✨ In case of tap re-run, update the config and start a proxy

2025-05-02 21:59:17 +00:00 · 2023-09-25 23:21:38 +03:00 · 2023-09-25 23:21:38 +03:00 · 5bd44b57f4
commit 5bd44b57f4
parent 41dacbff1a
7 changed files with 94 additions and 18 deletions
--- a/cmd/pro.go
+++ b/cmd/pro.go
@ -74,13 +74,17 @@ func updateLicense(licenseKey string) {
 		log.Error().Err(err).Send()
 		return
 	}
-	err = kubernetes.SetSecret(kubernetesProvider, "LICENSE", config.Config.License)
+	updated, err := kubernetes.SetSecret(kubernetesProvider, kubernetes.SECRET_LICENSE, config.Config.License)
 	if err != nil {
 		log.Error().Err(err).Send()
 		return
 	}

-	log.Info().Msg("Updated the license. Exiting.")
+	if updated {
+		log.Info().Msg("Updated the license, exiting...")
+	} else {
+		log.Info().Msg("Exiting...")
+	}

 	go func() {
 		time.Sleep(2 * time.Second)
--- a/cmd/tapRunner.go
+++ b/cmd/tapRunner.go
@ -2,9 +2,11 @@ package cmd

 import (
 	"context"
+	"encoding/json"
 	"fmt"
 	"os"
 	"regexp"
+	"strings"
 	"sync"
 	"time"

@ -101,18 +103,24 @@ func tap() {
 		config.Config.Tap.Release.Namespace,
 	).Install()
 	if err != nil {
-		log.Error().Err(err).Send()
-		os.Exit(1)
+		if err.Error() != "cannot re-use a name that is still in use" {
+			log.Error().Err(err).Send()
+			os.Exit(1)
+		}
+		log.Info().Msg("Found an existing installation, skipping Helm install...")
+
+		updateConfig(kubernetesProvider)
+		postFrontStarted(ctx, kubernetesProvider, cancel)
 	} else {
 		log.Info().Msgf("Installed the Helm release: %s", rel.Name)
+
+		go watchHubEvents(ctx, kubernetesProvider, cancel)
+		go watchHubPod(ctx, kubernetesProvider, cancel)
+		go watchFrontPod(ctx, kubernetesProvider, cancel)
 	}

 	defer finishTapExecution(kubernetesProvider)

-	go watchHubEvents(ctx, kubernetesProvider, cancel)
-	go watchHubPod(ctx, kubernetesProvider, cancel)
-	go watchFrontPod(ctx, kubernetesProvider, cancel)
-
 	// block until exit signal or error
 	utils.WaitForTermination(ctx, cancel)

@ -436,3 +444,25 @@ func postFrontStarted(ctx context.Context, kubernetesProvider *kubernetes.Provid
 		utils.OpenBrowser(url)
 	}
 }
+
+func updateConfig(kubernetesProvider *kubernetes.Provider) {
+	_, _ = kubernetes.SetSecret(kubernetesProvider, kubernetes.SECRET_LICENSE, config.Config.License)
+	_, _ = kubernetes.SetConfig(kubernetesProvider, kubernetes.CONFIG_POD_REGEX, config.Config.Tap.PodRegexStr)
+	_, _ = kubernetes.SetConfig(kubernetesProvider, kubernetes.CONFIG_NAMESPACES, strings.Join(config.Config.Tap.Namespaces, ","))
+
+	data, err := json.Marshal(config.Config.Scripting.Env)
+	if err != nil {
+		log.Error().Str("config", kubernetes.CONFIG_SCRIPTING_ENV).Err(err).Send()
+		return
+	} else {
+		_, _ = kubernetes.SetConfig(kubernetesProvider, kubernetes.CONFIG_SCRIPTING_ENV, string(data))
+	}
+
+	authEnabled := ""
+	if config.Config.Tap.Auth.Enabled {
+		authEnabled = "true"
+	}
+	_, _ = kubernetes.SetConfig(kubernetesProvider, kubernetes.CONFIG_AUTH_ENABLED, authEnabled)
+	_, _ = kubernetes.SetConfig(kubernetesProvider, kubernetes.CONFIG_AUTH_APPROVED_EMAILS, strings.Join(config.Config.Tap.Auth.ApprovedEmails, ","))
+	_, _ = kubernetes.SetConfig(kubernetesProvider, kubernetes.CONFIG_AUTH_APPROVED_DOMAINS, strings.Join(config.Config.Tap.Auth.ApprovedDomains, ","))
+}
--- a/config/configStructs/scriptingConfig.go
+++ b/config/configStructs/scriptingConfig.go
@ -10,7 +10,7 @@ import (
 )

 type ScriptingConfig struct {
-	Env          map[string]interface{} `yaml:"env" json:"env"`
+	Env          map[string]interface{} `yaml:"env" json:"env" default:"{}"`
 	Source       string                 `yaml:"source" json:"source" default:""`
 	WatchScripts bool                   `yaml:"watchscripts" json:"watchscripts" default:"true"`
 }
--- a/kubernetes/config.go
+++ b/kubernetes/config.go
@ -4,23 +4,65 @@ import (
 	"context"

