1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00
Commit graph

966 commits

Author SHA1 Message Date
Mariam Fahmy
d47684c0d9
feat: support validatingadmissionpolicybindings in CLI apply command (#9468)
* feat: support validatingadmissionpolicybindings in CLI apply command

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix linter issue

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-01-23 11:47:38 +00:00
Charles-Edouard Brétéché
8795916e14
fix: change generic policy to not return any (#9463)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-20 19:20:22 +02:00
Charles-Edouard Brétéché
cad231fc15
feat: add resource migration command (#9296)
* feat: add resource migration command

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* finalize PR

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix unit tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-19 11:47:28 +00:00
Mariam Fahmy
a791d9ac35
feat: skip generating VAP when an exception is defined (#9386)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-01-18 15:55:27 +00:00
Mariam Fahmy
33ffd7a0d7
fix: add v1beta1 of VAPs in the CLI (#9404)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-01-18 09:40:53 +00:00
Mariam Fahmy
f0564b3019
feat: re-evaluate policy exceptions for existing resources and modify reports accordingly (#8659)
* feat: re-evaluate policy exceptions for existing resources and modify reports accordingly

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: use v2 of exceptions

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix chainsaw test

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: use properties in the reports result

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix chainsaw tests

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-01-17 10:00:15 -08:00
Vishal Choudhary
c2e388a71c
fix: update CLI to use store for fetching regclient (#9315)
* fix: use docker keychain as default in 1.11

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* feat: use store to get registry client

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: use kyverno as username

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: missed cli-test

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* feat: changed location

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: undo test

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-01-05 06:26:25 +00:00
Khaled Emara
88798c3e39
feat: add new client for events (#9323)
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
2024-01-03 01:12:05 +00:00
Khaled Emara
d5491746e7
fix(cli): handle excluded resources as pass (#9274)
* fix(cli): handle excluded resources as pass

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* test: add cli test for exclude

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

---------

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
2023-12-28 07:16:55 +00:00
hhsel
71739b85ee
fix: large table row ID number format in CLI (#9281)
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-12-26 21:31:09 +00:00
Charles-Edouard Brétéché
0107c9af8a
fix: remove skip increment when resource not found in cli apply (#9282)
* fix: remove skip increment when resource not found in cli apply

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-12-26 15:47:53 +00:00
Gurmannat Sohal
6902a2b092
Unit tests for Pod Security Admission Integrations (#8585)
* feat: enable field-restricted exclusions using the psa

Signed-off-by: Liang Deng <283304489@qq.com>

* fix ci error

Signed-off-by: Liang Deng <283304489@qq.com>

* fix ci error

Signed-off-by: Liang Deng <283304489@qq.com>

* initial unit tests

* Add all remaining unit tests

Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>

* fine grain unit tests by adding fields and values

* add detailed pod level exclusion and related tests

* add tests for init & ephemeral containers

* add kuttl tests for the new advanced support

* add kuttl tests for the new advanced support

* add readme for kuttl tests

* add replacement in go.mod

* resolving CI errors

Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>

* fix ci errors

Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>

* fix ci errors

Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>

* updating pod-security-admissio

Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>

* resolving null pointer panic

Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>

* resolved conformance error

Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>

* chainsaw

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chainsaw

Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>

* remove duplication

Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>

* fix linting

Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>

* remove over computation

Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>

* added field checks, pss skip condition

Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>

* correcting chainsaw tests

Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>

* merge branch 'main' into unit-tests

Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>

* fix builds

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: Liang Deng <283304489@qq.com>
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
Signed-off-by: shuting <shuting@nirmata.com>
Signed-off-by: Gurmannat Sohal <95538438+itsgurmannatsohal@users.noreply.github.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Liang Deng <283304489@qq.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-12-26 22:28:08 +08:00
Mariam Fahmy
4fff841cdc
fix: remove policy informer from vap controller (#9279)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-12-26 11:45:26 +00:00
shuting
67b96a7cf2
refactor: mutate checks (#9255)
* refactor

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-12-22 15:07:17 +02:00
Charles-Edouard Brétéché
b54e6230c5
refactor: events controller (#9236)
* refactor: make events controller shutdown graceful

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* nit

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* drain

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* refactor: events controller

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* exception

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* remove queue

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-12-22 11:47:22 +01:00
Mariam Fahmy
b61a1f3d18
fix: set v2beta1 of exceptions the storage version (#9254)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-12-22 10:13:58 +00:00
Honnix
47cafaabd3
Support more signature algorithms (#9102)
* Support more signature algorithms

Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com>

* Fix codegen

Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com>

* Fail loudly for unsupported algorithm

Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com>

* Fix codegen

Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com>

* Fix more

Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com>

---------

Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-12-21 13:27:33 +05:30
Charles-Edouard Brétéché
d1138764f5
feat: add deprecation warnings in the CLI (#9222)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-12-20 12:45:26 +00:00
Charles-Edouard Brétéché
438a53cb3d
feat: enable kubectl-validate by default in cli (#9220)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-12-20 08:37:26 +00:00
raffis
cdd5d4fd22
fix(kubectl-kyverno): apply registry auth (#9151)
* fix(kubectl-kyverno): apply registry auth

Signed-off-by: Raffael Sahli <raffael.sahli@doodle.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Raffael Sahli <raffael.sahli@doodle.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-12-19 21:33:05 +00:00
Mariam Fahmy
d5e5219601
chore: remove v2alpha1 version of policy exceptions (#9211)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-12-19 16:27:08 +00:00
Charles-Edouard Brétéché
584f841c1e
refactor: make CLI store non static (#9200)
* refactor: make CLI store non static

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* registry access

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* apply

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-12-19 22:45:53 +08:00
Mariam Fahmy
8e0a7aa204
feat: promote policy exceptions to v2 (#9208)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-12-19 10:43:39 +00:00
shuting
7282ecca9f
fix: add skipBackgoundRequests to configure loop protection option (#9157)
* fix typo

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add new attribute skipBackgroundRequests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* move to per rule config

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* check flag

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* clean up

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* update docs

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix logger

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add retryCount to ur.status

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add chainsaw tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-12-19 06:25:12 +00:00
Mariam Fahmy
e22cd9818f
fix: deprecate spec.schemaValidation (#9189)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-12-18 16:32:11 +00:00
Charles-Edouard Brétéché
3f865d2038
fix: deep copy resource in cli when operation is update (#9191)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-12-18 15:31:19 +00:00
Anton Chernev
4d2f7fa8d3
fix: Provide kind list hints to the fake dynamic client. (#9036)
* fix: Provide kind list hints to the fake dynamic client.

If one uses the `cloneList` option of `generate` without this, a panic
occurs.

Signed-off-by: Anton Chernev <anton.chernev@gmail.com>

* Added test for `cloneList`.

