From e12aa430077db977980bbbe51940d99d2870b383 Mon Sep 17 00:00:00 2001 From: kumari-anupam <119656911+kumari-anupam@users.noreply.github.com> Date: Mon, 8 Apr 2024 11:59:56 +0530 Subject: [PATCH] fixed alert manager indefinite call --- .../tarian-node-agent-daemonset.yaml | 8 +++---- cmd/tarian-node-agent/cmd/run.go | 21 ++++++++++++++++--- .../tarian-node-agent/tarian-node-agent.yaml | 8 +++---- go.mod | 1 + go.sum | 2 ++ pkg/server/alert_dispatcher.go | 3 +-- pkg/server/dgraphstore/dgraph_event_store.go | 2 +- pkg/server/ingestion_worker.go | 3 +++ 8 files changed, 34 insertions(+), 14 deletions(-) diff --git a/charts/tarian-cluster-agent/templates/tarian-node-agent-daemonset.yaml b/charts/tarian-cluster-agent/templates/tarian-node-agent-daemonset.yaml index d237d189..078450f0 100644 --- a/charts/tarian-cluster-agent/templates/tarian-node-agent-daemonset.yaml +++ b/charts/tarian-cluster-agent/templates/tarian-node-agent-daemonset.yaml @@ -37,10 +37,10 @@ spec: mountPath: /sys/fs/bpf mountPropagation: Bidirectional env: - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName serviceAccountName: {{ .Release.Name }}-node-sa volumes: - name: host-proc diff --git a/cmd/tarian-node-agent/cmd/run.go b/cmd/tarian-node-agent/cmd/run.go index 21026ce6..dff3e0cb 100644 --- a/cmd/tarian-node-agent/cmd/run.go +++ b/cmd/tarian-node-agent/cmd/run.go @@ -15,6 +15,7 @@ import ( "github.com/spf13/cobra" ) +// Uname contains system uname information. type Uname struct { ub syscall.Utsname } @@ -71,7 +72,10 @@ func (c *runCommand) run(_ *cobra.Command, args []string) error { return fmt.Errorf("host proc is not mounted: %w", err) } - c.setLinuxKernelVersion() + if err := c.setLinuxKernelVersion(); err != nil { + c.logger.WithError(err).Error("failed to set linux kernel version") + return fmt.Errorf("failed to set linux kernel version: %w", err) + } if err := rlimit.RemoveMemlock(); err != nil { c.logger.Fatal(err) @@ -100,25 +104,36 @@ func (c *runCommand) run(_ *cobra.Command, args []string) error { } // setLinuxKernelVersion sets the Linux kernel version by parsing the uname information. -func (c *runCommand) setLinuxKernelVersion() { +func (c *runCommand) setLinuxKernelVersion() error { u := &Uname{} err := syscall.Uname(&u.ub) if err != nil { - c.logger.Fatal("error while making syscall to get linux kernel version, err: ", err) + c.logger.WithField("error while making syscall to get linux kernel version, err: ", err) + return fmt.Errorf("error while making syscall to get linux kernel version: %w", err) } linuxKernelVersion := charsToString(u.ub.Release[:]) strArr := strings.Split(linuxKernelVersion, ".") + if len(strArr) < 3 { + c.logger.WithField("version", linuxKernelVersion).Fatal("invalid linux kernel version") + return fmt.Errorf("invalid linux kernel version: %s", linuxKernelVersion) + } majorVersion := strArr[0] minorVersion := strArr[1] patch := strArr[2] // Split to get the patch version strArr = strings.Split(patch, "-") + if len(strArr) < 1 { + c.logger.WithField("version", linuxKernelVersion).Fatal("invalid linux patch kernel version") + return fmt.Errorf("invalid linux kernel patch version: %s", linuxKernelVersion) + } patchVersion := strArr[0] os.Setenv("LINUX_VERSION_MAJOR", majorVersion) os.Setenv("LINUX_VERSION_MINOR", minorVersion) os.Setenv("LINUX_VERSION_PATCH", patchVersion) + + return nil } // charsToString converts an array of int8 to a string. diff --git a/dev/config/tarian-node-agent/tarian-node-agent.yaml b/dev/config/tarian-node-agent/tarian-node-agent.yaml index 39613294..ed58028f 100644 --- a/dev/config/tarian-node-agent/tarian-node-agent.yaml +++ b/dev/config/tarian-node-agent/tarian-node-agent.yaml @@ -32,10 +32,10 @@ spec: mountPath: /sys/fs/bpf mountPropagation: Bidirectional env: - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName serviceAccountName: tarian-node-agent volumes: - name: host-proc diff --git a/go.mod b/go.mod index ac787528..43793560 100644 --- a/go.mod +++ b/go.mod @@ -111,6 +111,7 @@ require ( github.com/nats-io/nkeys v0.3.0 // indirect github.com/nats-io/nuid v1.0.1 // indirect github.com/olekukonko/tablewriter v0.0.5 + github.com/satori/go.uuid v1.2.0 go.opentelemetry.io/otel v1.19.0 // indirect go.opentelemetry.io/otel/trace v1.19.0 // indirect golang.org/x/crypto v0.21.0 // indirect diff --git a/go.sum b/go.sum index 26ae7356..e5a48479 100644 --- a/go.sum +++ b/go.sum @@ -432,6 +432,8 @@ github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUz github.com/rs/cors v1.8.2/go.mod h1:XyqrcTp5zjWr1wsJ8PIRZssZ8b/WMcMf71DJnit4EMU= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= +github.com/satori/go.uuid v1.2.0 h1:0uYX9dsZ2yD7q2RtLRtPSdGDWzjeM3TbMJP9utgA0ww= +github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= github.com/scylladb/go-set v1.0.2 h1:SkvlMCKhP0wyyct6j+0IHJkBkSZL+TDzZ4E7f7BCcRE= github.com/scylladb/go-set v1.0.2/go.mod h1:DkpGd78rljTxKAnTDPFqXSGxvETQnJyuSOQwsHycqfs= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= diff --git a/pkg/server/alert_dispatcher.go b/pkg/server/alert_dispatcher.go index 84f1daa5..894e7323 100644 --- a/pkg/server/alert_dispatcher.go +++ b/pkg/server/alert_dispatcher.go @@ -76,11 +76,9 @@ func NewAlertmanagerClient(amURL *url.URL) *client.Alertmanager { func (a *AlertDispatcher) LoopSendAlerts(ctx context.Context, es store.EventStore) { for { events, err := es.FindWhereAlertNotSent() - if err != nil { a.logger.WithError(err).Error("alertdispatcher: error while finding events to alert") } - for _, event := range events { if event.GetType() == tarianpb.EventTypeViolation || event.GetType() == tarianpb.EventTypeFalcoAlert { err := a.SendAlert(event) @@ -90,6 +88,7 @@ func (a *AlertDispatcher) LoopSendAlerts(ctx context.Context, es store.EventStor if err != nil { a.logger.WithError(err).Warn("alertdispatcher: error while updating alert sent") } + a.logger.Debug("alertdispatcher: AlertSentAt time upated successfully", event.GetUid()) } } } diff --git a/pkg/server/dgraphstore/dgraph_event_store.go b/pkg/server/dgraphstore/dgraph_event_store.go index 016c2eaf..f0fc661b 100644 --- a/pkg/server/dgraphstore/dgraph_event_store.go +++ b/pkg/server/dgraphstore/dgraph_event_store.go @@ -338,7 +338,7 @@ func dgraphEventFromPb(pbEvent *tarianpb.Event) (*Event, error) { func (d *dgraphEventStore) FindWhereAlertNotSent() ([]*tarianpb.Event, error) { q := fmt.Sprintf(` { - events(func: type(Event)) @filter(not has(event_alert_sent_at)) { + events(func: type(Event)) @filter(not eq(event_type, "tarian-detection/detection") AND not has(event_alert_sent_at)) { %s } } diff --git a/pkg/server/ingestion_worker.go b/pkg/server/ingestion_worker.go index 44fb73d0..b7800556 100644 --- a/pkg/server/ingestion_worker.go +++ b/pkg/server/ingestion_worker.go @@ -4,6 +4,7 @@ import ( "github.com/kube-tarian/tarian/pkg/protoqueue" "github.com/kube-tarian/tarian/pkg/store" "github.com/kube-tarian/tarian/pkg/tarianpb" + uuid "github.com/satori/go.uuid" "github.com/sirupsen/logrus" "google.golang.org/protobuf/types/known/timestamppb" ) @@ -54,6 +55,8 @@ func (iw *IngestionWorker) Start() { } event.ServerTimestamp = timestamppb.Now() + uid := uuid.NewV4() + event.Uid = uid.String() err = iw.eventStore.Add(event) if err != nil {