fix: probe command

cmd/probe.go

@@ -22,10 +22,8 @@ and what KubeArmor features will be supported e.g: observability, enforcement, e
 If KubeArmor is running, It probes which environment KubeArmor is running on (e.g: systemd mode, kubernetes etc.), 
 the supported KubeArmor features in the environment, the pods being handled by KubeArmor and the policies running on each of these pods`,
 	RunE: func(cmd *cobra.Command, args []string) error {
-
 		err := probe.PrintProbeResult(client, probeInstallOptions)
 		return err
-
 	},
 }
 

cmd/recommend.go

@@ -18,17 +18,17 @@
 	Use:   "recommend",
 	Short: "Recommend Policies",
 	Long:  `Recommend policies based on container image, k8s manifest or the actual runtime env`,
 	RunE: func(cmd *cobra.Command, args []string) error {
 		err := recommend.Recommend(client, recommendOptions, genericpolicies.GenericPolicy{})
 		return err
 	},
 }
+
 var updateCmd = &cobra.Command{
 	Use:   "update",
 	Short: "Updates policy-template cache",
 	Long:  "Updates the local cache of policy-templates ($HOME/.cache/karmor)",
 	RunE: func(cmd *cobra.Command, args []string) error {
-
 		if _, err := genericpolicies.DownloadAndUnzipRelease(); err != nil {
 			return err
 		}

cmd/root.go

@@ -14,10 +14,10 @@
 
 // rootCmd represents the base command when called without any subcommands
 var rootCmd = &cobra.Command{
 	PersistentPreRunE: func(cmd *cobra.Command, args []string) error {
 		var err error
 
-		//Initialise k8sClient for all child commands to inherit
+		// Initialise k8sClient for all child commands to inherit
 		client, err = k8s.ConnectK8sClient()
 		// fmt.Printf("%v", client.K8sClientset)
 		if err != nil {

cmd/rotate-tls.go

@@ -5,18 +5,20 @@ import (
 	"github.com/spf13/cobra"
 )
 
-var namespace string
-var rotateCmd = &cobra.Command{
-	Use:   "rotate-tls",
-	Short: "Rotate webhook controller tls certificates",
-	Long:  `Rotate webhook controller tls certificates`,
-	RunE: func(cmd *cobra.Command, args []string) error {
-		if err := rotatetls.RotateTLS(client, namespace); err != nil {
-			return err
-		}
-		return nil
-	},
-}
+var (
+	namespace string
+	rotateCmd = &cobra.Command{
+		Use:   "rotate-tls",
+		Short: "Rotate webhook controller tls certificates",
+		Long:  `Rotate webhook controller tls certificates`,
+		RunE: func(cmd *cobra.Command, args []string) error {
+			if err := rotatetls.RotateTLS(client, namespace); err != nil {
+				return err
+			}
+			return nil
+		},
+	}
+)
 
 func init() {
 	rootCmd.AddCommand(rotateCmd)

cmd/vm.go

@@ -16,7 +16,7 @@ var (
 	HTTPIP string
 	// HTTPPort : Port of the http request
 	HTTPPort string
-	//IsKvmsEnv : Is kubearmor virtual machine env?
+	// IsKvmsEnv : Is kubearmor virtual machine env?
 	IsKvmsEnv bool
 )
 

cmd/vmlabel.go

@@ -10,9 +10,7 @@ import (
 	"github.com/spf13/cobra"
 )
 
-var (
-	labelOptions vm.LabelOptions
-)
+var labelOptions vm.LabelOptions
 
 // vmLabelCmd represents the vm command for label management
 var vmLabelCmd = &cobra.Command{

deployment/probedeployment.go

@@ -16,25 +16,24 @@ var Karmorprobe = "karmor-probe"
 
 // GenerateDaemonSet Function
 func GenerateDaemonSet(namespace string, krnhdr bool) *appsv1.DaemonSet {
-
-	var label = map[string]string{
+	label := map[string]string{
 		"kubearmor-app": Karmorprobe,
 	}
-	var privileged = bool(true)
-	var terminationGracePeriodSeconds = int64(30)
-	var args = []string{
+	privileged := bool(true)
+	terminationGracePeriodSeconds := int64(30)
+	args := []string{
 		"while true; do sleep 30; done;",
 	}
 
-	var volumeMounts = []corev1.VolumeMount{
+	volumeMounts := []corev1.VolumeMount{
 		{
-			Name:      "lsm-path", //lsm (read-only)
+			Name:      "lsm-path", // lsm (read-only)
 			MountPath: "/sys/kernel/security",
 			ReadOnly:  true,
 		},
 	}
 
