Support in spoc CLI for install /remove apparmor profiles into the local system

[ccojocar]

What would you like to be added:

It would be nice to extend the spoc CLI to install apparmor profiles into the local system. The CLI is able to record apparmor profiles either as YAML definition of ApparmorProfile CR or as a raw profile. It also has the capability to distribute the recorded profiles as OCI container images but it misses any installation capability.

Currently for installation, the user still needs to run separately the apparmor_parse tool. It would be great to provide a seamless experience from spoc CLI.

A new install commands can be added either to install a profile for an executable or as a named profile. The CLI can call the exiting ProfileManager interface method InstallProfile.

The remove command can be also implemented in the same fashion.

Why is this needed:

Improve the user experince when installing the apparmor profile on a local system.

User story covered

[k8s-triage-robot]

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue as fresh with /remove-lifecycle stale
• Close this issue with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

[ccojocar]

/remove-lifecycle stale

[ccojocar]

/remove-lifecycle stale