Skip to content

Commit 185a266

Browse files
francesco-furlanfrancesco-furlan
authored
chore(shield): add support to rapid_response and response_actions features (#2221)
1 parent f55b2cb commit 185a266

File tree

7 files changed

+90
-9
lines changed

7 files changed

+90
-9
lines changed

charts/shield/Chart.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,5 +13,5 @@ maintainers:
1313
- name: mavimo
1414
email: [email protected]
1515
type: application
16-
version: 1.3.6
16+
version: 1.3.7
1717
appVersion: "1.0.0"

charts/shield/README.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -116,6 +116,7 @@ The following table lists the configurable parameters of the `shield` chart and
116116
| features.investigations.event_forwarder.integrations | | <code>[]</code> |
117117
| features.investigations.event_forwarder.transmit_message_types | | <code>[]</code> |
118118
| features.respond.rapid_response.enabled | | <code>false</code> |
119+
| features.respond.response_actions.enabled | | <code>false</code> |
119120
| features.monitor.app_checks.enabled | | <code>false</code> |
120121
| features.monitor.java_management_extensions.enabled | | <code>false</code> |
121122
| features.monitor.prometheus.enabled | | <code>false</code> |

charts/shield/templates/host/_configmap_helpers.tpl

Lines changed: 13 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,13 @@
88
{{- dict "vulnerability_management" (pick . "host_vulnerability_management" "in_use") | toYaml }}
99
{{- end }}
1010
11-
{{- define "host.configmap.responding" }}
12-
{{- dict "respond" (pick . "rapid_response") | toYaml }}
11+
{{- define "host.configmap.respond" }}
12+
{{- $respond := dict -}}
13+
{{- $featureRespond := get . (include "host.respond_key" .) }}
14+
{{- $rapid_response := dict "rapid_response" (pick $featureRespond.rapid_response "enabled") }}
15+
{{- $respond = merge $respond $rapid_response -}}
16+
{{- $respond = merge $respond (pick .respond "response_actions") -}}
17+
{{- dict "respond" $respond | toYaml }}
1318
{{- end }}
1419
1520
{{- define "host.configmap.detections" }}
@@ -27,9 +32,9 @@
2732
{{- with .Values.features.vulnerability_management }}
2833
{{- $featuresConfig = merge $featuresConfig ((include "host.configmap.vm" .) | fromYaml) }}
2934
{{- end }}
30-
{{- with .Values.features.respond }}
31-
{{- $featuresConfig = merge $featuresConfig ((include "host.configmap.responding" .) | fromYaml) }}
32-
{{- end }}
35+
36+
{{- $featuresConfig = merge $featuresConfig ((include "host.configmap.respond" .Values.features) | fromYaml) }}
37+
3338
{{- with .Values.features.detections }}
3439
{{- $featuresConfig = merge $featuresConfig ((include "host.configmap.detections" .) | fromYaml)}}
3540
{{- end }}
@@ -118,7 +123,9 @@ true
118123
{{- $config := merge $config (dict "http_proxy" (include "host.dragent_proxy_config" . | fromYaml)) }}
119124
{{- end }}
120125
{{- if (include "host.rapid_response_enabled" .) }}
121-
{{- $config = merge $config (dict "rapid_response" (dict "enabled" true)) }}
126+
{{- $respond := get .Values.features (include "host.respond_key" .Values.features) }}
127+
{{- $rapid_response := omit (get $respond "rapid_response") "password" }}
128+
{{- $config = merge $config (dict "rapid_response" $rapid_response) }}
122129
{{- end }}
123130
{{- $config = merge $config (include "host.parse_features" . | fromYaml) }}
124131
{{/* Host Scanner requires setting the host fs mount path variable, but that

charts/shield/templates/host/_helpers.tpl

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -220,9 +220,9 @@ true
220220
If neither is found, it defaults to false.
221221
*/}}
222222
{{- define "host.response_actions_enabled" }}
223-
{{- $feature_respond := dig (include "host.respond_key" .Values.features) (dict) .Values.features }}
223+
{{- $feature_respond := dig "respond" (dict) .Values.features }}
224224
{{- $additional_features := dig "features" (dict) .Values.host.additional_settings }}
225-
{{- $additional_respond := dig (include "host.respond_key" $additional_features) (dict) $additional_features }}
225+
{{- $additional_respond := dig "respond" (dict) $additional_features }}
226226
{{- if hasKey $additional_respond "response_actions" }}
227227
{{- dig "response_actions" "enabled" false $additional_respond -}}
228228
{{- else if hasKey $feature_respond "response_actions" }}

