Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Apparmor check_paas #253

Merged
merged 4 commits into from
Dec 7, 2022
Merged

Apparmor check_paas #253

merged 4 commits into from
Dec 7, 2022

Conversation

alexarefev
Copy link
Collaborator

@alexarefev alexarefev commented Oct 13, 2022
edited by koryaga
Loading

Description

  • Apparmor validations and checks are necessary

Resolves #34

Solution

  • Implement new tasks to check_paas for Apparmor status and configuration
  • Implement TODO part in system module
  • Fix is_state_valid and parse_status methods

How to apply

Not applicable

Test Cases

TestCase 1
Check if the check_paas tasks work

Test Configuration:

  • Hardware: 4CPU/4GB
  • OS: Ubuntu 20.04
  • Inventory: Allinone

Steps:

  1. Install Kubernetes cluster with Apparmor is enabled.
  2. Run check_paas with tasks services.security.apparmor
  3. Change Apparmor configuration on host.
  4. Run check_paas with tasks services.security.apparmor
  5. Disable Apparmor on host.
  6. Run check_paas with tasks services.security.apparmor

Results:

Before After
Not available Apparmor is enabled, configuration is valid
Not available Apparmor is enabled, configuration is invalid
Not available Apparmor is disabled, configuration is invalid

TestCase 2
Check if the validation works

Test Configuration:

  • Hardware: 4CPU/4GB
  • OS: Ubuntu 20.04
  • Inventory: Allinone

Steps:

  1. Run installation Kubernetes cluster with Apparmor enabled.

Results:

Before After
Not available Success

Checklist

  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • Integration CI passed
  • Unit tests. If Yes list of new/changed tests with brief description
  • There is no merge conflicts

@alexarefev alexarefev added the improvement New feature or request label Oct 13, 2022
@alexarefev alexarefev marked this pull request as ready for review November 23, 2022 06:19
@koryaga koryaga merged commit 1f1d457 into main Dec 7, 2022
@koryaga koryaga deleted the apparmor_check branch December 7, 2022 11:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@koryaga koryaga koryaga approved these changes

@theboringstuff theboringstuff Awaiting requested review from theboringstuff

@ilia1243 ilia1243 Awaiting requested review from ilia1243

@igza0216 igza0216 Awaiting requested review from igza0216

Assignees

@koryaga koryaga

Labels
improvement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

AppArmor installation validation and test in check_paas required
2 participants
@alexarefev @koryaga