fixed alert manager indefinite call

kube-tarian · Apr 8, 2024 · e12aa43 · e12aa43
1 parent 120d150
commit e12aa43
Show file tree

Hide file tree

Showing 8 changed files with 34 additions and 14 deletions.
diff --git a/charts/tarian-cluster-agent/templates/tarian-node-agent-daemonset.yaml b/charts/tarian-cluster-agent/templates/tarian-node-agent-daemonset.yaml
@@ -37,10 +37,10 @@ spec:
           mountPath: /sys/fs/bpf
           mountPropagation: Bidirectional
         env:
-        - name: NODE_NAME
-          valueFrom:
-            fieldRef:
-              fieldPath: spec.nodeName
+          - name: NODE_NAME
+            valueFrom:
+              fieldRef:
+                fieldPath: spec.nodeName
       serviceAccountName: {{ .Release.Name }}-node-sa
       volumes:
       - name: host-proc

diff --git a/cmd/tarian-node-agent/cmd/run.go b/cmd/tarian-node-agent/cmd/run.go
@@ -15,6 +15,7 @@ import (
 	"github.com/spf13/cobra"
 )
 
+// Uname contains system uname information.
 type Uname struct {
 	ub syscall.Utsname
 }
@@ -71,7 +72,10 @@ func (c *runCommand) run(_ *cobra.Command, args []string) error {
 		return fmt.Errorf("host proc is not mounted: %w", err)
 	}
 
-	c.setLinuxKernelVersion()
+	if err := c.setLinuxKernelVersion(); err != nil {
+		c.logger.WithError(err).Error("failed to set linux kernel version")
+		return fmt.Errorf("failed to set linux kernel version: %w", err)
+	}
 
 	if err := rlimit.RemoveMemlock(); err != nil {
 		c.logger.Fatal(err)
@@ -100,25 +104,36 @@ func (c *runCommand) run(_ *cobra.Command, args []string) error {
 }
 
 // setLinuxKernelVersion sets the Linux kernel version by parsing the uname information.
-func (c *runCommand) setLinuxKernelVersion() {
+func (c *runCommand) setLinuxKernelVersion() error {
 	u := &Uname{}
 	err := syscall.Uname(&u.ub)
 
 	if err != nil {
-		c.logger.Fatal("error while making syscall to get linux kernel version, err: ", err)
+		c.logger.WithField("error while making syscall to get linux kernel version, err: ", err)
+		return fmt.Errorf("error while making syscall to get linux kernel version: %w", err)
 	}
 
 	linuxKernelVersion := charsToString(u.ub.Release[:])
 	strArr := strings.Split(linuxKernelVersion, ".")
+	if len(strArr) < 3 {
+		c.logger.WithField("version", linuxKernelVersion).Fatal("invalid linux kernel version")
+		return fmt.Errorf("invalid linux kernel version: %s", linuxKernelVersion)
+	}
 	majorVersion := strArr[0]
 	minorVersion := strArr[1]
 	patch := strArr[2]
 	// Split to get the patch version
 	strArr = strings.Split(patch, "-")
+	if len(strArr) < 1 {
+		c.logger.WithField("version", linuxKernelVersion).Fatal("invalid linux patch kernel version")
+		return fmt.Errorf("invalid linux kernel patch version: %s", linuxKernelVersion)
+	}
 	patchVersion := strArr[0]
 	os.Setenv("LINUX_VERSION_MAJOR", majorVersion)
 	os.Setenv("LINUX_VERSION_MINOR", minorVersion)
 	os.Setenv("LINUX_VERSION_PATCH", patchVersion)
+
+	return nil
 }
 
 // charsToString converts an array of int8 to a string.

