operator: add karmor.yaml field in configmap

tesla59 · tesla59 · commit dd6ae7c95459 · 2025-02-22T10:00:18.000Z
Signed-off-by: tesla59 &lt;nishant@heim.id&gt;
diff --git a/pkg/KubeArmorOperator/common/defaults.go b/pkg/KubeArmorOperator/common/defaults.go
@@ -75,6 +75,8 @@ var (
 
 	// KubeArmorConfigMapName string = "kubearmor-config"
 
+	KubeArmorConfigFileName string = "karmor.yaml"
+
 	// ConfigMap Data
 	ConfigGRPC                       string = "gRPC"
 	ConfigVisibility                 string = "visibility"
diff --git a/pkg/KubeArmorOperator/internal/controller/cluster.go b/pkg/KubeArmorOperator/internal/controller/cluster.go
@@ -1255,35 +1255,43 @@ func UpdateRecommendedPolicyConfig(config *opv1.KubeArmorConfigSpec) bool {
 
 func UpdateConfigMapData(config *opv1.KubeArmorConfigSpec) bool {
 	updated := false
+	configMapData := ""
+
 	if config.DefaultFilePosture != "" {
 		if common.ConfigMapData[common.ConfigDefaultFilePosture] != string(config.DefaultFilePosture) {
 			common.ConfigMapData[common.ConfigDefaultFilePosture] = string(config.DefaultFilePosture)
 			updated = true
 		}
+		configMapData += fmt.Sprintf("defaultFilePosture: %s\n", config.DefaultFilePosture)
 	}
 	if config.DefaultCapabilitiesPosture != "" {
 		if common.ConfigMapData[common.ConfigDefaultCapabilitiesPosture] != string(config.DefaultCapabilitiesPosture) {
 			common.ConfigMapData[common.ConfigDefaultCapabilitiesPosture] = string(config.DefaultCapabilitiesPosture)
 			updated = true
 		}
+		configMapData += fmt.Sprintf("defaultCapabilitiesPosture: %s\n", config.DefaultCapabilitiesPosture)
 	}
 	if config.DefaultNetworkPosture != "" {
 		if common.ConfigMapData[common.ConfigDefaultNetworkPosture] != string(config.DefaultNetworkPosture) {
 			common.ConfigMapData[common.ConfigDefaultNetworkPosture] = string(config.DefaultNetworkPosture)
 			updated = true
 		}
+		configMapData += fmt.Sprintf("defaultNetworkPosture: %s\n", config.DefaultNetworkPosture)
 	}
 	if config.DefaultVisibility != "" {
 		if common.ConfigMapData[common.ConfigVisibility] != config.DefaultVisibility {
 			common.ConfigMapData[common.ConfigVisibility] = config.DefaultVisibility
 			updated = true
 		}
+		configMapData += fmt.Sprintf("defaultVisibility: %s\n", config.DefaultVisibility)
 	}
 	AlertThrottlingEnabled := strconv.FormatBool(config.AlertThrottling)
 	if common.ConfigMapData[common.ConfigAlertThrottling] != AlertThrottlingEnabled {
 		common.ConfigMapData[common.ConfigAlertThrottling] = AlertThrottlingEnabled
 		updated = true
 	}
+	configMapData += fmt.Sprintf("alertThrottling: %t\n", config.AlertThrottling)
+
 	MaxAlertPerSec := strconv.FormatInt(int64(config.MaxAlertPerSec), 10)
 	if config.MaxAlertPerSec == 0 {
 		MaxAlertPerSec = common.DefaultMaxAlertPerSec
@@ -1292,6 +1300,7 @@ func UpdateConfigMapData(config *opv1.KubeArmorConfigSpec) bool {
 		common.ConfigMapData[common.ConfigMaxAlertPerSec] = MaxAlertPerSec
 		updated = true
 	}
+	configMapData += fmt.Sprintf("maxAlertPerSec: %s\n", MaxAlertPerSec)
 
 	ThrottleSec := strconv.FormatInt(int64(config.ThrottleSec), 10)
 	if config.ThrottleSec == 0 {
@@ -1301,6 +1310,10 @@ func UpdateConfigMapData(config *opv1.KubeArmorConfigSpec) bool {
 		common.ConfigMapData[common.ConfigThrottleSec] = ThrottleSec
 		updated = true
 	}
+	configMapData += fmt.Sprintf("throttleSec: %s\n", ThrottleSec)
+
+	common.ConfigMapData[common.KubeArmorConfigFileName] = configMapData
+
 	return updated
 }
 

