From 8583bd90b461232eb495c30fdf0a116e1bbab1ba Mon Sep 17 00:00:00 2001 From: Cody Jackson Date: Tue, 16 Jan 2024 15:13:52 -0700 Subject: [PATCH] [backport v2.8.next1] Removing all references to PSP since they will no longer be supported https://github.com/rancher/dashboard/issues/10678 --- app/authenticated/cluster/edit/route.js | 1 - .../cluster/projects/edit/route.js | 1 - .../cluster/projects/new/route.js | 1 - .../cluster/security/members/edit/route.js | 1 - .../project/security/members/edit/route.js | 1 - app/components/new-edit-project/component.js | 19 +- app/components/new-edit-project/template.hbs | 13 -- app/instance-initializers/nav.js | 7 - app/models/cluster.js | 4 +- app/models/podsecuritypolicytemplate.js | 16 -- .../addon/cluster-templates/detail/route.js | 1 - .../cluster-templates/detail/template.hbs | 2 +- .../cluster-templates/new-revision/route.js | 2 - .../new-revision/template.hbs | 2 +- .../addon/cluster-templates/new/route.js | 1 - .../addon/cluster-templates/new/template.hbs | 2 +- .../addon/clusters/new/launch/route.js | 1 - .../components/form-basic-policy/component.js | 36 ---- .../components/form-basic-policy/template.hbs | 34 ---- .../form-capability-policy/component.js | 92 --------- .../form-capability-policy/template.hbs | 74 ------- .../form-fsgroup-policy/component.js | 59 ------ .../form-fsgroup-policy/template.hbs | 70 ------- .../form-hostpath-policy/component.js | 52 ----- .../form-hostpath-policy/template.hbs | 38 ---- .../form-hostports-policy/component.js | 46 ----- .../form-hostports-policy/template.hbs | 53 ----- .../form-runasgroup-policy/component.js | 60 ------ .../form-runasgroup-policy/template.hbs | 113 ----------- .../form-runasuser-policy/component.js | 60 ------ .../form-runasuser-policy/template.hbs | 77 ------- .../form-selinux-policy/component.js | 50 ----- .../form-selinux-policy/template.hbs | 41 ---- .../component.js | 59 ------ .../template.hbs | 73 ------- .../form-volume-policy/component.js | 51 ----- .../form-volume-policy/template.hbs | 31 --- .../components/new-edit-policy/component.js | 36 ---- .../components/new-edit-policy/template.hbs | 150 -------------- .../addon/security/policies/detail/route.js | 18 -- .../security/policies/detail/template.hbs | 1 - .../addon/security/policies/edit/route.js | 18 -- .../addon/security/policies/edit/template.hbs | 1 - .../security/policies/index/controller.js | 24 --- .../addon/security/policies/index/route.js | 10 - .../security/policies/index/template.hbs | 47 ----- .../addon/security/policies/new/route.js | 22 -- .../addon/security/policies/new/template.hbs | 1 - .../addon/security/roles/detail/route.js | 6 +- .../addon/security/roles/edit/route.js | 6 +- .../addon/security/roles/new/route.js | 1 - .../cluster-driver/driver-import/component.js | 8 - .../cluster-driver/driver-rke/component.js | 77 ------- .../cluster-driver/driver-rke/template.hbs | 108 ---------- .../component.js | 4 - .../cru-cluster-template/template.hbs | 1 - .../addon/components/cru-cluster/component.js | 2 - .../component.js | 28 --- .../template.hbs | 22 -- lib/shared/addon/utils/constants.js | 15 -- .../component.js | 1 - translations/ar-sa.yaml | 23 --- translations/de-de.yaml | 58 ------ translations/en-us.yaml | 191 ------------------ translations/es-es.yaml | 151 -------------- translations/fa-ir.yaml | 16 -- translations/fr-fr.yaml | 25 --- translations/it-it.yaml | 27 --- translations/ja-jp.yaml | 160 --------------- translations/km-kh.yaml | 23 --- translations/ko-kr.yaml | 26 --- translations/nb-no.yaml | 11 - translations/nl-nl.yaml | 25 --- translations/pt-br.yaml | 25 --- translations/ru-ru.yaml | 122 ----------- translations/tr-tr.yaml | 25 --- translations/uk-ua.yaml | 116 ----------- translations/zh-hans.yaml | 181 ----------------- translations/zh-hant-tw.yaml | 165 --------------- translations/zh-hant.yaml | 161 --------------- 80 files changed, 7 insertions(+), 3375 deletions(-) delete mode 100644 app/models/podsecuritypolicytemplate.js delete mode 100644 lib/global-admin/addon/components/form-basic-policy/component.js delete mode 100644 lib/global-admin/addon/components/form-basic-policy/template.hbs delete mode 100644 lib/global-admin/addon/components/form-capability-policy/component.js delete mode 100644 lib/global-admin/addon/components/form-capability-policy/template.hbs delete mode 100644 lib/global-admin/addon/components/form-fsgroup-policy/component.js delete mode 100644 lib/global-admin/addon/components/form-fsgroup-policy/template.hbs delete mode 100644 lib/global-admin/addon/components/form-hostpath-policy/component.js delete mode 100644 lib/global-admin/addon/components/form-hostpath-policy/template.hbs delete mode 100644 lib/global-admin/addon/components/form-hostports-policy/component.js delete mode 100644 lib/global-admin/addon/components/form-hostports-policy/template.hbs delete mode 100644 lib/global-admin/addon/components/form-runasgroup-policy/component.js delete mode 100644 lib/global-admin/addon/components/form-runasgroup-policy/template.hbs delete mode 100644 lib/global-admin/addon/components/form-runasuser-policy/component.js delete mode 100644 lib/global-admin/addon/components/form-runasuser-policy/template.hbs delete mode 100644 lib/global-admin/addon/components/form-selinux-policy/component.js delete mode 100644 lib/global-admin/addon/components/form-selinux-policy/template.hbs delete mode 100644 lib/global-admin/addon/components/form-supplementalgroups-policy/component.js delete mode 100644 lib/global-admin/addon/components/form-supplementalgroups-policy/template.hbs delete mode 100644 lib/global-admin/addon/components/form-volume-policy/component.js delete mode 100644 lib/global-admin/addon/components/form-volume-policy/template.hbs delete mode 100644 lib/global-admin/addon/components/new-edit-policy/component.js delete mode 100644 lib/global-admin/addon/components/new-edit-policy/template.hbs delete mode 100644 lib/global-admin/addon/security/policies/detail/route.js delete mode 100644 lib/global-admin/addon/security/policies/detail/template.hbs delete mode 100644 lib/global-admin/addon/security/policies/edit/route.js delete mode 100644 lib/global-admin/addon/security/policies/edit/template.hbs delete mode 100644 lib/global-admin/addon/security/policies/index/controller.js delete mode 100644 lib/global-admin/addon/security/policies/index/route.js delete mode 100644 lib/global-admin/addon/security/policies/index/template.hbs delete mode 100644 lib/global-admin/addon/security/policies/new/route.js delete mode 100644 lib/global-admin/addon/security/policies/new/template.hbs delete mode 100644 lib/shared/addon/components/modal-confirm-imported-upgrade/component.js delete mode 100644 lib/shared/addon/components/modal-confirm-imported-upgrade/template.hbs delete mode 100644 lib/shared/app/components/modal-confirm-imported-upgrade/component.js diff --git a/app/authenticated/cluster/edit/route.js b/app/authenticated/cluster/edit/route.js index 676ad2aa8e..6776515320 100644 --- a/app/authenticated/cluster/edit/route.js +++ b/app/authenticated/cluster/edit/route.js @@ -26,7 +26,6 @@ export default Route.extend({ kontainerDrivers: globalStore.findAll('kontainerDriver'), nodeTemplates: globalStore.findAll('nodeTemplate'), nodeDrivers: globalStore.findAll('nodeDriver'), - psps: globalStore.findAll('podSecurityPolicyTemplate'), psacs: globalStore.findAll('podSecurityAdmissionConfigurationTemplate'), roleTemplates: get(this, 'roleTemplateService').get('allFilteredRoleTemplates'), users: globalStore.findAll('user'), diff --git a/app/authenticated/cluster/projects/edit/route.js b/app/authenticated/cluster/projects/edit/route.js index 68fea3ccfd..3c8c70840d 100644 --- a/app/authenticated/cluster/projects/edit/route.js +++ b/app/authenticated/cluster/projects/edit/route.js @@ -16,7 +16,6 @@ export default Route.extend({ project: store.find('project', params.project_id), projectRoleTemplateBindings: store.find('projectRoleTemplateBinding'), projects: store.findAll('project'), - psps: store.find('podSecurityPolicyTemplate'), roles: get(this, 'roleTemplateService').get('allFilteredRoleTemplates'), users: store.find('user', null, { forceReload: true }), }).then((hash) => { diff --git a/app/authenticated/cluster/projects/new/route.js b/app/authenticated/cluster/projects/new/route.js index 1c984ec3e0..35506bfccd 100644 --- a/app/authenticated/cluster/projects/new/route.js +++ b/app/authenticated/cluster/projects/new/route.js @@ -24,7 +24,6 @@ export default Route.extend({ me: get(this, 'access.principal'), project, projects: store.findAll('project'), - psps: store.findAll('podSecurityPolicyTemplate'), roles: get(this, 'roleTemplateService').get('allFilteredRoleTemplates'), users: store.find('user', null, { forceReload: true }), }); diff --git a/app/authenticated/cluster/security/members/edit/route.js b/app/authenticated/cluster/security/members/edit/route.js index de916d8825..02d8b15e0f 100644 --- a/app/authenticated/cluster/security/members/edit/route.js +++ b/app/authenticated/cluster/security/members/edit/route.js @@ -17,7 +17,6 @@ export default Route.extend({ context: 'cluster' } }), - policies: store.find('podsecuritypolicytemplate'), }); }, }); diff --git a/app/authenticated/project/security/members/edit/route.js b/app/authenticated/project/security/members/edit/route.js index 514aeae5cb..428032ed0a 100644 --- a/app/authenticated/project/security/members/edit/route.js +++ b/app/authenticated/project/security/members/edit/route.js @@ -17,7 +17,6 @@ export default Route.extend({ context: 'cluster' } }), - policies: store.find('podsecuritypolicytemplate'), }); }, }); diff --git a/app/components/new-edit-project/component.js b/app/components/new-edit-project/component.js index a852669a72..2b83ee6581 100644 --- a/app/components/new-edit-project/component.js +++ b/app/components/new-edit-project/component.js @@ -2,9 +2,7 @@ import { alias } from '@ember/object/computed'; import { inject as service } from '@ember/service'; import Component from '@ember/component'; import layout from './template'; -import { - get, set, computed, observer, setProperties -} from '@ember/object'; +import { get, set, computed, setProperties } from '@ember/object'; import NewOrEdit from 'ui/mixins/new-or-edit'; import ChildHook from 'shared/mixins/child-hook'; import { isEmpty } from '@ember/utils'; @@ -24,11 +22,9 @@ export default Component.extend(NewOrEdit, ChildHook, { layout, memberConfig: M_CONFIG, model: null, - podSecurityPolicyTemplateId: null, isNew: false, primaryResource: alias('model.project'), - secPolicy: alias('model.project.defaultPodSecurityPolicyTemplateId'), policies: alias('model.policies'), init() { this._super(...arguments); @@ -36,7 +32,6 @@ export default Component.extend(NewOrEdit, ChildHook, { bindings = bindings.filter((x) => get(x, 'name') !== 'creator'); set(this, 'memberArray', bindings); - set(this, 'podSecurityPolicyTemplateId', get(this, 'model.project.podSecurityPolicyTemplateId')); if (isEmpty(get(this, 'primaryResource.id'))) { set(this, 'isNew', true); } @@ -70,9 +65,6 @@ export default Component.extend(NewOrEdit, ChildHook, { }, }, - pspDidChange: observer('podSecurityPolicyTemplateId', function() { - set(this, 'model.project.podSecurityPolicyTemplateId', get(this, 'podSecurityPolicyTemplateId')); - }), creator: computed('editing', 'model.{me,users}', 'primaryResource.creatorId', function() { let cid = get(this, 'primaryResource.creatorId'); let creator = null; @@ -119,15 +111,6 @@ export default Component.extend(NewOrEdit, ChildHook, { return get(this, 'errors.length') === 0; }, - didSave() { - const pr = get(this, 'primaryResource'); - const podSecurityPolicyTemplateId = get(this, 'podSecurityPolicyTemplateId') ? get(this, 'podSecurityPolicyTemplateId') : null; - - return pr.waitForCondition('BackingNamespaceCreated').then(() => this.applyHooks().then(() => { - pr.doAction('setpodsecuritypolicytemplate', { podSecurityPolicyTemplateId, }).then(() => pr); - })); - }, - doneSaving() { this.goBack(); }, diff --git a/app/components/new-edit-project/template.hbs b/app/components/new-edit-project/template.hbs index 766c3eb932..ea16cf4c89 100644 --- a/app/components/new-edit-project/template.hbs +++ b/app/components/new-edit-project/template.hbs @@ -17,19 +17,6 @@ nameRequired=true namePlaceholder="projectsPage.name.placeholder" }} - {{#if model.project.cluster.capabilities.pspEnabled}} - - {{new-select - content=model.psps - optionLabelPath="displayName" - optionValuePath="id" - prompt="generic.none" - localizedPrompt=true - value=podSecurityPolicyTemplateId - }} - {{/if}}
diff --git a/app/instance-initializers/nav.js b/app/instance-initializers/nav.js index e4d630ec56..27696661a5 100644 --- a/app/instance-initializers/nav.js +++ b/app/instance-initializers/nav.js @@ -305,13 +305,6 @@ const rootNav = [ resource: ['roletemplate'], resourceScope: 'global', }, - { - id: 'global-security-roles', - localizedLabel: 'nav.admin.security.podSecurityPolicies', - route: 'global-admin.security.policies', - resource: ['podsecuritypolicytemplate'], - resourceScope: 'global', - }, { id: 'global-security-authentication', localizedLabel: 'nav.admin.security.authentication', diff --git a/app/models/cluster.js b/app/models/cluster.js index b9761d2d3e..351266ab30 100644 --- a/app/models/cluster.js +++ b/app/models/cluster.js @@ -1000,13 +1000,12 @@ export default Resource.extend(Grafana, ResourceUsage, { clearConfigFieldsForClusterTemplate() { let clearedNull = ['localClusterAuthEndpoint', 'rancherKubernetesEngineConfig', 'enableNetworkPolicy']; - let clearedDelete = ['defaultClusterRoleForProjectMembers', 'defaultPodSecurityPolicyTemplateId']; + let clearedDelete = ['defaultClusterRoleForProjectMembers']; let { localClusterAuthEndpoint, rancherKubernetesEngineConfig, enableNetworkPolicy, defaultClusterRoleForProjectMembers, - defaultPodSecurityPolicyTemplateId, } = this; let cachedConfig = { @@ -1014,7 +1013,6 @@ export default Resource.extend(Grafana, ResourceUsage, { rancherKubernetesEngineConfig, enableNetworkPolicy, defaultClusterRoleForProjectMembers, - defaultPodSecurityPolicyTemplateId, }; // set this incase we fail to save the cluster; diff --git a/app/models/podsecuritypolicytemplate.js b/app/models/podsecuritypolicytemplate.js deleted file mode 100644 index 2781fafe47..0000000000 --- a/app/models/podsecuritypolicytemplate.js +++ /dev/null @@ -1,16 +0,0 @@ -import { inject as service } from '@ember/service'; -import Resource from '@rancher/ember-api-store/models/resource'; - -export default Resource.extend({ - router: service(), - - type: 'podSecurityPolicyTemplate', - - canHaveLabels: true, - - actions: { - edit() { - this.get('router').transitionTo('global-admin.security.policies.edit', this.get('id')); - }, - }, -}); diff --git a/lib/global-admin/addon/cluster-templates/detail/route.js b/lib/global-admin/addon/cluster-templates/detail/route.js index d56eb92207..5ae205eda4 100644 --- a/lib/global-admin/addon/cluster-templates/detail/route.js +++ b/lib/global-admin/addon/cluster-templates/detail/route.js @@ -19,7 +19,6 @@ export default Route.extend({ return hash({ clusterTemplate, clusterTemplateRevision: revision, - psps: this.globalStore.findAll('podSecurityPolicyTemplate'), psacs: this.globalStore.findAll('podSecurityAdmissionConfigurationTemplate'), clusterTemplateRevisionId: revision.id, }); diff --git a/lib/global-admin/addon/cluster-templates/detail/template.hbs b/lib/global-admin/addon/cluster-templates/detail/template.hbs index cc5072e9d3..af37ebd665 100644 --- a/lib/global-admin/addon/cluster-templates/detail/template.hbs +++ b/lib/global-admin/addon/cluster-templates/detail/template.hbs @@ -9,5 +9,5 @@ diff --git a/lib/global-admin/addon/cluster-templates/new-revision/route.js b/lib/global-admin/addon/cluster-templates/new-revision/route.js index dff4c5a095..870bf835c1 100644 --- a/lib/global-admin/addon/cluster-templates/new-revision/route.js +++ b/lib/global-admin/addon/cluster-templates/new-revision/route.js @@ -30,7 +30,6 @@ export default Route.extend({ return hash({ clusterTemplate: template, clusterTemplateRevision: tempRevision, - psps: this.globalStore.findAll('podSecurityPolicyTemplate'), psacs: this.globalStore.findAll('podSecurityAdmissionConfigurationTemplate'), clusterTemplateRevisionId: tempId, }); @@ -50,7 +49,6 @@ export default Route.extend({ return hash({ clusterTemplate: template, clusterTemplateRevision: tempRevision, - psps: this.globalStore.findAll('podSecurityPolicyTemplate'), psacs: this.globalStore.findAll('podSecurityAdmissionConfigurationTemplate'), clusterTemplateRevisionId: tempId, }); diff --git a/lib/global-admin/addon/cluster-templates/new-revision/template.hbs b/lib/global-admin/addon/cluster-templates/new-revision/template.hbs index f0e48d1e7d..8b7bd8de66 100644 --- a/lib/global-admin/addon/cluster-templates/new-revision/template.hbs +++ b/lib/global-admin/addon/cluster-templates/new-revision/template.hbs @@ -6,5 +6,5 @@ diff --git a/lib/global-admin/addon/cluster-templates/new/route.js b/lib/global-admin/addon/cluster-templates/new/route.js index aa46b124b3..e4908463e5 100644 --- a/lib/global-admin/addon/cluster-templates/new/route.js +++ b/lib/global-admin/addon/cluster-templates/new/route.js @@ -19,7 +19,6 @@ export default Route.extend({ rancherKubernetesEngineConfig: this.globalStore.createRecord({ type: 'rancherKubernetesEngineConfig' }) }) }), - psps: this.globalStore.findAll('podSecurityPolicyTemplate'), psacs: this.globalStore.findAll('podSecurityAdmissionConfigurationTemplate'), users: this.globalStore.findAll('user'), }); diff --git a/lib/global-admin/addon/cluster-templates/new/template.hbs b/lib/global-admin/addon/cluster-templates/new/template.hbs index dac1d877f1..11261f968b 100644 --- a/lib/global-admin/addon/cluster-templates/new/template.hbs +++ b/lib/global-admin/addon/cluster-templates/new/template.hbs @@ -5,5 +5,5 @@
