The pod enhancer does not consider workload resource types such as ReplicaSet and Deployment. There were several k8s API calls for retrieving throughout the project. This makes it hard to refactor and use the indexer for caching. This is because each API call has to be specific to the object type (e.g. Pod, Job, Deployment...)
Now:
The query logic is refactored with a function named findObject that generically returns metav1.Object. The cached object is also no longer justinterface{} but instead metav1.Object.
In order to associate a pod state change to any owning objects, we use DFS to find all owning objects (usually one) of type metav1.Object. Then the pod enhancer calls specific owning object enhancers to add metadata to the sentry event.
Previously:
The pod enhancer does not consider workload resource types such as
ReplicaSetandDeployment. There were several k8s API calls for retrieving throughout the project. This makes it hard to refactor and use the indexer for caching. This is because each API call has to be specific to the object type (e.g.Pod,Job,Deployment...)Now:
The query logic is refactored with a function named
findObjectthat generically returnsmetav1.Object. The cached object is also no longer justinterface{}but insteadmetav1.Object.In order to associate a pod state change to any owning objects, we use DFS to find all owning objects (usually one) of type
metav1.Object. Then the pod enhancer calls specific owning object enhancers to add metadata to the sentry event.