mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00
Code Activity
6680 commits 15 branches 540 tags 276 MiB
Commit graph

755 commits

Author SHA1 Message Date
shuting
c708a20600
feat: release v1.11.5 (#10211) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2024-05-09 08:47:44 +00:00
gcp-cherry-pick-bot[bot]
eeeef826d5
fix(policies): Add ability to configure skipBackgroundRequests (#9532) (#9536) 
* fix(policies): Add ability to configure skipBackgroundRequests



* fix: Drop trailing spaces to fix CI



---------

Signed-off-by: Marco Maurer <mkilchhofer@users.noreply.github.com>
Co-authored-by: Marco Maurer (-Kilchhofer) <mkilchhofer@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2024-01-27 18:18:13 +00:00
shuting
6c88cf5ee1
release 1.11.4 (#9453) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2024-01-19 10:08:00 +00:00
shuting
e59ddbdd96
update bitnami/kubectl (#9408) (#9452) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2024-01-19 09:28:17 +00:00
shuting
1612b21e6a
release 1.11.3 (#9346) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2024-01-05 09:58:56 +00:00
shuting
ccb05b3a7d
release 1.11.2 (#9302) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-12-28 09:31:35 +00:00
Mariam Fahmy
a6f121cb6f
chore: update chart.yaml with the changes (#9292) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-12-27 09:35:45 +00:00
gcp-cherry-pick-bot[bot]
8b117276cd
Support more signature algorithms (#9102) (#9289) 
* Support more signature algorithms



* Fix codegen



* Fail loudly for unsupported algorithm



* Fix codegen



* Fix more



---------

Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com>
Co-authored-by: Honnix <honnix@users.noreply.github.com>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2023-12-27 08:34:16 +00:00
gcp-cherry-pick-bot[bot]
98f2162413
Add imagePullSecrets to post-upgrade job (#9264) (#9273) 
Signed-off-by: Frank Wittig <frank@e5k.de>
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Co-authored-by: Frank Wittig <frank@e5k.de>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
 2023-12-24 18:27:38 +00:00
shuting
a0520b53ff
release v1.11.2-rc.1 (#9252) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-12-22 11:33:20 +00:00
gcp-cherry-pick-bot[bot]
69f52b9879
fix: add skipBackgoundRequests to configure loop protection option (#9157) (#9207) 
* fix typo



* add new attribute skipBackgroundRequests



* move to per rule config



* check flag



* clean up



* update docs



* fix logger



* add retryCount to ur.status



* add chainsaw tests



---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2023-12-19 10:51:47 +00:00
gcp-cherry-pick-bot[bot]
8cca8c5243
fix: enable additional report printers by default (#9194) (#9196) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-12-18 18:17:00 +00:00
Mariam Fahmy
c073f7c2ba
fix: add tolerations and affinity to the post-upgrate hook (#9156) (#9164) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-12-15 09:00:51 -05:00
treydock
52526f8425
(cherry-pick) Fix Helm chart to not error when replicas defined (#9066) (#9073) 
Fixes #8941

Cherry pick from main PR didn't work

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
 2023-12-04 22:09:28 +08:00
gcp-cherry-pick-bot[bot]
c146c5731c
fix: add nodeSelector to the reports cleanup helm hook (#9065) (#9069) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-12-04 07:28:16 +00:00
shuting
afe740a42a
release 1.11.1 (#9039) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-11-28 15:08:54 +00:00
gcp-cherry-pick-bot[bot]
5b18a4bc46
fix: cleanup older policy reports (#9026) (#9035) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-11-28 19:37:36 +08:00
gcp-cherry-pick-bot[bot]
3093210d4d
Revert "fix(chart): only create ServiceMonitor if cluster supports it (#7926)" (#8913) (#8931) 
This reverts commit 590dce5830.