Signed-off-by: Anton Chernev <anton.chernev@gmail.com>

* fix: ttl cleanup not working with cluster wide resources (#9060)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Anton Chernev <anton.chernev@gmail.com>

* Fix Helm chart to not error when replicas defined (#9066)

Fixes #8941

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Signed-off-by: Anton Chernev <anton.chernev@gmail.com>

* fix: add nodeSelector to the reports cleanup helm hook (#9065)

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: Anton Chernev <anton.chernev@gmail.com>

* optimize JSON context processing using in-memory maps (#8322)

* optimize JSON context processing using in memory maps

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix excessive logs

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix mutate resource diff

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* uncomment tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* copy resource, as it can be modified

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* clear prior resource to prevent mutating original

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* linter fix

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix ImageInfo to unstructured conversion

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix custom image extractors

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* do not update mutated resource in JSON context

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* address review comments

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

---------

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: shuting <shuting@nirmata.com>
Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Anton Chernev <anton.chernev@gmail.com>

* Ran `gci` to silence a lint warning.

Signed-off-by: Anton Chernev <anton.chernev@gmail.com>

* Added a log message when an invalid or incomplete `cloneList` kind is supplied.

Signed-off-by: Anton Chernev <anton.chernev@gmail.com>

---------

Signed-off-by: Anton Chernev <anton.chernev@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: shuting <shuting@nirmata.com>
Co-authored-by: Anton Chernev <a-anchernov@expediagroup.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: treydock <tdockendorf@osc.edu>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-12-07 06:03:27 +00:00
Mariam Fahmy
955738ce20
chore: set cert renewal time to 15 days before expiration (#8567)
* chore: set cert renewal time to 15 days before expiration

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-12-06 13:37:01 +00:00
Jim Bugwadia
c3fc0dafd6
Remove var check (#8990)
* fix excessive logs

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* remove variable check

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

---------

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
2023-11-27 09:35:31 +00:00
Mariam Fahmy
86dff69edc
fix: use the default namespace in case --namespace isn't set in kyverno create exception (#9014)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-11-24 11:43:42 +00:00
Mariam Fahmy
96e223657e
fix: remove the additional dash in kyverno create exception (#8983)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-11-22 13:37:26 +00:00
Vishal Choudhary
5fe16cd487
feat: add checks for max response size in API Call (#8957)
* feat: add checks for max response size in API Call GET request

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: tests

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: added changes suggested by jim

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* cleanup

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
2023-11-21 10:01:51 +00:00
Pushkar Mishra
765bd198f1
[DOC] fixed typo and broken links (#8954)
Signed-off-by: Pushkar Mishra <pushkarmishra029@gmail.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
2023-11-19 13:49:10 +00:00
Dirk Pahl
d8c2c5818d
Make server ports configurable, resolves #7279 (#7728)
* Make server ports configurable, resolves #7279

Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com>

* Make server ports configurable, resolves #7279

Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com>

* Switch to flags instead of env vars

Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com>

* Could not use internal package in webhooks pkg

Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com>

* Add helm chart changes

Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com>

* make codegen-docs-all

Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com>

* make codegen-manifest-all

Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com>

---------

Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com>
Co-authored-by: Dirk Pahl <dirk.pahl@deutschebahn.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-11-17 14:19:53 +00:00
Mariam Fahmy
c7e2cb13d9
fix: use v2beta1 version of exceptions in kyverno create CLI (#8908)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-11-15 07:04:45 -05:00
Vishal Choudhary
878bc48e51
chore: bump cosign to v2.2.1 (#8855)
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2023-11-09 12:22:35 +00:00
Chandan-DK
cafc0990f9
fix: generate policy fails if triggered resource name exceeds 63 characters limit (#8466)
* fix: generate label resource name character length issue

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* add source label

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* modify newUR function

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* fix

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* improve readability

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* remove generate source name label

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* Revert changes

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* update ResourceSpec

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* add URGenerateResourceUIDLabel

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* make codegen crds all

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* make codegen client all

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* add GenerateSourceUIDLabel

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* modify comment

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* make codegen crds all

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* make codegen-docs-all

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* make codegen-all

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* set trigger uid

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* add uid in transform()

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* add name label

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* fix: use resource name labels along with its UID

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: use the resource name label only if its uid label isn't set

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* add kuttl tests

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: delete the trigger resource in the test

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: delete the source in the kuttl test

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* add generate trigger uid label

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* modify TriggerInfo function

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* populate uid field for new update requests

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* populate new ur spec with uid

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* handle downstream resources cleanup

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* populate uid of ur status

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* fetch triggers by the UID label

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* label triggers

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fetch trigger by comparing UID

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fetch cloneList downstream resource by UID

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* update test names

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* remove trigger name label assertions from kuttl tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add unit name selector

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add sleep

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* assert events on failures

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* rename tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: Chandan-DK <chandandk468@gmail.com>
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: shuting <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-11-06 10:37:13 +00:00
Vishal Choudhary
6ad156f5d0
feat: update descriptions of image verify cache flags (#8770)
* feat: update descriptions of image verify cache flags

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* Update cmd/internal/flag.go

Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* Update cmd/internal/flag.go

Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* Update cmd/internal/flag.go

Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* feat: update description of imageVerifyCacheEnabled

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-11-02 16:10:17 +00:00
Anushka Mittal
f3c03f5257
Changes to correctly run delete operation in kyverno11beta4 (#8786)
* Changes to correctly run delete operation in kyverno11beta4

Co-authored-by: Anushka Mittal <anushka@nirmata.com>
Co-authored-by: Julian-Chu <yulang.chu@gmail.com>

Signed-off-by: Anushka Mittal <anushka@nirmata.com>

* Update test/cli/test/deny-pod-deletion/deny-pod-deletion.yaml

Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: shuting <shutting06@gmail.com>

* Update test/cli/test/deny-pod-deletion/deny-pod-deletion.yaml

Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: shuting <shutting06@gmail.com>

* Add README.md for new test

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>

* Correct policy.yaml

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>

* Add new lines in test files

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>

* Correct kyverno-test file

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>

* Correct values.yaml

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>

* Correct test files

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>

* Add new test

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>

---------

Signed-off-by: Anushka Mittal <anushka@nirmata.com>
Signed-off-by: shuting <shutting06@gmail.com>
Signed-off-by: anushkamittal2001 <anushka@nirmata.com>
Signed-off-by: Anushka Mittal <138426011+anushkamittal2001@users.noreply.github.com>
Co-authored-by: shuting <shutting06@gmail.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-11-02 08:25:46 -04:00
Mariam Fahmy
f0be3bdc0b
fix: display a message when the controller has no permissions for VAPs (#8776)
* fix: display a message when the controller has no permissions for VAPs

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: add a warning when a Kyverno policy is created

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-11-01 21:52:03 +08:00
Vishal Choudhary
99c5f66fab
feat: update verify images types with better descriptions (#8779)
* feat: update verify images types with better descriptions

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* feat: revert cert and certchain

