datree icon indicating copy to clipboard operation
datree copied to clipboard
verified publisher icon datreeio

Ensure seccomp not unconfined rule

Open Heydad-Helfer opened this issue 3 years ago • 6 comments

Added the new schema, used defs for reusability. Documentation link is still needed.

Heydad-Helfer avatar Aug 27 '22 08:08 Heydad-Helfer

@Heydad-Helfer Thank you for the PR! Do you also plan to write the docs for this rule? https://github.com/datreeio/docs

eyarz avatar Aug 28 '22 06:08 eyarz

@Heydad-Helfer Thank you for the PR! Do you also plan to write the docs for this rule? https://github.com/datreeio/docs

Hi. I can add this, but it'll take me some time. Do you want to wait on the merge until a documentation is available?

Heydad-Helfer avatar Aug 28 '22 08:08 Heydad-Helfer

NP, we can wait :) it will take us a few days to review your PR anyway...

eyarz avatar Aug 28 '22 09:08 eyarz

@Heydad-Helfer is this ready for code review?

eyarz avatar Sep 08 '22 11:09 eyarz

Hi, unfortunately not yet, as I didn't have much time to finish this. I'll work on it this weekend.

On Thu, Sep 8, 2022, 14:21 Eyar Zilberman @.***> wrote:

@Heydad-Helfer https://github.com/Heydad-Helfer is this ready for code review?

— Reply to this email directly, view it on GitHub https://github.com/datreeio/datree/pull/769#issuecomment-1240582281, or unsubscribe https://github.com/notifications/unsubscribe-auth/ALBCN376DEEUNHHW5IKKJWDV5HD4LANCNFSM57Y52RKQ . You are receiving this because you were mentioned.Message ID: @.***>

Heydad-Helfer avatar Sep 08 '22 11:09 Heydad-Helfer

@Heydad-Helfer no worries, take your time. just ping me when I should review it again :)

eyarz avatar Sep 11 '22 11:09 eyarz

@Heydad-Helfer Hey Heydad, left you some comments on your PR:)

Also, we created the docs for this rule: https://github.com/datreeio/docs/pull/89

hadar-co avatar Oct 06 '22 09:10 hadar-co

Hi. Thanks. I'll make the changes.

On Thu, Oct 6, 2022, 12:15 hadar-co @.***> wrote:

@Heydad-Helfer https://github.com/Heydad-Helfer Hey Heydad, left you some comments on your PR:)

Also, we created the docs for this rule: datreeio/docs#89 https://github.com/datreeio/docs/pull/89

— Reply to this email directly, view it on GitHub https://github.com/datreeio/datree/pull/769#issuecomment-1269651963, or unsubscribe https://github.com/notifications/unsubscribe-auth/ALBCN3ZW2AQ3TLSDYED3NITWB2KBVANCNFSM57Y52RKQ . You are receiving this because you were mentioned.Message ID: @.***>

Heydad-Helfer avatar Oct 06 '22 09:10 Heydad-Helfer

@Heydad-Helfer Thanks, just a couple of last things -

  1. I left a comment regarding some lines to add to support Deployments as well (currently the rule will only work for Pods).
  2. All of our rules have test files under pkg/policy/tests (1 passing manifest and 1 failing for each rule). Can you please add test files for your rule? They should be called 61-pass.yaml and 61-fail.yaml.

And that should be it! 🥳

hadar-co avatar Oct 09 '22 09:10 hadar-co

Hi @hadar-co , I pushed the fixes. Please review. Thanks!

Heydad-Helfer avatar Oct 19 '22 06:10 Heydad-Helfer

@Heydad-Helfer Awesome:) thanks for the PR 🤘🏽

hadar-co avatar Oct 19 '22 12:10 hadar-co