github/polaris
1
0
Fork 0
mirror of https://github.com/FairwindsOps/polaris.git synced 2026-05-18 23:29:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

use packr for config.yaml

Browse Source
This commit is contained in:
Bobby Brennan
2019-05-17 13:44:19 +00:00
parent 1194c8b597
commit 79f3d2cb74
8 changed files with 14 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.circleci/config.yml
View File

@@ -92,6 +92,8 @@ jobs:
- *set_environment_variables
- *docker_tag_release
- *install_goreleaser
- run: go get -u github.com/gobuffalo/packr/v2/packr2
- run: packr2
- run: goreleaser
workflows:

1
.goreleaser.yml
View File

@@ -1,6 +1,7 @@
builds:
- env:
- CGO_ENABLED=0
binary: polaris
archive:
replacements:
darwin: Darwin

2
Dockerfile
View File

@@ -15,6 +15,4 @@ COPY --from=build-env /go/src/github.com/reactiveops/polaris/polaris .
WORKDIR /opt/app
COPY --from=build-env /go/src/github.com/reactiveops/polaris/config.yaml ./config.yaml
CMD ["polaris"]

2
README.md
View File

@@ -90,7 +90,7 @@ helm upgrade --install polaris deploy/helm/polaris/ --namespace polaris --set we
## Configuration
Polaris supports a wide range of validations covering a number of Kubernetes best practices. Here's a sample configuration file that includes all currently supported checks. The [default configuration](https://github.com/reactiveops/polaris/blob/master/config.yaml) contains a number of those checks. This repository also includes a sample [full configuration file](https://github.com/reactiveops/polaris/blob/master/config-full.yaml) that enables all available checks.
Polaris supports a wide range of validations covering a number of Kubernetes best practices. Here's a sample configuration file that includes all currently supported checks. The [default configuration](https://github.com/reactiveops/polaris/blob/master/examples/config.yaml) contains a number of those checks. This repository also includes a sample [full configuration file](https://github.com/reactiveops/polaris/blob/master/examples/config-full.yaml) that enables all available checks.
Each check can be assigned a `severity`. Only checks with a severity of `error` or `warning` will be validated. The results of these validations are visible on the dashboard. In the case of the validating webhook, only failures with a severity of `error` will result in a change being rejected.

0
config-full.yaml → examples/config-full.yaml
View File

0
config.yaml → examples/config.yaml
View File

2
main.go
View File

@@ -56,7 +56,7 @@ func main() {
webhookPort := flag.Int("webhook-port", 9876, "Port for the webhook webserver")
auditOutputURL := flag.String("output-url", "", "Destination URL to send audit results")
auditOutputFile := flag.String("output-file", "", "Destination file for audit results")
configPath := flag.String("config", "config.yaml", "Location of Polaris configuration file")
configPath := flag.String("config", "", "Location of Polaris configuration file")
logLevel := flag.String("log-level", logrus.InfoLevel.String(), "Logrus log level")
version := flag.Bool("version", false, "Prints the version of Polaris")
disableWebhookConfigInstaller := flag.Bool("disable-webhook-config-installer", false,

10
pkg/config/config.go
View File

@@ -20,6 +20,7 @@ import (
"io"
"io/ioutil"
packr "github.com/gobuffalo/packr/v2"
corev1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/api/resource"
"k8s.io/apimachinery/pkg/util/yaml"
@@ -110,7 +111,14 @@ type SecurityCapabilityLists struct {
// ParseFile parses config from a file.
func ParseFile(path string) (Configuration, error) {
rawBytes, err := ioutil.ReadFile(path)
configBox := packr.New("Config", "../../examples")
var rawBytes []byte
var err error
if path == "" {
rawBytes, err = configBox.Find("config.yaml")
} else {
rawBytes, err = ioutil.ReadFile(path)
}
if err != nil {
return Configuration{}, err
}