Vishal Choudhary
92ac95975b
chore: bump github.com/cloudflare/circl to v1.3.7 ( #9434 )
...
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2024-01-19 09:51:15 +00:00
shuting
f7d0b89b85
release 1.10.7 ( #9231 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-12-20 09:49:56 +00:00
Vishal Choudhary
7748d7e72e
chore: fix high vulnerabilities in release 1.10 ( #9226 )
...
* chore: use cosign 1.13.2 in 1.10
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: rekor vulnerability fix
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: upgrade schema url
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: update all files
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: missed one
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: upgrade linter
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2023-12-20 08:19:55 +00:00
shuting
9198beac16
release 1.10.6 ( #9030 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-11-28 06:11:13 +00:00
Zadkiel Aharonian
08f20e7c21
fix(test): random results when namespace is not specified ( #8989 )
...
Signed-off-by: Zadkiel Aharonian <hello@zadkiel.fr>
2023-11-27 10:10:34 +01:00
Vishal Choudhary
426196757c
feat: add checks for max response size in API Call ( #8981 )
...
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2023-11-22 16:35:38 +00:00
shuting
1dfd2e2ca6
Release 1.10.5 ( #8881 )
...
* release 1.10.5
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix controller-gen version
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-11-10 11:19:59 +00:00
Vishal Choudhary
70a1fa77b6
feat: add GHSA-vfp6-jrw2-99g9 fixes in cosign v1.13.1 ( #8870 )
...
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2023-11-10 09:18:32 +00:00
Vishal Choudhary
2da9474b40
fixL upgrade cosign installer version in release 1.10 and use cosign 1.13.1 ( #8813 )
...
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2023-11-01 13:25:01 +00:00
shuting
6449c53ef2
chore(deps): bump helm/chart-testing-action from 2.4.0 to 2.6.0 ( #8809 ) ( #8811 )
...
Bumps [helm/chart-testing-action](https://github.com/helm/chart-testing-action ) from 2.4.0 to 2.6.0.
- [Release notes](https://github.com/helm/chart-testing-action/releases )
- [Commits](e878887317...b43128a8b2
2023-11-01 10:59:12 +00:00
shuting
da6ef87588
release-1.10.4 ( #8799 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-10-31 11:08:35 +00:00
shuting
d4de64b9d4
fix: backport CVE fixes ( #8798 )
...
* bump docker/docker v24.0.
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* bump x/net, Golang
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-10-31 09:38:16 +00:00
shuting
8137b4b8af
release 1.10.3 ( #8006 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-08-11 11:59:42 +08:00
gcp-cherry-pick-bot[bot]
4e328a27eb
fix: return err in load data ( #7982 ) ( #7983 )
...
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-08-08 21:34:10 +08:00
shuting
78cd1e01f0
release: bump chart versions ( #7933 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-07-28 15:45:30 +00:00
gcp-cherry-pick-bot[bot]
63d9b804e3
fix(chart): only create ServiceMonitor if cluster supports it ( #7926 ) ( #7931 )
...
* fix: only create ServiceMonitor if cluster supports it
Adds an additional check to the ServiceMonitor template to ensure that
the cluster supports the `monitoring.coreos.com/v1` API version.
Signed-off-by: Alexej Disterhoft <alexej@disterhoft.de>
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Co-authored-by: Alexej Disterhoft <github@disterhoft.de>
2023-07-28 13:52:38 +00:00
shuting
25f091412b
release 1.10.2 ( #7928 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-07-28 03:50:16 +00:00
Vishal Choudhary
1e0413ac89
bug: add severity and category in cluster policy report ( #7828 ) ( #7922 )
2023-07-28 11:11:13 +08:00
Vishal Choudhary
fd0dfba13f
refactor: remove obsolete structs from CLI ( #6802 ) (cherry-pick) ( #7921 )
...
* refactor: remove obsolete structs from CLI (#6802 )
* feat: add policy reporter to the dev lab
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: remove obsolete structs from CLI
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* more
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: add setlocal
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: removed errors from reports.go
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* bux: fix error in test_command.go
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-07-27 14:50:20 +00:00
gcp-cherry-pick-bot[bot]
7f6216c2c5
feat: add events for successful generation ( #7550 ) ( #7804 )
...
* feat: add events for successful generation
* fix
* fix
* modify generate events messages
* fix: modify mutate event messages
* feat: add kuttl tests
* fix
* add kuttl test for skip generation
* Add kuttl test for failures
---------
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Co-authored-by: Mariam Fahmy <55502281+MariamFahmy98@users.noreply.github.com>
2023-07-27 19:28:06 +08:00
shuting
f6d018a81a
cherry-pick #7888 ( #7920 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
2023-07-27 10:06:51 +00:00
shuting
ecfeff39aa
Feat: cloneList rule validation ( #7823 ) ( #7914 )
...
