Show policy audit violations (#3161)

Show policy audit violations --------- Co-authored-by: TheGostKasper <[email protected]>
weaveworks · Aug 17, 2023 · 92ccf06 · 92ccf06
1 parent e578ace
commit 92ccf06
Show file tree

Hide file tree

Showing 11 changed files with 436 additions and 122 deletions.
diff --git a/pkg/query/configuration/objectkind.go b/pkg/query/configuration/objectkind.go
@@ -183,7 +183,7 @@ var (
 		AddToSchemeFunc: rbacv1.AddToScheme,
 	}
 
-	PolicyAgentEventObjectKind = ObjectKind{
+	PolicyAgentAuditEventObjectKind = ObjectKind{
 		Gvk: corev1.SchemeGroupVersion.WithKind("Event"),
 		NewClientObjectFunc: func() client.Object {
 			return &corev1.Event{}
@@ -195,7 +195,7 @@ var (
 				return false
 			}
 
-			return e.Source.Component == "policy-agent"
+			return e.Labels["pac.weave.works/type"] == "Audit" && e.Source.Component == "policy-agent"
 		},
 		RetentionPolicy: RetentionPolicy(24 * time.Hour),
 		StatusFunc: func(obj client.Object) ObjectStatus {
@@ -231,7 +231,7 @@ var SupportedObjectKinds = []ObjectKind{
 	GitRepositoryObjectKind,
 	OCIRepositoryObjectKind,
 	BucketObjectKind,
-	PolicyAgentEventObjectKind,
+	PolicyAgentAuditEventObjectKind,
 }
 
 // SupportedRbacKinds list with the default supported RBAC resources.

diff --git a/ui-cra/src/components/Clusters/index.tsx b/ui-cra/src/components/Clusters/index.tsx
@@ -9,19 +9,16 @@ import {
   Kind,
   KubeStatusIndicator,
   Link,
-  PolicyViolationsList,
-  RouterTab,
-  SubRouterTabs,
   filterByStatusCallback,
   filterConfig,
   statusSortHelper,
-  useListSources,
+  useListSources
 } from '@weaveworks/weave-gitops';
 import { Source } from '@weaveworks/weave-gitops/ui/lib/objects';
 import { PageRoute } from '@weaveworks/weave-gitops/ui/lib/types';
 import _ from 'lodash';
 import React, { FC, useCallback, useEffect, useMemo, useState } from 'react';
-import { useHistory, useRouteMatch } from 'react-router-dom';
+import { useHistory } from 'react-router-dom';
 import styled from 'styled-components';
 import { GitProvider } from '../../api/gitauth/gitauth.pb';
 import EKS from '../../assets/img/EKS.svg';
@@ -163,7 +160,6 @@ export const getGitRepos = (sources: Source[] | undefined) =>
 const MCCP: FC<{
   location: { state: { notification: NotificationData[] } };
 }> = ({ location }) => {
-  const { path } = useRouteMatch();
   const { clusters, isLoading } = useClusters();
   const { setNotifications } = useNotifications();
   const [selectedCluster, setSelectedCluster] =
@@ -389,95 +385,85 @@ const MCCP: FC<{
             )}
             <OpenedPullRequest />
           </ActionsWrapper>
-          <SubRouterTabs rootPath={`${path}/list`}>
-            <RouterTab name="Clusters" path={`${path}/list`}>
-              <LoadingWrapper loading={isLoading}>
-                <DataTable
-                  className="clusters-list"
-                  key={clusters.length}
-                  filters={initialFilterState}
-                  rows={clusters}
-                  fields={[
-                    {
-                      label: 'Select',
-                      value: ({ name, namespace }: GitopsClusterEnriched) => (
-                        <ClusterRowCheckbox
-                          name={name}
-                          namespace={namespace}
-                          onChange={handleIndividualClick}
-                          checked={Boolean(
-                            selectedCluster?.name === name &&
-                              selectedCluster?.namespace === namespace,
-                          )}
-                        />
-                      ),
-                      maxWidth: 25,
-                    },
-                    {
-                      label: 'Name',
-                      value: (c: GitopsClusterEnriched) =>
-                        c.controlPlane === true ? (
-                          <span data-cluster-name={c.name}>{c.name}</span>
-                        ) : (
-                          <Link
-                            to={`/cluster?clusterName=${c.name}&namespace=${c.namespace}`}
-                            data-cluster-name={c.name}
-                          >
-                            {c.name}
-                          </Link>
-                        ),
-                      sortValue: ({ name }) => name,
-                      textSearchable: true,
-                      maxWidth: 275,
-                    },
-                    {
-                      label: 'Dashboards',
-                      value: (c: GitopsClusterEnriched) => (
-                        <DashboardsList cluster={c} />
-                      ),
-                    },
-                    {
-                      label: 'Type',
-                      value: (c: GitopsClusterEnriched) => (
-                        <ClusterIcon cluster={c} />
-                      ),
-                    },
-                    {
-                      label: 'Namespace',
-                      value: 'namespace',
-                    },
-                    {
-                      label: 'Status',
-                      value: (c: GitopsClusterEnriched) =>
-                        c.conditions && c.conditions.length > 0 ? (
-                          <KubeStatusIndicator
-                            short
-                            conditions={c.conditions}
-                          />
-                        ) : null,
-                      sortValue: statusSortHelper,
-                    },
-                    {
-                      label: 'Message',
-                      value: (c: GitopsClusterEnriched) =>
-                        (c.conditions && c.conditions[0]?.message) || null,
-                      sortValue: ({ conditions }) => computeMessage(conditions),
-                      maxWidth: 600,
-                    },
-                    {
-                      label: '',
-                      value: (c: GitopsClusterEnriched) => (
-                        <EditButton resource={c} />
-                      ),
-                    },
-                  ]}
-                />
-              </LoadingWrapper>
-            </RouterTab>
-            <RouterTab name="Violations" path={`${path}/violations`}>
-              <PolicyViolationsList req={{}} />
-            </RouterTab>
-          </SubRouterTabs>
+          <LoadingWrapper loading={isLoading}>
+            <DataTable
+              className="clusters-list"
+              key={clusters.length}
+              filters={initialFilterState}
+              rows={clusters}
+              fields={[
+                {
+                  label: 'Select',
+                  value: ({ name, namespace }: GitopsClusterEnriched) => (
+                    <ClusterRowCheckbox
+                      name={name}
+                      namespace={namespace}
+                      onChange={handleIndividualClick}
+                      checked={Boolean(
+                        selectedCluster?.name === name &&
+                          selectedCluster?.namespace === namespace,
+                      )}
+                    />
+                  ),
+                  maxWidth: 25,
+                },
+                {
+                  label: 'Name',
+                  value: (c: GitopsClusterEnriched) =>
+                    c.controlPlane === true ? (
+                      <span data-cluster-name={c.name}>{c.name}</span>
+                    ) : (
+                      <Link
+                        to={`/cluster?clusterName=${c.name}&namespace=${c.namespace}`}
+                        data-cluster-name={c.name}
+                      >
+                        {c.name}
+                      </Link>
+                    ),
+                  sortValue: ({ name }) => name,
+                  textSearchable: true,
+                  maxWidth: 275,
+                },
+                {
+                  label: 'Dashboards',
+                  value: (c: GitopsClusterEnriched) => (
+                    <DashboardsList cluster={c} />
+                  ),
+                },
+                {
+                  label: 'Type',
+                  value: (c: GitopsClusterEnriched) => (
+                    <ClusterIcon cluster={c}></ClusterIcon>
+                  ),
+                },
+                {
+                  label: 'Namespace',
+                  value: 'namespace',
+                },
+                {
+                  label: 'Status',
+                  value: (c: GitopsClusterEnriched) =>
+                    c.conditions && c.conditions.length > 0 ? (
+                      <KubeStatusIndicator short conditions={c.conditions} />
+                    ) : null,
+                  sortValue: statusSortHelper,
+                },
+                {
+                  label: 'Message',
+                  value: (c: GitopsClusterEnriched) =>
+                    (c.conditions && c.conditions[0]?.message) || null,
+                  sortValue: ({ conditions }) => computeMessage(conditions),
+                  maxWidth: 600,
+                },
+                {
+                  label: '',
+                  value: (c: GitopsClusterEnriched) => (
+                    <EditButton resource={c} />
+                  ),
+                },
+              ]}
+            />
+          </LoadingWrapper>
         </NotificationsWrapper>
       </CallbackStateContextProvider>
     </Page>