Skip to main content

secureCodeBox Uninstallation

Uninstall Scanner / Hook#

If you want to uninstall every scanner and every hook you can simply delete the namespace in which they were installed (if you did not install any resources you still need in the same namespace).

If you want to uninstall specific scanners or hooks you can delete them via helm. For example if you installed nmap using helm install nmap secureCodeBox/nmap --version v2.0.0-rc.11 you can delete nmap like this:

helm delete nmap

Uninstall CascadingRules#

If you want to delete some CascadingRules you can do so using kubectl. For example if you want to uninstall a Cascading Rule for nmap:

kubectl delete cascadingrules.cascading.securecodebox.io nmap-hostscan 

Uninstall the Operator and Its Roles, ServiceAccounts and RoleBindings#

To uninstall the operator it is not enough to delete the operator via helm because the operator creates Roles, ServiceAccounts and RoleBindings used by parsers, lurkers and hooks in every namespace where scanners and hooks are executed. These cannot be uninstalled via helm because they cannot be referenced via Kubernetes OwnerReferences.

Make sure you delete all scans and uninstall all scanners/hooks before uninstalling the operator to avoid problems. First delete the namespace for the operator:

kubectl delete namespace securecodebox-system

Delete Roles, RoleBindings and ServiceAccounts#

The operator creates ServiceAccounts, Roles and RoleBindings in every namespace where scans / hooks are executed. You will have to delete these manually for each namespace where scans were scheduled. The given examples are valid only for scanners that were executed in the default namespace.

To list the ServiceAccounts, Roles and RoleBings that were created by the operator you can execute the flowing command:

kubectl get roles,rolebindings,serviceaccounts lurker parserNAME                                     CREATED ATrole.rbac.authorization.k8s.io/lurker   2020-10-14T11:15:38Zrole.rbac.authorization.k8s.io/parser    2020-10-14T11:17:54Z
NAME                                            ROLE           AGErolebinding.rbac.authorization.k8s.io/lurker   Role/lurker   85mrolebinding.rbac.authorization.k8s.io/parser    Role/parser    83m
NAME                     SECRETS   AGEserviceaccount/lurker   1         85mserviceaccount/parser    1         83m

To delete the Roles for lurker and parser you can execute the following command:

kubectl delete roles lurker parser

To delete the RoleBindings for lurker and parser you can execute:

kubectl delete rolebindings lurker parser

To delete the ServiceAccounts for lurker and parser you can execute:

kubectl delete serviceaccounts lurker parser

Delete CRDs#

Deleting the namespace of the operator will not delete the Custom Resource Definitions (CRDs) that were defined. To list all CRDs you can execute the following command:

kubectl get crdsNAME                                             CREATED ATcascadingrules.cascading.securecodebox.io        2020-10-14T09:32:19Zparsedefinitions.execution.securecodebox.io      2020-10-14T09:32:19Zscancompletionhooks.execution.securecodebox.io   2020-10-14T09:32:19Zscans.execution.securecodebox.io                 2020-10-14T09:32:19Zscantypes.execution.securecodebox.io             2020-10-14T09:32:19Zscheduledscans.execution.securecodebox.io        2020-10-14T09:32:19Z

To delete these CRDs you can execute the following command:

kubectl delete crd cascadingrules.cascading.securecodebox.io \parsedefinitions.execution.securecodebox.io \scancompletionhooks.execution.securecodebox.io \scans.execution.securecodebox.io \scantypes.execution.securecodebox.io \scheduledscans.execution.securecodebox.io

Delete Volumes#

Some Resources like the elastic stack require a persistent volume. To list all persistent volumes in the default namespace you can execute:

kubectl get pvcNAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                                                 STORAGECLASS   REASON   AGEpvc-6002bffb-51ac-4767-a5a8-9f8834ffa7ec   30Gi       RWO            Delete           Bound    default/elasticsearch-master-elasticsearch-master-0   standard                3h30m

To delete a persistent volume you can execute:

kubectl delete pvc pvc-6002bffb-51ac-4767-a5a8-9f8834ffa7ec