github/polaris
1
0
Fork 0
mirror of https://github.com/FairwindsOps/polaris.git synced 2026-05-21 08:33:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
642 Commits 28 Branches 117 Tags
e64fb4cdbdeec2d3fa2bf1219ada09e082101d8f
Commit Graph

45 Commits

Author SHA1 Message Date
baderbuddy
7c9f01639b Update dependencies (#400) 
* Start working on updating dependencies:

* Fix webhook

* Rollback jsonschema update

* Checkin new config

* Fix run as root

* Update versions of kind

* Fix typo in kind URL

* Fix kind config

* Add csr permissions

* Fix weird image thing

* Fixed certificates

* Add to logging

* Approve cert manually

* Fix approval

* Add cert script

* Fix deployment

* Add requests/limits

* Wait if certificate doesn't exist yet

* Add check for file size

* Add variable

* Try a different imagE

* Fix command

* Update certificate logic

* Add healthz

* Don't check cert size

* Remove stat

* Fix vet

* Put in change that makes no sense

* Fix cert names

* Roll back

* Try changing config

* Add logging for each request

* Cleanup code some

* Remove bad deployments

* Fix client injection

* Update timeout

* Add logging

* Fixed e2e webhook tests

* Add permissions for approval

* Fix permissions for CSR

* Remove logging code

* Remove refresh certs file

* Fix merge issues

* Update deployments

* Try beta of admission controller config

* Target 1.15 for testing

* Add beta versions of resourceS

* Lower webhook timeout

* Refactor out a method

* Fix up PR issues

* Fix more tabs

* Remove unnecessary messageS

* Fix go.sum

* Fix go.sum
 2020-09-11 08:53:14 -04:00
Robert Brennan
6792fba91f Delete controllers package (#270) 
* rename root fs check

* speed up docker build

* refactor webhook to be more generic

* delete controllers pkg

* revert deploy

* fix example config

* remove controllersToScan config

* fix lint error

* fix webhook name

* FileSystem -> Filesystem

* update deps

* skip node owners

* clean up meta tracking

Co-authored-by: Robert Brennan <bobby.brennan@gmail.com>
 2020-04-27 10:43:02 -04:00
Bader Boland
68fe23018a Feedback from PR 2020-03-23 09:27:36 -04:00
Bader Boland
7fdebfc4db Fix tests 2020-03-17 09:19:33 -04:00
Robert Brennan
dfa34e1880 explicitly handle schema validation errors 2020-01-14 14:50:35 +00:00
Robert Brennan
7637108234 refactor ValidateContainers 2020-01-14 14:50:34 +00:00
Robert Brennan
23bf4c81b0 refactor ValidatePod, add NakedPod type 2020-01-14 14:50:34 +00:00
Robert Brennan
51cd3523fc messages -> results 2020-01-14 14:50:34 +00:00
Robert Brennan
49c540e993 type -> kind 2020-01-14 14:50:34 +00:00
Robert Brennan
2770be643f Refactor validation 2020-01-14 14:50:34 +00:00
Robert Brennan
f2c5752718 migrate health checks to schemas 2019-12-23 20:32:38 +00:00
Robert Brennan
3304285b4e move rest of pod checks over to schema 2019-12-23 20:32:38 +00:00
Robert Brennan
d80d326f7c swap out host_network for a schema-based check 2019-12-23 20:32:38 +00:00
Robert Brennan
22ab851681 skip health checks for jobs, cronjobs, and initContainers (#216) 2019-11-06 13:31:17 -05:00
Robert Brennan
2b15f11d57 Add exemptions to config (#204) 
* first pass at adding exemptions

* Update config.yaml

* make config_test more reliable

* add flag to disallow exemptions in dashboard

* add disallow-exemptions flag to CLI

* add comments

* fix exemptions flag

* fix alert on dashboard

* minor style changes
 2019-10-23 17:14:03 -04:00
Robert Brennan
c91a85a08a add IDs to each check (#197) 2019-09-11 14:07:08 -04:00
Bobby Brennan
20bd32afb6 Rename ReactiveOps to Fairwinds (#180) 
* Rename ReactiveOps to Fairwinds

* Rename ReactiveOps to Fairwinds
 2019-07-30 15:29:09 -04:00
Nick Huanca
4c7429efbc #146 Fixing Container Security Context Logic (#149) 
* Fixing Container Security Context Logic

Kubernetes rationalizes Container Security Context in conjunction with the
Pod Spec Security Context. In this scenario you can 'leave out' certain
security context settings and rely on the pod spec definition to still
set these settings for you. The RunAsNonRoot setting originally only checked
to see if the value was set at the container level, vs also checking if it
was enabled at the pod level.

I have attached the container's parent pod spec to the container validate
struct in case any other things like this arise in the future.

I have also refactored the logic for validating bool pointers, since these
can be tricky, if you want to avoid dereferences pointer issues.

Changes:
- Added parent pod spec of container to validate certain settings which affect container spec
- Refactored the logic statements for validating bool pointers (used helpers)
- Added tests for this pod.container.securityContext condition
 2019-06-18 11:04:38 -06:00
Rob Scott
f5c7087d6d ensuring that readiness probes in init containers are not validated to fix #112 2019-05-20 21:35:44 +02:00
Bobby Brennan
9bcb832bbd rename all the things 2019-05-09 15:59:23 +00:00
Rob Scott
0db0e2947f some additional cleanup 2019-04-29 10:58:30 -04:00
Rob Scott
4fe39e7b74 improved logging, better webhook output, webhook deploy fixes 2019-04-26 17:35:14 -04:00
Bobby Brennan
55363fd7a8 Add categories to dashboard 
add version, cluster stats to output

add comment

update UI

changes to summary aggregation

add category summaries to dash
 2019-04-23 15:07:50 +00:00
Rob Scott
674696c7e1 restructuring config to match up with docs 2019-04-22 12:58:25 -04:00
Bobby Brennan
3ce7e12082 Add version, cluster stats to output and UI (#61) 
* add version, cluster stats to output

* add comment

* fix tests

* add categories to messages

* fix tests

* update UI

* remove empty category totals field

* k8smeta -> metav1
 2019-04-22 12:01:18 -04:00
Bobby Brennan
8326a49b5a change message variable names 2019-04-12 15:13:46 +00:00
Bobby Brennan
bcff5f10bc pull out messages into separate file, some rephrasing 
phrasing

fix tests
 2019-04-12 14:56:25 +00:00
Rob Scott
f5cde2db38 a lot of cleanup and restructuring 2019-03-27 22:57:01 -04:00
Rob Scott
6d49d0e19c updating logic to work with new config syntax 2019-03-27 22:55:31 -04:00
jessicagreben
97844d552b fix network mssg wording 2019-02-13 14:51:12 -08:00
jessicagreben
7195793ff5 add network test 2019-02-13 14:33:47 -08:00
jessicagreben
16409c097d add pod host networking validations 2019-02-13 10:58:30 -08:00
jessicagreben
9286d2b960 validateCtr should return a resource result, just like vPod and vDeploy 2019-02-13 08:58:26 -08:00
jessicagreben
b8a0d97ac4 fix lint errs 2019-02-07 09:08:38 -08:00
jessicagreben
cb43c57d8d data refactor init chagnes 2019-02-06 13:56:06 -08:00
Rob Scott
d9067428e0 initial mostly broken work on integration 2019-01-28 18:45:48 -05:00
jessicagreben
3270ed912b de-dup webhook factory and validator 2019-01-27 09:56:14 -08:00
jessicagreben
a2e2788cff remove dup pod validation, move test yaml 2019-01-26 18:43:40 -08:00
jessicagreben
3eea0a82c0 make a little more pretty 2019-01-04 21:11:34 -08:00
jessicagreben
583d6fa4d2 im ugly but i work 2019-01-04 20:56:30 -08:00
Rob Scott
823e460965 lots of restructuring to add ContainerValidation type 2018-12-21 12:44:05 -05:00
jessicagreben
8b61a3535c add reporting support 2018-12-19 12:41:41 -08:00
jessicagreben
b305699968 add config to pod object 2018-12-18 13:11:19 -08:00
jessicagreben
af8659f053 add container code 2018-12-13 11:14:28 -08:00
Rob Scott
3091cd9868 new validator package, basic resource limit validation 2018-12-07 18:05:03 -05:00