OCPBUGS-13768: Updated SPO profilerecording procedures

sheriff-rh · sheriff-rh · commit 957ef391f884 · 2023-05-19T09:29:15.000-04:00
diff --git a/modules/spo-container-profile-instances.adoc b/modules/spo-container-profile-instances.adoc
@@ -7,11 +7,13 @@ ifeval::["{context}" == "spo-seccomp"]
 :seccomp:
 :type: seccomp
 :kind: SeccompProfile
+:object: seccompprofiles
 endif::[]
 ifeval::["{context}" == "spo-selinux"]
 :selinux:
 :type: SELinux
 :kind: SelinuxProfile
+:object: selinuxprofiles
 endif::[]
 
 :_content-type: PROCEDURE
@@ -83,32 +85,34 @@ $ oc delete profilerecording test-recording
 
 . To start the merge operation and generate the results profile, run the following command:
 +
-[source,terminal]
+[source,terminal,subs="attributes+"]
 ----
-$ oc get sp -lspo.x-k8s.io/recording-id=test-recording
+$ oc get {object} -lspo.x-k8s.io/recording-id=test-recording
 ----
 +
 .Example output
 [source,terminal]
 ----
-NAME                          STATUS      AGE
-test-recording-nginx-record   Installed   17m
+NAME                          USAGE                                         STATE
+test-recording-nginx-record   test-recording-nginx-record_mytest1.process   Installed
 ----
 
-. To view the syscalls used by any of the containers, run the following command:
+. To view the permissions used by any of the containers, run the following command:
 +
-[source,terminal]
+[source,terminal,subs="attributes+"]
 ----
-$ oc get sp test-recording-nginx-record -o yaml
+$ oc get {object} test-recording-nginx-record -o yaml
 ----
 
 ifeval::["{context}" == "spo-seccomp"]
 :!seccomp:
 :!type:
 :!kind:
+:!object:
 endif::[]
 ifeval::["{context}" == "spo-selinux"]
 :!selinux:
 :!type:
 :!kind:
+:!object:
 endif::[]
diff --git a/modules/spo-recording-profiles.adoc b/modules/spo-recording-profiles.adoc
@@ -7,13 +7,16 @@ ifeval::["{context}" == "spo-seccomp"]
 :seccomp:
 :type: seccomp
 :kind: SeccompProfile
+:object: seccompprofiles
 endif::[]
 ifeval::["{context}" == "spo-selinux"]
 :selinux:
 :type: SELinux
 :kind: SelinuxProfile
+:object: selinuxprofiles
 endif::[]
 
+
 :_content-type: PROCEDURE
 [id="spo-recording-profiles_{context}"]
 = Recording profiles from workloads
@@ -94,10 +97,9 @@ $ oc -n openshift-security-profiles logs --since=1m --selector name=spod -c log-
 ----
 +
 .Example output
-[source,terminal]
+[source,terminal,subs="attributes+"]
 ----
-…
-I0705 12:08:18.729660 1843190 enricher.go:136] log-enricher "msg"="audit"  "container"="redis" "executable"="/usr/local/bin/redis-server" "namespace"="default" "node"="127.0.0.1" "pid"=1847839 "pod"="my-pod" "syscallID"=232 "syscallName"="epoll_wait" "timestamp"="1625486870.273:187492" "type"="{type}"
+I0517 13:55:36.383187  348295 enricher.go:376] log-enricher "msg"="audit" "container"="redis" "namespace"="my-namespace" "node"="ip-10-0-189-53.us-east-2.compute.internal" "perm"="name_bind" "pod"="my-pod" "profile"="test-recording_redis_6kmrb_1684331729" "scontext"="system_u:system_r:selinuxrecording.process:s0:c4,c27" "tclass"="tcp_socket" "tcontext"="system_u:object_r:redis_port_t:s0" "timestamp"="1684331735.105:273965" "type"="{type}"
 ----
 
 .Verification
@@ -111,26 +113,28 @@ $ oc -n openshift-security-profiles delete pod my-pod
 
 . Confirm the Security Profiles Operator reconciles the two {type} profiles:
 +
-[source,terminal]
+[source,terminal,subs="attributes+"]
 ----
-$ oc -n openshift-security-profiles get sp
+$ oc get {object} -n my-namespace
 ----
 +
 .Example output
 [source,terminal]
 ----
-NAME                   STATUS      AGE
-test-recording-nginx   Installed   15s
-test-recording-redis   Installed   15s
+NAME                   USAGE                                       STATE
+test-recording-nginx   test-recording-nginx_my-namespace.process   Installed
+test-recording-redis   test-recording-redis_my-namespace.process   Installed
 ----
 
 ifeval::["{context}" == "spo-seccomp"]
 :!seccomp:
 :!type:
 :!kind:
+:!object:
 endif::[]
 ifeval::["{context}" == "spo-selinux"]
 :!selinux:
 :!type:
 :!kind:
+:!object:
 endif::[]
