Merge remote-tracking branch 'origin/front-pcap-dump-enabled-env' into front-pcap-dump-enabled-env

2025-06-24 23:34:45 +00:00 · 2025-04-16 22:29:29 +03:00 · 2025-04-16 22:29:29 +03:00 · 2017af6826
commit 2017af6826
parent a7be337cc9 18cf3e62be
12 changed files with 71 additions and 19 deletions
--- a/cmd/config.go
+++ b/cmd/config.go
@ -2,7 +2,6 @@ package cmd
 import (
 	"fmt"
 	"path"
 	"github.com/creasty/defaults"
 	"github.com/kubeshark/kubeshark/config"
@ -52,5 +51,5 @@ func init() {
 		log.Debug().Err(err).Send()
 	}
-	configCmd.Flags().BoolP(configStructs.RegenerateConfigName, "r", defaultConfig.Config.Regenerate, fmt.Sprintf("Regenerate the config file with default values to path %s", path.Join(misc.GetDotFolderPath(), "config.yaml")))
+	configCmd.Flags().BoolP(configStructs.RegenerateConfigName, "r", defaultConfig.Config.Regenerate, fmt.Sprintf("Regenerate the config file with default values to path %s", config.GetConfigFilePath(nil)))
 }
--- a/cmd/root.go
+++ b/cmd/root.go
@ -33,6 +33,7 @@ func init() {
 	rootCmd.PersistentFlags().StringSlice(config.SetCommandName, []string{}, fmt.Sprintf("Override values using --%s", config.SetCommandName))
 	rootCmd.PersistentFlags().BoolP(config.DebugFlag, "d", false, "Enable debug mode")
 	rootCmd.PersistentFlags().String(config.ConfigPathFlag, "", fmt.Sprintf("Set the config path, default: %s", config.GetConfigFilePath(nil)))
 }
 // Execute adds all child commands to the root command and sets flags appropriately.
--- a/config/config.go
+++ b/config/config.go
@ -28,6 +28,7 @@ const (
 	FieldNameTag   = "yaml"
 	ReadonlyTag    = "readonly"
 	DebugFlag      = "debug"
 	ConfigPathFlag = "config-path"
 )
 var (
@ -82,7 +83,7 @@ func InitConfig(cmd *cobra.Command) error {
 		return err
 	}
-	ConfigFilePath = path.Join(misc.GetDotFolderPath(), "config.yaml")
+	ConfigFilePath = GetConfigFilePath(cmd)
 	if err := loadConfigFile(&Config, utils.Contains([]string{
 		"manifests",
 		"license",
@ -134,21 +135,44 @@ func WriteConfig(config *ConfigStruct) error {
 	return nil
 }
-func loadConfigFile(config *ConfigStruct, silent bool) error {
+func GetConfigFilePath(cmd *cobra.Command) string {
 	defaultConfigPath := path.Join(misc.GetDotFolderPath(), "config.yaml")
 	cwd, err := os.Getwd()
 	if err != nil {
-		return err
+		return defaultConfigPath
 	}
 	if cmd != nil {
 		configPathOverride, err := cmd.Flags().GetString(ConfigPathFlag)
 		if err == nil {
 			if configPathOverride != "" {
 				resolvedConfigPath, err := filepath.Abs(configPathOverride)
 				if err != nil {
 					log.Error().Err(err).Msg("--config-path flag path cannot be resolved")
 				} else {
 					return resolvedConfigPath
 				}
 			}
 		} else {
 			log.Error().Err(err).Msg("--config-path flag parser error")
 		}
 	}
 	cwdConfig := filepath.Join(cwd, fmt.Sprintf("%s.yaml", misc.Program))
 	reader, err := os.Open(cwdConfig)
 	if err != nil {
-		reader, err = os.Open(ConfigFilePath)
+		return defaultConfigPath
 		if err != nil {
 			return err
 		}
 	} else {
-		ConfigFilePath = cwdConfig
+		reader.Close()
 		return cwdConfig
 	}
 }
 func loadConfigFile(config *ConfigStruct, silent bool) error {
 	reader, err := os.Open(ConfigFilePath)
 	if err != nil {
 		return err
 	}
 	defer reader.Close()
@ -176,9 +200,14 @@ func initFlag(f *pflag.Flag) {
 	flagPath = append(flagPath, strings.Split(f.Name, "-")...)
 	flagPathJoined := strings.Join(flagPath, ".")
