import os
import playbooks
from playbooks import infrastructure
playbook = playbooks.TaintNode(infrastructure.KubernetesClient(),
os.environ.get('TAINT_KEY', 'falco/alert'),
os.environ.get('TAINT_VALUE', 'true'),
os.environ.get('TAINT_EFFECT', 'NoSchedule'))
def handler(event, context):
playbook.run(playbooks.falco_alert(event))
import playbooks
from playbooks import infrastructure
playbook = playbooks.NetworkIsolatePod(
infrastructure.KubernetesClient()
)
def handler(event, context):
playbook.run(playbooks.falco_alert(event))
from mamba import description, context, it, before
from expects import expect, be_false, be_true, start_with, equal, have_key, be_none
import subprocess
import os.path
import time
from playbooks import infrastructure
with description(infrastructure.KubernetesClient) as self:
with before.each:
self.kubernetes_client = infrastructure.KubernetesClient()
with context('when checking if a pod exists'):
with before.each:
self._create_nginx_pod()
with context('and pod exists'):
with it('returns true'):
expect(self.kubernetes_client.exists_pod('nginx')).to(be_true)
with context('and pod does not exist'):
with it('returns false'):
self.kubernetes_client.delete_pod('nginx')
expect(self.kubernetes_client.exists_pod('nginx')).to(be_false)
with it('finds node running pod'):
self._create_nginx_pod()
node = self.kubernetes_client.find_node_running_pod('nginx')
import playbooks
from playbooks import infrastructure
playbook = playbooks.DeletePod(infrastructure.KubernetesClient())
def handler(event, context):
playbook.run(playbooks.falco_alert(event))
import playbooks
from playbooks import infrastructure
subscriber = playbooks.AlertSubscriber.create_from_environment_variables(
playbooks.NetworkIsolatePod(infrastructure.KubernetesClient()))
def handler(event, context):
subscriber.receive(event)