github/polaris
1
0
Fork 0
mirror of https://github.com/FairwindsOps/polaris.git synced 2026-02-14 09:59:53 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,066 Commits 36 Branches 112 Tags
master
Commit Graph

1066 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
jdesouza
517c8899d7 INS-1829: Bump libs and fix vulnerabilities (#1171) 
* Fix vulnerability

* Bump
10.1.4 		2026-01-30 16:21:23 -03:00
jdesouza
e2df222ded INS-1683: polaris: Bump go to 1.25.5 for fixing vulnerability (#1162) 
* INS-1683: polaris: Bump go to 1.25.5 for fixing vulnerability

* INS-1683: polaris: Bump go to 1.25.5 for fixing vulnerability
10.1.3 		2025-12-08 10:50:39 -03:00
jdesouza
d45d67cdd2 Revert "INS-1683: polaris: Bump go to 1.25.5 for fixing vulnerability" 
This reverts commit e8a113388e.
 2025-12-08 09:48:07 -03:00
jdesouza
e8a113388e INS-1683: polaris: Bump go to 1.25.5 for fixing vulnerability 2025-12-08 09:44:58 -03:00
jdesouza
21ef1f495c INS-1562: Fix polaris vulnerabilities (#1156) 10.1.2 2025-10-31 11:01:10 -03:00
jdesouza
ec1ba2f2db INS-1303: fix CVE-2025-47907 (#1141) 
* Revert "Revert "INS-1303: fix CVE-2025-47907""

This reverts commit 39fb27c6dd.

* INS-1303: fix CVE-2025-47907
10.1.1 		2025-08-18 13:01:19 -03:00
jdesouza
39fb27c6dd Revert "INS-1303: fix CVE-2025-47907" 
This reverts commit e51b90ef79.
 2025-08-18 10:48:27 -03:00
jdesouza
e51b90ef79 INS-1303: fix CVE-2025-47907 2025-08-18 10:46:11 -03:00
Andy Suderman
4de082b443 docs: update documentation from template (#1140) 10.1.0 v10.1.0 2025-08-01 13:24:25 -06:00
dependabot[bot]
264dc51f4c Bump sigs.k8s.io/yaml from 1.4.0 to 1.5.0 (#1127) 
---
updated-dependencies:
- dependency-name: sigs.k8s.io/yaml
  dependency-version: 1.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-25 11:23:39 -03:00
jdesouza
45b1f6a1a5 Bumped libs (#1139) 2025-07-25 10:18:03 -03:00
Vitor Rodrigo Vezani
38e540e0cf Remove flags from audit command and remove auth command (#1138) 
* update libs

* Remove unused authentication code and dependencies from the Polaris project, streamlining the audit process by eliminating the upload insights feature and related flags.

* remove insights reporter

* remove lingering libs

* update docs

* INS-1251: Polaris: upgrade github.com/qri-io/jsonschema to v0.2.1 (#1135)

* Bump lins

* Code refactoring

* Fixign issues

* Fixing issues

* Fixing issues

* Fixing issues

* [WIP]

* [WIP]

* [WIP]

* Trying to fix tests

* Trying to fix tests

* Fixing issues

* Fixing issues

* Fixing issues

* Fixing issues

* Fixing issues

* Fixing issues

* Revert go mod

* Revert go mod

* Revert go mod

* Revert go mod

* Fixing issues

* Fixing issue

* Code refactoring

* Updating json schema version

* Updating json schema version

* fix go mod

* fix go sum

---------

Co-authored-by: jdesouza <james@fairwinds.com>
10.0.0 		2025-07-24 16:48:23 -03:00
jdesouza
2b17c31957 INS-1251: Polaris: upgrade github.com/qri-io/jsonschema to v0.2.1 (#1135) 
* Bump lins

* Code refactoring

* Fixign issues

* Fixing issues

* Fixing issues

* Fixing issues

* [WIP]

* [WIP]

* [WIP]

