Merge pull request #100 from nyrahul/main

changed the EventChan exported data; fixed lints

cmd/rotate-tls.go

@@ -11,7 +11,7 @@ var rotateCmd = &cobra.Command{
 	Short: "Rotate webhook controller tls certificates",
 	Long:  `Rotate webhook controller tls certificates`,
 	RunE: func(cmd *cobra.Command, args []string) error {
-		if err := rotatetls.RotateTls(client, namespace); err != nil {
+		if err := rotatetls.RotateTLS(client, namespace); err != nil {
 			return err
 		}
 		return nil

cmd/vm.go

@@ -12,9 +12,12 @@ import (
 
 var (
 	scriptOptions vm.ScriptOptions
-	HTTPIP        string // HTTPIP : IP of the http request
-	HTTPPort      string // HTTPPort : Port of the http request
-	IsKvmsEnv     bool
+	// HTTPIP : IP of the http request
+	HTTPIP string
+	// HTTPPort : Port of the http request
+	HTTPPort string
+	//IsKvmsEnv : Is kubearmor virtual machine env?
+	IsKvmsEnv bool
 )
 
 // vmCmd represents the vm command

go.sum

@@ -856,10 +856,6 @@ github.com/kubearmor/KVMService/src/types v0.0.0-20220619161146-0f42a61893bc h1:
 github.com/kubearmor/KVMService/src/types v0.0.0-20220619161146-0f42a61893bc/go.mod h1:jH95bvc6gzdHxVdyUAx/MM9q27P9EPQUl13HkBO5mr4=
 github.com/kubearmor/KubeArmor/KubeArmor v0.0.0-20220620050120-7e1810d2ad41 h1:JcYB5FBXQC25LYERpVPIiKAe+Yqi5ajE6Nhlzdt+L3w=
 github.com/kubearmor/KubeArmor/KubeArmor v0.0.0-20220620050120-7e1810d2ad41/go.mod h1:PS5U+aErr2Phj1RqOjdQaIcCFaNCNNVk/AzMacvOg0Q=
-github.com/kubearmor/KubeArmor/deployments v0.0.0-20220620050120-7e1810d2ad41 h1:cxbg7TJuNXQ2klgOCqT2qi0Bf7RdeYMFhptDqQc5pLs=
-github.com/kubearmor/KubeArmor/deployments v0.0.0-20220620050120-7e1810d2ad41/go.mod h1:cyEhgwG/sKmC6OI0Jgx+4T6/G7YiafcX2OpgSsbZ+b8=
-github.com/kubearmor/KubeArmor/deployments v0.0.0-20220705112953-c714aa67d578 h1:QkijCgbUnkxY16tpK2eaKU3yuaV8wvaVnIs8WjrOqUk=
-github.com/kubearmor/KubeArmor/deployments v0.0.0-20220705112953-c714aa67d578/go.mod h1:cyEhgwG/sKmC6OI0Jgx+4T6/G7YiafcX2OpgSsbZ+b8=
 github.com/kubearmor/KubeArmor/deployments v0.0.0-20220706172948-9d2644f2666b h1:prbwatIC08aeULQd+71mGNSROAnKBt4Z/OLzarcdMP4=
 github.com/kubearmor/KubeArmor/deployments v0.0.0-20220706172948-9d2644f2666b/go.mod h1:cyEhgwG/sKmC6OI0Jgx+4T6/G7YiafcX2OpgSsbZ+b8=
 github.com/kubearmor/KubeArmor/pkg/KubeArmorHostPolicy v0.0.0-20220620050120-7e1810d2ad41 h1:qlcrgrK4NAD1tIatGKUgsZUh/TfLXdLfyNwS7wbnKF0=

insight/insight.go

@@ -27,7 +27,7 @@ type Options struct {
 	Rule          string
 }
 
-// Get insights on observability data
+// StartInsight - Get insights on observability data
 func StartInsight(o Options) error {
 	gRPC := ""
 

install/pki.go

@@ -12,6 +12,7 @@ import (
 	"time"
 )
 
+// GeneratePki - generate pub/priv keypair
 func GeneratePki(namespace string, serviceName string) (*bytes.Buffer, *bytes.Buffer, *bytes.Buffer, error) {
 	ca, cakey, err := GenerateCA()
 	if err != nil {
@@ -57,6 +58,7 @@ func GeneratePki(namespace string, serviceName string) (*bytes.Buffer, *bytes.Bu
 	return caPEM, crtPEM, crtKeyPEM, nil
 }
 
+// GenerateCA - generate private key and a cert for a CA
 func GenerateCA() (*x509.Certificate, *rsa.PrivateKey, error) {
 	ca := &x509.Certificate{
 		SerialNumber: big.NewInt(123),
@@ -81,6 +83,7 @@ func GenerateCA() (*x509.Certificate, *rsa.PrivateKey, error) {
 	return ca, caPrivKey, nil
 }
 
+// GenerateCSR - generate certificate signing request
 func GenerateCSR(namespace string, serviceName string) (*x509.Certificate, *rsa.PrivateKey, error) {
 	csr := &x509.Certificate{
 		SerialNumber: big.NewInt(1234),
@@ -108,6 +111,7 @@ func GenerateCSR(namespace string, serviceName string) (*x509.Certificate, *rsa.
 	return csr, certPrivKey, nil
 }
 
