kubearmor-client

command module

v1.2.1 Latest Latest Go to latest Published: Mar 26, 2024 License: Apache-2.0 Imports: 1 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kubearmor/kubearmor-client

Links

Open Source Insights

README ¶

karmor

karmor is a client tool to help manage KubeArmor.

Installation

curl -sfL http://get.kubearmor.io/ | sudo sh -s -- -b /usr/local/bin

Installing From Source

Build karmor from source if you want to test the latest (pre-release) karmor version.

git clone https://github.com/kubearmor/kubearmor-client.git
cd kubearmor-client
make install

Steps to Verify the Binary (Recommended)

We sign all releases with cosign, therefore we recommend verifying karmor tarball prior to its installation.

Below are the instructions to verify the binary using cosign for version v1.1.0.

Use an environment variable to set the karmor version

export KARMOR_VERSION="1.1.0"

Download released tarball, certificate, and signature files

Download Details

curl -LO https://github.com/kubearmor/kubearmor-client/releases/download/v${KARMOR_VERSION}/karmor_${KARMOR_VERSION}_linux_amd64.tar.gz

curl -LO https://github.com/kubearmor/kubearmor-client/releases/download/v${KARMOR_VERSION}/karmor_${KARMOR_VERSION}_linux_amd64.tar.gz.cert

curl -LO https://github.com/kubearmor/kubearmor-client/releases/download/v${KARMOR_VERSION}/karmor_${KARMOR_VERSION}_linux_amd64.tar.gz.sig

Verify the released tarball integrity with cosign

Verification Details

cosign verify-blob karmor_${KARMOR_VERSION}_linux_amd64.tar.gz --certificate-identity=https://github.com/kubearmor/kubearmor-client/.github/workflows/release.yml@refs/tags/v${KARMOR_VERSION} --certificate-oidc-issuer=https://token.actions.githubusercontent.com --signature karmor_${KARMOR_VERSION}_linux_amd64.tar.gz.sig --certificate karmor_${KARMOR_VERSION}_linux_amd64.tar.gz.cert

Usage

CLI Utility to help manage KubeArmor

KubeArmor is a container-aware runtime security enforcement system that
restricts the behavior (such as process execution, file access, and networking
operation) of containers at the system level.

Usage:
  karmor [command]

Available Commands:
  completion  Generate the autocompletion script for the specified shell
  help        Help about any command
  install     Install KubeArmor in a Kubernetes Cluster
  logs        Observe Logs from KubeArmor
  probe       Checks for supported KubeArmor features in the current environment
  profile     Profiling of logs
  recommend   Recommend Policies
  rotate-tls  Rotate webhook controller tls certificates
  selfupdate  selfupdate this cli tool
  sysdump     Collect system dump information for troubleshooting and error report
  uninstall   Uninstall KubeArmor from a Kubernetes Cluster
  version     Display version information
  vm          VM commands for kvmservice

Flags:
      --context string      Name of the kubeconfig context to use
  -h, --help                help for karmor
      --kubeconfig string   Path to the kubeconfig file to use

Use "karmor [command] --help" for more information about a command.

License

Documentation ¶

Overview ¶

Package main is responsible for the execution of CLI

Source Files ¶

View all Source files

main.go

Directories ¶

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

Path	Synopsis
cmd Package cmd is the collection of all the subcommands available in kArmor while providing relevant options for the same	Package cmd is the collection of all the subcommands available in kArmor while providing relevant options for the same
deployment Package deployment contains configuration for the daemonset deployment we leverage to probe into k8s cluster	Package deployment contains configuration for the daemonset deployment we leverage to probe into k8s cluster
hacks Package hacks close the file	Package hacks close the file
install Package install is responsible for installation and uninstallation of KubeArmor while autogenerating the configuration	Package install is responsible for installation and uninstallation of KubeArmor while autogenerating the configuration
k8s Package k8s contains helper functions to establlish connection and communicate with k8s apis	Package k8s contains helper functions to establlish connection and communicate with k8s apis
log Package log connects and observes telemetry from KubeArmor	Package log connects and observes telemetry from KubeArmor
probe Package probe helps check compatibility of KubeArmor in a given environment	Package probe helps check compatibility of KubeArmor in a given environment
profile Package profile to fetch logs	Package profile to fetch logs
Client Package profileclient to handle profiling of kubearmor telemetry events	Package profileclient to handle profiling of kubearmor telemetry events
recommend Package recommend provides policies by policy generators	Package recommend provides policies by policy generators
common Package common contains object types used by multiple packages	Package common contains object types used by multiple packages
engines Package engines provides interfaces and implementations for policy generation	Package engines provides interfaces and implementations for policy generation
engines/generic_policies Package genericpolicies is responsible for creating and managing policies based on policy generator	Package genericpolicies is responsible for creating and managing policies based on policy generator
image Package image scan and provide image info	Package image scan and provide image info
registry Package registry contains scanner for image info	Package registry contains scanner for image info
report Package report package	Package report package
rotatetls Package rotatetls rotates webhook controller tls certificates	Package rotatetls rotates webhook controller tls certificates
selfupdate Package selfupdate exposes KubeArmor build details and provides interface to check and update the CLI itself	Package selfupdate exposes KubeArmor build details and provides interface to check and update the CLI itself
sysdump Package sysdump collects and dumps information for troubleshooting KubeArmor	Package sysdump collects and dumps information for troubleshooting KubeArmor
utils Package utils provides utility for port forwarding.	Package utils provides utility for port forwarding.
version Package version checks the current CLI version and if there's a need to update it	Package version checks the current CLI version and if there's a need to update it
vm Package vm contains interfaces to setup or communicate with KubeArmor running in either systemd mode or with KVM Service	Package vm contains interfaces to setup or communicate with KubeArmor running in either systemd mode or with KVM Service
protobuf