diff --git a/deployments/nimbus-kubearmor/Chart.yaml b/deployments/nimbus-kubearmor/Chart.yaml index 2e33d805..71b7b5fb 100644 --- a/deployments/nimbus-kubearmor/Chart.yaml +++ b/deployments/nimbus-kubearmor/Chart.yaml @@ -15,10 +15,10 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.1 +version: 0.1.2 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "0.1.1" +appVersion: "0.1.2" diff --git a/deployments/nimbus-kubearmor/templates/deployment.yaml b/deployments/nimbus-kubearmor/templates/daemonset.yaml similarity index 93% rename from deployments/nimbus-kubearmor/templates/deployment.yaml rename to deployments/nimbus-kubearmor/templates/daemonset.yaml index 15609c2e..ff273ce2 100644 --- a/deployments/nimbus-kubearmor/templates/deployment.yaml +++ b/deployments/nimbus-kubearmor/templates/daemonset.yaml @@ -1,12 +1,11 @@ apiVersion: apps/v1 -kind: Deployment +kind: DaemonSet metadata: name: {{ include "nimbus-kubearmor.fullname" . }} labels: {{- include "nimbus-kubearmor.labels" . | nindent 4 }} namespace: {{ .Release.Namespace }} spec: - replicas: {{ .Values.replicaCount }} selector: matchLabels: {{- include "nimbus-kubearmor.selectorLabels" . | nindent 6 }} diff --git a/deployments/nimbus-kubearmor/templates/role.yaml b/deployments/nimbus-kubearmor/templates/role.yaml index 1ef3109c..c195365a 100644 --- a/deployments/nimbus-kubearmor/templates/role.yaml +++ b/deployments/nimbus-kubearmor/templates/role.yaml @@ -12,6 +12,15 @@ rules: - get - list - watch + - apiGroups: + - intent.security.nimbus.com + resources: + - nimbuspolicies/status + - clusternimbuspolicies/status + verbs: + - get + - patch + - update - apiGroups: - security.kubearmor.com resources: diff --git a/deployments/nimbus-kubearmor/values.yaml b/deployments/nimbus-kubearmor/values.yaml index 8691d620..3acaebfa 100644 --- a/deployments/nimbus-kubearmor/values.yaml +++ b/deployments/nimbus-kubearmor/values.yaml @@ -1,7 +1,5 @@ # Default values for nimbus-kubearmor. -replicaCount: 1 - image: repository: 5gsec/nimbus-kubearmor pullPolicy: Always diff --git a/deployments/nimbus-netpol/Chart.yaml b/deployments/nimbus-netpol/Chart.yaml index dbdd11c3..abcde436 100644 --- a/deployments/nimbus-netpol/Chart.yaml +++ b/deployments/nimbus-netpol/Chart.yaml @@ -15,10 +15,10 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.1 +version: 0.1.2 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "0.1.1" +appVersion: "0.1.2" diff --git a/deployments/nimbus-netpol/templates/deployment.yaml b/deployments/nimbus-netpol/templates/daemonset.yaml similarity index 93% rename from deployments/nimbus-netpol/templates/deployment.yaml rename to deployments/nimbus-netpol/templates/daemonset.yaml index 384c68eb..9c53ca92 100644 --- a/deployments/nimbus-netpol/templates/deployment.yaml +++ b/deployments/nimbus-netpol/templates/daemonset.yaml @@ -1,12 +1,11 @@ apiVersion: apps/v1 -kind: Deployment +kind: DaemonSet metadata: name: {{ include "nimbus-netpol.fullname" . }} labels: {{- include "nimbus-netpol.labels" . | nindent 4 }} namespace: {{ .Release.Namespace }} spec: - replicas: {{ .Values.replicaCount }} selector: matchLabels: {{- include "nimbus-netpol.selectorLabels" . | nindent 6 }} diff --git a/deployments/nimbus-netpol/templates/role.yaml b/deployments/nimbus-netpol/templates/role.yaml index 9ddc8fb8..ea4a41e1 100644 --- a/deployments/nimbus-netpol/templates/role.yaml +++ b/deployments/nimbus-netpol/templates/role.yaml @@ -12,6 +12,15 @@ rules: - get - list - watch + - apiGroups: + - intent.security.nimbus.com + resources: + - nimbuspolicies/status + - clusternimbuspolicies/status + verbs: + - get + - patch + - update - apiGroups: - networking.k8s.io resources: diff --git a/deployments/nimbus-netpol/values.yaml b/deployments/nimbus-netpol/values.yaml index 07f823f0..02310caf 100644 --- a/deployments/nimbus-netpol/values.yaml +++ b/deployments/nimbus-netpol/values.yaml @@ -1,7 +1,5 @@ # Default values for nimbus-netpol. -replicaCount: 1 - image: repository: 5gsec/nimbus-netpol pullPolicy: Always diff --git a/deployments/nimbus/Chart.yaml b/deployments/nimbus/Chart.yaml index ec97071e..d036bad3 100644 --- a/deployments/nimbus/Chart.yaml +++ b/deployments/nimbus/Chart.yaml @@ -15,10 +15,10 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.0 +version: 0.1.