mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-29 02:45:06 +00:00
Code Activity

validate conditiona.operator as enum

Browse source
This commit is contained in:
Jim Bugwadia 2020-11-29 00:37:36 -08:00
parent 251129d09b
commit 2aeb5aa982
9 changed files with 1001 additions and 2895 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
Makefile
View file

@ -179,7 +179,7 @@ kustomize-crd:
kustomize build ./definitions/debug > ./definitions/install_debug.yaml
# guidance https://github.com/kyverno/kyverno/wiki/Generate-a-Release
release:
release:
kustomize build ./definitions > ./definitions/install.yaml
kustomize build ./definitions > ./definitions/release/install.yaml
@ -202,7 +202,7 @@ ifeq (, $(shell which controller-gen))
go get sigs.k8s.io/controller-tools/cmd/controller-gen@v0.4.0 ;\
rm -rf $$CONTROLLER_GEN_TMP_DIR ;\
}
CONTROLLER_GEN=$(GOBIN)/controller-gen
CONTROLLER_GEN=$(GOPATH)/bin/controller-gen
else
CONTROLLER_GEN=$(shell which controller-gen)
endif

1279
charts/kyverno/crds/crds.yaml
View file

File diff suppressed because it is too large Load diff

12
definitions/crds/kyverno.io_clusterpolicies.yaml
View file

@ -23,7 +23,7 @@ spec:
name: Background
type: string
- jsonPath: .spec.validationFailureAction
name: Validatoin Failure Action
name: Validation Failure Action
type: string
name: v1
schema:
@ -431,6 +431,11 @@ spec:
x-kubernetes-preserve-unknown-fields: true
operator:
description: Operator is the operation to perform.
enum:
- Equals
- NotEquals
- In
- NotIn
type: string
value:
description: Value is the conditional value, or set of
@ -463,6 +468,11 @@ spec:
x-kubernetes-preserve-unknown-fields: true
operator:
description: Operator is the operation to perform.
enum:
- Equals
- NotEquals
- In
- NotIn
type: string
value:
description: Value is the conditional value, or

12
definitions/crds/kyverno.io_policies.yaml
View file

@ -23,7 +23,7 @@ spec:
name: Background
type: string
- jsonPath: .spec.validationFailureAction
name: Validatoin Failure Action
name: Validation Failure Action
type: string
name: v1
schema:
@ -432,6 +432,11 @@ spec:
x-kubernetes-preserve-unknown-fields: true
operator:
description: Operator is the operation to perform.
enum:
- Equals
- NotEquals
- In
- NotIn
type: string
value:
description: Value is the conditional value, or set of
@ -464,6 +469,11 @@ spec:
x-kubernetes-preserve-unknown-fields: true
operator:
description: Operator is the operation to perform.
enum:
- Equals
- NotEquals
- In
- NotIn
type: string
value:
description: Value is the conditional value, or

1279
definitions/install.yaml
View file

File diff suppressed because it is too large Load diff

1279
definitions/install_debug.yaml
View file

File diff suppressed because it is too large Load diff

12
go.mod
View file

@ -5,7 +5,7 @@ go 1.13
require (
github.com/cenkalti/backoff v2.2.1+incompatible
github.com/cornelk/hashmap v1.0.1
github.com/evanphx/json-patch v4.5.0+incompatible
github.com/evanphx/json-patch v4.9.0+incompatible
github.com/fatih/color v1.9.0 // indirect
github.com/fsnotify/fsnotify v1.4.9 // indirect
github.com/gardener/controller-manager-library v0.2.0
@ -37,11 +37,11 @@ require (
google.golang.org/appengine v1.6.5 // indirect
gopkg.in/yaml.v2 v2.3.0
gotest.tools v2.2.0+incompatible
k8s.io/api v0.18.4
k8s.io/apiextensions-apiserver v0.18.4
k8s.io/apimachinery v0.18.4
k8s.io/cli-runtime v0.18.4
k8s.io/client-go v0.18.4
k8s.io/api v0.18.12
k8s.io/apiextensions-apiserver v0.18.12
k8s.io/apimachinery v0.18.12
k8s.io/cli-runtime v0.18.12
k8s.io/client-go v0.18.12
k8s.io/klog v1.0.0
k8s.io/kube-openapi v0.0.0-20200410145947-61e04a5be9a6
sigs.k8s.io/controller-runtime v0.5.0

13
go.sum
View file

@ -140,6 +140,8 @@ github.com/evanphx/json-patch v4.0.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLi
github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
github.com/evanphx/json-patch v4.5.0+incompatible h1:ouOWdg56aJriqS0huScTkVXPC5IcNrDCXZ6OoTAWu7M=
github.com/evanphx/json-patch v4.5.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
github.com/evanphx/json-patch v4.9.0+incompatible h1:kLcOMZeuLAJvL2BPWLMIj5oaZQobrkAqrL+WFZwQses=
github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
github.com/fatih/color v1.9.0 h1:8xPHl4/q1VyqGIPif1F+1V3Y3lSmrq01EabUW3CoW5s=
github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU=
@ -911,11 +913,15 @@ k8s.io/api v0.17.0/go.mod h1:npsyOePkeP0CPwyGfXDHxvypiYMJxBWAMpQxCaJ4ZxI=
k8s.io/api v0.17.2/go.mod h1:BS9fjjLc4CMuqfSO8vgbHPKMt5+SF0ET6u/RVDihTo4=
k8s.io/api v0.18.4 h1:8x49nBRxuXGUlDlwlWd3RMY1SayZrzFfxea3UZSkFw4=
k8s.io/api v0.18.4/go.mod h1:lOIQAKYgai1+vz9J7YcDZwC26Z0zQewYOGWdyIPUUQ4=
k8s.io/api v0.18.12 h1:97X6znOXMVgCKivTAgpBXGBGlCe3gbM++yFdldgBCaE=
k8s.io/api v0.18.12/go.mod h1:3sS78jmUoGHwERyMbEhxP6owcQ77UxGo+Yy+dKNWrh0=
k8s.io/apiextensions-apiserver v0.0.0-20190918161926-8f644eb6e783/go.mod h1:xvae1SZB3E17UpV59AWc271W/Ph25N+bjPyR63X6tPY=
k8s.io/apiextensions-apiserver v0.16.4/go.mod h1:HYQwjujEkXmQNhap2C9YDdIVOSskGZ3et0Mvjcyjbto=
k8s.io/apiextensions-apiserver v0.17.2/go.mod h1:4KdMpjkEjjDI2pPfBA15OscyNldHWdBCfsWMDWAmSTs=
k8s.io/apiextensions-apiserver v0.18.4 h1:Y3HGERmS8t9u12YNUFoOISqefaoGRuTc43AYCLzWmWE=
k8s.io/apiextensions-apiserver v0.18.4/go.mod h1:NYeyeYq4SIpFlPxSAB6jHPIdvu3hL0pc36wuRChybio=
k8s.io/apiextensions-apiserver v0.18.12 h1:b0jTgW/qwqZBMIJTMxkLvvAtNRDZboG5yZiIbOFgQv8=
k8s.io/apiextensions-apiserver v0.18.12/go.mod h1:nihADkPed1L37Vxpz2/BrtxO9mCtINH23aNtUe/CRLo=
k8s.io/apimachinery v0.0.0-20190612125636-6a5db36e93ad/go.mod h1:I4A+glKBHiTgiEjQiCCQfCAIcIMFGt291SmsvcrFzJA=
k8s.io/apimachinery v0.0.0-20190913080033-27d36303b655/go.mod h1:nL6pwRT8NgfF8TT68DBI8uEePRt89cSvoXUVqbkWHq4=
k8s.io/apimachinery v0.16.4/go.mod h1:llRdnznGEAqC3DcNm6yEj472xaFVfLM7hnYofMb12tQ=
@ -923,19 +929,26 @@ k8s.io/apimachinery v0.17.0/go.mod h1:b9qmWdKlLuU9EBh+06BtLcSf/Mu89rWL33naRxs1uZ
k8s.io/apimachinery v0.17.2/go.mod h1:b9qmWdKlLuU9EBh+06BtLcSf/Mu89rWL33naRxs1uZg=
k8s.io/apimachinery v0.18.4 h1:ST2beySjhqwJoIFk6p7Hp5v5O0hYY6Gngq/gUYXTPIA=
k8s.io/apimachinery v0.18.4/go.mod h1:OaXp26zu/5J7p0f92ASynJa1pZo06YlV9fG7BoWbCko=
k8s.io/apimachinery v0.18.12 h1:bLFXU4IxOu06F6Z6PV7eqtapXFb1G2q0ni0XBNFtJH8=
k8s.io/apimachinery v0.18.12/go.mod h1:PF5taHbXgTEJLU+xMypMmYTXTWPJ5LaW8bfsisxnEXk=
k8s.io/apiserver v0.0.0-20190918160949-bfa5e2e684ad/go.mod h1:XPCXEwhjaFN29a8NldXA901ElnKeKLrLtREO9ZhFyhg=
k8s.io/apiserver v0.16.4/go.mod h1:kbLJOak655g6W7C+muqu1F76u9wnEycfKMqbVaXIdAc=
