mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-01-20 18:52:16 +00:00
Code Activity
7233 commits 14 branches 543 tags 268 MiB
Commit graph

7233 commits

This branch
This branch
All branches
Author SHA1 Message Date
shuting
d33606477c
feat: release 1.12.7 (#11937) 
* feat: release 1.12.7

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: update python version

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2025-01-16 08:13:30 +00:00
shuting
ae3c2fa41d
chore: add metrics-server Helm repo (#11824) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2025-01-03 16:39:25 +00:00
Vishal Choudhary
19f8afc599
bump: golang.org/x/net to 0.33.0 (#11799) 
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
 2025-01-03 15:41:35 +00:00
Vishal Choudhary
9f384cf325
fix: increase chainsaw apply timeout to 30s (#11851) 
* fix: increase chainsaw apply timeout to 30s

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: bump scaffolding

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: metrics server fix

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
 2025-01-03 23:00:18 +08:00
shuting
2bca79b682
chore: bump golang.org/x/crypto 0.31.0 (#11752) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2024-12-12 07:56:56 +00:00
Vishal Choudhary
4596c0cb8a
fix: remove logic that uses annotation to skip image verification (cherry-pick #11529) (#11544) 2024-11-07 04:03:59 +00:00
Vishal Choudhary
e4f9624557
fix: update match logic for old object validation (#11427) (#11530) 
* fix: update match logic for old object validation (#11427)

* fix: update match logic for old object validation

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: linter

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: failing test due to user info

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: debug logs

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: build failure

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: update request info version

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2024-11-06 09:49:27 +00:00
shuting
6e190a07e7
release chart 3.2.8 (#11514) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2024-11-05 11:25:11 +00:00
Killian ALLAIRE
4e3bde519a
feat(chart):add Helms' CustomLabels to the pods metadata of jobs and cronjobs k8s ressources (#11483) 
* all pods for the cronjobs will now act the same way as the pods in the deployments

Signed-off-by: LazyKeru <killian.allaire@hotmail.com>

* updated the artifacthub.io/changes on the Chart.yaml

Signed-off-by: LazyKeru <killian.allaire@hotmail.com>

* ran 'make codegen-manifest-all' to update install-latest-testing.yaml

Signed-off-by: LazyKeru <killian.allaire@hotmail.com>

---------

Signed-off-by: LazyKeru <killian.allaire@hotmail.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
 2024-11-05 15:59:50 +08:00
Khaled Emara
059a1a29c2
feat(ci): enhance load testing (#11515) 
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
 2024-11-04 22:48:22 +08:00
shuting
3f63766ed9
cherry-pick #11267 (#11270) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2024-09-30 14:49:30 +00:00
shuting
bf047e463b
release 1.12.6 (#11255) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2024-09-27 07:50:11 +00:00
shuting
dbc2631d80
release-1.12.6-rc.3 (#11246) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2024-09-26 08:19:45 +00:00
gcp-cherry-pick-bot[bot]
aaac9a6774
fix: webhooks reconciliation with policies (#11233) (#11235) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2024-09-25 13:00:54 +00:00
gcp-cherry-pick-bot[bot]
f903fedb17
fix: webhooks reconciliation when no policies (#11230) (#11232) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2024-09-25 11:44:43 +00:00
Khaled Emara
d35d283dfd
fix(webhook): error variable (#11225) (#11228) 
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
 2024-09-25 10:43:04 +00:00
Khaled Emara
96709ec43d
fix(status): status comparison is wrong ( cherry-pick #11203) (#11217) 
* fix: unsupported defaults in api (#11021)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix(status): status comparison is wrong (#11203)

* fix(status): status comparison is wrong

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* fix(status): retry status update after first failure

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

---------

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2024-09-24 17:10:02 +00:00
shuting
25556baa54
fix(helm): remove namespace from RoleBinding/roleRef field (cherry-pick #10685) (#11194) 
* cherry-pick #10685

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix(helm): remove namespace from RoleBinding/roleRef field (#10685)

