Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Pkg Wildcard Validation to allow the ':' character #2797

Merged
merged 4 commits into from May 30, 2023
Merged

fix: Pkg Wildcard Validation to allow the ':' character #2797

merged 4 commits into from May 30, 2023

Conversation

Mitsuwa
Copy link
Contributor

@Mitsuwa Mitsuwa commented May 26, 2023
edited

What this PR does / why we need it:

Update pkg wildcard validation to allow for the : character, as this character is common for Cluster named rbac objects, such as ClusterRole or namespaced objects likeRoles.

Note that this does not allow for the : to be the first or last characters in the Name

Which issue(s) this PR fixes (optional, using fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when the PR gets merged):
Fixes # #2780

Special notes for your reviewer:

As mentioned in the issue comment. I updated the pkg/util/wildcard.go file and ran make manifests

I then was able to run make docker-build without issue, and when I used the gatekeepr image that was built with the manifests generated via make manifests. I no longer receive the error

error when patching "./example.yaml": AssignMetadata.mutations.gatekeeper.sh "test-example-label" is invalid: spec.match.name: Invalid value: "crossplane:provider:gcp-*": spec.match.name in body should match '^(\*|\*-)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\*|-\*)?$'

Testing the Regex - link to detailed regex explanation with examples

@Mitsuwa Mitsuwa changed the title fix: Match Names support ':' character fix: Pkg Wildcard Validation to allow the ':' character May 26, 2023
@Mitsuwa
fix: Match Names support ':' character
02d65ec 
Signed-off-by: Bryan Nobuhara <bryan.nobuhara@coinbase.com>
@Mitsuwa Mitsuwa mentioned this pull request May 26, 2023
Closed
@Mitsuwa
Copy link
Contributor Author

Mitsuwa commented May 26, 2023

Please take a look when you have time @maxsmythe @acpana

maxsmythe
maxsmythe approved these changes May 30, 2023
View reviewed changes
Copy link
Contributor

@maxsmythe maxsmythe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thank you for the fix!

@maxsmythe maxsmythe requested review from sozercan and ritazh May 30, 2023 21:38
ritazh
ritazh approved these changes May 30, 2023
View reviewed changes
Copy link
Member

@ritazh ritazh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Thanks for the PR!

@ritazh ritazh merged commit f198738 into open-policy-agent:master May 30, 2023
16 checks passed
Hy3n4 pushed a commit to Hy3n4/gatekeeper that referenced this pull request Jun 30, 2023
@Mitsuwa @sozercan
@ritazh @Hy3n4
fix: Pkg Wildcard Validation to allow the ':' character (open-policy-…
a127e98 
…agent#2797)

Signed-off-by: Bryan Nobuhara <bryan.nobuhara@coinbase.com>
Co-authored-by: Sertaç Özercan <852750+sozercan@users.noreply.github.com>
Co-authored-by: Rita Zhang <rita.z.zhang@gmail.com>
@maxsmythe maxsmythe mentioned this pull request Mar 19, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ritazh ritazh ritazh approved these changes

@maxsmythe maxsmythe maxsmythe approved these changes

@sozercan sozercan Awaiting requested review from sozercan

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@Mitsuwa @ritazh @maxsmythe @sozercan