From 28ae2a645bf35714843e5f5b5a70bd51087e528d Mon Sep 17 00:00:00 2001 From: Serhii Ponomarenko <116438358+tiptophelmet@users.noreply.github.com> Date: Thu, 18 Jul 2024 23:37:21 +0300 Subject: [PATCH] =?UTF-8?q?=F0=9F=94=A8=20Add=20`tap.stopTrafficCapturingD?= =?UTF-8?q?isabled`=20flag=20(#1568)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * 🔨 Add `tap.stopTrafficCapturingDisabled` helm value * 🔨 Add `STOP_TRAFFIC_CAPTURING_DISABLED` config * 🔨 Add `REACT_APP_STOP_TRAFFIC_CAPTURING_DISABLED` `env` to `front` * 🩹 Add ternary operator for `STOPPED` config * 🐛 Always enable stop-capturing functionality if `tap.stopped == true` --- config/configStructs/tapConfig.go | 71 ++++++++++--------- helm-chart/templates/06-front-deployment.yaml | 6 ++ helm-chart/templates/12-config-map.yaml | 7 +- helm-chart/values.yaml | 1 + 4 files changed, 49 insertions(+), 36 deletions(-) diff --git a/config/configStructs/tapConfig.go b/config/configStructs/tapConfig.go index 73dfb56bd..48ba76209 100644 --- a/config/configStructs/tapConfig.go +++ b/config/configStructs/tapConfig.go @@ -160,41 +160,42 @@ type MiscConfig struct { } type TapConfig struct { - Docker DockerConfig `yaml:"docker" json:"docker"` - Proxy ProxyConfig `yaml:"proxy" json:"proxy"` - PodRegexStr string `yaml:"regex" json:"regex" default:".*"` - Namespaces []string `yaml:"namespaces" json:"namespaces" default:"[]"` - BpfOverride string `yaml:"bpfOverride" json:"bpfOverride" default:""` - Stopped bool `yaml:"stopped" json:"stopped" default:"false"` - Release ReleaseConfig `yaml:"release" json:"release"` - PersistentStorage bool `yaml:"persistentStorage" json:"persistentStorage" default:"false"` - PersistentStorageStatic bool `yaml:"persistentStorageStatic" json:"persistentStorageStatic" default:"false"` - EfsFileSytemIdAndPath string `yaml:"efsFileSytemIdAndPath" json:"efsFileSytemIdAndPath" default:""` - StorageLimit string `yaml:"storageLimit" json:"storageLimit" default:"500Mi"` - StorageClass string `yaml:"storageClass" json:"storageClass" default:"standard"` - DryRun bool `yaml:"dryRun" json:"dryRun" default:"false"` - Resources ResourcesConfig `yaml:"resources" json:"resources"` - ServiceMesh bool `yaml:"serviceMesh" json:"serviceMesh" default:"true"` - Tls bool `yaml:"tls" json:"tls" default:"true"` - PacketCapture string `yaml:"packetCapture" json:"packetCapture" default:"best"` - IgnoreTainted bool `yaml:"ignoreTainted" json:"ignoreTainted" default:"false"` - Labels map[string]string `yaml:"labels" json:"labels" default:"{}"` - Annotations map[string]string `yaml:"annotations" json:"annotations" default:"{}"` - NodeSelectorTerms []v1.NodeSelectorTerm `yaml:"nodeSelectorTerms" json:"nodeSelectorTerms" default:"[]"` - Auth AuthConfig `yaml:"auth" json:"auth"` - Ingress IngressConfig `yaml:"ingress" json:"ingress"` - IPv6 bool `yaml:"ipv6" json:"ipv6" default:"true"` - Debug bool `yaml:"debug" json:"debug" default:"false"` - KernelModule KernelModuleConfig `yaml:"kernelModule" json:"kernelModule"` - Telemetry TelemetryConfig `yaml:"telemetry" json:"telemetry"` - DefaultFilter string `yaml:"defaultFilter" json:"defaultFilter"` - ScriptingDisabled bool `yaml:"scriptingDisabled" json:"scriptingDisabled" default:"false"` - TargetedPodsUpdateDisabled bool `yaml:"targetedPodsUpdateDisabled" json:"targetedPodsUpdateDisabled" default:"false"` - RecordingDisabled bool `yaml:"recordingDisabled" json:"recordingDisabled" default:"false"` - Capabilities CapabilitiesConfig `yaml:"capabilities" json:"capabilities"` - GlobalFilter string `yaml:"globalFilter" json:"globalFilter"` - Metrics MetricsConfig `yaml:"metrics" json:"metrics"` - Misc MiscConfig `yaml:"misc" json:"misc"` + Docker DockerConfig `yaml:"docker" json:"docker"` + Proxy ProxyConfig `yaml:"proxy" json:"proxy"` + PodRegexStr string `yaml:"regex" json:"regex" default:".