charts/shield/tests/host/configmap-host-shield-config_test.yaml

Lines changed: 67 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,8 @@ tests:
2929
respond:
3030
rapid_response:
3131
enabled: false
32+
response_actions:
33+
enabled: false
3234
vulnerability_management:
3335
host_vulnerability_management:
3436
enabled: false
@@ -56,6 +58,8 @@ tests:
5658
respond:
5759
rapid_response:
5860
enabled: false
61+
response_actions:
62+
enabled: false
5963
vulnerability_management:
6064
host_vulnerability_management:
6165
enabled: false
@@ -83,6 +87,8 @@ tests:
8387
respond:
8488
rapid_response:
8589
enabled: false
90+
response_actions:
91+
enabled: false
8692
vulnerability_management:
8793
host_vulnerability_management:
8894
enabled: false
@@ -110,6 +116,8 @@ tests:
110116
respond:
111117
rapid_response:
112118
enabled: false
119+
response_actions:
120+
enabled: false
113121
vulnerability_management:
114122
host_vulnerability_management:
115123
enabled: true
@@ -137,6 +145,8 @@ tests:
137145
respond:
138146
rapid_response:
139147
enabled: false
148+
response_actions:
149+
enabled: false
140150
vulnerability_management:
141151
host_vulnerability_management:
142152
enabled: false
@@ -159,6 +169,8 @@ tests:
159169
respond:
160170
rapid_response:
161171
enabled: false
172+
response_actions:
173+
enabled: false
162174
vulnerability_management:
163175
host_vulnerability_management:
164176
enabled: false
@@ -189,6 +201,8 @@ tests:
189201
respond:
190202
rapid_response:
191203
enabled: false
204+
response_actions:
205+
enabled: false
192206
vulnerability_management:
193207
host_vulnerability_management:
194208
enabled: true
@@ -218,6 +232,8 @@ tests:
218232
respond:
219233
rapid_response:
220234
enabled: false
235+
response_actions:
236+
enabled: false
221237
vulnerability_management:
222238
host_vulnerability_management:
223239
enabled: true
@@ -231,7 +247,25 @@ tests:
231247
respond:
232248
rapid_response:
233249
enabled: true
250+
password: test1234
234251
asserts:
252+
- notMatchRegex:
253+
path: data['dragent.yaml']
254+
pattern: |-
255+
rapid_response:
256+
enabled: true
257+
password: test1234
258+
- notMatchRegex:
259+
path: data['host-shield.yaml']
260+
pattern: |-
261+
rapid_response:
262+
enabled: true
263+
password: test1234
264+
- matchRegex:
265+
path: data['dragent.yaml']
266+
pattern: |-
267+
rapid_response:
268+
enabled: true
235269
- matchRegex:
236270
path: data['host-shield.yaml']
237271
pattern: |-
@@ -245,6 +279,37 @@ tests:
245279
respond:
246280
rapid_response:
247281
enabled: true
282+
response_actions:
283+
enabled: false
284+
vulnerability_management:
285+
host_vulnerability_management:
286+
enabled: false
287+
in_use:
288+
enabled: false
289+
integration_enabled: false
290+
291+
- it: Enable Response Actions
292+
set:
293+
features:
294+
respond:
295+
response_actions:
296+
enabled: true
297+
asserts:
298+
- matchRegex:
299+
path: data['host-shield.yaml']
300+
pattern: |-
301+
features:
302+
detections:
303+
ml_policies:
304+
enabled: false
305+
posture:
306+
host_posture:
307+
enabled: false
308+
respond:
309+
rapid_response:
310+
enabled: false
311+
response_actions:
312+
enabled: true
248313
vulnerability_management:
249314
host_vulnerability_management:
250315
enabled: false
@@ -272,6 +337,8 @@ tests:
272337
respond:
273338
rapid_response:
274339
enabled: false
340+
response_actions:
341+
enabled: false
275342
vulnerability_management:
276343
host_vulnerability_management:
277344
enabled: false

charts/shield/tests/host/secrets_test.yaml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,3 +23,7 @@ tests:
2323
apiVersion: v1
2424
name: release-name-shield-host-rapid-response
2525
namespace: shield-namespace
26+
- equal:
27+
path: data.password
28+
decodeBase64: true
29+
value: "abc123"

charts/shield/values.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -140,6 +140,8 @@ features:
140140
respond:
141141
rapid_response:
142142
enabled: false
143+
response_actions:
144+
enabled: false
143145
monitor:
144146
app_checks:
145147
enabled: false

0 commit comments

Comments
 (0)