diff --git a/charts/policy-reporter/README.md b/charts/policy-reporter/README.md index 9cd961b9..873700b9 100644 --- a/charts/policy-reporter/README.md +++ b/charts/policy-reporter/README.md @@ -56,7 +56,7 @@ Check the [Documentation](https://kyverno.github.io/policy-reporter/guide/02-get | image.registry | string | `"ghcr.io"` | | | image.repository | string | `"kyverno/policy-reporter"` | | | image.pullPolicy | string | `"IfNotPresent"` | | -| image.tag | string | `"4d7a2e2"` | | +| image.tag | string | `"cfc4406"` | | | imagePullSecrets | list | `[]` | | | priorityClassName | string | `""` | | | replicaCount | int | `1` | | @@ -373,6 +373,7 @@ Check the [Documentation](https://kyverno.github.io/policy-reporter/guide/02-get | ui.displayMode | string | `""` | DisplayMode dark/light/colorblind/colorblinddark uses the OS configured prefered color scheme as default | | ui.customBoards | list | `[]` | Additional customizable dashboards | | ui.sources | list | `[]` | source specific configurations | +| ui.name | string | `"Default"` | | | ui.clusters | list | `[]` | Connected Policy Reporter APIs | | ui.imagePullSecrets | list | `[]` | Image pull secrets for image verification policies, this will define the `--imagePullSecrets` argument | | ui.serviceAccount.create | bool | `true` | Create ServiceAccount | diff --git a/charts/policy-reporter/configs/ui.tmpl b/charts/policy-reporter/configs/ui.tmpl index 0f3c7532..060c77fe 100644 --- a/charts/policy-reporter/configs/ui.tmpl +++ b/charts/policy-reporter/configs/ui.tmpl @@ -18,14 +18,14 @@ ui: {{- $default := false -}} {{- range .Values.ui.clusters }} - {{- if eq .name "Default" -}} + {{- if eq .name .Values.ui.name -}} {{- $default = true -}} {{- end -}} {{- end }} clusters: {{- if not $default }} - - name: Default + - name: {{ .Values.ui.name }} secretRef: {{ include "ui.fullname" . }}-default-cluster {{- end }} {{- with .Values.ui.clusters }} diff --git a/charts/policy-reporter/templates/cluster-secret.yaml b/charts/policy-reporter/templates/cluster-secret.yaml index cd0d448a..930aff23 100644 --- a/charts/policy-reporter/templates/cluster-secret.yaml +++ b/charts/policy-reporter/templates/cluster-secret.yaml @@ -11,16 +11,16 @@ metadata: {{- include "policyreporter.labels" . | nindent 4 }} type: Opaque data: + {{- $username := .Values.basicAuth.username }} + {{- $password := .Values.basicAuth.password }} host: {{ printf "http://%s:%d" (include "policyreporter.fullname" .) (.Values.service.port | int) | b64enc }} {{- if .Values.plugin.kyverno.enabled }} {{- $host := printf "http://%s:%d/api" (include "kyverno-plugin.fullname" .) (.Values.plugin.kyverno.service.port | int) }} - {{- $username := .Values.basicAuth.username }} - {{- $password := .Values.basicAuth.password }} plugin.kyverno: {{ (printf "{\"host\":\"%s\", \"name\":\"kyverno\", \"username\":\"%s\", \"password\":\"%s\"}" $host $username $password) | b64enc }} {{- end }} {{- if .Values.plugin.trivy.enabled }} - {{- $username := .Values.basicAuth.username }} - {{- $password := .Values.basicAuth.password }} {{- $host := printf "http://%s:%d/api/vulnr" (include "trivy-plugin.fullname" .) (.Values.plugin.trivy.service.port | int) }} plugin.trivy: {{ (printf "{\"host\":\"%s\", \"name\":\"Trivy Vulnerability\", \"username\":\"%s\", \"password\":\"%s\"}" $host $username $password) | b64enc }} + username: {{ $username | b64enc }} + password: {{ $password | b64enc }} {{- end }} \ No newline at end of file diff --git a/charts/policy-reporter/templates/ui/deployment.yaml b/charts/policy-reporter/templates/ui/deployment.yaml index 0895690a..86fcd21a 100644 --- a/charts/policy-reporter/templates/ui/deployment.yaml +++ b/charts/policy-reporter/templates/ui/deployment.yaml @@ -80,8 +80,8 @@ spec: {{- with .Values.ui.envVars }} {{- . | toYaml | trim | nindent 10 }} {{- end }} - {{- if .Values.sidecarContainers }} - {{- range $name, $spec := .Values.sidecarContainers }} + {{- if .Values.ui.sidecarContainers }} + {{- range $name, $spec := .Values.ui.sidecarContainers }} - name: {{ $name }} {{- if kindIs "string" $spec }} {{- tpl $spec $ | nindent 10 }} diff --git a/charts/policy-reporter/values.yaml b/charts/policy-reporter/values.yaml index 4743b81a..cf449ce8 100644 --- a/charts/policy-reporter/values.yaml +++ b/charts/policy-reporter/values.yaml @@ -11,7 +11,7 @@ image: registry: ghcr.io repository: kyverno/policy-reporter pullPolicy: IfNotPresent - tag: 4d7a2e2 + tag: cfc4406 imagePullSecrets: [] @@ -846,6 +846,9 @@ ui: # - warn # - error + ## -- Default Cluster name + name: Default + # -- Connected Policy Reporter APIs clusters: [] # - name: default diff --git a/pkg/target/ui/ui.go b/pkg/target/ui/ui.go deleted file mode 100644 index 456b5ed6..00000000 --- a/pkg/target/ui/ui.go +++ /dev/null @@ -1,49 +0,0 @@ -package ui - -import ( - "context" - - "github.com/kyverno/policy-reporter/pkg/crd/api/policyreport/v1alpha2" - "github.com/kyverno/policy-reporter/pkg/target" - "github.com/kyverno/policy-reporter/pkg/target/http" -) - -// Options to configure the Discord target -type Options struct { - target.ClientOptions - Host string - HTTPClient http.Client -} - -type client struct { - target.BaseClient - host string - client http.Client -} - -func (e *client) Send(result v1alpha2.PolicyReportResult) { - req, err := http.CreateJSONRequest("POST", e.host, http.NewJSONResult(result)) - if err != nil { - return - } - - resp, err := e.client.Do(req) - http.ProcessHTTPResponse(e.Name(), resp, err) -} - -func (e *client) CleanUp(_ context.Context, _ v1alpha2.ReportInterface) {} - -func (e *client) BatchSend(_ v1alpha2.ReportInterface, _ []v1alpha2.PolicyReportResult) {} - -func (e *client) Type() target.ClientType { - return target.SingleSend -} - -// NewClient creates a new loki.client to send Results to Elasticsearch -func NewClient(options Options) target.Client { - return &client{ - target.NewBaseClient(options.ClientOptions), - options.Host + "/api/push", - options.HTTPClient, - } -} diff --git a/pkg/target/ui/ui_test.go b/pkg/target/ui/ui_test.go deleted file mode 100644 index 192b6f3c..00000000 --- a/pkg/target/ui/ui_test.go +++ /dev/null @@ -1,77 +0,0 @@ -package ui_test - -import ( - "net/http" - "testing" - - "github.com/kyverno/policy-reporter/pkg/fixtures" - "github.com/kyverno/policy-reporter/pkg/target" - "github.com/kyverno/policy-reporter/pkg/target/ui" -) - -type testClient struct { - callback func(req *http.Request) - statusCode int -} - -func (c testClient) Do(req *http.Request) (*http.Response, error) { - c.callback(req) - - return &http.Response{ - StatusCode: c.statusCode, - }, nil -} - -func Test_UITarget(t *testing.T) { - t.Run("Send", func(t *testing.T) { - callback := func(req *http.Request) { - if contentType := req.Header.Get("Content-Type"); contentType != "application/json; charset=utf-8" { - t.Errorf("Unexpected Content-Type: %s", contentType) - } - - if agend := req.Header.Get("User-Agent"); agend != "Policy-Reporter" { - t.Errorf("Unexpected Host: %s", agend) - } - - if url := req.URL.String(); url != "http://localhost:8080/api/push" { - t.Errorf("Unexpected Host: %s", url) - } - } - - client := ui.NewClient(ui.Options{ - ClientOptions: target.ClientOptions{ - Name: "UI", - }, - Host: "http://localhost:8080", - HTTPClient: testClient{callback, 200}, - }) - client.Send(fixtures.CompleteTargetSendResult) - }) - t.Run("Name", func(t *testing.T) { - client := ui.NewClient(ui.Options{ - ClientOptions: target.ClientOptions{ - Name: "UI", - }, - Host: "http://localhost:8080", - HTTPClient: testClient{}, - }) - - if client.Name() != "UI" { - t.Errorf("Unexpected Name %s", client.Name()) - } - }) - t.Run("Request Error", func(t *testing.T) { - callback := func(req *http.Request) { - t.Fail() - } - - client := ui.NewClient(ui.Options{ - ClientOptions: target.ClientOptions{ - Name: "UI", - }, - Host: "\\localhost:8080", - HTTPClient: testClient{callback, 200}, - }) - client.Send(fixtures.CompleteTargetSendResult) - }) -}