update UI chart

Signed-off-by: Frank Jogeleit <[email protected]>

Author: fjogeleit

Makefile

@@ -18,12 +18,12 @@ TIMESTAMP           := $(shell date '+%Y-%m-%d_%I:%M:%S%p')
 GOOS                ?= $(shell go env GOOS)
 GOARCH              ?= $(shell go env GOARCH)
 REGISTRY            ?= ghcr.io
-REPO                ?= kyverno
+OWNER               ?= kyverno
 IMAGE               ?= policy-reporter
 LD_FLAGS            := -s -w -linkmode external -extldflags "-static"
 LOCAL_PLATFORM      := linux/$(GOARCH)
 PLATFORMS           := linux/arm64,linux/amd64,linux/s390x
-REPO                := $(REGISTRY)/$(REPO)/$(IMAGE)
+REPO                := $(REGISTRY)/$(OWNER)/$(IMAGE)
 COMMA               := ,
 
 ifndef VERSION

charts/policy-reporter/README.md

@@ -54,7 +54,7 @@ Check the [Documentation](https://kyverno.github.io/policy-reporter/guide/02-get
 | image.registry | string | `"ghcr.io"` |  |
 | image.repository | string | `"kyverno/policy-reporter"` |  |
 | image.pullPolicy | string | `"IfNotPresent"` |  |
-| image.tag | string | `"2.17.2"` |  |
+| image.tag | string | `"f4fa523"` |  |
 | imagePullSecrets | list | `[]` |  |
 | priorityClassName | string | `""` |  |
 | replicaCount | int | `1` |  |

charts/policy-reporter/charts/kyvernoPlugin/templates/_helpers.tpl

@@ -80,9 +80,9 @@ app.kubernetes.io/instance: {{ .Release.Name }}
 
 {{- define "kyvernoplugin.securityContext" -}}
 {{- if semverCompare "<1.19" .Capabilities.KubeVersion.Version }}
-{{ toYaml (omit .Values.securityContext "seccompProfile") }}
+{{- toYaml (omit .Values.securityContext "seccompProfile") }}
 {{- else }}
-{{ toYaml .Values.securityContext }}
+{{- toYaml .Values.securityContext }}
 {{- end }}
 {{- end }}
 

charts/policy-reporter/charts/kyvernoPlugin/templates/deployment.yaml

@@ -56,7 +56,7 @@ spec:
           image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           {{- if .Values.securityContext }}
-          securityContext: {{ include "kyvernoplugin.securityContext" . | nindent 12 }}
+          securityContext: {{- include "kyvernoplugin.securityContext" . | nindent 12 }}
           {{- end }}
           args:
             - --port={{ .Values.port.number }}

charts/policy-reporter/charts/ui/Chart.yaml

@@ -3,5 +3,5 @@ name: ui
 description: Policy Reporter UI
 
 type: application
-version: 2.10.2
-appVersion: 1.9.1
+version: 2.0.0-alpha
+appVersion: 2.0.0-alpha

charts/policy-reporter/charts/ui/README.md

@@ -1,6 +1,6 @@
 # ui
 
-![Version: 2.10.2](https://img.shields.io/badge/Version-2.10.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.9.1](https://img.shields.io/badge/AppVersion-1.9.1-informational?style=flat-square)
+![Version: 2.0.0-alpha](https://img.shields.io/badge/Version-2.0.0--alpha-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.0.0-alpha](https://img.shields.io/badge/AppVersion-2.0.0--alpha-informational?style=flat-square)
 
 Policy Reporter UI
 
@@ -14,33 +14,27 @@ Policy Reporter UI
 | image.registry | string | `"ghcr.io"` |  |
 | image.repository | string | `"kyverno/policy-reporter-ui"` |  |
 | image.pullPolicy | string | `"IfNotPresent"` |  |
-| image.tag | string | `"1.9.1"` |  |
+| image.tag | string | `"59749d3ec2f2b73aede3ed5393d9c83cc762bc2f"` |  |
 | displayMode | string | `""` |  |
-| refreshInterval | int | `10000` |  |
 | annotations | object | `{}` |  |
-| log.size | int | `200` |  |
-| views.dashboard.policyReports | bool | `true` |  |
-| views.dashboard.clusterPolicyReports | bool | `true` |  |
-| views.logs | bool | `true` |  |
-| views.policyReports | bool | `true` |  |
-| views.clusterPolicyReports | bool | `true` |  |
-| views.kyvernoPolicies | bool | `true` |  |
-| views.kyvernoVerifyImages | bool | `true` |  |
 | plugins.kyverno | bool | `false` |  |
-| clusterName | string | `""` |  |
+| clusterName | string | `"default"` |  |
 | clusters | list | `[]` |  |
 | labelFilter | list | `[]` |  |
+| defaultFilter.resources[0] | string | `"Deployment"` |  |
+| defaultFilter.resources[1] | string | `"CronJob"` |  |
+| defaultFilter.resources[2] | string | `"DaemonSet"` |  |
+| defaultFilter.resources[3] | string | `"StatefulSet"` |  |
+| defaultFilter.resources[4] | string | `"Service"` |  |
+| defaultFilter.resources[5] | string | `"Secret"` |  |
+| defaultFilter.resources[6] | string | `"ConfigMap"` |  |
+| defaultFilter.clusterResources[0] | string | `"Node"` |  |
+| defaultFilter.clusterResources[1] | string | `"Namespace"` |  |
+| logging.enabled | bool | `false` |  |
 | logging.encoding | string | `"console"` |  |
 | logging.logLevel | int | `0` |  |
 | logging.development | bool | `false` |  |
-| api.logging | bool | `false` |  |
-| api.overwriteHost | bool | `true` |  |
-| redis.enabled | bool | `false` |  |
-| redis.address | string | `""` |  |
-| redis.database | int | `0` |  |
-| redis.prefix | string | `"policy-reporter-ui"` |  |
-| redis.username | string | `""` |  |
-| redis.password | string | `""` |  |
+| server.overwriteHost | bool | `true` |  |
 | policyReporter.port | int | `8080` |  |
 | kyvernoPlugin.port | int | `8080` |  |
 | volumes | list | `[]` |  |

charts/policy-reporter/charts/ui/templates/_helpers.tpl

@@ -115,9 +115,9 @@ Create the name of the service account to use
 
 {{- define "ui.securityContext" -}}
 {{- if semverCompare "<1.19" .Capabilities.KubeVersion.Version }}
-{{ toYaml (omit .Values.securityContext "seccompProfile") }}
+{{- toYaml (omit .Values.securityContext "seccompProfile") }}
 {{- else }}
-{{ toYaml .Values.securityContext }}
+{{- toYaml .Values.securityContext }}
 {{- end }}
 {{- end }}
 
@@ -129,12 +129,3 @@ Create the name of the service account to use
     {{- .Release.Namespace -}}
 {{- end -}}
 {{- end -}}
-
-{{/* Get the namespace name. */}}
-{{- define "ui.logLevel" -}}
-{{- if .Values.api.logging -}}
--1
-{{- else -}}
-{{- .Values.logging.logLevel -}}
-{{- end -}}
-{{- end -}}

charts/policy-reporter/charts/ui/templates/config.yaml

@@ -11,42 +11,40 @@ metadata:
     {{- include "ui.labels" . | nindent 4 }}
 data:
   config.yaml: |-
-    logSize: {{ .Values.log.size }}
-    displayMode: {{ .Values.displayMode | quote }}
-    refreshInterval: {{ .Values.refreshInterval }}
-    clusterName: {{ .Values.clusterName | quote }}
-    views:
-      dashboard:
-        policyReports: {{ .Values.views.dashboard.policyReports }}
-        clusterPolicyReports: {{ .Values.views.dashboard.clusterPolicyReports }}
-      logs: {{ .Values.views.logs }}
-      policyReports: {{ .Values.views.policyReports }}
-      clusterPolicyReports: {{ .Values.views.clusterPolicyReports }}
-      kyvernoPolicies: {{ .Values.views.kyvernoPolicies }}
-      kyvernoVerifyImages: {{ .Values.views.kyvernoVerifyImages }}
-    {{- with .Values.clusters }}
     clusters:
+    - name: {{ .Values.clusterName | quote }}
+      host: http://{{ include "ui.policyReportServiceName" . }}:{{ .Values.policyReporter.port }}
+      {{- if or .Values.global.basicAuth.username .Values.global.basicAuth.secretRef }}
+      basicAuth:
+        username: {{ .Values.global.basicAuth.username }}
+        password: {{ .Values.global.basicAuth.password }}
+        secretRef: {{ .Values.global.basicAuth.secretRef }}
+      {{- end }}
+      {{- if or .Values.plugins.kyverno .Values.global.plugins.kyverno }}
+      plugins:
+      - name: kyverno
+        host: http://{{ include "ui.kyvernoPluginServiceName" . }}:{{ .Values.kyvernoPlugin.port }}
+      {{- end }}
+    {{- with .Values.clusters }}
       {{- toYaml . | nindent 4 }}
     {{- end }}
-    {{- with .Values.labelFilter }}
-    labelFilter:
-      {{- toYaml . | nindent 4 }}
-    {{- end }}
-
-    {{- with .Values.redis }}
-    redis:
-      {{- toYaml . | nindent 6 }}
-    {{- end }}
+    
+    ui:
+      {{- with .Values.labelFilter }}
+      labelFilter:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.defaultFilter }}
+      defaultFilter:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
 
     logging:
+      enabled: {{ .Values.logging.enabled }}
       encoding: {{ .Values.logging.encoding }}
-      logLevel: {{ include "ui.logLevel" . }}
+      logLevel: {{ .Values.logging.logLevel }}
       development: {{ .Values.logging.development }}
 
-    apiConfig:
-      logging: {{ .Values.api.logging }}
-      overwriteHost: {{ .Values.api.overwriteHost }}
-      basicAuth:
-        username: {{ .Values.global.basicAuth.username }}
-        password: {{ .Values.global.basicAuth.password }}
-        secretRef: {{ .Values.global.basicAuth.secretRef }}
+    server:
+      overwriteHost: {{ .Values.server.overwriteHost }}
+      mode: release

charts/policy-reporter/charts/ui/templates/deployment.yaml

@@ -46,14 +46,11 @@ spec:
           image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           {{- if .Values.securityContext }}
-          securityContext: {{ include "ui.securityContext" . | nindent 12 }}
+          securityContext: {{- include "ui.securityContext" . | nindent 12 }}
           {{- end }}
           args:
-            - -config=/app/config.yaml
-            - -policy-reporter=http://{{ include "ui.policyReportServiceName" . }}:{{ .Values.policyReporter.port }}
-            {{- if or .Values.plugins.kyverno .Values.global.plugins.kyverno }}
-            - -kyverno-plugin=http://{{ include "ui.kyvernoPluginServiceName" . }}:{{ .Values.kyvernoPlugin.port }}
-            {{- end }}
+            - run
+            - --config=/app/config.yaml
           ports:
             - name: http
               containerPort: 8080

charts/policy-reporter/charts/ui/values.yaml

@@ -9,45 +9,28 @@ image:
   registry: ghcr.io
   repository: kyverno/policy-reporter-ui
   pullPolicy: IfNotPresent
-  tag: 1.9.1
+  tag: d8a8ab2
 
 # possible default displayModes: light/dark
 displayMode: ""
 
-# default refreshInterval, set 0 to disable it
-refreshInterval: 10000
-
 # Key/value pairs that are attached to all resources.
 annotations: {}
 
-log:
-  # holds the latest 200 validation results in the UI Log
-  size: 200
-
-# enable/disable views as needed in the Policy Reporter UI
-# disabled log view will also disable the UI as push target
-views:
-  dashboard:
-    policyReports: true
-    clusterPolicyReports: true
-  logs: true
-  policyReports: true
-  clusterPolicyReports: true
-  kyvernoPolicies: true
-  kyvernoVerifyImages: true
-
 plugins:
   kyverno: false
 
 # Custom Cluster Name which is used in the ClusterSelect, if you configured additional clusters below.
-clusterName: ""
+clusterName: "default"
 
 # Attention: be sure that your APIs are not accessable for the outside world
 # Use tools like VPN, private Networks or internal Network Load Balancer to expose your APIs in a secure way to the UI
 clusters: []
 # - name: External Cluster
-#   api: https://policy-reporter.external.cluster                       # reachable external Policy Reporter REST API
-#   kyvernoApi: https://policy-reporter-kyverno-plugin.external.cluster # (optional) reachable external Policy Reporter Kyverno Plugin REST API
+#   host: https://policy-reporter.external.cluster                       # reachable external Policy Reporter REST API
+#   plugins: 
+#   - name: kyverno
+#     host: https://policy-reporter-kyverno-plugin.external.cluster     # (optional) reachable external Policy Reporter Kyverno Plugin REST API
 #   skipTLS: false
 #   certificate: "/app/certs/root.ca"
 #   secreRef: "" # name of an existing secret to read the clusterconfiguration from, supported keys: api, kyvernoApi, username, password, skipTLS, certificate
@@ -71,27 +54,29 @@ clusters: []
 # labelFilter: ["owner"]
 labelFilter: []
 
+defaultFilter:
+  resources:
+    - Deployment
+    - CronJob
+    - DaemonSet
+    - StatefulSet
+    - Service
+    - Secret
+    - ConfigMap
+  clusterResources:
+    - Node
+    - Namespace
+
 # Proxy request logging
 logging:
-  encoding: console # possible encodings are console and json
-  logLevel: 0 # default info
+  enabled: false     # enables access logging for proxy requests
+  encoding: console  # possible encodings are console and json
+  logLevel: 0        # default info
   development: false # more human readable structure, removes log sampling
 
-api:
-  logging: false      # enables access logging for proxy requests, sets log level to debug
+server:
   overwriteHost: true # overwrites request host and sets X-Forwarded--Host and X-Origin-Host headers
 
-# use redis as external log storage instead of an in memory store
-# recommended when using a HA setup with more then one replica
-# to get all logs on each instance 
-redis:
-  enabled: false
-  address: ""
-  database: 0
-  prefix: "policy-reporter-ui"
-  username: ""
-  password: ""
-
 # configurations related to the PolicyReporter API
 policyReporter:
   port: 8080

charts/policy-reporter/templates/_helpers.tpl

@@ -78,8 +78,6 @@ Create UI target host based on configuration
 {{- .Values.target.ui.host }}
 {{- else if not .Values.ui.enabled }}
 {{- "" }}
-{{- else if and .Values.ui.enabled (and .Values.ui.views.logs .Values.ui.service.enabled) }}
-{{- printf "http://%s:%s" (include "ui.fullname" .) (.Values.ui.service.port | toString) }}
 {{- else }}
 {{- "" }}
 {{- end }}

charts/policy-reporter/templates/deployment.yaml

@@ -57,7 +57,7 @@ spec:
           image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           {{- if .Values.securityContext }}
-          securityContext: {{ include "policyreporter.securityContext" . | nindent 12 }}
+          securityContext: {{- include "policyreporter.securityContext" . | nindent 12 }}
           {{- end }}
           args:
             - --port={{ .Values.port.number }}

charts/policy-reporter/values.yaml

@@ -5,7 +5,7 @@ image:
   registry: ghcr.io
   repository: kyverno/policy-reporter
   pullPolicy: IfNotPresent
-  tag: 2.17.2
+  tag: f4fa523
 
 imagePullSecrets: []
 
@@ -198,7 +198,7 @@ global:
   # The name of service policy-report. Defaults to ReleaseName.
   backend: ""
   # overwrite the fullname of all resources including subcharts
-  fullnameOverride: ""
+  fullnameOverride: "policy-reporter"
   # configure the namespace of all resources including subcharts
   namespace: ""
   # additional labels added on each resource