Merge pull request #342 from daemon1024/fixes-and-enhancements

feat/fix(install): add verify flag and revert timeout
kubearmor · Jun 30, 2023 · 088e6e2 · 088e6e2
2 parents e4b8563 + 152d1cb
commit 088e6e2
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 23 deletions.
diff --git a/cmd/install.go b/cmd/install.go
@@ -18,7 +18,6 @@ var installCmd = &cobra.Command{
 	Short: "Install KubeArmor in a Kubernetes Cluster",
 	Long:  `Install KubeArmor in a Kubernetes Clusters`,
 	RunE: func(cmd *cobra.Command, args []string) error {
-		installOptions.Animation = true
 		if err := installOptions.Env.CheckAndSetValidEnvironmentOption(cmd.Flag("env").Value.String()); err != nil {
 			return fmt.Errorf("error in checking environment option: %v", err)
 		}
@@ -40,6 +39,7 @@ func init() {
 	installCmd.Flags().StringVarP(&installOptions.Block, "block", "b", "", "Kubearmor Block Posture Context [all,file,network,capabilities]")
 	installCmd.Flags().StringVarP(&installOptions.Visibility, "viz", "", "", "Kubearmor Telemetry Visibility [process,file,network,none]")
 	installCmd.Flags().BoolVar(&installOptions.Save, "save", false, "Save KubeArmor Manifest ")
+	installCmd.Flags().BoolVar(&installOptions.Verify, "verify", true, "Verify whether all KubeArmor resources are created, running and also probes whether KubeArmor has armored the cluster or not")
 	installCmd.Flags().BoolVar(&installOptions.Local, "local", false, "Use Local KubeArmor Images (sets ImagePullPolicy to 'IfNotPresent') ")
 	installCmd.Flags().StringVarP(&installOptions.Env.Environment, "env", "e", "", "Supported KubeArmor Environment [k3s,microK8s,minikube,gke,bottlerocket,eks,docker,oke,generic]")
 

diff --git a/cmd/uninstall.go b/cmd/uninstall.go
@@ -16,17 +16,15 @@ var uninstallCmd = &cobra.Command{
 	Short: "Uninstall KubeArmor from a Kubernetes Cluster",
 	Long:  `Uninstall KubeArmor from a Kubernetes Clusters`,
 	RunE: func(cmd *cobra.Command, args []string) error {
-		uninstallOptions.Animation = true
-		if err := install.K8sUninstaller(client, uninstallOptions); err != nil {
-			return err
-		}
-		return nil
+		err := install.K8sUninstaller(client, uninstallOptions)
+		return err
 	},
 }
 
 func init() {
 	rootCmd.AddCommand(uninstallCmd)
 
 	uninstallCmd.Flags().StringVarP(&uninstallOptions.Namespace, "namespace", "n", "kube-system", "Namespace for resources")
-	uninstallCmd.Flags().BoolVar(&uninstallOptions.Force, "force", false, "Force remove kubearmor annotations from deployments. (Deployments might be restarted)")
+	uninstallCmd.Flags().BoolVar(&uninstallOptions.Force, "force", false, "Force remove KubeArmor annotations from deployments. (Deployments might be restarted)")
+	uninstallCmd.Flags().BoolVar(&uninstallOptions.Verify, "verify", true, "Verify whether all KubeArmor resources are cleaned up or not")
 }
diff --git a/install/install.go b/install/install.go
@@ -41,7 +41,7 @@ type Options struct {
 	Force          bool
 	Local          bool
 	Save           bool
-	Animation      bool
+	Verify         bool
 	Env            envOption
 }
 
@@ -50,7 +50,7 @@ type envOption struct {
 	Environment string
 }
 
-var animation bool
+var verify bool
 var progress int
 var cursorcount int
 var validEnvironments = []string{"k3s", "microK8s", "minikube", "gke", "bottlerocket", "eks", "docker", "oke", "generic"}
@@ -102,17 +102,17 @@ func printBar(msg string, total int) int {
 func printAnimation(msg string, flag bool) int {
 	clearLine(90)
 	fmt.Printf(msg + "\n")
-	if flag {
-		progress++
+	if verify {
+		if flag {
+			progress++
+		}
+		printBar("\tKubeArmor Installing ", 17)
 	}
-	printBar("\tKubeArmor Installing ", 17)
 	return 0
 }
 
 func printMessage(msg string, flag bool) int {
-	if animation {
-		printAnimation(msg, flag)
-	}
+	printAnimation(msg, flag)
 	return 0
 }
 
@@ -142,7 +142,8 @@ func checkPods(c *k8s.Client, o Options) {
 		}
 	}
 	fmt.Print("\n🔧\tVerifying KubeArmor functionality (this may take upto a minute) ...")
-	ctx, cancel := context.WithTimeout(context.Background(), 40*time.Second)
+	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
+
 	defer cancel()
 
 	for {
@@ -210,7 +211,7 @@ func checkTerminatingPods(c *k8s.Client) int {
 
 // K8sInstaller for karmor install
 func K8sInstaller(c *k8s.Client, o Options) error {
-	animation = o.Animation
+	verify = o.Verify
 	var env string
 	if o.Env.Auto {
 		env = k8s.AutoDetectEnvironment(c)
@@ -353,8 +354,9 @@ func K8sInstaller(c *k8s.Client, o Options) error {
 	if o.Block == "all" || strings.Contains(o.Block, "capabilities") {
 		daemonset.Spec.Template.Spec.Containers[0].Args = append(daemonset.Spec.Template.Spec.Containers[0].Args, "-defaultCapabilitiesPosture=block")
 	}
-	s := strings.Join(daemonset.Spec.Template.Spec.Containers[0].Args, " ")
-	printMessage("🛡\tKubeArmor DaemonSet - Init "+daemonset.Spec.Template.Spec.InitContainers[0].Image+", Container "+daemonset.Spec.Template.Spec.Containers[0].Image+s+"  ", true)
+
+	args := strings.Join(daemonset.Spec.Template.Spec.Containers[0].Args, " ")
+	printMessage("🛡\tKubeArmor DaemonSet - Init "+daemonset.Spec.Template.Spec.InitContainers[0].Image+", Container "+daemonset.Spec.Template.Spec.Containers[0].Image+"  "+args+"  ", true)
 
 	if !o.Save {
 		if _, err := c.K8sClientset.AppsV1().DaemonSets(o.Namespace).Create(context.Background(), daemonset, metav1.CreateOptions{}); err != nil {
@@ -369,7 +371,7 @@ func K8sInstaller(c *k8s.Client, o Options) error {
 
 	caCert, tlsCrt, tlsKey, err := GeneratePki(o.Namespace, deployments.KubeArmorControllerWebhookServiceName)
 	if err != nil {
-		printMessage("C\tldn't generate TLS secret  ", false)
+		printMessage("Couldn't generate TLS secret  ", false)
 		return err
 	}
 	kubearmorControllerTLSSecret := deployments.GetKubeArmorControllerTLSSecret(o.Namespace, caCert.String(), tlsCrt.String(), tlsKey.String())
@@ -561,7 +563,7 @@ func K8sInstaller(c *k8s.Client, o Options) error {
 		printMessage("🤩\tKubeArmor manifest file saved to \033[1m"+s3+"\033[0m", false)
 
 	}
-	if animation && !o.Save {
+	if verify && !o.Save {
 		checkPods(c, o)
 	}
 	return nil
@@ -616,7 +618,7 @@ func removeAnnotations(c *k8s.Client) {
 
 // K8sUninstaller for karmor uninstall
 func K8sUninstaller(c *k8s.Client, o Options) error {
-	animation = o.Animation
+	verify = o.Verify
 
 	fmt.Print("❌   KubeArmor Deployments ...\n")
 	kaDeployments, _ := c.K8sClientset.AppsV1().Deployments("").List(context.TODO(), metav1.ListOptions{LabelSelector: "kubearmor-app"})
@@ -787,7 +789,7 @@ func K8sUninstaller(c *k8s.Client, o Options) error {
 
 		removeAnnotations(c)
 	}
-	if animation {
+	if verify {
 		checkTerminatingPods(c)
 	}
 	return nil