Releases: kubescape/storage
Releases · kubescape/storage
Release v0.0.89
This is the first step in deprecating the NetworkNeighbors object. Next, we need to adjust the process for generating the NP using kubectl to utilize NetworkNeighborhood instead of NetworkNeighbors. This is somewhat more complex because the scope of a NetworkNeighborhood represents a replica, while the generated NP represents a workload. We'll need to determine the best way to address this. For now, I will not work on that due to time constraints.
Release v0.0.85
it requires some testing/validation
Release v0.0.79
User description
Sorry, we do not accept changes directly against this repository. Please see
CONTRIBUTING.md for information on where and how to contribute instead.
Type
enhancement
Description
- Added a new JSON artifact for the "adduser" package version 3.134 to the test data.
- This artifact includes detailed information such as package metadata, file lists with digests, license details, and more.
- Enhances the test data repository with a real-world example of package metadata for testing and development purposes.
Changes walkthrough
| Relevant files |
|---|
| Enhancement
|
artifact.jsonAdd Comprehensive JSON Artifact for "adduser" Package
pkg/apis/softwarecomposition/testdata/artifact.json
Added a comprehensive JSON artifact for "adduser" package version
3.134.
Includes detailed metadata such as package name, version, type, found
by, locations, licenses, language, CPEs, purl, and metadataType.
Contains extensive file list with paths, digests, and configuration
file flags.
Provides license information, including SPDX expressions and license
types.
|
+617/-0 |
|
✨ PR-Agent usage:
Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions
Release v0.0.76
Type
enhancement
Description
- Added support for ephemeral containers in
ApplicationProfileSpec, including JSON tags, deep copy, conversion, and OpenAPI schema definitions.
- Updated discovery logic to include ephemeral containers in workload identification and image ID collection.
- Extended
ApplicationProfileProcessor to process ephemeral containers, ensuring they are included in pre-save operations.
- Added unit tests to validate the processing of ephemeral containers.
Changes walkthrough
| Relevant files |
|---|
| Enhancement
| 8 files
types.goSupport for Ephemeral Containers in ApplicationProfileSpec
pkg/apis/softwarecomposition/types.go
Added EphemeralContainers field to ApplicationProfileSpec struct.
|
+3/-2 |
types.goAdd EphemeralContainers Field to ApplicationProfileSpec with JSON Tags
pkg/apis/softwarecomposition/v1beta1/types.go
Added EphemeralContainers field with JSON tags and patch strategies to
ApplicationProfileSpec struct.
|
+3/-0 |
zz_generated.conversion.goAutogenerated Conversion for EphemeralContainers
pkg/apis/softwarecomposition/v1beta1/zz_generated.conversion.go
Added conversion logic for EphemeralContainers between internal and
v1beta1 versions.
|
+2/-0 |
zz_generated.deepcopy.goAutogenerated DeepCopy for EphemeralContainers
pkg/apis/softwarecomposition/v1beta1/zz_generated.deepcopy.go
- Implemented deep copy logic for
EphemeralContainers.
|
+7/-0 |
zz_generated.deepcopy.goSupport DeepCopy for EphemeralContainers
pkg/apis/softwarecomposition/zz_generated.deepcopy.go
Added deep copy logic for EphemeralContainers in
ApplicationProfileSpec.
|
+7/-0 |
discovery.goDiscover Ephemeral Containers in Workloads
pkg/cleanup/discovery.go
Added logic to fetch workload identifiers from running ephemeral
containers.
Included ephemeral container image IDs in the discovery process.
|
+29/-0 |
zz_generated.openapi.goOpenAPI Schema for EphemeralContainers
pkg/generated/openapi/zz_generated.openapi.go
- Added OpenAPI schema properties for
EphemeralContainers.
|
+19/-0 |
processor.goProcess EphemeralContainers in ApplicationProfile PreSave
pkg/registry/file/processor.go
- Extended
PreSave logic to process EphemeralContainers.
|
+4/-2 |
|
| Tests
| 1 files
processor_test.goTest Processing of EphemeralContainers
pkg/registry/file/processor_test.go
- Added test cases for processing
EphemeralContainers.
|
+22/-3 |
|
✨ PR-Agent usage:
Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions
Release v0.0.75
User description
Type
enhancement, bug_fix
Description
- Introduced validation and rejection logic for status updates in both ApplicationProfile and NetworkNeighbors to prevent invalid status transitions.
- Added utility functions in
pkg/utils/validations.go for validating completion and status annotations with predefined valid values.
Changes walkthrough
| Relevant files |
|---|
| Enhancement |
strategy.goEnhance ApplicationProfile Status Update Validation
pkg/registry/softwarecomposition/applicationprofile/strategy.go
Added validation and rejection logic for status updates in
ApplicationProfile.
Prevents status transition from 'complete' to 'partial'.
Validates completion and status annotations during creation and
update.
|
+37/-2 |
strategy.goImplement NetworkNeighbors Status Update Validation
pkg/registry/softwarecomposition/networkneighbors/strategy.go
Implemented validation and rejection logic for status updates in
NetworkNeighbors.
