There are changes required for the ember upgrade but additional changes
for individual libs are also present. Commit has been squashed, see
individual commits if needed.
There are a bunch of HBS changes as well. These are to deal with a
couple new rules and there impact is low. The button one has bitten us a
few time so this seemed great to add IMO.
update ember 3.12.4
ember 3.13
fixes for new eslint rules
ember 3.13->3.14
ember3.14->3.16
ember3.16->3.20
3.20 lint rules
yarn upgrade
update ember-optional-feature
update deps that can go to patch versions
upgrade major versions that are possible
update ansi_up
only reset term var if we're not destroying
prevents new ember 'same computation' error
update async
upgrade dot-object
new-catalog - add set to deal with new warning
marked-down - drop call into next to ensure its called at the correct time
upgrade ember-assign
update ember-cli-clipboard
remove unused & deprecated ember-cli-release
remove unused drag-drop lib
use set on tracked prop
update ember-flatpickr && cli-test-loader
upgrade ember-href-to
update filesaver
update liquid-fire and ipaddr
upgrade jsondiffpatch
upgrade marked
upgrade semver
update xterm
Update ember-basic-dropdown
the library has changed quite a bit and no longer provides an addon for the content-item where we handling the click event to close the dropdown,
thus click events must be added manually to the items being clicked to close the dropdown.
udpate dompurify
fix page header project styles
Bump ember api store, remove npm-run-all
Autofix button types from hbs linting
this change looks large but only adds `type` button to any buttons that dont have a type, which should help to reduce weird side effects
more hbs lint changes for no-negate-condition
turned off a couple rules that could be too much to test right now
The RunScanModal was not getting config map changes after the first
time the modal was opened. The results were getting cached. By creating
a new array each time loadAsyncConfigMap is loaded I can guarentee the
computed properties will get re-evaluated.
I also attempted to watch config maps through the project store but
unfortunately updating the data of the config map doesn't seem to
produce a websocket message. Even if the message was created I
don't think I'd be able to watch the value as I'd have to
watch a sub-object 'config.json' which has a period in it. This causes
problems with watching in ember.
rancher/rancher#26161
This now checks to see if there's and RKE template.
If there is an RKE template and the scheduleScanned is disabled
the button will be disabled unless there's an override available for
the scheduledClusterScan.enabled field.
rancher/rancher#26150
- Label change for scheduled scans
- Fixed a table rendering bug that occured due to the incorrect value
of colspan
- Disabled the alert and scheduled scan button on the cis page for
windows clusters
- Fixed an issues where two scans couldnt run at the same time due
to a profile not being defined for a second run scan modal.
rancher/rancher#26009rancher/rancher#26021rancher/rancher#25987rancher/rancher#25983
We are going to add a section beneath the profile selector of the run
scan modal. This section is responsible for informing the user of which
tests will not be run and why.
There will be two subsections Not Applicable and Skipped tests.
Skipped tests will only be shown for permissive profiles since
hardened tests shouldn't skip anything.
rancher/rancher#25961
- Make table sorting work with scheduled scans
- Make the cis table fit on laptop screen
- Add an appropriate placeholder for the scheduled scans cron field
rancher/rancher#25937rancher/rancher#25939
We're removing the CIS skip button because we decided the current UX
is poort and we don't want to spend a tremendous amount of effort
making a marginally better UX in the short time we have left.
We also removed the 19 of 59 from the main CIS page as the total was
misleading and wasn't actionable.
rancher/rancher#25863
- Changed Set Alert and Set Schedule to Add Alert and Add Schedule
- Updated all references of Security Scan to CIS Scan
- Updated the CIS action buttons to have spaces on the CIS Scans page
rancher/rancher#25852
The profile helper methods were attached to the cluster model.
Unfortunately, the cluster isn't available when creating a new rke
template.
To resolve this I moved all of the cis helpers out of the cluster model
and utils and moved them into a cisHelpers service so they could be
used without access to the cluster itself.
- Added Set Alert button
- This will set the appropriate options for cis
- Added Set Schedule button
- This will scroll the settings into view
- Added a modal so profiles can be picked
This refactoring removed code duplication and
provides a more cohesive experience across all
of the pages that you can run a scan.
This will also now check and ensure the following
- there aren't running ClusterScans
- this isn't a windows cluster
- systemProject is available
- the cluster is active
- the action link is available
When the above isn't the case Run CIS Scan will not be present in
the cluster action drop downs and the Run CIS Scan but
will be disabled on the CIS Scans and CIS Scan Detail
pages.
rancher/rancher#24759rancher/rancher#25298
Improving the UX of CIS based on the feedback that was received during
the review.
- Sort scans by date so newest will be on top.
- Details should be sorted by state in Fail, Skipped, Pass order
- Add a Run CIS Scan action to the cluster menu.
When sorting CIS scan tests by number the lettered suffixes weren't
sorting properly. This adds support for sorting numbers such as
1.1.37b.
rancher/rancher#24715
We validating the security scan config appropriately when
a version was already present in the skip list. This now
ensures a version exists before verifying that it contains an array.
We were also replacing the existing skip object in the
security-scan-config which prevented us from storing
multiple versions at a time. We now extend the object
instead using the spread operator.
rancher/rancher#24733rancher/rancher#24742
When the user doesn't have access to the systemProject we just
return an empty configMap so the page can proceed without error.
We also disable the runScan button if the systemProject isn't available.
rancher/rancher#24644
If nodes have been deleted previous reports with missing nodes were
breaking. To resolve that we now only show links to nodes that we can
find.
rancher/rancher#24676
The downloaded report now has:
- A column for passed_nodes
- A column for failed_nodes
- A column for all nodes the test ran against
- The benchmark version in the header
rancher/rancher#24671
The security-scan-config wasn't being reloaded when
navigating between clusters because the config map
was getting cached. This forces it to be reloaded.
rancher/rancher#24623
Because the scan will ignore an invalid config map I'm removing
the validation from run scan so the UI can run the scan without issue.
rancher/rancher#24496
The new API required that I pass null instead of an empty array
as the skiplist if nothing is supposed to be skipped when
running a scan.
Updated the color of the running state to info instead of success
as requested.
We provide an error notification when the security config is malformed and
the user attempts to run a scan. We also prevent the scan from running.
We also added a default sort by 'id' on the scan detail table.
rancher/rancher#24495rancher/rancher#24496
On the CIS Scans page we now show a notification which informs the user
that CIS scans are only available on RKE clusters. The notification is all that is
shown on the page since the user cannot actually run a scan or view any
scans.
rancher/rancher#24433
If the security-config map wasn't present the detail view wouldn't work
properly. To resolve this we now create a new config map if it's not
present.
rancher/rancher#24432
This will ensure the user is notified when there's a json
parsing error of their security-scan-cfg config map.
The notification will happen during page load and if
they attempt to skip/unskip.
rancher/rancher#24417
This allows the id column to sort as if the ids are versions instead of
plain strings. This allows 1.1.2 to come before 1.1.10 when sorting.
rancher/rancher#24417
Cody Jackson
Lauren Harden
Westly Wright
Denise Schannon
Vincent Fiduccia
Westly Wright