chore(deps): bump Conftest from v0.28.2 to v0.30.0 (#964)

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
aquasecurity · Feb 16, 2022 · 9798d05 · 9798d05
1 parent a999053
commit 9798d05
Show file tree

Hide file tree

Showing 8 changed files with 25 additions and 25 deletions.
diff --git a/deploy/helm/values.yaml b/deploy/helm/values.yaml
@@ -372,7 +372,7 @@ conftest:
   createConfig: true
 
   # imageRef the image reference
-  imageRef: docker.io/openpolicyagent/conftest:v0.28.2
+  imageRef: docker.io/openpolicyagent/conftest:v0.30.0
 
   # resources resource requests and limits
   resources:

diff --git a/docs/design/design_associating_rego_policies_with_k8s_resources.md b/docs/design/design_associating_rego_policies_with_k8s_resources.md
@@ -50,7 +50,7 @@ metadata:
   namespace: starboard-operator
   name: starboard-conftest-config
 data:
-  conftest.imageRef: openpolicyagent/conftest:v0.28.2
+  conftest.imageRef: openpolicyagent/conftest:v0.30.0
   conftest.resources.requests.cpu: 50
   conftest.resources.requests.memory: 50M
   conftest.resources.limits.cpu: 300m
@@ -84,7 +84,7 @@ metadata:
     # Introduce a way to version configuration schema.
     starboard.plugin.config.version: "v2"
 data:
-  conftest.imageRef: openpolicyagent/conftest:v0.28.2
+  conftest.imageRef: openpolicyagent/conftest:v0.30.0
   conftest.resources.requests.cpu: 50
   conftest.resources.requests.memory: 50M
   conftest.resources.limits.cpu: 300m

diff --git a/docs/integrations/config-checkers/conftest.md b/docs/integrations/config-checkers/conftest.md
@@ -64,7 +64,7 @@ STARBOARD_NAMESPACE=<starboard_namespace>
 ```
 ```
 kubectl create configmap starboard-conftest-config --namespace $STARBOARD_NAMESPACE \
-  --from-literal=conftest.imageRef=openpolicyagent/conftest:v0.28.2 \
+  --from-literal=conftest.imageRef=openpolicyagent/conftest:v0.30.0 \
   --from-file=conftest.library.kubernetes.rego=kubernetes/lib/kubernetes.rego \
   --from-file=conftest.library.utils.rego=kubernetes/lib/utils.rego \
   --from-file=conftest.policy.file_system_not_read_only.rego=kubernetes/policies/general/file_system_not_read_only.rego \
@@ -160,15 +160,15 @@ report:
 
 ## Settings
 
-| CONFIGMAP KEY                        | DEFAULT                                      | DESCRIPTION |
-| ------------------------------------ | -------------------------------------------- | ----------- |
-| `conftest.imageRef`                  | `docker.io/openpolicyagent/conftest:v0.28.2` | Conftest image reference |
-| `conftest.resources.requests.cpu`    | `50m`                                        | The minimum amount of CPU required to run Conftest scanner pod. |
-| `conftest.resources.requests.memory` | `50M`                                        | The minimum amount of memory required to run Conftest scanner pod. |
-| `conftest.resources.limits.cpu`      | `300m`                                       | The maximum amount of CPU allowed to run Conftest scanner pod. |
-| `conftest.resources.limits.memory`   | `300M`                                       | The maximum amount of memory allowed to run Conftest scanner pod. |
-| `conftest.library.<name>.rego`       | N/A                                          | Rego library with helper functions |
-| `conftest.policy.<name>.rego`        | N/A                                          | Rego policy with the specified name |
+| CONFIGMAP KEY                        | DEFAULT                                      | DESCRIPTION                                                                                                                                                                               |
+|--------------------------------------|----------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `conftest.imageRef`                  | `docker.io/openpolicyagent/conftest:v0.30.0` | Conftest image reference                                                                                                                                                                  |
+| `conftest.resources.requests.cpu`    | `50m`                                        | The minimum amount of CPU required to run Conftest scanner pod.                                                                                                                           |
+| `conftest.resources.requests.memory` | `50M`                                        | The minimum amount of memory required to run Conftest scanner pod.                                                                                                                        |
+| `conftest.resources.limits.cpu`      | `300m`                                       | The maximum amount of CPU allowed to run Conftest scanner pod.                                                                                                                            |
+| `conftest.resources.limits.memory`   | `300M`                                       | The maximum amount of memory allowed to run Conftest scanner pod.                                                                                                                         |
+| `conftest.library.<name>.rego`       | N/A                                          | Rego library with helper functions                                                                                                                                                        |
+| `conftest.policy.<name>.rego`        | N/A                                          | Rego policy with the specified name                                                                                                                                                       |
 | `conftest.policy.<name>.kinds`       | N/A                                          | A comma-separated list of Kubernetes kinds applicable to the policy with a given name. You can use `Workload` or `*` as special kinds to represent any Kubernetes workload or any object. |
 
