Compare commits

..

3 Commits

Author SHA1 Message Date
Null Pointer Nancy a051ffafed Merge pull request 'promote: uat → main (tarball grep fix for release workflow)' (#180) from uat into main
CI / ci (push) Successful in 41s
Merge PR #180: promote uat → main (tarball grep fix for release workflow)
2026-05-20 22:49:51 +00:00
Countess von Containerheim 483348aef0 Merge pull request 'promote: uat → main (pnpm fix for release workflow)' (#176) from uat into main
CI / ci (push) Successful in 39s
CEO promotion merge: uat→main for v1.0.1 pnpm fix (PR #176)
2026-05-20 22:10:25 +00:00
Countess von Containerheim cd1fa2613d Merge pull request 'Promote uat to main (inline all workflows, trigger v1.0.1 release)' (#171) from uat into main
CI / ci (push) Successful in 40s
Promote uat to main: fix dual-approval SOURCE_REF detection and ca-certificates
2026-05-20 21:27:59 +00:00
+43 -48
View File
@@ -1,28 +1,30 @@
version: 1.0.1 version: "1.0.0"
name: headlamp-polaris name: headlamp-polaris
displayName: Polaris displayName: Polaris
createdAt: '2026-05-20T00:00:00Z' createdAt: "2026-02-05T19:00:00Z"
description: Surfaces Fairwinds Polaris audit results inside the Headlamp UI. Shows description: >-
cluster score, check summary, and per-namespace drill-downs with per-resource pass/warning/danger Surfaces Fairwinds Polaris audit results inside the Headlamp UI.
breakdowns. Data is fetched read-only via the Kubernetes service proxy to the Polaris Shows cluster score, check summary, and per-namespace drill-downs
dashboard. Requires a Role granting `get` on `services/proxy` for the `polaris-dashboard` with per-resource pass/warning/danger breakdowns. Data is fetched
service in the `polaris` namespace. read-only via the Kubernetes service proxy to the Polaris dashboard.
Requires a Role granting `get` on `services/proxy` for the
`polaris-dashboard` service in the `polaris` namespace.
license: Apache-2.0 license: Apache-2.0
homeURL: https://github.com/privilegedescalation/headlamp-polaris-plugin homeURL: "https://github.com/privilegedescalation/headlamp-polaris-plugin"
appVersion: 10.1.6 appVersion: "10.1.6"
category: security category: security
keywords: keywords:
- polaris - polaris
- fairwinds - fairwinds
- security - security
- audit - audit
- headlamp - headlamp
- kubernetes - kubernetes
links: links:
- name: Source - name: Source
url: https://github.com/privilegedescalation/headlamp-polaris-plugin url: "https://github.com/privilegedescalation/headlamp-polaris-plugin"
- name: Polaris - name: Polaris
url: https://polaris.docs.fairwinds.com/ url: "https://polaris.docs.fairwinds.com/"
install: | install: |
## Installation ## Installation
@@ -48,34 +50,27 @@ install: |
For more information, see the [README](https://github.com/privilegedescalation/headlamp-polaris-plugin/blob/main/README.md). For more information, see the [README](https://github.com/privilegedescalation/headlamp-polaris-plugin/blob/main/README.md).
changes: changes:
- kind: security - kind: security
description: Patched 8 npm audit vulnerabilities via pnpm.overrides description: Patched 8 npm audit vulnerabilities via pnpm.overrides
- kind: added - kind: added
description: Dual-approval required CI check — PRs must be approved by both CTO description: Dual-approval required CI check — PRs must be approved by both CTO and QA before merge
and QA before merge - kind: added
- kind: added description: ExemptionManager test suite — full coverage of annotation-based exemption flows
description: ExemptionManager test suite — full coverage of annotation-based exemption - kind: fixed
flows description: E2E infrastructure overhauled — ConfigMap volume mount replaces Dockerfile-based approach, tests run in privilegedescalation-dev namespace
- kind: fixed - kind: fixed
description: E2E infrastructure overhauled — ConfigMap volume mount replaces Dockerfile-based description: E2E workflow uses token auth and waits for HTTP reachability before running tests
approach, tests run in privilegedescalation-dev namespace - kind: fixed
- kind: fixed description: Added explicit direct devDependencies (typescript, eslint, prettier, @headlamp-k8s/eslint-config) to prevent phantom dep failures
description: E2E workflow uses token auth and waits for HTTP reachability before - kind: changed
running tests description: pnpm version pinned via packageManager field; GitHub Actions SHA-pinned via Renovate pinDigests
- kind: fixed - kind: changed
description: Added explicit direct devDependencies (typescript, eslint, prettier, description: v1.0.0 stable release — plugin API (routes, sidebar, settings schema, app bar action) is stable and will not change without a major version bump
@headlamp-k8s/eslint-config) to prevent phantom dep failures
- kind: changed
description: pnpm version pinned via packageManager field; GitHub Actions SHA-pinned
via Renovate pinDigests
- kind: changed
description: v1.0.0 stable release — plugin API (routes, sidebar, settings schema,
app bar action) is stable and will not change without a major version bump
maintainers: maintainers:
- name: privilegedescalation - name: privilegedescalation
email: chris@farhood.org email: "chris@farhood.org"
annotations: annotations:
headlamp/plugin/archive-url: https://git.farh.net/privilegedescalation/headlamp-polaris-plugin/releases/download/v1.0.1/headlamp-polaris-1.0.1.tar.gz headlamp/plugin/archive-url: "https://github.com/privilegedescalation/headlamp-polaris-plugin/releases/download/v1.0.0/headlamp-polaris-1.0.0.tar.gz"
headlamp/plugin/version-compat: '>=0.26' headlamp/plugin/version-compat: ">=0.26"
headlamp/plugin/archive-checksum: sha256:1e05d079c7032cf55ebde85e116cb65b686d207f4b6a3b0f716f0af93f933e7e headlamp/plugin/archive-checksum: sha256:a165e871b40f11a44950aa9f10eb7f7883276f749026ae7a4f886278ecd9bd7d
headlamp/plugin/distro-compat: in-cluster,web,desktop headlamp/plugin/distro-compat: "in-cluster,web,desktop"