k8s.io/apiserver v0.17.2/go.mod h1:lBmw/TtQdtxvrTk0e2cgtOxHizXI+d0mmGQURIHQZlo=
k8s.io/apiserver v0.18.4 h1:pn1jSQkfboPSirZopkVpEdLW4FcQLnYMaIY8LFxxj30=
k8s.io/apiserver v0.18.4/go.mod h1:q+zoFct5ABNnYkGIaGQ3bcbUNdmPyOCoEBcg51LChY8=
k8s.io/apiserver v0.18.12/go.mod h1:uFOeW4LlxS6KDgLWy3n3gh0DhC6m41QIFgL33ouk+4w=
k8s.io/cli-runtime v0.18.4 h1:IUx7quIOb4gbQ4M+B1ksF/PTBovQuL5tXWzplX3t+FM=
k8s.io/cli-runtime v0.18.4/go.mod h1:9/hS/Cuf7NVzWR5F/5tyS6xsnclxoPLVtwhnkJG1Y4g=
k8s.io/cli-runtime v0.18.12 h1:gVWbvntlEttCIvy1jc5UUr2cG/4TmmCM1MY/PGeENBo=
k8s.io/cli-runtime v0.18.12/go.mod h1:wTj8W8za8NDWe505mrlckiZ5H2cZA0YEuv0E7WC+Srs=
k8s.io/client-go v0.0.0-20190918160344-1fbdaa4c8d90/go.mod h1:J69/JveO6XESwVgG53q3Uz5OSfgsv4uxpScmmyYOOlk=
k8s.io/client-go v0.16.4/go.mod h1:ZgxhFDxSnoKY0J0U2/Y1C8obKDdlhGPZwA7oHH863Ok=
k8s.io/client-go v0.17.0/go.mod h1:TYgR6EUHs6k45hb6KWjVD6jFZvJV4gHDikv/It0xz+k=
k8s.io/client-go v0.17.2/go.mod h1:QAzRgsa0C2xl4/eVpeVAZMvikCn8Nm81yqVx3Kk9XYI=
k8s.io/client-go v0.18.4 h1:un55V1Q/B3JO3A76eS0kUSywgGK/WR3BQ8fHQjNa6Zc=
k8s.io/client-go v0.18.4/go.mod h1:f5sXwL4yAZRkAtzOxRWUhA/N8XzGCb+nPZI8PfobZ9g=
k8s.io/client-go v0.18.12 h1:MDGRE2tGidz29g45dI4kfelJo+aRmDqWx0Way8mD88A=
k8s.io/client-go v0.18.12/go.mod h1:0aC8XkA09dX/goYqHQJ/kVv0zL1t+weOZt3pmz9LpxA=
k8s.io/code-generator v0.0.0-20200306081859-6a048a382944/go.mod h1:+UHX5rSbxmR8kzS+FAv7um6dtYrZokQvjHpDSYRVkTc=
k8s.io/component-base v0.0.0-20190612130303-4062e14deebe h1:GHRdxwv4/80MA+Yy/YVyfc9n6VyOhEGzyM09mEXsIAU=
k8s.io/component-base v0.0.0-20190612130303-4062e14deebe/go.mod h1:MmIDXnint3qMN0cqXHKrSiJ2XQKo3J1BPIz7in7NvO0=

6
pkg/api/kyverno/v1/policy_types.go
View file

@ -115,14 +115,16 @@ type Condition struct {
}
// ConditionOperator is the operation performed on condition key and value.
// +kubebuilder:validation:Enum=Equals;NotEquals;In;NotIn
type ConditionOperator string
const (
// Equal evaluates if the key is equal to the value.
// Deprecated. Use Equals instead.
Equal ConditionOperator = "Equal"
// Equals evaluates if the key is equal to the value.
Equals ConditionOperator = "Equals"
// NotEqual evaluates if the key is not equal to the value.
// Deprecated. Use NotEquals instead.
NotEqual ConditionOperator = "NotEqual"
// NotEquals evaluates if the key is not equal to the value.
NotEquals ConditionOperator = "NotEquals"
@ -143,7 +145,7 @@ type MatchResources struct {
ResourceDescription `json:"resources,omitempty" yaml:"resources,omitempty"`
}
// ExcludeResources is used to specify resource and admission review request data for
// ExcludeResources specifies resource and admission review request data for
// which a policy rule is not applicable.
type ExcludeResources struct {
// UserInfo contains information about the user performing the operation.