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-10-31 04:52:07 +00:00
Charles-Edouard Brétéché
fb530626ba
refactor: move resource loader package to ext (#8780)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-10-30 17:27:02 +00:00
Mariam Fahmy
38b1dd029c
fix: print the number of VAPs being applied to the resources in test command (#8778)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-10-30 14:00:47 +00:00
Charles-Edouard Brétéché
c96199dee1
chore: move utils/wildcard in ext (#8772)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-10-29 23:59:53 +00:00
Charles-Edouard Brétéché
32d16059be
refactor: move resource/convert in ext (#8769)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-10-29 10:39:39 +01:00
Charles-Edouard Brétéché
bd72e42bfe
feat: add force color in color ext pkg (#8767)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-10-28 15:32:48 +00:00
Charles-Edouard Brétéché
a4b889de63
feat: add ext/yaml package (#8760)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-10-27 11:08:39 +00:00
Charles-Edouard Brétéché
619c3baab2
chore: init ext packages (#8758)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-10-27 09:50:36 +00:00
Rakshit Gondwal
b574802c12
feat: support conditions in PolicyException (#8577)
* feat: support conditions in PolicyException

Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>

* fix matchesException func

Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>

* add codegen-all files

Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>

* fix after review

Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>

* remove variable validation from PolicyException

Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>

* fix after review

Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>

* add kuttl tests

Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>

* remove ValidateVariables() from tests

Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>

* fix errors

Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>

* remove check-variables kuttl test

Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>

* fix after review

Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>

* add sleep step to kuttl

Signed-off-by: Rakshit Gondwal <98955085+rakshitgondwal@users.noreply.github.com>

* miinor fix

Signed-off-by: Rakshit Gondwal <98955085+rakshitgondwal@users.noreply.github.com>

* add readme for kuttl test

Signed-off-by: Rakshit Gondwal <98955085+rakshitgondwal@users.noreply.github.com>

---------

Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>
Signed-off-by: Rakshit Gondwal <98955085+rakshitgondwal@users.noreply.github.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
2023-10-24 10:45:52 +00:00
Vishal Choudhary
adfa193197
feat: fix outdated description of imageregistrycredentials (#8688)
* feat: fix outdated description of imageregistrycredentials

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: generate crd

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

---------

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-10-19 18:50:43 +00:00
Mariam Fahmy
9c905cc29d
fix typo (#8666)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-10-16 17:34:42 +00:00
Mariam Fahmy
e969248483
chore: bump cleanup policies to v2beta1 (#8621)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-10-12 19:45:33 +08:00
shuting
360bcc83ee
Revert "chore: bump cleanup policies to v2beta1 (#8594)" (#8609)
This reverts commit fff3ad047e.
2023-10-09 15:01:24 +00:00
Mariam Fahmy
fff3ad047e
chore: bump cleanup policies to v2beta1 (#8594)
* chore: bump cleanup policies to v2beta1

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* chore: remove the support of v2alpha1 cleanup policies

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-10-09 19:37:15 +08:00
Mariam Fahmy
8cbe66a06a
feat: generate events for CEL policies that generate VAPs (#8564)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-10-09 10:16:35 +00:00
Mariam Fahmy
cd986849d5
fix: use v2beta1 of policy exceptions (#8587)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-10-09 15:27:25 +08:00
Charles-Edouard Brétéché
27858f634e
chore: bump kubectl-validate (#8548)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-27 19:08:03 +00:00
Mariam Fahmy
b80963374f
chore: enable policy exceptions by default (#8545)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-09-27 17:40:13 +00:00
Charles-Edouard Brétéché
482c243517
refactor: remove openapi package (#8538)
* refactor: openapi package

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* kubectl validate

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* rm

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* go mod

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix vscode

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-27 16:21:47 +00:00
Mariam Fahmy
7add300ffa
feat: remove the creation of cronjobs in cleanup controller (#8526)
* feat: remove the creation of cronjobs in cleanup controller

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: use lastExecutionTime instead of nextExecutionTime

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-09-26 12:02:17 +02:00
Charles-Edouard Brétéché
61aa713d27
fix: image cache panic and cleanup (#8512)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-22 10:40:16 +00:00
Charles-Edouard Brétéché
21e044eb1a
feat: add cli package to load policy exceptions (#8508)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-22 09:53:19 +00:00
Vishal Choudhary
d4d5d751b1
fix: disables TUF by default (#8509) 2023-09-22 14:32:57 +05:30
Charles-Edouard Brétéché
bc6b6e17b9
fix: return gvk when loading resource (#8501)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-22 11:10:15 +08:00
Charles-Edouard Brétéché
3c76cf5118
feat: add resource load funcs in cli (#8499)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-21 21:32:30 +00:00
Charles-Edouard Brétéché
d421c8860b
fix: webhookTimeout flag not clear (#8493)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-21 14:40:38 +00:00
Charles-Edouard Brétéché
86b752e2fb
feat: add cli resource loader package (#8488)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-21 11:59:45 +00:00
Charles-Edouard Brétéché
4046315dac
feat: add a package to convert unstructured into typed (#8484)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-21 09:34:38 +00:00
Charles-Edouard Brétéché
ae1fa9b260
fix: deep copy before validaitng (#8483)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-21 09:01:14 +00:00
Charles-Edouard Brétéché
c1978d97a6
fix: use vap map in report aggregation (#8458)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-20 08:32:38 +00:00
Charles-Edouard Brétéché
2444b7c670
refactor: add per resource reports aggregation (#8426)
* refactor: add per resource reports aggregation

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* added controller implementation

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* clean

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix kuttl tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix kuttl tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* vaps

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-20 14:51:32 +08:00
Charles-Edouard Brétéché
fb90d0935d
fix: use go 1.21 new packages (#8452)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-19 12:06:53 +00:00
Charles-Edouard Brétéché
33dbdc9c5b
fix: linter (#8454)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-19 11:36:29 +00:00
Charles-Edouard Brétéché
6a43ec4bcf
chore: fix policies (#8449)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-19 10:28:58 +00:00
Charles-Edouard Brétéché
427806f061
chore: embed cli schemas in cli (#8439)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-18 13:55:44 +00:00
Vishal Choudhary
e2469415b7
feat: add support for custom sigstore using TUF (#8385)
* feat; add support for custom sigstore using TUF

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add kuttl test

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add commit hash

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add kyverno.yaml

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update kyverno deployment

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update ordering

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update deployment

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update create image step

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: remove wait step

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: install crane

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: set sha on install crane

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add cosign installer

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update custom deployment

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: helm chart linting

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update Chart.yaml

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: helm values liniting error

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: remove step

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: kind-deploy-kyverno

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: create configmap in kyverno namespace

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update policy

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: create kyverno ns

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: use envfrom

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: indentation

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update tuf root

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add sigstore volume

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: nit

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: remove tuf root

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: use default tuf instead :(

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update Create kind cluster

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: remove root

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update impl

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: nit

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: use custom test

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: remove force

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: cosign initialize

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add yes flag

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* update manifest

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: move tuf to features

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update comments

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore: helmchart generate

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: trailing white space

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: remove old fields

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: decouple env config map from tuf

