Fail cluster creation if audit file is not found

cmd/create.go

@@ -55,7 +55,11 @@ func createCluster(clusterName string) {
 		os.Exit(1)
 	}
 
-	c := internal.GetConfig()
+	c, err := internal.GetConfig()
+	if err != nil {
+		slog.Error("unable to get ktbx configuration", "error", err)
+		os.Exit(1)
+	}
 
 	slog.Debug("ktbx configuration", "data", c)
 

cmd/install_falco.go

@@ -0,0 +1,43 @@
+/*
+Copyright © 2023 Fabrice Jammes [email protected]
+*/
+package cmd
+
+import (
+	"log/slog"
+	"os"
+
+	"github.com/k8s-school/ktbx/resources"
+	"github.com/spf13/cobra"
+)
+
+// falcoCmd represents the argocd command
+var falcoCmd = &cobra.Command{
+	Use:     "falco",
+	Aliases: []string{"fa"},
+	Short:   "Install Falco",
+	Long:    `Install Falco`,
+	Run: func(cmd *cobra.Command, args []string) {
+		slog.Info("Install Falco")
+
+		_, _, err := ExecCmd(resources.FalcoInstallScript, false)
+		if err != nil {
+			slog.Error("Error while installing Falco", "error", err)
+			os.Exit(1)
+		}
+	},
+}
+
+func init() {
+	installCmd.AddCommand(falcoCmd)
+
+	// Here you will define your flags and configuration settings.
+
+	// Cobra supports Persistent Flags which will work for this command
+	// and all subcommands, e.g.:
+	// argocdCmd.PersistentFlags().String("foo", "", "A help for foo")
+
+	// Cobra supports local flags which will only run when this command
+	// is called directly, e.g.:
+	// argocdCmd.Flags().BoolP("toggle", "t", false, "Help message for toggle")
+}

internal/config.go

@@ -4,6 +4,7 @@ Copyright © 2023 NAME HERE <EMAIL ADDRESS>
 package internal
 
 import (
+	"errors"
 	"os"
 	"path"
 	"strings"
@@ -76,15 +77,32 @@ func FormatTemplate(tplStr string, v interface{}) (string, error) {
 	return b.String(), err
 }
 
-func GetConfig() KtbxConfig {
+func GetConfig() (KtbxConfig, error) {
 	c := new(KtbxConfig)
 	defaults.SetDefaults(c)
 	err := viperUnmarshalKey(Kind, c)
-	cobra.CheckErr(err)
+	if err != nil {
+		slog.Error("unable to unmarshal ktbx configuration", "error", err)
+		return *c, err
+	}
+
 	if viper.GetBool("single") {
 		c.Workers = 0
 	}
-	return *c
+
+	info, err := os.Stat(c.AuditPolicy)
+	if err != nil {
+		slog.Error("Audit policy file not found", "file", c.AuditPolicy, "error", err)
+		return *c, errors.New("audit policy file not found: " + c.AuditPolicy)
+	}
+
+	if info.IsDir() {
+		slog.Error("Audit policy file is a directory", "file", c.AuditPolicy)
+		// return error
+		return *c, errors.New("audit policy file is a directory: " + c.AuditPolicy)
+	}
+
+	return *c, nil
 }
 
 func GenerateKindConfigFile(c KtbxConfig) (string, error) {

internal/config_test.go

@@ -50,11 +50,11 @@ func TestGetConfig(t *testing.T) {
 
 	require := require.New(t)
 	ReadConfig()
-	c := GetConfig()
+	c, err := GetConfig()
 	t.Logf("Config: %+v", c)
+	require.NoError(err)
 	require.Equal(uint(1), c.Workers)
 	require.Equal("", c.Cni)
-
 }
 func TestGenerateKindConfigFile(t *testing.T) {
 	teardownSuite := setupSuite(t)

resources/constants.go

@@ -19,6 +19,9 @@ var CiliumInstallScript string
 //go:embed desk.sh
 var DeskRunScript string
 
+//go:embed install-falco.sh
+var FalcoInstallScript string
+
 //go:embed install-helm.sh
 var HelmInstallScript string
 

resources/install-falco.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+
+# Install Helm on the client machine
+
+# @author Fabrice Jammes
+#!/bin/bash
+
+set -euxo pipefail
+
+helm repo add falcosecurity https://falcosecurity.github.io/charts
+helm repo update
+
+echo "Install Falco"
+helm install --replace falco --namespace falco --create-namespace \
+  --set tty=true \
+  --set falcosidekick.enabled=true \
+  --set falcosidekick.webui.enabled=true \
+  falcosecurity/falco
+
+echo "Check that the Falco pods are running"
+kubectl get pods -n falco
+
+echo "Falco pod(s) might need a few seconds to start. Wait until they are ready..."
+kubectl wait pods --for=condition=Ready --all -n falco