Skip to content

Commit

Permalink
Merge pull request #1908 from DelusionalOptimist/feat/host-policy-diff
Browse files Browse the repository at this point in the history 
feat: diff host policy before apply
  • Loading branch information
@DelusionalOptimist
DelusionalOptimist authored Dec 6, 2024
2 parents 67cde68 + 86241f1 commit 6642be5
Showing 1 changed file with 13 additions and 0 deletions.
13 changes: 13 additions & 0 deletions KubeArmor/core/kubeUpdate.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (
"fmt"
"io"
"os"
"reflect"
"sort"
"strconv"
"strings"
Expand Down Expand Up @@ -2271,6 +2272,12 @@ func (dm *KubeArmorDaemon) ParseAndUpdateHostSecurityPolicy(event tp.K8sKubeArmo
new := true
for idx, policy := range dm.HostSecurityPolicies {
if policy.Metadata["policyName"] == secPolicy.Metadata["policyName"] {
if reflect.DeepEqual(policy, secPolicy) {
kg.Debugf("No updates to policy %s", policy.Metadata["policyName"])
dm.HostSecurityPoliciesLock.Unlock()
return pb.PolicyStatus_Applied
}

dm.HostSecurityPolicies[idx] = secPolicy
event.Type = "MODIFIED"
new = false
Expand All @@ -2283,6 +2290,12 @@ func (dm *KubeArmorDaemon) ParseAndUpdateHostSecurityPolicy(event tp.K8sKubeArmo
} else if event.Type == "MODIFIED" {
for idx, policy := range dm.HostSecurityPolicies {
if policy.Metadata["policyName"] == secPolicy.Metadata["policyName"] {
if reflect.DeepEqual(policy, secPolicy) {
kg.Debugf("No updates to policy %s", policy.Metadata["policyName"])
dm.HostSecurityPoliciesLock.Unlock()
return pb.PolicyStatus_Applied
}

dm.HostSecurityPolicies[idx] = secPolicy
break
}
Expand Down

0 comments on commit 6642be5

Please sign in to comment.