*"` + Namespaces []string `yaml:"namespaces" json:"namespaces" default:"[]"` + BpfOverride string `yaml:"bpfOverride" json:"bpfOverride" default:""` + Stopped bool `yaml:"stopped" json:"stopped" default:"false"` + Release ReleaseConfig `yaml:"release" json:"release"` + PersistentStorage bool `yaml:"persistentStorage" json:"persistentStorage" default:"false"` + PersistentStorageStatic bool `yaml:"persistentStorageStatic" json:"persistentStorageStatic" default:"false"` + EfsFileSytemIdAndPath string `yaml:"efsFileSytemIdAndPath" json:"efsFileSytemIdAndPath" default:""` + StorageLimit string `yaml:"storageLimit" json:"storageLimit" default:"500Mi"` + StorageClass string `yaml:"storageClass" json:"storageClass" default:"standard"` + DryRun bool `yaml:"dryRun" json:"dryRun" default:"false"` + Resources ResourcesConfig `yaml:"resources" json:"resources"` + ServiceMesh bool `yaml:"serviceMesh" json:"serviceMesh" default:"true"` + Tls bool `yaml:"tls" json:"tls" default:"true"` + PacketCapture string `yaml:"packetCapture" json:"packetCapture" default:"best"` + IgnoreTainted bool `yaml:"ignoreTainted" json:"ignoreTainted" default:"false"` + Labels map[string]string `yaml:"labels" json:"labels" default:"{}"` + Annotations map[string]string `yaml:"annotations" json:"annotations" default:"{}"` + NodeSelectorTerms []v1.NodeSelectorTerm `yaml:"nodeSelectorTerms" json:"nodeSelectorTerms" default:"[]"` + Auth AuthConfig `yaml:"auth" json:"auth"` + Ingress IngressConfig `yaml:"ingress" json:"ingress"` + IPv6 bool `yaml:"ipv6" json:"ipv6" default:"true"` + Debug bool `yaml:"debug" json:"debug" default:"false"` + KernelModule KernelModuleConfig `yaml:"kernelModule" json:"kernelModule"` + Telemetry TelemetryConfig `yaml:"telemetry" json:"telemetry"` + DefaultFilter string `yaml:"defaultFilter" json:"defaultFilter"` + ScriptingDisabled bool `yaml:"scriptingDisabled" json:"scriptingDisabled" default:"false"` + TargetedPodsUpdateDisabled bool `yaml:"targetedPodsUpdateDisabled" json:"targetedPodsUpdateDisabled" default:"false"` + RecordingDisabled bool `yaml:"recordingDisabled" json:"recordingDisabled" default:"false"` + StopTrafficCapturingDisabled bool `yaml:"stopTrafficCapturingDisabled" json:"stopTrafficCapturingDisabled" default:"false"` + Capabilities CapabilitiesConfig `yaml:"capabilities" json:"capabilities"` + GlobalFilter string `yaml:"globalFilter" json:"globalFilter"` + Metrics MetricsConfig `yaml:"metrics" json:"metrics"` + Misc MiscConfig `yaml:"misc" json:"misc"` } func (config *TapConfig) PodRegex() *regexp.Regexp { diff --git a/helm-chart/templates/06-front-deployment.yaml b/helm-chart/templates/06-front-deployment.yaml index 24168c19f..65e25745d 100644 --- a/helm-chart/templates/06-front-deployment.yaml +++ b/helm-chart/templates/06-front-deployment.yaml @@ -46,6 +46,12 @@ spec: value: '{{ eq .Values.tap.packetCapture "ebpf" | ternary "true" "false" }}' - name: REACT_APP_RECORDING_DISABLED value: '{{ .Values.tap.recordingDisabled }}' + - name: REACT_APP_STOP_TRAFFIC_CAPTURING_DISABLED + value: '{{- if and .Values.tap.stopTrafficCapturingDisabled .Values.tap.stopped -}} + false + {{- else -}} + {{ .Values.tap.stopTrafficCapturingDisabled | ternary "true" "false" }} + {{- end -}}' - name: 'REACT_APP_CLOUD_LICENSE_ENABLED' value: '{{- if and .Values.cloudLicenseEnabled (not (empty .Values.license)) -}} "false" diff --git a/helm-chart/templates/12-config-map.yaml b/helm-chart/templates/12-config-map.yaml index 45573ba91..9351825c4 100644 --- a/helm-chart/templates/12-config-map.yaml +++ b/helm-chart/templates/12-config-map.yaml @@ -10,7 +10,7 @@ data: POD_REGEX: '{{ .Values.tap.regex }}' NAMESPACES: '{{ gt (len .Values.tap.namespaces) 0 | ternary (join "," .Values.tap.namespaces) "" }}' BPF_OVERRIDE: '{{ .Values.tap.bpfOverride }}' - STOPPED: '{{ .Values.tap.stopped }}' + STOPPED: '{{ .Values.tap.stopped | ternary "true" "false" }}' SCRIPTING_SCRIPTS: '{}' INGRESS_ENABLED: '{{ .Values.tap.ingress.enabled }}' INGRESS_HOST: '{{ .Values.tap.ingress.host }}' @@ -28,6 +28,11 @@ data: SCRIPTING_DISABLED: '{{ .Values.tap.scriptingDisabled | ternary "true" "" }}' TARGETED_PODS_UPDATE_DISABLED: '{{ .Values.tap.targetedPodsUpdateDisabled | ternary "true" "" }}' RECORDING_DISABLED: '{{ .Values.tap.recordingDisabled | ternary "true" "" }}' + STOP_TRAFFIC_CAPTURING_DISABLED: '{{- if and .Values.tap.stopTrafficCapturingDisabled .Values.tap.stopped -}} + false + {{- else -}} + {{ .Values.tap.stopTrafficCapturingDisabled | ternary "true" "false" }} + {{- end }}' GLOBAL_FILTER: {{ include "kubeshark.escapeDoubleQuotes" .Values.tap.globalFilter | quote }} TRAFFIC_SAMPLE_RATE: '{{ .Values.tap.misc.trafficSampleRate }}' JSON_TTL: '{{ .Values.tap.misc.jsonTTL }}' diff --git a/helm-chart/values.yaml b/helm-chart/values.yaml index e2729993e..c78ea859c 100644 --- a/helm-chart/values.yaml +++ b/helm-chart/values.yaml @@ -98,6 +98,7 @@ tap: scriptingDisabled: false targetedPodsUpdateDisabled: false recordingDisabled: false + stopTrafficCapturingDisabled: false capabilities: networkCapture: - NET_RAW