From 90ee21f1cf39bb9182791893280150e5ba4ad56a Mon Sep 17 00:00:00 2001
From: Paul Krizak <paul.krizak@gmail.com>
Date: Sun, 5 Nov 2023 10:28:02 -0800
Subject: [PATCH] Sync with upstream and rerun docker  build --build-arg
 GOMPLATE_VERSION=3.11.5 -f build/gomplate/Dockerfile -t gomplate-container .
 Sending build context to Docker daemon  6.362MB Step 1/6 : FROM
 golang:1.20@sha256:cfc9d1b07b1ef4f7a4571f0b60a99646a92ef76adb7d9943f4cb7b606c6554e2
  ---> e69c1df674bc Step 2/6 : ARG GOMPLATE_VERSION  ---> Using cache  --->
 751f5c31a643 Step 3/6 : RUN go install
 github.com/hairyhenderson/gomplate/v3/cmd/gomplate@v${GOMPLATE_VERSION}  --->
 Using cache  ---> d93d01668b95 Step 4/6 : RUN mkdir /gatekeeper-library  --->
 Using cache  ---> 7e08e5a42a41 Step 5/6 : WORKDIR /gatekeeper-library  --->
 Using cache  ---> 2f47b827d027 Step 6/6 : ENTRYPOINT ["/bin/bash"]  --->
 Using cache  ---> 72ede59d508b Successfully built 72ede59d508b Successfully
 tagged gomplate-container:latest docker  run \ 	-u 1000:1000 \ 	-v
 /tmp/gatekeeper-library:/gatekeeper-library \ 	gomplate-container
 ./scripts/generate.sh Generating
 library/pod-security-policy/selinux/template.yaml Generating
 library/pod-security-policy/host-filesystem/template.yaml Generating
 library/pod-security-policy/forbidden-sysctls/template.yaml Generating
 library/pod-security-policy/users/template.yaml Generating
 library/pod-security-policy/fsgroup/template.yaml Generating
 library/pod-security-policy/host-network-ports/template.yaml Generating
 library/pod-security-policy/flexvolume-drivers/template.yaml Generating
 library/pod-security-policy/privileged-containers/template.yaml Generating
 library/pod-security-policy/allow-privilege-escalation/template.yaml
 Generating library/pod-security-policy/apparmor/template.yaml Generating
 library/pod-security-policy/capabilities/template.yaml Generating
 library/pod-security-policy/host-namespaces/template.yaml Generating
 library/pod-security-policy/seccomp/template.yaml Generating
 library/pod-security-policy/proc-mount/template.yaml Generating
 library/pod-security-policy/volumes/template.yaml Generating
 library/pod-security-policy/read-only-root-filesystem/template.yaml
 Generating library/general/allowedrepos/template.yaml Generating
 library/general/containerlimits/template.yaml Generating
 library/general/block-wildcard-ingress/template.yaml Generating
 library/general/disallowedrepos/template.yaml Generating
 library/general/poddisruptionbudget/template.yaml Generating
 library/general/uniqueingresshost/template.yaml Generating
 library/general/containerrequests/template.yaml Generating
 library/general/block-endpoint-edit-default-role/template.yaml Generating
 library/general/uniqueserviceselector/template.yaml Generating
 library/general/block-loadbalancer-services/template.yaml Generating
 library/general/replicalimits/template.yaml Generating
 library/general/horizontalpodautoscaler/template.yaml Generating
 library/general/externalip/template.yaml Generating
 library/general/imagedigests/template.yaml Generating
 library/general/httpsonly/template.yaml Generating
 library/general/block-nodeport-services/template.yaml Generating
 library/general/storageclass/template.yaml Generating
 library/general/automount-serviceaccount-token/template.yaml Generating
 library/general/ephemeralstoragelimit/template.yaml Generating
 library/general/disallowedtags/template.yaml Generating
 library/general/requiredlabels/template.yaml Generating
 library/general/noupdateserviceaccount/template.yaml Generating
 library/general/verifydeprecatedapi/template.yaml Generating
 library/general/requiredannotations/template.yaml Generating
 library/general/disallowanonymous/template.yaml Generating
 library/general/containerresources/template.yaml Generating
 library/general/containerresourceratios/template.yaml Generating
 library/general/requiredprobes/template.yaml cd
 /tmp/gatekeeper-library/scripts/website; go run generate.go Generating
 markdown for  /tmp/gatekeeper-library/library/general/allowedrepos Generating
 markdown for 
 /tmp/gatekeeper-library/library/general/automount-serviceaccount-token
 Generating markdown for 
 /tmp/gatekeeper-library/library/general/block-endpoint-edit-default-role
 Generating markdown for 
 /tmp/gatekeeper-library/library/general/block-loadbalancer-services
 Generating markdown for 
 /tmp/gatekeeper-library/library/general/block-nodeport-services Generating
 markdown for  /tmp/gatekeeper-library/library/general/block-wildcard-ingress
 Generating markdown for 
 /tmp/gatekeeper-library/library/general/containerlimits Generating markdown
 for  /tmp/gatekeeper-library/library/general/containerrequests Generating
 markdown for  /tmp/gatekeeper-library/library/general/containerresourceratios
 Generating markdown for 
 /tmp/gatekeeper-library/library/general/containerresources Generating
 markdown for  /tmp/gatekeeper-library/library/general/disallowanonymous
 Generating markdown for 
 /tmp/gatekeeper-library/library/general/disallowedrepos Generating markdown
 for  /tmp/gatekeeper-library/library/general/disallowedtags Generating
 markdown for  /tmp/gatekeeper-library/library/general/ephemeralstoragelimit
 Generating markdown for  /tmp/gatekeeper-library/library/general/externalip
 Generating markdown for 
 /tmp/gatekeeper-library/library/general/horizontalpodautoscaler Generating
 markdown for  /tmp/gatekeeper-library/library/general/httpsonly Generating
 markdown for  /tmp/gatekeeper-library/library/general/imagedigests Generating
 markdown for  /tmp/gatekeeper-library/library/general/noupdateserviceaccount
 Generating markdown for 
 /tmp/gatekeeper-library/library/general/poddisruptionbudget Generating
 markdown for  /tmp/gatekeeper-library/library/general/replicalimits
 Generating markdown for 
 /tmp/gatekeeper-library/library/general/requiredannotations Generating
 markdown for  /tmp/gatekeeper-library/library/general/requiredlabels
 Generating markdown for 
 /tmp/gatekeeper-library/library/general/requiredprobes Generating markdown
 for  /tmp/gatekeeper-library/library/general/storageclass Generating markdown
 for  /tmp/gatekeeper-library/library/general/uniqueingresshost Generating
 markdown for  /tmp/gatekeeper-library/library/general/uniqueserviceselector
 Generating markdown for 
 /tmp/gatekeeper-library/library/general/verifydeprecatedapi Generating
 markdown for 
 /tmp/gatekeeper-library/library/pod-security-policy/allow-privilege-escalation
 Generating markdown for 
 /tmp/gatekeeper-library/library/pod-security-policy/apparmor Generating
 markdown for 
 /tmp/gatekeeper-library/library/pod-security-policy/capabilities Generating
 markdown for 
 /tmp/gatekeeper-library/library/pod-security-policy/flexvolume-drivers
 Generating markdown for 
 /tmp/gatekeeper-library/library/pod-security-policy/forbidden-sysctls
 Generating markdown for 
 /tmp/gatekeeper-library/library/pod-security-policy/fsgroup Generating
 markdown for 
 /tmp/gatekeeper-library/library/pod-security-policy/host-filesystem
 Generating markdown for 
 /tmp/gatekeeper-library/library/pod-security-policy/host-namespaces
 Generating markdown for 
 /tmp/gatekeeper-library/library/pod-security-policy/host-network-ports
 Generating markdown for 
 /tmp/gatekeeper-library/library/pod-security-policy/privileged-containers
 Generating markdown for 
 /tmp/gatekeeper-library/library/pod-security-policy/proc-mount Generating
 markdown for 
 /tmp/gatekeeper-library/library/pod-security-policy/read-only-root-filesystem
 Generating markdown for 
 /tmp/gatekeeper-library/library/pod-security-policy/seccomp Generating
 markdown for  /tmp/gatekeeper-library/library/pod-security-policy/selinux
 Generating markdown for 
 /tmp/gatekeeper-library/library/pod-security-policy/users Generating markdown
