Skip to content

Commit

Permalink
feat: background audit config, severity and category annotations.
Browse files Browse the repository at this point in the history 
Updates policy metadata.yml file adding the new configuration to enabled
background audit checks and adds two new annotations used by the audit
scanner in its reports.

Signed-off-by: José Guilherme Vanz <jguilhermevanz@suse.com>
  • Loading branch information
@jvanz
jvanz committed Jul 7, 2023
1 parent e8748ed commit 3c5995b
Showing 1 changed file with 163 additions and 160 deletions.
323 changes: 163 additions & 160 deletions metadata.yml
View file
Original file line number Diff line number Diff line change
@@ -1,174 +1,177 @@
rules:
- apiGroups:
- admissionregistration.k8s.io
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- apiextensions.k8s.io
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- apiregistration.k8s.io
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- apps
apiVersions:
- v1beta1
- v1beta2
resources:
- '*'
operations:
- CREATE
- apiGroups:
- authentication.k8s.io
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- autoscaling
apiVersions:
- v2beta1
- v2beta2
resources:
- '*'
operations:
- CREATE
- apiGroups:
- batch
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- certificates.k8s.io
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- coordination.k8s.io
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- discovery.k8s.io
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- events.k8s.io
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- extensions
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- flowcontrol.apiserver.k8s.io
apiVersions:
- v1beta1
- v1beta2
resources:
- '*'
operations:
- CREATE
- apiGroups:
- networking.k8s.io
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- node.k8s.io
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- policy
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- rbac.authorization.k8s.io
apiVersions:
- v1alpha1
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- scheduling.k8s.io
apiVersions:
- v1alpha1
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- storage.k8s.io
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- admissionregistration.k8s.io
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- apiextensions.k8s.io
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- apiregistration.k8s.io
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- apps
apiVersions:
- v1beta1
- v1beta2
resources:
- '*'
operations:
- CREATE
- apiGroups:
- authentication.k8s.io
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- autoscaling
apiVersions:
- v2beta1
- v2beta2
resources:
- '*'
operations:
- CREATE
- apiGroups:
- batch
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- certificates.k8s.io
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- coordination.k8s.io
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- discovery.k8s.io
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- events.k8s.io
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- extensions
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- flowcontrol.apiserver.k8s.io
apiVersions:
- v1beta1
- v1beta2
resources:
- '*'
operations:
- CREATE
- apiGroups:
- networking.k8s.io
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- node.k8s.io
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- policy
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- rbac.authorization.k8s.io
apiVersions:
- v1alpha1
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- scheduling.k8s.io
apiVersions:
- v1alpha1
- v1beta1
resources:
- '*'
operations:
- CREATE
- apiGroups:
- storage.k8s.io
apiVersions:
- v1beta1
resources:
- '*'
operations:
- CREATE
mutating: false
contextAware: false
executionMode: kubewarden-wapc
backgroundAudit: false
annotations:
# artifacthub specific
io.artifacthub.displayName: Deprecated API Versions
io.artifacthub.resources: "*"
io.artifacthub.resources: '*'
io.artifacthub.keywords: compliance, deprecated API
io.kubewarden.policy.ociUrl: ghcr.io/kubewarden/policies/deprecated-api-versions
# rest
# kubewarden specific
io.kubewarden.policy.title: deprecated-api-versions
io.kubewarden.policy.description: Find deprecated and removed Kubernetes resources
io.kubewarden.policy.author: "Kubewarden developers <cncf-kubewarden-maintainers@lists.cncf.io>"
io.kubewarden.policy.author: Kubewarden developers <cncf-kubewarden-maintainers@lists.cncf.io>
io.kubewarden.policy.url: https://github.com/kubewarden/deprecated-api-versions
io.kubewarden.policy.source: https://github.com/kubewarden/deprecated-api-versions
io.kubewarden.policy.license: Apache-2.0
io.kubewarden.policy.category: Kubernetes API Versions
io.kubewarden.policy.severity: low

0 comments on commit 3c5995b

Please sign in to comment.