From 14cd826561290da66519a31f408c1e2378808174 Mon Sep 17 00:00:00 2001 From: itowlson Date: Tue, 3 Dec 2019 13:13:03 +1300 Subject: [PATCH] Publish 0.0.1 (#11) --- CHANGELOG.md | 6 ++++-- README.md | 22 ++++++++++++++++++++++ package-lock.json | 6 +++--- package.json | 13 ++++++++++++- 4 files changed, 41 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 508fbea..4c05409 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,7 @@ # Change Log -## [Unreleased] +## 0.0.1 -- Initial release +* Install Open Policy Agent as an admission controller +* Deploy `.rego` files to the `opa` namespace to participate in admission control +* List policies in the Kubernetes cluster explorer without changing to the `opa` namespace diff --git a/README.md b/README.md index b557ef4..3dda0ff 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,24 @@ # Open Policy Agent for Kubernetes for VS Code +This snappily-titled extension helps you to test your Open Policy Agent policies +(`.rego` files) in a Kubernetes development cluster. It provides the following features: + +* One-click install of Open Policy Agent as an admission controller, together + with supporting configuration such as the standard 'system main' policy hook + and having it read from Kubernetes configmaps in the `opa` namespace +* While editing a `.rego` file, deploy it as a configmap in the `opa` namespace + where the Open Policy Agent will pick it up and start enforcing it +* View policies without needing to switch to the `opa` namespace and with visual + feedback on their status. + +## Notes + +**This is a very early iteration - expect some fit and finish to be missing!** For +example, you can currently see that a policy has errors but you can't see what they +are. It's all very much work in progress! + +**The deployment configuration is designed for convenience of development, not for secure deployment.** +If you're putting Open Policy Agent into production, _design deployment strategies for production_. +For example, you may want to deploy policies using bundles and servers rather than config maps. +And you certainly want to be conscious about permissions and roles. **Don't use this extension +to deploy OPA to production.** diff --git a/package-lock.json b/package-lock.json index b496130..b37e753 100644 --- a/package-lock.json +++ b/package-lock.json @@ -847,9 +847,9 @@ "dev": true }, "typescript": { - "version": "2.9.2", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-2.9.2.tgz", - "integrity": "sha512-Gr4p6nFNaoufRIY4NMdpQRNmgxVIGMs4Fcu/ujdYk3nAZqk7supzBE9idmvfZIlH/Cuj//dvi+019qEue9lV0w==", + "version": "3.7.2", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-3.7.2.tgz", + "integrity": "sha512-ml7V7JfiN2Xwvcer+XAf2csGO1bPBdRbFCkYBczNZggrBZ9c7G3riSUeJmqEU5uOtXNPMhE3n+R4FA/3YOAWOQ==", "dev": true }, "uri-js": { diff --git a/package.json b/package.json index ea3389f..3494f5d 100644 --- a/package.json +++ b/package.json @@ -3,13 +3,24 @@ "displayName": "Open Policy Agent for Kubernetes", "description": "Work with Open Policy Agent as a Kubernetes admission controller", "version": "0.0.1", + "preview": true, "publisher": "ms-kubernetes-tools", + "license": "MIT", + "repository": { + "type": "git", + "url": "https://github.com/deislabs/kubernetes-opa-vscode" + }, "engines": { "vscode": "^1.40.0" }, "categories": [ "Other" ], + "keywords": [ + "kubernetes", + "open policy agent", + "opa" + ], "activationEvents": [ "onCommand:opak8s.install", "onCommand:opak8s.deployRego", @@ -66,7 +77,7 @@ "@types/node": "^8.10.25", "@types/tmp": "^0.1.0", "tslint": "^5.8.0", - "typescript": "^2.6.1", + "typescript": "^3.7.2", "vscode": "^1.1.6" }, "extensionDependencies": [