Skip to content

Discovery of ConfigMaps and Label Selectors #761

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
achuchev wants to merge 10 commits into from
Closed

Discovery of ConfigMaps and Label Selectors #761

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
7bf26ba
Discovery of ConfigMaps and Label Selectors
Jan 26, 2026
4ab9388
Update the example
Jan 26, 2026
0ec0508
Add ConfigMaps data-gatherer to input.json
Jan 26, 2026
57152cf
Add ConfigMap support to dynamic data gatherer and tests
Jan 26, 2026
afa9ca6
Clarify comment for gathering Kubernetes config maps with specific co…
Jan 27, 2026
7227a47
Add sample ConfigMap for agent discovery and update e2e test script
Jan 28, 2026
dd680c7
Add CONJUR_AUTHENTICATOR_ID to the sample ConfigMap data
Jan 28, 2026
b612f3f
Merge remote-tracking branch 'origin/master' into feature/ark-configm…
Feb 4, 2026
fb2f9ec
Merge branch 'master' into feature/ark-configmaps-discovery
achuchev Feb 4, 2026
bd4e636
Improve error handling for label selector parsing
Feb 4, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions deploy/charts/disco-agent/templates/configmap.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,14 @@ data:
resource-type:
resource: serviceaccounts
version: v1
- kind: k8s-dynamic
name: ark/configmaps
config:
resource-type:
resource: configmaps
version: v1
label-selectors:
- conjur.org/name=conjur-connect-configmap
- kind: k8s-dynamic
name: ark/roles
config:
Expand Down
32 changes: 32 additions & 0 deletions deploy/charts/disco-agent/tests/__snapshot__/configmap_test.yaml.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,14 @@ custom-cluster-description:
resource-type:
resource: serviceaccounts
version: v1
- kind: k8s-dynamic
name: ark/configmaps
config:
resource-type:
resource: configmaps
version: v1
label-selectors:
- conjur.org/name=conjur-connect-configmap
- kind: k8s-dynamic
name: ark/roles
config:
Expand Down Expand Up @@ -133,6 +141,14 @@ custom-cluster-name:
resource-type:
resource: serviceaccounts
version: v1
- kind: k8s-dynamic
name: ark/configmaps
config:
resource-type:
resource: configmaps
version: v1
label-selectors:
- conjur.org/name=conjur-connect-configmap
- kind: k8s-dynamic
name: ark/roles
config:
Expand Down Expand Up @@ -240,6 +256,14 @@ custom-period:
resource-type:
resource: serviceaccounts
version: v1
- kind: k8s-dynamic
name: ark/configmaps
config:
resource-type:
resource: configmaps
version: v1
label-selectors:
- conjur.org/name=conjur-connect-configmap
- kind: k8s-dynamic
name: ark/roles
config:
Expand Down Expand Up @@ -347,6 +371,14 @@ defaults:
resource-type:
resource: serviceaccounts
version: v1
- kind: k8s-dynamic
name: ark/configmaps
config:
resource-type:
resource: configmaps
version: v1
label-selectors:
- conjur.org/name=conjur-connect-configmap
- kind: k8s-dynamic
name: ark/roles
config:
Expand Down
10 changes: 10 additions & 0 deletions examples/machinehub.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,16 @@ data-gatherers:
resource: serviceaccounts
version: v1

# Gather Kubernetes config maps with specific label
- name: ark/configmaps
kind: k8s-dynamic
config:
resource-type:
resource: configmaps
version: v1
label-selectors:
- conjur.org/name=conjur-connect-configmap

# Gather Kubernetes roles
- name: ark/roles
kind: k8s-dynamic
Expand Down
6 changes: 6 additions & 0 deletions examples/machinehub/input.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -123,5 +123,11 @@
"data": {
"items": []
}
},
{
"data-gatherer": "ark/configmaps",
"data": {
"items": []
}
}
]
2 changes: 2 additions & 0 deletions internal/cyberark/dataupload/dataupload.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,8 @@ type Snapshot struct {
Secrets []runtime.Object `json:"secrets"`
// ServiceAccounts is a list of ServiceAccount resources in the cluster.
ServiceAccounts []runtime.Object `json:"serviceaccounts"`
// ConfigMaps is a list of ConfigMap resources in the cluster.
ConfigMaps []runtime.Object `json:"configmaps"`
// Roles is a list of Role resources in the cluster.
Roles []runtime.Object `json:"roles"`
// ClusterRoles is a list of ClusterRole resources in the cluster.
Expand Down
3 changes: 3 additions & 0 deletions pkg/client/client_cyberark.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -186,6 +186,9 @@ var defaultExtractorFunctions = map[string]func(*api.DataReading, *dataupload.Sn
"ark/pods": func(r *api.DataReading, s *dataupload.Snapshot) error {
return extractResourceListFromReading(r, &s.Pods)
},
"ark/configmaps": func(r *api.DataReading, s *dataupload.Snapshot) error {
return extractResourceListFromReading(r, &s.ConfigMaps)
},
}

// convertDataReadings processes a list of DataReadings using the provided
Expand Down
Loading