Blocks status transition from 'complete' to 'partial'.
Validates completion and status annotations during creation and
update.
|
+38/-3 |
validations.goAdd Utility Functions for Annotations Validation
pkg/utils/validations.go
Introduced utility functions for validating completion and status
annotations.
Supports a set of predefined valid values for each annotation.
|
+32/-0 |
|
✨ PR-Agent usage:
Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions
Release v0.0.74
User description
This partly reverts commit 7461b46.
Type
enhancement
Description
- Implements storage logic for ConfigurationScanSummary and VulnerabilitySummary with custom business logic.
- Adds unit tests for new storage implementations.
- Generates clientset, conversion, and deepcopy methods for VulnerabilityManifestSummary and related types.
- Enhances informers with interfaces for VulnerabilityManifestSummary and VulnerabilitySummary.
Changes walkthrough
| Relevant files |
|---|
| Tests
| 2 files
configurationscansummarystorage_test.goAdd Unit Tests for ConfigurationScanSummaryStorage
pkg/registry/file/configurationscansummarystorage_test.go
Adds unit tests for ConfigurationScanSummaryStorage methods.
Tests cover Create, Delete, Watch, GuaranteedUpdate, Count, Get, and
GetList methods.
Validates expected errors for unsupported operations.
Checks correct behavior for Get and GetList operations.
|
+735/-0 |
vulnerabilitysummarystorage_test.goAdd Unit Tests for VulnerabilitySummaryStorage
pkg/registry/file/vulnerabilitysummarystorage_test.go
Adds unit tests for VulnerabilitySummaryStorage methods.
Tests cover Create, Delete, Watch, GuaranteedUpdate, Count, Get, and
GetList methods.
Validates expected errors for unsupported operations.
Checks correct behavior for Get and GetList operations.
|
+453/-0 |
|
| Enhancement
| 7 files
zz_generated.conversion.goGenerate Conversion Functions for VulnerabilityManifestSummary
pkg/apis/softwarecomposition/v1beta1/zz_generated.conversion.go
Adds generated conversion functions for VulnerabilityManifestSummary
and related types.
Supports conversion between internal and v1beta1 versions of
VulnerabilityManifestSummary.
|
+252/-0 |
vulnerabilitymanifestsummary.goAdd Clientset for VulnerabilityManifestSummary Resources
pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/vulnerabilitymanifestsummary.go
Adds clientset methods for VulnerabilityManifestSummary resources.
Supports operations like Create, Update, Delete, Get, List, and Watch.
|
+195/-0 |
vulnerabilitysummary.goAdd Clientset for VulnerabilitySummary Resources
pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/vulnerabilitysummary.go
Adds clientset methods for VulnerabilitySummary resources.
Supports operations like Create, Update, Delete, Get, List, and Watch.
|
+195/-0 |
configurationscansummarystorage.goImplement ConfigurationScanSummaryStorage with Custom Logic
pkg/registry/file/configurationscansummarystorage.go
Implements ConfigurationScanSummaryStorage with custom business logic.
Provides methods for unsupported operations returning errors.
Implements Get and GetList methods to generate summaries on the fly.
|
+215/-0 |
vulnerabilitysummarystorage.goImplement VulnerabilitySummaryStorage with Custom Logic
pkg/registry/file/vulnerabilitysummarystorage.go
Implements VulnerabilitySummaryStorage with custom business logic.
Provides methods for unsupported operations returning errors.
Implements Get and GetList methods to generate summaries on the fly.
|
+200/-0 |
zz_generated.deepcopy.goGenerate DeepCopy Methods for VulnerabilityManifestSummary Types
pkg/apis/softwarecomposition/v1beta1/zz_generated.deepcopy.go
Adds deep copy methods for VulnerabilityManifestSummary and related
types.
Supports deep copying of VulnerabilityManifestSummary,
VulnerabilityManifestSummaryList, and
VulnerabilityManifestSummarySpec.
|
+178/-0 |
interface.goAdd Informer Interfaces for New Vulnerability Summary Types
pkg/generated/informers/externalversions/softwarecomposition/v1beta1/interface.go
Adds informer interfaces for VulnerabilityManifestSummary and
VulnerabilitySummary.
Enables watching and listing of these resources in informers.
|
+14/-0 |
|
✨ PR-Agent usage:
Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions
Release v0.0.69
Merge pull request #99 from kubescape/panic
prevent race condition on watcher.stopped
Release v0.0.67
Type
bug_fix, enhancement
Description
- Refactored locking mechanism in
StorageImpl to use utils.MapMutex for improved concurrency handling.
- Enhanced error handling in the
Delete method to provide more informative error messages and ensure errors are returned correctly.
- Simplified the mutex implementation in
utils/mutex.go by introducing MapMutex with straightforward lock operations, removing the need for backoff strategies.
- Removed outdated tests associated with the deprecated
Mutex implementation.
Changes walkthrough
| Relevant files |
|---|
| Enhancement
|
storage.go
Refactor Lock Mechanism and Improve Error Handling in Storage
Operations
pkg/registry/file/storage.go
Changed lock mechanism from utils.Mutex to utils.MapMutex for better
concurrency handling.