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "0.1.0" +appVersion: "0.1.1" diff --git a/deployments/nimbus/templates/crds.yaml b/deployments/nimbus/templates/crds.yaml index 879da3db..1211d446 100644 --- a/deployments/nimbus/templates/crds.yaml +++ b/deployments/nimbus/templates/crds.yaml @@ -1,6 +1,8 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 name: clusternimbuspolicies.intent.security.nimbus.com spec: group: intent.security.nimbus.com @@ -17,6 +19,12 @@ spec: - jsonPath: .status.status name: Status type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.numberOfAdapterPolicies + name: Policies + type: integer name: v1 schema: openAPIV3Schema: @@ -51,8 +59,6 @@ spec: properties: action: type: string - mode: - type: string params: additionalProperties: items: @@ -61,7 +67,6 @@ spec: type: object required: - action - - mode type: object type: type: string @@ -102,9 +107,20 @@ spec: status: description: ClusterNimbusPolicyStatus defines the observed state of ClusterNimbusPolicy properties: + adapterPolicies: + items: + type: string + type: array + lastUpdated: + format: date-time + type: string + numberOfAdapterPolicies: + format: int32 + type: integer status: type: string required: + - numberOfAdapterPolicies - status type: object type: object @@ -116,6 +132,8 @@ spec: apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 name: clustersecurityintentbindings.intent.security.nimbus.com spec: group: intent.security.nimbus.com @@ -132,6 +150,15 @@ spec: - jsonPath: .status.status name: Status type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.numberOfBoundIntents + name: Intents + type: integer + - jsonPath: .status.clusterNimbusPolicy + name: ClusterNimbusPolicy + type: string name: v1 schema: openAPIV3Schema: @@ -198,9 +225,23 @@ spec: description: ClusterSecurityIntentBindingStatus defines the observed state of ClusterSecurityIntentBinding properties: + boundIntents: + items: + type: string + type: array + clusterNimbusPolicy: + type: string + lastUpdated: + format: date-time + type: string + numberOfBoundIntents: + format: int32 + type: integer status: type: string required: + - clusterNimbusPolicy + - numberOfBoundIntents - status type: object type: object @@ -212,6 +253,8 @@ spec: apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 name: nimbuspolicies.intent.security.nimbus.com spec: group: intent.security.nimbus.com @@ -228,6 +271,12 @@ spec: - jsonPath: .status.status name: Status type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.numberOfAdapterPolicies + name: Policies + type: integer name: v1 schema: openAPIV3Schema: @@ -263,8 +312,6 @@ spec: properties: action: type: string - mode: - type: string params: additionalProperties: items: @@ -273,7 +320,6 @@ spec: type: object required: - action - - mode type: object type: type: string @@ -302,9 +348,20 @@ spec: status: description: NimbusPolicyStatus defines the observed state of NimbusPolicy properties: + adapterPolicies: + items: + type: string + type: array + lastUpdated: + format: date-time + type: string + numberOfAdapterPolicies: + format: int32 + type: integer status: type: string required: + - numberOfAdapterPolicies - status type: object type: object @@ -316,6 +373,8 @@ spec: apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 name: securityintentbindings.intent.security.nimbus.com spec: group: intent.security.nimbus.com @@ -332,6 +391,15 @@ spec: - jsonPath: .status.status name: Status type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.numberOfBoundIntents + name: Intents + type: integer + - jsonPath: .status.nimbusPolicy + name: NimbusPolicy + type: string name: v1 schema: openAPIV3Schema: @@ -418,9 +486,23 @@ spec: description: SecurityIntentBindingStatus defines the observed state of SecurityIntentBinding properties: + boundIntents: + items: + type: string + type: array + lastUpdated: + format: date-time + type: string + nimbusPolicy: + type: string + numberOfBoundIntents: + format: int32 + type: integer status: type: string required: + - nimbusPolicy + - numberOfBoundIntents - status type: object type: object @@ -432,6 +514,8 @@ spec: apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 name: securityintents.intent.security.nimbus.com spec: group: intent.security.nimbus.com @@ -448,6 +532,17 @@ spec: - jsonPath: .status.status name: Status type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .spec.intent.id + name: ID + priority: 1 + type: string + - jsonPath: .spec.intent.action + name: Action + priority: 1 + type: string name: v1 schema: openAPIV3Schema: @@ -483,11 +578,6 @@ spec: engines to generate corresponding security policies. pattern: ^[a-zA-Z0-9]*$ type: string - mode: - default: best-effort - description: Mode defines the enforcement behavior of the intent. - Defaults to best-effort. - type: string params: additionalProperties: items: @@ -518,13 +608,19 @@ spec: status: description: SecurityIntentStatus defines the observed state of SecurityIntent properties: + action: + type: string + id: + type: string status: type: string required: + - action + - id - status type: object type: object served: true storage: true subresources: - status: {} \ No newline at end of file + status: {}