-	var volumes = []corev1.Volume{
+	volumes := []corev1.Volume{
 		{
 			Name: "lsm-path",
 			VolumeSource: corev1.VolumeSource{
@@ -48,12 +47,12 @@ func GenerateDaemonSet(namespace string, krnhdr bool) *appsv1.DaemonSet {
 	if krnhdr {
 		volumeMounts = append(volumeMounts, []corev1.VolumeMount{
 			{
-				Name:      "lib-modules", //lib modules (read-only)
+				Name:      "lib-modules", // lib modules (read-only)
 				MountPath: "/lib/modules",
 				ReadOnly:  true,
 			},
 			{
-				Name:      "kernel-header", //kernel header (read-only)
+				Name:      "kernel-header", // kernel header (read-only)
 				MountPath: "/usr/src",
 				ReadOnly:  true,
 			},

go.mod

@@ -34,7 +34,7 @@ require (
 	github.com/accuknox/auto-policy-discovery/src v0.0.0-20230912162532-0b5b73425c5a
 	github.com/charmbracelet/bubbles v0.17.1
 	github.com/charmbracelet/bubbletea v0.25.0
-	github.com/charmbracelet/lipgloss v0.9.1
+	github.com/charmbracelet/lipgloss v0.10.0
 	github.com/deckarep/golang-set/v2 v2.6.0
 	github.com/evertras/bubble-table v0.15.6
 	github.com/google/go-cmp v0.6.0
@@ -287,7 +287,7 @@ require (
 	github.com/protocolbuffers/txtpbfmt v0.0.0-20231025115547-084445ff1adf // indirect
 	github.com/r3labs/diff v1.1.0 // indirect
 	github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 // indirect
-	github.com/rivo/uniseg v0.4.4 // indirect
+	github.com/rivo/uniseg v0.4.7 // indirect
 	github.com/robfig/cron v1.2.0 // indirect
 	github.com/rogpeppe/go-internal v1.12.0 // indirect
 	github.com/rubenv/sql-migrate v1.6.0 // indirect

go.sum

@@ -1066,8 +1066,8 @@ github.com/charmbracelet/bubbles v0.17.1 h1:0SIyjOnkrsfDo88YvPgAWvZMwXe26TP6drRv
 github.com/charmbracelet/bubbles v0.17.1/go.mod h1:9HxZWlkCqz2PRwsCbYl7a3KXvGzFaDHpYbSYMJ+nE3o=
 github.com/charmbracelet/bubbletea v0.25.0 h1:bAfwk7jRz7FKFl9RzlIULPkStffg5k6pNt5dywy4TcM=
 github.com/charmbracelet/bubbletea v0.25.0/go.mod h1:EN3QDR1T5ZdWmdfDzYcqOCAps45+QIJbLOBxmVNWNNg=
-github.com/charmbracelet/lipgloss v0.9.1 h1:PNyd3jvaJbg4jRHKWXnCj1akQm4rh8dbEzN1p/u1KWg=
-github.com/charmbracelet/lipgloss v0.9.1/go.mod h1:1mPmG4cxScwUQALAAnacHaigiiHB9Pmr+v1VEawJl6I=
+github.com/charmbracelet/lipgloss v0.10.0 h1:KWeXFSexGcfahHX+54URiZGkBFazf70JNMtwg/AFW3s=
+github.com/charmbracelet/lipgloss v0.10.0/go.mod h1:Wig9DSfvANsxqkRsqj6x87irdy123SR4dOXlKa91ciE=
 github.com/chavacava/garif v0.0.0-20210405163807-87a70f3d418b/go.mod h1:Qjyv4H3//PWVzTeCezG2b9IRn6myJxJSr4TD/xo6ojU=
 github.com/chrismellard/docker-credential-acr-env v0.0.0-20230304212654-82a0ddb27589 h1:krfRl01rzPzxSxyLyrChD+U+MzsBXbm0OwYYB67uF+4=
 github.com/chrismellard/docker-credential-acr-env v0.0.0-20230304212654-82a0ddb27589/go.mod h1:OuDyvmLnMCwa2ep4Jkm6nyA0ocJuZlGyk2gGseVzERM=
@@ -2186,8 +2186,8 @@ github.com/rhysd/go-github-selfupdate v1.2.3 h1:iaa+J202f+Nc+A8zi75uccC8Wg3omaM7
 github.com/rhysd/go-github-selfupdate v1.2.3/go.mod h1:mp/N8zj6jFfBQy/XMYoWsmfzxazpPAODuqarmPDe2Rg=
 github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
 github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
-github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis=
-github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
+github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ=
+github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
 github.com/robfig/cron v1.2.0 h1:ZjScXvvxeQ63Dbyxy76Fj3AT3Ut0aKsyd2/tl3DTMuQ=
 github.com/robfig/cron v1.2.0/go.mod h1:JGuDeoQd7Z6yL4zQhZ3OPEVHB7fL6Ka6skscFHfmt2k=
 github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=

install/customResource.go

@@ -8,10 +8,12 @@ import (
 	apiextensions "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 )
 
