Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update(rules): revert exceptions in default ruleset #1602

Merged
merged 6 commits into from
Apr 9, 2021
Merged

update(rules): revert exceptions in default ruleset #1602

merged 6 commits into from
Apr 9, 2021

Commits on Apr 7, 2021

  1. update(rules): revert exceptions in default ruleset 

    Exceptions have been introduced in commit 64a231b
The feature itself is very useful for more complex environments where
the simple conditions are difficult to handle.
However, many users reported that they find them difficult to understand so
we are doing a rollback of them in the default ruleset in favor of the
syntax without exceptions.

Signed-off-by: Lorenzo Fontana <lo@linux.com>
    @fntlnz
    fntlnz committed Apr 7, 2021
    Configuration menu
    Copy the full SHA
    8942ee0 View commit details
    Browse the repository at this point in the history

  2. rules(list user_known_sa_list): revert as an empty list for user over… 

    …write

rules(list known_sa_list): list of known sa moved here from user_known_sa_list

Signed-off-by: Lorenzo Fontana <lo@linux.com>
    @fntlnz
    fntlnz committed Apr 7, 2021
    Configuration menu
    Copy the full SHA
    15ad55b View commit details
    Browse the repository at this point in the history

  3. update(rules): revert exceptions in default ruleset for k8s audit 

    Signed-off-by: Lorenzo Fontana <lo@linux.com>
    @fntlnz
    fntlnz committed Apr 7, 2021
    Configuration menu
    Copy the full SHA
    548ad42 View commit details
    Browse the repository at this point in the history

Commits on Apr 8, 2021

  1. update(userspace/engine): remove warnings for missing exceptions 

    We want users to continue using rules without having to use exceptions.
Exceptions are an additional feature for more advanced use-cases, having
a warning in there will mean that everyone now adds an empty exception
to avoid the warning.

Co-Authored-By: Leonardo Grasso <me@leonardograsso.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
    @fntlnz @leogr
    fntlnz and leogr committed Apr 8, 2021
    Configuration menu
    Copy the full SHA
    1b0e379 View commit details
    Browse the repository at this point in the history

Commits on Apr 9, 2021

  1. chore(rules): re-enable negation of package_mgmt_procs for Write belo… 

    …w binary dir rule

Co-authored-by: Leonardo Grasso <me@leonardograsso.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
    @leodido @leogr
    leodido and leogr committed Apr 9, 2021
    Configuration menu
    Copy the full SHA
    7890a4a View commit details
    Browse the repository at this point in the history

  2. chore(rules): cleanup old macros 

    Co-authored-by: Lorenzo Fontana <lo@linux.com>
Co-authored-by: Leonardo Grasso <me@leonardograsso.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
    @leodido @fntlnz @leogr
    3 people committed Apr 9, 2021
    Configuration menu
    Copy the full SHA
    d6ac566 View commit details
    Browse the repository at this point in the history