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* change the way we pass flags

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: re add envConfigMap

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix env vars

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* remove envConfigMap

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-18 13:16:08 +00:00
Charles-Edouard Brétéché
382754c055
feat: fix variables used in tests (#8438)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-18 12:32:04 +00:00
Charles-Edouard Brétéché
2e4bf7ee83
feat: fix user infos used in tests (#8429)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-18 10:51:35 +00:00
Charles-Edouard Brétéché
7562bea6db
chore: apply policy fixes (#8427)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-17 22:24:26 +00:00
Charles-Edouard Brétéché
a43a20adb9
feat: add cli api schemas (#8422)
* feat: add cli values schema

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* docs

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* makefile

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* v1alpha1

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* codegen

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* nits

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-17 23:50:17 +03:00
Charles-Edouard Brétéché
27b9ddea5d
chore: apply policy fixes (#8423)
* chore: apply policy fixes

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* prune validate

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* prune dryrun

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* pruning

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-09-15 14:47:51 +00:00
Charles-Edouard Brétéché
3247f0c9cc
feat: detect duplicate resources in cli fix test (#8420)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-15 09:17:50 +00:00
Charles-Edouard Brétéché
fa36f76cf9
refactor: move per namespace reports aggregator in a sub package (#8419)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-15 08:41:36 +00:00
Charles-Edouard Brétéché
a5e6a7fa33
fix policy command (#8404)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-15 07:57:32 +00:00
Charles-Edouard Brétéché
e43b78c6c7
fix: bump golang exp lib (#8408)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-14 21:46:47 +00:00
Charles-Edouard Brétéché
bcf9fa361b
fix: names not formatted correctly in cli output (#8411)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-14 21:02:44 +00:00
Charles-Edouard Brétéché
918cf193f6
chore: bump kubectl-validate (#8410)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-14 20:13:13 +00:00
Charles-Edouard Brétéché
410f99f624
refactor: add cli fix package (#8400)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-14 21:36:32 +02:00
Charles-Edouard Brétéché
2a136f5b8d
feat: use kubectl-validate to load policies (#8384)
* feat: use kubectl-validate to load policies

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* schemas

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* bump

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* policies v2beta1

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* option

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* defaulting test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* makefile

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* makefile

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-14 15:17:02 +00:00
Mariam Fahmy
7db8800b87
chore: move policy exceptions to beta (#8378)
* chore: move policy exceptions to beta

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix kuttl test

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: keep v2alpha1 as the storage version

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: avoid using type aliases

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-09-14 14:23:51 +00:00
Charles-Edouard Brétéché
901efbc74c
fix: cli output improvements (#8398)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-14 11:45:18 +00:00
Charles-Edouard Brétéché
37bbf33bd5
fix: CLI test command should validate the policy under test (#8387)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-14 00:30:23 +00:00
Charles-Edouard Brétéché
b9bc57b201
fix: replace fmt.Print calls by fmt.Fprint ones (#8389)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-14 02:55:19 +03:00
Charles-Edouard Brétéché
2b69ba6772
refactor: move cli path utils package (#8379)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-13 15:10:12 +00:00
Charles-Edouard Brétéché
14ab6b72a2
fix: Kyverno variable substitution might not work correctly if the top level variable key contains dots (#8377)
* fix: Kyverno variable substitution might not work correctly if the top level variable key contains dots

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-13 14:04:39 +00:00
Charles-Edouard Brétéché
dc71610df7
refactor: cli commands tests and error handling (#8367)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-13 09:53:19 +00:00
Charles-Edouard Brétéché
c88f8e8638
fix: Testing a generate rule for a custom resource fails (#8373)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-13 08:45:40 +00:00
Charles-Edouard Brétéché
d24b0848a6
chore: add cli commands unit tests (#8366)
* chore: add cli unit tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore: add cli commands unit tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-12 21:47:03 +00:00
Charles-Edouard Brétéché
34c1615090
chore: add cli unit tests (#8365)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-12 19:46:04 +00:00
Charles-Edouard Brétéché
e3188fca8c
fix: Overridden request.operation is not considered by match/exclude with operations (#8361)
* fix: verifyImages w/ multiple entries is not consistent

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* clean

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: Kyverno apply produces false positives when validating 'empty dangling' tags

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: Overridden request.operation is not considered by match/exclude with operations

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-12 18:56:31 +00:00
Charles-Edouard Brétéché
0688c9b369
fix: Kyverno apply produces false positives when validating 'empty dangling" tags (#8358)
* fix: verifyImages w/ multiple entries is not consistent

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* clean

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: Kyverno apply produces false positives when validating 'empty dangling' tags

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-12 17:03:37 +00:00
Charles-Edouard Brétéché
dde312e65d
refactor: cli proper error handling (#8360)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-12 16:07:06 +00:00
Charles-Edouard Brétéché
44f0de5c53
fix: verifyImages w/ multiple entries is not consistent (#8357)
* fix: verifyImages w/ multiple entries is not consistent

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* clean

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* unit tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-12 15:20:21 +00:00
Charles-Edouard Brétéché
dbad967150
fix: namespace in kyverno-test.yaml seems to have no effect in case of exclude (#8354)
* fix: namespace in kyverno-test.yaml seems to have no effect in case of exclude

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* unit tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-12 14:33:26 +00:00
Charles-Edouard Brétéché
2ea68ccc7a
fix: Auto-gen rules can not get variables from test input values (#8337)
* chore: improve cli version command and add tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: Auto-gen rules can not get variables from test input values

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-09-12 13:38:57 +00:00
Charles-Edouard Brétéché
a1d06b41df
feat: add create exception cli command (#7781)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-12 12:58:30 +00:00
Charles-Edouard Brétéché
045e955a6e
refactor: simplify cli processor (#8352)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-12 12:07:12 +00:00
Charles-Edouard Brétéché
029a62a504
feat: compress test results in cli fix test command (#8343)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-12 12:16:35 +05:30
Charles-Edouard Brétéché
e21da49d5b
fix: all tests fails when use mutiple results with generate-clone (#8341)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-12 05:36:41 +00:00
Charles-Edouard Brétéché
479511c9b8
fix: disable cli logs when level is 0 (#8335)
* fix: disable cli logs when level is 0

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix linter

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-11 21:07:26 +00:00
Charles-Edouard Brétéché
67cfa341a5
chore: improve cli version command and add tests (#8336)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-11 20:36:35 +00:00
Charles-Edouard Brétéché
3967adde6e
fix: allow any type in cli test global values (#8305)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-11 16:57:18 +00:00
Charles-Edouard Brétéché
30598c64d8
fix: TODOs in cli (#8333)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-11 15:24:10 +00:00
Charles-Edouard Brétéché
10bb27b4da
fix: cli engine invocation order (#8327)
* fix: cli engine invocation order

