From a9755ab340c9f4654c221477da99927583291a02 Mon Sep 17 00:00:00 2001
From: sratslla <shubhgaur.cse24@jecrc.ac.in>
Date: Tue, 12 Mar 2024 16:13:04 +0530
Subject: [PATCH 1/2] feat: Added column in ksp and hsp -owide

Signed-off-by: sratslla <shubhgaur.cse24@jecrc.ac.in>
---
 deployments/CRD/KubeArmorHostPolicy.yaml         | 14 +++++++++++++-
 deployments/CRD/KubeArmorPolicy.yaml             | 14 +++++++++++++-
 .../v1/kubearmorhostpolicy_types.go              |  3 +++
 .../v1/kubearmorpolicy_types.go                  |  3 +++
 ...rity.kubearmor.com_kubearmorhostpolicies.yaml | 16 ++++++++++++++--
 ...security.kubearmor.com_kubearmorpolicies.yaml | 16 ++++++++++++++--
 .../crd/KubeArmorHostPolicy.yaml                 | 14 +++++++++++++-
 pkg/KubeArmorController/crd/KubeArmorPolicy.yaml | 16 ++++++++++++++--
 8 files changed, 87 insertions(+), 9 deletions(-)

diff --git a/deployments/CRD/KubeArmorHostPolicy.yaml b/deployments/CRD/KubeArmorHostPolicy.yaml
index af92ce46d4..497c216ff7 100644
--- a/deployments/CRD/KubeArmorHostPolicy.yaml
+++ b/deployments/CRD/KubeArmorHostPolicy.yaml
@@ -18,7 +18,19 @@ spec:
     singular: kubearmorhostpolicy
   scope: Cluster
   versions:
-  - name: v1
+  - additionalPrinterColumns:
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
+    - jsonPath: .spec.action
+      name: Action
+      priority: 10
+      type: string
+    - jsonPath: .spec.nodeSelector.matchLabels
+      name: Selector
+      priority: 10
+      type: string
+    name: v1
     schema:
       openAPIV3Schema:
         description: KubeArmorHostPolicy is the Schema for the kubearmorhostpolicies
diff --git a/deployments/CRD/KubeArmorPolicy.yaml b/deployments/CRD/KubeArmorPolicy.yaml
index 9755fe5449..ce3ef593fa 100644
--- a/deployments/CRD/KubeArmorPolicy.yaml
+++ b/deployments/CRD/KubeArmorPolicy.yaml
@@ -18,7 +18,19 @@ spec:
     singular: kubearmorpolicy
   scope: Namespaced
   versions:
-  - name: v1
+  - additionalPrinterColumns:
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
+    - jsonPath: .spec.action
+      name: Action
+      priority: 10
+      type: string
+    - jsonPath: .spec.selector.matchLabels
+      name: Selector
+      priority: 10
+      type: string
+    name: v1
     schema:
       openAPIV3Schema:
         description: KubeArmorPolicy is the Schema for the kubearmorpolicies API
diff --git a/pkg/KubeArmorController/api/security.kubearmor.com/v1/kubearmorhostpolicy_types.go b/pkg/KubeArmorController/api/security.kubearmor.com/v1/kubearmorhostpolicy_types.go
index d5a516ce75..3f596de68b 100644
--- a/pkg/KubeArmorController/api/security.kubearmor.com/v1/kubearmorhostpolicy_types.go
+++ b/pkg/KubeArmorController/api/security.kubearmor.com/v1/kubearmorhostpolicy_types.go
@@ -41,6 +41,9 @@ type KubeArmorHostPolicyStatus struct {
 // +genclient:nonNamespaced
 // +kubebuilder:resource:scope=Cluster,shortName=hsp
 // +kubebuilder:subresource:status
+// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp`
+// +kubebuilder:printcolumn:name="Action",type=string,JSONPath=`.spec.action`,priority=10
+// +kubebuilder:printcolumn:name="Selector",type=string,JSONPath=`.spec.nodeSelector.matchLabels`,priority=10
 type KubeArmorHostPolicy struct {
 	metav1.TypeMeta   `json:",inline"`
 	metav1.ObjectMeta `json:"metadata,omitempty"`
diff --git a/pkg/KubeArmorController/api/security.kubearmor.com/v1/kubearmorpolicy_types.go b/pkg/KubeArmorController/api/security.kubearmor.com/v1/kubearmorpolicy_types.go
index 6fc4617575..d9c1fb1526 100644
--- a/pkg/KubeArmorController/api/security.kubearmor.com/v1/kubearmorpolicy_types.go
+++ b/pkg/KubeArmorController/api/security.kubearmor.com/v1/kubearmorpolicy_types.go
@@ -75,6 +75,9 @@ type KubeArmorPolicyStatus struct {
 // +genclient
 // +kubebuilder:resource:shortName=ksp
 // +kubebuilder:subresource:status
+// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp`
+// +kubebuilder:printcolumn:name="Action",type=string,JSONPath=`.spec.action`,priority=10
+// +kubebuilder:printcolumn:name="Selector",type=string,JSONPath=`.spec.selector.matchLabels`,priority=10
 type KubeArmorPolicy struct {
 	metav1.TypeMeta   `json:",inline"`
 	metav1.ObjectMeta `json:"metadata,omitempty"`
diff --git a/pkg/KubeArmorController/config/crd/bases/security.kubearmor.com_kubearmorhostpolicies.yaml b/pkg/KubeArmorController/config/crd/bases/security.kubearmor.com_kubearmorhostpolicies.yaml
index 9f5630174a..497c216ff7 100644
--- a/pkg/KubeArmorController/config/crd/bases/security.kubearmor.com_kubearmorhostpolicies.yaml
+++ b/pkg/KubeArmorController/config/crd/bases/security.kubearmor.com_kubearmorhostpolicies.yaml
@@ -4,7 +4,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.14.0
+    controller-gen.kubebuilder.io/version: v0.4.1
   creationTimestamp: null
   name: kubearmorhostpolicies.security.kubearmor.com
 spec:
@@ -18,7 +18,19 @@ spec:
     singular: kubearmorhostpolicy
   scope: Cluster
   versions:
-  - name: v1
+  - additionalPrinterColumns:
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
+    - jsonPath: .spec.action
+      name: Action
+      priority: 10
+      type: string
+    - jsonPath: .spec.nodeSelector.matchLabels
+      name: Selector
+      priority: 10
+      type: string
+    name: v1
     schema:
       openAPIV3Schema:
         description: KubeArmorHostPolicy is the Schema for the kubearmorhostpolicies
diff --git a/pkg/KubeArmorController/config/crd/bases/security.kubearmor.com_kubearmorpolicies.yaml b/pkg/KubeArmorController/config/crd/bases/security.kubearmor.com_kubearmorpolicies.yaml
index 5349187f36..ce3ef593fa 100644
--- a/pkg/KubeArmorController/config/crd/bases/security.kubearmor.com_kubearmorpolicies.yaml
+++ b/pkg/KubeArmorController/config/crd/bases/security.kubearmor.com_kubearmorpolicies.yaml
@@ -4,7 +4,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.14.0
+    controller-gen.kubebuilder.io/version: v0.4.1
   creationTimestamp: null
   name: kubearmorpolicies.security.kubearmor.com
 spec:
@@ -18,7 +18,19 @@ spec:
     singular: kubearmorpolicy
   scope: Namespaced
   versions:
-  - name: v1
+  - additionalPrinterColumns:
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
+    - jsonPath: .spec.action
+      name: Action
+      priority: 10
+      type: string
+    - jsonPath: .spec.selector.matchLabels
+      name: Selector
+      priority: 10
+      type: string
+    name: v1
     schema:
       openAPIV3Schema:
         description: KubeArmorPolicy is the Schema for the kubearmorpolicies API
diff --git a/pkg/KubeArmorController/crd/KubeArmorHostPolicy.yaml b/pkg/KubeArmorController/crd/KubeArmorHostPolicy.yaml
index af92ce46d4..497c216ff7 100644
--- a/pkg/KubeArmorController/crd/KubeArmorHostPolicy.yaml
+++ b/pkg/KubeArmorController/crd/KubeArmorHostPolicy.yaml
@@ -18,7 +18,19 @@ spec:
     singular: kubearmorhostpolicy
   scope: Cluster
   versions:
-  - name: v1
+  - additionalPrinterColumns:
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
+    - jsonPath: .spec.action
+      name: Action
+      priority: 10
+      type: string
+    - jsonPath: .spec.nodeSelector.matchLabels
+      name: Selector
+      priority: 10
+      type: string
+    name: v1
     schema:
       openAPIV3Schema:
         description: KubeArmorHostPolicy is the Schema for the kubearmorhostpolicies
diff --git a/pkg/KubeArmorController/crd/KubeArmorPolicy.yaml b/pkg/KubeArmorController/crd/KubeArmorPolicy.yaml
index 5349187f36..ce3ef593fa 100644
--- a/pkg/KubeArmorController/crd/KubeArmorPolicy.yaml
+++ b/pkg/KubeArmorController/crd/KubeArmorPolicy.yaml
@@ -4,7 +4,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.14.0
+    controller-gen.kubebuilder.io/version: v0.4.1
   creationTimestamp: null
   name: kubearmorpolicies.security.kubearmor.com
 spec:
@@ -18,7 +18,19 @@ spec:
     singular: kubearmorpolicy
   scope: Namespaced
   versions:
-  - name: v1
+  - additionalPrinterColumns:
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
+    - jsonPath: .spec.action
+      name: Action
+      priority: 10
+      type: string
+    - jsonPath: .spec.selector.matchLabels
+      name: Selector
+      priority: 10
+      type: string
+    name: v1
     schema:
       openAPIV3Schema:
         description: KubeArmorPolicy is the Schema for the kubearmorpolicies API

From 8280690792c54bc3ac1b6f0c7c74c030fbb53c06 Mon Sep 17 00:00:00 2001
From: sratslla <shubhgaur.cse24@jecrc.ac.in>
Date: Mon, 18 Mar 2024 13:48:19 +0530
Subject: [PATCH 2/2] Update Controller Makefile to include Helm CRD and update
 CRDs

Signed-off-by: sratslla <shubhgaur.cse24@jecrc.ac.in>
---
 .../helm/KubeArmor/templates/crds/hsp.yaml    | 32 +++++++++++++----
 .../helm/KubeArmor/templates/crds/ksp.yaml    | 34 ++++++++++++++-----
 pkg/KubeArmorController/Makefile              |  2 ++
 3 files changed, 53 insertions(+), 15 deletions(-)

diff --git a/deployments/helm/KubeArmor/templates/crds/hsp.yaml b/deployments/helm/KubeArmor/templates/crds/hsp.yaml
index 7756e5769a..497c216ff7 100644
--- a/deployments/helm/KubeArmor/templates/crds/hsp.yaml
+++ b/deployments/helm/KubeArmor/templates/crds/hsp.yaml
@@ -1,8 +1,11 @@
+
+---
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
     controller-gen.kubebuilder.io/version: v0.4.1
+  creationTimestamp: null
   name: kubearmorhostpolicies.security.kubearmor.com
 spec:
   group: security.kubearmor.com
@@ -15,7 +18,19 @@ spec:
     singular: kubearmorhostpolicy
   scope: Cluster
   versions:
-  - name: v1
+  - additionalPrinterColumns:
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
+    - jsonPath: .spec.action
+      name: Action
+      priority: 10
+      type: string
+    - jsonPath: .spec.nodeSelector.matchLabels
+      name: Selector
+      priority: 10
+      type: string
+    name: v1
     schema:
       openAPIV3Schema:
         description: KubeArmorHostPolicy is the Schema for the kubearmorhostpolicies
@@ -97,8 +112,6 @@ spec:
                     items:
                       type: string
                     type: array
-                required:
-                - matchCapabilities
                 type: object
               file:
                 properties:
@@ -281,8 +294,6 @@ spec:
                     items:
                       type: string
                     type: array
-                required:
-                - matchProtocols
                 type: object
               nodeSelector:
                 properties:
@@ -346,6 +357,9 @@ spec:
                           - Audit
                           - Block
                           type: string
+                        execname:
+                          pattern: ^[^\/]+$
+                          type: string
                         fromSource:
                           items:
                             properties:
@@ -369,8 +383,6 @@ spec:
                           items:
                             type: string
                           type: array
-                      required:
-                      - path
                       type: object
                     type: array
                   matchPatterns:
