Skip to content

Commit

Permalink
Require objectDefinition and remediationAction
Browse files Browse the repository at this point in the history
Without these fields, the policy is meaningless. When they're optional,
a ConfigurationPolicy can be created without an `objectDefinition`.
It'd be a better experience to make these required and surface the
error sooner.

ref: https://issues.redhat.com/browse/ACM-8898

Signed-off-by: Dale Haiducek <19750917+dhaiducek@users.noreply.github.com>
  • Loading branch information
dhaiducek authored and openshift-merge-bot[bot] committed Dec 5, 2023
1 parent 0f7c884 commit 2476d97
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 3 deletions.
6 changes: 3 additions & 3 deletions api/v1/configurationpolicy_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -152,8 +152,8 @@ func (e EvaluationInterval) GetNonCompliantInterval() (time.Duration, error) {

// ConfigurationPolicySpec defines the desired state of ConfigurationPolicy
type ConfigurationPolicySpec struct {
Severity Severity `json:"severity,omitempty"` // low, medium, high
RemediationAction RemediationAction `json:"remediationAction,omitempty"` // enforce, inform
Severity Severity `json:"severity,omitempty"` // low, medium, high
RemediationAction RemediationAction `json:"remediationAction"` // enforce, inform
// 'namespaceSelector' defines the list of namespaces to include/exclude for objects defined in
// spec.objectTemplates. All selector rules are ANDed. If 'include' is not provided but
// 'matchLabels' and/or 'matchExpressions' are, 'include' will behave as if ['*'] were given. If
Expand Down Expand Up @@ -186,7 +186,7 @@ type ObjectTemplate struct {

// ObjectDefinition defines required fields for the object
// +kubebuilder:pruning:PreserveUnknownFields
ObjectDefinition runtime.RawExtension `json:"objectDefinition,omitempty"`
ObjectDefinition runtime.RawExtension `json:"objectDefinition"`
}

// ConfigurationPolicyStatus defines the observed state of ConfigurationPolicy
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -163,6 +163,7 @@ spec:
x-kubernetes-preserve-unknown-fields: true
required:
- complianceType
- objectDefinition
type: object
type: array
object-templates-raw:
Expand Down Expand Up @@ -202,6 +203,8 @@ spec:
- critical
- Critical
type: string
required:
- remediationAction
type: object
status:
description: ConfigurationPolicyStatus defines the observed state of ConfigurationPolicy
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -170,6 +170,7 @@ spec:
x-kubernetes-preserve-unknown-fields: true
required:
- complianceType
- objectDefinition
type: object
type: array
object-templates-raw:
Expand Down Expand Up @@ -209,6 +210,8 @@ spec:
- critical
- Critical
type: string
required:
- remediationAction
type: object
status:
description: ConfigurationPolicyStatus defines the observed state of ConfigurationPolicy
Expand Down

0 comments on commit 2476d97

Please sign in to comment.