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* mutate

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* verify images

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* validate

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* generate

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix and tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-11 13:41:36 +00:00
Charles-Edouard Brétéché
6073f2952e
fix: vap processor in cli (#8319)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-11 10:49:02 +00:00
Charles-Edouard Brétéché
173bb907b7
chore: add cli unit tests (#8326)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-10 22:03:24 +00:00
Charles-Edouard Brétéché
74fed89a17
fix: simplify cli autogen and labels selector check (#8325)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-10 19:10:02 +00:00
anushkamittal2001
c796ef9a4a
fix: Remove os.exit calls in apply command (#8269)
* fix: Remove os.exit calls in apply command

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>

* Resolve linter issues

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>

* Merged main

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>

* Remove duplicate code

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>

* Removed comments for osExit var

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>

* Minor corrections

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>

---------

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-07 15:45:57 +00:00
Vishal Choudhary
07877ef37a
feat: add custom keychains using fluxcd/oci/auth package (#7908)
* feat:add usage of flux auth package for creating keychain

for every oci provider, we will create a client from flux and use its login() method

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add registry checking

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* bug: update azure keychain to return anonymous kc

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* bug: remove google keychain

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* bug: kubeconfig redefined

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* bug: fix kubeconfig flag being double defined

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* updated comments (#7902)

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>

* chore(deps): bump google.golang.org/grpc from 1.56.2 to 1.57.0 (#7918)

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.56.2 to 1.57.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.56.2...v1.57.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/go-git/go-git/v5 from 5.8.0 to 5.8.1 (#7919)

Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.8.0 to 5.8.1.
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](https://github.com/go-git/go-git/compare/v5.8.0...v5.8.1)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>

* refactor validating admission policies (#7835)

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* feat: update default keychain in registry to be empty (#7906)

* feat: update default keychain to be empty

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update registryCredentialHelpers description

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

---------

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: rename vap to its full name (#7929)

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix(chart): only create ServiceMonitor if cluster supports it (#7926)

* fix: only create ServiceMonitor if cluster supports it

Adds an additional check to the ServiceMonitor template to ensure that
the cluster supports the `monitoring.coreos.com/v1` API version.

Signed-off-by: Alexej Disterhoft <alexej@disterhoft.de>

* add IITS Consulting as adopter from Google Form (#7932)

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* Adding other folder's subfolders to workflows/conformance.yaml's tests array (#7927)

Signed-off-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com>
Co-authored-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>

* feat: add create metrics-config cli command (#7782)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore(deps): bump svenstaro/upload-release-action from 2.6.1 to 2.7.0 (#7940)

Bumps [svenstaro/upload-release-action](https://github.com/svenstaro/upload-release-action) from 2.6.1 to 2.7.0.
- [Release notes](https://github.com/svenstaro/upload-release-action/releases)
- [Changelog](https://github.com/svenstaro/upload-release-action/blob/master/CHANGELOG.md)
- [Commits](2b9d2847a9...1beeb572c1)

---
updated-dependencies:
- dependency-name: svenstaro/upload-release-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>

* test: add tests for ghcr private repository (#7791)

* chore: organize constants better (#7941)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore: move cert.kyverno.io/managed-by label in constants (#7942)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: rename --compact to --detailed-results in CLI (#7937)

* fix: rename --compact to --detailed-results in CLI

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* rename compact arg

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore: move more constants (#7944)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feat: add `create values` cli command (#7779)

* feat: add  cli command

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feat: add create values cli command

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* Removed usage of `replacements` from goreleaser.yml file (#7833)

* Changed goreleaser.yml file

Signed-off-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com>

* Changed syntax

Signed-off-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com>

* Small indent fix

Signed-off-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com>

---------

Signed-off-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com>
Co-authored-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* add 1.10.2 (#7947)

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* chore: move cache enabled label (#7949)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore(deps): bump go.uber.org/zap from 1.24.0 to 1.25.0 (#7952)

Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.24.0 to 1.25.0.
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uber-go/zap/compare/v1.24.0...v1.25.0)

---
updated-dependencies:
- dependency-name: go.uber.org/zap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* doc: add feature flag guidelines (#7951)

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* chore: move kyverno.io/verify-images constant (#7955)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feat: add ttl controller (#7821)

* added the ttl controller

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fixed label and vars

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* added logger

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* applied fixes

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* removed comments

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* lint

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* lint

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* lint

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* more lint fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* applied changes

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* minor fixes

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix logger, separate parse logic

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* added tests

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* added kuttl tests, validation utilities

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* commented code

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* renamed tests

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix test

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* created log.go

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix log.go

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* added README.md refactor code

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* lint fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* lint

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* lint fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* added validation webhook

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* label-validation fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* added flag, updated verbs

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* updated verbs

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* updated helm chart

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* test fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* lint

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* linter

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* imporoved webhook validation

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* linter fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* lint

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* lint fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix codegen

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* webhook names and path constants

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* constant label

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix label selector

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* kuttl test fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* helm docs

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix controller logger

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: manager logger

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix failure policy

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* kuttl tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* move kuttl tests in separate job

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* remove rbac steps

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* remove configmaps from core cluster role

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix logger

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* rename flag

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* kuttl

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix error

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix linter

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Ved Ratan <vedratan8@gmail.com>
Signed-off-by: Ved Ratan <82467006+VedRatan@users.noreply.github.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore: rename ttl controller package (#7957)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore: move ttl formats to constants (#7958)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feat: Add support for server-side-apply in generate rules (#7705)

* feat: Add support for server-side-apply in generate rules

Signed-off-by: Mike Bryant <mike@mikebryant.me.uk>

* chore: run make codegen-all

Signed-off-by: Mike Bryant <mike.bryant@mettle.co.uk>

* chore: Remove unnecessary file I got from copy/paste

Signed-off-by: Mike Bryant <mike.bryant@mettle.co.uk>

---------

Signed-off-by: Mike Bryant <mike@mikebryant.me.uk>
Signed-off-by: Mike Bryant <mike.bryant@mettle.co.uk>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>

* refactor: ttl label validation (#7960)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore(deps): bump github.com/google/go-containerregistry (#7961)

Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) from 0.14.1-0.20230425172351-b7c6e9dc3944 to 0.16.1.
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](https://github.com/google/go-containerregistry/commits/v0.16.1)

---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: fix cleanup controller debug in vscode (#7963)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: ttl cleanup controller events processing (#7964)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* test: add test to cleanup the same resource twice (#7965)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: ttl manager stop informer on error (#7966)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore(deps): bump slsa-framework/slsa-github-generator (#7968)

Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.7.0...v1.8.0)

---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat: add basic structure for image verify cache (#7890)

* feat: add interface for image verify cache

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add basic client for cache

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add ttl to client

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add flags and flag setup

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: added a default image verify cache

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add propogation of cache to image verifier

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add useCache to image verification types

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* bug: add ivcache to image verifier