@@ -1165,3 +1177,9 @@ spec:
     storage: true
     subresources:
       status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []
diff --git a/deployments/helm/KubeArmor/templates/crds/ksp.yaml b/deployments/helm/KubeArmor/templates/crds/ksp.yaml
index e2d0e3ce22..ce3ef593fa 100644
--- a/deployments/helm/KubeArmor/templates/crds/ksp.yaml
+++ b/deployments/helm/KubeArmor/templates/crds/ksp.yaml
@@ -1,8 +1,11 @@
+
+---
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
     controller-gen.kubebuilder.io/version: v0.4.1
+  creationTimestamp: null
   name: kubearmorpolicies.security.kubearmor.com
 spec:
   group: security.kubearmor.com
@@ -15,7 +18,19 @@ spec:
     singular: kubearmorpolicy
   scope: Namespaced
   versions:
-  - name: v1
+  - additionalPrinterColumns:
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
+    - jsonPath: .spec.action
+      name: Action
+      priority: 10
+      type: string
+    - jsonPath: .spec.selector.matchLabels
+      name: Selector
+      priority: 10
+      type: string
+    name: v1
     schema:
       openAPIV3Schema:
         description: KubeArmorPolicy is the Schema for the kubearmorpolicies API
@@ -95,8 +110,6 @@ spec:
                     items:
                       type: string
                     type: array
-                required:
-                - matchCapabilities
                 type: object
               file:
                 properties:
@@ -278,8 +291,6 @@ spec:
                     items:
                       type: string
                     type: array
-                required:
-                - matchProtocols
                 type: object
               process:
                 properties:
@@ -336,6 +347,9 @@ spec:
                           - Audit
                           - Block
                           type: string
+                        execname:
+                          pattern: ^[^\/]+$
+                          type: string
                         fromSource:
                           items:
                             properties:
@@ -359,8 +373,6 @@ spec:
                           items:
                             type: string
                           type: array
-                      required:
-                      - path
                       type: object
                     type: array
                   matchPatterns:
@@ -1159,4 +1171,10 @@ spec:
     served: true
     storage: true
     subresources:
-      status: {}
\ No newline at end of file
+      status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []
diff --git a/pkg/KubeArmorController/Makefile b/pkg/KubeArmorController/Makefile
index 4e0aed59d3..01345921f3 100644
--- a/pkg/KubeArmorController/Makefile
+++ b/pkg/KubeArmorController/Makefile
@@ -52,8 +52,10 @@ manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and Cust
 	go mod tidy; $(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases
 	cp config/crd/bases/security.kubearmor.com_kubearmorpolicies.yaml ../../deployments/CRD/KubeArmorPolicy.yaml
 	cp config/crd/bases/security.kubearmor.com_kubearmorpolicies.yaml crd/KubeArmorPolicy.yaml
+	cp config/crd/bases/security.kubearmor.com_kubearmorpolicies.yaml ../../deployments/helm/KubeArmor/templates/crds/ksp.yaml
 	cp config/crd/bases/security.kubearmor.com_kubearmorhostpolicies.yaml ../../deployments/CRD/KubeArmorHostPolicy.yaml
 	cp config/crd/bases/security.kubearmor.com_kubearmorhostpolicies.yaml crd/KubeArmorHostPolicy.yaml
+	cp config/crd/bases/security.kubearmor.com_kubearmorhostpolicies.yaml ../../deployments/helm/KubeArmor/templates/crds/hsp.yaml
 
 .PHONY: generate
 generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations.