| title | path | category |
|---|---|---|
Developer Guide |
docs/developer-guide |
develop |
The operator is written in Golang. To build the operator you will need to install Go.
For local development we recommend to use Minikube or kind. If you are using MacOS or Windows you can also use the kubernetes cluster included within Docker for Mac/Windows. All of these tools will enable you to run a local kubernetes cluster on your development machine.
To operate your (local) Kubernetes cluster you will need to install kubectl and helm
For macOs simply use Homebrew to install all the tools:
brew cask install docker
brew install go helmAfter that start the Docker.app and go to it's settings and start Kubernetes.
For your local development you will need a S3 compatible storage. We would recommend to use Minio inside a Podman or docker container.
podman run \
--name minio \
-p 9000:9000 \
minio/minio \
server /datadocker container run \
--name minio \
-p 9000:9000 \
-d \
--rm \
minio/minio \
server /dataIn the Minio management GUI you will need to add a new bucket for the operator. The default credentials for your minio instance are minioadmin:minioadmin. You might change those. Go to the management UI at http://localhost:9000/ and add a new bucket. After creating your bucket you will need to specify some environment variables to enable the operator to use the bucket. For that export these variables:
export S3_ACCESS_KEY="your-minio-access-key"
export S3_SECRET_KEY="your-minio-secret-key"
export S3_BUCKET="name-of-your-bucket"
export S3_USE_SSL="false" # This ensures that the operator will connect even without HTTPS
export S3_ENDPOINT="127.0.0.1:9000"You can save time by using direnv to export these variables in your project. If you use direnv just add a file .s3_credentials with your Minio credentials.
To build an run the operator you can simply execute make in the operator directory of this repository:
cd operator
makeThis will produce the operator as bin/manager. If you wonder why the operator is named manager (the resulting binary). The reason for that is in Kubernetes a combination of more than one controller is called controller-manager or short manager. In contrast operator is created by the community to name a controller-manager which controls custom resources and hence we use custom resources. (see https://book.kubebuilder.io/ for further information)
To run the operator locally you can simply execute make run in the operator directory of this repository:
NOTICE: You will need to uninstall the operator with helm -n securecodebox-system uninstall securecodebox-operator from your local cluster, if you've installed it via helm. Unless both operators try to work on the same cluster which may cause unexpected behavior.
cd operator
make run✍ Following...
- Install the dependencies
npm install - Update the parser function here:
./parser/parser.js - Update the parser tests here:
./parser/parser.test.js - Run the test suite:
npm test
✍ Following...
✍ Following...
✍ Following...
✍ Following...
✍ Following...
We're using snake_case (lower case) for json attributes. If an enum type is used as attribute its converted to lower case. If it's an value it's always used UPPERCASE. This is to hold the attribute api consistent, but make sure Enums are recognized as enums.
{
"id": "e18cdc5e-6b49-4346-b623-28a4e878e154",
"name": "Open mysql Port",
"description": "Port 3306 is open using tcp protocol.",
"category": "Open Port",
"osi_layer": "NETWORK",
"severity": "INFORMATIONAL",
"attributes": {
"protocol": "tcp",
"port": 3306,
"service": "mysql",
"mac_address": null,
"start": "1520606104",
"end": "1520606118",
"ip_address": "127.0.0.1",
"state": "open"
},
"location": "tcp://127.0.0.1:3306"
}