Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[MAIN-2918] improved a bash enricher and added an action to run it in a new pod #1697

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[MAIN-2918] improved a bash enricher and added an action to run it in a new pod #1697

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
39 changes: 37 additions & 2 deletions playbooks/robusta_playbooks/bash_enrichments.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,16 @@
import logging
from typing import List

from robusta.api import BaseBlock, BashParams, MarkdownBlock, NodeEvent, PodEvent, RobustaPod, action
from robusta.api import (
BaseBlock,
BashParams,
ExecutionBaseEvent,
MarkdownBlock,
NodeEvent,
PodEvent,
RobustaPod,
action,
)


@action
Expand Down Expand Up @@ -35,7 +44,33 @@ def node_bash_enricher(event: NodeEvent, params: BashParams):

block_list: List[BaseBlock] = []
exec_result = RobustaPod.exec_in_debugger_pod(
"node-bash-pod", node.metadata.name, params.bash_command, custom_annotations=params.custom_annotations
"node-bash-pod",
node.metadata.name,
params.bash_command,
custom_annotations=params.custom_annotations,
custom_volume_mounts=params.custom_volume_mounts,
custom_volumes=params.custom_volumes,
)
block_list.append(MarkdownBlock(f"Command results for *{params.bash_command}:*"))
block_list.append(MarkdownBlock(exec_result))
event.add_enrichment(block_list)


@action
def bash_enricher(event: ExecutionBaseEvent, params: BashParams):
"""
Execute the specified bash command in a new bash pod instead of **pod_bash_enricher** which runs on a target pod
Enrich the finding with the command results.
"""

block_list: List[BaseBlock] = []
exec_result = RobustaPod.exec_in_debugger_pod(
"bash-pod",
None,
params.bash_command,
custom_annotations=params.custom_annotations,
custom_volume_mounts=params.custom_volume_mounts,
custom_volumes=params.custom_volumes,
)
block_list.append(MarkdownBlock(f"Command results for *{params.bash_command}:*"))
block_list.append(MarkdownBlock(exec_result))
Expand Down
4 changes: 3 additions & 1 deletion src/robusta/core/model/base_params.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
from enum import Enum, auto
from typing import Any, Dict, List, Optional, Union

from hikaru.model.rel_1_26 import Volume, VolumeMount
from pydantic import BaseModel, SecretStr, validator

from robusta.integrations import openshift
Expand Down Expand Up @@ -81,7 +82,6 @@ class ResourceInfo(BaseModel):


class HolmesParams(ActionParams):

holmes_url: Optional[str]

@validator("holmes_url", allow_reuse=True)
Expand Down Expand Up @@ -250,6 +250,8 @@ class PodRunningParams(ActionParams):
"""

custom_annotations: Optional[Dict[str, str]] = None
custom_volume_mounts: Optional[List[VolumeMount]]
custom_volumes: Optional[List[Volume]]


class VideoEnricherParams(ActionParams):
Expand Down
14 changes: 13 additions & 1 deletion src/robusta/integrations/kubernetes/custom_models.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -238,6 +238,8 @@ def create_debugger_pod(
env: Optional[List[EnvVar]] = None,
mount_host_root: bool = False,
custom_annotations: Optional[Dict[str, str]] = None,
custom_volume_mounts: Optional[List[VolumeMount]] = None,
custom_volumes: Optional[List[Volume]] = None,
) -> "RobustaPod":
"""
Creates a debugging pod with high privileges
Expand All @@ -249,6 +251,9 @@ def create_debugger_pod(
volume_mounts = [VolumeMount(name="host-root", mountPath="/host")]
volumes = [Volume(name="host-root", hostPath=HostPathVolumeSource(path="/", type="Directory"))]

volume_mounts = (volume_mounts or []) + (custom_volume_mounts or [])
volumes = (volumes or []) + (custom_volumes or [])

debugger = RobustaPod(
apiVersion="v1",
kind="Pod",
Expand Down Expand Up @@ -321,9 +326,16 @@ def exec_in_debugger_pod(
cmd,
debug_image=PYTHON_DEBUGGER_IMAGE,
custom_annotations: Optional[Dict[str, str]] = None,
custom_volume_mounts: Optional[List[VolumeMount]] = None,
custom_volumes: Optional[List[Volume]] = None,
) -> str:
debugger = RobustaPod.create_debugger_pod(
pod_name, node_name, debug_image, custom_annotations=custom_annotations
pod_name,
node_name,
debug_image,
custom_annotations=custom_annotations,
custom_volume_mounts=custom_volume_mounts,
custom_volumes=custom_volumes,
)
try:
return debugger.exec(cmd)
Expand Down
Loading