This will ensure servicemonitor can be enabled with ArgoCD which doesn't support querying API capabilities

Fixes #8891

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Co-authored-by: treydock <tdockendorf@osc.edu>
Co-authored-by: shuting <shuting@nirmata.com>
 2023-11-16 16:12:23 +00:00
gcp-cherry-pick-bot[bot]
c6050e2a28
correct typo in README for Kyverno 1.10+ (#8911) (#8927) 
Signed-off-by: Peter Jakubis <balonik32@gmail.com>
Co-authored-by: Peter Jakubis <balonik@users.noreply.github.com>
Co-authored-by: treydock <tdockendorf@osc.edu>
 2023-11-16 13:22:11 +00:00
gcp-cherry-pick-bot[bot]
68e60ffc72
Add policyKind option to kyverno-policies chart (#8827) (#8923) 
Fixes #4317 #8568

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Co-authored-by: treydock <tdockendorf@osc.edu>
Co-authored-by: shuting <shuting@nirmata.com>
 2023-11-16 18:14:36 +08:00
shuting
a411fe6377
release 1.11.0 (#8874) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-11-10 16:59:42 +08:00
shuting
3ea6f18c84
release 1.11.0-rc.8 (#8869) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-11-09 15:43:07 +00:00
shuting
3abb8058c9
release v1.11.0-rc.7 (#8841) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-11-06 15:06:53 +00:00
shuting
df3f436edc
release v1.11.0-rc.6 (#8836) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-11-06 12:15:21 +00:00
gcp-cherry-pick-bot[bot]
52b1ccf1c9
fix: generate policy fails if triggered resource name exceeds 63 characters limit (#8466) (#8835) 
* fix: generate label resource name character length issue



* add source label



* modify newUR function



* fix



* improve readability



* remove generate source name label



* Revert changes



* update ResourceSpec



* add URGenerateResourceUIDLabel



* make codegen crds all



* make codegen client all



* add GenerateSourceUIDLabel



* modify comment



* make codegen crds all



* make codegen-docs-all



* make codegen-all



* set trigger uid



* add uid in transform()



* add name label



* fix: use resource name labels along with its UID



* fix: use the resource name label only if its uid label isn't set



* fix



* add kuttl tests



* fix: delete the trigger resource in the test



* fix: delete the source in the kuttl test



* add generate trigger uid label



* modify TriggerInfo function



* populate uid field for new update requests



* populate new ur spec with uid



* handle downstream resources cleanup



* populate uid of ur status



* fetch triggers by the UID label



* label triggers



* fetch trigger by comparing UID



* fetch cloneList downstream resource by UID



* update test names



* remove trigger name label assertions from kuttl tests



* add unit name selector



* add sleep



* assert events on failures



* rename tests



---------

Signed-off-by: Chandan-DK <chandandk468@gmail.com>
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: shuting <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Chandan-DK <chandandk468@gmail.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2023-11-06 11:26:39 +00:00
shuting
1144e2454b
release v1.11.0-rc.5 (#8823) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-11-03 03:46:19 +00:00
gcp-cherry-pick-bot[bot]
37353487ec
fix: display helm warnings together (#8784) (#8805) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-11-01 04:47:53 +00:00
gcp-cherry-pick-bot[bot]
ff407b7d78
add VAP and VAPB to admission controller ClusterRole (#8768) (#8794) 
* add VAP and VAPB to admission controller ClusterRole



* make conditional



* remove manual additions



---------

Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: chipzoller <chipzoller@gmail.com>
Signed-off-by: shuting <shuting@nirmata.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2023-10-31 07:57:11 +00:00
gcp-cherry-pick-bot[bot]
e792e87e97
feat: update verify images types with better descriptions (#8779) (#8791) 
* feat: update verify images types with better descriptions



* feat: revert cert and certchain



---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-10-31 05:30:26 +00:00
gcp-cherry-pick-bot[bot]
babb39c905
fix: grafana dashboard to support replicas (#8751) (#8759) 
Signed-off-by: Alex Kennedy <alexzanderkennedy@gmail.com>
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: shuting <shuting@nirmata.com>
Co-authored-by: Alex Kennedy <alexzanderkennedy@gmail.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2023-10-27 09:01:38 +00:00
gcp-cherry-pick-bot[bot]
8b60e37ff1
Revert "add secrets name in background-controller's role (#8721)" (#8752) (#8757) 
This reverts commit 580c02ce76.

