Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: decompose istio oscal #826

Merged
merged 14 commits into from
Oct 17, 2024

Conversation

CloudBeard
Copy link
Contributor

@CloudBeard CloudBeard commented Sep 25, 2024

Description

Splits the validations out from the OSCAL Component-Definition. lula validate can work remotely to validate the validations.

Updated the OSCAL Assessment-Result as the baseline has changed from High to Moderate.

Updated the Istio catalog source url to a tagged version (recent GSA release)

This pattern allows for easier maintenance and development of the validations by not reading through 1000s of lines of OSCAL and OSCAL formatting just to make a small update.

All of the validations under the ./compliance/validations directory are a pull from the compliance-artifacts repo where OSCAL and Validations development happen.

Related Issue

Relates to #797

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Other (security config, docs update, etc)

Checklist before merging

@CloudBeard CloudBeard self-assigned this Sep 25, 2024
Copy link
Contributor

github-actions bot commented Sep 25, 2024

Compliance upstream Evaluation: success

CC: @defenseunicorns/lula-dev

Copy link
Contributor

github-actions bot commented Sep 25, 2024

Compliance unicorn Evaluation: success

CC: @defenseunicorns/lula-dev

Copy link
Contributor

github-actions bot commented Sep 25, 2024

Compliance registry1 Evaluation: success

CC: @defenseunicorns/lula-dev

@CloudBeard CloudBeard linked an issue Oct 16, 2024 that may be closed by this pull request
2 tasks
@CloudBeard CloudBeard marked this pull request as ready for review October 17, 2024 02:22
@CloudBeard CloudBeard requested a review from a team as a code owner October 17, 2024 02:22
@CloudBeard
Copy link
Contributor Author

Assessment Result was "pruned" because previous results contained FedRAMP High controls. All OSCAL is being updated to align to the current FedRAMP Moderate and IL4 Baseline controls with the information coming from the UniRAMP repo Issues and the SCTM in Google Sheets.

Note there are less controls in the OSCAL but also less in the baseline.

@mjnagel mjnagel merged commit 83c6ae5 into main Oct 17, 2024
28 checks passed
@mjnagel mjnagel deleted the 797-decompose-istio-oscal-into-oscal-and-validations branch October 17, 2024 14:15
docandrew pushed a commit that referenced this pull request Oct 17, 2024
## Description

Splits the validations out from the OSCAL Component-Definition. `lula
validate` can work remotely to validate the validations.

Updated the OSCAL Assessment-Result as the baseline has changed from
High to Moderate.

Updated the Istio catalog source url to a tagged version (recent GSA
release)

This pattern allows for easier maintenance and development of the
validations by not reading through 1000s of lines of OSCAL and OSCAL
formatting just to make a small update.

All of the validations under the ./compliance/validations directory are
a pull from the compliance-artifacts repo where OSCAL and Validations
development happen.

## Related Issue

Relates to #797

## Type of change

- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [x] Other (security config, docs update, etc)

## Checklist before merging

- [x] Test, docs, adr added or updated as needed
- [x] [Contributor
Guide](https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md)
followed
UnicornChance pushed a commit that referenced this pull request Oct 18, 2024
## Description

Splits the validations out from the OSCAL Component-Definition. `lula
validate` can work remotely to validate the validations.

Updated the OSCAL Assessment-Result as the baseline has changed from
High to Moderate.

Updated the Istio catalog source url to a tagged version (recent GSA
release)

This pattern allows for easier maintenance and development of the
validations by not reading through 1000s of lines of OSCAL and OSCAL
formatting just to make a small update.

All of the validations under the ./compliance/validations directory are
a pull from the compliance-artifacts repo where OSCAL and Validations
development happen.

## Related Issue

Relates to #797

## Type of change

- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [x] Other (security config, docs update, etc)

## Checklist before merging

- [x] Test, docs, adr added or updated as needed
- [x] [Contributor
Guide](https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md)
followed
UnicornChance added a commit that referenced this pull request Oct 18, 2024
chore(deps): update prometheus-stack (#863)