* Feat: cloneList rule validation
* Test: add kuttl tests for npol
* Fix: split negative tests
* Test: add kuttl tests for cpol
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-07-27 11:36:16 +02:00
Vishal Choudhary
33157d7a85
refactor: remove manual keychain refresh from client ( #7806 ) ( #7917 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
2023-07-27 07:49:34 +00:00
shuting
d5a8a8cfdd
cherry-pick #7774 ( #7915 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Paul N <brenix@users.noreply.github.com>
2023-07-27 05:42:36 +00:00
gcp-cherry-pick-bot[bot]
7e9f14d0ec
fix(policy chart): Skip DELETE requests on policies using deny statements ( #7883 ) ( #7900 )
...
Fixes #7456
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Co-authored-by: treydock <tdockendorf@osc.edu>
Co-authored-by: shuting <shuting@nirmata.com>
2023-07-26 11:25:34 +00:00
gcp-cherry-pick-bot[bot]
ad271bac5a
Modified annotation matching during rollback ( #7752 ) ( #7894 )
...
* enhanced has changed func
* modified changed annotation func
* modified HasImageVerifiedAnnotationChanged
* nits
* added kuttl-test
* added ghcr.io/kyverno images
* fixed unit tests
* fixed unit tests
---------
Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>
Co-authored-by: Amit kumar <amit9116260192@gmail.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
2023-07-24 09:26:57 +00:00
gcp-cherry-pick-bot[bot]
d57841f4ed
fix log level ( #7877 ) ( #7881 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-07-24 13:38:04 +08:00
Pradyot Ranjan
4012fabcae
Added log message for API call failures ( #7834 ), cherry picked ( #7880 )
...
* Added error message to deferred loader on API call failure
* Small change in error message
---------
Signed-off-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com>
2023-07-21 08:58:00 +00:00
gcp-cherry-pick-bot[bot]
e18087baad
feat(chart) Add configurations for cleanup jobs and webhooks ( #7871 ) ( #7875 )
...
allow nodeSelector, tolerations and affinity settings for webhooksCleanup
allow affinity settings for cleanup jobs
Add helper to handle the labels for cleanup jobs, add component label
Fixes #7843
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Co-authored-by: treydock <tdockendorf@osc.edu>
Co-authored-by: shuting <shuting@nirmata.com>
2023-07-21 08:20:38 +00:00
gcp-cherry-pick-bot[bot]
4e42b7c282
policy validation: fix assignment to entry in nil map ( #7874 ) ( #7876 )
...
Signed-off-by: AdamKorcz <adam@adalogics.com>
Co-authored-by: AdamKorcz <44787359+AdamKorcz@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-07-21 12:48:51 +08:00
gcp-cherry-pick-bot[bot]
da86b6b6c1
feat: skip schema validation for CRD ( #7869 ) ( #7873 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-07-21 03:11:53 +00:00
gcp-cherry-pick-bot[bot]
942061e545
fix: namespace label matching for Namespace ( #7837 ) ( #7870 )
...
* Feat: namespaceLabel matching for ns
* Fix: update kuttl tests
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-07-20 21:07:43 +08:00
gcp-cherry-pick-bot[bot]
c9a87b93fa
fix: ignore tekton/pipeline ( #7858 ) ( #7863 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-07-20 10:03:30 +00:00
gcp-cherry-pick-bot[bot]
b65c6e4546
fix type confusion in policy validation ( #7857 ) ( #7862 )
...
Signed-off-by: AdamKorcz <adam@adalogics.com>
Co-authored-by: AdamKorcz <44787359+AdamKorcz@users.noreply.github.com>
2023-07-20 08:37:38 +00:00
gcp-cherry-pick-bot[bot]
491a5174cc
feat: enable operator boolean comparison ( #7847 ) ( #7860 )
...
* feat: enable operator boolean comparison
* Test: add kuttl test
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-07-20 03:09:18 +00:00
gcp-cherry-pick-bot[bot]
b3e25939d8
Add nodeSelector for cleanupJob CronJob resources ( #7851 ) ( #7855 )
...
Fixes #7826
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Co-authored-by: treydock <tdockendorf@osc.edu>
2023-07-19 22:37:46 +08:00
Mariam Fahmy
515c1b4d29
cherry-pick kyverno#7810 ( #7822 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-07-13 13:55:56 +00:00
shuting
532c1a092a
cherry-pick #7800 ( #7819 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-07-12 16:39:15 +00:00
gcp-cherry-pick-bot[bot]
bbd0cb03be
feat: allow pod labels for cleanup jobs ( #7808 ) ( #7809 )
...
Signed-off-by: bakito <github@bakito.ch>
Co-authored-by: Marc Brugger <github@bakito.ch>
2023-07-11 16:44:21 +00:00
gcp-cherry-pick-bot[bot]
fdc962e28c
fix: aggregated admission report not updated correctly ( #7798 ) ( #7799 )
...
