Skip to content

Commit

Permalink
Merge branch 'master' into sysctl-allow-list
Browse files Browse the repository at this point in the history
  • Loading branch information
@ordovicia
ordovicia committed Nov 9, 2022
2 parents e7a69b0 + 53847d3 commit 90164cb
Show file tree
Hide file tree
Showing 41 changed files with 131 additions and 124 deletions.
6 changes: 6 additions & 0 deletions go.work
View file
@@ -0,0 +1,6 @@
go 1.19

use (
./scripts/artifacthub
./scripts/website
)
3 changes: 2 additions & 1 deletion scripts/website/generate.go
View file
Expand Up @@ -105,7 +105,8 @@ func main() {

examples := ""
for _, testCase := range test.Cases {
exampleRawURL := sourceURL + filepath.Join(entryPoint, entry.Name(), dir.Name(), test.Constraint)
exampleRawURL := sourceURL + filepath.Join(entryPoint, entry.Name(), dir.Name(), testCase.Object)

exampleContent, err := os.ReadFile(filepath.Join(basePath, dir.Name(), testCase.Object))
if err != nil {
fmt.Println("error while reading ", testCase.Object)
Expand Down
6 changes: 3 additions & 3 deletions website/docs/allow-privilege-escalation.md
View file
Expand Up @@ -157,7 +157,7 @@ spec:
Usage

```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/pod-security-policy/allow-privilege-escalation/samples/psp-allow-privilege-escalation-container/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/pod-security-policy/allow-privilege-escalation/samples/psp-allow-privilege-escalation-container/example_allowed.yaml
```

</details>
Expand All @@ -183,7 +183,7 @@ spec:
Usage

```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/pod-security-policy/allow-privilege-escalation/samples/psp-allow-privilege-escalation-container/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/pod-security-policy/allow-privilege-escalation/samples/psp-allow-privilege-escalation-container/example_disallowed.yaml
```

</details>
Expand All @@ -209,7 +209,7 @@ spec:
Usage

```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/pod-security-policy/allow-privilege-escalation/samples/psp-allow-privilege-escalation-container/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/pod-security-policy/allow-privilege-escalation/samples/psp-allow-privilege-escalation-container/disallowed_ephemeral.yaml
```

</details>
Expand Down
10 changes: 5 additions & 5 deletions website/docs/allowedrepos.md
View file
Expand Up @@ -125,7 +125,7 @@ spec:
Usage
```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/allowedrepos/samples/repo-must-be-openpolicyagent/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/allowedrepos/samples/repo-must-be-openpolicyagent/example_allowed.yaml
```
</details>
Expand All @@ -151,7 +151,7 @@ spec:
Usage
```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/allowedrepos/samples/repo-must-be-openpolicyagent/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/allowedrepos/samples/repo-must-be-openpolicyagent/example_disallowed_container.yaml
```
</details>
Expand Down Expand Up @@ -188,7 +188,7 @@ spec:
Usage
```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/allowedrepos/samples/repo-must-be-openpolicyagent/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/allowedrepos/samples/repo-must-be-openpolicyagent/example_disallowed_initcontainer.yaml
```
</details>
Expand Down Expand Up @@ -221,7 +221,7 @@ spec:
Usage
```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/allowedrepos/samples/repo-must-be-openpolicyagent/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/allowedrepos/samples/repo-must-be-openpolicyagent/example_disallowed_both.yaml
```
</details>
Expand Down Expand Up @@ -261,7 +261,7 @@ spec:
Usage
```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/allowedrepos/samples/repo-must-be-openpolicyagent/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/allowedrepos/samples/repo-must-be-openpolicyagent/disallowed_all.yaml
```
</details>
Expand Down
6 changes: 3 additions & 3 deletions website/docs/apparmor.md
View file
Expand Up @@ -170,7 +170,7 @@ spec:
Usage

```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/pod-security-policy/apparmor/samples/psp-apparmor/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/pod-security-policy/apparmor/samples/psp-apparmor/example_allowed.yaml
```

</details>
Expand All @@ -197,7 +197,7 @@ spec:
Usage

```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/pod-security-policy/apparmor/samples/psp-apparmor/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/pod-security-policy/apparmor/samples/psp-apparmor/example_disallowed.yaml
```

</details>
Expand All @@ -224,7 +224,7 @@ spec:
Usage

```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/pod-security-policy/apparmor/samples/psp-apparmor/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/pod-security-policy/apparmor/samples/psp-apparmor/disallowed_ephemeral.yaml
```

</details>
Expand Down
4 changes: 2 additions & 2 deletions website/docs/automount-serviceaccount-token.md
View file
Expand Up @@ -121,7 +121,7 @@ spec:
Usage

```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/automount-serviceaccount-token/samples/automount-serviceaccount-token/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/automount-serviceaccount-token/samples/automount-serviceaccount-token/example_allowed.yaml
```

</details>
Expand All @@ -146,7 +146,7 @@ spec:
Usage

```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/automount-serviceaccount-token/samples/automount-serviceaccount-token/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/automount-serviceaccount-token/samples/automount-serviceaccount-token/example_disallowed.yaml
```

</details>
Expand Down
4 changes: 2 additions & 2 deletions website/docs/block-endpoint-edit-default-role.md
View file
Expand Up @@ -243,7 +243,7 @@ rules:
Usage

```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/block-endpoint-edit-default-role/samples/block-endpoint-edit-default-role/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/block-endpoint-edit-default-role/samples/block-endpoint-edit-default-role/example_allowed.yaml
```

