-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: settings to skip init and ephemeral containers. #74
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you add questions-ui.yml
please?
questions:
- default: false
tooltip: >-
Ignore that some init container is configured as privileged
group: Settings
label: Skip init containers
required: false
type: boolean
variable: skip_init_containers
- default: false
tooltip: >-
Ignore that some ephemeral container is configured as privileged
group: Settings
label: Skip ephemeral containers
required: false
type: boolean
variable: skip_ephemeral_containers
Adds two settings for the policy that allows the user to skip the verification on init and ephemeral containers. Signed-off-by: José Guilherme Vanz <[email protected]>
1e25888
to
edf3282
Compare
@kravciak I've added the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Maybe it's redundant, but could we add a couple of e2e tests regarding the new feature? |
08d556b
to
4c1ec4f
Compare
Done. I've also remove bats and start to run the e2e tests in rust. |
4c1ec4f
to
7f59b80
Compare
To get a green CI in the PR we need to merge this PR and update the reusable workflow. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jvanz I think there was a misunderstanding. The existing bats test had to be extended, not rewritten in Rust.
Moreover, the tests are failing inside of the GH runner not because of something missing inside of the shared github actions (this PR you created), but because the policy.wasm
file is not found.
The Makefile target running the tests has been changed by this PR to remove the dependency against the annotated-policy.wasm
file, that leads to a situation where the e2e tests cannot find the policy.wasm
file
Can you please undo the changes to the e2e tests and just extend the bats file?
This is not the case. The workflow does not call
Yes, I can do it. I was just thinking that running the tests on Rust will be more flexible. As we have done for another rust repositories. Just one additional note, if we had choose the run the tests on Rust, despite of the makefile changes, the other PR will be still required. Because the command called in the workflow to run the tests is |
308f2b5
to
64b5803
Compare
I've just added a little piece of code to validate if the |
Adds the questions-ui.yml file that allows Rancher UI to show the possible configurations in the web interface. Signed-off-by: José Guilherme Vanz <[email protected]>
Refactor the policy unit tests to use rstest reducing the number of test functions and similar code. Furthermore, added two more e2e tests to validate the new feature to skip init and ephemeral containers. Signed-off-by: José Guilherme Vanz <[email protected]>
64b5803
to
c4af2da
Compare
Description
Adds two settings for the policy that allows the user to skip the verification on init and ephemeral containers.
Furthermore, refactor the policy unit tests to use rstest reducing the number of test functions and duplicate code
Fix #73
Test
make test