Merge pull request #40 from kubewarden/update-policy-questions

Remove MustRunAs property and replaced sequence questions for UI

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "selinux-psp"
-version = "0.1.8"
+version = "0.1.9"
 authors = ["Rafael Fernández López <[email protected]>"]
 edition = "2018"
 

artifacthub-pkg.yml

@@ -1,23 +1,23 @@
 ---
-version: 0.1.8
+version: 0.1.9
 name: selinux-psp
 displayName: Selinux PSP
-createdAt: '2023-02-28T13:14:43+00:00'
+createdAt: '2023-03-16T15:26:22+00:00'
 description: Replacement for the Kubernetes Pod Security Policy that controls the
   usage of SELinux
 license: Apache-2.0
 homeURL: https://github.com/kubewarden/selinux-psp-policy
 containersImages:
 - name: policy
-  image: ghcr.io/kubewarden/policies/selinux-psp:v0.1.8
+  image: ghcr.io/kubewarden/policies/selinux-psp:v0.1.9
 keywords:
 - psp
 - container
 - runtime
 - selinux
 links:
 - name: policy
-  url: https://github.com/kubewarden/selinux-psp-policy/releases/download/v0.1.8/policy.wasm
+  url: https://github.com/kubewarden/selinux-psp-policy/releases/download/v0.1.9/policy.wasm
 - name: source
   url: https://github.com/kubewarden/selinux-psp-policy
 provider:
@@ -63,43 +63,27 @@ annotations:
       required: false
       type: enum
       variable: rule
-    - default: []
-      description: >-
-        Contains the desired value for the `seLinuxOptions` parameter. If the pod
-        does not contain a `.securityContext`, or a
-        `.securityContext.seLinuxOptions`, then this policy acts as mutating and
-        defaults the `seLinuxOptions` attribute to the one provided in the
-        configuration. In all cases, pod containers, init container and ephemeral
-        containers `.seLinuxOptions` are checked for compatibility if they override
-        the Pod Security Context `seLinuxOptions` value.
+    - default: ''
       group: Settings
-      label: Must run as
+      label: User
       show_if: rule=MustRunAs
-      hide_input: true
-      type: sequence[
-      variable: MustRunAs
-      sequence_questions:
-        - default: ''
-          group: Settings
-          label: User
-          show_if: rule=MustRunAs
-          type: string
-          variable: user
-        - default: ''
-          group: Settings
-          label: Role
-          show_if: rule=MustRunAs
-          type: string
-          variable: role
-        - default: ''
-          group: Settings
-          label: Type
-          show_if: rule=MustRunAs
-          type: string
-          variable: type
-        - default: 0
-          group: Settings
-          label: Level
-          show_if: rule=MustRunAs
-          type: int
-          variable: level
+      type: string
+      variable: user
+    - default: ''
+      group: Settings
+      label: Role
+      show_if: rule=MustRunAs
+      type: string
+      variable: role
+    - default: ''
+      group: Settings
+      label: Type
+      show_if: rule=MustRunAs
+      type: string
+      variable: type
+    - default: ''
+      group: Settings
+      label: Level
+      show_if: rule=MustRunAs
+      type: string
+      variable: level

questions-ui.yml

@@ -26,43 +26,27 @@ questions:
   required: false
   type: enum
   variable: rule
-- default: []
-  description: >-
-    Contains the desired value for the `seLinuxOptions` parameter. If the pod
-    does not contain a `.securityContext`, or a
-    `.securityContext.seLinuxOptions`, then this policy acts as mutating and
-    defaults the `seLinuxOptions` attribute to the one provided in the
-    configuration. In all cases, pod containers, init container and ephemeral
-    containers `.seLinuxOptions` are checked for compatibility if they override
-    the Pod Security Context `seLinuxOptions` value.
+- default: ''
   group: Settings
-  label: Must run as
+  label: User
   show_if: rule=MustRunAs
-  hide_input: true
-  type: sequence[
-  variable: MustRunAs
-  sequence_questions:
-    - default: ''
-      group: Settings
-      label: User
-      show_if: rule=MustRunAs
-      type: string
-      variable: user
-    - default: ''
-      group: Settings
-      label: Role
-      show_if: rule=MustRunAs
-      type: string
-      variable: role
-    - default: ''
-      group: Settings
-      label: Type
-      show_if: rule=MustRunAs
-      type: string
-      variable: type
-    - default: 0
-      group: Settings
-      label: Level
-      show_if: rule=MustRunAs
-      type: int
-      variable: level
+  type: string
+  variable: user
+- default: ''
+  group: Settings
+  label: Role
+  show_if: rule=MustRunAs
+  type: string
+  variable: role
+- default: ''
+  group: Settings
+  label: Type
+  show_if: rule=MustRunAs
+  type: string
+  variable: type
+- default: ''
+  group: Settings
+  label: Level
+  show_if: rule=MustRunAs
+  type: string
+  variable: level

src/settings.rs

@@ -85,11 +85,7 @@ impl SELinuxLevel {
             splitted_level.next().unwrap(),
             splitted_level.next().unwrap(),
         );
-        let splitted_categories: Vec<String> = categories
-            .split(',')
-            .into_iter()
-            .map(String::from)
-            .collect();
+        let splitted_categories: Vec<String> = categories.split(',').map(String::from).collect();
         let categories_hashset = HashSet::from_iter(splitted_categories.clone().into_iter());
         Ok(SELinuxLevel {
             level: level.clone(),
@@ -100,19 +96,14 @@ impl SELinuxLevel {
     }
 }
 
-#[derive(Clone, Serialize, Deserialize, Debug)]
+#[derive(Clone, Serialize, Deserialize, Debug, Default)]
 #[serde(tag = "rule", deny_unknown_fields)]
 pub(crate) enum ExternalSettings {
     MustRunAs(SELinuxOptionsExternal),
+    #[default]
     RunAsAny,
 }
 
-impl Default for ExternalSettings {
-    fn default() -> ExternalSettings {
-        ExternalSettings::RunAsAny
-    }
-}
-
 #[derive(Clone, Debug)]
 pub(crate) enum Settings {
     MustRunAs(SELinuxOptions),