error handler
wip - dev for aws cloud creds
wip - refactor aws login
wip - kms key
wip - encrypt secrets
wip - private access & vpcs
wip - translations and formatting
wip - more cleanup
remove unneeded code
wip - node groups
add ability to disable value label
fix double import, fix double negative disable add button and expose
addbuttonenabled
clean up public access and node groups
cleanup variable names and default config
eks regions
wip - eks v2 select
differentiate v1/2 amazon eks providers
clean up node groups, translations
unionize top errors
Consolidate aws util statics
WIP - Import/Cloud Creds
tweak cloud cred events for eks driver
WIP new import selector
drop unneeded variables eks import
kms keys cleanup
allow user to enter if the kms keys call fails
firefox styles
drop vpc selection and group subnets by vpcs
import cluster name input if allClusters fails to load from eks
make eks import a bit more dynamic
fix bug in driver eks for default subnet
more imported cleanup
eks v2 edit
eks v2 vendors
remove use cloud creds temp branchs
push current version to version choices if it doesnt exist
eks v2 rename cloudcred param
fix eks v2 versions
clean up for pr
When upgrading rancher the old 1.4 cis profiles were removed which prevented
the currently selected profile for scheduled scans to be selected.
This adds a selected profile to the options if it's not present allowing the
profile to be selected by default. If a different profile is selected and saved
the option will no longer be present. This option will also not be present in
the manual run scan modal.
rancher/rancher#27867rancher/rancher#27866rancher/rancher#27374
The parameters are shown with the known keys but it's
no longer limited to only the known keys. New keys can
be added and they will be sent to the backend as long as
they have values.
rancher/rancher#27220
Enabled was being set to 'false' instead of false but this was being
masked by the execution of initScheduledClusterScan. When the
KDM values werent present initScheduledClusterScan was doing
an early exit and no longer masking the poor 'false' default value.
This will further improve the earlier solution for rancher/rancher#26996.
It appears that sometimes the cisscanconfig schema isn't present (I haven't
been able to consistently reproduce) which causes the UI to prevent the user
from saving changes to their cluster. Though I think this could be fixed
by the backend I'd like to stop the bleeding and have the UI handle this
better.
So there's two things that are here to help out.
1. I added a default value to the initial empty object just in case it never gets set
elsewhere.
2. If an exception is thrown while creating the scanConfig
we now just prevent the schedule from being set since it wouldn't work
anyway.
Either of these should allow saving to proceed.
rancher/rancher#26996
rancher/rancher#25694
add ui-banners to allowed settings
move banners to settings
refactor names on settings component
update ui-banners translation text
Adds a new service which parses version from the various cloud provider version
list. I moved this to a new service rather than use form-versions because
form-versions is already fairly complicated with how it has to deal with RKE
Templates and unknown patch versions. It was simpler, cleaner, and faster to
move the CP cluster version parsing to a service and use new select because the
versions coming down do not include unknown patch versions. Addtionally going
this route allows us to not have to test all clusters for regressions, only CP ones.
rancher/rancher#26255
I converted the enabled value back to a boolean instead of it being a string
but I forgot to switch the three disabled fields to expect a boolean.
@rancher/rancher#26245
When editing a cluster the value of scheduledClusterScan.enabled comes
back as a string rather than a boolean. I just ensure the value will be a
boolean to make sure the value is displayed on the radio buttons as
expected.
rancher/rancher#26245
The default rancherKubernetesEngineConfig is only created for new
clusters. This now creates a default upgradeStraegy object when one
doesn't exist in rancherKubernetesEngineConfig.
rancher/rancher#25951
- Label change for scheduled scans
- Fixed a table rendering bug that occured due to the incorrect value
of colspan
- Disabled the alert and scheduled scan button on the cis page for
windows clusters
- Fixed an issues where two scans couldnt run at the same time due
to a profile not being defined for a second run scan modal.
rancher/rancher#26009rancher/rancher#26021rancher/rancher#25987rancher/rancher#25983
We are going to add a section beneath the profile selector of the run
scan modal. This section is responsible for informing the user of which
tests will not be run and why.
There will be two subsections Not Applicable and Skipped tests.
Skipped tests will only be shown for permissive profiles since
hardened tests shouldn't skip anything.
rancher/rancher#25961
This will now allow KDM to drive what the benchmark options are and what
the default option is for profile selection given a kubernetes version.
The 'cisConfig' type is what we look up for this information.
rancher/rancher#25888
without the value in place when the user visited this page with only one node
when we auto select the dropdown wouldn't have an initialized value.
rancher/rancher#25966
- Make table sorting work with scheduled scans
- Make the cis table fit on laptop screen
- Add an appropriate placeholder for the scheduled scans cron field
rancher/rancher#25937rancher/rancher#25939
The profile helper methods were attached to the cluster model.
Unfortunately, the cluster isn't available when creating a new rke
template.
To resolve this I moved all of the cis helpers out of the cluster model
and utils and moved them into a cisHelpers service so they could be
used without access to the cluster itself.
- Added Set Alert button
- This will set the appropriate options for cis
- Added Set Schedule button
- This will scroll the settings into view
- Added a modal so profiles can be picked
Westly Wright
Cody Jackson
Westly Wright
Jesse Millan
loganhz
Bastian Hofmann
GGGitBoy
吴远翔
lvuch