Skip to content

Expand contents of SecurityContextConstraints #1229

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

Expand contents of SecurityContextConstraints #1229

wants to merge 2 commits into from

Conversation

@yossisegev
Copy link
Contributor

@yossisegev yossisegev commented May 28, 2023

Support extra parameters of SecurityContextConstraints resource.

@redhat-qe-bot
Copy link
Contributor

redhat-qe-bot commented May 28, 2023

Report bugs in Issues

The following are automatically added:

  • Add reviewers from OWNER file (in the root of the repository) under reviewers section.
  • Set PR size label.
  • New issue is created for the PR. (Closed when PR is merged/closed)

Available user actions:

  • To mark PR as verified add /verified to a PR comment, to un-verify add /verified cancel to a PR comment.
    verified label removed on each new commit push.
  • To cherry pick a merged PR add /cherry-pick <target branch to cherry-pick to> to a PR comment.
    • Support only merged PRs
  • To add a label by comment use /<label name>, to remove, use /<label name> cancel
Supported labels
  • hold
  • verified
  • wip
  • lgtm
  • approve
  • target-version-

@redhat-qe-bot redhat-qe-bot requested review from myakove and rnetser May 28, 2023 10:14
rnetser
rnetser requested changes May 31, 2023
View reviewed changes
ocp_resources/security_context_constraints.py Outdated
Security Context Constraints object. API reference:
https://docs.openshift.com/container-platform/4.13/rest_api/security_apis/securitycontextconstraints-security-openshift-io-v1.html
Args:
Copy link
Collaborator

@rnetser rnetser May 31, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. should be under init
  2. do not repeat the api docs
  3. defaults by the api should not appear here

Copy link
Contributor Author

@yossisegev yossisegev May 31, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

ocp_resources/security_context_constraints.py Outdated
super().to_dict()
if not self.yaml_file:
self.res.update()
manifest_spec = self.res
Copy link
Collaborator

@rnetser rnetser May 31, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

no need to save

Copy link
Contributor Author

@yossisegev yossisegev May 31, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

@redhat-qe-bot redhat-qe-bot requested a review from rnetser May 31, 2023 19:37
@sonarqubecloud
Copy link

sonarqubecloud bot commented May 31, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

rnetser
rnetser requested changes Jun 9, 2023
View reviewed changes
ocp_resources/security_context_constraints.py
https://docs.openshift.com/container-platform/4.13/rest_api/security_apis/securitycontextconstraints-security-openshift-io-v1.html
Args:
allow_host_dir_volume_plugin (bool): Determines if the policy allow containers to use the HostDir volume
Copy link
Collaborator

@rnetser rnetser Jun 9, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please add defaults, e.g allow_host_dir_volume_plugin (bool, default: False)

ocp_resources/security_context_constraints.py
if self.groups:
self.res["groups"] = self.groups

if self.priority:
Copy link
Collaborator

@rnetser rnetser Jun 9, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

priority default is 0
is 0 a valid option?if so, the code below will not be reached

@github-actions github-actions bot added the Stale label Jul 28, 2023
@github-actions github-actions bot closed this Aug 5, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rnetser rnetser rnetser requested changes

@myakove myakove myakove approved these changes

Assignees

@yossisegev yossisegev

Labels

Approved-by-myakove branch-main Changes_Requested-by-rnetser needs-rebase size/L Stale

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@yossisegev @redhat-qe-bot @myakove @rnetser