Added error handling in Delete method to improve error messages and
return errors properly.
Refactored locking mechanism in various methods (Create, Delete, Get,
GetList, GuaranteedUpdate, Count, GetByNamespace,
GetClusterScopedResource, GetByCluster) to use Lock and Unlock or
RLock and RUnlock appropriately.
Added a helper function get to allow calls without locks from other
methods that already have them.
|
|
mutex.go
Simplify Mutex Implementation to Enhance Concurrency Handling
pkg/utils/mutex.go
Simplified the Mutex structure to MapMutex with a more straightforward
locking mechanism.
Removed unnecessary complexity such as backoff strategies and jitter
from the previous implementation.
Added methods Lock, RLock, RUnlock, and Unlock to the MapMutex to
support both read and write locks.
Removed the old Mutex implementation and associated customization
options.
|
|
|
| Tests
|
mutex_test.go
Remove Tests for Deprecated Mutex Implementation
pkg/utils/mutex_test.go
- Removed the entire test suite for the old
Mutex implementation.
|
|
|
✨ Usage guide:
Overview:
The describe tool scans the PR code changes, and generates a description for the PR - title, type, summary, walkthrough and labels. The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on a PR.
When commenting, to edit configurations related to the describe tool (pr_description section), use the following template:
/describe --pr_description.some_config1=... --pr_description.some_config2=...
With a configuration file, use the following template:
[pr_description]
some_config1=...
some_config2=...
Enabling\disabling automation
- When you first install the app, the default mode for the describe tool is:
pr_commands = ["/describe --pr_description.add_original_user_description=true"
"--pr_description.keep_original_user_title=true", ...]
meaning the describe tool will run automatically on every PR, will keep the original title, and will add the original user description above the generated description.
- Markers are an alternative way to control the generated description, to give maximal control to the user. If you set:
pr_commands = ["/describe --pr_description.use_description_markers=true", ...]
the tool will replace every marker of the form pr_agent:marker_name in the PR description with the relevant content, where marker_name is one of the following:
type: the PR type.summary: the PR summary.walkthrough: the PR walkthrough.
Note that when markers are enabled, if the original PR description does not contain any markers, the tool will not alter the description at all.
|
Custom labels
The default labels of the describe tool are quite generic: [Bug fix, Tests, Enhancement, Documentation, Other].
If you specify custom labels in the repo's labels page or via configuration file, you can get tailored labels for your use cases.
Examples for custom labels:
Main topic:performance - pr_agent:The main topic of this PR is performanceNew endpoint - pr_agent:A new endpoint was added in this PRSQL query - pr_agent:A new SQL query was added in this PRDockerfile changes - pr_agent:The PR contains changes in the Dockerfile- ...
The list above is eclectic, and aims to give an idea of different possibilities. Define custom labels that are relevant for your repo and use cases.
Note that Labels are not mutually exclusive, so you can add multiple label categories.
Make sure to provide proper title, and a detailed and well-phrased description for each label, so the tool will know when to suggest it.
|
Inline File Walkthrough 💎
For enhanced user experience, the describe tool can add file summaries directly to the "Files changed" tab in the PR page.
This will enable you to quickly understand the changes in each file, while reviewing the code changes (diffs).
To enable inline file summary, set pr_description.inline_file_summary in the configuration file, possible values are:
'table': File changes walkthrough table will be displayed on the top of the "Files changed" tab, in addition to the "Conversation" tab.true: A collapsable file comment with changes title and a changes summary for each file in the PR.false (default): File changes walkthrough will be added only to the "Conversation" tab.
|
Utilizing extra instructions
The describe tool can be configured with extra instructions, to guide the model to a feedback tailored to the needs of your project.
Be specific, clear, and concise in the instructions. With extra instructions, you are the prompter. Notice that the general structure of the description is fixed, and cannot be changed. Extra instructions can change the content or style of each sub-section of the PR description.
Examples for extra instructions:
[pr_description]
extra_instructions="""
- The PR title should be in the format: '<PR type>: <title>'
- The title should be short and concise (up to 10 words)
- ...
"""
Use triple quotes to write multi-line instructions. Use bullet points to make the instructions more readable.
|
More PR-Agent commands
To invoke the PR-Agent, add a comment using one of the following commands:
- /review: Request a review of your Pull Request.
- /describe: Update the PR title and description based on the contents of the PR.
- /improve [--extended]: Suggest code improvements. Extended mode provides a higher quality feedback.
- /ask <QUESTION>: Ask a question about the PR.
- /update_changelog: Update the changelog based on the PR's contents.
- /add_docs 💎: Generate docstring for new components introduced in the PR.
- /generate_labels 💎: Generate labels for the PR based on the PR's contents.
- /analyze 💎: Automatically analyzes the PR, and presents changes walkthrough for each component.
See the tools guide for more details.
To list the possible configuration parameters, add a /config comment.
|
See the describe usage page for a comprehensive guide on using this tool.
