Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Show policy audit violations #3161

Merged
merged 35 commits into from
Aug 17, 2023
Merged

Show policy audit violations #3161

Show file tree
Hide file tree
Changes from 12 commits
Commits
Show all changes
35 commits
Select commit Hold shift + click to select a range
981797f
add tabs to policies list page
AsmaaNabilBakr Jul 29, 2023
5e450bc
add audit filteration and create List component
TheGostKasper Jul 31, 2023
4fc7956
Merge branch 'main' into show-policy-audit-violations
AsmaaNabilBakr Aug 2, 2023
dc9f363
push for test
AsmaaNabilBakr Aug 3, 2023
09ab325
finalize tabs
AsmaaNabilBakr Aug 3, 2023
8f430b9
Merge branch 'main' into show-policy-audit-violations
AsmaaNabilBakr Aug 3, 2023
87b554b
fix unit tests
AsmaaNabilBakr Aug 3, 2023
2d52491
show application if the app kind is 'HR'/'K'
AsmaaNabilBakr Aug 3, 2023
5082109
Merge branch 'main' of https://github.com/weaveworks/weave-gitops-ent…
TheGostKasper Aug 6, 2023
0d4d656
Merge branch 'main' into show-policy-audit-violations
AsmaaNabilBakr Aug 6, 2023
a760896
fix PR comments
AsmaaNabilBakr Aug 6, 2023
96973a0
fix policieslist tab
AsmaaNabilBakr Aug 6, 2023
5218a02
Merge branch 'main' into show-policy-audit-violations
AsmaaNabilBakr Aug 7, 2023
fcdd369
revert enabling policy-agent
TheGostKasper Aug 7, 2023
334741c
Merge branch 'show-policy-audit-violations' of https://github.com/wea…
TheGostKasper Aug 7, 2023
0b28bf9
Merge branch 'main' into show-policy-audit-violations
AsmaaNabilBakr Aug 8, 2023
65ed701
fix Sorting
AsmaaNabilBakr Aug 9, 2023
b061788
fix UI Bugs
AsmaaNabilBakr Aug 9, 2023
37b3f34
fix packages
AsmaaNabilBakr Aug 10, 2023
3880b20
fix package.json
AsmaaNabilBakr Aug 10, 2023
a080998
Merge branch 'main' into show-policy-audit-violations
AsmaaNabilBakr Aug 10, 2023
81dc0e0
fix useEffect
AsmaaNabilBakr Aug 10, 2023
e9df382
Merge branch 'main' into show-policy-audit-violations
AsmaaNabilBakr Aug 13, 2023
6001e30
fix audit table bug
AsmaaNabilBakr Aug 13, 2023
af07ab2
fix bugs
AsmaaNabilBakr Aug 15, 2023
f088630
fix audit filters
AsmaaNabilBakr Aug 15, 2023
56f4626
update audit list
AsmaaNabilBakr Aug 15, 2023
4864d0f
update packages package
AsmaaNabilBakr Aug 15, 2023
f6c43ae
Merge branch 'main' into show-policy-audit-violations
AsmaaNabilBakr Aug 15, 2023
587986c
Merge branch 'main' into show-policy-audit-violations
AsmaaNabilBakr Aug 16, 2023
e038ffe
Merge branch 'main' into show-policy-audit-violations
AsmaaNabilBakr Aug 17, 2023
13144ef
Merge branch 'main' of https://github.com/weaveworks/weave-gitops-ent…
TheGostKasper Aug 17, 2023
5a05fe6
clean up policy Audit list
TheGostKasper Aug 17, 2023
02f7c92
conditionally show table data after clear unwanted filters
TheGostKasper Aug 17, 2023
4ec473a
Merge branch 'main' into show-policy-audit-violations
AsmaaNabilBakr Aug 17, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 12 additions & 1 deletion charts/mccp/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -137,9 +137,20 @@ cluster-controller:
enabled: true

policy-agent:
enabled: false
enabled: true
enekofb marked this conversation as resolved.
Show resolved Hide resolved
config:
accountId: ""
admission:
enabled: false
sinks:
k8sEventsSink:
enabled: true
audit:
interval: 1
enabled: true
sinks:
k8sEventsSink:
enabled: true
clusterId: ""

ingress:
Expand Down
6 changes: 3 additions & 3 deletions pkg/query/configuration/objectkind.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -123,7 +123,7 @@ var (
AddToSchemeFunc: rbacv1.AddToScheme,
}

PolicyAgentEventObjectKind = ObjectKind{
PolicyAgentAuditEventObjectKind = ObjectKind{
Gvk: corev1.SchemeGroupVersion.WithKind("Event"),
NewClientObjectFunc: func() client.Object {
return &corev1.Event{}
Expand All @@ -135,7 +135,7 @@ var (
return false
}

return e.Source.Component == "policy-agent"
return e.Labels["pac.weave.works/type"] == "Audit" && e.Source.Component == "policy-agent"
},
RetentionPolicy: RetentionPolicy(24 * time.Hour),
}
Expand All @@ -150,7 +150,7 @@ var SupportedObjectKinds = []ObjectKind{
GitRepositoryObjectKind,
OCIRepositoryObjectKind,
BucketObjectKind,
PolicyAgentEventObjectKind,
PolicyAgentAuditEventObjectKind,
}

