diff --git a/deployments/sentryflow-updated.yaml b/deployments/sentryflow-updated.yaml new file mode 100644 index 0000000..83bf89e --- /dev/null +++ b/deployments/sentryflow-updated.yaml @@ -0,0 +1,122 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: sentryflow + labels: + istio-injection: disabled # avoid Istio sidecar-injection +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + namespace: sentryflow + name: sentryflow-sa +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: sentryflow-cr +rules: + - apiGroups: [ "*" ] + verbs: [ "*" ] + resources: [ "*" ] + - apiGroups: [ "networking.istio.io" ] + verbs: [ "*" ] + resources: [ "*" ] + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: sentryflow-rb +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: sentryflow-cr +subjects: + - kind: ServiceAccount + namespace: sentryflow + name: sentryflow-sa +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: config + namespace: sentryflow +data: + config.yaml: |2- + receivers: + port: 8081 + serviceMeshes: + - name: istio-sidecar + enable: true + others: + - name: "optional" + # Either gRPC or HTTP not both + grpc: + url: localhost + port: 1234 + http: + url: localhost + port: 4321 + + exporter: + grpc: + port: 8080 + + debug: + enable: false + pprof: + port: 6060 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + namespace: sentryflow + name: sentryflow +spec: + replicas: 1 + selector: + matchLabels: + app: sentryflow + template: + metadata: + labels: + app: sentryflow + spec: + serviceAccountName: sentryflow-sa + containers: + - name: sentryflow + image: ttl.sh/sentryflow:24h + imagePullPolicy: Always + args: + - --config + - /var/lib/sentryflow/config.yaml + volumeMounts: + - mountPath: /var/lib/sentryflow/ + name: config + ports: + - containerPort: 8080 + name: grpc + protocol: TCP + volumes: + - name: config + configMap: + name: config +--- +apiVersion: v1 +kind: Service +metadata: + namespace: sentryflow + name: sentryflow +spec: + selector: + app: sentryflow + ports: + - name: filter + targetPort: 8081 + port: 8081 + protocol: TCP + - name: grpc + targetPort: 8080 + port: 8080 + protocol: TCP diff --git a/sentryflow/config/default.yaml b/sentryflow/config/default.yaml index 9df72f8..c7bc592 100644 --- a/sentryflow/config/default.yaml +++ b/sentryflow/config/default.yaml @@ -1,19 +1,18 @@ -receivers: +receivers: # aka sources + # HTTP Server port for wasm plugin to send api events port: 8081 serviceMeshes: - name: istio-sidecar enable: true others: - - name: "my-source" + - name: "coroot" # Either gRPC or HTTP not both grpc: url: localhost port: 1234 - # SentryFlow will pull the apiEvents from the following http config http: url: localhost port: 4321 - path: "/api/v1/some/path" exporter: grpc: diff --git a/sentryflow/pkg/receiver/receiver.go b/sentryflow/pkg/receiver/receiver.go index e91eff3..396629d 100644 --- a/sentryflow/pkg/receiver/receiver.go +++ b/sentryflow/pkg/receiver/receiver.go @@ -32,9 +32,12 @@ func Init(ctx context.Context, logger *zap.SugaredLogger, k8sClient client.Clien } } + // Todo: Will be configured as per requirements + // Add the initialization/connecting/glue code in + // `pkg/receiver/other/{other-source-name}` directory for _, other := range cfg.Others { if other.Name != "" { - + // Handle gRPC or HTTP config accordingly } }