diff --git a/lib/global-admin/addon/clusters/new/launch/route.js b/lib/global-admin/addon/clusters/new/launch/route.js index 949213cb63..e07bda436d 100644 --- a/lib/global-admin/addon/clusters/new/launch/route.js +++ b/lib/global-admin/addon/clusters/new/launch/route.js @@ -93,7 +93,6 @@ export default Route.extend({ cloudCredentials: gs.findAll('cloudcredential'), clusterRoleTemplateBinding: gs.findAll('clusterRoleTemplateBinding'), nodeTemplates: gs.findAll('nodeTemplate'), - psps: gs.findAll('podSecurityPolicyTemplate'), psacs: gs.findAll('podSecurityAdmissionConfigurationTemplate'), users: gs.findAll('user'), clusterTemplates, diff --git a/lib/global-admin/addon/components/form-basic-policy/component.js b/lib/global-admin/addon/components/form-basic-policy/component.js deleted file mode 100644 index 3d3960a3b5..0000000000 --- a/lib/global-admin/addon/components/form-basic-policy/component.js +++ /dev/null @@ -1,36 +0,0 @@ -import Component from '@ember/component'; -import layout from './template'; -import C from 'ui/utils/constants'; - -const policies = C.BASIC_POD_SECURITY_POLICIES; - -export default Component.extend({ - layout, - - classNames: ['accordion-wrapper'], - - model: null, - readOnly: false, - basicPolicies: null, - - statusClass: null, - status: null, - init() { - this._super(...arguments); - const basicPolicies = []; - - for (let i = 0; i < policies.length / 3; i++) { - basicPolicies.push(policies.slice(i * 3, i * 3 + 3)); - } - this.set('basicPolicies', basicPolicies); - }, - - didReceiveAttrs() { - if (!this.get('expandFn')) { - this.set('expandFn', (item) => { - item.toggleProperty('expanded'); - }); - } - }, - -}); diff --git a/lib/global-admin/addon/components/form-basic-policy/template.hbs b/lib/global-admin/addon/components/form-basic-policy/template.hbs deleted file mode 100644 index 0a3993de53..0000000000 --- a/lib/global-admin/addon/components/form-basic-policy/template.hbs +++ /dev/null @@ -1,34 +0,0 @@ -{{#accordion-list-item - title=(t 'formBasicPodSecurityPolicy.title') - detail=(t 'formBasicPodSecurityPolicy.detail') - status=status - statusClass=statusClass - expandAll=expandAll - expand=(action expandFn) -}} - {{#each basicPolicies as |row index|}} -
- {{#each row as |policy|}} -
- - {{#if (and readOnly (get model policy))}} -
- -
- {{else if readOnly}} -
- -
- {{else}} -
- -
-
- -
- {{/if}} -
- {{/each}} -
- {{/each}} -{{/accordion-list-item}} diff --git a/lib/global-admin/addon/components/form-capability-policy/component.js b/lib/global-admin/addon/components/form-capability-policy/component.js deleted file mode 100644 index 29998785bc..0000000000 --- a/lib/global-admin/addon/components/form-capability-policy/component.js +++ /dev/null @@ -1,92 +0,0 @@ -import Component from '@ember/component'; -import layout from './template'; - -// @TODO-2.0 This api doesn't work. this.get('store').getById('schema','container').get('resourceFields.capAdd').options.sort(); -const choices = [ - 'AUDIT_CONTROL', - 'AUDIT_WRITE', - 'BLOCK_SUSPEND', - 'CHOWN', - 'DAC_OVERRIDE', - 'DAC_READ_SEARCH', - 'FOWNER', - 'FSETID', - 'IPC_LOCK', - 'IPC_OWNER', - 'KILL', - 'LEASE', - 'LINUX_IMMUTABLE', - 'MAC_ADMIN', - 'MAC_OVERRIDE', - 'MKNOD', - 'NET_ADMIN', - 'NET_BIND_SERVICE', - 'NET_BROADCAST', - 'NET_RAW', - 'SETFCAP', - 'SETGID', - 'SETPCAP', - 'SETUID', - 'SYSLOG', - 'SYS_ADMIN', - 'SYS_BOOT', - 'SYS_CHROOT', - 'SYS_MODULE', - 'SYS_NICE', - 'SYS_PACCT', - 'SYS_PTRACE', - 'SYS_RAWIO', - 'SYS_RESOURCE', - 'SYS_TIME', - 'SYS_TTY_CONFIG', - 'WAKE_ALARM' -]; - -export default Component.extend({ - layout, - - classNames: ['accordion-wrapper'], - - model: null, - basicPolicies: null, - - readOnly: false, - - capabilityChoices: null, - - statusClass: null, - status: null, - init() { - this._super(...arguments); - this.initCapability(); - }, - - didReceiveAttrs() { - if (!this.get('expandFn')) { - this.set('expandFn', (item) => { - item.toggleProperty('expanded'); - }); - } - }, - - actions: { - modifyCapabilities(type, select) { - let options = Array.prototype.slice.call(select.target.options, 0); - let selectedOptions = []; - - options.filterBy('selected', true).forEach((cap) => { - return selectedOptions.push(cap.value); - }); - - this.set(`model.${ type }`, selectedOptions); - }, - }, - - initCapability() { - this.set('model.allowedCapabilities', this.get('model.allowedCapabilities') || []); - this.set('model.defaultAddCapabilities', this.get('model.defaultAddCapabilities') || []); - this.set('model.requiredDropCapabilities', this.get('model.requiredDropCapabilities') || []); - this.set('capabilityChoices', choices); - }, - -}); diff --git a/lib/global-admin/addon/components/form-capability-policy/template.hbs b/lib/global-admin/addon/components/form-capability-policy/template.hbs deleted file mode 100644 index f276e74e40..0000000000 --- a/lib/global-admin/addon/components/form-capability-policy/template.hbs +++ /dev/null @@ -1,74 +0,0 @@ -{{#accordion-list-item - title=(t 'formCapabilityPodSecurityPolicy.title') - detail=(t 'formCapabilityPodSecurityPolicy.detail') - status=status - statusClass=statusClass - expandAll=expandAll - expand=(action expandFn) -}} -
-
- - {{#if readOnly}} - {{#if model.allowedCapabilities.length}} -
- {{#each model.allowedCapabilities as |choice index|}} - {{if index ", "}} {{choice}} - {{/each}} -
- {{else}} -
{{t 'generic.none'}}
- {{/if}} - {{else}} - - {{/if}} -
- -
- - {{#if readOnly}} - {{#if model.defaultAddCapabilities.length}} -
- {{#each model.defaultAddCapabilities as |choice index|}} - {{if index ", "}} {{choice}} - {{/each}} -
- {{else}} -
{{t 'generic.none'}}
- {{/if}} - {{else}} - - {{/if}} -
- -
- - {{#if readOnly}} - {{#if model.requiredDropCapabilities.length}} -
- {{#each model.requiredDropCapabilities as |choice index|}} - {{if index ", "}} {{choice}} - {{/each}} -
- {{else}} -
{{t 'generic.none'}}
- {{/if}} - {{else}} - - {{/if}} -
- -
-{{/accordion-list-item}} diff --git a/lib/global-admin/addon/components/form-fsgroup-policy/component.js b/lib/global-admin/addon/components/form-fsgroup-policy/component.js deleted file mode 100644 index 4da7ed6d35..0000000000 --- a/lib/global-admin/addon/components/form-fsgroup-policy/component.js +++ /dev/null @@ -1,59 +0,0 @@ -import Component from '@ember/component'; -import { inject as service } from '@ember/service'; -import layout from './template'; -import { observer } from '@ember/object'; - -export default Component.extend({ - globalStore: service(), - layout, - - model: null, - readOnly: false, - - classNames: ['accordion-wrapper'], - - statusClass: null, - status: null, - init() { - this._super(...arguments); - this.set('model.fsGroup', this.get('model.fsGroup') || this.get('globalStore').createRecord({ - type: 'fsGroupStrategyOptions', - rule: 'RunAsAny', - })); - }, - - didReceiveAttrs() { - if (!this.get('expandFn')) { - this.set('expandFn', (item) => { - item.toggleProperty('expanded'); - }); - } - }, - - actions: { - add() { - this.get('model.fsGroup.ranges').pushObject( - this.get('globalStore').createRecord({ - type: 'idRange', - min: 0, - max: 6, - }) - ); - }, - remove(obj) { - this.get('model.fsGroup.ranges').removeObject(obj); - }, - }, - - ruleDidChange: observer('model.fsGroup.rule', function() { - const rule = this.get('model.fsGroup.rule'); - - if (rule === 'MustRunAs') { - this.set('model.fsGroup.ranges', []); - this.send('add'); - } else { - this.set('model.fsGroup.ranges', null); - } - }), - -}); diff --git a/lib/global-admin/addon/components/form-fsgroup-policy/template.hbs b/lib/global-admin/addon/components/form-fsgroup-policy/template.hbs deleted file mode 100644 index 3440833782..0000000000 --- a/lib/global-admin/addon/components/form-fsgroup-policy/template.hbs +++ /dev/null @@ -1,70 +0,0 @@ -{{#accordion-list-item - title=(t 'formFsGroupPodSecurityPolicy.title') - detail=(t 'formFsGroupPodSecurityPolicy.detail') - status=status - statusClass=statusClass - expandAll=expandAll - expand=(action expandFn) -}} -
- {{#if (and readOnly (eq model.fsGroup.rule "RunAsAny"))}} - {{t 'formFsGroupPodSecurityPolicy.rule.runAsAny'}} - {{else if readOnly}} - {{t 'formFsGroupPodSecurityPolicy.rule.mustRunAs'}} - {{else}} -
- -
-
- -
- {{/if}} -
- - {{#if (eq model.fsGroup.rule "MustRunAs")}} -
- {{#if (eq model.fsGroup.rule "MustRunAs")}} - - - - - - - - {{#each model.fsGroup.ranges as |range|}} - - - - - - - {{/each}} -
- {{input class="form-control input-sm" type="number" disabled=readOnly value=range.min placeholder=(t 'formFsGroupPodSecurityPolicy.range.min.placeholder')}} - -

- 		- {{input class="form-control input-sm" type="number" disabled=readOnly value=range.max placeholder=(t 'formFsGroupPodSecurityPolicy.range.max.placeholder')}} - - {{#unless readOnly}} - - {{/unless}} -
- {{/if}} - {{#unless readOnly}} -
- -
- {{/unless}} -
- {{/if}} - -{{/accordion-list-item}} diff --git a/lib/global-admin/addon/components/form-hostpath-policy/component.js b/lib/global-admin/addon/components/form-hostpath-policy/component.js deleted file mode 100644 index 9c0828c7d1..0000000000 --- a/lib/global-admin/addon/components/form-hostpath-policy/component.js +++ /dev/null @@ -1,52 +0,0 @@ -import Component from '@ember/component'; -import { inject as service } from '@ember/service'; -import layout from './template'; -import { observer } from '@ember/object' - - -export default Component.extend({ - globalStore: service(), - layout, - - classNames: ['accordion-wrapper'], - - - model: null, - paths: null, - readOnly: false, - - statusClass: null, - status: null, - init() { - this._super(...arguments); - this.set('model.allowedHostPaths', this.get('model.allowedHostPaths') || []); - this.set('paths', this.get('model.allowedHostPaths')); - }, - - didReceiveAttrs() { - if (!this.get('expandFn')) { - this.set('expandFn', (item) => { - item.toggleProperty('expanded'); - }); - } - }, - - actions: { - add() { - this.get('paths').pushObject( - this.get('globalStore').createRecord({ - type: 'allowedHostPath', - pathPrefix: '', - }) - ); - }, - remove(obj) { - this.get('paths').removeObject(obj); - }, - }, - - pathDidChange: observer('paths.@each.pathPrefix', function() { - this.set('model.allowedHostPaths', this.get('paths').filter((p) => p.pathPrefix)); - }), - -}); diff --git a/lib/global-admin/addon/components/form-hostpath-policy/template.hbs b/lib/global-admin/addon/components/form-hostpath-policy/template.hbs deleted file mode 100644 index 554832dd7b..0000000000 --- a/lib/global-admin/addon/components/form-hostpath-policy/template.hbs +++ /dev/null @@ -1,38 +0,0 @@ -{{#accordion-list-item - title=(t 'formAllowedHostPathsPodSecurityPolicy.title') - detail=(t 'formAllowedHostPathsPodSecurityPolicy.detail') - status=status - statusClass=statusClass - expandAll=expandAll - expand=(action expandFn) -}} -
- {{#if paths.length}} -
- {{#each paths as |item|}} - {{#if readOnly}} -
{{item.pathPrefix}}
- {{else}} -
-
- {{input type="text" value=item.pathPrefix classNames="form-control input-sm" placeholder=(t 'formAllowedHostPathsPodSecurityPolicy.path.placeholder')}} -
-
-
- {{/if}} - {{/each}} -
- {{else if readOnly}} -
{{t 'generic.none'}}
- {{/if}} - {{#unless readOnly}} -
- -
- {{/unless}} -
-{{/accordion-list-item}} diff --git a/lib/global-admin/addon/components/form-hostports-policy/component.js b/lib/global-admin/addon/components/form-hostports-policy/component.js deleted file mode 100644 index 94708e6bef..0000000000 --- a/lib/global-admin/addon/components/form-hostports-policy/component.js +++ /dev/null @@ -1,46 +0,0 @@ -import Component from '@ember/component'; -import { inject as service } from '@ember/service'; -import layout from './template'; - - -export default Component.extend({ - globalStore: service(), - - - layout, - classNames: ['accordion-wrapper'], - - model: null, - readOnly: false, - - statusClass: null, - status: null, - init() { - this._super(...arguments); - this.set('model.hostPorts', this.get('model.hostPorts') || []); - }, - - didReceiveAttrs() { - if (!this.get('expandFn')) { - this.set('expandFn', (item) => { - item.toggleProperty('expanded'); - }); - } - }, - - actions: { - add() { - this.get('model.hostPorts').pushObject( - this.get('globalStore').createRecord({ - type: 'hostPortRange', - min: 6000, - max: 7000, - }) - ); - }, - remove(obj) { - this.get('model.hostPorts').removeObject(obj); - }, - }, - -}); diff --git a/lib/global-admin/addon/components/form-hostports-policy/template.hbs b/lib/global-admin/addon/components/form-hostports-policy/template.hbs deleted file mode 100644 index 5377d8e34b..0000000000 --- a/lib/global-admin/addon/components/form-hostports-policy/template.hbs +++ /dev/null @@ -1,53 +0,0 @@ -{{#accordion-list-item - title=(t 'formHostPortsPodSecurityPolicy.title') - detail=(t 'formHostPortsPodSecurityPolicy.detail') - status=status - statusClass=statusClass - expandAll=expandAll - expand=(action expandFn) -}} -
- {{#if model.hostPorts.length}} - - - - - - - - {{#each model.hostPorts as |port|}} - - - - - - - {{/each}} -
- {{input class="form-control input-sm" type="number" disabled=readOnly value=port.min placeholder=(t 'formHostPortsPodSecurityPolicy.port.min.placeholder')}} - -

- 		- {{input class="form-control input-sm" type="number" disabled=readOnly value=port.max placeholder=(t 'formHostPortsPodSecurityPolicy.port.max.placeholder')}} - - {{#unless readOnly}} - - {{/unless}} -
