tetragon

1
// SPDX-License-Identifier: Apache-2.0
2
// Copyright Authors of Tetragon
3

4
package filters
5

6
import (
7
	"context"
8
	"fmt"
9

10
	v1 "github.com/cilium/cilium/pkg/hubble/api/v1"
11
	hubbleFilters "github.com/cilium/cilium/pkg/hubble/filters"
12
	k8sLabels "github.com/cilium/cilium/pkg/k8s/slim/k8s/apis/labels"
13
	"github.com/cilium/tetragon/api/v1/tetragon"
14
)
15

16
// FilterByLabelSelectors returns a FilterFunc. The FilterFunc returns true if and only if any of the
17
// specified selectors select the event. The caller specifies how to extract labels from the event.
18
func FilterByLabelSelectors(labelSelectors []string) (hubbleFilters.FilterFunc, error) {
19
	selectors := make([]k8sLabels.Selector, 0, len(labelSelectors))
20
	for _, selector := range labelSelectors {
21
		s, err := k8sLabels.Parse(selector)
22
		if err != nil {
23
			return nil, err
24
		}
25
		selectors = append(selectors, s)
26
	}
27
	return func(ev *v1.Event) bool {
28
		process := GetProcess(ev)
29
		if process == nil || process.Pod == nil {
30
			return false
31
		}
32
		labels := process.Pod.PodLabels
33
		for _, selector := range selectors {
34
			if selector.Matches(k8sLabels.Set(labels)) {
35
				return true
36
			}
37
		}
38
		return false
39
	}, nil
40
}
41

42
// LabelsFilter implements filtering based on pod labels
43
type LabelsFilter struct{}
44

45
// OnBuildFilter builds a labels filter
46
func (l *LabelsFilter) OnBuildFilter(_ context.Context, filter *tetragon.Filter) ([]hubbleFilters.FilterFunc, error) {
47
	var fs []hubbleFilters.FilterFunc
48

49
	if filter.Labels != nil {
50
		slf, err := FilterByLabelSelectors(filter.Labels)
51
		if err != nil {
52
			return nil, fmt.Errorf("invalid pod label filter: %v", err)
53
		}
54
		fs = append(fs, slf)
55
	}
56
	return fs, nil
57
}
58