fix: valiate policy names are rfc 1123

aquasecurity · Jul 25, 2023 · 030c0f7 · 030c0f7
1 parent 7372ab2
commit 030c0f7
Show file tree

Hide file tree

Showing 21 changed files with 265 additions and 271 deletions.
diff --git a/deploy/helm/tracee/templates/tracee-policies.yaml b/deploy/helm/tracee/templates/tracee-policies.yaml
@@ -10,7 +10,7 @@ data:
     apiVersion: aquasecurity.github.io/v1beta1
     kind: TraceePolicy
     metadata:
-      name: signature_events
+      name: signature-events
       annotations:
         description: traces all signature events
     spec:

diff --git a/deploy/kubernetes/tracee/tracee.yaml b/deploy/kubernetes/tracee/tracee.yaml
@@ -12,7 +12,7 @@ data:
     apiVersion: aquasecurity.github.io/v1beta1
     kind: TraceePolicy
     metadata:
-      name: signature_events
+      name: signature-events
       annotations:
         description: traces all signature events
     spec:

diff --git a/docs/docs/events/overview.md b/docs/docs/events/overview.md
@@ -21,7 +21,7 @@ cat <<EOF >sample_policy.yaml
 apiVersion: aquasecurity.github.io/v1beta1
 kind: TraceePolicy
 metadata:
-	name: sample policy
+	name: sample-policy
 	annotations:
 		description: traces execve events
 spec:

diff --git a/docs/docs/policies/index.md b/docs/docs/policies/index.md
@@ -13,7 +13,7 @@ Following is a sample policy:
 apiVersion: aquasecurity.github.io/v1beta1
 kind: TraceePolicy
 metadata:
-	name: overview policy
+	name: overview-policy
 	annotations:
 		description: sample overview policy
 spec:

diff --git a/docs/docs/policies/rules.md b/docs/docs/policies/rules.md
@@ -15,7 +15,7 @@ Context is data which is collected along the event. They can be filtered like:
 apiVersion: aquasecurity.github.io/v1beta1
 kind: TraceePolicy
 metadata:
-	name: sample_context_filter
+	name: sample-context-filter
 	annotations:
 		description: sample context filter
 spec:
@@ -190,7 +190,7 @@ Events have arguments, which can be filtered.
 apiVersion: aquasecurity.github.io/v1beta1
 kind: TraceePolicy
 metadata:
-	name: sample_argument_filter
+	name: sample-argument-filter
 	annotations:
 		description: sample argument filter
 spec:
@@ -220,7 +220,7 @@ Return values can also be filtered.
 apiVersion: aquasecurity.github.io/v1beta1
 kind: TraceePolicy
 metadata:
-	name: sample_return_value
+	name: sample-return-value
 	annotations:
 		description: sample return value
 spec:

diff --git a/docs/tutorials/k8s-policies.md b/docs/tutorials/k8s-policies.md
@@ -59,7 +59,7 @@ signatures.yaml:
 apiVersion: aquasecurity.github.io/v1beta1
 kind: TraceePolicy
 metadata:
-	name: signature_events
+	name: signature-events
 	annotations:
 		description: traces all signature events
 spec:
@@ -115,7 +115,7 @@ events.yaml: |-
   apiVersion: aquasecurity.github.io/v1beta1
   kind: TraceePolicy
   metadata:
-	  name: execve_event
+	  name: execve-event
 	  annotations:
 	  	description: traces all signature events
   spec:

diff --git a/examples/policies/container_dns_events.yaml b/examples/policies/container_dns_events.yaml
@@ -1,7 +1,7 @@
 apiVersion: aquasecurity.github.io/v1beta1
 kind: TraceePolicy
 metadata:
-  name: container_dns_events
+  name: container-dns-events
   annotations:
     description: traces dns events from containers
 spec:

diff --git a/examples/policies/context_comm.yaml b/examples/policies/context_comm.yaml
@@ -1,7 +1,7 @@
 apiVersion: aquasecurity.github.io/v1beta1
 kind: TraceePolicy
 metadata:
-  name: context_comm
+  name: context-comm
   annotations:
     description: traces openat done by ls
 spec:

