initial uploads

Signed-off-by: Jaehyun Nam <[email protected]>

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,33 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: '"[Bug] "'
+labels: bug
+assignees: ''
+
+---
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+Steps to reproduce the behavior:
+1. Go to '...'
+2. Click on '....'
+3. Scroll down to '....'
+4. See error
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Screenshots**
+If applicable, add screenshots to help explain your problem.
+
+**Environment (please complete the following information):**
+ - OS: [e.g. Ubuntu 22.04]
+ - Numbat Versions: [e.g. v0.1]
+ - Kubernetes Environment: [tip: Please include CRI and CNI as well as their versions]
+ - Istio Environment: [tip: Please include Istio version as well as the install profiles]
+
+**Additional context**
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,20 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: "[REQUEST]"
+labels: enhancement
+assignees: ''
+
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.

.github/workflows/ci-test-go.yml

@@ -0,0 +1,56 @@
+name: ci-test-go
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  go-fmt-sentryflow:
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: actions/setup-go@v3
+        with:
+          go-version: "v1.19.1"
+
+      - name: Check go-fmt
+        run: make gofmt
+        working-directory: sentryflow
+
+  go-lint-sentryflow:
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: actions/setup-go@v3
+        with:
+          go-version: "v1.19.1"
+
+      - name: Check Golint 
+        run: make golint
+        working-directory: sentryflow
+
+  go-sec-sentryflow:
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: actions/setup-go@v3
+        with:
+          go-version: "v1.19.1"
+
+      - name: Run Gosec Security Scanner
+        run: make gosec
+        working-directory: sentryflow
+
+  license:
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Check License Header
+        uses: apache/skywalking-eyes@a790ab8dd23a7f861c18bd6aaa9b012e3a234bce
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/sentryflow-pr-checks.yml

@@ -0,0 +1,30 @@
+name: sentryflow-pr-checks
+
+on:
+  pull_request:
+    branches: [main]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    - name: Setup Docker Build
+      uses: docker/setup-buildx-action@v1
+
+    - name: Get tag
+      id: tag
+      run: |
+        if [ ${{ github.ref }} == "refs/heads/main" ]; then
+          echo "tag=latest" >> $GITHUB_OUTPUT
+        else
+          echo "tag=tmp" >> $GITHUB_OUTPUT
+        fi
+
+    - name: Build Docker Image
+      working-directory: ./sentryflow
+      run: |
+         make TAG=${{ steps.tag.outputs.tag }} image

.github/workflows/sentryflow-release-image.yml

@@ -0,0 +1,40 @@
+name: sentryflow-release-image
+
+on:
+  push:
+    branches: [main]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    - name: Setup Docker Build
+      uses: docker/setup-buildx-action@v1
+
+    # - name: Login to DockerHub
+    #   uses: docker/login-action@v1
+    #   with:
+    #     username: ${{ secrets.DOCKERHUB_USERNAME }}
+    #     password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+    - name: Get tag
+      id: tag
+      run: |
+        if [ ${{ github.ref }} == "refs/heads/main" ]; then
+          echo "tag=latest" >> $GITHUB_OUTPUT
+        else
+          echo "tag=tmp" >> $GITHUB_OUTPUT
+        fi
+
+    - name: Build Docker Image
+      working-directory: ./sentryflow
+      run: |
+         make TAG=${{ steps.tag.outputs.tag }} image
+
+    # - name: Push Docker Image
+    #   run: |
+    #      docker push boanlab/sentryflow:${{ steps.tag.outputs.tag }}

.gitignore

@@ -0,0 +1 @@
+.DS_Store

.licenserc.yaml

@@ -0,0 +1,20 @@
+header:
+  license:
+    spdx-id: Apache-2.0
+    copyright-owner: SentryFlow
+    content: |
+      SPDX-License-Identifier: Apache-2.0
+
+  paths:
+    - "**/*.go"
+    - "**/Dockerfile"
+    - "**/Makefile"
+
+  paths-ignore:
+    - "protobuf/*"
+
+  comment: on-failure
+
+dependency:
+  files:
+    - go.mod