* Trying to fix tests

* Trying to fix tests

* Fixing issues

* Fixing issues

* Fixing issues

* Fixing issues

* Fixing issues

* Fixing issues

* Revert go mod

* Revert go mod

* Revert go mod

* Revert go mod

* Fixing issues

* Fixing issue

* Code refactoring

* Updating json schema version

* Updating json schema version
 2025-07-24 13:46:37 -03:00
jdesouza
813d9c0a2a INS-1097: Fix CVE-2025-22874 for polaris (#1122) 
* Bumping polaris libs

* Fixing lint

* Fixed vuln

* Fixed vuln

* Fixed vuln

* Fixed vuln
9.6.4 		2025-06-17 08:58:10 -03:00
jdesouza
d7d30ac611 INS-933 - pullPolicyNotAlways is crashing webhook mutations (#1115) 
* Debugging

* Debugging

* Trying to fix

* Revert

* Debugging

* Debugging

* Debugging

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issue
9.6.3 		2025-04-21 17:07:12 -03:00
dependabot[bot]
8fe7a94260 Bump golang.org/x/net from 0.33.0 to 0.36.0 (#1108) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.33.0 to 0.36.0.
- [Commits](https://github.com/golang/net/compare/v0.33.0...v0.36.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-version: 0.36.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-16 13:26:47 -03:00
dependabot[bot]
f29571e8bb Bump k8s.io/client-go from 0.32.0 to 0.32.2 (#1103) 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.32.0 to 0.32.2.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.32.0...v0.32.2)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-16 13:21:50 -03:00
dependabot[bot]
a74714b5e5 Bump k8s.io/apimachinery from 0.32.0 to 0.32.2 (#1102) 
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.32.0 to 0.32.2.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.32.0...v0.32.2)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-16 13:16:16 -03:00
dependabot[bot]
ba04b7e330 Bump sigs.k8s.io/controller-runtime from 0.19.3 to 0.20.2 (#1101) 
Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.19.3 to 0.20.2.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.19.3...v0.20.2)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-16 12:42:36 -03:00
youM
d70591b1b8 fixed pdbMinAvailableGreaterThanHPAMinReplicas and added validation for pdbMinAvailableEqualToHPAMinReplicas. (#1073) 
* rename pdbMinAvailableGreaterThanHPAMinReplicas to pdbMinAvailableGreaterThanOrEqualToHPAMinReplicas

* modify doc

* Revert "modify doc"

This reverts commit faffffc298cde23a99c5e19528123f249d92d314.

* Revert "rename pdbMinAvailableGreaterThanHPAMinReplicas to pdbMinAvailableGreaterThanOrEqualToHPAMinReplicas"

This reverts commit b93f283acc279b90c7e7a9d8dbbe53b2f8ab9a31.

* fix test

* fix impl
 2025-04-14 11:36:32 -03:00
jdesouza
80e6f7214e INSIGHTS-593 Fix Polaris vulerabilities (#1094) 9.6.1 9.6.2 2025-01-02 13:01:37 -03:00
Vitor Rodrigo Vezani
1d20a16cb3 update supporting libs and bump alpine to 3.21 (#1093) 
* bump alpine

* bump libs
 2024-12-19 09:20:30 -07:00
dependabot[bot]
37edbc7159 Bump k8s.io/client-go from 0.31.2 to 0.31.3 (#1084) 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.31.2 to 0.31.3.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.31.2...v0.31.3)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-12-05 06:17:16 -07:00
dependabot[bot]
d451480acf Bump k8s.io/api from 0.31.2 to 0.31.3 (#1083) 
Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.31.2 to 0.31.3.
- [Commits](https://github.com/kubernetes/api/compare/v0.31.2...v0.31.3)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-12-05 08:16:46 -05:00
dependabot[bot]
705e6e4016 Bump sigs.k8s.io/controller-runtime from 0.19.1 to 0.19.2 (#1086) 
Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.19.1 to 0.19.2.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.19.1...v0.19.2)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Vitor Rodrigo Vezani <vitor.vezani@fairwinds.com>
 2024-12-05 10:12:36 -03:00
dependabot[bot]
2d9aa54e68 Bump k8s.io/apimachinery from 0.31.2 to 0.31.3 (#1087) 
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.31.2 to 0.31.3.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.31.2...v0.31.3)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-12-05 10:09:26 -03:00
jdesouza
4dd3a81bbd INSIGHTS-475 Add 3 new checks to polaris (#1082) 
* INSIGHTS-448 Add Two Polaris Checks

* Added another chec

* Added another chec

* Added another chec

* Added another chec

* Added another chec

* Added another chec

* Fixing issue

* Fixing issue

* Added another validation

* Added some tests cases

* Added some tests cases

* Update pkg/config/checks/hostProcess.yaml

* Update pkg/validator/pod_test.go

---------

Co-authored-by: Andy Suderman <andy@fairwinds.com>
9.6.0 		2024-11-13 08:24:37 -03:00
dependabot[bot]
4b87bafbb9 Bump k8s.io/client-go from 0.31.1 to 0.31.2 (#1078) 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.31.1 to 0.31.2.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.31.1...v0.31.2)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-08 11:48:05 -03:00
dependabot[bot]
62effa36b6 Bump sigs.k8s.io/controller-runtime from 0.19.0 to 0.19.1 (#1079) 
Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.19.0 to 0.19.1.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.19.0...v0.19.1)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-08 11:43:26 -03:00
dependabot[bot]
913988e44c Bump github.com/fatih/color from 1.17.0 to 1.18.0 (#1081) 
Bumps [github.com/fatih/color](https://github.com/fatih/color) from 1.17.0 to 1.18.0.
- [Release notes](https://github.com/fatih/color/releases)
- [Commits](https://github.com/fatih/color/compare/v1.17.0...v1.18.0)

---
updated-dependencies:
- dependency-name: github.com/fatih/color
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-08 10:41:00 -03:00
dependabot[bot]
f281cd1e33 Bump k8s.io/api from 0.31.1 to 0.31.2 (#1077) 
Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.31.1 to 0.31.2.
- [Commits](https://github.com/kubernetes/api/compare/v0.31.1...v0.31.2)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-08 10:35:50 -03:00
Vitor Rodrigo Vezani
073847559a Add --merge-config flag to support merging with default configuration (#1075) 
* add config merge support

* fix indentation

* Update cmd/polaris/root.go

Co-authored-by: Andy Suderman <andy@fairwinds.com>

---------

Co-authored-by: Andy Suderman <andy@fairwinds.com>
9.5.0 		2024-10-22 15:31:18 -03:00
Grégoire Martini
9b5438d864 Fix: rolebindingRolePodExecAttach check (#1070) 
* Fix: rolebindingRolePodExecAttach check

Fix the case of a RoleBinding that points to a ClusterRole.
In that case, we ignore the RoleBinding since it will be evaluated by the rolebindingClusterRolePodExecAttach check.

* add tests for role-binding that uses a cluster-role binding

---------

Co-authored-by: Vitor Vezani <vitor.vezani@fairwinds.com>
 2024-10-02 10:43:24 -06:00
jdesouza
be349a885d Updated Go to 1.22.7 to fix vulnerabilities (#1069) 
* Bumped to to 1.24 to fix vulnerability

* Bumped to to 1.22.7 to fix vulnerability

* Bumped to to 1.22.7 to fix vulnerability

* Bumped to to 1.22.7 to fix vulnerability

* Fixing issues

* Fixing issues

* Fixing issues

* Fixing issues

* Fixing issues

* Fixing issues

* Fixing issues
9.4.1 		2024-09-25 12:17:50 -03:00
Terraform User
08f2afe6c9 Managed by Terraform 2024-09-20 16:57:29 +00:00
Terraform User
9f681b3ed4 Managed by Terraform 2024-09-20 16:57:22 +00:00
Terraform User
74cbaefc58 Managed by Terraform 2024-09-20 16:55:05 +00:00
Terraform User
bd8d4cc08b Managed by Terraform 2024-09-20 16:49:26 +00:00
Terraform User
e66ef8b948 Managed by Terraform 2024-09-20 16:45:48 +00:00
Terraform User
7930ede331 Managed by Terraform 2024-09-20 16:45:42 +00:00
Terraform User
1625b755ac Managed by Terraform 2024-09-20 16:45:26 +00:00
Terraform User
08a7863167 Managed by Terraform 2024-09-20 16:43:50 +00:00
jdesouza
8d5247e501 INSIGHTS-358 Bump polaris libs (#1068) 
* Bumped libs

* Bumped libs

* Fixed issues

* Fixed issues

* Fixed issues

* Fixed issues

* Fixed issues

* Fixed issues

* Fixed issues

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issue

* Fixing issues

* Fixing issues

* Fixing issues

* Fixing issues

* Trying to fix releaser

* Trying to fix releaser

* Trying to fix releaser

* Trying to fix releaser

* Trying to fix releaser

* Trying to fix releaser

* Trying to fix releaser

* Trying to fix releaser

* Trying to fix releaser

* Trying to fix releaser

* Trying to fix releaser

* Trying to fix releaser

* Trying to fix releaser

* Trying to fix releaser

* Trying to fix releaser

* Trying to fix releaser

* Trying to fix releaser

* Trying to fix releaser

* Trying to fix releaser

* Trying to fix releaser

* Trying to fix releaser

* Trying to fix releaser

* Trying to fix releaser

* Trying to fix

* Trying to fix

* Trying to fix

* Trying to fix

* Trying to fix

* Trying to fix

* Trying to fix
9.4.0 		2024-09-18 17:07:50 -03:00
Terraform User
d30865cefb Managed by Terraform 2024-09-09 19:47:56 +00:00
jdesouza
cb7c10d288 INSIGHTS-8 Polaris: Harden admission against rogue pods (#1064) 
* INSIGHTS-8 Polaris: Harden admission against rogue pods

* INSIGHTS-8 Polaris: Harden admission against rogue pods

* INSIGHTS-8 Polaris: Harden admission against rogue pods

* Adding validation

* Adding validation

* Fixing owners
9.3.0 		2024-09-09 11:00:06 -03:00
Andy Suderman
bdfcb8fbb8 docs: update documentation from template (#1063) 2024-07-18 10:44:35 -06:00
Vitor Rodrigo Vezani
1c1e990454 fix pdbMinAvailableGreaterThanHPAMinReplicas check when minAvailable is not present (#1062) 9.2.1 2024-07-18 13:26:30 -03:00
Vitor Rodrigo Vezani
952b6aed65 INSIGHTS-157 - PDB <> HPA check (#1057) 
* fix typo

* fix failure message

* fix changelog

* fix missingPodDisruptionBudget validation

* add tests for pdbMinAvailableLessThenHPAMaxReplicas

* add simple success test

* fix typo

* lowercasing warnings

* WIP implement pdbMinAvailableLessThanHPAMaxReplicas

* change check name

* rename testes

* fix check message

* change check name

* minor fixes

* improving tests

* improve tests

* fix check name

* Update docs/checks/reliability.md

Co-authored-by: Andy Suderman <andy@fairwinds.com>

* fix/add tests

* fixes from PR

* fix error message

---------

Co-authored-by: Andy Suderman <andy@fairwinds.com>
9.2.0 		2024-07-08 14:47:54 -03:00
Terraform User
875a8ffd40 Managed by Terraform 2024-07-01 17:24:36 +00:00
Vitor Rodrigo Vezani
61e0d34e8b INSIGHTS-156 - Fix typo and improve failure message (#1055) 
* fix typo

* fix failure message

* fix changelog

* fix missingPodDisruptionBudget validation

* Update failure.empty-labels.yaml

* Update failure.no-metadata.yaml

* INSIGHTS-159 - use go templating instead of custom function validation (#1056)

* use go templating instead of custom function validation

* fix changelog
9.1.1 		2024-06-27 17:10:21 -03:00