION_MAJOR export LINUX_VERSION_MINOR export LINUX_VERSION_PATCH \ No newline at end of file diff --git a/dev/kernel-version-script.sh b/dev/kernel-version-script.sh deleted file mode 100644 index 028ad3d8..00000000 --- a/dev/kernel-version-script.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash - -# Get the Linux kernel version string -KERNEL_VERSION=$(uname -r) - -# Extract major and minor version -LINUX_VERSION_MAJOR=$(echo "$KERNEL_VERSION" | cut -d'.' -f1) -LINUX_VERSION_MINOR=$(echo "$KERNEL_VERSION" | cut -d'.' -f2) -LINUX_VERSION_PATCH=$(echo "$KERNEL_VERSION" | cut -d'.' -f3) - -# Export major and minor version as environment variables -export LINUX_VERSION_MAJOR -export LINUX_VERSION_MINOR -export LINUX_VERSION_PATCH - -echo "Kernel major, minor and patch version set as environment variable: $LINUX_VERSION_MAJOR, $LINUX_VERSION_MINOR, $LINUX_VERSION_PATCH" From 120d15081554b9f80626c550d06fb454fc6b9861 Mon Sep 17 00:00:00 2001 From: kumari-anupam <119656911+kumari-anupam@users.noreply.github.com> Date: Thu, 4 Apr 2024 00:55:56 +0530 Subject: [PATCH 34/39] linux kernel info of runnnig node using go syscall --- .../tarian-node-agent-configmap.yaml | 16 ------- .../tarian-node-agent-daemonset.yaml | 15 ------ cmd/tarian-node-agent/cmd/run.go | 48 +++++++++++++++++-- .../tarian-node-agent/tarian-node-agent.yaml | 6 --- 4 files changed, 45 insertions(+), 40 deletions(-) delete mode 100644 charts/tarian-cluster-agent/templates/tarian-node-agent-configmap.yaml diff --git a/charts/tarian-cluster-agent/templates/tarian-node-agent-configmap.yaml b/charts/tarian-cluster-agent/templates/tarian-node-agent-configmap.yaml deleted file mode 100644 index 7f271a00..00000000 --- a/charts/tarian-cluster-agent/templates/tarian-node-agent-configmap.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: kernel-version-script -data: - get-kernel-version.sh: | - #!/bin/bash - - KERNEL_VERSION=$(uname -r) - LINUX_VERSION_MAJOR=$(echo "$KERNEL_VERSION" | cut -d'.' -f1) - LINUX_VERSION_MINOR=$(echo "$KERNEL_VERSION" | cut -d'.' -f2) - LINUX_VERSION_PATCH=$(echo "$KERNEL_VERSION" | cut -d'.' -f3) - - export LINUX_VERSION_MAJOR - export LINUX_VERSION_MINOR - export LINUX_VERSION_PATCH \ No newline at end of file diff --git a/charts/tarian-cluster-agent/templates/tarian-node-agent-daemonset.yaml b/charts/tarian-cluster-agent/templates/tarian-node-agent-daemonset.yaml index 701034a5..d237d189 100644 --- a/charts/tarian-cluster-agent/templates/tarian-node-agent-daemonset.yaml +++ b/charts/tarian-cluster-agent/templates/tarian-node-agent-daemonset.yaml @@ -41,21 +41,6 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName - - name: LINUX_VERSION_MAJOR - valueFrom: - configMapKeyRef: - name: kernel-version-script - key: get-kernel-version.sh - - name: LINUX_VERSION_MINOR - valueFrom: - configMapKeyRef: - name: kernel-version-script - key: get-kernel-version.sh - - name: LINUX_VERSION_PATCH - valueFrom: - configMapKeyRef: - name: kernel-version-script - key: get-kernel-version.sh serviceAccountName: {{ .Release.Name }}-node-sa volumes: - name: host-proc diff --git a/cmd/tarian-node-agent/cmd/run.go b/cmd/tarian-node-agent/cmd/run.go index 2bd92e64..21026ce6 100644 --- a/cmd/tarian-node-agent/cmd/run.go +++ b/cmd/tarian-node-agent/cmd/run.go @@ -4,6 +4,7 @@ import ( "fmt" "os" "os/signal" + "strings" "syscall" "github.com/cilium/ebpf/rlimit" @@ -14,6 +15,10 @@ import ( "github.com/spf13/cobra" ) +type Uname struct { + ub syscall.Utsname +} + type runCommand struct { globalFlags *flags.GlobalFlags logger *logrus.Logger @@ -66,15 +71,14 @@ func (c *runCommand) run(_ *cobra.Command, args []string) error { return fmt.Errorf("host proc is not mounted: %w", err) } + c.setLinuxKernelVersion() + if err := rlimit.RemoveMemlock(); err != nil { c.logger.Fatal(err) } addr := c.clusterAgentHost + ":" + c.clusterAgentPort agent := nodeagent.NewNodeAgent(c.logger, addr) - /*if err != nil { - return fmt.Errorf("error while creating tarian-node-agent: %w", err) - }*/ agent.EnableAddConstraint(c.enableAddConstraint) agent.SetNodeName(c.nodeNmae) @@ -94,3 +98,41 @@ func (c *runCommand) run(_ *cobra.Command, args []string) error { return nil } + +// setLinuxKernelVersion sets the Linux kernel version by parsing the uname information. +func (c *runCommand) setLinuxKernelVersion() { + u := &Uname{} + err := syscall.Uname(&u.ub) + + if err != nil { + c.logger.Fatal("error while making syscall to get linux kernel version, err: ", err) + } + + linuxKernelVersion := charsToString(u.ub.Release[:]) + strArr := strings.Split(linuxKernelVersion, ".") + majorVersion := strArr[0] + minorVersion := strArr[1] + patch := strArr[2] + // Split to get the patch version + strArr = strings.Split(patch, "-") + patchVersion := strArr[0] + os.Setenv("LINUX_VERSION_MAJOR", majorVersion) + os.Setenv("LINUX_VERSION_MINOR", minorVersion) + os.Setenv("LINUX_VERSION_PATCH", patchVersion) +} + +// charsToString converts an array of int8 to a string. +// +// ca []int8: the array of int8 to be converted. +// string: the resulting string from the conversion. +func charsToString(ca []int8) string { + s := make([]byte, len(ca)) + var i int + for ; i < len(ca); i++ { + if ca[i] == 0 { + break + } + s[i] = uint8(ca[i]) + } + return string(s[0:i]) +} diff --git a/dev/config/tarian-node-agent/tarian-node-agent.yaml b/dev/config/tarian-node-agent/tarian-node-agent.yaml index 040a5261..39613294 100644 --- a/dev/config/tarian-node-agent/tarian-node-agent.yaml +++ b/dev/config/tarian-node-agent/tarian-node-agent.yaml @@ -36,12 +36,6 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName - - name: LINUX_VERSION_MAJOR - value: "6" - - name: LINUX_VERSION_MINOR - value: "5" - - name: LINUX_VERSION_PATCH - value: "0" serviceAccountName: tarian-node-agent volumes: - name: host-proc From e12aa430077db977980bbbe51940d99d2870b383 Mon Sep 17 00:00:00 2001 From: kumari-anupam <119656911+kumari-anupam@users.noreply.github.com> Date: Mon, 8 Apr 2024 11:59:56 +0530 Subject: [PATCH 35/39] fixed alert manager indefinite call --- .../tarian-node-agent-daemonset.yaml | 8 +++---- cmd/tarian-node-agent/cmd/run.go | 21 ++++++++++++++++--- .../tarian-node-agent/tarian-node-agent.yaml | 8 +++---- go.mod | 1 + go.sum | 2 ++ pkg/server/alert_dispatcher.go | 3 +-- pkg/server/dgraphstore/dgraph_event_store.go | 2 +- pkg/server/ingestion_worker.go | 3 +++ 8 files changed, 34 insertions(+), 14 deletions(-) diff --git a/charts/tarian-cluster-agent/templates/tarian-node-agent-daemonset.yaml b/charts/tarian-cluster-agent/templates/tarian-node-agent-daemonset.yaml index d237d189..078450f0 100644 --- a/charts/tarian-cluster-agent/templates/tarian-node-agent-daemonset.yaml +++ b/charts/tarian-cluster-agent/templates/tarian-node-agent-daemonset.yaml @@ -37,10 +37,10 @@ spec: mountPath: /sys/fs/bpf mountPropagation: Bidirectional env: - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName serviceAccountName: {{ .Release.Name }}-node-sa volumes: - name: host-proc diff --git a/cmd/tarian-node-agent/cmd/run.go b/cmd/tarian-node-agent/cmd/run.go index 21026ce6..dff3e0cb 100644 --- a/cmd/tarian-node-agent/cmd/run.go +++ b/cmd/tarian-node-agent/cmd/run.go @@ -15,6 +15,7 @@ import ( "github.com/spf13/cobra" ) +// Uname contains system uname information. type Uname struct { ub syscall.Utsname } @@ -71,7 +72,10 @@ func (c *runCommand) run(_ *cobra.Command, args []string) error { return fmt.Errorf("host proc is not mounted: %w", err) } - c.setLinuxKernelVersion() + if err := c.setLinuxKernelVersion(); err != nil { + c.logger.WithError(err).Error("failed to set linux kernel version") + return fmt.Errorf("failed to set linux kernel version: %w", err) + } if err := rlimit.RemoveMemlock(); err != nil { c.logger.Fatal(err) @@ -100,25 +104,36 @@ func (c *runCommand) run(_ *cobra.Command, args []string) error { } // setLinuxKernelVersion sets the Linux kernel version by parsing the uname information. -func (c *runCommand) setLinuxKernelVersion() { +func (c *runCommand) setLinuxKernelVersion() error { u := &Uname{} err := syscall.Uname(&u.ub) if err != nil { - c.logger.Fatal("error while making syscall to get linux kernel version, err: ", err) + c.logger.WithField("error while making syscall to get linux kernel version, err: ", err) + return fmt.Errorf("error while making syscall to get linux kernel version: %w", err) } linuxKernelVersion := charsToString(u.ub.Release[:]) strArr := strings.Split(linuxKernelVersion, ".") + if len(strArr) < 3 { + c.logger.WithField("version", linuxKernelVersion).Fatal("invalid linux kernel version") + return fmt.Errorf("invalid linux kernel version: %s", linuxKernelVersion) + } majorVersion := strArr[0] minorVersion := strArr[1] patch := strArr[2] // Split to get the patch version strArr = strings.Split(patch, "-") + if len(strArr) < 1 { + c.logger.WithField("version", linuxKernelVersion).Fatal("invalid linux patch kernel version") + return fmt.Errorf("invalid linux kernel patch version: %s", linuxKernelVersion) + } patchVersion := strArr[0] os.Setenv("LINUX_VERSION_MAJOR", majorVersion) os.Setenv("LINUX_VERSION_MINOR", minorVersion) os.Setenv("LINUX_VERSION_PATCH", patchVersion) + + return nil } // charsToString converts an array of int8 to a string. diff --git a/dev/config/tarian-node-agent/tarian-node-agent.yaml b/dev/config/tarian-node-agent/tarian-node-agent.yaml index 39613294..ed58028f 100644 --- a/dev/config/tarian-node-agent/tarian-node-agent.yaml +++ b/dev/config/tarian-node-agent/tarian-node-agent.yaml @@ -32,10 +32,10 @@ spec: mountPath: /sys/fs/bpf mountPropagation: Bidirectional env: - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName serviceAccountName: tarian-node-agent volumes: - name: host-proc diff --git a/go.mod b/go.mod index ac787528..43793560 100644 --- a/go.mod +++ b/go.mod @@ -111,6 +111,7 @@ require ( github.com/nats-io/nkeys v0.3.0 // indirect github.com/nats-io/nuid v1.0.1 // indirect github.com/olekukonko/tablewriter v0.0.5 + github.com/satori/go.uuid v1.2.0 go.opentelemetry.io/otel v1.19.0 // indirect go.opentelemetry.io/otel/trace v1.19.0 // indirect golang.org/x/crypto v0.21.0 // indirect diff --git a/go.sum b/go.sum index 26ae7356..e5a48479 100644 --- a/go.sum +++ b/go.sum @@ -432,6 +432,8 @@ github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUz github.com/rs/cors v1.8.2/go.mod h1:XyqrcTp5zjWr1wsJ8PIRZssZ8b/WMcMf71DJnit4EMU= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= +github.com/satori/go.uuid v1.2.0 h1:0uYX9dsZ2yD7q2RtLRtPSdGDWzjeM3TbMJP9utgA0ww= +github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= github.com/scylladb/go-set v1.0.2 h1:SkvlMCKhP0wyyct6j+0IHJkBkSZL+TDzZ4E7f7BCcRE= github.com/scylladb/go-set v1.0.2/go.mod h1:DkpGd78rljTxKAnTDPFqXSGxvETQnJyuSOQwsHycqfs= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= diff --git