 for  /tmp/gatekeeper-library/library/pod-security-policy/volumes Generating
 markdown for 
 /tmp/gatekeeper-library/mutation/pod-security-policy/allow-privilege-escalation
 Generating markdown for 
 /tmp/gatekeeper-library/mutation/pod-security-policy/capabilities Generating
 markdown for 
 /tmp/gatekeeper-library/mutation/pod-security-policy/read-only-root-filesystem
 Generating markdown for 
 /tmp/gatekeeper-library/mutation/pod-security-policy/seccomp Generating
 markdown for  /tmp/gatekeeper-library/mutation/pod-security-policy/selinux
 Generating markdown for 
 /tmp/gatekeeper-library/mutation/pod-security-policy/users Updating README.md
 Updating PSP README.md Updating sidebar cd
 /tmp/gatekeeper-library/scripts/artifacthub; go run hub.go Generating
 artifact hub content for 
 /tmp/gatekeeper-library/library/general/allowedrepos Generating artifact hub
 content for 
 /tmp/gatekeeper-library/library/general/automount-serviceaccount-token
 Generating artifact hub content for 
 /tmp/gatekeeper-library/library/general/block-endpoint-edit-default-role
 Generating artifact hub content for 
 /tmp/gatekeeper-library/library/general/block-loadbalancer-services
 Generating artifact hub content for 
 /tmp/gatekeeper-library/library/general/block-nodeport-services Generating
 artifact hub content for 
 /tmp/gatekeeper-library/library/general/block-wildcard-ingress Generating
 artifact hub content for 
 /tmp/gatekeeper-library/library/general/containerlimits Generating artifact
 hub content for  /tmp/gatekeeper-library/library/general/containerrequests
 Generating artifact hub content for 
 /tmp/gatekeeper-library/library/general/containerresourceratios Generating
 artifact hub content for 
 /tmp/gatekeeper-library/library/general/containerresources Generating
 artifact hub content for 
 /tmp/gatekeeper-library/library/general/disallowanonymous Generating artifact
 hub content for  /tmp/gatekeeper-library/library/general/disallowedrepos
 Generating artifact hub content for 
 /tmp/gatekeeper-library/library/general/disallowedtags Generating artifact
 hub content for 
 /tmp/gatekeeper-library/library/general/ephemeralstoragelimit Generating
 artifact hub content for  /tmp/gatekeeper-library/library/general/externalip
 Generating artifact hub content for 
 /tmp/gatekeeper-library/library/general/horizontalpodautoscaler Generating
 artifact hub content for  /tmp/gatekeeper-library/library/general/httpsonly
 Generating artifact hub content for 
 /tmp/gatekeeper-library/library/general/imagedigests Generating artifact hub
 content for  /tmp/gatekeeper-library/library/general/noupdateserviceaccount
 Generating artifact hub content for 
 /tmp/gatekeeper-library/library/general/poddisruptionbudget Generating
 artifact hub content for 
 /tmp/gatekeeper-library/library/general/replicalimits Generating artifact hub
 content for  /tmp/gatekeeper-library/library/general/requiredannotations
 Generating artifact hub content for 
 /tmp/gatekeeper-library/library/general/requiredlabels Generating artifact
 hub content for  /tmp/gatekeeper-library/library/general/requiredprobes
 Generating artifact hub content for 
 /tmp/gatekeeper-library/library/general/storageclass Generating artifact hub
 content for  /tmp/gatekeeper-library/library/general/uniqueingresshost
 Generating artifact hub content for 
 /tmp/gatekeeper-library/library/general/uniqueserviceselector Generating
 artifact hub content for 
 /tmp/gatekeeper-library/library/general/verifydeprecatedapi Generating
 artifact hub content for 
 /tmp/gatekeeper-library/library/pod-security-policy/allow-privilege-escalation
 Generating artifact hub content for 
 /tmp/gatekeeper-library/library/pod-security-policy/apparmor Generating
 artifact hub content for 
 /tmp/gatekeeper-library/library/pod-security-policy/capabilities Generating
 artifact hub content for 
 /tmp/gatekeeper-library/library/pod-security-policy/flexvolume-drivers
 Generating artifact hub content for 
 /tmp/gatekeeper-library/library/pod-security-policy/forbidden-sysctls
 Generating artifact hub content for 
 /tmp/gatekeeper-library/library/pod-security-policy/fsgroup Generating
 artifact hub content for 
 /tmp/gatekeeper-library/library/pod-security-policy/host-filesystem
 Generating artifact hub content for 
 /tmp/gatekeeper-library/library/pod-security-policy/host-namespaces
 Generating artifact hub content for 
 /tmp/gatekeeper-library/library/pod-security-policy/host-network-ports
 Generating artifact hub content for 
 /tmp/gatekeeper-library/library/pod-security-policy/privileged-containers
 Generating artifact hub content for 
 /tmp/gatekeeper-library/library/pod-security-policy/proc-mount Generating
 artifact hub content for 
 /tmp/gatekeeper-library/library/pod-security-policy/read-only-root-filesystem
 Generating artifact hub content for 
 /tmp/gatekeeper-library/library/pod-security-policy/seccomp Generating
 artifact hub content for 
 /tmp/gatekeeper-library/library/pod-security-policy/selinux Generating
 artifact hub content for 
 /tmp/gatekeeper-library/library/pod-security-policy/users Generating artifact
 hub content for  /tmp/gatekeeper-library/library/pod-security-policy/volumes

Signed-off-by: Paul Krizak <paul.krizak@gmail.com>
---
 .../example_scale_allowed2.yaml               |  8 +++++++
 .../general/replicalimits/1.1.0/suite.yaml    |  4 ++++
 website/docs/validation/replicalimits.md      | 22 +++++++++++++++++++
 3 files changed, 34 insertions(+)
 create mode 100644 artifacthub/library/general/replicalimits/1.1.0/samples/replicalimits_zero/example_scale_allowed2.yaml

diff --git a/artifacthub/library/general/replicalimits/1.1.0/samples/replicalimits_zero/example_scale_allowed2.yaml b/artifacthub/library/general/replicalimits/1.1.0/samples/replicalimits_zero/example_scale_allowed2.yaml
new file mode 100644
index 000000000..0beba2784
--- /dev/null
+++ b/artifacthub/library/general/replicalimits/1.1.0/samples/replicalimits_zero/example_scale_allowed2.yaml
@@ -0,0 +1,8 @@
+apiVersion: autoscaling/v1
+kind: Scale
+metadata:
+  name: allowed-deployment
+# kubectl scale deploy <name> --replicas=0 creates a Scale
+# resource with an empty spec, not replicas:0
+spec:
+  replicas: 0
diff --git a/artifacthub/library/general/replicalimits/1.1.0/suite.yaml b/artifacthub/library/general/replicalimits/1.1.0/suite.yaml
index 5790e3add..c5a7b480a 100644
--- a/artifacthub/library/general/replicalimits/1.1.0/suite.yaml
+++ b/artifacthub/library/general/replicalimits/1.1.0/suite.yaml
@@ -35,6 +35,10 @@ tests:
     object: samples/replicalimits_zero/example_scale_allowed.yaml
     assertions:
     - violations: no
+  - name: example-scale-allowed
+    object: samples/replicalimits_zero/example_scale_allowed2.yaml
+    assertions:
+    - violations: no
   - name: example-disallowed
     object: samples/replicalimits_zero/example_disallowed.yaml
     assertions:
diff --git a/website/docs/validation/replicalimits.md b/website/docs/validation/replicalimits.md
index 343e99059..fe61f354a 100644
--- a/website/docs/validation/replicalimits.md
+++ b/website/docs/validation/replicalimits.md
@@ -303,6 +303,28 @@ Usage
 kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/replicalimits/samples/replicalimits_zero/example_scale_allowed.yaml
 ```
 
+</details>
+<details>
+<summary>example-scale-allowed</summary>
+
+```yaml
+apiVersion: autoscaling/v1
+kind: Scale
+metadata:
+  name: allowed-deployment
+# kubectl scale deploy <name> --replicas=0 creates a Scale
+# resource with an empty spec, not replicas:0
+spec:
+  replicas: 0
+
+```
+
+Usage
+
+```shell
+kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/replicalimits/samples/replicalimits_zero/example_scale_allowed2.yaml
+```
+
 </details>
 <details>
 <summary>example-disallowed</summary>