Skip to content

Support initContainers in cascading scan rules #734

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 19, 2021
Merged

Support initContainers in cascading scan rules #734

merged 2 commits into from
Oct 19, 2021

Conversation

malexmave
Copy link
Member

@malexmave malexmave commented Oct 15, 2021
edited
Loading

Description

When adding support for init containers (ADR-0009) to the scan definitions, I did not realize that the cascading scan rules needed to get explicit support for this as well. So, with this PR I added:

  • inheritInitContainers property on cascadingscans CRD (not sure when this would be useful, but I added it for feature parity with volumes, env variables, etc.)
  • initContainer support in the JavaScript implementation of the cascading scans hook
  • Added and updated relevant test cases to keep unit tests passing

Checklist

  • Test your changes as thoroughly as possible before you commit them. Preferably, automate your test by unit/integration tests.
  • Make sure npm test runs for the whole project.
  • Make codeclimate checks happy

@malexmave
Add inheritInitContainer property to cascades
875310e 
To support initContainers (ADR-0009) in cascading scans, we need to add
a flag for them to the CRDs to be consistent with the volumes, env, etc.

Signed-off-by: Max Maass <max.maass@iteratec.com>
@malexmave
Update cascading hook to support initContainer
989c2ed 
The hook code needs explicit support for passing through, merging, and
templating init containers for cascading scans correctly.
This commit adds this support, together with test cases.

Signed-off-by: Max Maass <max.maass@iteratec.com>
@malexmave malexmave added architecture Architecture changes hook Implement or update a hook labels Oct 15, 2021
@malexmave malexmave self-assigned this Oct 15, 2021
malexmave
malexmave commented Oct 15, 2021
View reviewed changes
hooks/cascading-scans/hook/hook.ts
Comment on lines +196 to +201
cascadingRule.spec.scanSpec.initContainers = initContainers
if (cascadingRule.spec.scanSpec.initContainers !== undefined) {
cascadingRule.spec.scanSpec.initContainers.forEach(container => {
container.command = container.command.map(parameter => Mustache.render(parameter, templateArgs))
});
}
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If someone has a nicer way of doing this, feel free to make a suggestion / change it in the branch.

@J12934 J12934 merged commit 06145ee into main Oct 19, 2021
@J12934 J12934 deleted the feature/adr-0009-for-cascading-scans branch October 19, 2021 08:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@J12934 J12934 J12934 approved these changes

Assignees

@malexmave malexmave

Labels
architecture Architecture changes hook Implement or update a hook
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@malexmave @J12934