* fix: aggregated admission report not updated correctly
* kuttl
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-07-10 15:19:33 +02:00
Chip Zoller
c99fa86559
Update Chart README migration guide with 1.10.1 updates ( #7770 )
...
* update Chart README migration guide for 1.10.1 guidance
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* template render
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
---------
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
2023-07-06 15:13:00 +00:00
shuting
8ae0040003
release 1.10.1 ( #7762 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-07-06 12:26:56 +05:30
gcp-cherry-pick-bot[bot]
7eba6129c3
feat: Add option to add imagePullSecrets to cleanup CronJobs ( #7730 ) ( #7732 )
...
* Add option to add imagePullSecrets to cleanup CronJobs
* Update chart README
---------
Signed-off-by: Alexander Olzem <olzemal@pm.me>
Co-authored-by: Alex Olzem <olzemal@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-07-01 22:57:42 +00:00
Charles-Edouard Brétéché
149beaf0de
fix: remove show goreleaser version step ( #7712 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-29 13:27:46 +00:00
Charles-Edouard Brétéché
96d1fbd15d
fix: release signing ( #7711 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-29 12:02:30 +00:00
shuting
0af5715a6d
fix goreleaser version ( #7707 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-06-29 08:51:01 +00:00
gcp-cherry-pick-bot[bot]
b70f5e8e83
fix: lock schema manager when updating it ( #7704 ) ( #7706 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-29 05:12:38 +00:00
shuting
e248f9247e
release v1.10.1-rc.1 ( #7701 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-06-28 18:39:28 +00:00
gcp-cherry-pick-bot[bot]
a91c647160
fix: customizable tracer configuration ( #7644 ) ( #7700 )
...
* fix: customizable tracer configuration
* fix: harden rbac permissions (#7638 )
* chore(deps): bump sigstore/cosign-installer from 3.0.5 to 3.1.0 (#7664 )
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.5 to 3.1.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](dd6b2e2b61...d13028333d#7663 )
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.3 to 2.2.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](80e868c13c...08b4669551#7650 )
* Bump notation-go from 1.0.0-rc.3 -> 1.0.0-rc.6
* fixed tests
* added tests for repository
---------
* fix: vscode debug config (#7653 )
* fix: pr updater workflow (#7665 )
* refactor: add specific loaders from #7597 (#7671 )
* feat: add cluster select and relabling config for ServiceMonitors (#7659 )
* feat: add cluster select and relabling config for ServiceMonitors
* feat: add cluster select and relabling config for ServiceMonitors
---------
* fix: cleanup controller context from #7597 (#7672 )
* fix: cleanup controller rbac (#7669 )
* refactor: migrate context loaders (part 1) from #7597 (#7676 )
* refactor: migrate context loaders (part 2) from #7597 (#7677 )
* refactor: migrate context loaders (part 1) from #7597
* refactor: migrate context loaders (part 2) from #7597
---------
* feat: add lazy loading feature flag (#7680 )
* fix: image verification (#7652 )
* Fix deferred loading (#7597 )
* handle nested contexts
* add feature flag
* fix tests
* add kuttl tests
* fix linter issues
* fix CLI regclient
* fix: token permissions on report vulns workflow (#7611 )
* fix: token permissions (#7619 )
* fix: update the flag descriptions of the reports-controller (#7617 )
* fix: panic if env var not defined (#7613 )
* fix: panic if env var not defined
* fix
* fix
---------
* use toggles instead of a flag
* update toggle name
* update toggle name
* fix roles
* fix role
* update manifests
* remove extra unlock
* fix loader reset
* add tests
* propagate context
* cm resolver
* level management
* address review comments
* add enableDeferredLoading to other controllers
* re-enable ACR credhelper
* improve tests
* remove image registry client init
* check for invalid reset/restore
* recursive kuttl test
* add pre/post queries
* add check for a recursive match
* new test suite
* eval loaders at creation level
* kuttl test
* add an index for resolving deps in order
* improve comment
* extract remove method
* merge main
* flags
* feature flag
* fix flag
* update unit tests
* two rules kuttl test
* update unit tests
* revert
* per rule checkpoint
* fix
* fix mutate chained rules
* per rule checpoint/restore
* log error
---------
* fix: factorise confimap informer code (#7667 )
* chore(deps): bump sigstore/cosign-installer from 3.1.0 to 3.1.1 (#7689 )
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](d13028333d...6e04d228eb
2023-06-28 15:26:08 +00:00
gcp-cherry-pick-bot[bot]
65ed040126
fix: Swap any/all in the error message. ( #7688 ) ( #7696 )
...
Signed-off-by: JaeHeung Han <hylowaker@users.noreply.github.com>
Co-authored-by: JaeHeung Han <hylowaker@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-28 10:43:15 +00:00
