After some discussions we decided to simplify things since all that's actually needed are keyValues.
I made the changes within the existing component instead of switching to keyValue to reduce risk at this stage of the release.
rancher/rancher#31545
- Fixed issues with determining the provider when editing clusters that are still provisioning.
- Fixed empty values causing problems
- Fixed an issue where the default value wasn't getting set properly for configmaps and secrets when selecting the type and nothing else
https://github.com/rancher/rancher/issues/31023#issuecomment-784717552
if the new setting hide-local-cluster exists and is true we will hide the local cluster in the UI. this doesnt prevent api access.
additionally if the setting is true and a user attempts to navigate directly to a cluster or project route we will redirect them to the authenticated index route which redirects to global admin.
rancher/rancher#29325
There are changes required for the ember upgrade but additional changes
for individual libs are also present. Commit has been squashed, see
individual commits if needed.
There are a bunch of HBS changes as well. These are to deal with a
couple new rules and there impact is low. The button one has bitten us a
few time so this seemed great to add IMO.
update ember 3.12.4
ember 3.13
fixes for new eslint rules
ember 3.13->3.14
ember3.14->3.16
ember3.16->3.20
3.20 lint rules
yarn upgrade
update ember-optional-feature
update deps that can go to patch versions
upgrade major versions that are possible
update ansi_up
only reset term var if we're not destroying
prevents new ember 'same computation' error
update async
upgrade dot-object
new-catalog - add set to deal with new warning
marked-down - drop call into next to ensure its called at the correct time
upgrade ember-assign
update ember-cli-clipboard
remove unused & deprecated ember-cli-release
remove unused drag-drop lib
use set on tracked prop
update ember-flatpickr && cli-test-loader
upgrade ember-href-to
update filesaver
update liquid-fire and ipaddr
upgrade jsondiffpatch
upgrade marked
upgrade semver
update xterm
Update ember-basic-dropdown
the library has changed quite a bit and no longer provides an addon for the content-item where we handling the click event to close the dropdown,
thus click events must be added manually to the items being clicked to close the dropdown.
udpate dompurify
fix page header project styles
Bump ember api store, remove npm-run-all
Autofix button types from hbs linting
this change looks large but only adds `type` button to any buttons that dont have a type, which should help to reduce weird side effects
more hbs lint changes for no-negate-condition
turned off a couple rules that could be too much to test right now
error handler
wip - dev for aws cloud creds
wip - refactor aws login
wip - kms key
wip - encrypt secrets
wip - private access & vpcs
wip - translations and formatting
wip - more cleanup
remove unneeded code
wip - node groups
add ability to disable value label
fix double import, fix double negative disable add button and expose
addbuttonenabled
clean up public access and node groups
cleanup variable names and default config
eks regions
wip - eks v2 select
differentiate v1/2 amazon eks providers
clean up node groups, translations
unionize top errors
Consolidate aws util statics
WIP - Import/Cloud Creds
tweak cloud cred events for eks driver
WIP new import selector
drop unneeded variables eks import
kms keys cleanup
allow user to enter if the kms keys call fails
firefox styles
drop vpc selection and group subnets by vpcs
import cluster name input if allClusters fails to load from eks
make eks import a bit more dynamic
fix bug in driver eks for default subnet
more imported cleanup
eks v2 edit
eks v2 vendors
remove use cloud creds temp branchs
push current version to version choices if it doesnt exist
eks v2 rename cloudcred param
fix eks v2 versions
clean up for pr
The RunScanModal was not getting config map changes after the first
time the modal was opened. The results were getting cached. By creating
a new array each time loadAsyncConfigMap is loaded I can guarentee the
computed properties will get re-evaluated.
I also attempted to watch config maps through the project store but
unfortunately updating the data of the config map doesn't seem to
produce a websocket message. Even if the message was created I
don't think I'd be able to watch the value as I'd have to
watch a sub-object 'config.json' which has a period in it. This causes
problems with watching in ember.
rancher/rancher#26161
This now checks to see if there's and RKE template.
If there is an RKE template and the scheduleScanned is disabled
the button will be disabled unless there's an override available for
the scheduledClusterScan.enabled field.
rancher/rancher#26150
- Label change for scheduled scans
- Fixed a table rendering bug that occured due to the incorrect value
of colspan
- Disabled the alert and scheduled scan button on the cis page for
windows clusters
- Fixed an issues where two scans couldnt run at the same time due
to a profile not being defined for a second run scan modal.
rancher/rancher#26009rancher/rancher#26021rancher/rancher#25987rancher/rancher#25983
We are going to add a section beneath the profile selector of the run
scan modal. This section is responsible for informing the user of which
tests will not be run and why.
There will be two subsections Not Applicable and Skipped tests.
Skipped tests will only be shown for permissive profiles since
hardened tests shouldn't skip anything.
rancher/rancher#25961
- Added a Snapshot Now button to the top of the table
- Added a Restore Snapshot option to the actions of each row which will
select the current row when opening the modal
rancher/rancher#25511
- Make table sorting work with scheduled scans
- Make the cis table fit on laptop screen
- Add an appropriate placeholder for the scheduled scans cron field
rancher/rancher#25937rancher/rancher#25939
We're removing the CIS skip button because we decided the current UX
is poort and we don't want to spend a tremendous amount of effort
making a marginally better UX in the short time we have left.
We also removed the 19 of 59 from the main CIS page as the total was
misleading and wasn't actionable.
rancher/rancher#25863
- Changed Set Alert and Set Schedule to Add Alert and Add Schedule
- Updated all references of Security Scan to CIS Scan
- Updated the CIS action buttons to have spaces on the CIS Scans page
rancher/rancher#25852
The profile helper methods were attached to the cluster model.
Unfortunately, the cluster isn't available when creating a new rke
template.
To resolve this I moved all of the cis helpers out of the cluster model
and utils and moved them into a cisHelpers service so they could be
used without access to the cluster itself.
- Added Set Alert button
- This will set the appropriate options for cis
- Added Set Schedule button
- This will scroll the settings into view
- Added a modal so profiles can be picked
This refactoring removed code duplication and
provides a more cohesive experience across all
of the pages that you can run a scan.
This will also now check and ensure the following
- there aren't running ClusterScans
- this isn't a windows cluster
- systemProject is available
- the cluster is active
- the action link is available
When the above isn't the case Run CIS Scan will not be present in
the cluster action drop downs and the Run CIS Scan but
will be disabled on the CIS Scans and CIS Scan Detail
pages.
rancher/rancher#24759rancher/rancher#25298
Improving the UX of CIS based on the feedback that was received during
the review.
- Sort scans by date so newest will be on top.
- Details should be sorted by state in Fail, Skipped, Pass order
- Add a Run CIS Scan action to the cluster menu.
When sorting CIS scan tests by number the lettered suffixes weren't
sorting properly. This adds support for sorting numbers such as
1.1.37b.
rancher/rancher#24715
We validating the security scan config appropriately when
a version was already present in the skip list. This now
ensures a version exists before verifying that it contains an array.
We were also replacing the existing skip object in the
security-scan-config which prevented us from storing
multiple versions at a time. We now extend the object
instead using the spread operator.
rancher/rancher#24733rancher/rancher#24742
When the user doesn't have access to the systemProject we just
return an empty configMap so the page can proceed without error.
We also disable the runScan button if the systemProject isn't available.
rancher/rancher#24644
If nodes have been deleted previous reports with missing nodes were
breaking. To resolve that we now only show links to nodes that we can
find.
rancher/rancher#24676
Catherine Luse
Neil MacDougall
Cody Jackson
Westly Wright
Lauren Harden
Westly Wright
Denise Schannon
Vincent Fiduccia