Co-authored-by: shuting <shuting@nirmata.com>
 2023-10-27 08:20:51 +00:00
Vishal Choudhary
4c9f5b8f28
feat: disable validate maintainer for helm gha (#8747) (#8748) 
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
 2023-10-26 13:34:53 +00:00
gcp-cherry-pick-bot[bot]
d25b07c930
fix: revert maintainers in helm charts (#8737) (#8746) 
* fix: revert maintainers in helm charts



* feat: codegnen



* fix: revert helm release changes



---------

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
 2023-10-26 11:38:01 +00:00
shuting
023ac8635a
release v1.11.0-rc.4 (#8723) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-10-24 10:54:21 +00:00
gcp-cherry-pick-bot[bot]
662a254520
add secrets name in background-controller's role (#8721) (#8722) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2023-10-24 09:48:17 +00:00
Vishal Choudhary
b321490e7b
[Helm] AdmissionReport cleanup job tag bump (#8708) (#8714) 
* update chart metadata



* bump tag



* adjust name



* do not validate maintainers



* feat: update codegen



* feat: update codegen



* feat: update kubeversion in helm template



---------

Signed-off-by: chipzoller <chipzoller@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: chipzoller <chipzoller@gmail.com>
 2023-10-23 15:36:21 +00:00
gcp-cherry-pick-bot[bot]
0e0bef1ebe
fix: add permissions to secrets for background controller role (#8690) (#8715) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
 2023-10-23 22:53:02 +08:00
shuting
899a9f0a3a
release v1.11.0-rc.3 (#8706) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-10-20 10:42:45 +00:00
gcp-cherry-pick-bot[bot]
c3db00b154
feat: fix outdated description of imageregistrycredentials (#8688) (#8699) 
* feat: fix outdated description of imageregistrycredentials



* feat: generate crd



---------

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2023-10-20 12:30:54 +08:00
gcp-cherry-pick-bot[bot]
6fcf2bc22b
feat: Implement global values for image registry in Kyverno Helm chart (#8625) (#8694) 
* feat: Add image registry to global values



* Fix indentation



* Update documentation



---------

Signed-off-by: Franco <franco@giantswarm.io>
Co-authored-by: Franco Hielpos <48300215+fhielpos@users.noreply.github.com>
 2023-10-19 14:30:17 +00:00
gcp-cherry-pick-bot[bot]
cf65fc2f48
fix: allow cleanup controller to update the policy status (#8681) (#8684) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-10-19 15:16:46 +08:00
gcp-cherry-pick-bot[bot]
d5c25fcdc2
fix(helm): add values for declaratively enabling PDBs (#8652) (#8658) 
* fix(helm): add values for declaratively enabling PDBs



* update codegen docs



---------

Signed-off-by: Erik Godding Boye <egboye@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Erik Godding Boye <egboye@gmail.com>
Co-authored-by: ShutingZhao <shuting@nirmata.com>
 2023-10-16 09:22:21 +00:00
gcp-cherry-pick-bot[bot]
456a164a30
fix(helm): add missing policyexceptions RBAC to background-controller (#8648) (#8657) 
Signed-off-by: Erik Godding Boye <egboye@gmail.com>
Co-authored-by: Erik Godding Boye <egboye@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2023-10-16 08:34:25 +00:00
shuting
6be88f3646
release v1.11.0-rc.2 (#8643) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-10-13 09:08:32 +00:00
shuting
762f9396e1
release v1.11.0-rc.1 (#8634) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-10-12 13:39:14 +00:00
gcp-cherry-pick-bot[bot]
783b27d032
chore: bump cleanup policies to v2beta1 (#8621) (#8632) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-10-12 12:42:13 +00:00
gcp-cherry-pick-bot[bot]
26b99ceb82
feat: move crds to a subchart (#8623) (#8630) 
* feat: move crds to a subchart



* update codegen



* update crd configs: annotations and install options



* update default crd installation configuration to true



* reset annotations



* update chart readme



* remove subchart crd install option



* update crd chart version



* configure crds labels



* fix chart yaml file



* revert crd subchart version to 0.0.0



* update install.yaml



---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: ShutingZhao <shuting@nirmata.com>
 2023-10-12 11:19:53 +00:00
gcp-cherry-pick-bot[bot]
63b2376873
fix: allow dropping metrics, labels and configuring histogram bucket boundaries to avoid high cardinality. (#8569) (#8629) 
Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>
Co-authored-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2023-10-12 10:34:16 +00:00
gcp-cherry-pick-bot[bot]
6594e11caa
feat: move grafana dashboard to a subchart (#8619) (#8620) 
* feat: move grafana dashboard to a subchart



* fix codegen



* fix: add dependencies



* fix codegen



---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-10-11 22:35:34 +08:00
gcp-cherry-pick-bot[bot]
52f1452ec6
Revert "chore: bump cleanup policies to v2beta1 (#8594)" (#8609) (#8610) 
This reverts commit fff3ad047e.

Co-authored-by: shuting <shuting@nirmata.com>
 2023-10-09 15:53:22 +00:00