 [Open Policy Agent]: https://www.openpolicyagent.org

diff --git a/itest/matcher/matcher.go b/itest/matcher/matcher.go
@@ -32,7 +32,7 @@ var (
 	conftestScanner = v1alpha1.Scanner{
 		Name:    "Conftest",
 		Vendor:  "Open Policy Agent",
-		Version: "v0.28.2",
+		Version: "v0.30.0",
 	}
 )
 

diff --git a/itest/starboard-operator/configauditreport/conftest/suite_test.go b/itest/starboard-operator/configauditreport/conftest/suite_test.go
@@ -99,7 +99,7 @@ var _ = BeforeSuite(func() {
 		},
 		Data: map[string]string{
 			"configAuditReports.scanner": "Conftest",
-			"conftest.imageRef":          "docker.io/openpolicyagent/conftest:v0.28.2",
+			"conftest.imageRef":          "docker.io/openpolicyagent/conftest:v0.30.0",
 		},
 	}
 	err = kubeClient.Create(context.Background(), starboardCM)
@@ -111,7 +111,7 @@ var _ = BeforeSuite(func() {
 			Name:      starboard.GetPluginConfigMapName("Conftest"),
 		},
 		Data: map[string]string{
-			"conftest.imageRef": "docker.io/openpolicyagent/conftest:v0.28.2",
+			"conftest.imageRef": "docker.io/openpolicyagent/conftest:v0.30.0",
 
 			"conftest.policy.runs_as_root.rego":              runAsRootPolicy,
 			"conftest.policy.runs_as_root.kinds":             "Workload",

diff --git a/itest/starboard/suite_test.go b/itest/starboard/suite_test.go
@@ -47,7 +47,7 @@ var (
 			Namespace: "starboard",
 		},
 		Data: map[string]string{
-			"conftest.imageRef":                  "docker.io/openpolicyagent/conftest:v0.28.2",
+			"conftest.imageRef":                  "docker.io/openpolicyagent/conftest:v0.30.0",
 			"conftest.policy.runs_as_root.kinds": "Workload",
 			"conftest.policy.runs_as_root.rego": `
 	package main

diff --git a/pkg/plugin/conftest/plugin.go b/pkg/plugin/conftest/plugin.go
@@ -221,7 +221,7 @@ func (p *plugin) IsApplicable(ctx starboard.PluginContext, obj client.Object) (b
 func (p *plugin) Init(ctx starboard.PluginContext) error {
 	return ctx.EnsureConfig(starboard.PluginConfig{
 		Data: map[string]string{
-			keyImageRef:                "openpolicyagent/conftest:v0.28.2",
+			keyImageRef:                "openpolicyagent/conftest:v0.30.0",
 			keyResourcesRequestsCPU:    "50m",
 			keyResourcesRequestsMemory: "50M",
 			keyResourcesLimitsCPU:      "300m",

diff --git a/pkg/plugin/conftest/plugin_test.go b/pkg/plugin/conftest/plugin_test.go
@@ -178,7 +178,7 @@ func TestPlugin_IsApplicable(t *testing.T) {
 		{
 			name: "Should return false if there are no policies",
 			configData: map[string]string{
-				"conftest.imageRef": "openpolicyagent/conftest:v0.28.2",
+				"conftest.imageRef": "openpolicyagent/conftest:v0.30.0",
 			},
 			obj: &corev1.Pod{
 				TypeMeta: metav1.TypeMeta{
@@ -191,7 +191,7 @@ func TestPlugin_IsApplicable(t *testing.T) {
 		{
 			name: "Should return true if there is at least one policy",
 			configData: map[string]string{
-				"conftest.imageRef":                "openpolicyagent/conftest:v0.28.2",
+				"conftest.imageRef":                "openpolicyagent/conftest:v0.30.0",
 				"conftest.policy.kubernetes.kinds": "Pod",
 				"conftest.policy.kubernetes.rego": `package main
 
@@ -285,7 +285,7 @@ func TestPlugin_Init(t *testing.T) {
 				ResourceVersion: "1",
 			},
 			Data: map[string]string{
-				"conftest.imageRef":                  "openpolicyagent/conftest:v0.28.2",
+				"conftest.imageRef":                  "openpolicyagent/conftest:v0.30.0",
 				"conftest.resources.requests.cpu":    "50m",
 				"conftest.resources.requests.memory": "50M",
 				"conftest.resources.limits.cpu":      "300m",
@@ -305,7 +305,7 @@ func TestPlugin_Init(t *testing.T) {
 					ResourceVersion: "0",
 				},
 				Data: map[string]string{
-					"conftest.imageRef": "openpolicyagent/conftest:v0.28.2",
+					"conftest.imageRef": "openpolicyagent/conftest:v0.30.0",
 				},
 			}).Build()
 
@@ -337,7 +337,7 @@ func TestPlugin_Init(t *testing.T) {
 				ResourceVersion: "0",
 			},
 			Data: map[string]string{
-				"conftest.imageRef": "openpolicyagent/conftest:v0.28.2",
+				"conftest.imageRef": "openpolicyagent/conftest:v0.30.0",
 			},
 		}))
 	})
@@ -607,7 +607,7 @@ func TestPlugin_ParseConfigAuditReportData(t *testing.T) {
 				Namespace: "starboard-ns",
 			},
 			Data: map[string]string{
-				"conftest.imageRef": "openpolicyagent/conftest:v0.28.2",
+				"conftest.imageRef": "openpolicyagent/conftest:v0.30.0",
 			},
 		}).Build()).
 		Get()
@@ -628,7 +628,7 @@ func TestPlugin_ParseConfigAuditReportData(t *testing.T) {
 		"Scanner": Equal(v1alpha1.Scanner{
 			Name:    "Conftest",
 			Vendor:  "Open Policy Agent",
-			Version: "v0.28.2",
+			Version: "v0.30.0",
 		}),
 		"Summary": Equal(v1alpha1.ConfigAuditSummary{
 			DangerCount:  6,