Merge pull request #1677 from kubescape/remove-tests

remove control_cluster tests
2026-03-02 17:50:26 +00:00 · 2024-05-01 10:21:42 +03:00 · 2024-05-01 10:17:22 +03:00 · 2024-04-30 16:29:32 +03:00 · 2024-04-30 16:28:19 +03:00 · 2024-04-30 16:25:48 +03:00
9 changed files with 67 additions and 26 deletions
--- a/.github/workflows/00-pr-scanner.yaml
+++ b/.github/workflows/00-pr-scanner.yaml
@@ -23,7 +23,6 @@ jobs:
    permissions:
      actions: read
      checks: read
-      contents: read
      deployments: read
      id-token: write
      issues: read
@@ -35,6 +34,7 @@ jobs:
      security-events: read
      statuses: read
      attestations: read
+      contents: write
    uses: ./.github/workflows/a-pr-scanner.yaml
    with:
      RELEASE: ""
@@ -48,7 +48,7 @@ jobs:
    permissions:
      actions: read
      checks: read
-      contents: read
+      contents: write
      deployments: read
      discussions: read
      id-token: write
--- a/.github/workflows/02-release.yaml
+++ b/.github/workflows/02-release.yaml
@@ -19,7 +19,6 @@ jobs:
    permissions:
      actions: read
      checks: read
-      contents: read
      deployments: read
      discussions: read
      id-token: write
@@ -30,6 +29,7 @@ jobs:
      repository-projects: read
      security-events: read
      statuses: read
+      contents: write
      attestations: write
    needs: [retag]
    uses: ./.github/workflows/b-binary-build-and-e2e-tests.yaml
@@ -68,7 +68,6 @@ jobs:
    permissions:
      actions: read
      checks: read
-      contents: read
      deployments: read
      discussions: read
      id-token: write
@@ -80,6 +79,7 @@ jobs:
      security-events: read
      statuses: read
      attestations: read
+      contents: write
    uses: ./.github/workflows/d-publish-image.yaml
    needs: [create-release, retag]
    with:
--- a/.github/workflows/b-binary-build-and-e2e-tests.yaml
+++ b/.github/workflows/b-binary-build-and-e2e-tests.yaml
@@ -30,7 +30,32 @@ on:
      BINARY_TESTS:
        type: string
        required: false
-        default: '["ks_microservice_create_2_cronjob_mitre_and_nsa_proxy", "ks_microservice_triggering_with_cron_job", "ks_microservice_update_cronjob_schedule", "ks_microservice_delete_cronjob", "ks_microservice_create_2_cronjob_mitre_and_nsa", "ks_microservice_ns_creation", "ks_microservice_on_demand", "ks_microservice_mitre_framework_on_demand", "ks_microservice_nsa_and_mitre_framework_demand", "scan_nsa", "scan_mitre", "scan_with_exceptions", "scan_repository", "scan_local_file", "scan_local_glob_files", "scan_local_list_of_files", "scan_with_exception_to_backend", "scan_nsa_and_submit_to_backend", "scan_mitre_and_submit_to_backend", "scan_local_repository_and_submit_to_backend", "scan_repository_from_url_and_submit_to_backend", "scan_with_custom_framework", "scan_customer_configuration", "host_scanner", "scan_compliance_score", "control_cluster_from_CLI_config_scan_exclude_namespaces", "control_cluster_from_CLI_config_scan_include_namespaces", "control_cluster_from_CLI_config_scan_host_scanner_enabled", "control_cluster_from_CLI_config_scan_MITRE_framework", "control_cluster_from_CLI_vulnerabilities_scan_default", "control_cluster_from_CLI_vulnerabilities_scan_include_namespaces"]'
+        default: '[
+          "ks_microservice_create_2_cronjob_mitre_and_nsa_proxy",
+          "ks_microservice_triggering_with_cron_job",
+          "ks_microservice_update_cronjob_schedule",
+          "ks_microservice_delete_cronjob",
+          "ks_microservice_create_2_cronjob_mitre_and_nsa",
+          "ks_microservice_ns_creation",
+          "ks_microservice_on_demand",
+          "ks_microservice_mitre_framework_on_demand",
+          "ks_microservice_nsa_and_mitre_framework_demand",
+          "scan_nsa",
+          "scan_mitre",
+          "scan_with_exceptions",
+          "scan_repository",
+          "scan_local_file",
+          "scan_local_glob_files",
+          "scan_local_list_of_files",
+          "scan_with_exception_to_backend",
+          "scan_nsa_and_submit_to_backend",
+          "scan_mitre_and_submit_to_backend",
+          "scan_local_repository_and_submit_to_backend",
+          "scan_repository_from_url_and_submit_to_backend",
+          "scan_with_custom_framework",
+          "scan_customer_configuration",
+          "scan_compliance_score"
+          ]'

  workflow_call:
    inputs:
@@ -54,7 +79,25 @@ on:
        default: 1
      BINARY_TESTS:
        type: string
-        default: '[ "scan_nsa", "scan_mitre", "scan_with_exceptions", "scan_repository", "scan_local_file", "scan_local_glob_files", "scan_local_list_of_files", "scan_nsa_and_submit_to_backend", "scan_mitre_and_submit_to_backend", "scan_local_repository_and_submit_to_backend", "scan_repository_from_url_and_submit_to_backend", "scan_with_custom_framework", "scan_customer_configuration", "host_scanner", "scan_compliance_score", "scan_custom_framework_scanning_file_scope_testing", "scan_custom_framework_scanning_cluster_scope_testing", "scan_custom_framework_scanning_cluster_and_file_scope_testing" ]'
+        default: '[ 
+          "scan_nsa", 
+          "scan_mitre", 
+          "scan_with_exceptions", 
+          "scan_repository", 
+          "scan_local_file", 
+          "scan_local_glob_files", 
+          "scan_local_list_of_files", 
+          "scan_nsa_and_submit_to_backend", 
+          "scan_mitre_and_submit_to_backend", 
+          "scan_local_repository_and_submit_to_backend", 
+          "scan_repository_from_url_and_submit_to_backend", 
+          "scan_with_custom_framework", 
+          "scan_customer_configuration", 
+          "scan_compliance_score", 
+          "scan_custom_framework_scanning_file_scope_testing", 
+          "scan_custom_framework_scanning_cluster_scope_testing", 
+          "scan_custom_framework_scanning_cluster_and_file_scope_testing"
+          ]'

 jobs:
  wf-preparation:
@@ -164,7 +207,7 @@ jobs:

  build-http-image:
    permissions:
-      contents: read
+      contents: write
      id-token: write
      packages: write
      pull-requests: read
@@ -202,15 +245,8 @@ jobs:
                "scan_repository_from_url_and_submit_to_backend", 
                "scan_with_custom_framework", 
                "scan_customer_configuration", 
-                "host_scanner", 
-                "scan_compliance_score", 
-                "control_cluster_from_CLI_config_scan_exclude_namespaces", 
-                "control_cluster_from_CLI_config_scan_include_namespaces", 
-                "control_cluster_from_CLI_config_scan_host_scanner_enabled", 
-                "control_cluster_from_CLI_config_scan_MITRE_framework", 
-                "control_cluster_from_CLI_vulnerabilities_scan_default", 
-                "control_cluster_from_CLI_vulnerabilities_scan_include_namespaces"
-              ]'
+                "scan_compliance_score"
+                ]'
      COSIGN: true
      HELM_E2E_TEST: true
      FORCE: true
--- a/.github/workflows/build-image.yaml
+++ b/.github/workflows/build-image.yaml
@@ -23,7 +23,7 @@ jobs:
    permissions:
      id-token: write
      packages: write
-      contents: read
+      contents: write
      pull-requests: read
    uses: kubescape/workflows/.github/workflows/incluster-comp-pr-merged.yaml@main
    with:
--- a/.github/workflows/c-create-release.yaml
+++ b/.github/workflows/c-create-release.yaml
@@ -24,8 +24,8 @@ jobs:
      MAC_OS: macos-latest
      UBUNTU_OS: ubuntu-latest
      WINDOWS_OS: windows-latest
-    # permissions:
-    #   contents: write
+    permissions:
+      contents: write
    steps:
      - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # ratchet:actions/download-artifact@v3.0.2
        id: download-artifact
--- a/.github/workflows/d-publish-image.yaml
+++ b/.github/workflows/d-publish-image.yaml
@@ -2,7 +2,7 @@ name: d-publish-image
 permissions:
  actions: read
  checks: read
-  contents: read
+  contents: write
  deployments: read
  discussions: read
  id-token: write
--- a/core/core/clusterconnector.go
+++ b/core/core/clusterconnector.go
@@ -83,7 +83,10 @@ func (a *OperatorAdapter) httpPostOperatorScanRequest(body apis.Commands) (strin
 		return "", err
 	}
 	defer resp.Body.Close()
-	return httputils.HttpRespToString(resp)
+	if resp.StatusCode != 200 {
+		return "", fmt.Errorf("http-error: %d", resp.StatusCode)
+	}
+	return "success", nil
 }

 func (a *OperatorAdapter) OperatorScan() (string, error) {
--- a/httphandler/go.mod
+++ b/httphandler/go.mod
@@ -179,7 +179,7 @@ require (
 	github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352 // indirect
 	github.com/digitorus/timestamp v0.0.0-20231217203849-220c5c2851b7 // indirect
 	github.com/dimchansky/utfbom v1.1.1 // indirect
-	github.com/distribution/distribution v2.8.3+incompatible // indirect
+	github.com/distribution/distribution v2.8.2+incompatible // indirect
 	github.com/distribution/reference v0.6.0 // indirect
 	github.com/docker/cli v26.1.0+incompatible // indirect
 	github.com/docker/distribution v2.8.3+incompatible // indirect
@@ -498,3 +498,5 @@ replace github.com/olekukonko/tablewriter => github.com/kubescape/tablewriter v0

 // TODO(anubhav06): Remove this once we have a release of copacetic with the support for patching kubescape image scan results.
 replace github.com/project-copacetic/copacetic => github.com/anubhav06/copacetic v0.0.0-20230821175613-0a7915a62e10
+
+replace github.com/docker/distribution v2.8.3+incompatible => github.com/docker/distribution v2.8.2+incompatible
--- a/httphandler/go.sum
+++ b/httphandler/go.sum
@@ -627,16 +627,16 @@ github.com/digitorus/timestamp v0.0.0-20231217203849-220c5c2851b7 h1:lxmTCgmHE1G
 github.com/digitorus/timestamp v0.0.0-20231217203849-220c5c2851b7/go.mod h1:GvWntX9qiTlOud0WkQ6ewFm0LPy5JUR1Xo0Ngbd1w6Y=
 github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi/U=
 github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE=
-github.com/distribution/distribution v2.8.3+incompatible h1:RlpEXBLq/WPXYvBYMDAmBX/SnhD67qwtvW/DzKc8pAo=
-github.com/distribution/distribution v2.8.3+incompatible/go.mod h1:EgLm2NgWtdKgzF9NpMzUKgzmR7AMmb0VQi2B+ZzDRjc=
+github.com/distribution/distribution v2.8.2+incompatible h1:k9+4DKdOG+quPFZXT/mUsiQrGu9vYCp+dXpuPkuqhk8=
+github.com/distribution/distribution v2.8.2+incompatible/go.mod h1:EgLm2NgWtdKgzF9NpMzUKgzmR7AMmb0VQi2B+ZzDRjc=
 github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk=
 github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
 github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI=
 github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ=
 github.com/docker/cli v26.1.0+incompatible h1:+nwRy8Ocd8cYNQ60mozDDICICD8aoFGtlPXifX/UQ3Y=
 github.com/docker/cli v26.1.0+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
-github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk=
-github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
+github.com/docker/distribution v2.8.2+incompatible h1:T3de5rq0dB1j30rp0sA2rER+m322EBzniBPB6ZIzuh8=
+github.com/docker/distribution v2.8.2+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
 github.com/docker/docker v26.1.0+incompatible h1:W1G9MPNbskA6VZWL7b3ZljTh0pXI68FpINx0GKaOdaM=
 github.com/docker/docker v26.1.0+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/docker-credential-helpers v0.8.0 h1:YQFtbBQb4VrpoPxhFuzEBPQ9E16qz5SpHLS+uswaCp8=
Author	SHA1	Message	Date
David Wertenteil	c937ed16f4	Merge pull request #1677 from kubescape/remove-tests remove control_cluster tests	2024-05-01 10:21:42 +03:00
David Wertenteil	ea5f72af4e	remove control_cluster tests Signed-off-by: David Wertenteil <dwertent@armosec.io>	2024-05-01 10:17:22 +03:00
David Wertenteil	beb5a4d43e	Merge pull request #1676 from kubescape/fix/wf-permissions fix	2024-04-30 16:29:32 +03:00
David Wertenteil	77e21d5e94	fix Signed-off-by: David Wertenteil <dwertent@armosec.io>	2024-04-30 16:28:19 +03:00
David Wertenteil	3fd7bf40cc	Merge pull request #1675 from kubescape/fix/wf-permissions fix	2024-04-30 16:25:48 +03:00
David Wertenteil	18e0a227e1	fix Signed-off-by: David Wertenteil <dwertent@armosec.io>	2024-04-30 16:23:30 +03:00
David Wertenteil	060c17b480	Merge pull request #1674 from kubescape/fix/wf-permissions Permissions	2024-04-30 16:19:40 +03:00
David Wertenteil	e67a2e9d1c	permissions Signed-off-by: David Wertenteil <dwertent@armosec.io>	2024-04-30 15:59:19 +03:00
David Wertenteil	dfa5f1037e	Merge pull request #1673 from kubescape/operator-command Fixed return status code	2024-04-30 15:55:27 +03:00
David Wertenteil	a15fc066e1	fixed return status code Signed-off-by: David Wertenteil <dwertent@armosec.io>	2024-04-30 15:26:38 +03:00
David Wertenteil	effc57dfda	Merge pull request #1672 from kubescape/bumpsyft fix go.mod for httphandler	2024-04-30 11:16:12 +03:00
Matthias Bertschy	4b5c2dfed4	fix go.mod for httphandler Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2024-04-30 09:57:29 +02:00