- {{else if readOnly}} -
{{t 'generic.none'}}
- {{/if}} - - {{#unless readOnly}} -
- -
- {{/unless}} -
-{{/accordion-list-item}} diff --git a/lib/global-admin/addon/components/form-runasgroup-policy/component.js b/lib/global-admin/addon/components/form-runasgroup-policy/component.js deleted file mode 100644 index 02d8170ff7..0000000000 --- a/lib/global-admin/addon/components/form-runasgroup-policy/component.js +++ /dev/null @@ -1,60 +0,0 @@ -import Component from '@ember/component'; -import { inject as service } from '@ember/service'; -import layout from './template'; -import { observer, get, set } from '@ember/object'; - -export default Component.extend({ - globalStore: service(), - layout, - - classNames: ['accordion-wrapper'], - - - model: null, - readOnly: false, - statusClass: null, - status: null, - - init() { - this._super(...arguments); - set(this, 'model.runAsGroup', get(this, 'model.runAsGroup') || get(this, 'globalStore').createRecord({ - type: 'runAsGroupStrategyOptions', - rule: 'RunAsAny', - })); - }, - - didReceiveAttrs() { - if (!get(this, 'expandFn')) { - set(this, 'expandFn', (item) => { - item.toggleProperty('expanded'); - }); - } - }, - - actions: { - add() { - get(this, 'model.runAsGroup.ranges').pushObject( - get(this, 'globalStore').createRecord({ - type: 'idRange', - min: 1, - max: 6, - }) - ); - }, - remove(obj) { - get(this, 'model.runAsGroup.ranges').removeObject(obj); - }, - }, - - ruleDidChange: observer('model.runAsGroup.rule', function() { - const rule = get(this, 'model.runAsGroup.rule'); - - if (rule === 'MustRunAs' || rule === 'MayRunAs') { - set(this, 'model.runAsGroup.ranges', []); - this.send('add'); - } else { - set(this, 'model.runAsGroup.ranges', null); - } - }), - -}); diff --git a/lib/global-admin/addon/components/form-runasgroup-policy/template.hbs b/lib/global-admin/addon/components/form-runasgroup-policy/template.hbs deleted file mode 100644 index 213ba46d77..0000000000 --- a/lib/global-admin/addon/components/form-runasgroup-policy/template.hbs +++ /dev/null @@ -1,113 +0,0 @@ -{{#accordion-list-item - title=(t "formRunAsGroupPodSecurityPolicy.title") - detail=(t "formRunAsGroupPodSecurityPolicy.detail") - status=status - statusClass=statusClass - expandAll=expandAll - expand=(action expandFn) -}} -
- {{#if (and readOnly (eq model.runAsGroup.rule "RunAsAny"))}} - {{t "formRunAsGroupPodSecurityPolicy.rule.runAsAny"}} - {{else if (and readOnly (eq model.runAsGroup.rule "MayRunAs"))}} - {{t "formRunAsGroupPodSecurityPolicy.rule.mayRunAs"}} - {{else if (and readOnly (eq model.runAsGroup.rule "MustRunAs"))}} - {{t "formRunAsGroupPodSecurityPolicy.rule.mustRunAs"}} - {{else}} -
- -
-
- -
-
- -
- {{/if}} -
- {{#if (or (eq model.runAsGroup.rule "MustRunAs") (eq model.runAsGroup.rule "MayRunAs"))}} -
- {{#if (or (eq model.runAsGroup.rule "MustRunAs") (eq model.runAsGroup.rule "MayRunAs"))}} - - - - - - - - {{#each model.runAsGroup.ranges as |range|}} - - - - - - - {{/each}} -
- {{input - class="form-control input-sm" - type="number" - disabled=readOnly - value=range.min - placeholder=(t "formRunAsGroupPodSecurityPolicy.range.min.placeholder") - }} - -

- -

- 		- {{input - class="form-control input-sm" - type="number" - disabled=readOnly - value=range.max - placeholder=(t "formRunAsGroupPodSecurityPolicy.range.max.placeholder") - }} - - {{#unless readOnly}} - - {{/unless}} -
- {{/if}} - {{#unless readOnly}} -
- -
- {{/unless}} -
- {{/if}} -{{/accordion-list-item}} \ No newline at end of file diff --git a/lib/global-admin/addon/components/form-runasuser-policy/component.js b/lib/global-admin/addon/components/form-runasuser-policy/component.js deleted file mode 100644 index 56cfa620d7..0000000000 --- a/lib/global-admin/addon/components/form-runasuser-policy/component.js +++ /dev/null @@ -1,60 +0,0 @@ -import Component from '@ember/component'; -import { inject as service } from '@ember/service'; -import layout from './template'; -import { observer } from '@ember/object'; - -export default Component.extend({ - globalStore: service(), - layout, - - classNames: ['accordion-wrapper'], - - - model: null, - readOnly: false, - - statusClass: null, - status: null, - init() { - this._super(...arguments); - this.set('model.runAsUser', this.get('model.runAsUser') || this.get('globalStore').createRecord({ - type: 'runAsUserStrategyOptions', - rule: 'RunAsAny', - })); - }, - - didReceiveAttrs() { - if (!this.get('expandFn')) { - this.set('expandFn', (item) => { - item.toggleProperty('expanded'); - }); - } - }, - - actions: { - add() { - this.get('model.runAsUser.ranges').pushObject( - this.get('globalStore').createRecord({ - type: 'idRange', - min: 1, - max: 6, - }) - ); - }, - remove(obj) { - this.get('model.runAsUser.ranges').removeObject(obj); - }, - }, - - ruleDidChange: observer('model.runAsUser.rule', function() { - const rule = this.get('model.runAsUser.rule'); - - if (rule === 'MustRunAs') { - this.set('model.runAsUser.ranges', []); - this.send('add'); - } else { - this.set('model.runAsUser.ranges', null); - } - }), - -}); diff --git a/lib/global-admin/addon/components/form-runasuser-policy/template.hbs b/lib/global-admin/addon/components/form-runasuser-policy/template.hbs deleted file mode 100644 index 0de342a71c..0000000000 --- a/lib/global-admin/addon/components/form-runasuser-policy/template.hbs +++ /dev/null @@ -1,77 +0,0 @@ -{{#accordion-list-item - title=(t 'formRunAsUserPodSecurityPolicy.title') - detail=(t 'formRunAsUserPodSecurityPolicy.detail') - status=status - statusClass=statusClass - expandAll=expandAll - expand=(action expandFn) -}} -
- {{#if (and readOnly (eq model.runAsUser.rule "RunAsAny"))}} - {{t 'formRunAsUserPodSecurityPolicy.rule.runAsAny'}} - {{else if (and readOnly (eq model.runAsUser.rule "MustRunAsNonRoot"))}} - {{t 'formRunAsUserPodSecurityPolicy.rule.mustRunAsNonRoot'}} - {{else if (and readOnly (eq model.runAsUser.rule "MustRunAs"))}} - {{t 'formRunAsUserPodSecurityPolicy.rule.mustRunAs'}} - {{else}} -
- -
-
- -
-
- -
- {{/if}} -
- - {{#if (eq model.runAsUser.rule "MustRunAs")}} -
- {{#if (eq model.runAsUser.rule "MustRunAs")}} - - - - - - - - {{#each model.runAsUser.ranges as |range|}} - - - - - - - {{/each}} -
- {{input class="form-control input-sm" type="number" disabled=readOnly value=range.min placeholder=(t 'formRunAsUserPodSecurityPolicy.range.min.placeholder')}} - -

- 		- {{input class="form-control input-sm" type="number" disabled=readOnly value=range.max placeholder=(t 'formRunAsUserPodSecurityPolicy.range.max.placeholder')}} - - {{#unless readOnly}} - - {{/unless}} -
- {{/if}} - - {{#unless readOnly}} -
- -
- {{/unless}} -
- {{/if}} - -{{/accordion-list-item}} diff --git a/lib/global-admin/addon/components/form-selinux-policy/component.js b/lib/global-admin/addon/components/form-selinux-policy/component.js deleted file mode 100644 index 939bb69c49..0000000000 --- a/lib/global-admin/addon/components/form-selinux-policy/component.js +++ /dev/null @@ -1,50 +0,0 @@ -import Component from '@ember/component'; -import { inject as service } from '@ember/service'; -import layout from './template'; -import { observer } from '@ember/object'; - -export default Component.extend({ - globalStore: service(), - layout, - - classNames: ['accordion-wrapper'], - - model: null, - readOnly: false, - - statusClass: null, - status: null, - init() { - this._super(...arguments); - this.set('model.seLinux', this.get('model.seLinux') || this.get('globalStore').createRecord({ - type: 'seLinuxStrategyOptions', - rule: 'RunAsAny', - })); - }, - - didReceiveAttrs() { - if (!this.get('expandFn')) { - this.set('expandFn', (item) => { - item.toggleProperty('expanded'); - }); - } - }, - - ruleDidChange: observer('model.seLinux.rule', function() { - const rule = this.get('model.seLinux.rule'); - - if (rule === 'RunAsAny') { - this.set('model.seLinux.seLinuxOptions', null); - } else { - if (!this.get('model.seLinux.seLinuxOptions')){ - this.set('model.seLinux.seLinuxOptions', this.get('globalStore').createRecord({ - type: 'seLinuxOptions', - level: '', - role: '', - user: '', - })); - } - } - }), - -}); diff --git a/lib/global-admin/addon/components/form-selinux-policy/template.hbs b/lib/global-admin/addon/components/form-selinux-policy/template.hbs deleted file mode 100644 index c65e30272a..0000000000 --- a/lib/global-admin/addon/components/form-selinux-policy/template.hbs +++ /dev/null @@ -1,41 +0,0 @@ -{{#accordion-list-item - title=(t 'formSeLinuxodSecurityPolicy.title') - detail=(t 'formSeLinuxodSecurityPolicy.detail') - status=status - statusClass=statusClass - expandAll=expandAll - expand=(action expandFn) -}} -
- {{#if (and readOnly (eq model.seLinux.rule "MustRunAs"))}} - {{t 'formSeLinuxodSecurityPolicy.rule.mustRunAs'}} - {{else if (and readOnly (eq model.seLinux.rule "RunAsAny"))}} - {{t 'formSeLinuxodSecurityPolicy.rule.runAsAny'}} - {{else}} -
- -
-
- -
- {{/if}} -
- - {{#if (eq model.seLinux.rule "MustRunAs")}} -
-
- - {{input type="text" value=model.seLinux.seLinuxOptions.level disabled=readOnly classNames="form-control input-sm" placeholder=(t 'formSeLinuxodSecurityPolicy.level.placeholder')}} -
-
- - {{input type="text" value=model.seLinux.seLinuxOptions.role disabled=readOnly classNames="form-control input-sm" placeholder=(t 'formSeLinuxodSecurityPolicy.role.placeholder')}} -
-
- - {{input type="text" value=model.seLinux.seLinuxOptions.user disabled=readOnly classNames="form-control input-sm" placeholder=(t 'formSeLinuxodSecurityPolicy.user.placeholder')}} -
-
- {{/if}} - -{{/accordion-list-item}} diff --git a/lib/global-admin/addon/components/form-supplementalgroups-policy/component.js b/lib/global-admin/addon/components/form-supplementalgroups-policy/component.js deleted file mode 100644 index 637c356862..0000000000 --- a/lib/global-admin/addon/components/form-supplementalgroups-policy/component.js +++ /dev/null @@ -1,59 +0,0 @@ -import Component from '@ember/component'; -import { inject as service } from '@ember/service'; -import layout from './template'; -import { observer } from '@ember/object'; - -export default Component.extend({ - globalStore: service(), - layout, - - classNames: ['accordion-wrapper'], - - model: null, - readOnly: false, - - statusClass: null, - status: null, - init() { - this._super(...arguments); - this.set('model.supplementalGroups', this.get('model.supplementalGroups') || this.get('globalStore').createRecord({ - type: 'supplementalGroupsStrategyOptions', - rule: 'RunAsAny', - })); - }, - - didReceiveAttrs() { - if (!this.get('expandFn')) { - this.set('expandFn', (item) => { - item.toggleProperty('expanded'); - }); - } - }, - - actions: { - add() { - this.get('model.supplementalGroups.ranges').pushObject( - this.get('globalStore').createRecord({ - type: 'idRange', - min: 0, - max: 6, - }) - ); - }, - remove(obj) { - this.get('model.supplementalGroups.ranges').removeObject(obj); - }, - }, - - ruleDidChange: observer('model.supplementalGroups.rule', function() { - const rule = this.get('model.supplementalGroups.rule'); - - if (rule === 'MustRunAs') { - this.set('model.supplementalGroups.ranges', []); - this.send('add'); - } else { - this.set('model.supplementalGroups.ranges', null); - } - }), - -}); diff --git a/lib/global-admin/addon/components/form-supplementalgroups-policy/template.hbs b/lib/global-admin/addon/components/form-supplementalgroups-policy/template.hbs deleted file mode 100644 index d96716938e..0000000000 --- a/lib/global-admin/addon/components/form-supplementalgroups-policy/template.hbs +++ /dev/null @@ -1,73 +0,0 @@ -{{#accordion-list-item - title=(t 'formSupplementalGroupsPodSecurityPolicy.title') - detail=(t 'formSupplementalGroupsPodSecurityPolicy.detail') - status=status - statusClass=statusClass - expandAll=expandAll - expand=(action expandFn) -}} -
- {{#if (and readOnly (eq model.supplementalGroups.rule "MustRunAs"))}} - {{t 'formSupplementalGroupsPodSecurityPolicy.rule.mustRunAs'}} - {{else if (and readOnly (eq model.supplementalGroups.rule "RunAsAny"))}} - {{t 'formSupplementalGroupsPodSecurityPolicy.rule.runAsAny'}} - {{else}} -
- -
-
- -
- {{/if}} -
- - {{#if (eq model.supplementalGroups.rule "MustRunAs")}} -
- {{#if (eq model.supplementalGroups.rule "MustRunAs")}} - - - - - - - - {{#each model.supplementalGroups.ranges as |range|}} - - - - - - - {{/each}} -
- {{input class="form-control input-sm" type="number" disabled=readOnly value=range.min placeholder=(t 'formSupplementalGroupsPodSecurityPolicy.range.min.placeholder')}} - -

- 		- {{input class="form-control input-sm" type="number" disabled=readOnly value=range.max placeholder=(t 'formSupplementalGroupsPodSecurityPolicy.range.max.placeholder')}} - - {{#unless readOnly}} - - {{/unless}} -
- {{/if}} - - {{#unless readOnly}} -
- -
- {{/unless}} -
- {{/if}} - -{{/accordion-list-item}} diff --git a/lib/global-admin/addon/components/form-volume-policy/component.js b/lib/global-admin/addon/components/form-volume-policy/component.js deleted file mode 100644 index 50e21a9bc0..0000000000 --- a/lib/global-admin/addon/components/form-volume-policy/component.js +++ /dev/null @@ -1,51 +0,0 @@ -import Component from '@ember/component'; -import layout from './template'; -import C from 'ui/utils/constants'; - -const choices = C.VOLUME_POLICIES; - -export default Component.extend({ - layout, - - classNames: ['accordion-wrapper'], - - model: null, - basicPolicies: null, - readOnly: false, - - volumeChoices: null, - - statusClass: null, - status: null, - init() { - this._super(...arguments); - this.initVolume(); - }, - - didReceiveAttrs() { - if (!this.get('expandFn')) { - this.set('expandFn', (item) => { - item.toggleProperty('expanded'); - }); - } - }, - - actions: { - modifyVolumes(type, select) { - let options = Array.prototype.slice.call(select.target.options, 0); - let selectedOptions = []; - - options.filterBy('selected', true).forEach((cap) => { - return selectedOptions.push(cap.value); - }); - - this.set('model.volumes', selectedOptions); - }, - }, - - initVolume() { - this.set('model.volumes', this.get('model.volumes') || []); - this.set('volumeChoices', choices); - }, - -}); diff --git a/lib/global-admin/addon/components/form-volume-policy/template.hbs b/lib/global-admin/addon/components/form-volume-policy/template.hbs deleted file mode 100644 index 4e4d73a251..0000000000 --- a/lib/global-admin/addon/components/form-volume-policy/template.hbs +++ /dev/null @@ -1,31 +0,0 @@ -{{#accordion-list-item - title=(t 'formVolumePodSecurityPolicy.title') - detail=(t 'formVolumePodSecurityPolicy.detail') - status=status - statusClass=statusClass - expandAll=expandAll - expand=(action expandFn) -}} -
-
- - {{#if readOnly}} - {{#if model.volumes.length}} -
- {{#each model.volumes as |choice index|}} - {{if index ", "}} {{choice}} - {{/each}} -
- {{else}} -
{{t 'generic.none'}}
- {{/if}} - {{else}} - - {{/if}} -
-
-{{/accordion-list-item}} diff --git a/lib/global-admin/addon/components/new-edit-policy/component.js b/lib/global-admin/addon/components/new-edit-policy/component.js deleted file mode 100644 index 81891dcb4f..0000000000 --- a/lib/global-admin/addon/components/new-edit-policy/component.js +++ /dev/null @@ -1,36 +0,0 @@ -import { inject as service } from '@ember/service'; -import Component from '@ember/component'; -import NewOrEdit from 'ui/mixins/new-or-edit'; -import { set } from '@ember/object'; - -export default Component.extend(NewOrEdit, { - intl: service(), - router: service(), - - model: null, - readOnly: false, - - actions: { - cancel() { - this.goBack(); - }, - - setLabels(labels) { - let out = {}; - - labels.forEach((row) => { - out[row.key] = row.value; - }); - - set(this, 'model.labels', out); - }, - }, - - goBack() { - this.get('router').transitionTo('global-admin.security.policies.index'); - }, - - doneSaving() { - this.goBack(); - }, -}); diff --git a/lib/global-admin/addon/components/new-edit-policy/template.hbs b/lib/global-admin/addon/components/new-edit-policy/template.hbs deleted file mode 100644 index df4d1dc1f0..0000000000 --- a/lib/global-admin/addon/components/new-edit-policy/template.hbs +++ /dev/null @@ -1,150 +0,0 @@ -
-
-

- {{#if editing}} - {{t "podSecurityPoliciesPage.editPodSecurityPolicy"}} - {{else if readOnly}} - {{t "podSecurityPoliciesPage.detail.header"}}: {{model.name}} - {{else}} - {{t "podSecurityPoliciesPage.addPodSecurityPolicy"}} - {{/if}} -

-
-
- -{{#if (and readOnly model.description)}} -
- {{banner-message - color="bg-secondary mb-0 mt-10" - message=(linkify model.description) - }} -
-{{/if}} - -{{#unless readOnly}} -
- {{form-name-description - model=model - nameRequired=false - namePlaceholder="podSecurityPoliciesPage.new.form.name.placeholder" - }} -
-{{/unless}} - -
- {{#accordion-list as |al expandFn|}} -
- {{form-basic-policy - model=model - expandAll=al.expandAll - expandFn=expandFn - readOnly=readOnly - }} -
- -
- {{form-capability-policy - model=model - expandAll=al.expandAll - expandFn=expandFn - readOnly=readOnly - }} -
- -
- {{form-volume-policy - model=model - expandAll=al.expandAll - expandFn=expandFn - readOnly=readOnly - }} -
- -
- {{form-hostpath-policy - model=model - expandAll=al.expandAll - expandFn=expandFn - readOnly=readOnly - }} -
- -
- {{form-fsgroup-policy - model=model - expandAll=al.expandAll - expandFn=expandFn - readOnly=readOnly - }} -
- -
- {{form-hostports-policy - model=model - expandAll=al.expandAll - expandFn=expandFn - readOnly=readOnly - }} -
- -
- {{form-runasuser-policy - model=model - expandAll=al.expandAll - expandFn=expandFn - readOnly=readOnly - }} -
- -
- {{form-runasgroup-policy - model=model - expandAll=al.expandAll - expandFn=expandFn - readOnly=readOnly - }} -
- -
- {{form-selinux-policy - model=model - expandAll=al.expandAll - expandFn=expandFn - readOnly=readOnly - }} -
- -
- {{form-supplementalgroups-policy - model=model - expandAll=al.expandAll - expandFn=expandFn - readOnly=readOnly - }} -
- -
- {{form-labels-annotations - labelErrors=labelErrors - initialLabels=model.labels - setLabels=(action "setLabels") - expandAll=al.expandAll - expandFn=expandFn - model=model - editing=editing - }} -
- - {{/accordion-list}} -
- - -{{top-errors errors=errors}} - -{{#unless readOnly}} - {{save-cancel - editing=editing - save=(action "save") - cancel=(action "cancel") - }} -{{/unless}} diff --git a/lib/global-admin/addon/security/policies/detail/route.js b/lib/global-admin/addon/security/policies/detail/route.js deleted file mode 100644 index a0f6d8ed77..0000000000 --- a/lib/global-admin/addon/security/policies/detail/route.js +++ /dev/null @@ -1,18 +0,0 @@ -import Route from '@ember/routing/route'; -import { inject as service } from '@ember/service'; - -export default Route.extend({ - globalStore: service(), - - model(params) { - return this.get('globalStore').find('podSecurityPolicyTemplate').then((policies) => { - const policy = policies.findBy('id', params.policy_id); - - if (!policy) { - this.replaceWith('security.policies.index'); - } - - return { policy, } - }); - }, -}); diff --git a/lib/global-admin/addon/security/policies/detail/template.hbs b/lib/global-admin/addon/security/policies/detail/template.hbs deleted file mode 100644 index c70128ce78..0000000000 --- a/lib/global-admin/addon/security/policies/detail/template.hbs +++ /dev/null @@ -1 +0,0 @@ -{{new-edit-policy model=model.policy editing=false readOnly=true}} \ No newline at end of file diff --git a/lib/global-admin/addon/security/policies/edit/route.js b/lib/global-admin/addon/security/policies/edit/route.js deleted file mode 100644 index 0a6ef2aae9..0000000000 --- a/lib/global-admin/addon/security/policies/edit/route.js +++ /dev/null @@ -1,18 +0,0 @@ -import Route from '@ember/routing/route'; -import { inject as service } from '@ember/service'; - -export default Route.extend({ - globalStore: service(), - - model(params) { - return this.get('globalStore').find('podSecurityPolicyTemplate').then((policies) => { - const policy = policies.findBy('id', params.policy_id); - - if (!policy) { - this.replaceWith('security.policies.index'); - } - - return { policy: policy.clone(), } - }); - }, -}); diff --git a/lib/global-admin/addon/security/policies/edit/template.hbs b/lib/global-admin/addon/security/policies/edit/template.hbs deleted file mode 100644 index 5a4b377703..0000000000 --- a/lib/global-admin/addon/security/policies/edit/template.hbs +++ /dev/null @@ -1 +0,0 @@ -{{new-edit-policy model=model.policy editing=true}} \ No newline at end of file diff --git a/lib/global-admin/addon/security/policies/index/controller.js b/lib/global-admin/addon/security/policies/index/controller.js deleted file mode 100644 index ec93b21e96..0000000000 --- a/lib/global-admin/addon/security/policies/index/controller.js +++ /dev/null @@ -1,24 +0,0 @@ -import Controller from '@ember/controller'; -import FilterState from 'ui/mixins/filter-state'; - -const headers = [ - { - translationKey: 'podSecurityPoliciesPage.index.table.name', - name: 'name', - sort: ['name'], - }, - { - translationKey: 'generic.created', - name: 'created', - sort: ['created'], - searchField: false, - classNames: 'text-right pr-20', - width: '200', - }, -] - -export default Controller.extend(FilterState, { - sortBy: 'name', - headers, - searchText: '', -}); diff --git a/lib/global-admin/addon/security/policies/index/route.js b/lib/global-admin/addon/security/policies/index/route.js deleted file mode 100644 index 90587db15f..0000000000 --- a/lib/global-admin/addon/security/policies/index/route.js +++ /dev/null @@ -1,10 +0,0 @@ -import Route from '@ember/routing/route'; -import { inject as service } from '@ember/service'; - -export default Route.extend({ - globalStore: service(), - - model() { - return this.get('globalStore').find('podSecurityPolicyTemplate'); - }, -}); diff --git a/lib/global-admin/addon/security/policies/index/template.hbs b/lib/global-admin/addon/security/policies/index/template.hbs deleted file mode 100644 index cff33547a6..0000000000 --- a/lib/global-admin/addon/security/policies/index/template.hbs +++ /dev/null @@ -1,47 +0,0 @@ -
-

{{t 'podSecurityPoliciesPage.index.header'}}

- -
- {{#link-to "security.policies.new" classNames="btn btn-sm bg-primary right-divider-btn" disabled=(rbac-prevents resource="podsecuritypolicytemplate" scope="global" permission="create")}} - {{t 'podSecurityPoliciesPage.addPodSecurityPolicy'}} {{/link-to}} -
-
- -
- {{#sortable-table - classNames="grid" - descending=descending - sortBy=sortBy - headers=headers - searchText=searchText - body=filtered - as |sortable kind row dt| - }} - {{#if (eq kind "row")}} - - - {{check-box nodeId=row.id}} - - - {{#link-to "security.policies.detail" row.id}} - {{row.name}} - {{/link-to}} - - - {{date-calendar row.created}} - - - {{action-menu model=row}} - - - {{else if (eq kind "nomatch")}} - - {{t 'podSecurityPoliciesPage.index.table.noMatch'}} - - {{else if (eq kind "norows")}} - - {{t 'podSecurityPoliciesPage.index.table.noData'}} - - {{/if}} - {{/sortable-table}} -
diff --git a/lib/global-admin/addon/security/policies/new/route.js b/lib/global-admin/addon/security/policies/new/route.js deleted file mode 100644 index 57eb3022e0..0000000000 --- a/lib/global-admin/addon/security/policies/new/route.js +++ /dev/null @@ -1,22 +0,0 @@ -import Route from '@ember/routing/route'; -import { inject as service } from '@ember/service'; - -export default Route.extend({ - globalStore: service(), - - model() { - var policy = this.get('globalStore').createRecord({ - type: 'podSecurityPolicyTemplate', - name: '', - allowPrivilegeEscalation: false, - defaultAllowPrivilegeEscalation: false, - hostIPC: false, - hostNetwork: false, - hostPID: false, - privileged: false, - readOnlyRootFilesystem: false, - }); - - return { policy, } - }, -}); diff --git a/lib/global-admin/addon/security/policies/new/template.hbs b/lib/global-admin/addon/security/policies/new/template.hbs deleted file mode 100644 index 7df0bd9687..0000000000 --- a/lib/global-admin/addon/security/policies/new/template.hbs +++ /dev/null @@ -1 +0,0 @@ -{{new-edit-policy model=model.policy editing=false}} diff --git a/lib/global-admin/addon/security/roles/detail/route.js b/lib/global-admin/addon/security/roles/detail/route.js index 33794e2990..32056b7d09 100644 --- a/lib/global-admin/addon/security/roles/detail/route.js +++ b/lib/global-admin/addon/security/roles/detail/route.js @@ -8,8 +8,6 @@ export default Route.extend({ roleTemplateService: service('roleTemplate'), model(params) { - const store = get(this, 'globalStore'); - let role = null; if (get(params, 'type') && get(params, 'type') === 'global') { @@ -19,12 +17,10 @@ export default Route.extend({ } return hash({ - policies: store.find('podSecurityPolicyTemplate'), role, - roles: get(this, 'roleTemplateService').fetchFilteredRoleTemplates(null, null), + roles: get(this, 'roleTemplateService').fetchFilteredRoleTemplates(null, null), }).then((hash) => { return { - policies: hash.policies, role: hash.role.clone(), roles: hash.roles, }; diff --git a/lib/global-admin/addon/security/roles/edit/route.js b/lib/global-admin/addon/security/roles/edit/route.js index 74b8abdfeb..cff79a1221 100644 --- a/lib/global-admin/addon/security/roles/edit/route.js +++ b/lib/global-admin/addon/security/roles/edit/route.js @@ -8,8 +8,6 @@ export default Route.extend({ roleTemplateService: service('roleTemplate'), model(params) { - const store = get(this, 'globalStore'); - let role = null; if (get(params, 'type') && get(params, 'type') === 'global') { @@ -19,12 +17,10 @@ export default Route.extend({ } return hash({ - policies: store.find('podSecurityPolicyTemplate'), role, - roles: get(this, 'roleTemplateService').fetchFilteredRoleTemplates(null, null), + roles: get(this, 'roleTemplateService').fetchFilteredRoleTemplates(null, null), }).then((hash) => { return { - policies: hash.policies, role: hash.role.clone(), roles: hash.roles, }; diff --git a/lib/global-admin/addon/security/roles/new/route.js b/lib/global-admin/addon/security/roles/new/route.js index d39805a9f1..07b91a45a9 100644 --- a/lib/global-admin/addon/security/roles/new/route.js +++ b/lib/global-admin/addon/security/roles/new/route.js @@ -11,7 +11,6 @@ export default Route.extend({ const store = get(this, 'globalStore'); return hash({ - policies: store.find('podSecurityPolicyTemplate'), roles: get(this, 'roleTemplateService').fetchFilteredRoleTemplates(null, null), globalRoles: store.find('globalRole'), }).then( (res) => { diff --git a/lib/shared/addon/components/cluster-driver/driver-import/component.js b/lib/shared/addon/components/cluster-driver/driver-import/component.js index 71aa0e24ed..ac7e575b81 100644 --- a/lib/shared/addon/components/cluster-driver/driver-import/component.js +++ b/lib/shared/addon/components/cluster-driver/driver-import/component.js @@ -73,14 +73,6 @@ export default Component.extend(ClusterDriver, { return } - const { modalService } = this; - const { isK3sCluster } = this; - - modalService.toggleModal('modal-confirm-imported-upgrade', { - finish: this.confirmUpgrade.bind(this), - btnCB: cb, - isK3sCluster, - }); }, }, diff --git a/lib/shared/addon/components/cluster-driver/driver-rke/component.js b/lib/shared/addon/components/cluster-driver/driver-rke/component.js index 8bf034558c..04ec7782b8 100644 --- a/lib/shared/addon/components/cluster-driver/driver-rke/component.js +++ b/lib/shared/addon/components/cluster-driver/driver-rke/component.js @@ -480,14 +480,6 @@ export default InputTextFile.extend(ManageLabels, ClusterDriver, { this.initScheduledClusterScan(); }), - pspSupportChanged: observer('config.services.kubeApi.podSecurityPolicy', function(){ - const pspEnabled = get(this, 'kubeApiPodSecurityPolicy') - - if (!pspEnabled && get(this, 'cluster.defaultPodSecurityPolicyTemplateId')){ - set(this, 'cluster.defaultPodSecurityPolicyTemplateId', '') - } - }), - enforcementChanged: on('init', observer('settings.clusterTemplateEnforcement', function() { let { access: { me: { hasAdmin: globalAdmin = null } }, @@ -704,33 +696,6 @@ export default InputTextFile.extend(ManageLabels, ClusterDriver, { return (this.clusterOptErrors || []).length === 0; }), - kubeApiPodSecurityPolicy: computed('config.services.kubeApi.podSecurityPolicy', { - get() { - let pspConfig = get(this, 'config.services.kubeApi'); - - if (typeof pspConfig === 'undefined') { - return false; - } - - return get(pspConfig, 'podSecurityPolicy'); - }, - set(key, value) { - if (typeof get(this, 'config.services') === 'undefined') { - set(this, 'config.services', get(this, 'globalStore').createRecord({ - type: 'rkeConfigServices', - kubeApi: get(this, 'globalStore').createRecord({ - type: 'kubeAPIService', - podSecurityPolicy: value, - }), - })); - } else { - set(this, 'config.services', { kubeApi: { podSecurityPolicy: value } }); - } - - return value; - } - }), - psaOpts: computed('model.psacs.[]', function(){ let psacs = get(this, 'model.psacs').toArray() const intl = get(this, 'intl'); @@ -748,29 +713,6 @@ export default InputTextFile.extend(ManageLabels, ClusterDriver, { return selectedVersion ? satisfies(selectedVersion, '>=1.23.0') : true }), - supportsPSP: computed('config.kubernetesVersion', function() { - // rke config supports PSP if version <= 1.25.0 - const selectedVersion = coerceVersion(get(this, 'config.kubernetesVersion')) - - return selectedVersion ? satisfies(selectedVersion, '<=1.25.0') : true - }), - - disablePSPWarning: computed('supportsPSP', 'kubeApiPodSecurityPolicy', 'isEdit', function() { - if (!get(this, 'kubeApiPodSecurityPolicy')){ - return false - } - - return !get(this, 'supportsPSP') && get(this, 'kubeApiPodSecurityPolicy') - }), - - - pspInfoBanner: computed('supportsPSP', function(){ - const { supportsPSP } = this; - const intl = get(this, 'intl') - - return supportsPSP ? intl.t('clusterNew.psp.deprecatedInfoBanner') : intl.t('clusterNew.psp.removedInfoBanner') - }), - monitoringProvider: computed('config.monitoring', { get() { let monitoringConfig = get(this, 'config.monitoring'); @@ -1290,20 +1232,6 @@ export default InputTextFile.extend(ManageLabels, ClusterDriver, { } } - if ( get(config, 'services.kubeApi.podSecurityPolicy') && - !get(this, 'primaryResource.defaultPodSecurityPolicyTemplateId') ) { - errors.push(intl.t('clusterNew.psp.required')); - } - - if ( get(config, 'services.kubeApi.podSecurityPolicy') ){ - if (!get(this, 'primaryResource.defaultPodSecurityPolicyTemplateId') ) { - errors.push(intl.t('clusterNew.psp.required')); - } - if (!get(this, 'supportsPSP')){ - errors.push(intl.t('clusterNew.psp.unsupported')); - } - } - if (get(this, 'config.services.etcd.snapshot')) { errors = this.validateEtcdService(errors); } @@ -1614,11 +1542,6 @@ export default InputTextFile.extend(ManageLabels, ClusterDriver, { secretsEncryptionConfig: globalStore.createRecord({ type: 'secretsEncryptionConfig' }), } - if (satisfies(defaultVersion, '<1.25.0')){ - kubeApiDefaults.podSecurityPolicy = false - } - - const rkeConfig = globalStore.createRecord({ type: 'rancherKubernetesEngineConfig', ignoreDockerVersion: true, diff --git a/lib/shared/addon/components/cluster-driver/driver-rke/template.hbs b/lib/shared/addon/components/cluster-driver/driver-rke/template.hbs index 4cf3e60e21..e2eeb9253a 100644 --- a/lib/shared/addon/components/cluster-driver/driver-rke/template.hbs +++ b/lib/shared/addon/components/cluster-driver/driver-rke/template.hbs @@ -402,114 +402,6 @@ -
- {{#if disablePSPWarning}} -
- -
- {{else}} -
- -
- {{/if}} - {{#if (or supportsPSP config.services.kubeApi.podSecurityPolicy)}} -
- - - {{#input-or-display - editable=(or (and notView supportsPSP) config.services.kubeApi.podSecurityPolicy cluster.defaultPodSecurityPolicyId) - value=config.services.kubeApi.podSecurityPolicy - }} -
- -
-
- -
- {{/input-or-display}} - -
-
- {{#if config.services.kubeApi.podSecurityPolicy}} - - - {{#input-or-display - editable=notView - value=cluster.defaultPodSecurityPolicyTemplateId - }} - {{new-select - content=model.psps - optionLabelPath="displayName" - optionValuePath="id" - prompt="clusterNew.psp.prompt" - localizedPrompt=true - value=cluster.defaultPodSecurityPolicyTemplateId - disabled=(not config.services.kubeApi.podSecurityPolicy) - }} - {{/input-or-display}} - - {{else}} - -
{{t "generic.none"}}
- {{/if}} -
- {{/if}} -
{{#if supportsPSA}}
diff --git a/lib/shared/addon/components/cru-cluster-template-questions/component.js b/lib/shared/addon/components/cru-cluster-template-questions/component.js index b8ac665b01..9c6e019dc7 100644 --- a/lib/shared/addon/components/cru-cluster-template-questions/component.js +++ b/lib/shared/addon/components/cru-cluster-template-questions/component.js @@ -36,10 +36,6 @@ const clusterTemplateTranslationMap = [ key: 'defaultClusterRoleForProjectMembers', translationKey: 'clusterTemplateQuestions.schemaLabels.defaultClusterRoleForProjectMembers' }, - { - key: 'defaultPodSecurityPolicyTemplateId', - translationKey: 'clusterTemplateQuestions.schemaLabels.defaultPodSecurityPolicyTemplateId' - }, { key: 'desiredAgentImage', translationKey: 'clusterTemplateQuestions.schemaLabels.desiredAgentImage' diff --git a/lib/shared/addon/components/cru-cluster-template/template.hbs b/lib/shared/addon/components/cru-cluster-template/template.hbs index 9fed87a92c..07c320759e 100644 --- a/lib/shared/addon/components/cru-cluster-template/template.hbs +++ b/lib/shared/addon/components/cru-cluster-template/template.hbs @@ -90,7 +90,6 @@ model=(hash cluster=(mut cluster) originalCluster=originalCluster - psps=psps psacs=psacs clusterTemplateRevision=clusterTemplateRevision ) diff --git a/lib/shared/addon/components/cru-cluster/component.js b/lib/shared/addon/components/cru-cluster/component.js index feac2e6701..a9df6e75ce 100644 --- a/lib/shared/addon/components/cru-cluster/component.js +++ b/lib/shared/addon/components/cru-cluster/component.js @@ -537,7 +537,6 @@ export default Component.extend(ViewNewEdit, ChildHook, { rancherKubernetesEngineConfig, enableNetworkPolicy, defaultClusterRoleForProjectMembers, - defaultPodSecurityPolicyTemplateId, } = this.primaryResource._cachedConfig; setProperties(this.primaryResource, { @@ -545,7 +544,6 @@ export default Component.extend(ViewNewEdit, ChildHook, { rancherKubernetesEngineConfig, enableNetworkPolicy, defaultClusterRoleForProjectMembers, - defaultPodSecurityPolicyTemplateId, }); } }, diff --git a/lib/shared/addon/components/modal-confirm-imported-upgrade/component.js b/lib/shared/addon/components/modal-confirm-imported-upgrade/component.js deleted file mode 100644 index af4e083bb0..0000000000 --- a/lib/shared/addon/components/modal-confirm-imported-upgrade/component.js +++ /dev/null @@ -1,28 +0,0 @@ -import { alias } from '@ember/object/computed'; -import Component from '@ember/component'; -import ModalBase from 'shared/mixins/modal-base'; -import layout from './template'; - -export default Component.extend(ModalBase, { - layout, - classNames: ['medium-modal'], - btnCB: alias('modalService.modalOpts.btnCB'), - isK3sCluster: alias('modalService.modalOpts.isK3sCluster'), - - actions: { - confirm() { - const { btnCB } = this; - - this.modalService.modalOpts.finish(this.close.bind(this), false, btnCB); - }, - cancel() { - const { btnCB } = this; - - this.modalService.modalOpts.finish(this.close.bind(this), true, btnCB); - }, - }, - - close() { - this.send('close'); - } -}); diff --git a/lib/shared/addon/components/modal-confirm-imported-upgrade/template.hbs b/lib/shared/addon/components/modal-confirm-imported-upgrade/template.hbs deleted file mode 100644 index 8cdabb1be9..0000000000 --- a/lib/shared/addon/components/modal-confirm-imported-upgrade/template.hbs +++ /dev/null @@ -1,22 +0,0 @@ -
-

- {{t "managedImportClusterInfo.pspUpgradeWarning.modalTitle"}} -

-
-
- {{#if isK3sCluster}} - {{t "managedImportClusterInfo.pspUpgradeWarning.k3sWarning" htmlSafe=true}} - {{else}} - {{t "managedImportClusterInfo.pspUpgradeWarning.rke2Warning" htmlSafe=true}} - {{/if}} -
-
- -
- - -
\ No newline at end of file diff --git a/lib/shared/addon/utils/constants.js b/lib/shared/addon/utils/constants.js index 8af236c50e..73bbcb4e9b 100644 --- a/lib/shared/addon/utils/constants.js +++ b/lib/shared/addon/utils/constants.js @@ -353,16 +353,6 @@ var C = { 'watch', ], - BASIC_POD_SECURITY_POLICIES: [ - 'allowPrivilegeEscalation', - 'defaultAllowPrivilegeEscalation', - 'hostIPC', - 'hostNetwork', - 'hostPID', - 'privileged', - 'readOnlyRootFilesystem' - ], - VOLUME_POLICIES: [ 'azureFile', 'azureDisk', @@ -445,14 +435,11 @@ var C = { 'PersistentVolumes', 'PodDisruptionBudgets', 'PodPreset', - 'PodSecurityPolicies', 'PodTemplates', 'Pods', 'PipelineExecutionLogs', 'PipelineExecutions', 'Pipelines', - 'PodSecurityPolicyTemplateProjectBindings', - 'PodSecurityPolicyTemplates', 'Preferences', 'Principals', 'ProjectAlerts', @@ -929,7 +916,6 @@ C.NETWORK_QUESTIONS = { // these fields are filtered when launching a cluster with a template because they have UI components C.CLUSTER_TEMPLATE_IGNORED_OVERRIDES = [ - 'defaultPodSecurityPolicyTemplateId', 'dockerRootDir', 'enableNetworkPolicy', 'windowsPreferedCluster', @@ -958,7 +944,6 @@ C.CLUSTER_TEMPLATE_IGNORED_OVERRIDES = [ 'rancherKubernetesEngineConfig.services.etcd.backupConfig.s3BackupConfig.region', 'rancherKubernetesEngineConfig.services.etcd.backupConfig.s3BackupConfig.secretKey', 'rancherKubernetesEngineConfig.services.etcd.backupConfig.s3BackupConfig.folder', - 'rancherKubernetesEngineConfig.services.kubeApi.podSecurityPolicy', 'rancherKubernetesEngineConfig.services.kubeApi.podSecurityConfiguration', 'rancherKubernetesEngineConfig.services.kubeApi.serviceNodePortRange', ] diff --git a/lib/shared/app/components/modal-confirm-imported-upgrade/component.js b/lib/shared/app/components/modal-confirm-imported-upgrade/component.js deleted file mode 100644 index 5c2c62bed3..0000000000 --- a/lib/shared/app/components/modal-confirm-imported-upgrade/component.js +++ /dev/null @@ -1 +0,0 @@ -export { default } from 'shared/components/modal-confirm-imported-upgrade/component'; \ No newline at end of file diff --git a/translations/ar-sa.yaml b/translations/ar-sa.yaml index 0be51517db..19e9df19d7 100644 --- a/translations/ar-sa.yaml +++ b/translations/ar-sa.yaml @@ -235,29 +235,6 @@ appDetailPage: title: الشِفرات detail: الشِفرات المرتبطة بهذا التطبيق nodata: هذا التطبيق لا يملك شِفرات -podSecurityPoliciesPage: - index: - header: سياسة أمان ال Pod - description: تطبيق سياسات ال Pod التي تم إنشاؤها من قبل المستخدم مع هذا الدور - table: - name: الإسم - created: وقت الانشاء - noData: لم يتم تعريف سياسات الأمان لل Pod - noMatch: لا توجد سياسات أمان Pod تطابق البحث الحالي - addPodSecurityPolicy: إضافة السياسة - editPodSecurityPolicy: تعديل السياسة - detail: - header: السياسة العامة - saveEdit: تعديل - saveNew: إنشاء - new: - errors: - nameReq: يجب إدخال الإسم - nameInExists: الاسم موجود مسبقاً. يرجى استخدام اسم سياسة أمان Pod جديد. - form: - name: - labelText: الإسم - placeholder: "على سبيل المثال ,السياسة" rolesPage: title: الدور headers: diff --git a/translations/de-de.yaml b/translations/de-de.yaml index 62277911d5..324be8db19 100644 --- a/translations/de-de.yaml +++ b/translations/de-de.yaml @@ -363,29 +363,6 @@ alertPage: greater-or-equal: Größer oder gleich less-or-equal: Weniger oder gleich has-value: Nicht Null -podSecurityPoliciesPage: - index: - header: Pod-Sicherheitsrichtlinien - description: Richtlinien auf Pods anwenden, die von einem Benutzer mit dieser Rolle erstellt wurden - table: - name: Name - created: Erstellungszeit - noData: Es sind keine Sicherheitsrichtlinien für Pods definiert - noMatch: Keine Pod-Sicherheitsrichtlinien für die Suchanfrage gefunden - addPodSecurityPolicy: Neue Richtlinie - editPodSecurityPolicy: Richtlinie bearbeiten - detail: - header: Richtlinie - saveEdit: Bearbeiten - saveNew: Erstellen - new: - errors: - nameReq: Name ist erforderlich. - nameInExists: Der Name ist bereits vorhanden. Bitte verwenden Sie einen neuen Namen für die Pod-Sicherheitsrichtlinie. - form: - name: - labelText: Name - placeholder: "z.B. Richtlinie" rolesPage: title: Rolle headers: @@ -1003,8 +980,6 @@ projectsPage: placeholder: z.B. Labor created: label: Erstellt - psp: - label: Pod-Sicherheitsrichtlinien resourceQuota: title: Ressourcenkontingente detail: Konfigurieren Sie, wie viel Ressourcen das Projekt reservieren kann @@ -2438,11 +2413,6 @@ clusterNew: detail: Passen Sie die zu erstellenden Knoten an customize: title: Cluster-Optionen - psp: - label: Standard-Pod-Sicherheitsrichtlinie - prompt: Wählen Sie eine Pod-Sicherheitsrichtlinie aus... - none: Es sind keine Richtlinien definiert - required: Eine Standard-Pod-Sicherheitsrichtlinie ist erforderlich, wenn Support aktiviert ist. amazoneks: label: Amazon Elastic Container-Dienst für Kubernetes shortLabel: Amazon EKS @@ -2765,7 +2735,6 @@ clusterNew: worker: mindestens 1 kubeApi: ipRange: Service Cluster IP-Bereich - podSecurityPolicy: Pod-Sicherheitsrichtlinien kubeController: label: Kube-Controller kubelet: @@ -3716,33 +3685,6 @@ formVolumes: placeholder: 'z.B. rancher-nfs; Standard: lokal' noLaunchConfigs: Keine anderen Start-Configs in diesem Dienst, um Datenspeicher zu teilen. onlySingleHost: Nur verfügbar, wenn Sie einen Container zu einem bestimmten Host hinzufügen. -formAllowedHostPathsPodSecurityPolicy: - path: - placeholder: z.B. /foo -formFsGroupPodSecurityPolicy: - range: - max: - placeholder: z.B. 6 - min: - placeholder: z.B. 1 -formHostPortsPodSecurityPolicy: - port: - max: - placeholder: z.B. 7000 - min: - placeholder: z.B. 6000 -formRunAsUserPodSecurityPolicy: - range: - max: - placeholder: z.B. 6 - min: - placeholder: z.B. 1 -formSupplementalGroupsPodSecurityPolicy: - range: - max: - placeholder: z.B. 6 - min: - placeholder: z.B. 1 formReservation: limitCpu: placeholder: z.B. 1000 diff --git a/translations/en-us.yaml b/translations/en-us.yaml index 0222896757..cb591807b1 100644 --- a/translations/en-us.yaml +++ b/translations/en-us.yaml @@ -430,30 +430,6 @@ alertPage: less-or-equal: Less Or Equal has-value: Not Null -podSecurityPoliciesPage: - index: - header: Pod Security Policy Templates - description: Apply Policies to Pods created by a user with this Role - table: - name: Name - created: Created Time - noData: There are no pod security policy templates defined - noMatch: No pod security policy templates match the current search - addPodSecurityPolicy: Add Policy Template - editPodSecurityPolicy: Edit Policy Template - detail: - header: Policy Template - saveEdit: Edit - saveNew: Create - new: - errors: - nameReq: Name is required. - nameInExists: Name is already exists. Please use a new pod security policy template name. - form: - name: - labelText: Name - placeholder: "e.g. policy" - rolesPage: title: Role headers: @@ -1349,8 +1325,6 @@ projectsPage: placeholder: e.g. lab created: label: Created - psp: - label: Pod Security Policy resourceQuota: title: Resource Quotas detail: Configure how much of the resources the project can consume @@ -3745,8 +3719,6 @@ clusterNew: prompt: Select VM OS placement: label: Placement - pod: - label: Pod Security Policies privateCluster: label: Enable Private Cluster warning: AKS private clusters is an advanced use case which requires {appName} to be running on the same NAT as the AKS nodes. Before enabling private clusters ensure you have read through the AKS cluster provisioning docs for instructions on configuring AKS so nodes may communicate with {appName}. @@ -4545,14 +4517,6 @@ clusterNew: shortLabel: Open Telekom Cloud CCE psa: label: Pod Security Admission Configuration Template - psp: - label: Default Pod Security Policy - none: No policies are defined - prompt: Select a Pod Security Policy... - required: A Default Pod Security Policy is required when support is enabled. - unsupported: Pod security policies are not supported in the version selected; please disable PSP support and use PodSecurity Admission instead. - deprecatedInfoBanner: Pod Security Policies are deprecated as of Kubernetes v1.21, and have been removed in Kubernetes v1.25. - removedInfoBanner: Pod Security Policies have been removed in Kubernetes v1.25, use PodSecurity Admission instead. rancherd: shortLabel: RancherD register: @@ -4695,7 +4659,6 @@ clusterNew: kubeApi: ipRange: Service Cluster IP Range label: Kube API - podSecurityPolicy: Pod Security Policy kubeController: cidr: Cluster CIDR ipRange: Service Cluster IP Range @@ -4764,8 +4727,6 @@ clusterNew: template: Template templatePrompt: Choose a Template... title: Node Pools - podSecurityPolicy: - label: Pod Security Policy Support registry: custom: 'A custom registry:' default: The default registry (DockerHub) @@ -5107,7 +5068,6 @@ clusterTemplateQuestions: noData: 'No overrides' schemaLabels: defaultClusterRoleForProjectMembers: 'Default Cluster Role For Project Members' - defaultPodSecurityPolicyTemplateId: 'Default Pod Security Policy Template Id' desiredAgentImage: 'Desired Agent Image' desiredAuthImage: 'Desired Auth Image' dockerRootDir: 'Docker Root Directory' @@ -6882,9 +6842,6 @@ formGlobalRoles: nodetemplates-manage: label: Manage Node Templates detail: Allows the user to define, edit, and remove Node Templates. - podsecuritypolicytemplates-manage: - label: Manage Pod Security Policies (PSPs) - detail: Allows the user to define, edit, and remove PSPs. roles-manage: label: Manage Roles detail: Allows the user to define, edit, and remove Role definitions. @@ -7696,148 +7653,6 @@ formVolumes: mountPoint: Mount Point opts: Access/Options -formCapabilityPodSecurityPolicy: - title: Capability Policies - detail: Config set of capability Policies - capabilities: - allow: Allowed Capabilities - add: Default Add Capabilities - drop: Required Drop Capabilities - -formVolumePodSecurityPolicy: - title: Volume Policy - detail: Control the usage of volume types - volumes: Volumes - -formAllowedHostPathsPodSecurityPolicy: - title: Allowed Host Paths Policy - detail: Whitelist of allowed host paths - path: - addLabel: Add Path Prefix - placeholder: e.g. /foo - -formFsGroupPodSecurityPolicy: - title: FS Group Policy - detail: Allocating an FSGroup that owns the pod’s volumes - rule: - mustRunAs: MustRunAs - Requires at least one range to be specified. Uses the minimum value of the first range as the default. Validates against the first ID in the first range. - runAsAny: RunAsAny - No default provided. Allows any fsGroup ID to be specified. - range: - addLabel: Add Range - max: - label: Max - placeholder: e.g. 6 - min: - label: Min - placeholder: e.g. 1 - -formHostPortsPodSecurityPolicy: - title: Host Ports Policy - detail: The use of host ports - port: - addLabel: Add Port Range - max: - label: Max - placeholder: e.g. 7000 - min: - label: Min - placeholder: e.g. 6000 - -formRunAsGroupPodSecurityPolicy: - title: Run As Group Policy - detail: Controls which primary group ID the containers are run with. - rule: - mustRunAs: MustRunAs - Requires a range to be configured. Uses the first value of the range as the default. Validates