Skip to content

Commit

Permalink
feat: advanced settings
Browse files Browse the repository at this point in the history
  • Loading branch information
mhyson-cs committed Aug 29, 2024
1 parent fe047cd commit 5c3f48f
Show file tree
Hide file tree
Showing 20 changed files with 214 additions and 196 deletions.
28 changes: 14 additions & 14 deletions api/falcon/v1alpha1/unsafe.go → api/falcon/v1alpha1/advanced.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,10 @@ const (
Off = "off"
)

// FalconUnsafe configures various options that go against industry practices or are otherwise not recommended for use.
// FalconAdvanced configures various options that go against industry practices or are otherwise not recommended for use.
// Adjusting these settings may result in incorrect or undesirable behavior. Proceed at your own risk.
// For more information, please see https://github.com/CrowdStrike/falcon-operator/blob/main/UNSAFE.md.
type FalconUnsafe struct {
// For more information, please see https://github.com/CrowdStrike/falcon-operator/blob/main/docs/ADVANCED.md.
type FalconAdvanced struct {
// UpdatePolicy is the name of a sensor update policy configured and enabled in Falcon UI. It is ignored when Image and/or Version are set.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Sensor Update Policy",order=1
UpdatePolicy *string `json:"updatePolicy,omitempty"`
Expand All @@ -24,30 +24,30 @@ type FalconUnsafe struct {
AutoUpdate *string `json:"autoUpdate,omitempty"`
}

func (notSafe FalconUnsafe) GetUpdatePolicy() string {
if notSafe.UpdatePolicy == nil {
func (advanced FalconAdvanced) GetUpdatePolicy() string {
if advanced.UpdatePolicy == nil {
return ""
}

return strings.TrimSpace(*notSafe.UpdatePolicy)
return strings.TrimSpace(*advanced.UpdatePolicy)
}

func (notSafe FalconUnsafe) HasUpdatePolicy() bool {
return notSafe.GetUpdatePolicy() != ""
func (advanced FalconAdvanced) HasUpdatePolicy() bool {
return advanced.GetUpdatePolicy() != ""
}

func (notSafe FalconUnsafe) IsAutoUpdating() bool {
if notSafe.AutoUpdate == nil {
func (advanced FalconAdvanced) IsAutoUpdating() bool {
if advanced.AutoUpdate == nil {
return false
}

return *notSafe.AutoUpdate != "off"
return *advanced.AutoUpdate != "off"
}

func (notSafe FalconUnsafe) IsAutoUpdatingForced() bool {
if notSafe.AutoUpdate == nil {
func (advanced FalconAdvanced) IsAutoUpdatingForced() bool {
if advanced.AutoUpdate == nil {
return false
}

return *notSafe.AutoUpdate == "force"
return *advanced.AutoUpdate == "force"
}
8 changes: 4 additions & 4 deletions api/falcon/v1alpha1/falconcontainer_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -44,11 +44,11 @@ type FalconContainerSpec struct {
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Container Image Version",order=6
Version *string `json:"version,omitempty"`

// FalconUnsafe configures various options that go against industry practices or are otherwise not recommended for use.
// Advanced configures various options that go against industry practices or are otherwise not recommended for use.
// Adjusting these settings may result in incorrect or undesirable behavior. Proceed at your own risk.
// For more information, please see https://github.com/CrowdStrike/falcon-operator/blob/main/UNSAFE.md.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Container Unsafe Settings"
Unsafe FalconUnsafe `json:"unsafe,omitempty"`
// For more information, please see https://github.com/CrowdStrike/falcon-operator/blob/main/docs/ADVANCED.md.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Container Advanced Settings"
Advanced FalconAdvanced `json:"advanced,omitempty"`
}

type FalconContainerInjectorSpec struct {
Expand Down
8 changes: 4 additions & 4 deletions api/falcon/v1alpha1/falconnodesensor_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -104,11 +104,11 @@ type FalconNodeSensorConfig struct {
// Version of the sensor to be installed. The latest version will be selected when this version specifier is missing.
Version *string `json:"version,omitempty"`

// FalconUnsafe configures various options that go against industry practices or are otherwise not recommended for use.
// Advanced configures various options that go against industry practices or are otherwise not recommended for use.
// Adjusting these settings may result in incorrect or undesirable behavior. Proceed at your own risk.
// For more information, please see https://github.com/CrowdStrike/falcon-operator/blob/main/UNSAFE.md.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="DaemonSet Unsafe Settings"
Unsafe FalconUnsafe `json:"unsafe,omitempty"`
// For more information, please see https://github.com/CrowdStrike/falcon-operator/blob/main/docs/ADVANCED.md.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="DaemonSet Advanced Settings"
Advanced FalconAdvanced `json:"advanced,omitempty"`
}

type PriorityClassConfig struct {
Expand Down
54 changes: 27 additions & 27 deletions api/falcon/v1alpha1/zz_generated.deepcopy.go
Original file line number Diff line number Diff line change
Expand Up @@ -537,6 +537,31 @@ func (in *FalconAdmissionUpdateStrategy) DeepCopy() *FalconAdmissionUpdateStrate
return out
}

// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *FalconAdvanced) DeepCopyInto(out *FalconAdvanced) {
*out = *in
if in.UpdatePolicy != nil {
in, out := &in.UpdatePolicy, &out.UpdatePolicy
*out = new(string)
**out = **in
}
if in.AutoUpdate != nil {
in, out := &in.AutoUpdate, &out.AutoUpdate
*out = new(string)
**out = **in
}
}

// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconAdvanced.
func (in *FalconAdvanced) DeepCopy() *FalconAdvanced {
if in == nil {
return nil
}
out := new(FalconAdvanced)
in.DeepCopyInto(out)
return out
}

// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *FalconCRStatus) DeepCopyInto(out *FalconCRStatus) {
*out = *in
Expand Down Expand Up @@ -739,7 +764,7 @@ func (in *FalconContainerSpec) DeepCopyInto(out *FalconContainerSpec) {
*out = new(string)
**out = **in
}
in.Unsafe.DeepCopyInto(&out.Unsafe)
in.Advanced.DeepCopyInto(&out.Advanced)
}

// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconContainerSpec.
Expand Down Expand Up @@ -1033,7 +1058,7 @@ func (in *FalconNodeSensorConfig) DeepCopyInto(out *FalconNodeSensorConfig) {
*out = new(string)
**out = **in
}
in.Unsafe.DeepCopyInto(&out.Unsafe)
in.Advanced.DeepCopyInto(&out.Advanced)
}

// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconNodeSensorConfig.
Expand Down Expand Up @@ -1200,31 +1225,6 @@ func (in *FalconSensor) DeepCopy() *FalconSensor {
return out
}

// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *FalconUnsafe) DeepCopyInto(out *FalconUnsafe) {
*out = *in
if in.UpdatePolicy != nil {
in, out := &in.UpdatePolicy, &out.UpdatePolicy
*out = new(string)
**out = **in
}
if in.AutoUpdate != nil {
in, out := &in.AutoUpdate, &out.AutoUpdate
*out = new(string)
**out = **in
}
}

// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconUnsafe.
func (in *FalconUnsafe) DeepCopy() *FalconUnsafe {
if in == nil {
return nil
}
out := new(FalconUnsafe)
in.DeepCopyInto(out)
return out
}

// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PriorityClassConfig) DeepCopyInto(out *PriorityClassConfig) {
*out = *in
Expand Down
48 changes: 24 additions & 24 deletions config/crd/bases/falcon.crowdstrike.com_falconcontainers.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,30 @@ spec:
spec:
description: FalconContainerSpec defines the desired state of FalconContainer
properties:
advanced:
description: Advanced configures various options that go against industry
practices or are otherwise not recommended for use. Adjusting these
settings may result in incorrect or undesirable behavior. Proceed
at your own risk. For more information, please see https://github.com/CrowdStrike/falcon-operator/blob/main/docs/ADVANCED.md.
properties:
autoUpdate:
description: AutoUpdate determines whether to install new versions
of the sensor as they become available. Defaults to "off" and
is ignored if FalconAPI is not set. Setting this to "force"
causes the reconciler to run on every polling cycle, even if
a new sensor version is not available. Setting it to "normal"
only reconciles when a new version is detected.
enum:
- "off"
- normal
- force
type: string
updatePolicy:
description: UpdatePolicy is the name of a sensor update policy
configured and enabled in Falcon UI. It is ignored when Image
and/or Version are set.
type: string
type: object
falcon:
description: CrowdStrike Falcon Sensor configuration settings.
properties:
Expand Down Expand Up @@ -1924,30 +1948,6 @@ spec:
required:
- type
type: object
unsafe:
description: FalconUnsafe configures various options that go against
industry practices or are otherwise not recommended for use. Adjusting
these settings may result in incorrect or undesirable behavior.
Proceed at your own risk. For more information, please see https://github.com/CrowdStrike/falcon-operator/blob/main/UNSAFE.md.
properties:
autoUpdate:
description: AutoUpdate determines whether to install new versions
of the sensor as they become available. Defaults to "off" and
is ignored if FalconAPI is not set. Setting this to "force"
causes the reconciler to run on every polling cycle, even if
a new sensor version is not available. Setting it to "normal"
only reconciles when a new version is detected.
enum:
- "off"
- normal
- force
type: string
updatePolicy:
description: UpdatePolicy is the name of a sensor update policy
configured and enabled in Falcon UI. It is ignored when Image
and/or Version are set.
type: string
type: object
version:
description: Falcon Container Version. The latest version will be
selected when version specifier is missing; ignored when Image is
Expand Down
50 changes: 25 additions & 25 deletions config/crd/bases/falcon.crowdstrike.com_falconnodesensors.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -138,6 +138,31 @@ spec:
node:
description: Various configuration for DaemonSet Deployment
properties:
advanced:
description: Advanced configures various options that go against
industry practices or are otherwise not recommended for use.
Adjusting these settings may result in incorrect or undesirable
behavior. Proceed at your own risk. For more information, please
see https://github.com/CrowdStrike/falcon-operator/blob/main/docs/ADVANCED.md.
properties:
autoUpdate:
description: AutoUpdate determines whether to install new
versions of the sensor as they become available. Defaults
to "off" and is ignored if FalconAPI is not set. Setting
this to "force" causes the reconciler to run on every polling
cycle, even if a new sensor version is not available. Setting
it to "normal" only reconciles when a new version is detected.
enum:
- "off"
- normal
- force
type: string
updatePolicy:
description: UpdatePolicy is the name of a sensor update policy
configured and enabled in Falcon UI. It is ignored when
Image and/or Version are set.
type: string
type: object
backend:
default: bpf
description: Sets the backend to be used by the DaemonSet Sensor.
Expand Down Expand Up @@ -516,31 +541,6 @@ spec:
type: string
type: object
type: array
unsafe:
description: FalconUnsafe configures various options that go against
industry practices or are otherwise not recommended for use.
Adjusting these settings may result in incorrect or undesirable
behavior. Proceed at your own risk. For more information, please
see https://github.com/CrowdStrike/falcon-operator/blob/main/UNSAFE.md.
properties:
autoUpdate:
description: AutoUpdate determines whether to install new
versions of the sensor as they become available. Defaults
to "off" and is ignored if FalconAPI is not set. Setting
this to "force" causes the reconciler to run on every polling
cycle, even if a new sensor version is not available. Setting
it to "normal" only reconciles when a new version is detected.
enum:
- "off"
- normal
- force
type: string
updatePolicy:
description: UpdatePolicy is the name of a sensor update policy
configured and enabled in Falcon UI. It is ignored when
Image and/or Version are set.
type: string
type: object
updateStrategy:
description: Type of DaemonSet update. Can be "RollingUpdate"
or "OnDelete". Default is RollingUpdate.
Expand Down
Loading

0 comments on commit 5c3f48f

Please sign in to comment.