Original file line number	Diff line number	Diff line change
`@@ -1255,35 +1255,43 @@ func UpdateRecommendedPolicyConfig(config *opv1.KubeArmorConfigSpec) bool {`
`1255`	`1255`
`1256`	`1256`	`func UpdateConfigMapData(config *opv1.KubeArmorConfigSpec) bool {`
`1257`	`1257`	`updated := false`
	`1258`	`+ configMapData := ""`
	`1259`	`+`
`1258`	`1260`	`if config.DefaultFilePosture != "" {`
`1259`	`1261`	`if common.ConfigMapData[common.ConfigDefaultFilePosture] != string(config.DefaultFilePosture) {`
`1260`	`1262`	`common.ConfigMapData[common.ConfigDefaultFilePosture] = string(config.DefaultFilePosture)`
`1261`	`1263`	`updated = true`
`1262`	`1264`	`}`
	`1265`	`+ configMapData += fmt.Sprintf("defaultFilePosture: %s\n", config.DefaultFilePosture)`
`1263`	`1266`	`}`
`1264`	`1267`	`if config.DefaultCapabilitiesPosture != "" {`
`1265`	`1268`	`if common.ConfigMapData[common.ConfigDefaultCapabilitiesPosture] != string(config.DefaultCapabilitiesPosture) {`
`1266`	`1269`	`common.ConfigMapData[common.ConfigDefaultCapabilitiesPosture] = string(config.DefaultCapabilitiesPosture)`
`1267`	`1270`	`updated = true`
`1268`	`1271`	`}`
	`1272`	`+ configMapData += fmt.Sprintf("defaultCapabilitiesPosture: %s\n", config.DefaultCapabilitiesPosture)`
`1269`	`1273`	`}`
`1270`	`1274`	`if config.DefaultNetworkPosture != "" {`
`1271`	`1275`	`if common.ConfigMapData[common.ConfigDefaultNetworkPosture] != string(config.DefaultNetworkPosture) {`
`1272`	`1276`	`common.ConfigMapData[common.ConfigDefaultNetworkPosture] = string(config.DefaultNetworkPosture)`
`1273`	`1277`	`updated = true`
`1274`	`1278`	`}`
	`1279`	`+ configMapData += fmt.Sprintf("defaultNetworkPosture: %s\n", config.DefaultNetworkPosture)`
`1275`	`1280`	`}`
`1276`	`1281`	`if config.DefaultVisibility != "" {`
`1277`	`1282`	`if common.ConfigMapData[common.ConfigVisibility] != config.DefaultVisibility {`
`1278`	`1283`	`common.ConfigMapData[common.ConfigVisibility] = config.DefaultVisibility`
`1279`	`1284`	`updated = true`
`1280`	`1285`	`}`
	`1286`	`+ configMapData += fmt.Sprintf("defaultVisibility: %s\n", config.DefaultVisibility)`
`1281`	`1287`	`}`
`1282`	`1288`	`AlertThrottlingEnabled := strconv.FormatBool(config.AlertThrottling)`
`1283`	`1289`	`if common.ConfigMapData[common.ConfigAlertThrottling] != AlertThrottlingEnabled {`
`1284`	`1290`	`common.ConfigMapData[common.ConfigAlertThrottling] = AlertThrottlingEnabled`
`1285`	`1291`	`updated = true`
`1286`	`1292`	`}`
	`1293`	`+ configMapData += fmt.Sprintf("alertThrottling: %t\n", config.AlertThrottling)`
	`1294`	`+`
`1287`	`1295`	`MaxAlertPerSec := strconv.FormatInt(int64(config.MaxAlertPerSec), 10)`
`1288`	`1296`	`if config.MaxAlertPerSec == 0 {`
`1289`	`1297`	`MaxAlertPerSec = common.DefaultMaxAlertPerSec`
`@@ -1292,6 +1300,7 @@ func UpdateConfigMapData(config *opv1.KubeArmorConfigSpec) bool {`
`1292`	`1300`	`common.ConfigMapData[common.ConfigMaxAlertPerSec] = MaxAlertPerSec`
`1293`	`1301`	`updated = true`
`1294`	`1302`	`}`
	`1303`	`+ configMapData += fmt.Sprintf("maxAlertPerSec: %s\n", MaxAlertPerSec)`
`1295`	`1304`
`1296`	`1305`	`ThrottleSec := strconv.FormatInt(int64(config.ThrottleSec), 10)`
`1297`	`1306`	`if config.ThrottleSec == 0 {`
`@@ -1301,6 +1310,10 @@ func UpdateConfigMapData(config *opv1.KubeArmorConfigSpec) bool {`
`1301`	`1310`	`common.ConfigMapData[common.ConfigThrottleSec] = ThrottleSec`
`1302`	`1311`	`updated = true`
`1303`	`1312`	`}`
	`1313`	`+ configMapData += fmt.Sprintf("throttleSec: %s\n", ThrottleSec)`
	`1314`	`+`
	`1315`	`+ common.ConfigMapData[common.KubeArmorConfigFileName] = configMapData`
	`1316`	`+`
`1304`	`1317`	`return updated`
`1305`	`1318`	`}`
`1306`	`1319`