mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00
Code Activity
kyverno/pkg/engine/factories/registryclientfactory.go

51 lines
1.6 KiB
Go
Raw Normal View History

Enable flexible registry credential configurations (#7114) * types added Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * added secret fetching and client creation Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * codegen Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fixed tests Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * validate target resource scope & namespace settings (#7098) Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix: mutation code (#7095) * fix: mutation code Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * kuttl tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * lazy loading of context vars (#7071) * lazy loading of context vars Signed-off-by: Jim Bugwadia <jim@nirmata.com> * gofumpt Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add kuttl tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> --------- Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * moved to policy context Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * removed errors Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * RegistryClientLoader Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * [Feature] Add kuttl tests with policy exceptions disabled (#7117) * added tests Signed-off-by: Ved Ratan <vedratan8@gmail.com> * removed redundant code Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * typo fix and README changes Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> --------- Signed-off-by: Ved Ratan <vedratan8@gmail.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * Conditions message (#7113) * add message to conditions Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * extend tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> --------- Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump zgosalvez/github-actions-ensure-sha-pinned-actions (#7123) Bumps [zgosalvez/github-actions-ensure-sha-pinned-actions](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions) from 2.1.2 to 2.1.3. - [Release notes](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/releases) - [Commits](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/compare/21991cec25093947ff3f62e4c223df0260c39944...555a30da2656b4a7cf47b107800bef097723363e) --- updated-dependencies: - dependency-name: zgosalvez/github-actions-ensure-sha-pinned-actions dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: shuting <shuting@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump sigs.k8s.io/kustomize/kyaml from 0.14.1 to 0.14.2 (#7121) Bumps [sigs.k8s.io/kustomize/kyaml](https://github.com/kubernetes-sigs/kustomize) from 0.14.1 to 0.14.2. - [Release notes](https://github.com/kubernetes-sigs/kustomize/releases) - [Commits](https://github.com/kubernetes-sigs/kustomize/compare/kyaml/v0.14.1...kyaml/v0.14.2) --- updated-dependencies: - dependency-name: sigs.k8s.io/kustomize/kyaml dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: shuting <shuting@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump oras.land/oras-go/v2 from 2.0.2 to 2.1.0 (#7102) Bumps [oras.land/oras-go/v2](https://github.com/oras-project/oras-go) from 2.0.2 to 2.1.0. - [Release notes](https://github.com/oras-project/oras-go/releases) - [Commits](https://github.com/oras-project/oras-go/compare/v2.0.2...v2.1.0) --- updated-dependencies: - dependency-name: oras.land/oras-go/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: shuting <shuting@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * add condition msg to v2beta1 (#7126) Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: print container flags and their values (#7127) * add condition msg to v2beta1 Signed-off-by: ShutingZhao <shuting@nirmata.com> * print flags settings Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * remove the container flag genWorker from the admission controller (#7132) Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump google.golang.org/grpc from 1.54.0 to 1.55.0 (#7103) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.54.0 to 1.55.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.54.0...v1.55.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * remove the duplicate entry (#7125) Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump sigs.k8s.io/kustomize/api from 0.13.2 to 0.13.3 (#7120) Bumps [sigs.k8s.io/kustomize/api](https://github.com/kubernetes-sigs/kustomize) from 0.13.2 to 0.13.3. - [Release notes](https://github.com/kubernetes-sigs/kustomize/releases) - [Commits](https://github.com/kubernetes-sigs/kustomize/compare/api/v0.13.2...api/v0.13.3) --- updated-dependencies: - dependency-name: sigs.k8s.io/kustomize/api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: shuting <shuting@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * update background scan logging messages (#7142) Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * Update chart with v2 to v3 migration guidance. (#7144) * add Saxo Bank and Velux as adopters Signed-off-by: Chip Zoller <chipzoller@gmail.com> * update chart README and validations Signed-off-by: Chip Zoller <chipzoller@gmail.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Chip Zoller <chipzoller@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * add Controller Internals info (#7147) Signed-off-by: Chip Zoller <chipzoller@gmail.