KubeArmor Refactor KubeArmor Operator

Refactor KubeArmor Operator

Open rksharma95 opened this issue 8 months ago • 2 comments

refactor kubearmorConfig keep it close to k8s manifest spec

Current:

kubearmorImage:
  image:
  imagePullPolicy
...

Proposed:

kubearmor:
  image:
  args:

kubearmorRelay:
  image:
  args:

kubearmorController:
...

avoid snitch's dependency for serviceaccount being created after KubeArmorConfig CR has been created, to avoid increasing time delay due to reconcilation.
avoid seperate resource update for each configuration update
optimize cert roatation logic
discuss to decide if tight loop should be replaced with informer based reconcider. reconciler will require watch permission for managing k8s resources.

Jun 03 '24 17:06 rksharma95