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add logger to cache

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* typo: DisabledImageVerfiyCache

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* typo: DisabledImageVerfiyCache

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* Update cmd/internal/flag.go

Signed-off-by: shuting <shutting06@gmail.com>

* feat: add use cache to v2beta1 crd

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* bug: change public attribute TTL to private

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: replace nil in test with disabled cache

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: convert ttl time to time.Duration

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update opts to use time.Duration

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat:add policy version and remove delete functions

by adding policy version, old entries will automatically become outdated and we will not have to remove them manually

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: remove clear and update get and set to take interface as input

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* style: fix lint issue

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

---------

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* Fixes kyverno cli container reorder  (#7943)

* added combine rule response

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added kyverno test cli tests

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added kyverno test cli tests

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* small nits

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added ; in between the err messages

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* removed fixed rulename and ruletype

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

---------

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>

* chore(deps): bump sigs.k8s.io/controller-runtime from 0.15.0 to 0.15.1 (#7975)

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.15.0 to 0.15.1.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.15.0...v0.15.1)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump golang.org/x/text from 0.11.0 to 0.12.0 (#7976)

Bumps [golang.org/x/text](https://github.com/golang/text) from 0.11.0 to 0.12.0.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.11.0...v0.12.0)

---
updated-dependencies:
- dependency-name: golang.org/x/text
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump golang.org/x/crypto from 0.11.0 to 0.12.0 (#7977)

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.11.0 to 0.12.0.
- [Commits](https://github.com/golang/crypto/compare/v0.11.0...v0.12.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix:Add Missing Severity Cases in SeverityFromString Function (#7974)

Signed-off-by: lichanghao.orange <lichanghao.orange@bytedance.com>
Co-authored-by: shuting <shuting@nirmata.com>

* feat(chart) Allow podSecurityContext and securityContext for webhooksCleanup (#7970)

Fixes #7962

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: Fixed issue with AddVariable that prevented certain variables (#7981)

When using a label or annotation with quoted dots, AddVariable was splitting inside the quote causing it to be improperly parsed and replaced

Signed-off-by: mvaal <mvaal@expediagroup.com>

* fix: Kyverno cli apply duplicate result counts  (#7945)

* removed repeated logic from kyverno_policies_types

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

fixed unit tests

* fixed unit tests

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* updated common.go logic

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* remove skip response logic from common.go

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* remove skip response logic from common.go

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* fixed conflict

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

---------

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>

* fix: return err in load data (#7982)

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>

* fix, enhancement (#7988)

* fix, enhancement

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* lint

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

---------

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix: improve lint

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update auth pkg

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore: fix go mod

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: updated CLI keychains

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore update fluxcd/pkg/auth@0.31.1

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

---------

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: Alexej Disterhoft <alexej@disterhoft.de>
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
Signed-off-by: Ved Ratan <82467006+VedRatan@users.noreply.github.com>
Signed-off-by: Mike Bryant <mike@mikebryant.me.uk>
Signed-off-by: Mike Bryant <mike.bryant@mettle.co.uk>
Signed-off-by: shuting <shutting06@gmail.com>
Signed-off-by: lichanghao.orange <lichanghao.orange@bytedance.com>
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Signed-off-by: mvaal <mvaal@expediagroup.com>
Co-authored-by: Amit kumar <amit9116260192@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Alexej Disterhoft <github@disterhoft.de>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Pradyot Ranjan <99216956+prady0t@users.noreply.github.com>
Co-authored-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Ved Ratan <82467006+VedRatan@users.noreply.github.com>
Co-authored-by: Mike Bryant <mike.bryant@mettle.co.uk>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: shuting <shutting06@gmail.com>
Co-authored-by: UgOrange <lichanghao.orange@bytedance.com>
Co-authored-by: treydock <tdockendorf@osc.edu>
Co-authored-by: Marcus Vaal <mvaal@expediagroup.com>
2023-09-07 11:47:36 +00:00
Charles-Edouard Brétéché
a4b3388bda
chore: improve unit tests in cli (#8304)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-07 09:16:26 +00:00
Charles-Edouard Brétéché
b2d29886c1
chore: improve unit tests in cli (#8301)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-07 02:53:37 +00:00
Charles-Edouard Brétéché
7065d5da37
chore: improve unit tests in cli (#8300)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-06 22:02:48 +00:00
Charles-Edouard Brétéché
2d8c74eb12
chore: improve unit tests in cli (#8296)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-06 17:01:23 +00:00
Charles-Edouard Brétéché
aeb8e52fec
refactor: mmove utils report cli package (#8295)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-06 19:02:23 +03:00
Charles-Edouard Brétéché
6b62358dae
refactore: move utils store package (#8293)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-06 15:17:12 +00:00
Charles-Edouard Brétéché
3b44af8dbd
refactor: move utils cobra to command package (#8291)
* refactor: introduce cli variables package

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* lint

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* refactor: move utils cobra to command package

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-06 14:44:50 +00:00
Charles-Edouard Brétéché
ee4e0422ed
refactor: introduce cli variables package (#8285)
* refactor: introduce cli variables package

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-06 14:03:51 +00:00
Charles-Edouard Brétéché
e98bfd1cd9
refactor: introduce cli processor package (#8281)
* refactor: introduce cli processor package

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* counts

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-06 12:48:55 +08:00
Charles-Edouard Brétéché
04e21da671
fix: cli dependency to controller-runtime logger (#8280)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-05 17:06:44 -07:00
Charles-Edouard Brétéché
cbeb5157d6
refactor: cli policy package (#8279)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-05 23:01:31 +00:00
Charles-Edouard Brétéché
ebebef6cb7
refactor: remove depency from validation to cli (#8274)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-05 21:58:03 +00:00
Charles-Edouard Brétéché
5360248135
refactor: combine unstructured and resource packages (#8276)
* refactor: introduce userinfo package in the cli

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* refactor: introduce api package in cli

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* refactor: combine unstructured and resource packages

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-05 21:09:31 +00:00
Charles-Edouard Brétéché
d61e0515c2
refactor: introduce api package in cli (#8275)
* refactor: introduce userinfo package in the cli

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* refactor: introduce api package in cli

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-05 17:50:52 +00:00
Charles-Edouard Brétéché
e8bc38f25b
refactor: introduce userinfo package in the cli (#8272)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-05 17:10:27 +00:00
Charles-Edouard Brétéché
cdd8b4383f
refactor: cli test command test execution (#8266)
* refactor: cli test command test execution

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* error

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-05 13:19:05 +00:00
Charles-Edouard Brétéché
eeb7e814b5
fix: cli exit cleanly (#8267)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-05 12:19:04 +00:00
Mariam Fahmy
8732183cc6
feat: generate backgroundscan reports for validating admission policies (#8135)
* feat: generate backgroundscan reports for validating admission policies

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: skip validate check images if errors are encourted when validating the resource

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-09-05 11:42:17 +00:00
Charles-Edouard Brétéché
c0a74fe0d5
fix: bad test file causes all tests to pass with success (#8258)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-05 11:09:45 +00:00
Charles-Edouard Brétéché
0b33ae2b06
refactor: cli packages structure (#8257)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-05 08:55:01 +00:00
Charles-Edouard Brétéché
c51bc5beb8
docs: improve cli commands docs (#8259)
* chore: improve cli commands docs

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* docs

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* experimental

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* version

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* unit tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* oci

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* oci

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* jp

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* apply

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* create

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-05 05:14:28 +03:00
Charles-Edouard Brétéché
b6e18d7f29
refactor: introduce resource package in cli (#8256)
* refactor: introduce resource package in cli

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-09-05 02:25:06 +03:00
Charles-Edouard Brétéché
5615b883db
feat: add multiple paths support to cli test command (#8247)
* refactor: cli test loading

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feat: add multiple paths support to cli test command

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-04 20:27:20 +00:00
Charles-Edouard Brétéché
e411eea188
refactor: add a cobra utils package to build commands doc (#8255)
* refactor: add a cobra utils package to build commands doc

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* codegen

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-04 19:56:23 +00:00
Charles-Edouard Brétéché
90d84d81b2
refactor: cli packages structure (#8254)
* refactor: cli packages structure

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: unit tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-04 17:04:10 +00:00
Mariam Fahmy
4da72e3758
fix: return engine responses without checking TestResult.rule since it is empty in case of VAPs (#8251)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-04 16:32:23 +00:00
Charles-Edouard Brétéché
cef4a9b546
refactor: move all cli commands in a commands package (#8231)
* chore: name all cli command files the same

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* refactor: move all cli commands in a commands package

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* root

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-04 15:15:55 +00:00
Charles-Edouard Brétéché
b5030987a6
chore: add cli test utils unit tests (#8249)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-04 13:58:48 +00:00
Charles-Edouard Brétéché
c5300bfcda
refactor: cli test loading (#8244)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-04 11:36:34 +00:00
Charles-Edouard Brétéché
75da97eabf
chore: add more cli utils unit tests (#8243)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-04 10:49:50 +00:00
Mariam Fahmy
381fbedf21
fix: check if VAPs are registered in the API server or not (#8219)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-09-04 10:16:30 +00:00
Charles-Edouard Brétéché
c93ac4655c
refactor: cli test command (#8212)
* code changes

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* test changes

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-04 09:34:27 +00:00
Charles-Edouard Brétéché
6b7c204f05
chore: improve test coverage of source cli utils package (#8232)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-04 08:31:59 +00:00
Charles-Edouard Brétéché
201cd79b86
chore: add gh action to the cli readme (#8233)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-04 04:17:36 +03:00
Charles-Edouard Brétéché
1fdd1127c2
chore: add cli readme (#8223)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-03 23:16:54 +00:00
Charles-Edouard Brétéché
907af6d483
chore: name all cli command files the same (#8227)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-03 22:30:18 +00:00
Charles-Edouard Brétéché
3e4ada64cf
refactor: introduce source package in cli (#8226)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-03 21:54:53 +00:00
Charles-Edouard Brétéché
f8f9f4e628
refactor: CLI oci commands (#8224)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-03 14:21:40 -07:00
Charles-Edouard Brétéché
5c482646d1
refactor: introduce experimental cli package (#8222)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-03 20:14:42 +00:00
Charles-Edouard Brétéché
2ee28fff04
fix: remove unused struct in cli (#8218)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-02 05:08:20 +03:00
Chandan-DK
51de975e7b
feat: add support for wildcard in CLI filters (#8216)
* feat: add wildcard support to test-case-selector flag in cli test command

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* fix logic

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* add unit tests

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* update description

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

---------

Signed-off-by: Chandan-DK <chandandk468@gmail.com>
2023-09-01 21:33:28 +00:00
Charles-Edouard Brétéché
9f108b11cd
feat: add fix test cli command (#8213)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-01 15:50:11 +00:00
Charles-Edouard Brétéché
33d5c81a7d
refactor: introduce report utils package and use it in cli apply (#8203)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-01 09:20:39 +00:00
Charles-Edouard Brétéché
6c94e5f1cb
refactor: introduce cli annotations utils package (#8201)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-31 23:42:08 +00:00
Charles-Edouard Brétéché
4d6a511437
fix: multiple test cases for generate policy lead to wrong test results (#8197)
* fix: multiple test cases for generate policy lead to wrong test results

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* add cli test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-31 23:08:54 +00:00
Charles-Edouard Brétéché
941c1ae830
chore: add a couple unit tests (#8199)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-31 17:23:26 +00:00
Charles-Edouard Brétéché
d1c8e7be93
fix: verification of cli docs breaks CI (for real) (#8193)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-31 15:17:26 +00:00
Mariam Fahmy
c583b64120
feat: generate validating admission policies and their bindings from Kyverno policies (#7840)
* feat: generate validating admission policies and their bindings from Kyverno policies

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* feat: add generate VAPs feature flag

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: use container flags instead of feature flags

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: limit VAP generation to cluster policies

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* feat: add policy checks for generating VAPs

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* chore: rename package

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* feat: translate match/exclude resources in Kyverno policies to their alternatives in validating admission policies

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* feat: add vap info in kyverno policy status

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: delete the translation of

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* feat: add kuttl tests

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* feat: add generateValidatingAdmissionPolicy feature flag in the helm chart

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* chore: update codegen

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* feat: add validating admission policy kuttl tests in the workflow

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: check K8s server version

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix lint issue

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: remove the kind config of VAPs

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-08-31 10:25:21 +00:00
Charles-Edouard Brétéché
acf1192599
fix: kyverno test generated resource inconsistency (#8189)
* fix: kyverno test renerated resource inconsistency

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* unit test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* makefile

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-31 05:54:41 +05:30
Charles-Edouard Brétéché
4317519c81
fix: mutation unit test not working as expected (#8188)
* fix: mutation unit test not working as expected

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* package and unit tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-30 21:42:02 +00:00
Charles-Edouard Brétéché
31bed97806
fix: kyverno test doesn't fail when mutated YAML != patchedResource YAML (#8183)
* fix: kyverno test doesn't fail when mutated YAML != patchedResource YAML

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fixes

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* makefile

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-30 19:37:15 +00:00
Mariam Fahmy
fb166d4f0e
feat: support vap variables in the CLI (#8182)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-08-30 18:03:00 +00:00
Charles-Edouard Brétéché
a6bc35b740
fix: allow kyverno test variables directly in test (#8168)
* fix: allow kyverno test variables directly in test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* strict

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-30 16:17:28 +00:00
Charles-Edouard Brétéché
23ef95a79c
fix: website docs generation (#8181)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-30 15:17:50 +00:00
Charles-Edouard Brétéché
e248757798
feat: add cli docs command (#8179)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-30 11:26:26 +00:00
Charles-Edouard Brétéché
8840be78ce
refactor: refactor cli filters and add unit tests (#8177)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-30 10:24:43 +00:00
Amit kumar
6d8ae16afa
added verify image ristretto cache implementation (#7969)
* updated flags

