Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(kubernetes): Add to nested resources on k8s graph inherit namespace #6912

Merged
merged 1 commit into from
Dec 21, 2024
Merged

fix(kubernetes): Add to nested resources on k8s graph inherit namespace #6912

merged 1 commit into from
Dec 21, 2024

Conversation

talazuri
Copy link
Contributor

@talazuri talazuri commented Dec 18, 2024
edited by baz-reviewer bot
Loading

User description

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

Description

I fixed the k8s build graph to inherit namespace for nested resources

Fixes # (issue)

New/Edited policies (Delete if not relevant)

Description

Include a description of what makes it a violation and any relevant external links.

Fix

How does someone fix the issue in code and/or in runtime?

Checklist:

  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have added tests that prove my feature, policy, or fix is effective and works
  • New and existing tests pass locally with my changes

Generated description

Below is a concise technical summary of the changes proposed in this PR:

Enhances the Kubernetes graph builder to inherit namespace for nested resources. Implements a new check to ensure resources are not in the default namespace. Adds corresponding test cases and resources for the new functionality. Updates existing test cases to reflect the changes in namespace handling.

TopicDetails
Test Updates Updates existing test cases to reflect changes in namespace handling
Modified files (1)
  • tests/kubernetes/graph/checks/resources/AllowPrivilegeEscalation/expected.yaml
Latest Contributors(2)
UserCommitDate
peleg.litvak@gmail.comfeat-kubernetes-set-de...January 15, 2023
YaaraVernerAdd-tests-for-k8s-grap...December 15, 2021
K8s Namespace Inherit Modifies the Kubernetes graph builder to inherit namespace for nested resources
Modified files (1)
  • checkov/kubernetes/graph_builder/local_graph.py
Latest Contributors(2)
UserCommitDate
SteveVakninfix-general-downgrade-...February 07, 2024
bo156feat-kustomize-Support...July 13, 2023
No Default Namespace Adds a new check and tests to ensure Kubernetes resources are not in the default namespace
Modified files (5)
  • tests/kubernetes/graph/checks/test_yaml_policies.py
  • tests/kubernetes/graph/checks/resources/NoDefaultNamespace/template.yaml
  • tests/kubernetes/graph/checks/resources/NoDefaultNamespace/expected.yaml
  • tests/kubernetes/checks/example_NoDefaultNamespace/Dev-PASSED.yaml
  • tests/kubernetes/graph/checks/test_checks/NoDefaultNamespace.yaml
Latest Contributors(2)
UserCommitDate
lirshindalmanfeat-general-Add-image...September 28, 2023
bo156feat-general-Add-rustw...September 28, 2023
This pull request is reviewed by Baz. Join @talazuri and the rest of your team on (Baz).

@talazuri talazuri force-pushed the add-namespace-nested-resources-k8s branch from ec870e7 to 6331d90 Compare December 18, 2024 11:41
@talazuri talazuri changed the title fix(k8s): Add to nested resources on k8s graph inherit namespace fix(kubernetes): Add to nested resources on k8s graph inherit namespace Dec 18, 2024
@talazuri talazuri force-pushed the add-namespace-nested-resources-k8s branch from 6331d90 to 20a54a0 Compare December 18, 2024 14:31
@talazuri talazuri force-pushed the add-namespace-nested-resources-k8s branch from 20a54a0 to 3ebb59e Compare December 18, 2024 14:34
@talazuri talazuri force-pushed the add-namespace-nested-resources-k8s branch from 3ebb59e to a7a2548 Compare December 18, 2024 14:39
@talazuri talazuri force-pushed the add-namespace-nested-resources-k8s branch from a7a2548 to 3d57e74 Compare December 18, 2024 19:01
@talazuri talazuri force-pushed the add-namespace-nested-resources-k8s branch from 3d57e74 to 2d62251 Compare December 21, 2024 19:13
@talazuri talazuri merged commit 1bc9f22 into main Dec 21, 2024
34 of 35 checks passed
@talazuri talazuri deleted the add-namespace-nested-resources-k8s branch December 21, 2024 19:22
Saarett pushed a commit that referenced this pull request Dec 21, 2024
@talazuri @actions-user
fix(kubernetes): Add to nested resources on k8s graph inherit namespa…
7ff6e71 
…ce (#6912)

Add to nested resources on k8s graph inherit namespace
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@OfekShimko OfekShimko OfekShimko approved these changes

@lirshindalman lirshindalman lirshindalman approved these changes

@bo156 bo156 bo156 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@talazuri @bo156 @lirshindalman @OfekShimko