// SupportedRbacKinds list with the default supported RBAC resources.
Expand Down
176 changes: 81 additions & 95 deletions ui-cra/src/components/Clusters/index.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,19 +10,16 @@ import {
Kind,
KubeStatusIndicator,
Link,
PolicyViolationsList,
RouterTab,
SubRouterTabs,
filterByStatusCallback,
filterConfig,
statusSortHelper,
useListSources,
useListSources
} from '@weaveworks/weave-gitops';
import { Source } from '@weaveworks/weave-gitops/ui/lib/objects';
import { PageRoute } from '@weaveworks/weave-gitops/ui/lib/types';
import _ from 'lodash';
import React, { FC, useCallback, useEffect, useMemo, useState } from 'react';
import { useHistory, useRouteMatch } from 'react-router-dom';
import { useHistory } from 'react-router-dom';
import styled from 'styled-components';
import { GitProvider } from '../../api/gitauth/gitauth.pb';
import { ClusterNamespacedName } from '../../cluster-services/cluster_services.pb';
Expand Down Expand Up @@ -166,7 +163,6 @@ export const getGitRepos = (sources: Source[] | undefined) =>
const MCCP: FC<{
location: { state: { notification: NotificationData[] } };
}> = ({ location }) => {
const { path } = useRouteMatch();
const { clusters, isLoading } = useClusters();
const { setNotifications } = useNotifications();
const [selectedCluster, setSelectedCluster] =
Expand Down Expand Up @@ -392,95 +388,85 @@ const MCCP: FC<{
)}
<OpenedPullRequest />
</ActionsWrapper>
<SubRouterTabs rootPath={`${path}/list`}>
<RouterTab name="Clusters" path={`${path}/list`}>
<LoadingWrapper loading={isLoading}>
<DataTable
className="clusters-list"
key={clusters.length}
filters={initialFilterState}
rows={clusters}
fields={[
{
label: 'Select',
value: ({ name, namespace }: GitopsClusterEnriched) => (
<ClusterRowCheckbox
name={name}
namespace={namespace}
onChange={handleIndividualClick}
checked={Boolean(
selectedCluster?.name === name &&
selectedCluster?.namespace === namespace,
)}
/>
),
maxWidth: 25,
},
{
label: 'Name',
value: (c: GitopsClusterEnriched) =>
c.controlPlane === true ? (
<span data-cluster-name={c.name}>{c.name}</span>
) : (
<Link
to={`/cluster?clusterName=${c.name}&namespace=${c.namespace}`}
data-cluster-name={c.name}
>
{c.name}
</Link>
),
sortValue: ({ name }) => name,
textSearchable: true,
maxWidth: 275,
},
{
label: 'Dashboards',
value: (c: GitopsClusterEnriched) => (
<DashboardsList cluster={c} />
),
},
{
label: 'Type',
value: (c: GitopsClusterEnriched) => (
<ClusterIcon cluster={c}></ClusterIcon>
),
},
{
label: 'Namespace',
value: 'namespace',
},
{
label: 'Status',
value: (c: GitopsClusterEnriched) =>
c.conditions && c.conditions.length > 0 ? (
<KubeStatusIndicator
short
conditions={c.conditions}
/>
) : null,
sortValue: statusSortHelper,
},
{
label: 'Message',
value: (c: GitopsClusterEnriched) =>
(c.conditions && c.conditions[0]?.message) || null,
sortValue: ({ conditions }) => computeMessage(conditions),
maxWidth: 600,
},
{
label: '',
value: (c: GitopsClusterEnriched) => (
<EditButton resource={c} />
),
},
]}
/>
</LoadingWrapper>
</RouterTab>
<RouterTab name="Violations" path={`${path}/violations`}>
<PolicyViolationsList req={{}} />
</RouterTab>
</SubRouterTabs>
<LoadingWrapper loading={isLoading}>
<DataTable
className="clusters-list"
key={clusters.length}
filters={initialFilterState}
rows={clusters}
fields={[
{
label: 'Select',
value: ({ name, namespace }: GitopsClusterEnriched) => (
<ClusterRowCheckbox
name={name}
namespace={namespace}
onChange={handleIndividualClick}
checked={Boolean(
selectedCluster?.name === name &&
selectedCluster?.namespace === namespace,
)}
/>
),
maxWidth: 25,
},
{
label: 'Name',
value: (c: GitopsClusterEnriched) =>
c.controlPlane === true ? (
<span data-cluster-name={c.name}>{c.name}</span>
) : (
<Link
to={`/cluster?clusterName=${c.name}&namespace=${c.namespace}`}
data-cluster-name={c.name}
>
{c.name}
</Link>
),
sortValue: ({ name }) => name,
textSearchable: true,
maxWidth: 275,
},
{
label: 'Dashboards',
value: (c: GitopsClusterEnriched) => (
<DashboardsList cluster={c} />
),
},
{
label: 'Type',
value: (c: GitopsClusterEnriched) => (
<ClusterIcon cluster={c}></ClusterIcon>
),
},
{
label: 'Namespace',
value: 'namespace',
},
{
label: 'Status',
value: (c: GitopsClusterEnriched) =>
c.conditions && c.conditions.length > 0 ? (
<KubeStatusIndicator short conditions={c.conditions} />
) : null,
sortValue: statusSortHelper,
},
{
label: 'Message',
value: (c: GitopsClusterEnriched) =>
(c.conditions && c.conditions[0]?.message) || null,
sortValue: ({ conditions }) => computeMessage(conditions),
maxWidth: 600,
},
{
label: '',
value: (c: GitopsClusterEnriched) => (
<EditButton resource={c} />
),
},
]}
/>
</LoadingWrapper>
</NotificationsWrapper>
</CallbackStateContextProvider>
</Page>
Expand Down
Loading