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added ristretto_cache impl

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added bufferSize

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* small nits

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* made cache as private member

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* made cache as private member

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added logger.withValues

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added verify image cache

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* small nits

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added cache tests

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* fixed lint issue

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added chaged policy test

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* cache time should be entered in minutes

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* removed cache.wait()

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* small nits

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* removed client.go logs and added in imageVerifier

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added level to the logs

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added notary image cache verification

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* replace intVar by flag.DurationVar()

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* removed lock from cache clinet

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* updated cosign tests

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added execution latencies comparision

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added assert.Error()

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added error assertion util

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added error log

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* Update pkg/engine/internal/imageverifier.go

Signed-off-by: shuting <shutting06@gmail.com>

* lint fixes

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* removed logs from unit tests

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added ristretto_cache impl

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* removed cache.wait()

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* small nits

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added asssertions in tests

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* fixed conflicts

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* lint fix

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* renamed variabls

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

---------

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>
Signed-off-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-08-30 07:26:40 +00:00
Charles-Edouard Brétéché
414c3c77dd
chore: add cli path utils unit tests (#8167)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-29 21:49:32 +00:00
Charles-Edouard Brétéché
c5eb3d2525
fix: check caSecretName and tlsSecretName flags (#8155)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-29 21:06:15 +00:00
Charles-Edouard Brétéché
3a2c71c4ba
fix: remove cli manifest commands (#8165)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-29 19:28:26 +00:00
Charles-Edouard Brétéché
afd736428f
chore: create cli pathutils package (#8164)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-29 18:20:17 +00:00
Charles-Edouard Brétéché
4c05c2833c
fix: support fully-qualified file paths in cli test command (#8163)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-29 17:08:20 +00:00
Charles-Edouard Brétéché
4d39fba931
fix: add description to CLI create command (#8160)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-29 15:37:47 +00:00
Charles-Edouard Brétéché
bb3df218ed
fix: validate the YAML test file syntactically and schematically (#8145)
* fix: validate the YAML test file syntactically

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* schema validation

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* unit tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-28 18:04:00 -04:00
Ved Ratan
daadd36c72
[Feat]: Perform permissions check when TTL label is observed (#8128)
* added permissions check

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* lint fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* lint fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* issue_8091

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* log fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* refactor

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Ved Ratan <vedratan8@gmail.com>
Signed-off-by: Ved Ratan <82467006+VedRatan@users.noreply.github.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-28 16:18:48 +00:00
Charles-Edouard Brétéché
0f9fe30c08
feat: allow overriding ca and tls secret names (#8137)
* feat: allow overriding ca and tls secret names

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-28 14:05:49 +00:00
Vishal Choudhary
b374c05517
fix: update certmanager and config to take common name and namespace as arguments (#8129)
* feat: add namespace and common name args

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: remove unnecessary dns name

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

---------

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-28 12:04:37 +00:00
Ved Ratan
ebd9506f87
[Feat] TTL controller log improvements (#8112)
* upgraded verbose and enhanced label

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* enhancements

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

---------

Signed-off-by: Ved Ratan <vedratan8@gmail.com>
2023-08-25 22:32:56 +02:00
Charles-Edouard Brétéché
ab6fc0ad1b
fix: reduce tls package dependencies (part 2) (#8109)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-25 11:24:52 +00:00
Charles-Edouard Brétéché
e7b7dc4b9d
fix: cli logs not working (#8110)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-24 16:17:20 +00:00
Charles-Edouard Brétéché
3c09d902fd
fix: context propagation in tracing (#8104)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-24 14:45:58 +08:00
Mariam Fahmy
333845677a
fix: check if client is set in CEL validations (#8099)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-08-23 17:22:37 +02:00
Charles-Edouard Brétéché
794dc782bd
fix: stop hidding flags in the cli (#8077)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-21 11:16:05 +00:00
anushkamittal2001
72ccc55d78
Refactor Kyverno CLI (#7995)
* Initial changes for cli refactoring

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>

* Invoke engine in the correct order

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>

* Refactor apply_command.go

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>

* Resolve lint errors

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>

* Removed unnecessary leading newline

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>

---------

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-18 10:28:47 +00:00
Chandan DK
20bf9f235f
fix: apply command doesn't consider git and non-git paths together (#7832) (#7885)
* fix: apply command doesn't consider git and non-git paths together

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* fix: reorder if block to check err

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

* test: add unit tests to check both git and non git paths are applied irrespective of their order

Signed-off-by: Chandan-DK <chandandk468@gmail.com>

---------

Signed-off-by: Chandan-DK <chandandk468@gmail.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-08-16 16:03:42 +00:00
Mariam Fahmy
064b3588a5
Add an abstraction interface for Kyverno policies and validating admission policies (#8016)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-08-15 12:41:43 -07:00
anushkamittal2001
5272ca8601
Remove length restriction in --set (#7984)
* Remove length restriction in --set

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>

* Add variables in unit test for apply_command

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>

---------

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-14 14:13:29 +00:00
Amit kumar
9e6ff00706
fix: Kyverno cli apply duplicate result counts (#7945)
* removed repeated logic from kyverno_policies_types

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

fixed unit tests

* fixed unit tests

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* updated common.go logic

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* remove skip response logic from common.go

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* remove skip response logic from common.go

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* fixed conflict

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

---------

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-08-08 07:35:01 +00:00
Amit kumar
92e2d23039
Fixes kyverno cli container reorder (#7943)
* added combine rule response

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added kyverno test cli tests

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added kyverno test cli tests

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* small nits

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added ; in between the err messages

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* removed fixed rulename and ruletype

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

---------

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-08-07 07:22:26 +00:00
Vishal Choudhary
b385693509
feat: add basic structure for image verify cache (#7890)
* feat: add interface for image verify cache

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add basic client for cache

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add ttl to client

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add flags and flag setup

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: added a default image verify cache

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add propogation of cache to image verifier

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add useCache to image verification types

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* bug: add ivcache to image verifier

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add logger to cache

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* typo: DisabledImageVerfiyCache

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* typo: DisabledImageVerfiyCache

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* Update cmd/internal/flag.go

Signed-off-by: shuting <shutting06@gmail.com>

* feat: add use cache to v2beta1 crd

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* bug: change public attribute TTL to private

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: replace nil in test with disabled cache

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: convert ttl time to time.Duration

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update opts to use time.Duration

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat:add policy version and remove delete functions

by adding policy version, old entries will automatically become outdated and we will not have to remove them manually

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: remove clear and update get and set to take interface as input

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* style: fix lint issue

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

---------

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-06 21:54:52 +02:00
Charles-Edouard Brétéché
767e576a9a
refactor: ttl label validation (#7960)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-03 12:48:10 +08:00