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * Supporting ValidatingAdmissionPolicy in kyverno cli (apply and test command) (#6656) * feat: add policy reporter to the dev lab Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor: remove obsolete structs from CLI Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * Supporting ValidatingAdmissionPolicy in kyverno apply Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com> * chore: bump k8s from v0.26.3 to v0.27.0-rc.0 Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com> * Support validating admission policy in kyverno apply Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com> * Support validating admission policy in kyverno test Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com> * refactoring Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com> * Adding kyverno apply tests for validating admission policy Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com> * fix Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com> * fix Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com> * running codegen-all Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com> * fix Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com> * Adding IsVap field in TestResults Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com> * chore: bump k8s from v0.27.0-rc.0 to v0.27.1 Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com> * fix Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com> * fix Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com> * Fix vap in engine response Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump sigs.k8s.io/kustomize/api from 0.13.3 to 0.13.4 (#7150) Bumps [sigs.k8s.io/kustomize/api](https://github.com/kubernetes-sigs/kustomize) from 0.13.3 to 0.13.4. - [Release notes](https://github.com/kubernetes-sigs/kustomize/releases) - [Commits](https://github.com/kubernetes-sigs/kustomize/compare/api/v0.13.3...api/v0.13.4) --- updated-dependencies: - dependency-name: sigs.k8s.io/kustomize/api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump golang.org/x/crypto from 0.8.0 to 0.9.0 (#7149) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.8.0 to 0.9.0. - [Commits](https://github.com/golang/crypto/compare/v0.8.0...v0.9.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * Added `omit-events` flag to allow disabling of event emission (#7010) * added comma seperated flag Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * reason added in logs Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * added requested changes Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * kuttl test init Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * updated kuttl tests Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * updated behavior Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fixed flawed behavior Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * updated test location and added readme Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * tests Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * updated step Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * omit events Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> --------- Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix: let reports controller quit when loosing the lead (#7153) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump slsa-framework/slsa-github-generator (#7160) Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) from 1.5.0 to 1.6.0. - [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases) - [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md) - [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.5.0...v1.6.0) --- updated-dependencies: - dependency-name: slsa-framework/slsa-github-generator dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore: bump otel deps (#7152) * chore: bump otel deps Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump github.com/cloudflare/circl from 1.3.2 to 1.3.3 (#7172) Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump github.com/docker/distribution (#7171) Bumps [github.com/docker/distribution](https://github.com/docker/distribution) from 2.8.1+incompatible to 2.8.2+incompatible. - [Release notes](https://github.com/docker/distribution/releases) - [Commits](https://github.com/docker/distribution/compare/v2.8.1...v2.8.2) --- updated-dependencies: - dependency-name: github.com/docker/distribution dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump github.com/go-logr/zapr from 1.2.3 to 1.2.4 (#7177) Bumps [github.com/go-logr/zapr](https://github.com/go-logr/zapr) from 1.2.3 to 1.2.4. - [Release notes](https://github.com/go-logr/zapr/releases) - [Commits](https://github.com/go-logr/zapr/compare/v1.2.3...v1.2.4) --- updated-dependencies: - dependency-name: github.com/go-logr/zapr dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * Add refactor note (#7169) Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fixed typo in the v2 to v3 helm migration guide (#7163) * fixed typo in the v2 to v3 helm migration guide Signed-off-by: Richard Parke <richardparke15@gmail.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Richard Parke <richardparke15@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump github.com/distribution/distribution (#7178) Bumps [github.com/distribution/distribution](https://github.com/distribution/distribution) from 2.8.1+incompatible to 2.8.2+incompatible. - [Release notes](https://github.com/distribution/distribution/releases) - [Commits](https://github.com/distribution/distribution/compare/v2.8.1...v2.8.2) --- updated-dependencies: - dependency-name: github.com/distribution/distribution dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * tweaks (#7166) Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: add logging feature to helm chart (#7181) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * refactor: hide json context from caller (#7139) * refactor: hide json context from caller Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * unit tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: add omit-events feature in helm chart (#7185) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix: preconditions in mutate existing rules (#7183) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix: use structured jsonpatch instead of byte arrays (#7186) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * added secret lister Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * changes from review Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * added rclientloader to policy context Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * refactor changes Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * NIT Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * added RegistryClientLoaderNewOrDie to policy context Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * CI fixes Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix: panic for policy variable validation (#7079) * fix panic Signed-off-by: ShutingZhao <shuting@nirmata.com> * check errors Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix: remove policy-reporter from dev lab (#7196) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix: cleanup controller metrics name (#7198) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix: http request metrics (#7197) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * remove unused code (#7203) Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * handle Deny rules where conditions eval to true (#7204) Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * [Bug] Enforce message wrong (#7208) * fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fixed tests Signed-off-by: Ved Ratan <vedratan8@gmail.com> --------- Signed-off-by: Ved Ratan <vedratan8@gmail.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump codecov/codecov-action from 3.1.3 to 3.1.4 (#7207) Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.3 to 3.1.4. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/894ff025c7b54547a9a2a1e9f228beae737ad3c2...eaaf4bedf32dbdc6b720b63067d99c4d77d6047d) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump sigstore/cosign-installer from 3.0.3 to 3.0.4 (#7215) Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.3 to 3.0.4. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/204a51a57a74d190b284a0ce69b44bc37201f343...03d0fecf172873164a163bbc64bed0f3bf114ed7) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix: panic in reports controller (#7220) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix: mutate existing auth check (#7219) * fix auth check when using variables in ns Signed-off-by: ShutingZhao <shuting@nirmata.com> * add kuttl tests Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix: do not exclude kube-system service accounts by default (#7225) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * docs: add reports system design doc (#6949) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump k8s.io/apimachinery from 0.27.1 to 0.27.2 (#7227) Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.27.1 to 0.27.2. - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.27.1...v0.27.2) --- updated-dependencies: - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: shuting <shuting@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump k8s.io/cli-runtime from 0.27.1 to 0.27.2 (#7228) Bumps [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime) from 0.27.1 to 0.27.2. - [Commits](https://github.com/kubernetes/cli-runtime/compare/v0.27.1...v0.27.2) --- updated-dependencies: - dependency-name: k8s.io/cli-runtime dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump sigstore/cosign-installer from 3.0.4 to 3.0.5 (#7229) Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.4 to 3.0.5. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/03d0fecf172873164a163bbc64bed0f3bf114ed7...dd6b2e2b610a11fd73dd187a43d57cc1394e35f9) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump k8s.io/pod-security-admission from 0.27.1 to 0.27.2 (#7232) Bumps [k8s.io/pod-security-admission](https://github.com/kubernetes/pod-security-admission) from 0.27.1 to 0.27.2. - [Commits](https://github.com/kubernetes/pod-security-admission/compare/v0.27.1...v0.27.2) --- updated-dependencies: - dependency-name: k8s.io/pod-security-admission dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix: match logic misbehave (#7218) * add rule name in ur for mutate existing Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix match logic Signed-off-by: ShutingZhao <shuting@nirmata.com> * linter fixes Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix the match logic to only apply to the new object, unless it's a delete request Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#7240) Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.2 to 1.8.3. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.8.2...v1.8.3) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump github.com/onsi/gomega from 1.27.6 to 1.27.7 (#7239) Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.6 to 1.27.7. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/gomega/compare/v1.27.6...v1.27.7) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump k8s.io/kube-aggregator from 0.27.1 to 0.27.2 (#7241) Bumps [k8s.io/kube-aggregator](https://github.com/kubernetes/kube-aggregator) from 0.27.1 to 0.27.2. - [Commits](https://github.com/kubernetes/kube-aggregator/compare/v0.27.1...v0.27.2) --- updated-dependencies: - dependency-name: k8s.io/kube-aggregator dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump k8s.io/apiextensions-apiserver from 0.27.1 to 0.27.2 (#7242) Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.27.1 to 0.27.2. - [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases) - [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.27.1...v0.27.2) --- updated-dependencies: - dependency-name: k8s.io/apiextensions-apiserver dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * passing rclientloader directly Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * lazy evaluate vars in conditions (#7238) * lazy evaluate vars in conditions Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove unnecessary conversion Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test Signed-off-by: Jim Bugwadia <jim@nirmata.com> * Update test/conformance/kuttl/validate/clusterpolicy/standard/variables/lazyload/conditions/03-manifests.yaml Signed-off-by: shuting <shutting06@gmail.com> * Update