github/polaris
1
0
Fork 0
mirror of https://github.com/FairwindsOps/polaris.git synced 2026-05-06 17:26:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
944 Commits 28 Branches 117 Tags
7.1.1
Commit Graph

91 Commits

Author SHA1 Message Date
Robert Brennan
b6c6bbe893 update docs (#846) 2022-09-22 11:18:44 -04:00
Robert Brennan
6b64369698 Update changelog.md (#825) 
* Update changelog.md

* Update changelog.md
 2022-08-24 12:38:15 -04:00
ivanfetch-fw
c3b57bf6c7 target: container also populates .Polaris.PodSpec|PodTemplate + a new .Polaris.Container representing the currently checked container, GetPodTemplate serializes data to work around a DeepCopy bug with type int (#812) 2022-07-29 07:45:56 -06:00
ivanfetch-fw
25ab600eef Update docs to reflect target: PodTemplate RE: PR #801 (#804) 
* Update docs to reflect `target: PodTemplate` and the template being available via the `Polaris.PodTemplate` variable RE: PR #801

* Fix typo

Co-authored-by: Robert Brennan <accounts@rbren.io>

Co-authored-by: Robert Brennan <accounts@rbren.io>
 2022-07-14 13:50:41 -06:00
ivanfetch-fw
ccaa384cd0 expose Polaris.PodSpec for PodSpec targeted checks (#793) 
* Add a template `Polaris` variable, expose `Polaris.PodSpec` for checks of `target: PodSpec`.

Polaris checks that are `target: PodSpec` have reflected the original
resource (such as a pod-controller) in the Go template, instead of
reflecting the pod `spec` field. This update makes the PodSpec available
in a new template variable `Polaris.PodSpec`.
 2022-07-12 08:04:17 -06:00
Robert Brennan
1c09ce9e09 update changelog and docs (#800) 
* update changelog and docs

* add 7.0.1

* fix version
 2022-07-11 14:12:50 -04:00
Robert Brennan
acadebe9fd add docs for mutation (#792) 
* add docs for mutation

* Update infrastructure-as-code.md
 2022-07-11 13:25:15 -04:00
Robert Brennan
f71ca999c9 Change target: Pod to target: PodSpec (#726) 
* change target pod to target pod spec

* add checks

* update docs

* fix tests

Co-authored-by: MAKOSCAFEE <barnabasmakonda@gmail.com>
 2022-06-07 07:37:25 -06:00
Robert Brennan
6c33168378 update release process (#744) 
* update release process

* fix lint

* remove kubectl docs

* update webhook install

* fix webhook_test

* fix dashboard test

* Update kube_dashboard_test.sh

* Update webhook_test.sh

Co-authored-by: Barnabas Makonda <6409210+makoscafee@users.noreply.github.com>
 2022-04-28 17:16:17 -04:00
Andrew Suderman
78838a606d Add a --namespace flag to the in-cluster audit (#742) 2022-04-08 07:54:03 -06:00
Ken Kaizu
1841b7441d audit check specific checks when passing checks args (#737) 
Signed-off-by: krrrr38 <k.kaizu38@gmail.com>

Co-authored-by: Robert Brennan <accounts@rbren.io>
 2022-04-07 09:11:51 -04:00
Robert Brennan
ef50fbbff6 Release 5.1 (#720) 
* bump to 5.1.0

* regenerate deploy files

Co-authored-by: Travis CI <jess.portnoy@kaltura.com>
 2022-03-15 10:02:20 -04:00
nobletrout
f429f1922a Nobletrout/add kubectx support (#719) 
* See #699 add support for kubecontext selection

* Update cli.md
 2022-03-15 09:24:24 -04:00
Andrew Suderman
539fa088d1 Update documentation from template (#702) 2022-02-15 14:43:07 -07:00
Barnabas Makonda
e91b9b8824 Update serverity for polaris check (#690) 
* update serverity for polaris check

* update test checks

* update changelog and fix test failure

* update tests/checks

* update replicas for webhook

* update config-full.yaml

* update tags

Co-authored-by: Robert Brennan <accounts@rbren.io>
 2022-01-20 17:08:39 +03:00
Janki Chhatbar
268f0e6811 Correct URL to download polaris tar (#660) 2021-11-03 06:32:29 -06:00
Luke Reed
c398f1043c prep for 4.2.0 release and helm chart update (#643) 2021-09-28 11:31:34 -07:00
Maxime VISONNEAU
32c1150b28 config: new flags '--disallow-(config|annotation)-exemptions' (#636) 
This change follows up #635 and lets end-users decide to disallow exemption rules defined as part of the config file or the controller annotations (whether none, any or both). The main use case here is to be able to prevent users with edit privileges over a controller to add a new exemption rule through an annotation which may obfuscate the actual policies we want to enforce.

Signed-off-by: Maxime VISONNEAU <maxime.visonneau@gmail.com>

Co-authored-by: Robert Brennan <accounts@rbren.io>
 2021-09-27 12:56:59 -04:00
Luke Reed
a62389b85f Update documentation from template (#634) 2021-09-21 07:50:08 -07:00
Robert Brennan
310015ff53 bump to 4.1.0 (#623) 
* bump to 4.1.0

* fix deploy files
 2021-09-07 09:53:12 -04:00
Robert Brennan
9ae4f774e9 bump version, add docs, fix up dashboard (#595) 
* bump version\, add docs\, fix up dashboard

* fix pretty output

* Update config.yaml

* fix extra kinds appearing
 2021-08-18 17:55:48 -04:00
dependabot[bot]
3e655d846b Bump url-parse from 1.5.1 to 1.5.3 in /docs (#611) 
Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.1 to 1.5.3.
- [Release notes](https://github.com/unshiftio/url-parse/releases)
- [Commits](https://github.com/unshiftio/url-parse/compare/1.5.1...1.5.3)

---
updated-dependencies:
- dependency-name: url-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-08-18 14:59:17 -04:00
dependabot[bot]
0232e31a50 Bump path-parse from 1.0.6 to 1.0.7 in /docs (#607) 
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-08-18 14:59:09 -04:00
Robert Brennan
ca3e46ebbd Update documentation from template (#609) 2021-08-17 11:26:25 -04:00
dependabot[bot]
d172d8e18b Bump color-string from 1.5.4 to 1.5.5 in /docs (#588) 
Bumps [color-string](https://github.com/Qix-/color-string) from 1.5.4 to 1.5.5.
- [Release notes](https://github.com/Qix-/color-string/releases)
- [Changelog](https://github.com/Qix-/color-string/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Qix-/color-string/compare/1.5.4...1.5.5)

---
updated-dependencies:
- dependency-name: color-string
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-07-22 14:35:46 -04:00
Robert Brennan
6c995eb04c fix goreleaser format 2021-07-22 15:26:29 +00:00
Robert Brennan
e52f1e76e9 bump version 2021-07-22 15:20:38 +00:00
dependabot[bot]
f602687c90 Bump prismjs from 1.23.0 to 1.24.0 in /docs (#580) 
Bumps [prismjs](https://github.com/PrismJS/prism) from 1.23.0 to 1.24.0.
- [Release notes](https://github.com/PrismJS/prism/releases)
- [Changelog](https://github.com/PrismJS/prism/blob/master/CHANGELOG.md)
- [Commits](https://github.com/PrismJS/prism/compare/v1.23.0...v1.24.0)

---
updated-dependencies:
- dependency-name: prismjs
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-07-14 14:06:19 -04:00
Robert Brennan
ff8e66af07 bump version (#587) 2021-07-14 10:26:27 -03:00
Robert Brennan
cd47487b0b bump version (#578) 2021-06-25 18:06:06 -04:00
Robert Brennan
ccc795d58e bump version, update changelog (#575) 
* bump version\, update changelog

* add docs
 2021-06-21 14:00:36 -04:00
dependabot[bot]
0007b12080 Bump ini from 1.3.5 to 1.3.8 in /docs (#574) 
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.8.
- [Release notes](https://github.com/isaacs/ini/releases)
- [Commits](https://github.com/isaacs/ini/compare/v1.3.5...v1.3.8)

---
updated-dependencies:
- dependency-name: ini
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-21 12:27:30 -04:00
dependabot[bot]
2958b5cc07 Bump prismjs from 1.22.0 to 1.23.0 in /docs (#573) 
Bumps [prismjs](https://github.com/PrismJS/prism) from 1.22.0 to 1.23.0.
- [Release notes](https://github.com/PrismJS/prism/releases)
- [Changelog](https://github.com/PrismJS/prism/blob/master/CHANGELOG.md)
- [Commits](https://github.com/PrismJS/prism/compare/v1.22.0...v1.23.0)

---
updated-dependencies:
- dependency-name: prismjs
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-21 12:27:19 -04:00
dependabot[bot]
0c5014489e Bump elliptic from 6.5.3 to 6.5.4 in /docs (#572) 
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.3 to 6.5.4.
- [Release notes](https://github.com/indutny/elliptic/releases)
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.3...v6.5.4)

---
updated-dependencies:
- dependency-name: elliptic
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-21 12:27:09 -04:00
dependabot[bot]
ebf99869ff Bump lodash from 4.17.20 to 4.17.21 in /docs (#571) 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.20 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.20...4.17.21)

---
updated-dependencies:
- dependency-name: lodash
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-21 12:26:56 -04:00
dependabot[bot]
88b57f9f32 Bump y18n from 4.0.0 to 4.0.3 in /docs (#570) 
Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.3.
- [Release notes](https://github.com/yargs/y18n/releases)
- [Changelog](https://github.com/yargs/y18n/blob/y18n-v4.0.3/CHANGELOG.md)
- [Commits](https://github.com/yargs/y18n/compare/v4.0.0...y18n-v4.0.3)

---
updated-dependencies:
- dependency-name: y18n
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-21 11:55:38 -04:00
dependabot[bot]
e028c34448 Bump url-parse from 1.4.7 to 1.5.1 in /docs (#569) 
Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.7 to 1.5.1.
- [Release notes](https://github.com/unshiftio/url-parse/releases)
- [Commits](https://github.com/unshiftio/url-parse/compare/1.4.7...1.5.1)

---
updated-dependencies:
- dependency-name: url-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-21 11:55:28 -04:00
dependabot[bot]
7c1ec6a762 Bump browserslist from 4.14.7 to 4.16.6 in /docs (#568) 
Bumps [browserslist](https://github.com/browserslist/browserslist) from 4.14.7 to 4.16.6.
- [Release notes](https://github.com/browserslist/browserslist/releases)
- [Changelog](https://github.com/browserslist/browserslist/blob/main/CHANGELOG.md)
- [Commits](https://github.com/browserslist/browserslist/compare/4.14.7...4.16.6)

---
updated-dependencies:
- dependency-name: browserslist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-21 11:55:19 -04:00
dependabot[bot]
fa6843ae61 Bump dns-packet from 1.3.1 to 1.3.4 in /docs (#567) 
Bumps [dns-packet](https://github.com/mafintosh/dns-packet) from 1.3.1 to 1.3.4.
- [Release notes](https://github.com/mafintosh/dns-packet/releases)
- [Changelog](https://github.com/mafintosh/dns-packet/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mafintosh/dns-packet/compare/v1.3.1...v1.3.4)

---
updated-dependencies:
- dependency-name: dns-packet
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-21 11:55:08 -04:00
dependabot[bot]
76cc9e3296 Bump postcss from 7.0.35 to 7.0.36 in /docs (#566) 
Bumps [postcss](https://github.com/postcss/postcss) from 7.0.35 to 7.0.36.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/7.0.35...7.0.36)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-21 11:54:57 -04:00
dependabot[bot]
6bcdb834ed Bump ssri from 6.0.1 to 6.0.2 in /docs (#565) 
Bumps [ssri](https://github.com/npm/ssri) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/npm/ssri/releases)
- [Changelog](https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md)
- [Commits](https://github.com/npm/ssri/compare/v6.0.1...v6.0.2)

---
updated-dependencies:
- dependency-name: ssri
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-21 11:54:48 -04:00
dependabot[bot]
2bac1c9ba9 Bump ws from 6.2.1 to 6.2.2 in /docs (#564) 
Bumps [ws](https://github.com/websockets/ws) from 6.2.1 to 6.2.2.
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](https://github.com/websockets/ws/compare/6.2.1...6.2.2)

---
updated-dependencies:
- dependency-name: ws
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-21 11:54:39 -04:00
Robert Brennan
0e6ca81f57 add banner (#560) 
* add banner

* add link
 2021-06-21 11:54:17 -04:00
Soto Sugita
8e62436697 Fix the installation command by helm (#539) 
The installation by helm will fail because the namespace does not exist.
Added the `--create-namespace` flag to create a namespace if not exist.
 2021-05-11 09:00:29 -04:00
Robert Brennan
f753fc91f2 Support multi-resource templates (#524) 
* able to run multi-resource tests

* start passing resource provider through

* working end-to-end

* better support for go templating

* fix tests

* delint

* add test

* add json annotations

* remove panics

* fix annotation

* fix for groupkinds

* add comment

* add docs

* change jsonSchema field to schemaString

* rename check

* add pdb to tests

* add ingress to tests

* update deps

* fix up policy import

* update go

* fix check name

* funk it up

* better docs
 2021-05-06 14:01:20 -04:00
Robert Brennan
14d503580b Update documentation from template (#521) 2021-04-05 11:47:39 -04:00
Robert Brennan
f0c8ee256e Update documentation from template (#518) 2021-03-17 13:55:36 -04:00
Robert Brennan
eebc9537a2 update for 3.2.0 (#513) 2021-03-12 13:12:16 -05:00
Robert Brennan
1fed099b53 Pretty printer for audit (#512) 
* pretty output

* add colors

* better nocolor

* fix up main title

* delint

* remove double negative

* update docs
 2021-03-12 12:20:00 -05:00
Robert Brennan
25dfae1fea add to changelog 2021-03-08 14:03:51 +00:00