 	if strings.HasSuffix(flagPathJoined, ".config.path") {
 		return
 	}
 	sliceValue, isSliceValue := f.Value.(pflag.SliceValue)
 	if !isSliceValue {
-		if err := mergeFlagValue(configElemValue, flagPath, strings.Join(flagPath, "."), f.Value.String()); err != nil {
+		if err := mergeFlagValue(configElemValue, flagPath, flagPathJoined, f.Value.String()); err != nil {
 			log.Warn().Err(err).Send()
 		}
 		return
@ -191,7 +220,7 @@ func initFlag(f *pflag.Flag) {
 		return
 	}
-	if err := mergeFlagValues(configElemValue, flagPath, strings.Join(flagPath, "."), sliceValue.GetSlice()); err != nil {
+	if err := mergeFlagValues(configElemValue, flagPath, flagPathJoined, sliceValue.GetSlice()); err != nil {
 		log.Warn().Err(err).Send()
 	}
 }
--- a/config/configStructs/tapConfig.go
+++ b/config/configStructs/tapConfig.go
@ -227,6 +227,10 @@ type WatchdogConfig struct {
 	Enabled bool `yaml:"enabled" json:"enabled" default:"true"`
 }
 type GitopsConfig struct {
 	Enabled bool `yaml:"enabled" json:"enabled" default:"false"`
 }
 type CapabilitiesConfig struct {
 	NetworkCapture     []string `yaml:"networkCapture" json:"networkCapture"  default:"[]"`
 	ServiceMeshCapture []string `yaml:"serviceMeshCapture" json:"serviceMeshCapture"  default:"[]"`
@ -330,6 +334,7 @@ type TapConfig struct {
 	Telemetry                      TelemetryConfig         `yaml:"telemetry" json:"telemetry"`
 	ResourceGuard                  ResourceGuardConfig     `yaml:"resourceGuard" json:"resourceGuard"`
 	Watchdog                       WatchdogConfig          `yaml:"watchdog" json:"watchdog"`
 	Gitops                         GitopsConfig            `yaml:"gitops" json:"gitops"`
 	Sentry                         SentryConfig            `yaml:"sentry" json:"sentry"`
 	DefaultFilter                  string                  `yaml:"defaultFilter" json:"defaultFilter" default:"!dns and !error"`
 	LiveConfigMapChangesDisabled   bool                    `yaml:"liveConfigMapChangesDisabled" json:"liveConfigMapChangesDisabled" default:"false"`
--- a/helm-chart/README.md
+++ b/helm-chart/README.md
@ -210,6 +210,7 @@ Example for overriding image names:
 | `tap.metrics.port`                  | Pod port used to expose Prometheus metrics          | `49100`                                                  |
 | `tap.enabledDissectors`                   | This is an array of strings representing the list of supported protocols. Remove or comment out redundant protocols (e.g., dns).| The default list excludes: `udp` and `tcp` |
 | `tap.mountBpf`                            | BPF filesystem needs to be mounted for eBPF to work properly. This helm value determines whether Kubeshark will attempt to mount the filesystem. This option is not required if filesystem is already mounts. │ `true`|
 | `tap.gitops.enabled`                          | Enable GitOps functionality. This will allow you to use GitOps to manage your Kubeshark configuration. | `false` |
 | `logs.file`                               | Logs dump path                      | `""`                                                    |
 | `pcapdump.enabled`                        | Enable recording of all traffic captured according to other parameters. Whatever Kubeshark captures, considering pod targeting rules, will be stored in pcap files ready to be viewed by tools                 | `true`                                                                                                  |
 | `pcapdump.maxTime`                        | The time window into the past that will be stored. Older traffic will be discarded.  | `2h`  |
--- a/helm-chart/templates/04-hub-deployment.yaml
+++ b/helm-chart/templates/04-hub-deployment.yaml
@ -33,6 +33,9 @@ spec:
            - "8080"
            - -loglevel
            - '{{ .Values.logLevel | default "warning" }}'
            {{- if .Values.tap.gitops.enabled }}
            - -gitops
            {{- end }}
          env:
          - name: POD_NAME
            valueFrom:
--- a/helm-chart/templates/12-config-map.yaml
+++ b/helm-chart/templates/12-config-map.yaml
@ -1,7 +1,7 @@
 kind: ConfigMap
 apiVersion: v1
 metadata:
-  name: kubeshark-config-map-default
+  name: {{ include "kubeshark.configmapName" . }}
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubeshark.co/app: hub
--- a/helm-chart/templates/13-secret.yaml
+++ b/helm-chart/templates/13-secret.yaml
@ -1,7 +1,7 @@
 kind: Secret
 apiVersion: v1
 metadata:
-  name: kubeshark-secret-default
+  name: {{ include "kubeshark.secretName" . }}
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubeshark.co/app: hub
--- a/helm-chart/templates/18-cleanup-job.yaml
+++ b/helm-chart/templates/18-cleanup-job.yaml
@ -1,3 +1,4 @@
 {{ if .Values.tap.gitops.enabled -}}
 apiVersion: batch/v1
 kind: Job
 metadata:
@ -19,6 +20,5 @@ spec:
        {{ else }}
          image: '{{ .Values.tap.docker.registry }}/hub:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (include "kubeshark.defaultVersion" .) }}'
        {{- end }}
-          command: ["/bin/sh", "-c"]
+          command: ["/app/cleanup"]
-          args:
+{{ end -}}
            - "kubectl delete cm kubeshark-config-map || true && kubectl delete secret kubeshark-secret || true"
--- a/helm-chart/templates/_helpers.tpl
+++ b/helm-chart/templates/_helpers.tpl
@ -49,6 +49,18 @@ Create the name of the service account to use
 {{- printf "%s-service-account" .Release.Name }}
 {{- end }}
 {{/*
 Set configmap and secret names based on gitops.enabled
 */}}
 {{- define "kubeshark.configmapName" -}}
 kubeshark-config-map{{ if .Values.tap.gitops.enabled }}-default{{ end }}
 {{- end -}}
 {{- define "kubeshark.secretName" -}}
 kubeshark-secret{{ if .Values.tap.gitops.enabled }}-default{{ end }}
 {{- end -}}
 {{/*
 Escape double quotes in a string
 */}}
--- a/helm-chart/values.yaml
+++ b/helm-chart/values.yaml
@ -151,6 +151,8 @@ tap:
    enabled: false
  watchdog:
    enabled: true
  gitops:
    enabled: false
  sentry:
    enabled: false
    environment: production
--- a/manifests/complete.yaml
+++ b/manifests/complete.yaml
@ -130,7 +130,7 @@ metadata:
 kind: Secret
 apiVersion: v1
 metadata:
-  name: kubeshark-secret-default
+  name: kubeshark-secret
  namespace: default
  labels:
    app.kubeshark.co/app: hub
@ -244,7 +244,7 @@ data:
 kind: ConfigMap
 apiVersion: v1
 metadata:
-  name: kubeshark-config-map-default
+  name: kubeshark-config-map
  namespace: default
  labels:
    app.kubeshark.co/app: hub