(feat) add cluster name feature

Author: hi-artem

bundle/manifests/consoledefenders.pcc.paloaltonetworks.com.crd.yaml

@@ -52,6 +52,8 @@ spec:
                 type: object
               defenderConfig:
                 properties:
+                  cluster:
+                    type: string
                   collectPodLabels:
                     default: false
                     type: boolean

bundle/manifests/defenders.pcc.paloaltonetworks.com.crd.yaml

@@ -27,6 +27,8 @@ spec:
                 type: object
               defenderConfig:
                 properties:
+                  cluster:
+                    type: string
                   clusterAddress:
                     type: string
                   collectPodLabels:

config/crd/bases/pcc.paloaltonetworks.com_consoledefenders.yaml

@@ -67,6 +67,8 @@ spec:
               defenderConfig:
                 type: object
                 properties:
+                  cluster:
+                    type: string
                   collectPodLabels:
                     type: boolean
                     default: false

config/crd/bases/pcc.paloaltonetworks.com_defenders.yaml

@@ -42,6 +42,8 @@ spec:
               defenderConfig:
                 type: object
                 properties:
+                  cluster:
+                    type: string
                   clusterAddress:
                     type: string
                   collectPodLabels:

docs/Kubernetes/resource_spec.md

@@ -67,6 +67,9 @@ They are ultimately passed to `twistcli` for YAML generation.
 - **defenderConfig** (PrismaCloudComputeDefenderConfig)  
 Options for installing Defender.
 They are ultimately passed to `twistcli` for YAML generation.
+  - **defenderConfig.cluster** (string)  
+  A cluster name to identify the kubernetes cluster.
+  If no value specified, defender will try to automatically get the cluster name from the cloud provider.
   - **defenderConfig.clusterAddress** (string)  
   Host name used by Defender to verify Console certificate.
   Must be one of the SANs listed at Manage > Defenders > Names.

docs/OpenShift/resource_spec.md

@@ -67,6 +67,9 @@ They are ultimately passed to `twistcli` for YAML generation.
 - **defenderConfig** (PrismaCloudComputeDefenderConfig)  
 Options for installing Defender.
 They are ultimately passed to `twistcli` for YAML generation.
+  - **defenderConfig.cluster** (string)  
+  A cluster name to identify the openshift cluster.
+  If no value specified, defender will try to automatically get the cluster name from the cloud provider.
   - **defenderConfig.clusterAddress** (string)  
   Host name used by Defender to verify Console certificate.
   Must be one of the SANs listed at Manage > Defenders > Names.

roles/consoledefender/tasks/main.yml

@@ -73,6 +73,7 @@
     --user {{ username }}
     --address https://twistlock-console.{{ namespace }}:8083
     --cluster-address twistlock-console
+    {{ ('--cluster ' + defenderConfig.cluster) if defenderConfig.cluster is defined else '' }}
     {{ '--collect-pod-labels' if defenderConfig.collectPodLabels else '' }}
     {{ '--cri' if not defenderConfig.docker else '' }}
     {{ ('--docker-socket-path ' + defenderConfig.dockerSocketPath) if defenderConfig.dockerSocketPath is defined else '' }}

roles/defender/tasks/main.yml

@@ -18,6 +18,7 @@
     --user {{ username }}
     --address {{ defenderConfig.consoleAddress }}
     --cluster-address {{ defenderConfig.clusterAddress }}
+    {{ ('--cluster ' + defenderConfig.cluster) if defenderConfig.cluster is defined else '' }}
     {{ '--collect-pod-labels' if defenderConfig.collectPodLabels else '' }}
     {{ '--cri' if not defenderConfig.docker else '' }}
     {{ ('--docker-socket-path ' + defenderConfig.dockerSocketPath) if defenderConfig.dockerSocketPath is defined else '' }}