From 305e84839acad657e2870079bee25f2b78594957 Mon Sep 17 00:00:00 2001
From: TzlilSwimmer123 <51244810+TzlilSwimmer123@users.noreply.github.com>
Date: Sun, 23 Jul 2023 11:56:54 +0300
Subject: [PATCH 1/3] fix: make cel expression policy work (#963)

Co-authored-by: teselil <tzlil@datree.com>
---
 examples/CEL/policy.yaml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/examples/CEL/policy.yaml b/examples/CEL/policy.yaml
index 7a418fbde..c5043ea09 100755
--- a/examples/CEL/policy.yaml
+++ b/examples/CEL/policy.yaml
@@ -3,7 +3,7 @@ policies:
   - name: CEL_policy
     isDefault: true
     rules:
-      - identifier: CUSTOM_DEPLOYMENT_BILLING_LABEL_EXISTS
+      - identifier: CUSTOM_WORKLOADS_BILLING_LABEL_EXISTS
         messageOnFailure: "workloads labels should contain billing label"
       - identifier: CUSTOM_SECRET_ENVIRONMENT_LABEL_EXISTS
         messageOnFailure: "secret labels should contain environment label"
@@ -24,9 +24,9 @@ customRules:
               - Pod
       then:
         CELDefinition:
-          - expression: "object.kind != 'Deployment' || (has(object.metadata.labels) && has(object.metadata.labels.billing))"
+          - expression: "has(object.metadata.labels) && has(object.metadata.labels.billing)"
             message: "deployment labels should contain billing label"
-          - expression: "object.kind != 'Pod' || (has(object.metadata.labels) && has(object.metadata.labels.billing))"
+          - expression: "has(object.metadata.labels) && has(object.metadata.labels.billing)"
             message: "pod labels should contain billing label"
   - identifier: CUSTOM_SECRET_ENVIRONMENT_LABEL_EXISTS
     name: Ensure Secret has environment label [CUSTOM RULE]

From 0b673002f9cd7e2711f2c8cf05aa069a0a91d822 Mon Sep 17 00:00:00 2001
From: Eng Zer Jun <engzerjun@gmail.com>
Date: Mon, 24 Jul 2023 18:02:50 +0800
Subject: [PATCH 2/3] perf(httpClient): compare strings with
 `strings.EqualFold` (#962)

Comparing two strings to the same case with `strings.ToLower` is more
computational expensive than `strings.EqualFold`.

Sample benchmark:

func BenchmarkToLower(b *testing.B) {
	for i := 0; i < b.N; i++ {
		if strings.ToLower("CONTENT-TYPE") != strings.ToLower("content-type") {
			b.Fail()
		}
	}
}

func BenchmarkEqualFold(b *testing.B) {
	for i := 0; i < b.N; i++ {
		if !strings.EqualFold("CONTENT-TYPE", "content-type") {
			b.Fail()
		}
	}
}

goos: linux
goarch: amd64
pkg: github.com/datreeio/datree/pkg/httpClient
cpu: AMD Ryzen 7 PRO 4750U with Radeon Graphics
BenchmarkToLower-16      	 8183317	       192.1 ns/op	      16 B/op	       1 allocs/op
BenchmarkEqualFold-16    	82634701	        12.92 ns/op	       0 B/op	       0 allocs/op
PASS
ok  	github.com/datreeio/datree/pkg/httpClient	4.181s

Reference: https://staticcheck.dev/docs/checks/#SA6005

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
---
 pkg/httpClient/client.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/httpClient/client.go b/pkg/httpClient/client.go
index 9cf3eb5e8..9a78de210 100644
--- a/pkg/httpClient/client.go
+++ b/pkg/httpClient/client.go
@@ -162,7 +162,7 @@ func (c *Client) parseBody(body interface{}) (io.ReadWriter, error) {
 
 func (c *Client) getValueOfHeader(headers map[string]string, header string) string {
 	for currentHeader, currentValue := range headers {
-		if strings.ToLower(currentHeader) == strings.ToLower(header) {
+		if strings.EqualFold(currentHeader, header) {
 			return currentValue
 		}
 	}

From 0c3b63e6ce9688cdb5ad3bf06768875664cf15be Mon Sep 17 00:00:00 2001
From: Eyar Zilberman <eyar@datree.io>
Date: Tue, 1 Aug 2023 09:42:26 +0300
Subject: [PATCH 3/3] docs: deprecation notice (#964)

---
 README.md | 76 +++++++++----------------------------------------------
 1 file changed, 12 insertions(+), 64 deletions(-)

diff --git a/README.md b/README.md
index 6fe8e3e7f..32890890b 100644
--- a/README.md
+++ b/README.md
@@ -9,52 +9,27 @@
  <img src="https://img.shields.io/github/downloads/datreeio/datree/total.svg" target="_blank"></a>
  <img src="https://goreportcard.com/badge/github.com/datreeio/datree" target="_blank"></a>
 </p>
-  
-<p align="center">
-  <a href="https://bit.ly/3BHwCEG" target="_blank">
-   <img src="https://img.shields.io/badge/Slack-4A154B?logo=slack&color=black&logoColor=white&style=for-the-badge alt="Join our Slack!" width="80" height="30">
-  </a> 
-</p>
 
 <p align="center">
   <a href="https://hub.datree.io/#utm_source=github&utm_medium=organic_oss"><strong>Explore the docs »</strong></a>
   <br />
 </p>
 
-# Datree
-
-[Datree](https://www.datree.io/) (pronounced `/da-tree/`) secures your Kubernetes by blocking the deployment of misconfigured resources.
+# Datree [DEPRECATED]
 
-## ✌️ Quick-start in two steps
+[Datree](https://www.datree.io/) (pronounced `/da-tree/`) was built to secure Kubernetes workloads by blocking the deployment of misconfigured resources. **Since July 2023, the commercial company that supports and actively maintains this project has been closed.**
 
-Install Datree to get insights on the status of your cluster and enforce your desired policies on new resources.
+## Migrating to the (fully) open-source version of Datree 
 
-> **NOTE:**  
-> By default, Datree does not block misconfigured resources, it only monitors and alerts about them.  
-> To enable **enforcement mode**, see the [documentation](https://hub.datree.io/setup/behavior#options).
+For existing users, it is still possible to run Datree as a standalone: https://hub.datree.io/cli/offline-mode
 
-### 1. Add the Datree Helm repository
-Run the following command in your terminal:
-```terminal
-helm repo add datree-webhook https://datreeio.github.io/admission-webhook-datree
-helm repo update
-```
+## What will not be available anymore
 
-### 2. Install Datree on your cluster
-Replace `<DATREE_TOKEN>` with the token from your [dashboard](https://app.datree.io/), and run the following command in your terminal:
-
-```terminal
-helm install -n datree datree-webhook datree-webhook/datree-admission-webhook --debug \
---create-namespace \
---set datree.token=<DATREE_TOKEN> \
---set datree.clusterName=$(kubectl config current-context)
-```
-
-This will create a new namespace (datree), where Datree’s services and application resources will reside. `datree.token` is used to connect your dashboard to your cluster. Note that the installation can take up to 5 minutes.
-
-**Looking for a different installation method?**  
-<a href="https://hub.datree.io"><img width="45px" src="/images/argo.png" /></a>&nbsp;&nbsp;<a href="https://hub.datree.io"><img width="45px" src="/images/flux.png" /></a>&nbsp;&nbsp;<a href="https://hub.datree.io"><img width="45px" src="/images/openshift.png" /></a>  
-Datree also supports installation via **ArgoCD**, **Flux** and **Openshift**. See our [documentation](https://hub.datree.io/) for instructions.
+All the archived open source repositories under datreeio org will no longer be maintained and accept any new code changes, including any security patches.
+In addition, the following key capabilities will not longer be available anymore:  
+* Centralized policy registry
+* Automatic Kubernetes schema validation
+* Access to the dashboard and all of its components (e.g. activity-log page, token management, etc.)
 
 ## ⚙️ How it works
 
@@ -64,35 +39,8 @@ Datree comes with over 100 rules covering various use-cases, such as workload se
 
 In addition to our built-in rules, you can write [any custom rule you wish](https://hub.datree.io/custom-rules-overview) and then run it against your Kubernetes configurations to check for rule violations. Custom rules can be written in [JSON schema](https://hub.datree.io/custom-rules/custom-rules-overview) or in [Rego](https://hub.datree.io/custom-rules/rego-support).
 
-## 📊 Management dashboard (web application)
-
-Datree's dashboard provides valuable information about your clusters' health and stability. It details the resources that failed your policy checks, and shows you how to fix each violation.
-
-Datree can be configured via code or via the dashboard. The dashboard offers the following capabilities in an intuitive visual interface: 
-* Control Datree's configuration:
-  * Default action on failure - set whether resources that failed the policy check should be blocked or only monitored
-  * Set which policy to use for your checks
-  * Define resources and/or namespaces to ignore
-* Create & customize policies
-* Edit rules' failure message
-* Issue tokens
-* View policy check history
-* Configure Kubernetes schema version
-
-<img src="/images/dashboard-policies.png" alt="Datree-saas" width="70%">
-
-## 🤩 Additional features
-
-Datree offers a suite of features to make adoption seamless:
-* **Monitoring** - By default, Datree is installed in monitoring mode and does not block deployments until you decide to do so.
-* [**CLI**](https://hub.datree.io/cli/getting-started) - Help your developers find misconfigurations in their configs before deploying them, by integrating Datree into their CI.
-* **Simple integrations** - Datree works seamlessly with popular CD tools such as ArgoCD and FluxCD, and comes with ready-made integrations for various CI platforms.
-* **Cluster score** - Rank the stability of your cluster based on the number of detected misconfigurations.
-
 ## Contributing
 
-[Contributions](https://github.com/datreeio/datree/issues?q=is%3Aissue+is%3Aopen+label%3A%22up+for+grabs%22) are welcome!
-
+We want to thank our contributors for helping us build Datree ❤️
+  
 [![Contributors](https://contrib.rocks/image?repo=datreeio/datree)](https://github.com/datreeio/datree/graphs/contributors)
-
-Thank you to all the people who already contributed to Datree ❤️