This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[cgr.dev/du-uds-defenseunicorns/kube-webhook-certgen-fips](https://images.chainguard.dev/directory/image/kube-webhook-certgen-fips/overview)
([source](https://redirect.github.com/chainguard-images/images-private/tree/HEAD/images/kube-webhook-certgen-fips))
| patch | `1.11.2` -> `1.11.3` |
|
[kube-prometheus-stack](https://redirect.github.com/prometheus-operator/kube-prometheus)
([source](https://redirect.github.com/prometheus-community/helm-charts))
| minor | `65.0.0` -> `65.2.0` |
|
[registry.k8s.io/ingress-nginx/kube-webhook-certgen](https://redirect.github.com/kubernetes/ingress-nginx)
| patch | `v1.4.3` -> `v1.4.4` |
|
[registry1.dso.mil/ironbank/opensource/ingress-nginx/kube-webhook-certgen](https://redirect.github.com/kubernetes/ingress-nginx/)
([source](https://repo1.dso.mil/dsop/opensource/kubernetes/ingress-nginx/kube-webhook-certgen))
| patch | `v1.4.3` -> `v1.4.4` |

---

<details>
<summary>prometheus-community/helm-charts
(kube-prometheus-stack)</summary>

[`v65.2.0`](https://redirect.github.com/prometheus-community/helm-charts/compare/kube-prometheus-stack-65.1.1...kube-prometheus-stack-65.2.0)

[Compare
Source](https://redirect.github.com/prometheus-community/helm-charts/compare/kube-prometheus-stack-65.1.1...kube-prometheus-stack-65.2.0)

[`v65.1.1`](https://redirect.github.com/prometheus-community/helm-charts/compare/kube-prometheus-stack-65.1.0...kube-prometheus-stack-65.1.1)

[Compare
Source](https://redirect.github.com/prometheus-community/helm-charts/compare/kube-prometheus-stack-65.1.0...kube-prometheus-stack-65.1.1)

[`v65.1.0`](https://redirect.github.com/prometheus-community/helm-charts/compare/kube-prometheus-stack-65.0.0...kube-prometheus-stack-65.1.0)

[Compare
Source](https://redirect.github.com/prometheus-community/helm-charts/compare/kube-prometheus-stack-65.0.0...kube-prometheus-stack-65.1.0)

</details>

---

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config
help](https://redirect.github.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/defenseunicorns/uds-core).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC45Ny4wIiwidXBkYXRlZEluVmVyIjoiMzguMTE1LjEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbXX0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Chance <139784371+UnicornChance@users.noreply.github.com>

chore(deps): update support-deps (#912)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| aws | required_provider | minor | `~> 5.71.0` -> `~> 5.72.0` |
|
[terraform-aws-modules/rds/aws](https://registry.terraform.io/modules/terraform-aws-modules/rds/aws)
([source](https://redirect.github.com/terraform-aws-modules/terraform-aws-rds))
| module | minor | `6.9.0` -> `6.10.0` |

---

<details>
<summary>terraform-aws-modules/terraform-aws-rds
(terraform-aws-modules/rds/aws)</summary>

[`v6.10.0`](https://redirect.github.com/terraform-aws-modules/terraform-aws-rds/blob/HEAD/CHANGELOG.md#6100-2024-10-16)

[Compare
Source](https://redirect.github.com/terraform-aws-modules/terraform-aws-rds/compare/v6.9.0...v6.10.0)

- Support `cloudwatch_log_group_tags` parameter
([#&#8203;571](https://redirect.github.com/terraform-aws-modules/terraform-aws-rds/issues/571))
([73e33fe](https://redirect.github.com/terraform-aws-modules/terraform-aws-rds/commit/73e33feba5d907801791168ebf6d3132fbd646f5))

- Update CI workflow versions to latest
([#&#8203;570](https://redirect.github.com/terraform-aws-modules/terraform-aws-rds/issues/570))
([220cc85](https://redirect.github.com/terraform-aws-modules/terraform-aws-rds/commit/220cc85dcdc8eb63772e25526db693dd563d40a1))

</details>

---

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config
help](https://redirect.github.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/defenseunicorns/uds-core).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4xMjAuMSIsInVwZGF0ZWRJblZlciI6IjM4LjEyMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Micah Nagel <micah.nagel@defenseunicorns.com>

fix: don't add duplicate policy names to `uds-core.pepr.dev/mutated` annotation (#916)

Adds a check to the `annotateMutation` function that prevents duplicate
values (policy names) from being added to the
`uds-core.pepr.dev/mutated` key

Fixes #717

- [x] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Other (security config, docs update, etc)

- [ ] Test, docs, adr added or updated as needed
- [ ] [Contributor
Guide](https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md)
followed

---------

Co-authored-by: Micah Nagel <micah.nagel@defenseunicorns.com>

fix: decompose istio oscal (#826)

Splits the validations out from the OSCAL Component-Definition. `lula
validate` can work remotely to validate the validations.