diff --git a/dev/config/tarian-node-agent/tarian-node-agent.yaml b/dev/config/tarian-node-agent/tarian-node-agent.yaml
@@ -32,10 +32,10 @@ spec:
           mountPath: /sys/fs/bpf
           mountPropagation: Bidirectional
         env:
-        - name: NODE_NAME
-          valueFrom:
-            fieldRef:
-              fieldPath: spec.nodeName
+          - name: NODE_NAME
+            valueFrom:
+              fieldRef:
+                fieldPath: spec.nodeName
       serviceAccountName: tarian-node-agent
       volumes:
       - name: host-proc

diff --git a/go.mod b/go.mod
@@ -111,6 +111,7 @@ require (
 	github.com/nats-io/nkeys v0.3.0 // indirect
 	github.com/nats-io/nuid v1.0.1 // indirect
 	github.com/olekukonko/tablewriter v0.0.5
+	github.com/satori/go.uuid v1.2.0
 	go.opentelemetry.io/otel v1.19.0 // indirect
 	go.opentelemetry.io/otel/trace v1.19.0 // indirect
 	golang.org/x/crypto v0.21.0 // indirect

diff --git a/go.sum b/go.sum
@@ -432,6 +432,8 @@ github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUz
 github.com/rs/cors v1.8.2/go.mod h1:XyqrcTp5zjWr1wsJ8PIRZssZ8b/WMcMf71DJnit4EMU=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts=
+github.com/satori/go.uuid v1.2.0 h1:0uYX9dsZ2yD7q2RtLRtPSdGDWzjeM3TbMJP9utgA0ww=
+github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
 github.com/scylladb/go-set v1.0.2 h1:SkvlMCKhP0wyyct6j+0IHJkBkSZL+TDzZ4E7f7BCcRE=
 github.com/scylladb/go-set v1.0.2/go.mod h1:DkpGd78rljTxKAnTDPFqXSGxvETQnJyuSOQwsHycqfs=
 github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc=

diff --git a/pkg/server/alert_dispatcher.go b/pkg/server/alert_dispatcher.go
@@ -76,11 +76,9 @@ func NewAlertmanagerClient(amURL *url.URL) *client.Alertmanager {
 func (a *AlertDispatcher) LoopSendAlerts(ctx context.Context, es store.EventStore) {
 	for {
 		events, err := es.FindWhereAlertNotSent()
-
 		if err != nil {
 			a.logger.WithError(err).Error("alertdispatcher: error while finding events to alert")
 		}
-
 		for _, event := range events {
 			if event.GetType() == tarianpb.EventTypeViolation || event.GetType() == tarianpb.EventTypeFalcoAlert {
 				err := a.SendAlert(event)
@@ -90,6 +88,7 @@ func (a *AlertDispatcher) LoopSendAlerts(ctx context.Context, es store.EventStor
 					if err != nil {
 						a.logger.WithError(err).Warn("alertdispatcher: error while updating alert sent")
 					}
+					a.logger.Debug("alertdispatcher: AlertSentAt time upated successfully", event.GetUid())
 				}
 			}
 		}

diff --git a/pkg/server/dgraphstore/dgraph_event_store.go b/pkg/server/dgraphstore/dgraph_event_store.go
@@ -338,7 +338,7 @@ func dgraphEventFromPb(pbEvent *tarianpb.Event) (*Event, error) {
 func (d *dgraphEventStore) FindWhereAlertNotSent() ([]*tarianpb.Event, error) {
 	q := fmt.Sprintf(`
 	    {
-			events(func: type(Event)) @filter(not has(event_alert_sent_at)) {
+			events(func: type(Event)) @filter(not eq(event_type, "tarian-detection/detection") AND not has(event_alert_sent_at)) {
 				%s
 			}
 		}

diff --git a/pkg/server/ingestion_worker.go b/pkg/server/ingestion_worker.go
@@ -4,6 +4,7 @@ import (
 	"github.com/kube-tarian/tarian/pkg/protoqueue"
 	"github.com/kube-tarian/tarian/pkg/store"
 	"github.com/kube-tarian/tarian/pkg/tarianpb"
+	uuid "github.com/satori/go.uuid"
 	"github.com/sirupsen/logrus"
 	"google.golang.org/protobuf/types/known/timestamppb"
 )
@@ -54,6 +55,8 @@ func (iw *IngestionWorker) Start() {
 		}
 
 		event.ServerTimestamp = timestamppb.Now()
+		uid := uuid.NewV4()
+		event.Uid = uid.String()
 		err = iw.eventStore.Add(event)
 
 		if err != nil {