Merge pull request #1 from kubewarden/renaming

Rename to kubewarden
kubewarden · Apr 2, 2021 · 39b95df · 39b95df
2 parents 477bc33 + 2b78ccf
commit 39b95df
Show file tree

Hide file tree

Showing 8 changed files with 36 additions and 58 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
     env:
       WASM_BINARY_NAME: psp_capabilities
-      OCI_TARGET: ghcr.io/chimera-kube/policies/psp-capabilities
+      OCI_TARGET: ghcr.io/kubewarden/policies/psp-capabilities
     steps:
       -
         name: Checkout code

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "psp-capabilities"
-version = "0.1.0"
+version = "0.1.1"
 authors = ["Flavio Castelli <[email protected]>"]
 edition = "2018"
 
@@ -9,12 +9,11 @@ crate-type = ["cdylib"]
 
 [dependencies]
 anyhow = "1.0"
-jmespatch = "0.3.0"
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
 wapc-guest = "0.4.0"
 jsonpath_lib = "0.2.6"
-chimera-kube-policy-sdk = { git = "https://github.com/chimera-kube/policy-sdk-rust.git", branch = "main" }
+kubewarden-policy-sdk = "0.1.0"
 k8s-openapi = { version = "0.11.0", features = ["v1_20"] }
 
 [dev-dependencies]

diff --git a/README.md b/README.md
@@ -1,9 +1,9 @@
 Continuous integration | License
  -----------------------|--------
-![Continuous integration](https://github.com/chimera-kube/psp-capabilities/workflows/Continuous%20integration/badge.svg) | [![License: Apache 2.0](https://img.shields.io/badge/License-Apache2.0-brightgreen.svg)](https://opensource.org/licenses/Apache-2.0)
+![Continuous integration](https://github.com/kubewarden/psp-capabilities/workflows/Continuous%20integration/badge.svg) | [![License: Apache 2.0](https://img.shields.io/badge/License-Apache2.0-brightgreen.svg)](https://opensource.org/licenses/Apache-2.0)
 
 
-This Chimera Policy is a replacement for the Kubernetes Pod Security Policy
+This Kubewarden Policy is a replacement for the Kubernetes Pod Security Policy
 that controls the usage of Containers capabilities:
 
   * [Deprecated PSP](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#capabilities)
@@ -210,9 +210,9 @@ spec:
 # Obtain policy
 
 The policy is automatically published as an OCI artifact inside of
-[this](https://github.com/orgs/chimera-kube/packages/container/package/policies%2Fpsp-capabilities)
+[this](https://github.com/orgs/kubewarden/packages/container/package/policies%2Fpsp-capabilities)
 container registry.
 
 # Using the policy
 
-The easiest way to use this policy is through the [chimera-controller](https://github.com/chimera-kube/chimera-controller).
+The easiest way to use this policy is through the [kubewarden-controller](https://github.com/kubewarden/kubewarden-controller).
diff --git a/src/lib.rs b/src/lib.rs
@@ -10,8 +10,8 @@ use mutate::patch_object;
 mod settings;
 use settings::Settings;
 
-use chimera_kube_policy_sdk::{
-    accept_request, reject_request, request::ValidationRequest, validate_settings,
+use kubewarden_policy_sdk::{
+    accept_request, mutate_request, reject_request, request::ValidationRequest, validate_settings,
 };
 
 #[no_mangle]
@@ -24,7 +24,13 @@ fn validate(payload: &[u8]) -> CallResult {
     let validation_req = ValidationRequest::<Settings>::new(payload)?;
 
     match validate_added_caps(&validation_req) {
-        Ok(()) => accept_request(patch_object(&validation_req)?),
+        Ok(()) => {
+            if let Some(patched_object) = patch_object(&validation_req)? {
+                mutate_request(&patched_object)
+            } else {
+                accept_request()
+            }
+        }
         Err(val_res) => reject_request(Some(val_res.to_string()), None),
     }
 }
@@ -34,7 +40,7 @@ mod tests {
     use super::*;
     use anyhow::Result;
 
-    use chimera_kube_policy_sdk::test::Testcase;
+    use kubewarden_policy_sdk::test::Testcase;
     use test_helpers::configuration;
 
     #[test]

diff --git a/src/mutate.rs b/src/mutate.rs
@@ -1,6 +1,6 @@
 use anyhow::{anyhow, Result};
-use chimera_kube_policy_sdk::request::ValidationRequest;
 use k8s_openapi::api::core::v1::{Capabilities, Pod, SecurityContext};
+use kubewarden_policy_sdk::request::ValidationRequest;
 use std::collections::HashSet;
 
 use crate::settings::Settings;

diff --git a/src/settings.rs b/src/settings.rs
@@ -19,7 +19,7 @@ impl Settings {
     }
 }
 
-impl chimera_kube_policy_sdk::settings::Validatable for Settings {
+impl kubewarden_policy_sdk::settings::Validatable for Settings {
     fn validate(&self) -> Result<(), String> {
         let denied: HashSet<String> = self
             .allowed_capabilities
@@ -60,7 +60,7 @@ mod tests {
     use super::*;
     use anyhow::Result;
 
-    use chimera_kube_policy_sdk::settings::Validatable;
+    use kubewarden_policy_sdk::settings::Validatable;
     use test_helpers::configuration;
 
     #[test]

diff --git a/src/validate.rs b/src/validate.rs
@@ -5,7 +5,7 @@ use crate::settings::Settings;
 
 use jsonpath_lib as jsonpath;
 
-use chimera_kube_policy_sdk::request::ValidationRequest;
+use kubewarden_policy_sdk::request::ValidationRequest;
 
 pub(crate) fn validate_added_caps(validation_req: &ValidationRequest<Settings>) -> Result<()> {
     let add_queries = vec![