-var kspName = "kubearmorpolicies.security.kubearmor.com"
-var hspName = "kubearmorhostpolicies.security.kubearmor.com"
-var cspName = "kubearmorclusterpolicies.security.kubearmor.com"
-var kocName = "kubearmorconfigs.operator.kubearmor.com"
+var (
+	kspName = "kubearmorpolicies.security.kubearmor.com"
+	hspName = "kubearmorhostpolicies.security.kubearmor.com"
+	cspName = "kubearmorclusterpolicies.security.kubearmor.com"
+	kocName = "kubearmorconfigs.operator.kubearmor.com"
+)
 
 // CreateCustomResourceDefinition creates the CRD and add it into Kubernetes.
 func CreateCustomResourceDefinition(crdName string) apiextensions.CustomResourceDefinition {

install/defaults.go

@@ -5,29 +5,35 @@ package install
 
 var kubearmor = "kubearmor"
 
-var serviceAccountName = kubearmor
-var operatorServiceAccountName = "kubearmor-operator"
-var KubeArmorOperatorClusterRoleName = "kubearmor-operator-clusterrole"
-var KubeArmorOperatorManageClusterRoleName = "kubearmor-operator-manage-kubearmor-clusterrole"
-var KubeArmorOperatorManageControllerClusterRoleName = "kubearmor-operator-manage-controller-clusterrole"
-var KubeArmorClusterRoleName = "kubearmor-clusterrole"
-var RelayClusterRoleName = "kubearmor-relay-clusterrole"
-var KubeArmorControllerClusterRoleName = "kubearmor-controller-clusterrole"
-var KubeArmorSnitchClusterRoleName = "kubearmor-snitch"
-var KubeArmorControllerProxyClusterRoleName = "kubearmor-controller-proxy-role"
+var (
+	serviceAccountName                               = kubearmor
+	operatorServiceAccountName                       = "kubearmor-operator"
+	KubeArmorOperatorClusterRoleName                 = "kubearmor-operator-clusterrole"
+	KubeArmorOperatorManageClusterRoleName           = "kubearmor-operator-manage-kubearmor-clusterrole"
+	KubeArmorOperatorManageControllerClusterRoleName = "kubearmor-operator-manage-controller-clusterrole"
+	KubeArmorClusterRoleName                         = "kubearmor-clusterrole"
+	RelayClusterRoleName                             = "kubearmor-relay-clusterrole"
+	KubeArmorControllerClusterRoleName               = "kubearmor-controller-clusterrole"
+	KubeArmorSnitchClusterRoleName                   = "kubearmor-snitch"
+	KubeArmorControllerProxyClusterRoleName          = "kubearmor-controller-proxy-role"
+)
 
-var KubeArmorSnitchClusterroleBindingName = "kubearmor-snitch-binding"
-var RelayClusterRoleBindingName = "kubearmor-relay-clusterrolebinding"
-var KubeArmorControllerProxyClusterRoleBindingName = "kubearmor-controller-proxy-rolebinding"
-var KubeArmorControllerClusterRoleBindingName = "kubearmor-controller-clusterrolebinding"
-var KubeArmorClusterRoleBindingName = "kubearmor-clusterrolebinding"
-var KubeArmorOperatorManageControllerClusterRoleBindingName = "kubearmor-operator-manage-controller-clusterrole-binding"
-var KubeArmorOperatorManageClusterRoleBindingName = "kubearmor-operator-manage-kubearmor-clusterrole-binding"
-var KubeArmorOperatorClusterRoleBindingName = "kubearmor-operator-clusterrole-binding"
+var (
+	KubeArmorSnitchClusterroleBindingName                   = "kubearmor-snitch-binding"
+	RelayClusterRoleBindingName                             = "kubearmor-relay-clusterrolebinding"
+	KubeArmorControllerProxyClusterRoleBindingName          = "kubearmor-controller-proxy-rolebinding"
+	KubeArmorControllerClusterRoleBindingName               = "kubearmor-controller-clusterrolebinding"
+	KubeArmorClusterRoleBindingName                         = "kubearmor-clusterrolebinding"
+	KubeArmorOperatorManageControllerClusterRoleBindingName = "kubearmor-operator-manage-controller-clusterrole-binding"
+	KubeArmorOperatorManageClusterRoleBindingName           = "kubearmor-operator-manage-kubearmor-clusterrole-binding"
+	KubeArmorOperatorClusterRoleBindingName                 = "kubearmor-operator-clusterrole-binding"
+)
 
-var relayServiceName = kubearmor
-var relayDeploymentName = "kubearmor-relay"
-var policyManagerServiceName = "kubearmor-policy-manager-metrics-service"
-var policyManagerDeploymentName = "kubearmor-policy-manager"
-var hostPolicyManagerServiceName = "kubearmor-host-policy-manager-metrics-service"
-var hostPolicyManagerDeploymentName = "kubearmor-host-policy-manager"
+var (
+	relayServiceName                = kubearmor
+	relayDeploymentName             = "kubearmor-relay"
+	policyManagerServiceName        = "kubearmor-policy-manager-metrics-service"
+	policyManagerDeploymentName     = "kubearmor-policy-manager"
+	hostPolicyManagerServiceName    = "kubearmor-host-policy-manager-metrics-service"
+	hostPolicyManagerDeploymentName = "kubearmor-host-policy-manager"
+)

install/install.go

@@ -6,14 +6,13 @@ package install
 
 import (
 	"context"
-	"io"
-	"path/filepath"
-
 	"errors"
 	"fmt"
+	"io"
 	"log"
 	"os"
 	"path"
+	"path/filepath"
 	"slices"
 	"strings"
 	"time"
@@ -80,10 +79,12 @@ type envOption struct {
 	Environment string
 }
 
-var verify bool
-var progress int
-var cursorcount int
-var validEnvironments = []string{"k0s", "k3s", "microK8s", "minikube", "gke", "bottlerocket", "eks", "docker", "oke", "generic"}
+var (
+	verify            bool
+	progress          int
+	cursorcount       int
+	validEnvironments = []string{"k0s", "k3s", "microK8s", "minikube", "gke", "bottlerocket", "eks", "docker", "oke", "generic"}
+)
 
 // Checks if passed string is a valid environment
 func (env *envOption) CheckAndSetValidEnvironmentOption(envOption string) error {
@@ -385,7 +386,6 @@ func checkPodsLegacy(c *k8s.Client, o Options) {
 		}
 		break
 	}
-
 }
 
 func checkTerminatingPods(c *k8s.Client, ns string) int {
@@ -911,7 +911,7 @@ func writeHelmManifests(manifests string, filename string, printYAML []interface
 		}
 	}
 
-	file, _ := os.OpenFile("kubearmor.yaml", os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0600)
+	file, _ := os.OpenFile("kubearmor.yaml", os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0o600)
 	// Write the string to the file
 	_, err = file.WriteString(manifests + "\n")
 	if err != nil {
@@ -980,7 +980,7 @@ func K8sInstaller(c *k8s.Client, o Options) error {
 
 	var repoFile repo.File
 	repoFile.Update(entry)
-	if err := repoFile.WriteFile(settings.RepositoryConfig, 0644); err != nil {
+	if err := repoFile.WriteFile(settings.RepositoryConfig, 0o644); err != nil {
 		return fmt.Errorf("failed to write repository file: %w", err)
 	}
 
@@ -1326,7 +1326,7 @@ func listPods(c *k8s.Client) {
 		}
 	}
 	if cnt != 0 {
-		fmt.Println("ℹ️   Following pods will get restarted with karmor uninstall --force: \n")
+		fmt.Println("ℹ️   Following pods will get restarted with karmor uninstall --force")
 		table.Render()
 	}
 }

log/log.go

@@ -62,13 +62,17 @@ type Options struct {
 }
 
 // StopChan Channel
-var StopChan chan struct{}
-var sigChan chan os.Signal
+var (
+	StopChan chan struct{}
+	sigChan  chan os.Signal
+)
 
 // UnblockSignal is a flag to check whether the Watch* APIs have exited or signal has rcvd
-var UnblockSignal error
-var matchLabels = map[string]string{"kubearmor-app": "kubearmor-relay"}
-var port int64 = 32767
+var (
+	UnblockSignal error
+	matchLabels         = map[string]string{"kubearmor-app": "kubearmor-relay"}
+	port          int64 = 32767
+)
 
 // GetOSSigChannel Function
 func GetOSSigChannel() chan os.Signal {