Skip to content

Commit

Permalink
feat: diff host policy before apply
Browse files Browse the repository at this point in the history 
Signed-off-by: Rudraksh Pareek <rudraksh@accuknox.com>
  • Loading branch information
@DelusionalOptimist @daemon1024
DelusionalOptimist authored and daemon1024 committed Dec 6, 2024
1 parent 67cde68 commit 86241f1
Showing 1 changed file with 13 additions and 0 deletions.
13 changes: 13 additions & 0 deletions KubeArmor/core/kubeUpdate.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (
"fmt"
"io"
"os"
"reflect"
"sort"
"strconv"
"strings"
Expand Down Expand Up @@ -2271,6 +2272,12 @@ func (dm *KubeArmorDaemon) ParseAndUpdateHostSecurityPolicy(event tp.K8sKubeArmo
new := true
for idx, policy := range dm.HostSecurityPolicies {
if policy.Metadata["policyName"] == secPolicy.Metadata["policyName"] {
if reflect.DeepEqual(policy, secPolicy) {
kg.Debugf("No updates to policy %s", policy.Metadata["policyName"])
dm.HostSecurityPoliciesLock.Unlock()
return pb.PolicyStatus_Applied
}

dm.HostSecurityPolicies[idx] = secPolicy
event.Type = "MODIFIED"
new = false
Expand All @@ -2283,6 +2290,12 @@ func (dm *KubeArmorDaemon) ParseAndUpdateHostSecurityPolicy(event tp.K8sKubeArmo
} else if event.Type == "MODIFIED" {
for idx, policy := range dm.HostSecurityPolicies {
if policy.Metadata["policyName"] == secPolicy.Metadata["policyName"] {
if reflect.DeepEqual(policy, secPolicy) {
kg.Debugf("No updates to policy %s", policy.Metadata["policyName"])
dm.HostSecurityPoliciesLock.Unlock()
return pb.PolicyStatus_Applied
}

dm.HostSecurityPolicies[idx] = secPolicy
break
}
Expand Down

0 comments on commit 86241f1

Please sign in to comment.