Merge pull request #54 from viccuad/main

fix: Update rules with correct apiGroups

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "capabilities-psp"
-version = "0.1.14"
+version = "0.1.15"
 authors = ["Flavio Castelli <[email protected]>"]
 edition = "2018"
 

artifacthub-pkg.yml

@@ -4,34 +4,34 @@
 #
 # This config can be saved to its default location with:
 #   kwctl scaffold artifacthub > artifacthub-pkg.yml 
-version: 0.1.14
+version: 0.1.15
 name: capabilities-psp
 displayName: Capabilities PSP
-createdAt: 2023-11-29T15:59:18.74914057Z
+createdAt: 2024-01-16T13:13:41.907494337Z
 description: Replacement for the Kubernetes Pod Security Policy that controls the usage of capabilities
 license: Apache-2.0
 homeURL: https://github.com/kubewarden/capabilities-psp-policy
 containersImages:
 - name: policy
-  image: ghcr.io/kubewarden/policies/capabilities-psp:v0.1.14
+  image: ghcr.io/kubewarden/policies/capabilities-psp:v0.1.15
 keywords:
 - psp
 - container
 - capability
 - capabilities
 links:
 - name: policy
-  url: https://github.com/kubewarden/capabilities-psp-policy/releases/download/v0.1.14/policy.wasm
+  url: https://github.com/kubewarden/capabilities-psp-policy/releases/download/v0.1.15/policy.wasm
 - name: source
   url: https://github.com/kubewarden/capabilities-psp-policy
 install: |
   The policy can be obtained using [`kwctl`](https://github.com/kubewarden/kwctl):
   ```console
-  kwctl pull ghcr.io/kubewarden/policies/capabilities-psp:v0.1.14
+  kwctl pull ghcr.io/kubewarden/policies/capabilities-psp:v0.1.15
   ```
   Then, generate the policy manifest and tune it to your liking. For example:
   ```console
-  kwctl scaffold manifest -t ClusterAdmissionPolicy registry://ghcr.io/kubewarden/policies/capabilities-psp:v0.1.14
+  kwctl scaffold manifest -t ClusterAdmissionPolicy registry://ghcr.io/kubewarden/policies/capabilities-psp:v0.1.15
   ```
 maintainers:
 - name: Kubewarden developers
@@ -78,12 +78,34 @@ annotations:
       - v1
       resources:
       - pods
+      operations:
+      - CREATE
+    - apiGroups:
+      - ''
+      apiVersions:
+      - v1
+      resources:
+      - replicationcontrollers
+      operations:
+      - CREATE
+      - UPDATE
+    - apiGroups:
+      - apps
+      apiVersions:
+      - v1
+      resources:
       - deployments
       - replicasets
       - statefulsets
       - daemonsets
+      operations:
+      - CREATE
+    - apiGroups:
+      - batch
+      apiVersions:
+      - v1
+      resources:
       - jobs
       - cronjobs
-      - replicationcontrollers
       operations:
       - CREATE

metadata.yml

@@ -1,17 +1,39 @@
 rules:
   - apiGroups:
-      - ''
+      - ""
     apiVersions:
       - v1
     resources:
       - pods
+    operations:
+      - CREATE
+  - apiGroups:
+      - ""
+    apiVersions:
+      - v1
+    resources:
+      - replicationcontrollers
+    operations:
+      - CREATE
+      - UPDATE
+  - apiGroups:
+      - "apps"
+    apiVersions:
+      - v1
+    resources:
       - deployments
       - replicasets
       - statefulsets
       - daemonsets
+    operations:
+      - CREATE
+  - apiGroups:
+      - "batch"
+    apiVersions:
+      - v1
+    resources:
       - jobs
       - cronjobs
-      - replicationcontrollers
     operations:
       - CREATE
 mutating: true
@@ -24,7 +46,8 @@ annotations:
   # kubewarden specific
   io.kubewarden.policy.ociUrl: ghcr.io/kubewarden/policies/capabilities-psp
   io.kubewarden.policy.title: capabilities-psp
-  io.kubewarden.policy.description: Replacement for the Kubernetes Pod Security Policy
+  io.kubewarden.policy.description:
+    Replacement for the Kubernetes Pod Security Policy
     that controls the usage of capabilities
   io.kubewarden.policy.author: Kubewarden developers <[email protected]>
   io.kubewarden.policy.url: https://github.com/kubewarden/capabilities-psp-policy