README.md

@@ -1,2 +1,24 @@
+
 # SentryFlow
-API Observability and Security
+
+[![SentryFlow Docker Build](https://github.com/5GSEC/sentryflow/actions/workflows/sentryflow-release-image.yml/badge.svg)](https://github.com/5GSEC/sentryflow/actions/workflows/sentryflow-release-image.yml) [![CI Test](https://github.com/5GSEC/sentryflow/actions/workflows/ci-test-go.yml/badge.svg)](https://github.com/5GSEC/sentryflow/actions/workflows/ci-test-go.yml)
+
+SentryFlow is a cloud-native system for API observability and security, specializing in log collection, metric production, and data exportation.
+
+## Architecture Overview
+
+![Sentryflow Overview](docs/sentryflow_overview.png)
+
+### Features
+- Generation of API Access Logs
+- Proudction of API Metrics and Statistics
+- Inference of API Specifications
+
+## Documentation
+
+### Basic Information
+- [Getting Started](docs/getting_started.md)
+- [Use Cases](examples/README.md)
+
+### Contribution
+- [Contribution Guide](contribution/README.md)

contribution/README.md

@@ -0,0 +1,88 @@
+# Development Guide
+
+SentryFlow operates within an Istio environment on Kubernetes, indicating that contributors to our project will need to have an Istio environment set up.
+
+To minimize the hassle of installing and uninstalling Kubernetes and configuring Istio solely for our project, we have provided a straightforward Vagrantfile. This Vagrantfile initializes an Ubuntu virtual machine equipped with a fully operational Kubernetes and Istio environment.
+
+## 1. Prerequisites
+
+We employ Vagrant to provision VirtualBox virtual machines, creating a Kubernetes environment. As such, it is highly recommended to install the following package versions in your local environment:
+
+- **[Vagrant](https://www.vagrantup.com/)** - v2.2.9
+- **[VirtualBox](https://www.virtualbox.org/)** - v6.1
+
+## 2. Starting up a VM
+
+We have configured a Vagrantfile that initiates an Ubuntu 22.04 machine with Kubernetes pre-installed. The setup for Kubernetes is as described below:
+
+> **Note:** Although Kubernetes officially advises the use of containerd over Docker as the Container Runtime Interface (CRI), we have chosen to use Docker as the CRI within our Kubernetes setup. This decision facilitates the building and testing of SentryFlow and its client images.
+
+- Kubernetes: 1.23
+- [CRI] Docker: 24.0.7
+- [CNI] Calico: 0.3.1
+
+To proceed, execute the following command within the `contribution/` directory:
+
+```bash
+$ vagrant up
+Bringing machine 'sentryflow' up with 'virtualbox' provider...
+==> sentryflow: Importing base box 'generic/ubuntu2204'...
+==> sentryflow: Matching MAC address for NAT networking...
+==> sentryflow: Checking if box 'generic/ubuntu2204' version '4.3.10' is up to date...
+...
+    sentryflow: clusterrolebinding.rbac.authorization.k8s.io/calico-node created
+    sentryflow: clusterrolebinding.rbac.authorization.k8s.io/calico-cni-plugin created
+    sentryflow: daemonset.apps/calico-node created
+    sentryflow: deployment.apps/calico-kube-controllers created
+```
+
+This command will initiate the installation of the necessary development environment. The duration of this process may vary, primarily depending on the speed of your network connection, and could take several minutes to complete.
+
+## 3. Development and Code Quality
+
+### Development
+
+After Vagrant has been successfully initialized, you can access the Istio and Kubernetes environment by executing the following steps:
+
+```
+$ vagrant ssh
+```
+
+The source code for SentryFlow will be located in `/home/vagrant/sentryflow` within the virtual environment, and this directory will also be synchronized with the current work directory on the host machine.
+
+After making modifications to the source code of SentryFlow, you can build the changes by moving to the `sentryflow` directory and running the Makefile.
+
+```
+make build
+```
+
+Executing the Makefile will result in the construction of container images, each tagged as specified.
+
+### Code Quality
+
+To maintain a clean and secure code base for SentryFlow, we conduct several checks, including `gofmt` for code formatting, `golint` for code style and linting, and `gosec` for security scanning.
+
+To evaluate the quality of your code, navigate to the `sentryflow` directory and execute the following commands:
+
+```
+make golint # will run golint checks
+make gofmt # will run gofmt checks
+make gosec # will run gosec checks
+```
+
+### Pull Request
+
+Once everything is correctly set up, you are ready to create a pull request. Please refer to our guidelines for submitting PRs.
+
+## 4. Cleaning Up
+
+If you have successfully made changes to SentryFlow and wish to clean up the created workspace, you can simply use the following command:
+
+```
+$ vagrant destroy
+    sentryflow: Are you sure you want to destroy the 'sentryflow' VM? [y/N] y
+==> sentryflow: Forcing shutdown of VM...
+==> sentryflow: Destroying VM and associated drives...
+```
+
+Executing the command will terminate and remove the VM that you were working on.