a/pkg/server/alert_dispatcher.go b/pkg/server/alert_dispatcher.go index 84f1daa5..894e7323 100644 --- a/pkg/server/alert_dispatcher.go +++ b/pkg/server/alert_dispatcher.go @@ -76,11 +76,9 @@ func NewAlertmanagerClient(amURL *url.URL) *client.Alertmanager { func (a *AlertDispatcher) LoopSendAlerts(ctx context.Context, es store.EventStore) { for { events, err := es.FindWhereAlertNotSent() - if err != nil { a.logger.WithError(err).Error("alertdispatcher: error while finding events to alert") } - for _, event := range events { if event.GetType() == tarianpb.EventTypeViolation || event.GetType() == tarianpb.EventTypeFalcoAlert { err := a.SendAlert(event) @@ -90,6 +88,7 @@ func (a *AlertDispatcher) LoopSendAlerts(ctx context.Context, es store.EventStor if err != nil { a.logger.WithError(err).Warn("alertdispatcher: error while updating alert sent") } + a.logger.Debug("alertdispatcher: AlertSentAt time upated successfully", event.GetUid()) } } } diff --git a/pkg/server/dgraphstore/dgraph_event_store.go b/pkg/server/dgraphstore/dgraph_event_store.go index 016c2eaf..f0fc661b 100644 --- a/pkg/server/dgraphstore/dgraph_event_store.go +++ b/pkg/server/dgraphstore/dgraph_event_store.go @@ -338,7 +338,7 @@ func dgraphEventFromPb(pbEvent *tarianpb.Event) (*Event, error) { func (d *dgraphEventStore) FindWhereAlertNotSent() ([]*tarianpb.Event, error) { q := fmt.Sprintf(` { - events(func: type(Event)) @filter(not has(event_alert_sent_at)) { + events(func: type(Event)) @filter(not eq(event_type, "tarian-detection/detection") AND not has(event_alert_sent_at)) { %s } } diff --git a/pkg/server/ingestion_worker.go b/pkg/server/ingestion_worker.go index 44fb73d0..b7800556 100644 --- a/pkg/server/ingestion_worker.go +++ b/pkg/server/ingestion_worker.go @@ -4,6 +4,7 @@ import ( "github.com/kube-tarian/tarian/pkg/protoqueue" "github.com/kube-tarian/tarian/pkg/store" "github.com/kube-tarian/tarian/pkg/tarianpb" + uuid "github.com/satori/go.uuid" "github.com/sirupsen/logrus" "google.golang.org/protobuf/types/known/timestamppb" ) @@ -54,6 +55,8 @@ func (iw *IngestionWorker) Start() { } event.ServerTimestamp = timestamppb.Now() + uid := uuid.NewV4() + event.Uid = uid.String() err = iw.eventStore.Add(event) if err != nil { From 60ce8adb4d9d134b0e5db72b78805cfa06594cee Mon Sep 17 00:00:00 2001 From: kumari-anupam <119656911+kumari-anupam@users.noreply.github.com> Date: Tue, 9 Apr 2024 11:41:08 +0530 Subject: [PATCH 36/39] fixed code --- cmd/tarian-node-agent/cmd/run.go | 4 ---- 1 file changed, 4 deletions(-) diff --git a/cmd/tarian-node-agent/cmd/run.go b/cmd/tarian-node-agent/cmd/run.go index dff3e0cb..1d8cd491 100644 --- a/cmd/tarian-node-agent/cmd/run.go +++ b/cmd/tarian-node-agent/cmd/run.go @@ -124,10 +124,6 @@ func (c *runCommand) setLinuxKernelVersion() error { patch := strArr[2] // Split to get the patch version strArr = strings.Split(patch, "-") - if len(strArr) < 1 { - c.logger.WithField("version", linuxKernelVersion).Fatal("invalid linux patch kernel version") - return fmt.Errorf("invalid linux kernel patch version: %s", linuxKernelVersion) - } patchVersion := strArr[0] os.Setenv("LINUX_VERSION_MAJOR", majorVersion) os.Setenv("LINUX_VERSION_MINOR", minorVersion) From 1be78b79c891957c0b0738d736ca41ad8de2ef8f Mon Sep 17 00:00:00 2001 From: kumari-anupam <119656911+kumari-anupam@users.noreply.github.com> Date: Tue, 23 Apr 2024 00:23:08 +0530 Subject: [PATCH 37/39] added goroutine to ready the events from queue --- go.mod | 2 -- go.sum | 4 +-- pkg/server/ingestion_worker.go | 51 +++++++++++++++++++--------------- 3 files changed, 31 insertions(+), 26 deletions(-) diff --git a/go.mod b/go.mod index 43793560..dfeeef8e 100644 --- a/go.mod +++ b/go.mod @@ -119,5 +119,3 @@ require ( k8s.io/utils v0.0.0-20240310230437-4693a0247e57 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect ) - -replace github.com/intelops/tarian-detector => github.com/andylibrian/tarian-detector v0.0.0-20240314095358-bd4d5419e74a diff --git a/go.sum b/go.sum index e5a48479..cf0d6ed4 100644 --- a/go.sum +++ b/go.sum @@ -41,8 +41,6 @@ github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRF github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE= -github.com/andylibrian/tarian-detector v0.0.0-20240314095358-bd4d5419e74a h1:8nYnMuaN3B0iflTDJrjh1SOQUijvIR4Qw+0Q+GHQYYk= -github.com/andylibrian/tarian-detector v0.0.0-20240314095358-bd4d5419e74a/go.mod h1:dXcRWq8AHABseHsjcnM8iJqwXCGX+dGGOR8kiXw1acY= github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= @@ -280,6 +278,8 @@ github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= +github.com/intelops/tarian-detector v0.0.0-20240226164335-7701e4e67daa h1:ExaZjScIYDDIfCOygau+d09cvJdJdrWEN3yfHdehgbE= +github.com/intelops/tarian-detector v0.0.0-20240226164335-7701e4e67daa/go.mod h1:u7VW9+KOi2ujvIevz/LtfaXkjfkBp7BKgGuPcSq814E= github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= diff --git a/pkg/server/ingestion_worker.go b/pkg/server/ingestion_worker.go index b7800556..c5176a6c 100644 --- a/pkg/server/ingestion_worker.go +++ b/pkg/server/ingestion_worker.go @@ -34,33 +34,40 @@ func NewIngestionWorker(logger *logrus.Logger, eventStore store.EventStore, queu } // Start starts the IngestionWorker, continuously processing messages from the ingestion queue. -// -// Working: -// - The IngestionWorker continuously fetches messages from the ingestion queue. -// - It checks if the message is a valid event. -// - If it is a valid event, it updates the server timestamp and stores the event in the event store. -// - If there are errors during processing, they are logged. +// It uses a goroutine and a buffered channel to read events from the queue in the background. func (iw *IngestionWorker) Start() { - for { - msg, err := iw.IngestionQueue.NextMessage(&tarianpb.Event{}) - if err != nil { - iw.logger.WithError(err).Error("error while processing event") - continue - } + eventChan := make(chan *tarianpb.Event, 1000) // buffered channel with capacity 1000 + + go func() { + defer close(eventChan) // close the channel on exit + + for { + event, err := iw.IngestionQueue.NextMessage(&tarianpb.Event{}) + if err != nil { + iw.logger.WithError(err).Error("error while processing event") + continue + } - event, ok := msg.(*tarianpb.Event) - if !ok { - iw.logger.WithError(err).Error("error while processing event") - continue + eventChan <- event.(*tarianpb.Event) } + }() - event.ServerTimestamp = timestamppb.Now() - uid := uuid.NewV4() - event.Uid = uid.String() - err = iw.eventStore.Add(event) + go func() { + defer iw.logger.Info("stopped consuming events from ingestion queue") - if err != nil { - iw.logger.WithError(err).Error("error while processing event") + for event := range eventChan { + iw.processEvent(event) } + }() +} + +func (iw *IngestionWorker) processEvent(event *tarianpb.Event) { + event.ServerTimestamp = timestamppb.Now() + uid := uuid.NewV4() + event.Uid = uid.String() + err := iw.eventStore.Add(event) + + if err != nil { + iw.logger.WithError(err).Error("error while processing event") } } From fa7f11a0730e6e26a28cd989ed20caec24ab8d52 Mon Sep 17 00:00:00 2001 From: kumari-anupam <119656911+kumari-anupam@users.noreply.github.com> Date: Tue, 23 Apr 2024 00:29:27 +0530 Subject: [PATCH 38/39] upgraded x/net pkg version to v0.23.0 --- go.mod | 4 +++- go.sum | 8 ++++---- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index dfeeef8e..2c18a523 100644 --- a/go.mod +++ b/go.mod @@ -61,7 +61,7 @@ require ( github.com/spf13/pflag v1.0.5 go.mongodb.org/mongo-driver v1.10.0 // indirect go.uber.org/atomic v1.11.0 // indirect - golang.org/x/net v0.22.0 + golang.org/x/net v0.23.0 golang.org/x/oauth2 v0.18.0 // indirect golang.org/x/sys v0.18.0 // indirect golang.org/x/term v0.18.0 // indirect @@ -119,3 +119,5 @@ require ( k8s.io/utils v0.0.0-20240310230437-4693a0247e57 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect ) + +replace github.com/intelops/tarian-detector => github.com/andylibrian/tarian-detector v0.0.0-20240314095358-bd4d5419e74a diff --git a/go.sum b/go.sum index cf0d6ed4..4417ab54 100644 --- a/go.sum +++ b/go.sum @@ -41,6 +41,8 @@ github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRF github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE= +github.com/andylibrian/tarian-detector v0.0.0-20240314095358-bd4d5419e74a h1:8nYnMuaN3B0iflTDJrjh1SOQUijvIR4Qw+0Q+GHQYYk= +github.com/andylibrian/tarian-detector v0.0.0-20240314095358-bd4d5419e74a/go.mod h1:dXcRWq8AHABseHsjcnM8iJqwXCGX+dGGOR8kiXw1acY= github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= @@ -278,8 +280,6 @@ github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= -github.com/intelops/tarian-detector v0.0.0-20240226164335-7701e4e67daa h1:ExaZjScIYDDIfCOygau+d09cvJdJdrWEN3yfHdehgbE= -github.com/intelops/tarian-detector v0.0.0-20240226164335-7701e4e67daa/go.mod h1:u7VW9+KOi2ujvIevz/LtfaXkjfkBp7BKgGuPcSq814E= github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= @@ -598,8 +598,8 @@ golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc= -golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= +golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= +golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= From 6a88e16aed30ee61cfc03f9331d2963bc35feeaf Mon Sep 17 00:00:00 2001 From: kumari-anupam <119656911+kumari-anupam@users.noreply.github.com> Date: Tue, 23 Apr 2024 02:52:31 +0530 Subject: [PATCH 39/39] added retry logic to publish the event --- pkg/protoqueue/nats.go | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/pkg/protoqueue/nats.go b/pkg/protoqueue/nats.go index 7b8208a0..8b1fbbcb 100644 --- a/pkg/protoqueue/nats.go +++ b/pkg/protoqueue/nats.go @@ -3,6 +3,7 @@ package protoqueue import ( "errors" "fmt" + "log" "time" "github.com/nats-io/nats.go" @@ -175,7 +176,7 @@ func (j *JetStream) Publish(queuedMessage proto.Message) error { return fmt.Errorf("nats: jetstream publish: failed to marshal queued message: %w", err) } - _, err = j.Conn.JSContext.Publish(j.StreamName, data) + err = j.publishWithRetry(j.StreamName, data) if err != nil { return fmt.Errorf("nats: jetstream publish: failed to publish message: %w", err) } @@ -183,6 +184,24 @@ func (j *JetStream) Publish(queuedMessage proto.Message) error { return nil } +func (j *JetStream) publishWithRetry(subject string, data []byte) error { + maxRetries := 5 + RetryInterval := 5 * time.Second + var err error + for i := 0; i < maxRetries; i++ { + // Publish message + _, err = j.Conn.JSContext.Publish(subject, data) + if err == nil { + // Message published successfully + return nil + } + log.Printf("Publish attempt %d failed: %v", i+1, err) + // Wait before retrying + time.Sleep(RetryInterval) + } + return err +} + // NextMessage retrieves the next message from the JetStream queue and unmarshals it into the provided protobuf message. // // Parameters: