Skip to content
This repository was archived by the owner on Oct 11, 2024. It is now read-only.

[TT-5089] Add new field in security policy status#547

Merged
singhpr merged 24 commits intomasterfrom
bug/TT-5089/fix_security_policy_api_links
Jan 9, 2023
Merged

[TT-5089] Add new field in security policy status#547
singhpr merged 24 commits intomasterfrom
bug/TT-5089/fix_security_policy_api_links

Conversation

@komalsukhani
Copy link
Contributor

@komalsukhani komalsukhani commented Dec 15, 2022
edited by atlassian bot
Loading

Description

APIs store link to security policies in their status field. It is used to prevent deletion of API if it is linked to policy.

When we remove an API from access rights of policy, link stored in API is not deleted. This happens because there is no way for the security policy controller to know which API was removed. It knows only about the current state.
To fix this issue, I have added LinkedAPIs field in the status of the policy. As the name says, it stores list of APIs it is linked to.
Now, security policy controller has information about the APIs that were linked before.

Related Issue

TT-5089
Fixes #431

Motivation and Context

We should be able to delete API which is not linked to the policy.

Test Coverage For This Change

Added integration and unit tests

Screenshots (if appropriate)

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist

  • Make sure you are requesting to pull a topic/feature/bugfix branch (right side). If PRing from your fork, don't come from your master!
  • Make sure you are making a pull request against our master branch (left side). Also, it would be best if you started your change off our latest master.
  • Make sure you are updating CHANGELOG.md based on your changes.
  • My change requires a change to the documentation.
    • If you've changed APIs, describe what needs to be updated in the documentation.
  • I have updated the documentation accordingly.
  • If you've changed API models, please update CRDs.
    • make manifests
    • make helm
  • I have added tests to cover my changes.
  • All new and existing tests passed.
  • Check your code additions will not fail linting checks:
    • gofmt -s -w .
    • go vet ./...
    • golangci-lint run

@komalsukhani komalsukhani changed the title [TT-5089] fix security policy api links [TT-5089] Add new field in security policy status Dec 15, 2022
@komalsukhani komalsukhani marked this pull request as ready for review December 15, 2022 13:15
@komalsukhani komalsukhani requested a review from a team as a code owner December 15, 2022 13:15
@komalsukhani komalsukhani requested review from buraksekili and removed request for a team December 15, 2022 13:15
buraksekili
buraksekili reviewed Dec 16, 2022
View reviewed changes
buraksekili
buraksekili reviewed Dec 16, 2022
View reviewed changes
buraksekili
buraksekili reviewed Dec 19, 2022
View reviewed changes
buraksekili
buraksekili reviewed Dec 19, 2022
View reviewed changes
buraksekili
buraksekili reviewed Dec 19, 2022
View reviewed changes
@sonarqubecloud
Copy link

sonarqubecloud bot commented Jan 9, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

24.2% 24.2% Coverage
0.0% 0.0% Duplication

@singhpr singhpr merged commit 0e0605b into master Jan 9, 2023
@singhpr singhpr deleted the bug/TT-5089/fix_security_policy_api_links branch January 9, 2023 11:34
@caroltyk caroltyk added this to the v0.13.0 milestone Jan 13, 2023
buger pushed a commit that referenced this pull request May 22, 2024
@komalsukhani
[TT-5089] Add new field in security policy status (#547)
48ec232 
* Add a `linkedAPIs` field in status of security policy

* Store list of linked APIs in the status of policy

* Set back MID

* Remove tests for updateStatusOfLinkedApis

* Add tests for security policy

* Remove redundant checks

* Fix lint issues

* Fix tests

* Fix lint issues

* Change arguement sequence

* Do not run security policy tests for ce mode

* Increase timeout period

* Fix tests

* Fix lint issues

* Fix client mtls test

* Update changelog

* Make an entry of the bug in the changelog

* Update log messages

* Rename var

* Fix lint issue

* Fix tests

* Update policy MID
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

1 more reviewer

@buraksekili buraksekili buraksekili approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

v0.13.0

Development

Successfully merging this pull request may close these issues.

[TT-5089] - Attempting to remove an ApiDefinition fails if previously associated to a SecurityPolicy

4 participants

@komalsukhani @buraksekili @caroltyk @singhpr