Updated the OSCAL Assessment-Result as the baseline has changed from
High to Moderate.

Updated the Istio catalog source url to a tagged version (recent GSA
release)

This pattern allows for easier maintenance and development of the
validations by not reading through 1000s of lines of OSCAL and OSCAL
formatting just to make a small update.

All of the validations under the ./compliance/validations directory are
a pull from the compliance-artifacts repo where OSCAL and Validations
development happen.

Relates to #797

- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [x] Other (security config, docs update, etc)

- [x] Test, docs, adr added or updated as needed
- [x] [Contributor
Guide](https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md)
followed

chore(deps): update pepr to v0.38.1 (#922)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [pepr](https://redirect.github.com/defenseunicorns/pepr) | [`0.38.0`
-> `0.38.1`](https://renovatebot.com/diffs/npm/pepr/0.38.0/0.38.1) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/pepr/0.38.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/pepr/0.38.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/pepr/0.38.0/0.38.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/pepr/0.38.0/0.38.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

<details>
<summary>defenseunicorns/pepr (pepr)</summary>

[`v0.38.1`](https://redirect.github.com/defenseunicorns/pepr/releases/tag/v0.38.1)

[Compare
Source](https://redirect.github.com/defenseunicorns/pepr/compare/v0.38.0...v0.38.1)

- chore: get pods each reporting interval by
[@&#8203;cmwylie19](https://redirect.github.com/cmwylie19) in
[https://github.com/defenseunicorns/pepr/pull/1279](https://redirect.github.com/defenseunicorns/pepr/pull/1279)
- chore: node-latest is breaking ci - change matrix to 22 by
[@&#8203;cmwylie19](https://redirect.github.com/cmwylie19) in
[https://github.com/defenseunicorns/pepr/pull/1288](https://redirect.github.com/defenseunicorns/pepr/pull/1288)
- chore: reduce package size - exclude tests from package by
[@&#8203;cmwylie19](https://redirect.github.com/cmwylie19) in
[https://github.com/defenseunicorns/pepr/pull/1275](https://redirect.github.com/defenseunicorns/pepr/pull/1275)
- test: http2-enable watcher and iso format logs in soak test by
[@&#8203;btlghrants](https://redirect.github.com/btlghrants) in
[https://github.com/defenseunicorns/pepr/pull/1277](https://redirect.github.com/defenseunicorns/pepr/pull/1277)
- test: http2-enable watcher in smoke test by
[@&#8203;btlghrants](https://redirect.github.com/btlghrants) in
[https://github.com/defenseunicorns/pepr/pull/1281](https://redirect.github.com/defenseunicorns/pepr/pull/1281)
- chore: update resource limits/requests on controllers by
[@&#8203;cmwylie19](https://redirect.github.com/cmwylie19) in
[https://github.com/defenseunicorns/pepr/pull/1291](https://redirect.github.com/defenseunicorns/pepr/pull/1291)
- chore: bump peter-murray/workflow-application-token-action from 3.0.1
to 4.0.0 by [@&#8203;dependabot](https://redirect.github.com/dependabot)
in
[https://github.com/defenseunicorns/pepr/pull/1273](https://redirect.github.com/defenseunicorns/pepr/pull/1273)
- chore: bump anchore/scan-action from 5.0.0 to 5.0.1 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/defenseunicorns/pepr/pull/1272](https://redirect.github.com/defenseunicorns/pepr/pull/1272)
- chore: bump chainguard/node from `8a604e5` to `b0b04bb` by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/defenseunicorns/pepr/pull/1271](https://redirect.github.com/defenseunicorns/pepr/pull/1271)
- chore: bump kubernetes-fluent-client from 3.1.1 to 3.1.2 in the
production-dependencies group by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/defenseunicorns/pepr/pull/1292](https://redirect.github.com/defenseunicorns/pepr/pull/1292)
- chore: bump
[@&#8203;types/node](https://redirect.github.com/types/node) from 22.7.5
to 22.7.6 in the development-dependencies group by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/defenseunicorns/pepr/pull/1293](https://redirect.github.com/defenseunicorns/pepr/pull/1293)
- chore: bump chainguard/node from `b0b04bb` to `96260af` by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/defenseunicorns/pepr/pull/1289](https://redirect.github.com/defenseunicorns/pepr/pull/1289)

**Full Changelog**:
defenseunicorns/pepr@v0.38.0...v0.38.1

</details>

---

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/defenseunicorns/uds-core).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4xMjAuMSIsInVwZGF0ZWRJblZlciI6IjM4LjEyMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

fix: test ci license check (#924)

CI currently doesn't check for license linting. Also updating some
compliance files with license headers.

- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [x] Other (security config, docs update, etc)

- [x] Test, docs, adr added or updated as needed
- [x] [Contributor
Guide](https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md)
followed

chore: group setup action in support deps (#930)

Should regroup these:
https://github.com/defenseunicorns/uds-core/pull/926/files

N/A

- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [x] Other (security config, docs update, etc)

- [ ] Test, docs, adr added or updated as needed
- [ ] [Contributor
Guide](https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md)
followed

chore(deps): update prometheus-stack to v65.3.1 (#920)

This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[kube-prometheus-stack](https://redirect.github.com/prometheus-operator/kube-prometheus)
([source](https://redirect.github.com/prometheus-community/helm-charts))
| minor | `65.2.0` -> `65.3.1` |

---

<details>
<summary>prometheus-community/helm-charts
(kube-prometheus-stack)</summary>

[`v65.3.1`](https://redirect.github.com/prometheus-community/helm-charts/releases/tag/kube-prometheus-stack-65.3.1)

[Compare
Source](https://redirect.github.com/prometheus-community/helm-charts/compare/kube-prometheus-stack-65.3.0...kube-prometheus-stack-65.3.1)

kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards,
and Prometheus rules combined with documentation and scripts to provide
easy to operate end-to-end Kubernetes cluster monitoring with Prometheus
using the Prometheus Operator.

- \[kube-prometheus-stack] fix Provision Grafana comment example by
[@&#8203;VergeDX](https://redirect.github.com/VergeDX) in
[https://github.com/prometheus-community/helm-charts/pull/4919](https://redirect.github.com/prometheus-community/helm-charts/pull/4919)

- [@&#8203;VergeDX](https://redirect.github.com/VergeDX) made their
first contribution in
[https://github.com/prometheus-community/helm-charts/pull/4919](https://redirect.github.com/prometheus-community/helm-charts/pull/4919)

**Full Changelog**:
prometheus-community/helm-charts@prometheus-operator-admission-webhook-0.16.0...kube-prometheus-stack-65.3.1

[`v65.3.0`](https://redirect.github.com/prometheus-community/helm-charts/releases/tag/kube-prometheus-stack-65.3.0)

[Compare
Source](https://redirect.github.com/prometheus-community/helm-charts/compare/kube-prometheus-stack-65.2.0...kube-prometheus-stack-65.3.0)

kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards,
and Prometheus rules combined with documentation and scripts to provide
easy to operate end-to-end Kubernetes cluster monitoring with Prometheus
using the Prometheus Operator.

- \[kube-prometheus-stack] support kubelet endpoint slices by
[@&#8203;DrFaust92](https://redirect.github.com/DrFaust92) in
[https://github.com/prometheus-community/helm-charts/pull/4899](https://redirect.github.com/prometheus-community/helm-charts/pull/4899)

**Full Changelog**:
prometheus-community/helm-charts@prometheus-mongodb-exporter-3.7.2...kube-prometheus-stack-65.3.0

</details>

---

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/defenseunicorns/uds-core).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4xMjAuMSIsInVwZGF0ZWRJblZlciI6IjM4LjEyMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Chance <139784371+UnicornChance@users.noreply.github.com>

chore: add nightly testing for AKS (#908)

Adds nightly testing for uds-core on AKS

Callouts:
- Removes `nightly-testing.yaml` in favor of a single workflow for each
distribution
- Deploys storage account and containers for velero and loki and
configures uds-core to use them
- Deploys postgresql database and configures grafana to use it for HA
configuration
- adds `uds-config.tf` file and writes `uds-config.yaml` using terraform
`local_sensitive_file` instead of `tf output xyz >> uds-config.yaml`
pattern used in the past

Fixes:
  - #727
  - #856

- [ ] Bug fix (non-breaking change which fixes an issue)
- [x] New feature (non-breaking change which adds functionality)
- [ ] Other (security config, docs update, etc)

- [x] Test, docs, adr added or updated as needed
- [ ] [Contributor
Guide](https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md)
followed

---------

Co-authored-by: Micah Nagel <micah.nagel@defenseunicorns.com>

chore: add local lula compose task (#892)

Created a local task to run Lula Compose.

