compliance-operator

compliance-operator copied to clipboard

Remove hard-coded and extensive ClusterRoles for `compliance-operator` and `api-resource-collector`

2

## Context These were originally added as they seemed to be a mechanism to grant permissions to the multiple resources the Compliance Operator needs to access. With every new resource...

JAORMX

Update github.com/openshift/library-go digest to 24fa6b7

4

[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/openshift/library-go](https://togithub.com/openshift/library-go) | require | digest | `8211143` -> `24fa6b7` | ---...

renovate[bot]

chore(deps): update dependency go to v1.23.2

8

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [go](https://go.dev/) ([source](https://redirect.github.com/golang/go)) | toolchain | minor | `1.22.6` -> `1.23.2` | --- >...

renovate[bot]

Update kubernetes packages to v0.31.0

4

[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [k8s.io/api](https://togithub.com/kubernetes/api) | `v0.30.3` -> `v0.31.0` | [](https://docs.renovatebot.com/merge-confidence/)...

renovate[bot]

chore(deps): update golang docker tag to v1.23

4

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | golang | stage | minor | `1.22` -> `1.23` | --- > [!WARNING]...

renovate[bot]

Update github.com/openshift/api digest to 2c10e58

3

[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/openshift/api](https://togithub.com/openshift/api) | replace | digest | `7f2da4c` -> `2c10e58` | |...

renovate[bot]

CMP-2614: Implement update timestamps on ComplianceCheckResults

9

Adding the lastscanned timestamp annotation in each `complianceCheckResult`, added annotation `compliance.openshift.io/last-scanned-timestamp` with a value equal to `scan.status.StartTimestamp` example of CCR ```yaml kind: ComplianceCheckResult metadata: annotations: compliance.openshift.io/last-scanned-timestamp: "2024-08-15T04:26:11Z" compliance.openshift.io/rule: scc-limit-root-containers creationTimestamp:...

Vincent056

Fix make bundle target

5

We were not replacing openscap image reference in the csv bundle, this pr fixs that.

Vincent056

CMP-2615: Add a check aggregate to the compliance scan metadata

8

Implement a total check count as an annotation of the ComplianceScan, we will add an annotation `compliance.openshift.io/check-count` to every `compliancescan` object when a scan is in `Done` state. Noted: This...

Vincent056

Have optional result server

9

Adding a `Disabled` filed in `ScanSetting.Spec.RawResultStorage.Disabled`, defaulting to false, if setting to true we will not create a result server to store the arf report. ```yaml [vincent@node compliance-operator]$ oc get...

Vincent056