test/conformance/kuttl/validate/clusterpolicy/standard/variables/lazyload/README.md Signed-off-by: shuting <shutting06@gmail.com> * added error check in test Signed-off-by: Jim Bugwadia <jim@nirmata.com> --------- Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: shuting <shutting06@gmail.com> Co-authored-by: shuting <shutting06@gmail.com> Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * quote image in error (#7259) Signed-off-by: bakito <github@bakito.ch> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix: auto update webhooks not configuring fail endpoint (#7261) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix latest version check (#7263) Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump svenstaro/upload-release-action from 2.5.0 to 2.6.0 (#7270) Bumps [svenstaro/upload-release-action](https://github.com/svenstaro/upload-release-action) from 2.5.0 to 2.6.0. - [Release notes](https://github.com/svenstaro/upload-release-action/releases) - [Changelog](https://github.com/svenstaro/upload-release-action/blob/master/CHANGELOG.md) - [Commits](https://github.com/svenstaro/upload-release-action/compare/7319e4733ec7a184d739a6f412c40ffc339b69c7...58d525808845e4c8ff229ea1d5d7c496504a79bc) --- updated-dependencies: - dependency-name: svenstaro/upload-release-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump sigs.k8s.io/controller-runtime from 0.14.6 to 0.15.0 (#7272) Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.14.6 to 0.15.0. - [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases) - [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md) - [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.14.6...v0.15.0) --- updated-dependencies: - dependency-name: sigs.k8s.io/controller-runtime dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * feat: add yaml util to check empty document (#7276) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#7274) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.6.1 to 5.7.0. - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * NIT Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * Azure to ACR Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * go mod fix Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * codegen Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * NIT Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * adding kuttl test Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * use pointer Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fixes Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * cleanup Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * global client Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * cleanup Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * added kubeclient Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * added nil kubeclient check Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * context Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * factory Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more fixes Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * secrets lister Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * flags Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix cli Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix kuttl test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix kuttl test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix kuttl test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * kuttl test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * factories Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: Ved Ratan <vedratan8@gmail.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Chip Zoller <chipzoller@gmail.com> Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com> Signed-off-by: Richard Parke <richardparke15@gmail.com> Signed-off-by: shuting <shutting06@gmail.com> Signed-off-by: bakito <github@bakito.ch> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Ved Ratan <82467006+VedRatan@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Chip Zoller <chipzoller@gmail.com> Co-authored-by: Mariam Fahmy <55502281+MariamFahmy98@users.noreply.github.com> Co-authored-by: rparke <50015370+rparke@users.noreply.github.com> Co-authored-by: shuting <shutting06@gmail.com> Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com> Co-authored-by: Marc Brugger <github@bakito.ch>
2023-06-16 19:07:08 +05:30
package factories
import (
"context"
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
"github.com/kyverno/kyverno/pkg/engine/adapters"
engineapi "github.com/kyverno/kyverno/pkg/engine/api"
"github.com/kyverno/kyverno/pkg/registryclient"
corev1listers "k8s.io/client-go/listers/core/v1"
)
func DefaultRegistryClientFactory(globalClient engineapi.RegistryClient, secretsLister corev1listers.SecretNamespaceLister) engineapi.RegistryClientFactory {
return &registryClientFactory{
globalClient: globalClient,
secretsLister: secretsLister,
}
}
type registryClientFactory struct {
globalClient engineapi.RegistryClient
secretsLister corev1listers.SecretNamespaceLister
}
func (f *registryClientFactory) GetClient(ctx context.Context, creds *kyvernov1.ImageRegistryCredentials) (engineapi.RegistryClient, error) {
if creds != nil {
registryOptions := []registryclient.Option{
registryclient.WithTracing(),
}
if creds.AllowInsecureRegistry {
registryOptions = append(registryOptions, registryclient.WithAllowInsecureRegistry())
}
if len(creds.Helpers) > 0 {
var helpers []string
for _, helper := range creds.Helpers {
helpers = append(helpers, string(helper))
}
registryOptions = append(registryOptions, registryclient.WithCredentialHelpers(helpers...))
}
if len(creds.Secrets) > 0 {
registryOptions = append(registryOptions, registryclient.WithKeychainPullSecrets(ctx, f.secretsLister, creds.Secrets...))
}
client, err := registryclient.New(registryOptions...)
if err != nil {
return nil, err
}
return adapters.RegistryClient(client), nil
}
return f.globalClient, nil
}
Copy permalink