</details>
Expand Down Expand Up @@ -336,7 +336,7 @@ rules:
Usage

```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/block-endpoint-edit-default-role/samples/block-endpoint-edit-default-role/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/block-endpoint-edit-default-role/samples/block-endpoint-edit-default-role/example_disallowed.yaml
```

</details>
Expand Down
4 changes: 2 additions & 2 deletions website/docs/block-loadbalancer-services.md
View file
Expand Up @@ -94,7 +94,7 @@ spec:
Usage

```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/block-loadbalancer-services/samples/block-load-balancer/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/block-loadbalancer-services/samples/block-load-balancer/example_allowed.yaml
```

</details>
Expand All @@ -118,7 +118,7 @@ spec:
Usage

```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/block-loadbalancer-services/samples/block-load-balancer/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/block-loadbalancer-services/samples/block-load-balancer/example_disallowed.yaml
```

</details>
Expand Down
2 changes: 1 addition & 1 deletion website/docs/block-nodeport-services.md
View file
Expand Up @@ -92,7 +92,7 @@ spec:
Usage

```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/block-nodeport-services/samples/block-node-port/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/block-nodeport-services/samples/block-node-port/example_disallowed.yaml
```

</details>
Expand Down
8 changes: 4 additions & 4 deletions website/docs/block-wildcard-ingress.md
View file
Expand Up @@ -105,7 +105,7 @@ spec:
Usage

```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/block-wildcard-ingress/samples/block-wildcard-ingress/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/block-wildcard-ingress/samples/block-wildcard-ingress/example_allowed.yaml
```

</details>
Expand Down Expand Up @@ -135,7 +135,7 @@ spec:
Usage

```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/block-wildcard-ingress/samples/block-wildcard-ingress/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/block-wildcard-ingress/samples/block-wildcard-ingress/disallowed/blank_host.yaml
```

</details>
Expand Down Expand Up @@ -165,7 +165,7 @@ spec:
Usage

```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/block-wildcard-ingress/samples/block-wildcard-ingress/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/block-wildcard-ingress/samples/block-wildcard-ingress/disallowed/host_omitted.yaml
```

</details>
Expand Down Expand Up @@ -206,7 +206,7 @@ spec:
Usage

```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/block-wildcard-ingress/samples/block-wildcard-ingress/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/block-wildcard-ingress/samples/block-wildcard-ingress/disallowed/wildcard_host.yaml
```

</details>
Expand Down
6 changes: 3 additions & 3 deletions website/docs/capabilities.md
View file
Expand Up @@ -228,7 +228,7 @@ spec:
Usage
```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/pod-security-policy/capabilities/samples/capabilities-demo/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/pod-security-policy/capabilities/samples/capabilities-demo/example_disallowed.yaml
```
</details>
Expand Down Expand Up @@ -264,7 +264,7 @@ spec:
Usage
```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/pod-security-policy/capabilities/samples/capabilities-demo/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/pod-security-policy/capabilities/samples/capabilities-demo/example_allowed.yaml
```
</details>
Expand Down Expand Up @@ -299,7 +299,7 @@ spec:
Usage
```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/pod-security-policy/capabilities/samples/capabilities-demo/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/pod-security-policy/capabilities/samples/capabilities-demo/disallowed_ephemeral.yaml
```
</details>
Expand Down
4 changes: 2 additions & 2 deletions website/docs/containerlimits.md
View file
Expand Up @@ -341,7 +341,7 @@ spec:
Usage
```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/containerlimits/samples/container-must-have-limits/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/containerlimits/samples/container-must-have-limits/example_allowed.yaml
```
</details>
Expand Down Expand Up @@ -372,7 +372,7 @@ spec:
Usage
```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/containerlimits/samples/container-must-have-limits/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/containerlimits/samples/container-must-have-limits/example_disallowed.yaml
```
</details>
Expand Down
4 changes: 2 additions & 2 deletions website/docs/containerrequests.md
View file
Expand Up @@ -341,7 +341,7 @@ spec:
Usage
```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/containerrequests/samples/container-must-have-requests/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/containerrequests/samples/container-must-have-requests/example_allowed.yaml
```
</details>
Expand Down Expand Up @@ -373,7 +373,7 @@ spec:
Usage
```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/containerrequests/samples/container-must-have-requests/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/containerrequests/samples/container-must-have-requests/example_disallowed.yaml
```
</details>
Expand Down
8 changes: 4 additions & 4 deletions website/docs/containerresourceratios.md
View file
Expand Up @@ -392,7 +392,7 @@ spec:
Usage
```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/containerresourceratios/samples/container-must-meet-ratio/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/containerresourceratios/samples/container-must-meet-ratio/example_allowed.yaml
```
</details>
Expand Down Expand Up @@ -427,7 +427,7 @@ spec:
Usage
```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/containerresourceratios/samples/container-must-meet-ratio/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/containerresourceratios/samples/container-must-meet-ratio/example_disallowed.yaml
```
</details>
Expand Down Expand Up @@ -494,7 +494,7 @@ spec:
Usage
```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/containerresourceratios/samples/container-must-meet-memory-and-cpu-ratio/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/containerresourceratios/samples/container-must-meet-memory-and-cpu-ratio/example_allowed.yaml
```
</details>
Expand Down Expand Up @@ -529,7 +529,7 @@ spec:
Usage
```shell
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/containerresourceratios/samples/container-must-meet-memory-and-cpu-ratio/constraint.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/containerresourceratios/samples/container-must-meet-memory-and-cpu-ratio/example_disallowed.yaml
```
</details>
Expand Down

0 comments on commit 90164cb

Please sign in to comment.