+// SignCSR - signs a certificate signing request essentially approving it using the given CA
 func SignCSR(caCrt *x509.Certificate, caKey *rsa.PrivateKey, csrCrt *x509.Certificate, csrKey *rsa.PrivateKey) ([]byte, error) {
 	certBytes, err := x509.CreateCertificate(rand.Reader, csrCrt, caCrt, &csrKey.PublicKey, caKey)
 	if err != nil {

log/log.go

@@ -43,7 +43,7 @@ type Options struct {
 	Resource      string
 	Limit         uint32
 	Selector      []string
-	EventChan     chan []byte // channel to send events on
+	EventChan     chan EventInfo // channel to send events on
 }
 
 // StopChan Channel

log/logClient.go

@@ -21,6 +21,12 @@ import (
 	"google.golang.org/grpc"
 )
 
+// EventInfo Event data signalled on EventChan
+type EventInfo struct {
+	Data []byte // json marshalled byte data for alert/log
+	Type string // "Alert"/"Log"
+}
+
 // Limitchan handles telemetry event output limit
 var Limitchan chan bool
 var i uint32
@@ -354,7 +360,7 @@ func WatchTelemetryHelper(arr []byte, t string, o Options) {
 
 	// Pass Events to Channel for further handling
 	if o.EventChan != nil {
-		o.EventChan <- arr
+		o.EventChan <- EventInfo{Data: arr, Type: t}
 	}
 
 	if o.JSON {

log/logClient_test.go

@@ -9,7 +9,7 @@ import (
 	pb "github.com/kubearmor/KubeArmor/protobuf"
 )
 
-var eventChan chan []byte
+var eventChan chan EventInfo
 var done chan bool
 var gotAlerts = 0
 var gotLogs = 0
@@ -18,15 +18,10 @@ const maxEvents = 5
 
 func genericWaitOnEvent(cnt int) {
 	for evtin := range eventChan {
-		var res map[string]interface{}
-		err := json.Unmarshal(evtin, &res)
-		if err != nil {
-			fmt.Printf("error unmarshling %v\n", err.Error())
-		}
-		switch res["Type"].(string) {
-		case "MatchedPolicy":
+		switch evtin.Type {
+		case "Alert":
 			gotAlerts++
-		case "ContainerLog", "HostLog":
+		case "Log":
 			gotLogs++
 		default:
 			fmt.Printf("unknown event\n")
@@ -52,7 +47,7 @@ func TestLogClient(t *testing.T) {
 		ContainerImage: "evergreen",
 		Type:           "MatchedPolicy",
 	}
-	eventChan = make(chan []byte, maxEvents)
+	eventChan = make(chan EventInfo, maxEvents)
 	var o = Options{
 		EventChan: eventChan,
 	}

rotatetls/rotate-tls.go

@@ -13,7 +13,8 @@ import (
 	"k8s.io/apimachinery/pkg/util/rand"
 )
 
-func RotateTls(c *k8s.Client, namespace string) error {
+// RotateTLS - rotate TLS certs
+func RotateTLS(c *k8s.Client, namespace string) error {
 	// verify if all needed component are present in the cluster
 	fmt.Print("Checking if all needed component are present ...\n")
 	if _, err := c.K8sClientset.AdmissionregistrationV1().MutatingWebhookConfigurations().Get(context.Background(), deployments.AnnotationsControllerServiceName, metav1.GetOptions{}); err != nil {

selfupdate/selfupdate.go

@@ -45,24 +45,25 @@ func confirmUserAction(action string) bool {
 	return true
 }
 
-func getLatest() (error, *selfupdate.Release) {
+func getLatest() (*selfupdate.Release, error) {
 	latest, found, err := selfupdate.DetectLatest(ghrepo)
 	if err != nil {
 		fmt.Println("Error occurred while detecting version:", err)
-		return err, nil
+		return nil, err
 	}
 	if !found {
 		fmt.Println("could not find latest release details")
-		return errors.New("could not find latest release"), nil
+		return nil, errors.New("could not find latest release")
 	}
-	return nil, latest
+	return latest, nil
 }
 
+//IsLatest - check if the current binary is the latest
 func IsLatest(curver string) (bool, string) {
 	if curver != "" && !isValidVersion(curver) {
 		return true, ""
 	}
-	err, latest := getLatest()
+	latest, err := getLatest()
 	if err != nil {
 		fmt.Println("failed getting latest info")
 		return true, ""
@@ -78,7 +79,7 @@ func IsLatest(curver string) (bool, string) {
 }
 
 func doSelfUpdate(curver string) error {
-	err, latest := getLatest()
+	latest, err := getLatest()
 	if err != nil {
 		return err
 	}

vm/label.go

@@ -81,10 +81,9 @@ func LabelHandling(t string, o LabelOptions, address string, isKvmsEnv bool) err
 	if t == "LIST" {
 		if string(respBody) == "" {
 			return fmt.Errorf("failed to get label list")
-		} else {
-			fmt.Printf("The label list for %s is %s\n", o.VMName, string(respBody))
-			return nil
 		}
+		fmt.Printf("The label list for %s is %s\n", o.VMName, string(respBody))
+		return nil
 	}
 
 	fmt.Println("Success")

vm/onboarding.go

@@ -74,6 +74,7 @@ func List(address string) error {
 	return nil
 }
 
+// Onboarding - onboards a vm
 func Onboarding(eventType string, path string, address string) error {
 	var vm tp.KubeArmorVirtualMachinePolicy