From b0893889de608b16aa82d933b830d2a44f1305da Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 13 Jan 2025 03:00:28 +0000 Subject: [PATCH 1/2] chore(deps): update kubewarden/github-actions action to v3.4.4 --- .github/workflows/release.yml | 4 ++-- .github/workflows/tests.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b6bb896..00e1d1d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,7 +11,7 @@ jobs: test: name: run tests and linters - uses: kubewarden/github-actions/.github/workflows/reusable-test-policy-rust.yml@v3.3.5 + uses: kubewarden/github-actions/.github/workflows/reusable-test-policy-rust.yml@v3.4.4 release: needs: test @@ -22,7 +22,7 @@ jobs: # Required by cosign keyless signing id-token: write - uses: kubewarden/github-actions/.github/workflows/reusable-release-policy-rust.yml@v3.3.5 + uses: kubewarden/github-actions/.github/workflows/reusable-release-policy-rust.yml@v3.4.4 with: oci-target: ghcr.io/${{ github.repository_owner }}/policies/allow-privilege-escalation-psp diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index c826cbd..c7cf03e 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -5,4 +5,4 @@ name: Continuous integration jobs: test: name: run tests and linters - uses: kubewarden/github-actions/.github/workflows/reusable-test-policy-rust.yml@v3.3.5 + uses: kubewarden/github-actions/.github/workflows/reusable-test-policy-rust.yml@v3.4.4 From 2978118e90f2dd452acb566924d4f1787c3f54f7 Mon Sep 17 00:00:00 2001 From: Flavio Castelli Date: Tue, 14 Jan 2025 09:37:02 +0100 Subject: [PATCH 2/2] chore: fix clippy warning Address new warning raised by latest version of clippy Signed-off-by: Flavio Castelli --- src/lib.rs | 8 +++----- src/settings.rs | 3 +-- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/src/lib.rs b/src/lib.rs index 723e6d1..15a5457 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -93,11 +93,9 @@ fn validate(payload: &[u8]) -> CallResult { fn has_allowed_privilege_escalation_container(containers: Vec) -> bool { containers.into_iter().any(|container| { - container - .security_context - .map_or(false, |security_context| { - security_context.allow_privilege_escalation.unwrap_or(false) - }) + container.security_context.is_some_and(|security_context| { + security_context.allow_privilege_escalation.unwrap_or(false) + }) }) } diff --git a/src/settings.rs b/src/settings.rs index fe8454c..4b11281 100644 --- a/src/settings.rs +++ b/src/settings.rs @@ -23,7 +23,6 @@ impl kubewarden_policy_sdk::settings::Validatable for Settings { #[cfg(test)] mod tests { use super::*; - use serde_yaml; #[test] fn test_policy_with_no_settings() -> Result<(), ()> { @@ -48,7 +47,7 @@ mod tests { let payload = "default_allow_privilege_escalation: false"; let settings = serde_yaml::from_str::(payload)?; - assert_eq!(settings.default_allow_privilege_escalation, false); + assert!(!settings.default_allow_privilege_escalation); Ok(()) } }