From 66fba269145cf9ffc0dc79935c0b0b6b57479517 Mon Sep 17 00:00:00 2001 From: Andrei Ivantsov Date: Tue, 3 Dec 2024 22:23:26 +0100 Subject: [PATCH 1/3] Fix collection of node host names for apparmor profile distribution --- content/en/docs/tutorials/security/apparmor.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/en/docs/tutorials/security/apparmor.md b/content/en/docs/tutorials/security/apparmor.md index eb56dc9c85..4c27c9d2cc 100644 --- a/content/en/docs/tutorials/security/apparmor.md +++ b/content/en/docs/tutorials/security/apparmor.md @@ -132,7 +132,7 @@ discussed in [Setting up nodes with profiles](#setting-up-nodes-with-profiles). ```shell # This example assumes that node names match host names, and are reachable via SSH. -NODES=($(kubectl get nodes -o name)) +NODES=($(kubectl get nodes -o name | cut -d/ -f2)) for NODE in ${NODES[*]}; do ssh $NODE 'sudo apparmor_parser -q < From f3e97aac9c2a5b904f93e535560f65e8604e5083 Mon Sep 17 00:00:00 2001 From: Andrei Ivantsov Date: Wed, 4 Dec 2024 11:23:54 +0100 Subject: [PATCH 2/3] Use jsonpath to extract hostname for AppArmor profile distribution Co-authored-by: Tim Bannister --- content/en/docs/tutorials/security/apparmor.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/en/docs/tutorials/security/apparmor.md b/content/en/docs/tutorials/security/apparmor.md index 4c27c9d2cc..e51f110c0d 100644 --- a/content/en/docs/tutorials/security/apparmor.md +++ b/content/en/docs/tutorials/security/apparmor.md @@ -132,7 +132,7 @@ discussed in [Setting up nodes with profiles](#setting-up-nodes-with-profiles). ```shell # This example assumes that node names match host names, and are reachable via SSH. -NODES=($(kubectl get nodes -o name | cut -d/ -f2)) +NODES=($( kubectl get node -o jsonpath='{.items[].status.addresses[?(.type == "Hostname")].address}' )) for NODE in ${NODES[*]}; do ssh $NODE 'sudo apparmor_parser -q < From 633e85b9caf443f326c657759cd27ec8cbfc1eb0 Mon Sep 17 00:00:00 2001 From: Andrei Ivantsov Date: Wed, 4 Dec 2024 11:29:16 +0100 Subject: [PATCH 3/3] Update apparmor.md --- content/en/docs/tutorials/security/apparmor.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/en/docs/tutorials/security/apparmor.md b/content/en/docs/tutorials/security/apparmor.md index e51f110c0d..d4e51d35b7 100644 --- a/content/en/docs/tutorials/security/apparmor.md +++ b/content/en/docs/tutorials/security/apparmor.md @@ -132,7 +132,7 @@ discussed in [Setting up nodes with profiles](#setting-up-nodes-with-profiles). ```shell # This example assumes that node names match host names, and are reachable via SSH. -NODES=($( kubectl get node -o jsonpath='{.items[].status.addresses[?(.type == "Hostname")].address}' )) +NODES=($( kubectl get node -o jsonpath='{.items[*].status.addresses[?(.type == "Hostname")].address}' )) for NODE in ${NODES[*]}; do ssh $NODE 'sudo apparmor_parser -q <