diff --git a/examples/policies/new_containers.yaml b/examples/policies/new_containers.yaml
@@ -1,7 +1,7 @@
 apiVersion: aquasecurity.github.io/v1beta1
 kind: TraceePolicy
 metadata:
-  name: new_containers
+  name: new-containers
   annotations:
     description: traces events container_created and security_file_open only for new container
 spec:

diff --git a/examples/policies/new_pids.yaml b/examples/policies/new_pids.yaml
@@ -1,7 +1,7 @@
 apiVersion: aquasecurity.github.io/v1beta1
 kind: TraceePolicy
 metadata:
-  name: new_pids
+  name: new-pids
   annotations:
     description: traces openat and security_file_open for new pids
 spec:

diff --git a/examples/policies/not_containers.yaml b/examples/policies/not_containers.yaml
@@ -1,7 +1,7 @@
 apiVersion: aquasecurity.github.io/v1beta1
 kind: TraceePolicy
 metadata:
-  name: not_containers
+  name: not-containers
   annotations:
     description: traces anti_debugging in the host
 spec:

diff --git a/examples/policies/openat_args_pahtname.yaml b/examples/policies/openat_args_pahtname.yaml
@@ -1,7 +1,7 @@
 apiVersion: aquasecurity.github.io/v1beta1
 kind: TraceePolicy
 metadata:
-  name: openat_args_pathname
+  name: openat-args-pathname
   annotations:
     description: traces openat under /tmp/*
 spec:

diff --git a/examples/policies/pid_equal.yaml b/examples/policies/pid_equal.yaml
@@ -1,7 +1,7 @@
 apiVersion: aquasecurity.github.io/v1beta1
 kind: TraceePolicy
 metadata:
-  name: pid_equal
+  name: pid-equal
   annotations:
     description: traces read and write syscalls for pids 1000, and 2000
 spec:

diff --git a/examples/policies/scope_comm.yaml b/examples/policies/scope_comm.yaml
@@ -1,7 +1,7 @@
 apiVersion: aquasecurity.github.io/v1beta1
 kind: TraceePolicy
 metadata:
-  name: comm_strace
+  name: comm-strace
   annotations:
     description: traces sched_process_exec and sched_process_exit for the command strace
 spec:

diff --git a/examples/policies/signature_events.yaml b/examples/policies/signature_events.yaml
@@ -1,7 +1,7 @@
 apiVersion: aquasecurity.github.io/v1beta1
 kind: TraceePolicy
 metadata:
-  name: signature_events
+  name: signature-events
   annotations:
     description: traces all signature events
 spec:

diff --git a/examples/policies/uid_higher_than_or_equal_to_zero.yaml b/examples/policies/uid_higher_than_or_equal_to_zero.yaml
@@ -1,7 +1,7 @@
 apiVersion: aquasecurity.github.io/v1beta1
 kind: TraceePolicy
 metadata:
-  name: uid_higher_than_or_equal_to_zero
+  name: uid-higher-than-or-equal-to-zero
   annotations:
     description: traces read and write syscall for uids higher than or equal to 0
 spec:

diff --git a/go.mod b/go.mod
@@ -32,6 +32,7 @@ require (
 	google.golang.org/protobuf v1.30.0
 	gopkg.in/yaml.v2 v2.4.0
 	gotest.tools v2.2.0+incompatible
+	k8s.io/apimachinery v0.27.1
 	kernel.org/pub/linux/libs/security/libcap/cap v1.2.68
 )
 
@@ -89,7 +90,6 @@ require (
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gotest.tools/v3 v3.4.0 // indirect
 	k8s.io/api v0.27.1 // indirect
-	k8s.io/apimachinery v0.27.1 // indirect
 	k8s.io/client-go v0.27.1 // indirect
 	k8s.io/klog/v2 v2.100.1 // indirect
 	k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f // indirect