Due to the structure of UDS Core there are several oscal-component.yaml
under src/service-name with a top level oscal-component.yaml in the
./compliance directory.

To create a single holistic artifact that can be used as a deliverable
and the source of truth/tested artifact we need a way to run `lula tools
compose -f ./compliance/oscal-component.yaml`

The task will likely stay local as opposed to moving into UDS Common
because the functionality of the monorepo. This could be change in the
future as more scenarios unfold but can be easily ported.

Relates to #798

- [ ] Bug fix (non-breaking change which fixes an issue)
- [x] New feature (non-breaking change which adds functionality)
- [ ] Other (security config, docs update, etc)

- [x] Test, docs, adr added or updated as needed
- [x] [Contributor
Guide](https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md)
followed

chore: group vscode/settings.json with support-deps (#933)

Add .vscode/settings.json to support-deps renovate for capturing uds-cli
version changes.

- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [x] Other (security config, docs update, etc)

- [x] Test, docs, adr added or updated as needed
- [x] [Contributor
Guide](https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md)
followed

chore: add e2e playwright tests for grafana (#844)

Adds e2e testing structure and specific e2e test for Grafana using
playwright. This test:
- Validates existence and successful connection to datasources (Loki and
Prometheus)
- Validates two custom dashboards exist and dropdowns populate for ns
selection (resources and loki quicksearch)
- Validates SSO login success

Fixes #764

- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [x] Other (security config, docs update, etc)

- [x] Test, docs, adr added or updated as needed
- [x] [Contributor
Guide](https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md)
followed

fix: merge main and add single package test
mjnagel pushed a commit that referenced this pull request Oct 18, 2024
🤖 I have created a release *beep* *boop*
---


##
[0.29.1](v0.29.0...v0.29.1)
(2024-10-18)


### Bug Fixes

* adr link in func layers doc
([#903](#903))
([c42ccf8](c42ccf8))
* codespell config
([#934](#934))
([73eb385](73eb385))
* decompose istio oscal
([#826](#826))
([83c6ae5](83c6ae5))
* don't add duplicate policy names to `uds-core.pepr.dev/mutated`
annotation
([#916](#916))
([99d1c83](99d1c83))
* istio proxy exiting early when Pod has restart policy
([#914](#914))
([f87e3d4](f87e3d4))
* release-please for aks
([#941](#941))
([5c77285](5c77285))
* test ci license check
([#924](#924))
([c5b1d54](c5b1d54))


### Miscellaneous

* add e2e playwright tests for grafana
([#844](#844))
([1af5a8f](1af5a8f))
* add local lula compose task
([#892](#892))
([075b519](075b519))
* add nightly testing for AKS
([#908](#908))
([105aea6](105aea6))
* add playwright deps to support-deps renovate
([#937](#937))
([94655cd](94655cd))
* **deps:** revert pepr to 0.37.2
([#940](#940))
([3317bbe](3317bbe))
* **deps:** update grafana helm chart to v8.5.5
([#905](#905))
([ca9a485](ca9a485))
* **deps:** update pepr to v0.38.0
([#870](#870))
([de8419c](de8419c))
* **deps:** update pepr to v0.38.0
([#915](#915))
([6fe4e57](6fe4e57))
* **deps:** update pepr to v0.38.1
([#922](#922))
([3c5d341](3c5d341))
* **deps:** update prometheus-stack
([#863](#863))
([d3f03b4](d3f03b4))
* **deps:** update prometheus-stack to v65.3.1
([#920](#920))
([0b80107](0b80107))
* **deps:** update runtime to v0.6.1
([#910](#910))
([be63105](be63105))
* **deps:** update support dependencies to v0.192.0
([#906](#906))
([8dfd362](8dfd362))
* **deps:** update support-deps
([#898](#898))
([380af83](380af83))
* **deps:** update support-deps
([#912](#912))
([bf23a89](bf23a89))
* **docs:** custom resource docs generation
([#902](#902))
([e73597d](e73597d))
* ensure http2 watch config is used by internal exemption watch
([#909](#909))
([25bfd59](25bfd59))
* group setup action in support deps
([#930](#930))
([d0a0123](d0a0123))
* group vscode/settings.json with support-deps
([#933](#933))
([81e41d8](81e41d8))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Decompose Istio OSCAL into OSCAL and validations
2 participants