 	"github.com/kubeshark/kubeshark/config"
+	"github.com/rs/zerolog/log"
 	v1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )

 const (
-	SUFFIX_SECRET = "secret"
+	SUFFIX_SECRET                = "secret"
+	SUFFIX_CONFIG_MAP            = "config-map"
+	SECRET_LICENSE               = "LICENSE"
+	CONFIG_POD_REGEX             = "POD_REGEX"
+	CONFIG_NAMESPACES            = "NAMESPACES"
+	CONFIG_SCRIPTING_ENV         = "SCRIPTING_ENV"
+	CONFIG_AUTH_ENABLED          = "AUTH_ENABLED"
+	CONFIG_AUTH_APPROVED_EMAILS  = "AUTH_APPROVED_EMAILS"
+	CONFIG_AUTH_APPROVED_DOMAINS = "AUTH_APPROVED_DOMAINS"
 )

-func SetSecret(provider *Provider, key string, value string) (err error) {
+func SetSecret(provider *Provider, key string, value string) (updated bool, err error) {
 	var secret *v1.Secret
-	secret, err = provider.clientSet.CoreV1().Secrets(config.Config.Tap.Release.Namespace).Get(context.TODO(), SelfResourcesPrefix+SUFFIX_SECRET, metav1.GetOptions{})
+	secret, err = provider.clientSet.CoreV1().Secrets(config.Config.Tap.Release.Namespace).Get(context.TODO(), SELF_RESOURCES_PREFIX+SUFFIX_SECRET, metav1.GetOptions{})
 	if err != nil {
 		return
 	}

-	secret.StringData[key] = value
+	if secret.StringData[key] != value {
+		updated = true
+	}
+	secret.Data[key] = []byte(value)

 	_, err = provider.clientSet.CoreV1().Secrets(config.Config.Tap.Release.Namespace).Update(context.TODO(), secret, metav1.UpdateOptions{})
+	if err == nil {
+		if updated {
+			log.Info().Str("secret", key).Str("value", value).Msg("Updated:")
+		}
+	} else {
+		log.Error().Str("secret", key).Err(err).Send()
+	}
+	return
+}
+
+func SetConfig(provider *Provider, key string, value string) (updated bool, err error) {
+	var configMap *v1.ConfigMap
+	configMap, err = provider.clientSet.CoreV1().ConfigMaps(config.Config.Tap.Release.Namespace).Get(context.TODO(), SELF_RESOURCES_PREFIX+SUFFIX_CONFIG_MAP, metav1.GetOptions{})
+	if err != nil {
+		return
+	}
+
+	if configMap.Data[key] != value {
+		updated = true
+	}
+	configMap.Data[key] = value
+
+	_, err = provider.clientSet.CoreV1().ConfigMaps(config.Config.Tap.Release.Namespace).Update(context.TODO(), configMap, metav1.UpdateOptions{})
+	if err == nil {
+		if updated {
+			log.Info().Str("config", key).Str("value", value).Msg("Updated:")
+		}
+	} else {
+		log.Error().Str("config", key).Err(err).Send()
+	}
 	return
 }
--- a/kubernetes/consts.go
+++ b/kubernetes/consts.go
@ -1,10 +1,10 @@
 package kubernetes

 const (
-	SelfResourcesPrefix        = "kubeshark-"
-	FrontPodName               = SelfResourcesPrefix + "front"
+	SELF_RESOURCES_PREFIX      = "kubeshark-"
+	FrontPodName               = SELF_RESOURCES_PREFIX + "front"
 	FrontServiceName           = FrontPodName
-	HubPodName                 = SelfResourcesPrefix + "hub"
+	HubPodName                 = SELF_RESOURCES_PREFIX + "hub"
 	HubServiceName             = HubPodName
 	K8sAllNamespaces           = ""
 	MinKubernetesServerVersion = "1.16.0"
--- a/kubernetes/proxy.go
+++ b/kubernetes/proxy.go
@ -106,7 +106,7 @@ func getRerouteHttpHandlerSelfStatic(proxyHandler http.Handler, selfNamespace st
 }

 func NewPortForward(kubernetesProvider *Provider, namespace string, podRegex *regexp.Regexp, srcPort uint16, dstPort uint16, ctx context.Context) (*portforward.PortForwarder, error) {
-	pods, err := kubernetesProvider.ListPodsByAppLabel(ctx, namespace, map[string]string{"app.kubeshark.co/app": "hub"})
+	pods, err := kubernetesProvider.ListPodsByAppLabel(ctx, namespace, map[string]string{"app.kubeshark.co/app": "front"})
 	if err != nil {
 		return nil, err
 	} else if len(pods) == 0 {
--- a/misc/fsUtils/kubesharkLogsUtils.go
+++ b/misc/fsUtils/kubesharkLogsUtils.go
@ -14,7 +14,7 @@ import (
 )

 func DumpLogs(ctx context.Context, provider *kubernetes.Provider, filePath string) error {
-	podExactRegex := regexp.MustCompile("^" + kubernetes.SelfResourcesPrefix)
+	podExactRegex := regexp.MustCompile("^" + kubernetes.SELF_RESOURCES_PREFIX)
 	pods, err := provider.ListAllPodsMatchingRegex(ctx, podExactRegex, []string{config.Config.Tap.Release.Namespace})
 	if err != nil {
 		return err