Skip to content
Permalink
Browse files

Convert to using OPA Constraint Framework (#80)

* Convert to using OPA Constraint Framework

Signed-off-by: Max Smythe <smythe@google.com>

* Update OPA framework version

Signed-off-by: Max Smythe <smythe@google.com>

* Add hermetic-test target

Signed-off-by: Max Smythe <smythe@google.com>

* Fix webhook name

Signed-off-by: Max Smythe <smythe@google.com>

* Update pkg/webhook/policy.go

Co-Authored-By: maxsmythe <max.smythe@gmail.com>
Signed-off-by: Max Smythe <smythe@google.com>

* Use webhookName flag to set the webhook name

Signed-off-by: Max Smythe <smythe@google.com>

* Implement namespace selector logic. Improve match schema validation

Signed-off-by: Max Smythe <smythe@google.com>

* Switch all logging to zapf

Signed-off-by: Max Smythe <smythe@google.com>

* Shift test make target to run in docker container

Signed-off-by: Max Smythe <smythe@google.com>

* Add tests for kind selector

Kind selector and tests adapted from Rego code by torin@styra.com

Signed-off-by: Max Smythe <smythe@google.com>

* Add comment to watch manager explaining polling update model

Signed-off-by: Max Smythe <smythe@google.com>

* Remove boilerplate comment

Signed-off-by: Max Smythe <smythe@google.com>
  • Loading branch information...
maxsmythe committed Mar 29, 2019
1 parent fcf2e42 commit 3a3a3e32eaed3099e2690992d0b8650474bbc1d0
Showing with 3,796 additions and 2,276 deletions.
  1. +2 −0 .gitignore
  2. +396 −240 Gopkg.lock
  3. +61 −7 Gopkg.toml
  4. +12 −3 Makefile
  5. +1 −1 PROJECT
  6. +54 −51 cmd/manager/main.go
  7. +57 −0 config/crds/templates_v1alpha1_constrainttemplate.yaml
  8. +1 −1 config/default/manager_image_patch.yaml
  9. +2 −17 config/manager/manager.yaml
  10. +44 −0 config/rbac/rbac_role.yaml
  11. +11 −0 demo/all_ns_must_have_gatekeeper.yaml
  12. +0 −4 demo/audit.sh
  13. +13 −0 demo/bad_schema.yaml
  14. +11 −0 demo/bad_schema2.yaml
  15. +9 −0 demo/bad_schema3.yaml
  16. +0 −5 demo/demo-mutation.sh
  17. +0 −3 demo/demo-validation.sh
  18. +0 −12 demo/ingress-bad.yaml
  19. +0 −12 demo/ingress-ok.yaml
  20. +31 −0 demo/k8srequiredlabels_template.yaml
  21. +0 −4 demo/port-forward.sh
  22. +25 −0 pkg/apis/addtoscheme_constrainttemplate_v1alpha1.go
  23. +25 −0 pkg/apis/addtoscheme_customresourcedefinition_v1beta1.go
  24. +25 −0 pkg/controller/add_constrainttemplate.go
  25. +169 −0 pkg/controller/constraint/constraint_controller.go
  26. +275 −0 pkg/controller/constrainttemplate/constrainttemplate_controller.go
  27. +74 −0 pkg/controller/constrainttemplate/constrainttemplate_controller_suite_test.go
  28. +194 −0 pkg/controller/constrainttemplate/constrainttemplate_controller_test.go
  29. +20 −1 pkg/controller/controller.go
  30. +0 −72 pkg/opa/fake_opa.go
  31. +0 −261 pkg/opa/opa.go
  32. +0 −110 pkg/opa/opa_test.go
  33. +0 −103 pkg/policies/types/types.go
  34. +0 −147 pkg/standalone/server.go
  35. +105 −0 pkg/target/regolib/kind_selector_test.rego
  36. +557 −0 pkg/target/regolib/labelselector_test.rego
  37. +184 −0 pkg/target/regolib/src.rego
  38. +36 −0 pkg/target/regolib/util_test.rego
  39. +385 −0 pkg/target/target.go
  40. +240 −0 pkg/target/target_test.go
  41. +409 −0 pkg/watch/manager.go
  42. +303 −0 pkg/watch/manager_test.go
  43. +41 −599 pkg/webhook/policy.go
  44. +0 −620 pkg/webhook/policy_test.go
  45. +4 −3 pkg/webhook/webhook.go
  46. +20 −0 test/Dockerfile
@@ -1,3 +1,5 @@
# Staging dirs
.staging/

# Binaries for programs and plugins
*.exe

0 comments on commit 3a3a3e3

Please sign in to comment.
You can’t perform that action at this time.