From 6e4dea8764a56faf48be59e3f52550af96592fc8 Mon Sep 17 00:00:00 2001 From: Shreyas220 Date: Sat, 9 Mar 2024 08:18:52 +0530 Subject: [PATCH 1/4] adding artifact api to kiem job Signed-off-by: Shreyas220 --- accuknox-kiem-job/templates/deployment.yaml | 6 ++++-- accuknox-kiem-job/values.yaml | 1 + 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/accuknox-kiem-job/templates/deployment.yaml b/accuknox-kiem-job/templates/deployment.yaml index 6aa6d12..236492a 100644 --- a/accuknox-kiem-job/templates/deployment.yaml +++ b/accuknox-kiem-job/templates/deployment.yaml @@ -28,16 +28,18 @@ spec: containers: - image: accuknox/accuknox-job:latest command: ["/bin/sh", "-c"] - args: ["curl www.google.com && echo $AUTH_TOKEN"] + args: ["curl --location --request POST 'https://cspm.dev.accuknox.com/api/v1/artifact/?tenant_id=$TENANT_ID&data_type=KIEM&save_to_s3=false' --header 'Tenant-Id: $TENANT_ID' --header "Authorization: Bearer $AUTH_TOKEN" --form 'file=@"/data/report.json"'"] name: accuknox-kiem-cronjob resources: {} env: + - name: TENANT_ID + value: {{ .Values.accuknox.tenantId }} - name: AUTH_TOKEN value: {{ .Values.accuknox.authToken }} - name: CLUSTER_NAME value: {{ .Values.accuknox.clusterName }} - name: LABEL_NAME - value: {{ .Values.accuknox.label }} + value: {{ .Values.accuknox.z }} volumeMounts: - mountPath: /data name: datapath diff --git a/accuknox-kiem-job/values.yaml b/accuknox-kiem-job/values.yaml index ee2dde6..52386b9 100644 --- a/accuknox-kiem-job/values.yaml +++ b/accuknox-kiem-job/values.yaml @@ -6,6 +6,7 @@ replicaCount: 1 accuknox: authToken: "NO-TOKEN-SET" + tenantId: "" cronTab: "0 */6 * * *" clusterName: "" label: "" From f7cd8885592500c15b895307b7efdd25a254490e Mon Sep 17 00:00:00 2001 From: Shreyas220 Date: Thu, 14 Mar 2024 02:34:18 +0530 Subject: [PATCH 2/4] updating kiem job to fix tenantId error Signed-off-by: Shreyas220 updating kiem job to fix tenantId error Signed-off-by: Shreyas220 --- accuknox-kiem-job/templates/deployment.yaml | 7 +++---- accuknox-kiem-job/values.yaml | 2 +- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/accuknox-kiem-job/templates/deployment.yaml b/accuknox-kiem-job/templates/deployment.yaml index 236492a..93358fc 100644 --- a/accuknox-kiem-job/templates/deployment.yaml +++ b/accuknox-kiem-job/templates/deployment.yaml @@ -27,19 +27,18 @@ spec: mountPath: /data containers: - image: accuknox/accuknox-job:latest - command: ["/bin/sh", "-c"] - args: ["curl --location --request POST 'https://cspm.dev.accuknox.com/api/v1/artifact/?tenant_id=$TENANT_ID&data_type=KIEM&save_to_s3=false' --header 'Tenant-Id: $TENANT_ID' --header "Authorization: Bearer $AUTH_TOKEN" --form 'file=@"/data/report.json"'"] + command: ['sh', '-c', 'curl --location --request POST "https://cspm.dev.accuknox.com/api/v1/artifact/?tenant_id=${TENANT_ID}&data_type=KIEM&save_to_s3=false" --header "Tenant-Id: ${TENANT_ID}" --header "Authorization: Bearer ${AUTH_TOKEN}" --form "file=@\"/data/report.json\""'] name: accuknox-kiem-cronjob resources: {} env: - name: TENANT_ID - value: {{ .Values.accuknox.tenantId }} + value: {{ .Values.accuknox.tenantID | quote}} - name: AUTH_TOKEN value: {{ .Values.accuknox.authToken }} - name: CLUSTER_NAME value: {{ .Values.accuknox.clusterName }} - name: LABEL_NAME - value: {{ .Values.accuknox.z }} + value: {{ .Values.accuknox.label }} volumeMounts: - mountPath: /data name: datapath diff --git a/accuknox-kiem-job/values.yaml b/accuknox-kiem-job/values.yaml index 52386b9..53982d1 100644 --- a/accuknox-kiem-job/values.yaml +++ b/accuknox-kiem-job/values.yaml @@ -6,7 +6,7 @@ replicaCount: 1 accuknox: authToken: "NO-TOKEN-SET" - tenantId: "" + tenantID: "" cronTab: "0 */6 * * *" clusterName: "" label: "" From 97698f69414bf447b452114f7f0c1782cd2e1c7d Mon Sep 17 00:00:00 2001 From: Shreyas220 Date: Fri, 15 Mar 2024 00:01:09 +0530 Subject: [PATCH 3/4] making url dynamic Signed-off-by: Shreyas220 --- accuknox-kiem-job/templates/deployment.yaml | 6 ++++-- accuknox-kiem-job/values.yaml | 1 + 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/accuknox-kiem-job/templates/deployment.yaml b/accuknox-kiem-job/templates/deployment.yaml index 93358fc..561ab38 100644 --- a/accuknox-kiem-job/templates/deployment.yaml +++ b/accuknox-kiem-job/templates/deployment.yaml @@ -27,12 +27,14 @@ spec: mountPath: /data containers: - image: accuknox/accuknox-job:latest - command: ['sh', '-c', 'curl --location --request POST "https://cspm.dev.accuknox.com/api/v1/artifact/?tenant_id=${TENANT_ID}&data_type=KIEM&save_to_s3=false" --header "Tenant-Id: ${TENANT_ID}" --header "Authorization: Bearer ${AUTH_TOKEN}" --form "file=@\"/data/report.json\""'] + command: ['sh', '-c', 'curl --location --request POST "https://${URL}/api/v1/artifact/?tenant_id=${TENANT_ID}&data_type=KIEM&save_to_s3=false" --header "Tenant-Id: ${TENANT_ID}" --header "Authorization: Bearer ${AUTH_TOKEN}" --form "file=@\"/data/report.json\""'] name: accuknox-kiem-cronjob resources: {} env: + - name: URL + value: {{ .Values.accuknox.url }} - name: TENANT_ID - value: {{ .Values.accuknox.tenantID | quote}} + value: {{ .Values.accuknox.tenantID | quote }} - name: AUTH_TOKEN value: {{ .Values.accuknox.authToken }} - name: CLUSTER_NAME diff --git a/accuknox-kiem-job/values.yaml b/accuknox-kiem-job/values.yaml index 53982d1..ea64b00 100644 --- a/accuknox-kiem-job/values.yaml +++ b/accuknox-kiem-job/values.yaml @@ -6,6 +6,7 @@ replicaCount: 1 accuknox: authToken: "NO-TOKEN-SET" + url: "cspm.dev.accuknox.com" tenantID: "" cronTab: "0 */6 * * *" clusterName: "" From aa1a087bdc2b736a2b111383643f7f28c6ee4303 Mon Sep 17 00:00:00 2001 From: Shreyas220 Date: Fri, 29 Mar 2024 03:19:16 +0530 Subject: [PATCH 4/4] updating values for cis job Signed-off-by: Shreyas220 --- accuknox-cis-k8s/templates/cis-job.yaml | 6 +++--- accuknox-cis-k8s/values.yaml | 2 +- accuknox-k8tls-job/values.yaml | 3 ++- accuknox-kiem-job/templates/deployment.yaml | 4 ++-- accuknox-kiem-job/values.yaml | 2 +- 5 files changed, 9 insertions(+), 8 deletions(-) diff --git a/accuknox-cis-k8s/templates/cis-job.yaml b/accuknox-cis-k8s/templates/cis-job.yaml index 1142980..1de80c0 100644 --- a/accuknox-cis-k8s/templates/cis-job.yaml +++ b/accuknox-cis-k8s/templates/cis-job.yaml @@ -13,7 +13,7 @@ spec: containers: - image: accuknox/accuknox-job:latest command: ["/bin/sh", "-c"] - args: ["curl --location --request POST 'https://$ENV_URL/api/v1/artifact/?tenant_id=$TENANT_ID&data_type=KB&save_to_s3=true'" --header "Authorization: Bearer $AUTH_TOKEN" --form 'file=@"./data/report.json"'] + args: ["curl --location --request POST 'https://cspm.$ENV_URL.accuknox.com/api/v1/artifact/?tenant_id=$TENANT_ID&data_type=KB&save_to_s3=true'" --header "Authorization: Bearer $AUTH_TOKEN" --form 'file=@"./data/report.json"'] name: accuknox-cis-cronjob resources: {} env: @@ -26,9 +26,9 @@ spec: - name: CLUSTER_ID value: {{ .Values.accuknox.clusterId }} - name: TENANT_ID - value: {{ .Values.accuknox.tenantId }} + value: {{ .Values.accuknox.tenantId | quote}} - name: ENV_URL - value: {{ .Values.accuknox.envURL }} + value: {{ .Values.accuknox.URL }} volumeMounts: - mountPath: /data name: datapath diff --git a/accuknox-cis-k8s/values.yaml b/accuknox-cis-k8s/values.yaml index 30b7cb7..959481e 100644 --- a/accuknox-cis-k8s/values.yaml +++ b/accuknox-cis-k8s/values.yaml @@ -9,4 +9,4 @@ accuknox: label: "" clusterId: "" tenantId: "" - envURL: "" \ No newline at end of file + URL: "dev" \ No newline at end of file diff --git a/accuknox-k8tls-job/values.yaml b/accuknox-k8tls-job/values.yaml index 1c41ede..a744358 100644 --- a/accuknox-k8tls-job/values.yaml +++ b/accuknox-k8tls-job/values.yaml @@ -6,4 +6,5 @@ accuknox: authToken: "NO-TOKEN-SET" cronTab: "0 */4 * * *" clusterName: "" - label: "" \ No newline at end of file + label: "" + URL: "dev" \ No newline at end of file diff --git a/accuknox-kiem-job/templates/deployment.yaml b/accuknox-kiem-job/templates/deployment.yaml index 561ab38..1b94365 100644 --- a/accuknox-kiem-job/templates/deployment.yaml +++ b/accuknox-kiem-job/templates/deployment.yaml @@ -27,12 +27,12 @@ spec: mountPath: /data containers: - image: accuknox/accuknox-job:latest - command: ['sh', '-c', 'curl --location --request POST "https://${URL}/api/v1/artifact/?tenant_id=${TENANT_ID}&data_type=KIEM&save_to_s3=false" --header "Tenant-Id: ${TENANT_ID}" --header "Authorization: Bearer ${AUTH_TOKEN}" --form "file=@\"/data/report.json\""'] + command: ['sh', '-c', 'curl --location --request POST "https://cspm.${URL}.accuknox.com/api/v1/artifact/?tenant_id=${TENANT_ID}&data_type=KIEM&save_to_s3=false" --header "Tenant-Id: ${TENANT_ID}" --header "Authorization: Bearer ${AUTH_TOKEN}" --form "file=@\"/data/report.json\""'] name: accuknox-kiem-cronjob resources: {} env: - name: URL - value: {{ .Values.accuknox.url }} + value: {{ .Values.accuknox.URL }} - name: TENANT_ID value: {{ .Values.accuknox.tenantID | quote }} - name: AUTH_TOKEN diff --git a/accuknox-kiem-job/values.yaml b/accuknox-kiem-job/values.yaml index ea64b00..e10d3cd 100644 --- a/accuknox-kiem-job/values.yaml +++ b/accuknox-kiem-job/values.yaml @@ -6,7 +6,7 @@ replicaCount: 1 accuknox: authToken: "NO-TOKEN-SET" - url: "cspm.dev.accuknox.com" + URL: "dev" tenantID: "" cronTab: "0 */6 * * *" clusterName: ""