KubeArmor icon indicating copy to clipboard operation
KubeArmor copied to clipboard

Published 20 hours ago verified publisher icon kubearmor

feat(monitor):Syscall Visibility

Open Prateeknandle opened this issue 1 year ago • 1 comments

Purpose of PR?:

  1. turn on/off syscall visibility per namespace based on visibility annotation with an additional string syscall
  2. have per syscall on/off switch based on string in config map
  3. separate the existing visibility for syscall which is currenly linked with file visibility. Support syscall string in visibility field in config map.

Fixes #1577

Does this PR introduce a breaking change? no

If the changes in this PR are manually verified, list down the scenarios covered:: verified locally with operator

Additional information for reviewer? : Mention if this PR is part of any design or a continuation of previous PRs

Checklist:

  • [ ] Bug fix. Fixes #
  • [x] New feature (non-breaking change which adds functionality)
  • [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • [ ] This change requires a documentation update
  • [x] PR Title follows the convention of <type>(<scope>): <subject>
  • [ ] Commit has unit tests
  • [ ] Commit has integration tests

Prateeknandle avatar Feb 06 '24 11:02 Prateeknandle

  • Include details in kubearmor_visibility.md

daemon1024 avatar Feb 15 '24 06:02 daemon1024