-
Notifications
You must be signed in to change notification settings - Fork 40
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: add support for sensor version selection by update policy
- Loading branch information
Showing
29 changed files
with
644 additions
and
43 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
# Unsafe Settings | ||
|
||
Need to flesh this out, but here are the highlights: | ||
|
||
* A K8s cluster should always match the configuration it's given and never surprise you | ||
* Configurations should be functional, in the mathematic sense: | ||
* The same config should produce the same cluster no matter where or when it's used | ||
* Image SHAs are good | ||
* They can never refer to anything other than one particular image | ||
* Image tags and version numbers are bad | ||
* What they refer to can change unknowingly | ||
* Version policies are worse | ||
* Just like above, but to a further degree | ||
* Self-adjusting resources are worse still | ||
* Just like above, but to a wider degree |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
package v1alpha1 | ||
|
||
// FalconUnsafe configures various options that go against industry practices or are otherwise not recommended for use. | ||
// Adjusting these settings may result in incorrect or undesirable behavior. Proceed at your own risk. | ||
// For more information, please see https://github.com/CrowdStrike/falcon-operator/blob/main/UNSAFE.md. | ||
type FalconUnsafe struct { | ||
// UpdatePolicy is the name of a sensor update policy configured and enabled in Falcon UI. It is ignored when Image and/or Version are set. | ||
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Admission Controller Update Policy",order=1 | ||
UpdatePolicy *string `json:"updatePolicy,omitempty"` | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,73 @@ | ||
package apitest | ||
|
||
import ( | ||
"fmt" | ||
"testing" | ||
|
||
"github.com/stretchr/testify/assert" | ||
"github.com/stretchr/testify/mock" | ||
) | ||
|
||
type Test struct { | ||
expectedOutputs []any | ||
goTest *testing.T | ||
inputs []any | ||
m *mock.Mock | ||
mockCalls []*mock.Call | ||
name string | ||
} | ||
|
||
func NewTest(name string) *Test { | ||
test := Test{ | ||
name: name, | ||
} | ||
return &test | ||
} | ||
|
||
func (test Test) AssertExpectations(outputs ...any) { | ||
test.m.AssertExpectations(test.goTest) | ||
|
||
for i, expectedValue := range test.expectedOutputs { | ||
assert.Equal(test.goTest, expectedValue, outputs[i], fmt.Sprintf("wrong value in output %d", i)) | ||
} | ||
} | ||
|
||
func (test *Test) ExpectOutputs(outputs ...any) *Test { | ||
test.expectedOutputs = outputs | ||
return test | ||
} | ||
|
||
func (test Test) GetInput(index int) any { | ||
return test.inputs[index] | ||
} | ||
|
||
func (test Test) GetStringPointerInput(index int) *string { | ||
return test.GetInput(index).(*string) | ||
} | ||
|
||
func (test Test) GetMock() *mock.Mock { | ||
return test.m | ||
} | ||
|
||
func (test Test) Run(goTest *testing.T, runner func(Test)) { | ||
test.m = &mock.Mock{} | ||
for _, call := range test.mockCalls { | ||
call.Parent = test.m | ||
} | ||
test.m.ExpectedCalls = test.mockCalls | ||
|
||
goTest.Run(test.name, func(goTest *testing.T) { | ||
test.goTest = goTest | ||
runner(test) | ||
}) | ||
} | ||
|
||
func (test *Test) WithMockCall(call *mock.Mock) *Test { | ||
test.mockCalls = append(test.mockCalls, call.ExpectedCalls...) | ||
return test | ||
} | ||
|
||
func (test *Test) WithInputs(inputs ...any) *Test { | ||
test.inputs = inputs | ||
return test | ||
} |
Oops, something went wrong.