against the configured range. - mayRunAs: MayRunAs - Does not require that RunAsGroup be specified. However, when RunAsGroup is specified, they have to fall in the defined range. - runAsAny: RunAsAny - No default provided. Allows any runAsGroup to be specified. - range: - addLabel: Add Range - max: - label: Max - placeholder: e.g. 65535 - min: - label: Min - placeholder: e.g. 1 - -formRunAsUserPodSecurityPolicy: - title: Run As User Policy - detail: Controls which user ID the containers are run with. - rule: - mustRunAs: MustRunAs - Requires a range to be configured. Uses the first value of the range as the default. Validates against the configured range. - mustRunAsNonRoot: MustRunAsNonRoot - Requires that the pod be submitted with a non-zero runAsUser or have the USER directive defined in the image. No default provided. - runAsAny: RunAsAny - No default provided. Allows any runAsUser to be specified. - range: - addLabel: Add Range - max: - label: Max - placeholder: e.g. 6 - min: - label: Min - placeholder: e.g. 1 - -formSeLinuxodSecurityPolicy: - title: SELinux Policy - detail: The SELinux context of the container - rule: - mustRunAs: MustRunAs - Uses seLinuxOptions as the default. Validates against seLinuxOptions. - runAsAny: RunAsAny - Allows any seLinuxOptions to be specified - level: - label: Level - placeholder: e.g. level - role: - label: Role - placeholder: e.g. role - user: - label: User - placeholder: e.g. user - -formSupplementalGroupsPodSecurityPolicy: - title: Supplemental Groups Policy - detail: Configuring allowable supplemental groups - rule: - mustRunAs: MustRunAs - Requires at least one range to be specified. Uses the minimum value of the first range as the default. Validates against all ranges. - runAsAny: RunAsAny - No default provided. Allows any supplementalGroups to be specified. - range: - addLabel: Add Range - max: - label: Max - placeholder: e.g. 6 - min: - label: Min - placeholder: e.g. 1 - -formBasicPodSecurityPolicy: - title: Basic Policies - detail: Config basic pod security policies - allowPrivilegeEscalation: - label: Allow Privilege Escalation - enable: "Yes: Running of a container that allow privilege escalation from its parent" - disable: "No" - defaultAllowPrivilegeEscalation: - label: Default Allow Privilege Escalation - enable: "Yes: Control whether a process can gain more privileges than its parent process" - disable: "No" - hostIPC: - label: Host IPC - enable: "Yes: The use of host’s IPC namespace" - disable: "No" - hostNetwork: - label: Host Network - enable: "Yes: The use of host networking" - disable: "No" - hostPID: - label: Host PID - enable: "Yes: The use of host’s PID namespace" - disable: "No" - privileged: - label: Privileged - enable: "Yes: Running of privileged containers" - disable: "No" - readOnlyRootFilesystem: - label: Read Only Root Filesystem - enable: "Yes: Requiring the use of a read only root file system" - disable: "No" - formReservation: limitCpu: label: '{component} CPU Limit' @@ -7999,11 +7814,6 @@ managedImportClusterInfo: drainWorkerNodes: Drain Worker Nodes error: int: Concurrency values must be integer values - pspUpgradeWarning: - modalTitle: 'Are you sure?' - k3sWarning: 'Kubernetes has removed support for Pod Security Policies (PSPs) starting with version 1.25. If you proceed with the upgrade, any PSPs that may be present in the cluster will no longer be available/enforced. If this is a hardened k3s cluster (or PodSecurityPolicy admission controller is enabled), please follow the instructions here before you proceed with saving the changes to the cluster.' - rke2Warning: 'Kubernetes has removed support for Pod Security Policies (PSPs) starting with version 1.25. Please follow the instructions here to manually prepare the cluster for the upgrade before you proceed with saving the changes to the cluster.' - proceed: Proceed k3sNodeEnvVarSection: title: K3S Node Environment Variables @@ -10613,7 +10423,6 @@ nav: tab: Security roles: Roles members: Members - podSecurityPolicies: Pod Security Policies authentication: Authentication settings: tab: Settings diff --git a/translations/es-es.yaml b/translations/es-es.yaml index 884b75a79a..637e83ee44 100644 --- a/translations/es-es.yaml +++ b/translations/es-es.yaml @@ -266,29 +266,6 @@ appDetailPage: title: Secretos detail: Secretos asociados con esta aplicación nodata: Esta aplicación no tiene secretos -podSecurityPoliciesPage: - index: - header: Políticas de Seguridad de Pod - description: Aplicar políticas a Pods creados por un usuario con este rol - table: - name: Nombre - created: Momento de creación - noData: No hay políticas de seguridad de pod definidas - noMatch: Ninguna política de seguridad de pod coincide con la búsqueda actual - addPodSecurityPolicy: Agregar política - editPodSecurityPolicy: Editar política - detail: - header: Política - saveEdit: Editar - saveNew: Crear - new: - errors: - nameReq: Se requiere nombre. - nameInExists: El nombre ya existe. Utilice un nuevo nombre para el Pod de política de seguridad. - form: - name: - labelText: Nombre - placeholder: "ej. politica" rolesPage: title: Rol index: @@ -738,8 +715,6 @@ projectsPage: placeholder: ej. lab created: label: Fecha de Creacion - psp: - label: Política de seguridad del Pod resourceQuota: title: Cuotas de recursos detail: Configure la cantidad de recursos que el proyecto puede consumir @@ -1770,11 +1745,6 @@ clusterNew: detail: Personaliza los nodos que se crearán customize: title: Opciones del Clúster - psp: - label: Política de seguridad del Pod - prompt: Seleccione una Política de Seguridad de Pod ... - none: No hay roles definidos - required: Se requiere una Política de Seguridad de Pod predeterminada cuando la compatibilidad está habilitada. amazoneks: label: Servicio de Amazon Elastic Container para Kubernetes shortLabel: Amazon EKS @@ -2053,8 +2023,6 @@ clusterNew: label: Versión de Docker en los nodos enabled: Permitir versiones no compatibles disabled: Versión de Docker Incompatible - podSecurityPolicy: - label: Soporte de políticas de seguridad de Pod role: pageheader: Personalizar comando de ejecución de nodo sectionheader: Opciones de nodo @@ -2072,7 +2040,6 @@ clusterNew: kubeApi: label: Kube API ipRange: Rango de IP del clúster de servicios - podSecurityPolicy: Política de seguridad del Pod kubeController: label: Controlador Kube cidr: IP del Clúster @@ -3898,123 +3865,6 @@ formVolumes: source: Fuente mountPoint: Punto de Montaje opts: Acceso / Opciones -formCapabilityPodSecurityPolicy: - title: Políticas de capacidad - detail: Configuración de conjunto de capacidad de las políticas - capabilities: - allow: Capacidades permitidas - add: Capacidades de adición predeterminadas - drop: Capacidades de caída requeridas -formVolumePodSecurityPolicy: - title: Política de volumen - detail: Controle el uso de los tipos de volumen - volumes: Volúmenes -formAllowedHostPathsPodSecurityPolicy: - title: Política de rutas de host permitidas - detail: Lista blanca de rutas de host permitidas - path: - addLabel: Agregar el prefijo de ruta - placeholder: ej. /foo -formFsGroupPodSecurityPolicy: - title: Política de grupo FS - detail: Asignación de un FSGroup que posee los volúmenes del pod - rule: - mustRunAs: MustRunAs - Requiere al menos un rango para ser especificado. Utiliza el valor mínimo del primer rango como valor predeterminado. Valida contra la primera ID en el primer rango. - runAsAny: 'RunAsAny: no se proporciona ningún valor predeterminado. Permite especificar cualquier ID de grupo fs.' - range: - addLabel: Añadir Rango - max: - label: Máximo - placeholder: ej. 6 - min: - label: Mínimo - placeholder: ej. 1 -formHostPortsPodSecurityPolicy: - title: Política de puertos host - detail: El uso de puertos de host - port: - addLabel: Agregar rango de puertos - max: - label: Máximo - placeholder: ej. 7000 - min: - label: Mínimo - placeholder: ej. 6000 -formRunAsUserPodSecurityPolicy: - title: Ejecutar como política de usuario - detail: El ID de usuario - rule: - mustRunAs: MustRunAs - Requiere al menos un rango para ser especificado. Utiliza el valor mínimo del primer rango como valor predeterminado. Valida contra la primera Id en el primer rango. - mustRunAsNonRoot: 'MustRunAsNonRoot: requiere que el pod se envíe con un runAsUser distinto de cero o que la directiva USER esté definida en la imagen. No se proporciona un valor predeterminado.' - runAsAny: 'RunAsAny: no se proporciona ningún valor predeterminado. Permite cualquier runAsUser para ser especificado.' - range: - addLabel: Añadir rango - max: - label: Máximo - placeholder: ej. 6 - min: - label: Mínimo - placeholder: ej. 1 -formSeLinuxodSecurityPolicy: - title: La Política De SELinux - detail: El contexto de SELinux del contenedor - rule: - mustRunAs: 'MustRunAs: utiliza seLinuxOptions como valor predeterminado. Valida contra seLinuxOptions.' - runAsAny: RunAsAny - Permite cualquier seLinuxOptions para ser especificado - level: - label: Nivel - placeholder: ej. nivel - role: - label: Rol - placeholder: ej. rol - user: - label: Usuario - placeholder: ej. usuario -formSupplementalGroupsPodSecurityPolicy: - title: Política de Grupos Suplementarios - detail: Configurando grupos suplementarios permitidos - rule: - mustRunAs: MustRunAs - Requiere al menos un rango para ser especificado. Utiliza el valor mínimo del primer rango como valor predeterminado. Valida contra todos los rangos. - runAsAny: 'RunAsAny: no se proporciona ningún valor predeterminado. Permite especificar cualquier Grupo suplementario.' - range: - addLabel: Añadir rango - max: - label: Máximo - placeholder: ej. 6 - min: - label: Mínimo - placeholder: ej. 1 -formBasicPodSecurityPolicy: - title: Políticas básicas - detail: Políticas de seguridad de configuración pod básica - allowPrivilegeEscalation: - label: Permitir escalada de privilegios - enable: "Sí: se está ejecutando un contenedor que permite la escalada de privilegios desde su padre" - disable: "No" - defaultAllowPrivilegeEscalation: - label: Predeterminado Permitir escalada de privilegios - enable: "Sí: controle si un proceso puede obtener más privilegios que su proceso principal" - disable: "No" - hostIPC: - label: Host IPC - enable: "Sí: el uso del espacio de nombres IPC del host" - disable: "No" - hostNetwork: - label: Red de host - enable: "Sí: el uso de la red de host" - disable: "No" - hostPID: - label: PID de host - enable: "Sí: el uso del espacio de nombres PID del host" - disable: "No" - privileged: - label: Con privilegios - enable: "Sí: funcionamiento de contenedores privilegiados" - disable: "No" - readOnlyRootFilesystem: - label: Sistema de archivos de solo lectura de Root - enable: "Sí: se requiere el uso de un sistema de archivos raíz de solo lectura" - disable: "No" hostSettings: header: URL para Registración de Hosts subtext: '¿Qué URL de base deben utilizar los hosts para conectarse a la API de {appName}?' @@ -5451,7 +5301,6 @@ nav: tab: Seguridad roles: Roles members: Miembros - podSecurityPolicies: Políticas de Seguridad de Pod authentication: Autenticación settings: tab: Ajustes diff --git a/translations/fa-ir.yaml b/translations/fa-ir.yaml index 6b499291a2..6b2cb083dc 100644 --- a/translations/fa-ir.yaml +++ b/translations/fa-ir.yaml @@ -214,22 +214,6 @@ alertPage: notRunning: در حال اجرا نیست notScheduled: زمانبندی نشده removeAlert: حذف این هشدار -podSecurityPoliciesPage: - index: - table: - name: نام - addPodSecurityPolicy: اضافه کردن خط مشی - editPodSecurityPolicy: ویرایش خط مشی - detail: - header: خطی مشی - saveEdit: ویرایش - saveNew: ایجاد - new: - errors: - nameReq: نام الزامی است. - form: - name: - labelText: نام rolesPage: headers: global: سراسری diff --git a/translations/fr-fr.yaml b/translations/fr-fr.yaml index e41b3b7bd5..cfbb518c66 100644 --- a/translations/fr-fr.yaml +++ b/translations/fr-fr.yaml @@ -371,29 +371,6 @@ alertPage: comparison: not-equal: Non égal greater-than: Supérieur à -podSecurityPoliciesPage: - index: - header: Politique de sécurité des Pods - description: Appliquer la politique de sécurité aux Pods créés par un utilisateur possédant ce rôle - table: - name: Nom - created: Créé le - noData: Il n'y a pas de politique de sécurité pour les Pods - noMatch: Aucune stratégie de sécurité de Pod ne correspond à la recherche en cours - addPodSecurityPolicy: Ajouter une stratégie - editPodSecurityPolicy: Modifier la stratégie - detail: - header: Politique - saveEdit: Éditer - saveNew: Créer - new: - errors: - nameReq: Le nom est requis. - nameInExists: Ce nom existe déjà. Veuillez utiliser un nouveau nom de stratégie de sécurité de pod. - form: - name: - labelText: Nom - placeholder: "par exemple la politique" rolesPage: title: Rôle headers: @@ -887,8 +864,6 @@ projectsPage: placeholder: p. ex. lab created: label: Créé - psp: - label: Politique de sécurité des Pods members: title: Membres user: Utilisateur diff --git a/translations/it-it.yaml b/translations/it-it.yaml index 5a715faecd..d9dc4b7544 100644 --- a/translations/it-it.yaml +++ b/translations/it-it.yaml @@ -286,29 +286,6 @@ alertPage: systemServicePlaceholder: Scegli un servizio di sistema targetTypes: systemService: Servizio di sistema -podSecurityPoliciesPage: - index: - header: Politiche di sicurezza Pod - description: Applica criteri ai pod creati da un utente con questo ruolo - table: - name: Nome - created: Ora di creazione - noData: Non ci sono ancora policy di sicurezza per i pod - noMatch: Nessuna politica di sicurezza del pod corrisponde alla ricerca corrente - addPodSecurityPolicy: Aggiungi policy - editPodSecurityPolicy: Modifica policy - detail: - header: Policy - saveEdit: Modifica - saveNew: Crea - new: - errors: - nameReq: Il nome è obbligatorio. - nameInExists: Il nome è già esistente. Utilizzare un nuovo nome per la politica di sicurezza del pod. - form: - name: - labelText: Nome - placeholder: "ad esempio politica" rolesPage: title: Ruolo headers: @@ -708,8 +685,6 @@ projectsPage: placeholder: es. lab created: label: Creato - psp: - label: Politiche di sicurezza Pod members: user: Utente group: Gruppo @@ -1348,8 +1323,6 @@ clusterNew: label: Provider customize: title: Opzioni del cluster - psp: - none: Nessun criterio definito amazoneks: shortLabel: Amazon EKS azureaks: diff --git a/translations/ja-jp.yaml b/translations/ja-jp.yaml index 5f7019cd0c..52d86fc405 100644 --- a/translations/ja-jp.yaml +++ b/translations/ja-jp.yaml @@ -339,29 +339,6 @@ alertPage: editHeader: アラートグループの編集 addRuleHeader: アラートルールを追加 editRuleHeader: アラートルールを編集 -podSecurityPoliciesPage: - index: - header: ポッドセキュリティポリシー - description: このロールを持つユーザーが作成したポッドにポリシーを適用する - table: - name: 名前 - created: 作成日 - noData: まだポッドセキュリティポリシーは定義されていません - noMatch: 検索条件に一致するポッドセキュリティポリシーがありません - addPodSecurityPolicy: ポリシーを追加 - editPodSecurityPolicy: ポリシーを編集 - detail: - header: ポリシー - saveEdit: 編集 - saveNew: 作成 - new: - errors: - nameReq: 名前が必要です - nameInExists: 名前は既に存在します。新しいポッドセキュリティポリシー名を使用してください。 - form: - name: - labelText: 名前 - placeholder: "例: policy" rolesPage: title: ロール headers: @@ -947,8 +924,6 @@ projectsPage: placeholder: '例: lab' created: label: 作成日 - psp: - label: ポッドセキュリティポリシー resourceQuota: title: リソース制限 members: @@ -2167,11 +2142,6 @@ clusterNew: detail: 作成されるノードをカスタマイズする customize: title: クラスターオプション - psp: - label: 既定のPodセキュリティポリシー - prompt: ポッドセキュリティポリシーを選択... - none: ポリシーが定義されていません。 - required: サポートが有効になっている場合、デフォルトのポッドセキュリティポリシーが必要です。 amazoneks: label: Amazon Elastic Container Service for Kubernetes shortLabel: Amazon EKS @@ -2718,8 +2688,6 @@ clusterNew: label: ノードの Docker バージョン enabled: 未サポートのバージョンを許可 disabled: サポートされている Docker バージョンを要求 - podSecurityPolicy: - label: ポッドセキュリティポリシー サポート role: sectionheader: ノードオプション title: ノードロール @@ -2736,7 +2704,6 @@ clusterNew: kubeApi: label: Kube API ipRange: サービスクラスターの IP 範囲 - podSecurityPolicy: ポッドセキュリティポリシー kubeController: label: Kube Controller cidr: クラスター CIDR @@ -4596,132 +4563,6 @@ formVolumes: source: ソース mountPoint: マウントポイント opts: アクセス/オプション -formCapabilityPodSecurityPolicy: - title: ケーパビリティポリシー - detail: ケーパビリティポリシーに関する設定です - capabilities: - allow: 許可されたケーパビリティ - add: デフォルトで追加されるケーパビリティ - drop: ドロップされるべきケーパビリティ -formVolumePodSecurityPolicy: - title: ボリュームポリシー - detail: 利用可能なボリュームタイプを制御します - volumes: ボリューム -formAllowedHostPathsPodSecurityPolicy: - title: 許可されたホストパスポリシー - detail: 許可されたホストパスのホワイトリストです - path: - addLabel: パスプリフィックスを追加 - placeholder: '例: /foo' -formFsGroupPodSecurityPolicy: - title: FS グループポリシー - detail: ポッドのボリュームを所有する FS グループを割り当てます - rule: - mustRunAs: MustRunAs - 少なくとも1つの範囲を指定する必要があります。最初の範囲の最小値をデフォルト値として使用します。最初の範囲の最初のIDに対して検証します。 - runAsAny: RunAsAny - デフォルトはありません。任意の fsGroup ID を指定できます。 - range: - addLabel: 範囲を追加 - max: - label: 最大 - placeholder: '例: 6' - min: - label: 最小 - placeholder: '例: 1' -formHostPortsPodSecurityPolicy: - title: ホストポートポリシー - detail: 使用するホストポートを設定します - port: - addLabel: ポート範囲を追加 - max: - label: 最大 - placeholder: '例: 7000' - min: - label: 最小 - placeholder: '例: 6000' -formRunAsUserPodSecurityPolicy: - title: ユーザー実行ポリシー - detail: ユーザーID - rule: - mustRunAs: MustRunAs - 少なくとも1つの範囲を設定する必要があります。範囲の最初の値をデフォルト値として使用します。検証は設定された範囲に対して行われます。 - mustRunAsNonRoot: MustRunAsNonRoot - ポッドにrunAsUserが0以外で提出されるか、USERディレクティブがイメージ内で定義されている必要があります。デフォルトは提供されていません。 - runAsAny: RunAsAny - デフォルトはありません。任意の runAsUser を指定できます。 - range: - addLabel: 範囲を追加 - max: - label: 最大 - placeholder: '例: 6' - min: - label: 最小 - placeholder: '例: 1' -formSeLinuxodSecurityPolicy: - title: SELinux ポリシー - detail: コンテナに対する SELinux コンテキストを設定します - rule: - mustRunAs: MustRunAs - デフォルトとしてseLinuxOptionsを使用します。検証は seLinuxOptions に対して行います。 - runAsAny: RunAsAny - 任意の seLinuxOptions を指定できるようにする - level: - label: レベル - placeholder: '例: level' - role: - label: ロール - placeholder: '例: role' - user: - label: ユーザー - placeholder: '例: user' -formSupplementalGroupsPodSecurityPolicy: - title: 補足のグループポリシー - detail: 許容される補足的なグループポリシーを設定します - rule: - mustRunAs: MustRunAs - 少なくとも1つの範囲を指定する必要があります。最初の範囲の最小値をデフォルト値として使用します。すべての範囲のIDに対して検証します。 - runAsAny: RunAsAny - デフォルトはありません。任意の supplementalGroups を指定できます。 - range: - addLabel: 範囲を追加 - max: - label: 最大 - placeholder: '例: 6' - min: - label: 最小 - placeholder: '例: 1' -formBasicPodSecurityPolicy: - title: 基本ポリシー - detail: 基本的なポッドセキュリティポリシーに関する設定です - allowPrivilegeEscalation: - label: 権限昇格を許可する - enable: "はい: コンテナの実行時に親からの権限昇格を許可します" - disable: "いいえ" - defaultAllowPrivilegeEscalation: - label: デフォルトの権限昇格を許可する - enable: "はい: プロセスが親プロセスより多くの権限を取得できるかどうかを制御します" - disable: "いいえ" - hostIPC: - label: ホスト IPC - enable: "はい: ホストの IPC 名前空間を使用します" - disable: "いいえ" - hostNetwork: - label: ホストネットワーク - enable: "はい: ホストネットワーキングを使用します" - disable: "いいえ" - hostPID: - label: ホスト PID - enable: "はい: ホストの PID 名前空間を使用します" - disable: "いいえ" - privileged: - label: 特権モード - enable: "はい: 特権付きコンテナを実行します" - disable: "いいえ" - readOnlyRootFilesystem: - label: 読み取り専用ルートファイルシステム - enable: "はい:読み取り専用のルートファイルシステムを使用する必要があります" - disable: "いいえ" -formReservation: - limitCpu: - placeholder: '例: 1000' - limitMemory: - placeholder: '例: 1000' - requestCpu: - placeholder: '例: 1000' - requestMemory: - placeholder: '例: 1000' hostSettings: header: ホスト登録 URL subtext: '{appName} API に接続するための URL は何にしますか?' @@ -6309,7 +6150,6 @@ nav: tab: セキュリティ roles: ロール members: メンバー - podSecurityPolicies: ポッドセキュリティポリシー authentication: 認証 settings: tab: 設定 diff --git a/translations/km-kh.yaml b/translations/km-kh.yaml index d787baabe0..3f95a84853 100644 --- a/translations/km-kh.yaml +++ b/translations/km-kh.yaml @@ -417,29 +417,6 @@ alertPage: greater-or-equal: ធំជាងឬស្មើ less-or-equal: តិចជាងឬស្មើ has-value: មិន Null ទេ -podSecurityPoliciesPage: - index: - header: Pod Security Policies - description: ដាក់ Policies អោយ Pods ដែលបានបង្កើតដោយអ្នកប្រើដែលមាន Role នេះ - table: - name: ឈ្មោះ - created: ពេលវេលាដែលបានបង្កើត - noData: មិនមាន​ pod security policies​ ត្រូវបានកំណត់ទេ - noMatch: មិនមាន pod security policies ត្រូវគ្នានឹងការស្វែងរកទេ - addPodSecurityPolicy: បន្ថែម Policy - editPodSecurityPolicy: កែ Policy - detail: - header: Policy - saveEdit: កែប្រែ - saveNew: បង្កើត - new: - errors: - nameReq: ទាមទារឈ្មោះ។ - nameInExists: ឈ្មោះមានរួចហើយ។ សូមប្រើឈ្មោះ pod security policy​ ថ្មី។ - form: - name: - labelText: ឈ្មោះ - placeholder: "ឧទាហរណ៍ policy" rolesPage: title: Role headers: diff --git a/translations/ko-kr.yaml b/translations/ko-kr.yaml index a9583a2fda..ab53919585 100644 --- a/translations/ko-kr.yaml +++ b/translations/ko-kr.yaml @@ -417,29 +417,6 @@ alertPage: greater-or-equal: 크거나 같음 less-or-equal: 작거나 같음 has-value: 널이 아님 -podSecurityPoliciesPage: - index: - header: Pod 보안 정책 - description: 이 역할의 사용자가 만든 파드에 정책 적용 - table: - name: 이름 - created: 생성 시간 - noData: 포드 보안 정책이 정의되지 않았습니다. - noMatch: 현재 검색과 일치하는 포드 보안 정책이 없습니다. - addPodSecurityPolicy: 정책 추가 - editPodSecurityPolicy: 정책 편집 - detail: - header: 정책 - saveEdit: 수정 - saveNew: 생성 - new: - errors: - nameReq: 이름은 필수 입력사항입니다. - nameInExists: 이름이 이미 있습니다. 새 포드 보안 정책명을 사용하십시요. - form: - name: - labelText: 이름 - placeholder: "예: 정책" rolesPage: title: 역할 headers: @@ -1625,9 +1602,6 @@ formScheduling: hostMax: 최대 노드 수 formAuthCloudCredential: label: 클라우드 자격 증명 -formSeLinuxodSecurityPolicy: - role: - label: 역할 loggingPage: targetNav: tips: diff --git a/translations/nb-no.yaml b/translations/nb-no.yaml index ec8eeb1d57..d6383791b5 100644 --- a/translations/nb-no.yaml +++ b/translations/nb-no.yaml @@ -211,17 +211,6 @@ alertPage: less-than: Mindre enn greater-or-equal: Større eller lik less-or-equal: Mindre eller lik -podSecurityPoliciesPage: - index: - table: - name: Navn - saveEdit: Rediger - new: - errors: - nameReq: Navn er påkrevd. - form: - name: - labelText: Navn rolesPage: title: Rolle index: diff --git a/translations/nl-nl.yaml b/translations/nl-nl.yaml index aaef09804b..dee49582fd 100644 --- a/translations/nl-nl.yaml +++ b/translations/nl-nl.yaml @@ -406,29 +406,6 @@ alertPage: expression: Expressie new: addHeader: Alertgroep toevoegen -podSecurityPoliciesPage: - index: - header: Pod-beveiligingsbeleid - description: Beleid toepassen op pods gemaakt door een gebruiker met deze rol - table: - name: Naam - created: Gemaakt - noData: Er is geen pod beveiligingsbeleid gedefinieerd - noMatch: Geen pod beveiligingsbeleid gevonden dat overeenkomt met de zoekopdracht - addPodSecurityPolicy: Beleid toevoegen - editPodSecurityPolicy: Beleid bewerken - detail: - header: Beleid - saveEdit: Bewerken - saveNew: Aanmaken - new: - errors: - nameReq: Naam is verplicht. - nameInExists: Naam bestaat al. Gebruik een nieuwe naam voor het pod beveiligingsbeleid. - form: - name: - labelText: Naam - placeholder: "bijv. beleid" rolesPage: title: Rol headers: @@ -883,8 +860,6 @@ projectsPage: placeholder: bijv. lab created: label: Aangemaakt - psp: - label: Pod-beveiligingsbeleid resourceQuota: title: Resource quota detail: Configureer hoeveel van de bronnen die het project mag gebruiken diff --git a/translations/pt-br.yaml b/translations/pt-br.yaml index 73730e3685..7d7cd5dbae 100644 --- a/translations/pt-br.yaml +++ b/translations/pt-br.yaml @@ -417,29 +417,6 @@ alertPage: greater-or-equal: Maior ou Igual less-or-equal: Menor Ou Igual has-value: Não Nulo -podSecurityPoliciesPage: - index: - header: Políticas de Segurança Pod - description: Aplicar Políticas de Pods criado por um usuário com essa Função - table: - name: Nome - created: Horário de Criação - noData: Ainda não há políticas de segurança definidas para este pod - noMatch: Nenhuma política de segurança do pod coincide com a pesquisa atual - addPodSecurityPolicy: Adicionar política - editPodSecurityPolicy: Editar Política - detail: - header: Política do site - saveEdit: Editar - saveNew: Criar - new: - errors: - nameReq: Nome é obrigatório. - nameInExists: O nome já existe. Use um novo nome de política de segurança do pod. - form: - name: - labelText: Nome - placeholder: "ex: política" rolesPage: title: Função headers: @@ -1271,8 +1248,6 @@ projectsPage: placeholder: ex. lab created: label: Criado - psp: - label: Políticas de Segurança Pod resourceQuota: title: Cotas de Recursos detail: Configurar quanto dos recursos o projeto pode consumir diff --git a/translations/ru-ru.yaml b/translations/ru-ru.yaml index c3545baa57..60a67556ad 100644 --- a/translations/ru-ru.yaml +++ b/translations/ru-ru.yaml @@ -352,29 +352,6 @@ alertPage: table: displayCondition: notready: Не готов -podSecurityPoliciesPage: - index: - header: Политики безопасности подов - description: Применить политики к элементам, созданным пользователем с этой ролью - table: - name: Имя - created: Время создания - noData: Не определены политики безопасности капсулы - noMatch: Политики безопасности пода не соответствуют текущему поиску - addPodSecurityPolicy: Добавить политику - editPodSecurityPolicy: Изменить политику - detail: - header: Политика - saveEdit: Редактировать - saveNew: Создать - new: - errors: - nameReq: Имя является обязательным для заполнения. - nameInExists: Имя уже существует. Пожалуйста, используйте новое имя политики безопасности стручка. - form: - name: - labelText: Название - placeholder: "например, policy" rolesPage: title: Роль headers: @@ -841,8 +818,6 @@ projectsPage: placeholder: например лаборатории created: label: Создан - psp: - label: Политика Безопасности Пода resourceQuota: title: Квоты ресурсов detail: Настройте, сколько ресурсов может потреблять проект @@ -2673,102 +2648,6 @@ formVolumes: source: Источник mountPoint: Точка монтирования opts: Доступ/Опции -formCapabilityPodSecurityPolicy: - title: Политики возможностей - detail: Конфигурация набора возможностей Политики - capabilities: - allow: Разрешенные возможности - add: Возможности добавления по умолчанию - drop: Требуемые возможности падения -formVolumePodSecurityPolicy: - title: Политика тома - detail: Управление использованием типов томов - volumes: Тома -formAllowedHostPathsPodSecurityPolicy: - title: Политика разрешенных хостов - detail: Белый список разрешенных хостов - path: - addLabel: Добавить префикс пути - placeholder: напр. /foo -formFsGroupPodSecurityPolicy: - title: Групповая политика FS - detail: Выделение FSGroup, владеющей томами - range: - addLabel: Добавить диапазон - max: - label: Макс - placeholder: напр. 6 - min: - label: Мин - placeholder: напр. 1 -formHostPortsPodSecurityPolicy: - title: Политика портов для хостов - detail: Использование портов хоста - port: - addLabel: Добавить диапазон портов - max: - label: Макс - placeholder: напр. 7000 - min: - label: Мин - placeholder: напр. 6000 -formRunAsUserPodSecurityPolicy: - title: Запустить как пользовательскую политику - detail: Идентификатор пользователя - range: - addLabel: Добавить диапазон - max: - label: Макс - placeholder: напр. 6 - min: - label: Мин - placeholder: напр. 1 -formSeLinuxodSecurityPolicy: - title: Политика SELinux - detail: Контекст SELinux контейнера - level: - label: Уровень - placeholder: напр. level - role: - label: Роль - placeholder: напр. role - user: - label: Пользователь - placeholder: напр. user -formSupplementalGroupsPodSecurityPolicy: - title: Политика дополнительных групп - detail: Настройка допустимых дополнительных групп - range: - addLabel: Добавить диапазон - max: - label: Макс - placeholder: напр. 6 - min: - label: Мин - placeholder: напр. 1 -formBasicPodSecurityPolicy: - title: Основные правила - detail: Конфигурировать основные правила безопасности пода - allowPrivilegeEscalation: - label: Разрешить эскалацию привилегий - disable: "Нет" - defaultAllowPrivilegeEscalation: - disable: "Нет" - hostIPC: - label: Хост IPC - disable: "Нет" - hostNetwork: - enable: "Да: Использование сети хоста" - disable: "Нет" - hostPID: - label: Хост PID - disable: "Нет" - privileged: - label: Привилегированное - enable: "Да: Запуск привилегированных контейнеров" - disable: "Нет" - readOnlyRootFilesystem: - disable: "Нет" hostSettings: header: Хост регистрации URL hostUrl: @@ -3180,7 +3059,6 @@ nav: security: tab: Безопасность roles: Роли - podSecurityPolicies: Политики безопасности Устручков authentication: Аунтификация settings: tab: Настройки diff --git a/translations/tr-tr.yaml b/translations/tr-tr.yaml index 6242bb693e..7b9bf97ee4 100644 --- a/translations/tr-tr.yaml +++ b/translations/tr-tr.yaml @@ -390,29 +390,6 @@ alertPage: new: addHeader: Uyarı Grubu Ekle editHeader: Uyarı Grubunu Düzenle -podSecurityPoliciesPage: - index: - header: Pod Güvenlik Politikaları - description: Bu Roldeki bir kullanıcı tarafından oluşturulmuş Podlara Politikaları uygula - table: - name: İsim - created: Oluşturulma Zamanı - noData: Pod güvenlik politikası tanımlanmamış - noMatch: Aramanızla eşleşen bir pod güvenlik politikası bulunamadı - addPodSecurityPolicy: Politika Ekle - editPodSecurityPolicy: Politikayı Düzenle - detail: - header: Politika - saveEdit: Düzenle - saveNew: Oluştur - new: - errors: - nameReq: İsim gereklidir. - nameInExists: Bu isim kullanılmakta. Lütfen pod güvenlik politikası için başka bir isim seçin. - form: - name: - labelText: İsim - placeholder: "örn politika" rolesPage: title: Rol headers: @@ -1078,8 +1055,6 @@ projectsPage: placeholder: örn. laboratuar created: label: Oluşturulma - psp: - label: Pod Güvenlik Politikaları resourceQuota: title: Kaynak Sınırlamaları detail: Projenin ne kadar kaynak tüketebileceğini yapılandırma diff --git a/translations/uk-ua.yaml b/translations/uk-ua.yaml index da455de704..0db81effc9 100644 --- a/translations/uk-ua.yaml +++ b/translations/uk-ua.yaml @@ -380,29 +380,6 @@ alertPage: greater-or-equal: Більше або дорівнює less-or-equal: Менше або дорівнює has-value: Не NULL -podSecurityPoliciesPage: - index: - header: Політики Безпеки Подів - description: Застосувати політики до елементів, створеним користувачем з цією роллю - table: - name: Ім'я - created: Час Створення - noData: Не визначено політику безпеки пода - noMatch: Політики безпеки пода не відповідають поточному пошуку - addPodSecurityPolicy: Додати політику - editPodSecurityPolicy: Змінити політику - detail: - header: Політика - saveEdit: Редагувати - saveNew: Створити - new: - errors: - nameReq: Потрібне ім'я. - nameInExists: Ім'я вже існує. Будь ласка, використовуйте нове ім'я політики безпеки подів. - form: - name: - labelText: Ім'я - placeholder: "наприклад, політика" rolesPage: title: Роль headers: @@ -4635,98 +4612,6 @@ formVolumes: source: Джерело mountPoint: Точка монтування opts: Доступ / Параметри -formCapabilityPodSecurityPolicy: - title: Політика можливостей - capabilities: - allow: Дозволені можливості - add: Додати можливості за замовчуванням -formVolumePodSecurityPolicy: - volumes: Томи -formAllowedHostPathsPodSecurityPolicy: - path: - addLabel: Додати префікс шляху - placeholder: напр. /foo -formFsGroupPodSecurityPolicy: - range: - addLabel: Додати діапазон - max: - label: Максимум - placeholder: напр. 6 - min: - label: Мінімум - placeholder: напр. 1 -formHostPortsPodSecurityPolicy: - title: Політика портів хоста - port: - addLabel: Додати діапазон портів - max: - label: Максимум - placeholder: напр. 7000 - min: - label: Мінімум - placeholder: напр. 6000 -formRunAsUserPodSecurityPolicy: - detail: Ідентифікатор користувача - range: - addLabel: Додати діапазон - max: - label: Максимум - placeholder: напр. 6 - min: - label: Мінімум - placeholder: напр. 1 -formSeLinuxodSecurityPolicy: - title: Політика SELinux - level: - label: Рівень - placeholder: наприклад, рівень - role: - label: Роль - placeholder: наприклад, роль - user: - label: Користувач - placeholder: наприклад, користувач -formSupplementalGroupsPodSecurityPolicy: - range: - addLabel: Додати діапазон - max: - label: Максимум - placeholder: напр. 6 - min: - label: Мінімум - placeholder: напр. 1 -formBasicPodSecurityPolicy: - allowPrivilegeEscalation: - disable: "Ні" - defaultAllowPrivilegeEscalation: - disable: "Ні" - hostIPC: - label: Хост IPC - disable: "Ні" - hostNetwork: - label: Мережа хоста - enable: "Так: використання мережі хоста" - disable: "Ні" - hostPID: - label: PID хоста - disable: "Ні" - privileged: - label: Привілейоване - enable: "Так: Запуск привілейованих контейнерів" - disable: "Ні" - readOnlyRootFilesystem: - disable: "Ні" -formReservation: - limitCpu: - label: '{component} Ліміт ЦП' - placeholder: напр. 1000 - limitMemory: - label: '{component} Обмеження пам’яті' - placeholder: напр. 1000 - requestCpu: - placeholder: напр. 1000 - requestMemory: - placeholder: напр. 1000 hostSettings: header: Хост реєстрації URL subtext: Якій URL слід використовувати для підключення до {appName} API? @@ -5970,7 +5855,6 @@ nav: tab: Безпека roles: Ролі members: Учасники - podSecurityPolicies: Політики Безпеки Подів authentication: Автентифікація settings: tab: Налаштування diff --git a/translations/zh-hans.yaml b/translations/zh-hans.yaml index 57e5b51629..eb6b1d90e8 100644 --- a/translations/zh-hans.yaml +++ b/translations/zh-hans.yaml @@ -428,30 +428,6 @@ alertPage: less-or-equal: 小于或等于 has-value: 不为空 -podSecurityPoliciesPage: - index: - header: Pod 安全策略 - description: 将策略应用于由具有此角色的用户创建的 Pod。 - table: - name: 名称 - created: 创建时间 - noData: 未配置 Pod 安全策略 - noMatch: 没有与当前搜索匹配的 Pod 安全策略。 - addPodSecurityPolicy: 添加策略 - editPodSecurityPolicy: 编辑策略 - detail: - header: 策略 - saveEdit: 编辑 - saveNew: 创建 - new: - errors: - nameReq: 名称(必填) - nameInExists: 名称已存在,请使用新的 Pod 安全策略名称。 - form: - name: - labelText: 名称 - placeholder: '例如: 策略' - rolesPage: title: 角色 headers: @@ -1318,8 +1294,6 @@ projectsPage: placeholder: '例如: lab' created: label: 创建时间 - psp: - label: Pod 安全策略 resourceQuota: title: 资源配额 detail: 配置整个项目可以使用多少资源。 @@ -3306,11 +3280,6 @@ clusterNew: security: title: 安全 detail: 自定义 GKE 服务账号和访问权限 - psp: - label: 默认的 Pod 安全策略 - prompt: 选择 Pod 安全策略... - none: 没有配置策略 - required: 启用时需要设置默认 Pod 安全策略 amazoneks: label: AWS 的基于 Kubernetes 的弹性容器服务 shortLabel: Amazon EKS @@ -4343,8 +4312,6 @@ clusterNew: label: 主机 Docker 版本 enabled: 允许不受支持的版本 disabled: 需要支持的版本 - podSecurityPolicy: - label: Pod 安全策略(需先在全局下创建 Pod 策略) role: pageheader: 添加主机命令 sectionheader: 主机选项 @@ -4363,7 +4330,6 @@ clusterNew: kubeApi: label: Kube API ipRange: 服务集群 IP 范围 - podSecurityPolicy: Pod 安全策略 kubeController: label: Kube 控制器 cidr: 集群 CIDR @@ -4612,7 +4578,6 @@ clusterTemplateQuestions: noData: '没有默认参数' schemaLabels: defaultClusterRoleForProjectMembers: '项目成员的默认集群角色' - defaultPodSecurityPolicyTemplateId: '默认 Pod 安全策略模板 Id' desiredAgentImage: '需要的 Agent 镜像' desiredAuthImage: '需要的 Auth 镜像' dockerRootDir: 'Docker 根目录' @@ -6334,9 +6299,6 @@ formGlobalRoles: nodetemplates-manage: label: 管理主机模板 detail: 允许用户配置,编辑和删除主机模板。 - podsecuritypolicytemplates-manage: - label: 管理 Pod 安全策略(PSPs) - detail: 允许用户定义、编辑和删除 psp。 roles-manage: label: 管理角色 detail: 允许用户配置,编辑和删除角色。 @@ -7147,148 +7109,6 @@ formVolumes: mountPoint: 挂载点 opts: '权限/选项' -formCapabilityPodSecurityPolicy: - title: 内核安全策略 - detail: 配置一组功能策略 - capabilities: - allow: 启用的功能 - add: 默认添加的能力 - drop: 必须禁用的内核能力 - -formVolumePodSecurityPolicy: - title: 卷策略 - detail: 控制卷类型的使用 - volumes: 数据卷 - -formAllowedHostPathsPodSecurityPolicy: - title: 允许主机路径策略 - detail: 允许的主机路径的白名单 - path: - addLabel: 添加路径前缀 - placeholder: '例如: /foo' - -formFsGroupPodSecurityPolicy: - title: FS 组策略 - detail: 分配拥有 Pod 卷的 FSGroup - rule: - mustRunAs: MustRunAs - 至少需要指定一个范围,使用第一个范围的最小值作为默认值,对照第一个范围中的第一个 ID 进行验证。 - runAsAny: RunAsAny - 没有默认值,允许指定任何 fsGroup ID。 - range: - addLabel: 添加范围 - max: - label: 最大值 - placeholder: '例如: 6' - min: - label: 最小值 - placeholder: '例如: 1' - -formHostPortsPodSecurityPolicy: - title: 主机端口策略 - detail: 使用主机端口 - port: - addLabel: 添加端口范围 - max: - label: 最大值 - placeholder: '例如: 7000' - min: - label: 最小值 - placeholder: '例如: 6000' - -formRunAsGroupPodSecurityPolicy: - title: 作为组策略运行 - detail: Controls which primary group ID the containers are run with. - rule: - mustRunAs: MustRunAs - Requires a range to be configured. Uses the first value of the range as the default. Validates against the configured range. - mayRunAs: MayRunAs - Does not require that RunAsGroup be specified. However, when RunAsGroup is specified, they have to fall in the defined range. - runAsAny: RunAsAny - No default provided. Allows any runAsGroup to be specified. - range: - addLabel: Add Range - max: - label: Max - placeholder: e.g. 65535 - min: - label: Min - placeholder: e.g. 1 - -formRunAsUserPodSecurityPolicy: - title: Run As User Policy - detail: Controls which user ID the containers are run with. - rule: - mustRunAs: MustRunAs - 需要配置范围,使用范围的第一个值作为默认值。根据配置的范围进行验证。 - mustRunAsNonRoot: MustRunAsNonRoot - 要求使用非零 runAsUser 启动 Pod,或者在镜像中配置 USER 指令,不提供默认值。 - runAsAny: RunAsAny - 无默认值,允许任何 runAsUser 来指定。 - range: - addLabel: 添加范围 - max: - label: 最大值 - placeholder: '例如: 6' - min: - label: 最小值 - placeholder: '例如: 1' - -formSeLinuxodSecurityPolicy: - title: SELinux 策略 - detail: 容器的 SELinux 上下文 - rule: - mustRunAs: MustRunAs - 使用 seLinuxOptions 作为默认值,根据 seLinuxOptions 进行验证。 - runAsAny: RunAsAny - 允许指定任何 seLinuxOptions 设置。 - level: - label: 等级 - placeholder: '例如: dev1' - role: - label: 角色 - placeholder: '例如: node' - user: - label: 用户 - placeholder: '例如: master' - -formSupplementalGroupsPodSecurityPolicy: - title: 补充组策略 - detail: 配置允许的补充组 - rule: - mustRunAs: MustRunAs - 需要至少指定一个范围,使用第一个范围的最小值作为默认值,针对所有范围进行验证。 - runAsAny: RunAsAny - 无默认值。允许指定任何补充组。 - range: - addLabel: 添加范围 - max: - label: 最大值 - placeholder: '例如: 6' - min: - label: 最小值 - placeholder: '例如: 1' - -formBasicPodSecurityPolicy: - title: 基本策略 - detail: 配置基本的 Pod 安全策略 - allowPrivilegeEscalation: - label: 允许提升特权 - enable: '是: 运行允许从其父级升级特权的容器' - disable: "否" - defaultAllowPrivilegeEscalation: - label: 默认允许提升特权 - enable: '是: 控制进程可以获得父进程获得更多特权' - disable: "否" - hostIPC: - label: 主机 IPC - enable: "是: 主机 IPC 命名空间" - disable: "否" - hostNetwork: - label: 主机网络 - enable: "是: 使用主机网络" - disable: "否" - hostPID: - label: 主机 PID - enable: "是: 主机 PID 名称空间" - disable: "否" - privileged: - label: 特权 - enable: "是: 运行特权容器" - disable: "否" - readOnlyRootFilesystem: - label: 只读根文件系统 - enable: "是: 需要采用只读根文件系统" - disable: "否" - formReservation: limitCpu: label: '{component} CPU 限制' @@ -9874,7 +9694,6 @@ nav: tab: 安全 roles: 角色 members: 成员 - podSecurityPolicies: Pod 安全策略 authentication: 认证 settings: tab: 系统设置 diff --git a/translations/zh-hant-tw.yaml b/translations/zh-hant-tw.yaml index e4f71847fe..99e5b5cb8c 100644 --- a/translations/zh-hant-tw.yaml +++ b/translations/zh-hant-tw.yaml @@ -428,30 +428,6 @@ alertPage: less-or-equal: 小於或等於 has-value: 不為空 -podSecurityPoliciesPage: - index: - header: Pod安全策略 - description: 將策略應用於由具有此角色的用戶創建的Pod。 - table: - name: 名稱 - created: 創建時間 - noData: 未定義Pod安全策略 - noMatch: 沒有與當前搜索匹配的Pod安全策略 - addPodSecurityPolicy: 新增策略 - editPodSecurityPolicy: 編輯策略 - detail: - header: 策略 - saveEdit: 編輯 - saveNew: 創建 - new: - errors: - nameReq: 名稱(必填) - nameInExists: 名稱已存在, 請使用新的Pod安全策略名稱。 - form: - name: - labelText: 名稱 - placeholder: '例如: 策略' - rolesPage: title: 角色 headers: @@ -1317,8 +1293,6 @@ projectsPage: placeholder: '例如: lab' created: label: 創建時間 - psp: - label: Pod安全策略 resourceQuota: title: 資源配額 detail: 設定整個專案可以使用多少資源。 @@ -3287,11 +3261,6 @@ clusterNew: security: title: 安全 detail: 自定義GKE服務帳號和訪問權限 - psp: - label: 默認的Pod安全策略 - prompt: 選擇一個Pod安全策略... - none: 沒有定義策略 - required: 啟用時需要設置一個默認Pod安全策略 amazoneks: label: AWS的基於Kubernetes的彈性容器服務 shortLabel: 亞馬遜EKS @@ -4087,8 +4056,6 @@ clusterNew: label: 主機Docker版本 enabled: 允許不受支持的版本 disabled: 需要支持的版本 - podSecurityPolicy: - label: Pod安全策略(需先在全域下創建Pod策略) role: pageheader: 自定義主機運行命令 sectionheader: 主機選項 @@ -4107,7 +4074,6 @@ clusterNew: kubeApi: label: Kube API ipRange: 服務叢集IP範圍 - podSecurityPolicy: Pod安全策略 kubeController: label: Kube控制器 cidr: 叢集CIDR @@ -4337,7 +4303,6 @@ clusterTemplateQuestions: noData: '沒有默認參數' schemaLabels: defaultClusterRoleForProjectMembers: '項目成員的默認叢集角色' - defaultPodSecurityPolicyTemplateId: '默認Pod安全策略模板Id' desiredAgentImage: '需要的Agent鏡像' desiredAuthImage: '需要的Auth鏡像' dockerRootDir: 'Docker根目錄' @@ -6057,9 +6022,6 @@ role: nodetemplates-manage: label: 管理主機模板 detail: 允許用戶配置,編輯和刪除主機模板。 - podsecuritypolicytemplates-manage: - label: 管理Pod安全策略(PSPs) - detail: 允許用戶定義、編輯和刪除psp。 roles-manage: label: 管理角色 detail: 允許用戶配置,編輯和刪除角色。 @@ -6860,132 +6822,6 @@ form volumes: mountPoint: 掛載點 opts: 權限/選項 -formCapabilityPodSecurityPolicy: - title: 核心安全策略 - detail: 設定一組功能策略 - capabilities: - allow: 啟用的功能 - add: 默認新增的能力 - drop: 必須禁用的核心能力 - -formVolumePodSecurityPolicy: - title: volumes 策略 - detail: 控制 volumes 類型的使用 - volumes: 數據 volumes - -formAllowedHostPathsPodSecurityPolicy: - title: 允許主機路徑策略 - detail: 允許的主機路徑的白名單 - path: - addLabel: 新增路徑前綴 - placeholder: '例如: /foo' - -formFsGroupPodSecurityPolicy: - title: FS組策略 - detail: 分配擁有Pod volumes 的FSGroup - rule: - mustRunAs: MustRunAs-至少需要指定一個範圍,使用第一個範圍的最小值作為默認值,對照第一個範圍中的第一個ID進行驗證。 - runAsAny: RunAsAny - 沒有默認值,允許指定任何fsGroup ID。 - range: - addLabel: 新增一個範圍 - max: - label: 最大值 - placeholder: '例如: 6' - min: - label: 最小值 - placeholder: '例如: 1' - -formHostPortsPodSecurityPolicy: - title: 主機埠策略 - detail: 使用主機埠 - port: - addLabel: 新增埠範圍 - max: - label: 最大值 - placeholder: '例如: 7000' - min: - label: 最小值 - placeholder: '例如: 6000' - -formRunAsUserPodSecurityPolicy: - title: 用戶運行策略 - detail: User ID - rule: - mustRunAs: MustRunAs - 需要設定一個範圍,使用範圍的第一個值作為默認值。根據設定的範圍進行驗證。 - mustRunAsNonRoot: MustRunAsNonRoot - 要求使用非零runAsUser啟動Pod,或者在鏡像中定義USER指令,不提供默認值。 - runAsAny: RunAsAny - 無默認值,允許任何runAsUser來指定。 - range: - addLabel: 新增一個範圍 - max: - label: 最大值 - placeholder: '例如: 6' - min: - label: 最小值 - placeholder: '例如: 1' - -formSeLinuxodSecurityPolicy: - title: SELinux策略 - detail: 容器的SELinux上下文 - rule: - mustRunAs: MustRunAs - 使用seLinuxOptions作為默認值,根據seLinuxOptions進行驗證。 - runAsAny: RunAsAny - 允許指定任何seLinuxOptions設置 - level: - label: 等級 - placeholder: '例如: dev1' - role: - label: 角色 - placeholder: '例如: node' - user: - label: 用戶 - placeholder: '例如: master' - -formSupplementalGroupsPodSecurityPolicy: - title: 補充組策略 - detail: 設定允許的補充組 - rule: - mustRunAs: MustRunAs - 需要至少指定一個範圍,使用第一個範圍的最小值作為默認值,針對所有範圍進行驗證。 - runAsAny: RunAsAny - 無默認值。允許指定任何補充組。 - range: - addLabel: 新增一個範圍 - max: - label: 最大值 - placeholder: '例如: 6' - min: - label: 最小值 - placeholder: '例如: 1' - -formBasicPodSecurityPolicy: - title: 基本策略 - detail: 設定基本的Pod安全策略 - allowPrivilegeEscalation: - label: 允許提升特權 - enable: '是: 運行允許從其父級升級特權的容器' - disable: "否" - defaultAllowPrivilegeEscalation: - label: 默認允許提升特權 - enable: '是: 控制進程可以獲得父進程獲得更多特權' - disable: "否" - hostIPC: - label: 主機IPC - enable: "是: 主機IPC命名空間" - disable: "否" - hostNetwork: - label: 主機網路 - enable: "是: 使用主機網路" - disable: "否" - hostPID: - label: 主機PID - enable: "是: 主機PID名稱空間" - disable: "否" - privileged: - label: 特權 - enable: "是: 運行特權容器" - disable: "否" - readOnlyRootFilesystem: - label: 唯讀根文件系統 - enable: "是: 需要採用一個唯讀根文件系統" - disable: "否" - formReservation: limitCpu: label: '{component} CPU限制' @@ -9366,7 +9202,6 @@ nav: tab: 安全 roles: 角色 members: 成員 - podSecurityPolicies: Pod安全策略 authentication: 認證 settings: tab: 系統設置 diff --git a/translations/zh-hant.yaml b/translations/zh-hant.yaml index 71b44a5a0c..f51f0a39a5 100644 --- a/translations/zh-hant.yaml +++ b/translations/zh-hant.yaml @@ -332,30 +332,6 @@ alertPage: addHeader: 添加告警 editHeader: 編輯告警 -podSecurityPoliciesPage: - index: - header: Pod安全策略 - description: 將策略應用於由具有此角色的用戶創建的Pod。 - table: - name: 名稱 - created: 創建時間 - noData: 未定義Pod安全策略 - noMatch: 沒有與當前搜索匹配的Pod安全策略 - addPodSecurityPolicy: 添加策略 - editPodSecurityPolicy: 編輯策略 - detail: - header: 策略 - saveEdit: 編輯 - saveNew: 創建 - new: - errors: - nameReq: 名稱(必填) - nameInExists: 名稱已存在, 請使用新的Pod安全策略名稱。 - form: - name: - labelText: 名稱 - placeholder: '例如: 策略' - rolesPage: title: 角色 index: @@ -890,8 +866,6 @@ projectsPage: placeholder: '例如: lab' created: label: 創建時間 - psp: - label: Pod安全策略 resourceQuota: title: 資源配額 detail: 配置整個項目可以使用多少資源。 @@ -2047,11 +2021,6 @@ clusterNew: customize: title: 集群選項 detail: 自定義將要創建的集群 - psp: - label: 默認的Pod安全策略 - prompt: 選擇一個Pod安全策略... - none: 沒有定義策略 - required: 啟用時需要設置一個默認Pod安全策略 amazoneks: label: AWS的基於Kubernetes的彈性容器服務 shortLabel: 亞馬遜EKS @@ -2348,8 +2317,6 @@ clusterNew: label: 主機Docker版本 enabled: 允許不受支持的版本 disabled: 需要支持的版本 - podSecurityPolicy: - label: Pod安全策略(需先在全局下創建Pod策略) role: pageheader: 自定義主機運行命令 sectionheader: 主機選項 @@ -2367,7 +2334,6 @@ clusterNew: kubeApi: label: Kube API ipRange: 服務集群IP範圍 - podSecurityPolicy: Pod安全策略 kubeController: label: Kube控制器 cidr: 集群CIDR @@ -4378,132 +4344,6 @@ formVolumes: mountPoint: 掛載點 opts: 權限/選項 -formCapabilityPodSecurityPolicy: - title: 內核安全策略 - detail: 配置一組功能策略 - capabilities: - allow: 啟用的功能 - add: 默認添加的能力 - drop: 必須禁用的內核能力 - -formVolumePodSecurityPolicy: - title: 卷策略 - detail: 控制卷類型的使用 - volumes: 數據卷 - -formAllowedHostPathsPodSecurityPolicy: - title: 允許主機路徑策略 - detail: 允許的主機路徑的白名單 - path: - addLabel: 添加路徑前綴 - placeholder: '例如: /foo' - -formFsGroupPodSecurityPolicy: - title: FS組策略 - detail: 分配擁有Pod卷的FSGroup - rule: - mustRunAs: MustRunAs-至少需要指定一個範圍,使用第一個範圍的最小值作為默認值,對照第一個範圍中的第一個ID進行驗證。 - runAsAny: RunAsAny - 沒有默認值,允許指定任何fsGroup ID。 - range: - addLabel: 添加一個範圍 - max: - label: 最大值 - placeholder: '例如: 6' - min: - label: 最小值 - placeholder: '例如: 1' - -formHostPortsPodSecurityPolicy: - title: 主機端口策略 - detail: 使用主機端口 - port: - addLabel: 添加端口範圍 - max: - label: 最大值 - placeholder: '例如: 7000' - min: - label: 最小值 - placeholder: '例如: 6000' - -formRunAsUserPodSecurityPolicy: - title: 用戶運行策略 - detail: User ID - rule: - mustRunAs: MustRunAs - 需要配置一個範圍,使用範圍的第一個值作為默認值。根據配置的範圍進行驗證。 - mustRunAsNonRoot: MustRunAsNonRoot - 要求使用非零runAsUser啟動Pod,或者在鏡像中定義USER指令,不提供默認值。 - runAsAny: RunAsAny - 無默認值,允許任何runAsUser來指定。 - range: - addLabel: 添加一個範圍 - max: - label: 最大值 - placeholder: '例如: 6' - min: - label: 最小值 - placeholder: '例如: 1' - -formSeLinuxodSecurityPolicy: - title: SELinux策略 - detail: 容器的SELinux上下文 - rule: - mustRunAs: MustRunAs - 使用seLinuxOptions作為默認值,根據seLinuxOptions進行驗證。 - runAsAny: RunAsAny - 允許指定任何seLinuxOptions設置 - level: - label: 等級 - placeholder: '例如: dev1' - role: - label: 角色 - placeholder: '例如: node' - user: - label: 用戶 - placeholder: '例如: master' - -formSupplementalGroupsPodSecurityPolicy: - title: 補充組策略 - detail: 配置允許的補充組 - rule: - mustRunAs: MustRunAs - 需要至少指定一個範圍,使用第一個範圍的最小值作為默認值,針對所有範圍進行驗證。 - runAsAny: RunAsAny - 無默認值。允許指定任何補充組。 - range: - addLabel: 添加一個範圍 - max: - label: 最大值 - placeholder: '例如: 6' - min: - label: 最小值 - placeholder: '例如: 1' - -formBasicPodSecurityPolicy: - title: 基本策略 - detail: 配置基本的Pod安全策略 - allowPrivilegeEscalation: - label: 允許提升特權 - enable: '是: 運行允許從其父級升級特權的容器' - disable: "否" - defaultAllowPrivilegeEscalation: - label: 默認允許提升特權 - enable: '是: 控制進程可以獲得父進程獲得更多特權' - disable: "否" - hostIPC: - label: 主機IPC - enable: "是: 主機IPC命名空間" - disable: "否" - hostNetwork: - label: 主機網絡 - enable: "是: 使用主機網絡" - disable: "否" - hostPID: - label: 主機PID - enable: "是: 主機PID名稱空間" - disable: "否" - privileged: - label: 特權 - enable: "是: 運行特權容器" - disable: "否" - readOnlyRootFilesystem: - label: 只讀根文件系統 - enable: "是: 需要採用一個只讀根文件系統" - disable: "否" - hostSettings: header: 主機註冊URL subtext: 主機連接{appName}API的Base URL是? @@ -6309,7 +6149,6 @@ nav: tab: 安全 roles: 角色 members: 成員 - podSecurityPolicies: Pod安全策略 authentication: 認證 authWarning: "注意:除本地身份驗證之外,在任何時候只能啟用單個身份驗證提供者。如果在2.1之前啟用了多個身份驗證提供者,則仍然可以編輯或禁用這些提供者,但不能啟用其他提供者。您也不能重新啟用以前禁用的提供者。禁用時要小心,禁用後配置無法恢復。" settings: