Skip to content

Commit fc104cb

Browse files
tjmoyestjmoyes
authored
Merge branch 'main' into feature/update-deprecated-prometheus-mem-cpu-queries
2 parents 9988554 + c40fe37 commit fc104cb

15 files changed

Lines changed: 1001 additions & 500 deletions

File tree

.github/workflows/pytest-on-push.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ jobs:
1313
- name: Set up Python
1414
uses: actions/setup-python@v2
1515
with:
16-
python-version: '3.9'
16+
python-version: '3.10'
1717

1818
- name: Install dependencies
1919
run: |

enforcer/Dockerfile

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -4,9 +4,10 @@ ENV PYTHONDONTWRITEBYTECODE=1
44
ENV PYTHONUNBUFFERED=1
55
ENV PATH="/app/venv/bin:$PATH"
66

7-
# Patching CVE-2025-6965
7+
# Patching CVE-2025-6965 (requires sqlite >= 3.50.2)
8+
# Alpine's current version (3.51.1-r0) already includes the fix
89
RUN apk update && apk add --no-cache --upgrade \
9-
sqlite-libs=3.49.2-r1 sqlite=3.49.2-r1
10+
sqlite-libs sqlite
1011

1112
# Set the working directory
1213
WORKDIR /app/enforcer
@@ -17,9 +18,8 @@ COPY ./resources/ resources/
1718
COPY ./requirements.txt requirements.txt
1819

1920

20-
RUN pip install --no-cache-dir --upgrade pip
21-
# Install the project dependencies
22-
RUN python -m ensurepip --upgrade
21+
RUN pip install --no-cache-dir "pip>=25.3" \
22+
&& rm -rf /usr/local/lib/python3.12/ensurepip/_bundled/pip-*.whl
2323
RUN pip install --no-cache-dir -r requirements.txt
2424

2525
CMD ["python", "enforcer_main.py"]

enforcer/enforcer_main.py

Lines changed: 9 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -158,15 +158,18 @@ async def mutate(request: AdmissionReview):
158158

159159
logger.debug("Pod patches %s", patches)
160160

161+
response = {
162+
"uid": request.request.get("uid"),
163+
"allowed": True,
164+
}
165+
if patches:
166+
response["patchType"] = "JSONPatch"
167+
response["patch"] = base64.b64encode(json.dumps(patches).encode()).decode()
168+
161169
return {
162170
"apiVersion": "admission.k8s.io/v1",
163171
"kind": "AdmissionReview",
164-
"response": {
165-
"uid": request.request.get("uid"),
166-
"allowed": True,
167-
"patchType": "JSONPatch",
168-
"patch": base64.b64encode(json.dumps(patches).encode()).decode() if patches else None
169-
}
172+
"response": response
170173
}
171174

172175
except Exception as e:

enforcer/requirements.txt

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,10 @@
1-
fastapi==0.115.12
1+
fastapi==0.121.3
22
uvicorn==0.27.1
33
pydantic==2.6.1
44
supabase==2.5
55
PyYAML==6.0.1
66
cachetools==5.3.3
77
prometheus-client==0.20.0
88
kubernetes==26.1.0
9+
pyasn1>=0.6.2
10+
urllib3==2.6.3

helm/krr-enforcer/Chart.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,5 +3,5 @@ name: krr-enforcer
33
description: KRR enforcer - auto apply KRR recommendations
44
type: application
55

6-
version: 0.3.4
7-
appVersion: 0.3.4
6+
version: 0.3.5
7+
appVersion: 0.3.5

helm/krr-enforcer/values.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ certJob:
1111
image:
1212
repository: us-central1-docker.pkg.dev/genuine-flight-317411/devel
1313
name: krr-enforcer
14-
tag: 0.3.4
14+
tag: 0.3.6
1515
imagePullPolicy: IfNotPresent
1616
resources:
1717
requests:

poetry.lock

Lines changed: 246 additions & 358 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

pyproject.toml

Lines changed: 4 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -23,30 +23,28 @@ plugins = "numpy.typing.mypy_plugin,pydantic.mypy"
2323
krr = "robusta_krr.main:run"
2424

2525
[tool.poetry.dependencies]
26-
python = ">=3.9,<=3.12.9"
26+
python = ">=3.10,<=3.12.9"
2727
typer = { extras = ["all"], version = "^0.7.0" }
2828
pydantic = "^1.10.7"
2929
kubernetes = "^26.1.0"
3030
prometheus-api-client = "0.5.3"
3131
numpy = ">=1.26.4,<1.27.0"
3232
alive-progress = "^3.1.2"
33-
prometrix = "0.2.5"
33+
prometrix = "0.2.11"
3434
slack-sdk = "^3.21.3"
3535
pandas = "2.2.2"
3636
requests = ">2.32.4"
3737
pyyaml = "6.0.1"
3838
typing-extensions = "4.6.0"
3939
idna = "3.7"
40-
urllib3 = "^1.26.20"
40+
urllib3 = "^2.6.2"
4141
setuptools = "^80.9.0"
4242
zipp = "^3.19.1"
4343
tenacity = "^9.0.0"
44-
pyinstaller = "^5.9.0"
45-
4644

4745

4846
[tool.poetry.group.dev.dependencies]
49-
mypy = "^1.0.1"
47+
mypy = "^1.18.2"
5048
black = "^23.1.0"
5149
isort = "^5.12.0"
5250
flake8 = "^6.0.0"
@@ -55,7 +53,6 @@ types-cachetools = "^5.3.0.4"
5553
types-requests = "^2.28.11.15"
5654
pytest = "^7.2.2"
5755
pytest-asyncio = ">=0.21,<0.24"
58-
pyinstaller = "^5.9.0"
5956

6057
[build-system]
6158
requires = ["poetry-core"]

requirements.txt

Lines changed: 57 additions & 57 deletions
Original file line numberDiff line numberDiff line change
@@ -1,57 +1,57 @@
1-
about-time==4.2.1 ; python_version >= "3.9" and python_full_version < "3.13"
2-
alive-progress==3.1.5 ; python_version >= "3.9" and python_full_version < "3.13"
3-
boto3==1.34.62 ; python_version >= "3.9" and python_full_version < "3.13"
4-
botocore==1.34.62 ; python_version >= "3.9" and python_full_version < "3.13"
5-
cachetools==5.3.3 ; python_version >= "3.9" and python_full_version < "3.13"
6-
certifi==2024.2.2 ; python_version >= "3.9" and python_full_version < "3.13"
7-
charset-normalizer==3.3.2 ; python_version >= "3.9" and python_full_version < "3.13"
8-
click==8.1.7 ; python_version >= "3.9" and python_full_version < "3.13"
9-
colorama==0.4.6 ; python_version >= "3.9" and python_full_version < "3.13"
10-
commonmark==0.9.1 ; python_version >= "3.9" and python_full_version < "3.13"
11-
contourpy==1.2.0 ; python_version >= "3.9" and python_full_version < "3.13"
12-
cycler==0.12.1 ; python_version >= "3.9" and python_full_version < "3.13"
13-
dateparser==1.2.0 ; python_version >= "3.9" and python_full_version < "3.13"
14-
fonttools==4.49.0 ; python_version >= "3.9" and python_full_version < "3.13"
15-
google-auth==2.28.2 ; python_version >= "3.9" and python_full_version < "3.13"
16-
grapheme==0.6.0 ; python_version >= "3.9" and python_full_version < "3.13"
17-
httmock==1.4.0 ; python_version >= "3.9" and python_full_version < "3.13"
18-
idna==3.7 ; python_version >= "3.9" and python_full_version < "3.13"
19-
importlib-resources==6.3.0 ; python_version == "3.9"
20-
jmespath==1.0.1 ; python_version >= "3.9" and python_full_version < "3.13"
21-
kiwisolver==1.4.5 ; python_version >= "3.9" and python_full_version < "3.13"
22-
kubernetes==26.1.0 ; python_version >= "3.9" and python_full_version < "3.13"
23-
matplotlib==3.8.3 ; python_version >= "3.9" and python_full_version < "3.13"
24-
numpy==1.26.4 ; python_version >= "3.9" and python_full_version < "3.13"
25-
oauthlib==3.2.2 ; python_version >= "3.9" and python_full_version < "3.13"
26-
packaging==24.0 ; python_version >= "3.9" and python_full_version < "3.13"
27-
pandas==2.2.2 ; python_version >= "3.9" and python_full_version < "3.13"
28-
pillow==10.3.0 ; python_version >= "3.9" and python_full_version < "3.13"
29-
prometheus-api-client==0.5.3 ; python_version >= "3.9" and python_full_version < "3.13"
30-
prometrix==0.2.5 ; python_version >= "3.9" and python_full_version < "3.13"
31-
pyasn1-modules==0.3.0 ; python_version >= "3.9" and python_full_version < "3.13"
32-
pyasn1==0.5.1 ; python_version >= "3.9" and python_full_version < "3.13"
33-
pydantic==1.10.15 ; python_version >= "3.9" and python_full_version < "3.13"
34-
pygments==2.17.2 ; python_version >= "3.9" and python_full_version < "3.13"
35-
pyparsing==3.1.2 ; python_version >= "3.9" and python_full_version < "3.13"
36-
python-dateutil==2.9.0.post0 ; python_version >= "3.9" and python_full_version < "3.13"
37-
pytz==2024.1 ; python_version >= "3.9" and python_full_version < "3.13"
38-
pyyaml==6.0.1 ; python_version >= "3.9" and python_full_version < "3.13"
39-
regex==2023.12.25 ; python_version >= "3.9" and python_full_version < "3.13"
40-
requests-oauthlib==1.4.0 ; python_version >= "3.9" and python_full_version < "3.13"
41-
requests==2.32.5 ; python_version >= "3.9" and python_full_version < "3.13"
42-
rich==12.6.0 ; python_version >= "3.9" and python_full_version < "3.13"
43-
rsa==4.9 ; python_version >= "3.9" and python_full_version < "3.13"
44-
s3transfer==0.10.0 ; python_version >= "3.9" and python_full_version < "3.13"
45-
setuptools==80.9.0 ; python_version >= "3.9" and python_full_version < "3.13"
46-
shellingham==1.5.4 ; python_version >= "3.9" and python_full_version < "3.13"
47-
six==1.16.0 ; python_version >= "3.9" and python_full_version < "3.13"
48-
slack-sdk==3.27.1 ; python_version >= "3.9" and python_full_version < "3.13"
49-
tenacity==9.0.0 ; python_version >= "3.9" and python_full_version < "3.13"
50-
typer==0.7.0 ; python_version >= "3.9" and python_full_version < "3.13"
51-
typing-extensions==4.6.0 ; python_version >= "3.9" and python_full_version < "3.13"
52-
tzdata==2024.1 ; python_version >= "3.9" and python_full_version < "3.13"
53-
tzlocal==5.2 ; python_version >= "3.9" and python_full_version < "3.13"
54-
urllib3==1.26.20 ; python_version >= "3.9" and python_full_version < "3.13"
55-
websocket-client==1.7.0 ; python_version >= "3.9" and python_full_version < "3.13"
56-
zipp==3.20.2 ; python_version >= "3.9" and python_full_version < "3.13"
57-
pytest-asyncio==0.23.7 ; python_version >= "3.9" and python_full_version < "3.13"
1+
about-time==4.2.1 ; python_version >= "3.10" and python_full_version < "3.13"
2+
alive-progress==3.1.5 ; python_version >= "3.10" and python_full_version < "3.13"
3+
boto3==1.42.19 ; python_version >= "3.10" and python_full_version < "3.13"
4+
botocore==1.42.19 ; python_version >= "3.10" and python_full_version < "3.13"
5+
cachetools==5.3.3 ; python_version >= "3.10" and python_full_version < "3.13"
6+
certifi==2024.2.2 ; python_version >= "3.10" and python_full_version < "3.13"
7+
charset-normalizer==3.3.2 ; python_version >= "3.10" and python_full_version < "3.13"
8+
click==8.1.7 ; python_version >= "3.10" and python_full_version < "3.13"
9+
colorama==0.4.6 ; python_version >= "3.10" and python_full_version < "3.13"
10+
commonmark==0.9.1 ; python_version >= "3.10" and python_full_version < "3.13"
11+
contourpy==1.2.0 ; python_version >= "3.10" and python_full_version < "3.13"
12+
cycler==0.12.1 ; python_version >= "3.10" and python_full_version < "3.13"
13+
dateparser==1.2.0 ; python_version >= "3.10" and python_full_version < "3.13"
14+
fonttools==4.60.2 ; python_version >= "3.10" and python_full_version < "3.13"
15+
google-auth==2.28.2 ; python_version >= "3.10" and python_full_version < "3.13"
16+
grapheme==0.6.0 ; python_version >= "3.10" and python_full_version < "3.13"
17+
httmock==1.4.0 ; python_version >= "3.10" and python_full_version < "3.13"
18+
idna==3.7 ; python_version >= "3.10" and python_full_version < "3.13"
19+
jmespath==1.0.1 ; python_version >= "3.10" and python_full_version < "3.13"
20+
kiwisolver==1.4.5 ; python_version >= "3.10" and python_full_version < "3.13"
21+
kubernetes==26.1.0 ; python_version >= "3.10" and python_full_version < "3.13"
22+
matplotlib==3.8.3 ; python_version >= "3.10" and python_full_version < "3.13"
23+
numpy==1.26.4 ; python_version >= "3.10" and python_full_version < "3.13"
24+
oauthlib==3.2.2 ; python_version >= "3.10" and python_full_version < "3.13"
25+
packaging==24.0 ; python_version >= "3.10" and python_full_version < "3.13"
26+
pandas==2.2.2 ; python_version >= "3.10" and python_full_version < "3.13"
27+
pillow==12.1.1 ; python_version >= "3.10" and python_full_version < "3.13"
28+
prometheus-api-client==0.5.3 ; python_version >= "3.10" and python_full_version < "3.13"
29+
prometrix==0.2.11; python_version >= "3.10" and python_full_version < "3.13"
30+
pyasn1-modules==0.4.2 ; python_version >= "3.10" and python_full_version < "3.13"
31+
pyasn1==0.6.2 ; python_version >= "3.10" and python_full_version < "3.13"
32+
pydantic==1.10.15 ; python_version >= "3.10" and python_full_version < "3.13"
33+
pygments==2.17.2 ; python_version >= "3.10" and python_full_version < "3.13"
34+
pyparsing==3.1.2 ; python_version >= "3.10" and python_full_version < "3.13"
35+
python-dateutil==2.9.0.post0 ; python_version >= "3.10" and python_full_version < "3.13"
36+
pytz==2024.1 ; python_version >= "3.10" and python_full_version < "3.13"
37+
pyyaml==6.0.1 ; python_version >= "3.10" and python_full_version < "3.13"
38+
regex==2023.12.25 ; python_version >= "3.10" and python_full_version < "3.13"
39+
requests-oauthlib==1.4.1 ; python_version >= "3.10" and python_full_version < "3.13"
40+
requests==2.32.5 ; python_version >= "3.10" and python_full_version < "3.13"
41+
rich==12.6.0 ; python_version >= "3.10" and python_full_version < "3.13"
42+
rsa==4.9 ; python_version >= "3.10" and python_full_version < "3.13"
43+
s3transfer==0.16.0 ; python_version >= "3.10" and python_full_version < "3.13"
44+
setuptools==80.9.0 ; python_version >= "3.10" and python_full_version < "3.13"
45+
shellingham==1.5.4 ; python_version >= "3.10" and python_full_version < "3.13"
46+
six==1.16.0 ; python_version >= "3.10" and python_full_version < "3.13"
47+
slack-sdk==3.27.1 ; python_version >= "3.10" and python_full_version < "3.13"
48+
tenacity==9.0.0 ; python_version >= "3.10" and python_full_version < "3.13"
49+
typer==0.7.0 ; python_version >= "3.10" and python_full_version < "3.13"
50+
typing-extensions==4.6.0 ; python_version >= "3.10" and python_full_version < "3.13"
51+
tzdata==2024.1 ; python_version >= "3.10" and python_full_version < "3.13"
52+
tzlocal==5.2 ; python_version >= "3.10" and python_full_version < "3.13"
53+
urllib3==2.6.2 ; python_version >= "3.10" and python_full_version < "3.13"
54+
websocket-client==1.7.0 ; python_version >= "3.10" and python_full_version < "3.13"
55+
zipp==3.20.2 ; python_version >= "3.10" and python_full_version < "3.13"
56+
# required for tests
57+
pytest-asyncio==0.23.7 ; python_version >= "3.10" and python_full_version < "3.13"

0 commit comments

Comments
 (0)