security-profiles-operator
security-profiles-operator copied to clipboard
kubernetes-sigs
Integrate the eBPF based AppArmor recorder into the API
What type of PR is this?
/kind feature
What this PR does / why we need it:
It integrates the eBPF based AppArmor profile recorder into the API. This will allow to record AppArmor profiles for workloads directly into the cluster in the same fashion like seccomp profiles.
Which issue(s) this PR fixes:
Does this PR have test?
Yes
Special notes for your reviewer:
I will follow up with some integration tests in a separate pull request.
Does this PR introduce a user-facing change?
Add the eBPF based AppArmor profile recorder into the API.
cc @mhils @@milkmix_
@mhils please could you review the changes and let me know if you find any issues? Thanks a lot!
Codecov Report
Attention: Patch coverage is 44.44444% with 285 lines in your changes missing coverage. Please review.
Project coverage is 42.02%. Comparing base (
11d77f4) to head (0f49aa7). Report is 270 commits behind head on main.
Additional details and impacted files
@@ Coverage Diff @@
## main #2296 +/- ##
==========================================
- Coverage 45.50% 42.02% -3.48%
==========================================
Files 79 110 +31
Lines 7782 15913 +8131
==========================================
+ Hits 3541 6688 +3147
- Misses 4099 8732 +4633
- Partials 142 493 +351
@saschagrunert @mhils This is ready for final review. All tests finally passed. Thanks
@saschagrunert @mhils if you are happy please could you approve? I'll follow up with e2e tests and other small fixes if needed since this got already quite large. Thanks a lot!
[APPROVALNOTIFIER] This PR is APPROVED
This pull-request has been approved by: ccojocar, saschagrunert
The full list of commands accepted by this bot can be found here.
The pull request process is described here
- ~~OWNERS~~ [ccojocar,saschagrunert]
Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment
