github/polaris
1
0
Fork 0
mirror of https://github.com/FairwindsOps/polaris.git synced 2026-02-14 18:09:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,066 Commits 36 Branches 112 Tags
master
Commit Graph

13 Commits

Author SHA1 Message Date
jdesouza
2b17c31957 INS-1251: Polaris: upgrade github.com/qri-io/jsonschema to v0.2.1 (#1135) 
* Bump lins

* Code refactoring

* Fixign issues

* Fixing issues

* Fixing issues

* Fixing issues

* [WIP]

* [WIP]

* [WIP]

* Trying to fix tests

* Trying to fix tests

* Fixing issues

* Fixing issues

* Fixing issues

* Fixing issues

* Fixing issues

* Fixing issues

* Revert go mod

* Revert go mod

* Revert go mod

* Revert go mod

* Fixing issues

* Fixing issue

* Code refactoring

* Updating json schema version

* Updating json schema version
 2025-07-24 13:46:37 -03:00
Vitor Rodrigo Vezani
ac638e01ba FWI-5820 - remove packr in favor of go:embed (#1035) 
* move dashboard to embed

* use embed in favor of packr

* fix references

* Fix error creating router in dashboard.go

* create default config

* remove examples/config.yaml
 2024-03-12 16:11:07 -03:00
ivanfetch-fw
467d06f4db FWI-2719: Enable new RBAC / sensitive content / Pod exec checks, add hasPrefix and hasSuffix functions to the GO template, exempt system: name prefixes for RBAC checks, sensitive content checks ignore valueFrom, (#832) 
* Enable these checks in the default configuration file, which may produce many new results:
  * automountServiceAccountToken
  * linuxHardening
  * sensitiveConfigmapContent and sensitiveContainerEnvVar
  * clusterrolebindingClusterAdmin, rolebindingClusterAdminClusterRole, and rolebindingClusterAdminRole
  * clusterrolePodExecAttach, rolePodExecAttach, clusterrolebindingPodExecAttach, rolebindingClusterRolePodExecAttach, and  rolebindingRolePodExecAttach
* Ignore the `missingNetworkPolicy` and `automountServiceAccountToken` checks by default
* `hasPrefix` and `hasSuffix` functions are now available in the go template
* Fix the `sensitiveContainerEnvVar` check to ignore sensitive environment
variable names when those variables use `valueFrom` to reference an
external resource.
* Add the `*ClusterAdmin` checks to `examples/config-full.yaml`.
* Exempt the prefix `system:` instead of individual entries for RBAC checks (#871)
 2022-11-14 15:05:02 -07:00
ivanfetch-fw
c3b57bf6c7 target: container also populates .Polaris.PodSpec|PodTemplate + a new .Polaris.Container representing the currently checked container, GetPodTemplate serializes data to work around a DeepCopy bug with type int (#812) 2022-07-29 07:45:56 -06:00
ivanfetch-fw
25ab600eef Update docs to reflect target: PodTemplate RE: PR #801 (#804) 
* Update docs to reflect `target: PodTemplate` and the template being available via the `Polaris.PodTemplate` variable RE: PR #801

* Fix typo

Co-authored-by: Robert Brennan <accounts@rbren.io>

Co-authored-by: Robert Brennan <accounts@rbren.io>
 2022-07-14 13:50:41 -06:00
ivanfetch-fw
ccaa384cd0 expose Polaris.PodSpec for PodSpec targeted checks (#793) 
* Add a template `Polaris` variable, expose `Polaris.PodSpec` for checks of `target: PodSpec`.

Polaris checks that are `target: PodSpec` have reflected the original
resource (such as a pod-controller) in the Go template, instead of
reflecting the pod `spec` field. This update makes the PodSpec available
in a new template variable `Polaris.PodSpec`.
 2022-07-12 08:04:17 -06:00
Robert Brennan
1c09ce9e09 update changelog and docs (#800) 
* update changelog and docs

* add 7.0.1

* fix version
 2022-07-11 14:12:50 -04:00
Robert Brennan
f71ca999c9 Change target: Pod to target: PodSpec (#726) 
* change target pod to target pod spec

* add checks

* update docs

* fix tests

Co-authored-by: MAKOSCAFEE <barnabasmakonda@gmail.com>
 2022-06-07 07:37:25 -06:00
Robert Brennan
9ae4f774e9 bump version, add docs, fix up dashboard (#595) 
* bump version\, add docs\, fix up dashboard

* fix pretty output

* Update config.yaml

* fix extra kinds appearing
 2021-08-18 17:55:48 -04:00
Robert Brennan
ca3e46ebbd Update documentation from template (#609) 2021-08-17 11:26:25 -04:00
Robert Brennan
f753fc91f2 Support multi-resource templates (#524) 
* able to run multi-resource tests

* start passing resource provider through

* working end-to-end

* better support for go templating

* fix tests

* delint

* add test

* add json annotations

* remove panics

* fix annotation

* fix for groupkinds

* add comment

* add docs

* change jsonSchema field to schemaString

* rename check

* add pdb to tests

* add ingress to tests

* update deps

* fix up policy import

* update go

* fix check name

* funk it up

* better docs
 2021-05-06 14:01:20 -04:00
Robert Brennan
c11b839009 Update docs (#472) 
* move docs files

* update docs from template

* another update

* add insights callouts

* add ingress check to the docs

* remove old prefixes on check names
 2021-01-15 15:16:59 -05:00
Robert Brennan
1a8fb44b78 Migrate docs to Vuepress (#442) 
* first pass

* fix up homepage

* more work

* housekeeping

* add script to modify home link

* add check docs

* build docs site

* Create CNAME

* fix path to check-docs

* update from template

* fix logo in readme

* fix link

* remove logspam

* remove old folders

* fix all links

* fix up readme

* change up Insights description

* add customization docs

* phrasing

* title

* titles

* titles

* change webhook docs

* refresh template

* rebuild site

* refresh from template repo

* phrasing

* add tagline

* update readme\, add readme sync script

* fix logo

* rebuild

* fix readme script

* rebuild
 2020-11-30 14:15:29 -05:00