contribution/vagrant/.gitignore

@@ -0,0 +1 @@
+.vagrant/

contribution/vagrant/Vagrantfile

@@ -0,0 +1,51 @@
+Vagrant.require_version ">= 2.0.0"
+
+VM_NAME = "sentryflow"
+IMG_NAME = "generic/ubuntu2204"
+
+NUM_OF_VCPUS = 4
+SIZE_OF_VMEM = 4096
+
+## == ##
+
+# create ssh keys if needed
+system("
+    if [ #{ARGV[0]} = 'up' ]; then
+      if [ ! -f ~/.ssh/id_rsa ]; then
+        echo '~/.ssh/id_rsa keys does not exist.'
+        ssh-keygen -t rsa -b 2048 -f ~/.ssh/id_rsa
+      fi
+    fi
+")
+
+## == ##
+
+Vagrant.configure("2") do |config|
+  # vagrant@VM_NAME
+  config.vm.hostname = VM_NAME
+
+  config.vm.define VM_NAME do |cfg|
+    cfg.vm.box = IMG_NAME
+
+    cfg.vm.provider "virtualbox" do |vb|
+      vb.memory = SIZE_OF_VMEM
+      vb.cpus = NUM_OF_VCPUS
+    end
+  end
+
+  # sync directories
+  config.vm.synced_folder "../../", "/home/vagrant/sentryflow", owner:"vagrant", group:"vagrant"
+
+  # configure SSH
+  config.ssh.insert_key = false
+
+  # copy ssh keys
+  config.vm.provision "file", source: "~/.ssh/id_rsa.pub", destination: "/home/vagrant/.ssh/id_rsa.pub"
+  config.vm.provision :shell, :inline => "cat /home/vagrant/.ssh/id_rsa.pub >> /home/vagrant/.ssh/authorized_keys", run: "always"
+
+  # copy git config
+  config.vm.provision :file, source: "~/.gitconfig", destination: "$HOME/.gitconfig"
+
+  # setup k8s and IStio
+  config.vm.provision "shell", path: "setup.sh"
+end

contribution/vagrant/install-scripts/install-kvm.sh

@@ -0,0 +1,13 @@
+#!/bin/bash
+
+. /etc/os-release
+
+if [ "$NAME" != "Ubuntu" ]; then
+    echo "This script is for Ubuntu."
+    exit
+fi
+
+# install kvm and dependencies
+sudo apt-get install -y bridge-utils libguestfs-tools \
+                        libvirt-daemon-system libvirt-clients libvirt-daemon libvirt-dev \
+                        qemu-system qemu-kvm virt-manager