Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat:Adding support for KubeArmorClusterPolicy #1772

Merged
merged 4 commits into from
Jul 9, 2024
Merged

feat:Adding support for KubeArmorClusterPolicy #1772

merged 4 commits into from
Jul 9, 2024

Conversation

Prateeknandle
Copy link
Collaborator

@Prateeknandle Prateeknandle commented May 30, 2024
edited
Loading

Purpose of PR?:
Adding support for KubeArmorClusterPolicy

Feature #1769

Does this PR introduce a breaking change?

If the changes in this PR are manually verified, list down the scenarios covered::

Additional information for reviewer? :
Mention if this PR is part of any design or a continuation of previous PRs

  1. Added a separate watcher WatchClusterSecurityPolicies() for KubeArmorClusterPolicy.
  2. Leverage CreateSecurityPolicy() for creating security policy object:
    • To handle matchExpressions, added NamespaceList to tp.SecurityPolicy.
    • NamespaceList contains list of namespaces on which cluster policy will be enforced.
    • we do all computations w.r.t. matchExpressions in CreateSecurityPolicy().
  3. UpdateSecurityPolicy() is used to update endPoints security policies.

Checklist:

  • Bug fix. Fixes #
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update
  • PR Title follows the convention of <type>(<scope>): <subject>
  • Commit has unit tests
  • Commit has integration tests

@Prateeknandle Prateeknandle marked this pull request as ready for review May 31, 2024 18:19
@Prateeknandle Prateeknandle force-pushed the cluster-level-policy branch 5 times, most recently from e6ddb0d to ddd2244 Compare June 3, 2024 14:05
@Prateeknandle Prateeknandle force-pushed the cluster-level-policy branch 3 times, most recently from 4e8c562 to 338dd71 Compare June 20, 2024 04:41
@Prateeknandle Prateeknandle marked this pull request as draft June 21, 2024 04:59
@Prateeknandle Prateeknandle force-pushed the cluster-level-policy branch 4 times, most recently from 8d35a66 to 5ec82aa Compare June 23, 2024 20:03
@Prateeknandle Prateeknandle marked this pull request as ready for review June 23, 2024 21:17
@Prateeknandle Prateeknandle marked this pull request as draft July 1, 2024 14:20
@Prateeknandle Prateeknandle force-pushed the cluster-level-policy branch 5 times, most recently from 4ba5a06 to c728ad2 Compare July 2, 2024 20:31
@Prateeknandle Prateeknandle force-pushed the cluster-level-policy branch 5 times, most recently from 18d5f6a to 69969b2 Compare July 5, 2024 17:24
@Prateeknandle Prateeknandle marked this pull request as ready for review July 6, 2024 10:34
daemon1024
daemon1024 approved these changes Jul 8, 2024
View reviewed changes
Copy link
Member

@daemon1024 daemon1024 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tried it out locally, Working as expected!
LGTM, Great Work👌🏽

@daemon1024 daemon1024 merged commit 5139feb into kubearmor:main Jul 9, 2024
20 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Aryan-sharma11 Aryan-sharma11 Aryan-sharma11 approved these changes

@daemon1024 daemon1024 daemon1024 approved these changes

@rksharma95 rksharma95 Awaiting requested review from rksharma95

Assignees
No one assigned
Labels
None yet
Projects
v1.4.0 Release
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Prateeknandle @daemon1024 @Aryan-sharma11