* added fix command implementation
* use node api
* fix tests
* added hostport mutate rule
* update mutating server
* fix array reference and add back leading slash
* added test and refactor findNodes
* more tests
* added more test and fix issue with arrays
* rename findNode function and ensure we capture exceptions
* rename findNode function
* append array value at the end and for single item remove brackets
* append array value at the end and for single item remove brackets
* create array if it does not exists
* fix tests
* handle some exceptions
* fix tests
* fix string format
* guard for PodResult
* fix flag name
* fix privilegeEscalation check
* fix up mutations for local files
* fix pod parsing
* fix object values
* remove logspam
* fix import
* update some comments for health probes
* add an option to not apply any mutations\, and just adjust yaml formatting
* add preliminary support for helm
* logspam
* change up comment strategy
* fix object comments
* format
* fix tests
* add comments
* fix key updates
* fix mutation tests
* tidy
* refactor test
* add test
* add test
* add test for object comments
Co-authored-by: Robert Brennan <accounts@rbren.io>
Co-authored-by: Robert Brennan <contact@rbren.io>
* able to run multi-resource tests
* start passing resource provider through
* working end-to-end
* better support for go templating
* fix tests
* delint
* add test
* add json annotations
* remove panics
* fix annotation
* fix for groupkinds
* add comment
* add docs
* change jsonSchema field to schemaString
* rename check
* add pdb to tests
* add ingress to tests
* update deps
* fix up policy import
* update go
* fix check name
* funk it up
* better docs
* first pass at adding exemptions
* Update config.yaml
* make config_test more reliable
* add flag to disallow exemptions in dashboard
* add disallow-exemptions flag to CLI
* add comments
* fix exemptions flag
* fix alert on dashboard
* minor style changes
* Added testing for webhook using KIND
* fixed branching error
* added tests to CircleCI
* added tests to CircleCI
* attempt to stop failing circleci test
* moved location of testing for webhook in CircleCI
* debugging
* more debugging
* .
* .
* added download of webhook to test
* ..
* ...
* corrected sleep comand
* .
* .
* code working now, clean up
* testing smaller sleep times
* increased sleep time
* responded to comments on github
* .
* debug
* more edits
* debugging second test failing.
* debugging
* tests doing opposite of what they should be debugging.
* debugging
* .
* .
* fixing error in installation of webhook.
* .
* timeout increase
* trying to install webhook
* .
* .
* webhook still not i installing properly
* ..
* ..
* add log message
* ..
* changed order of test_k8s, removed set -e
* ..
* namespace polaris
* .
* .......
* intial testing for new strategy.
* intial testing for new strategy.
* .
* ...
* final edits, working now
* fixed files, cleaned up logs, added more detail to webhook starting documentation.
* ?
* added test files for other controller types, adding testing for them in webhook_test.sh
* increased sleep time
* testing
* finally added tests for jobs
* changed while loop condition to include webhook.
* .
* lskdfsjkl
* sd
* lskfjlskj
* .
* final
* added timeout test for dashboard to try to aleviate error
* .
* .
* install the dashboard
* ...
* initial test for new kube_dashboard_test
* initial test for new kube_dashboard_test
* ?
* deleting unused code
* final change for dashboard test
* final
**Changes**
- Refactored the way controllers work to be an interface
- Added configurable controllers to include in scans
- Added daemonsets, jobs and cronjobs in scans
- Added `ReplicationController` type controllers to the supported list
- Adjusted logic for failed YAML parsing to bubble up errors
- Added better logic for calculating summaries on cluster wide results
- Relocated responsibilities for counting types into validators vs spreading it around more packages
- Fixed bug where cronjob parsing was using wrong KIND
- Added fixtures for mocking new controller types
- Added example yamls to test scanning files
- Added functions to NamespacedResult(s) to reduce code complexity deep set iterations
- Refactored how results get added to namespacedresults so adding more later is easier
- Minor signature changes for interface implementing structs for controllers
