From 1ceac2a0a04dd0c20f3dc646a2c33a9255552f66 Mon Sep 17 00:00:00 2001
From: Bezalel Brandwine <bbrandwine@armosec.io>
Date: Tue, 7 Dec 2021 12:48:45 +0200
Subject: [PATCH 1/2] take node list from core v1

---
 hostsensorutils/hostsensordeploy.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/hostsensorutils/hostsensordeploy.go b/hostsensorutils/hostsensordeploy.go
index 6911da56..83a6d020 100644
--- a/hostsensorutils/hostsensordeploy.go
+++ b/hostsensorutils/hostsensordeploy.go
@@ -39,7 +39,7 @@ func NewHostSensorHandler(k8sObj *k8sinterface.KubernetesApi) (*HostSensorHandle
 		gracePeriod:        int64(15),
 	}
 	// Don't deploy on cluster with no nodes. Some cloud providers prevents termination of K8s objects for cluster with no nodes!!!
-	if nodeList, err := k8sObj.KubernetesClient.NodeV1().RuntimeClasses().List(k8sObj.Context, metav1.ListOptions{}); err != nil || len(nodeList.Items) == 0 {
+	if nodeList, err := k8sObj.KubernetesClient.CoreV1().Nodes().List(k8sObj.Context, metav1.ListOptions{}); err != nil || len(nodeList.Items) == 0 {
 		if err == nil {
 			err = fmt.Errorf("no nodes to scan")
 		}
@@ -137,7 +137,7 @@ func (hsh *HostSensorHandler) checkPodForEachNode() error {
 		if time.Now().After(deadline) {
 			return fmt.Errorf("host-sensor pods number (%d) differ than nodes number (%d) after deadline exceded", podsNum, len(nodesList.Items))
 		}
-		time.Sleep(500 * time.Millisecond)
+		time.Sleep(100 * time.Millisecond)
 	}
 	return nil
 }

From 420e49196336b1dc17b8902047f16463f3077149 Mon Sep 17 00:00:00 2001
From: Bezalel Brandwine <bbrandwine@armosec.io>
Date: Wed, 8 Dec 2021 08:58:07 +0200
Subject: [PATCH 2/2] add some more host sensor data

---
 hostsensorutils/hostsensorgetfrompod.go | 91 +++++++++++++++++++++++++
 1 file changed, 91 insertions(+)

diff --git a/hostsensorutils/hostsensorgetfrompod.go b/hostsensorutils/hostsensorgetfrompod.go
index 509eb747..865bf276 100644
--- a/hostsensorutils/hostsensorgetfrompod.go
+++ b/hostsensorutils/hostsensorgetfrompod.go
@@ -83,6 +83,66 @@ func (hsh *HostSensorHandler) sendAllPodsHTTPGETRequest(path string) ([]HostSens
 	return res, nil
 }
 
+// return list of
+func (hsh *HostSensorHandler) GetOpenPortsList() ([]HostSensorDataEnvelope, error) {
+	// loop over pods and port-forward it to each of them
+	res, err := hsh.sendAllPodsHTTPGETRequest("/openedPorts")
+	for resIdx := range res {
+		res[resIdx].GroupVersionResource.Resource = "OpenPortsList"
+		res[resIdx].GroupVersionResource.Group = "hostdata.armo.cloud"
+		res[resIdx].GroupVersionResource.Version = "v1beta0"
+	}
+	return res, err
+}
+
+// return list of
+func (hsh *HostSensorHandler) GetLinuxSecurityHardeningStatus() ([]HostSensorDataEnvelope, error) {
+	// loop over pods and port-forward it to each of them
+	res, err := hsh.sendAllPodsHTTPGETRequest("/linuxSecurityHardening")
+	for resIdx := range res {
+		res[resIdx].GroupVersionResource.Resource = "LinuxSecurityHardeningStatus"
+		res[resIdx].GroupVersionResource.Group = "hostdata.armo.cloud"
+		res[resIdx].GroupVersionResource.Version = "v1beta0"
+	}
+	return res, err
+}
+
+// return list of
+func (hsh *HostSensorHandler) GetKubeletCommandLine() ([]HostSensorDataEnvelope, error) {
+	// loop over pods and port-forward it to each of them
+	res, err := hsh.sendAllPodsHTTPGETRequest("/kubeletCommandLine")
+	for resIdx := range res {
+		res[resIdx].GroupVersionResource.Resource = "KubeletCommandLine"
+		res[resIdx].GroupVersionResource.Group = "hostdata.armo.cloud"
+		res[resIdx].GroupVersionResource.Version = "v1beta0"
+	}
+	return res, err
+}
+
+// return list of
+func (hsh *HostSensorHandler) GetKernelVersion() ([]HostSensorDataEnvelope, error) {
+	// loop over pods and port-forward it to each of them
+	res, err := hsh.sendAllPodsHTTPGETRequest("/kernelVersion")
+	for resIdx := range res {
+		res[resIdx].GroupVersionResource.Resource = "KernelVersion"
+		res[resIdx].GroupVersionResource.Group = "hostdata.armo.cloud"
+		res[resIdx].GroupVersionResource.Version = "v1beta0"
+	}
+	return res, err
+}
+
+// return list of
+func (hsh *HostSensorHandler) GetOsReleaseFile() ([]HostSensorDataEnvelope, error) {
+	// loop over pods and port-forward it to each of them
+	res, err := hsh.sendAllPodsHTTPGETRequest("/osRelease")
+	for resIdx := range res {
+		res[resIdx].GroupVersionResource.Resource = "OsReleaseFile"
+		res[resIdx].GroupVersionResource.Group = "hostdata.armo.cloud"
+		res[resIdx].GroupVersionResource.Version = "v1beta0"
+	}
+	return res, err
+}
+
 // return list of
 func (hsh *HostSensorHandler) GetKubeletConfigurations() ([]HostSensorDataEnvelope, error) {
 	// loop over pods and port-forward it to each of them
@@ -119,6 +179,37 @@ func (hsh *HostSensorHandler) CollectResources() ([]HostSensorDataEnvelope, erro
 		return kcData, err
 	}
 	res = append(res, kcData...)
+	//
+	kcData, err = hsh.GetKubeletCommandLine()
+	if err != nil {
+		return kcData, err
+	}
+	res = append(res, kcData...)
+	//
+	kcData, err = hsh.GetOsReleaseFile()
+	if err != nil {
+		return kcData, err
+	}
+	res = append(res, kcData...)
+	//
+	kcData, err = hsh.GetKernelVersion()
+	if err != nil {
+		return kcData, err
+	}
+	res = append(res, kcData...)
+	//
+	kcData, err = hsh.GetLinuxSecurityHardeningStatus()
+	if err != nil {
+		return kcData, err
+	}
+	res = append(res, kcData...)
+	//
+	kcData, err = hsh.GetOpenPortsList()
+	if err != nil {
+		return kcData, err
+	}
+	res = append(res, kcData...)
+	// finish
 	cautils.SuccessTextDisplay("Read host information from host sensor")
 	return res, nil
 }