LFX Mentorship-Kubernetes: PolicyReport output for Falcosidekick

All About LFX Mentorship

Some Basic Understanding

How I went about my project

Falco architecture to get a better understanding
code snippet showing Result that is returned after mapping
code snippet showing how we began :)
code snippet showing initial cluster report create and update logic
struct defined in code that is used as a value in `polreports` map
code snippet showing how policy report is added after checking for namespace
struct with all available config options in types.go
1. kind create cluster --config=kind-config.yaml
2. helm repo add falcosecurity https://falcosecurity.github.io/charts3. helm repo update4. kubectl create -f https://github.com/kubernetes-sigs/wg-policy-prototypes/raw/master/policy-report/crd/v1alpha2/wgpolicyk8s.io_clusterpolicyreports.yaml5. kubectl create -f https://github.com/kubernetes-sigs/wg-policy-prototypes/raw/master/policy-report/crd/v1alpha2/wgpolicyk8s.io_policyreports.yaml6. helm install falco falcosecurity/falco --set falcosidekick.enabled=true --set falcosidekick.policyreport.enabled=true falcosidekick.policyreport.kubeconfig=~/.kube/config falcosidekick.policyreport.failthreshold=3 falcosidekick.policyreport.maxevents=10
7. kubectl port-forward svc/falco-falcosidekick 2801
kubectl get clusterpolicyreportskubectl get policyreports --all-namespaces
kubectl get clusterpolicyreports -o yaml kubectl get policyreports --all-namespaces -o yaml

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store