Skip to content

feat(CLOUDDST-29067): Add OLM allowed resource kinds policy#1506

Merged
simonbaird merged 1 commit intoconforma:mainfrom
asergienk:allowed_resource_kinds_check
Sep 2, 2025
Merged

feat(CLOUDDST-29067): Add OLM allowed resource kinds policy#1506
simonbaird merged 1 commit intoconforma:mainfrom
asergienk:allowed_resource_kinds_check

Conversation

@asergienk
Copy link

@asergienk asergienk commented Aug 28, 2025
edited
Loading

New Conforma Policy to validate OLM bundle manifests against the allowed resource kinds. The initial request was to check for NetworkPolicy manifests and fail if they are present. However, during refinement, it was decided to broaden the scope to verify all manifests, not just NetworkPolicy.

There is no effective_on date set for this policy, as the work is urgent and should immediately block bundle releases containing NetworkPolicy manifests.

@asergienk asergienk force-pushed the allowed_resource_kinds_check branch 2 times, most recently from d8fca17 to 40ff19a Compare August 28, 2025 17:07
@codecov
Copy link

codecov bot commented Aug 28, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.

Files with missing lines Coverage Δ
policy/lib/rule_data.rego 100.00% <ø> (ø)
policy/release/olm/olm.rego 100.00% <100.00%> (ø)
policy/release/olm/olm_test.rego 100.00% <100.00%> (ø)
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@asergienk asergienk force-pushed the allowed_resource_kinds_check branch from 40ff19a to d270a8d Compare August 28, 2025 18:29
nmars
nmars reviewed Aug 28, 2025
View reviewed changes
nmars
nmars reviewed Aug 28, 2025
View reviewed changes
st3penta
st3penta reviewed Aug 29, 2025
View reviewed changes
simonbaird
simonbaird approved these changes Aug 29, 2025
View reviewed changes
Copy link
Member

@simonbaird simonbaird left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice PR!

Approved, but I think you should remove the redundant result := true as suggested.

@asergienk asergienk force-pushed the allowed_resource_kinds_check branch from d270a8d to 1c91c50 Compare August 29, 2025 14:51
@asergienk asergienk force-pushed the allowed_resource_kinds_check branch from 1c91c50 to 9e96e87 Compare August 29, 2025 16:24
@asergienk
Copy link
Author

asergienk commented Sep 2, 2025

@simonbaird could you please merge this PR?

@simonbaird simonbaird merged commit 19a063b into conforma:main Sep 2, 2025
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@st3penta st3penta st3penta left review comments

@simonbaird simonbaird simonbaird approved these changes

+2 more reviewers

@nmars nmars nmars approved these changes

@yashvardhannanavati yashvardhannanavati yashvardhannanavati approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@asergienk @simonbaird @nmars @yashvardhannanavati @st3penta