- namespace is not a valid parameter for a RoleBinding/roleRef field

Signed-off-by: Laurent Lavaud <laurent.lavaud@mirakl.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>

* cherry-pick #10685

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Laurent Lavaud <laurent.lavaud@mirakl.com>
Co-authored-by: Laurent Lavaud <llavaud@users.noreply.github.com>
 2024-09-19 08:23:09 +00:00
shuting
3cc69114b8
release v1.12.6-rc.2 (#11165) 2024-09-18 11:20:37 +08:00
Mariam Fahmy
ffb55c778a
fix: get ns labels before creating a policy context (#11176) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2024-09-17 10:03:03 +00:00
Anushka Mittal
ec719c324d
fix: range through all resources to build webhook (#11162) 2024-09-16 16:51:56 +00:00
shuting
ba7aaacd73
Release v1.12.6-rc.1 (#11151) 
* release v1.12.6-rc.1

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: update install.yaml

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2024-09-16 09:22:11 +00:00
Pradeep Lakshmi Narasimha
34f0dc34a1
fix: Updated Go version to v1.23.1 to address CVE-2024-34156 (#11112) (#11142) 
* fix: Updated Go version to v1.23.1 to address CVE-2024-34156

Signed-off-by: Pradeep Lakshmi Narasimha <pradeep.vaishnav4@gmail.com>

* fix tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Pradeep Lakshmi Narasimha <pradeep.vaishnav4@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2024-09-16 08:31:22 +00:00
Vishal Choudhary
b720d2f5e0
fix: bump docker in release 1.12 (#11088) 
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
 2024-09-11 07:02:16 +00:00
gcp-cherry-pick-bot[bot]
74f06dea97
fix: Check for the client being nil before applying a mutation (#10726) (#10737) 
Signed-off-by: aerosouund <aerosound161@gmail.com>
Co-authored-by: Ammar Yasser <aerosound161@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2024-09-04 21:35:54 +00:00
gcp-cherry-pick-bot[bot]
a915605d58
Evaluate one version of each pod security standard (#10924) (#10996) 2024-09-04 07:23:12 +00:00
gcp-cherry-pick-bot[bot]
c1780fc849
fix: properly use useCache field in image verification policies (#10709) (#10889) 
* fix: properly use useCache field in image verification policies



* fix: add test



* fix: revert client changes



---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2024-08-22 00:21:06 +05:30
gcp-cherry-pick-bot[bot]
49b3943dd3
fix: check the resource namespace (#10738) (#10740) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2024-08-02 08:53:37 +00:00
Charles-Edouard Brétéché
fb475dc46e
chore(deps): bump github.com/docker/docker (#10750) (#10764) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.1.3+incompatible to 26.1.4+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v26.1.3...v26.1.4)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-08-01 11:41:39 +00:00
Charles-Edouard Brétéché
d873d8fc48
chore: bump chainsaw (cherry-pick #10687) (#10765) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2024-08-01 10:55:51 +00:00
Ved Ratan
9da144fb7c
chore: retrayable/http version bump (#10719) 
Signed-off-by: Ved Ratan <ved.ratan@nirmata.com>
 2024-07-26 13:45:11 +08:00
shuting
973c1e470c
cherry-pick #10678 (#10681) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2024-07-19 07:55:53 +00:00
shuting
b7fb616a6d
release v1.12.5 (#10653) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2024-07-12 09:06:59 +00:00
shuting
6d3cf5946e
release v1.12.5-rc.2 (#10651) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2024-07-11 09:48:22 +00:00
gcp-cherry-pick-bot[bot]
911a3ff76d
fix: truncate event messages to 1024 chars (#10636) (#10643) 
* fix: truncate event messages to 1024 chars



* add chainsaw test



---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
 2024-07-10 16:06:32 +00:00
gcp-cherry-pick-bot[bot]
b4137fb56f
fix: rename level 1 logs to INFO from DEBUG (#10617) (#10642) 
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2024-07-10 22:39:03 +08:00
gcp-cherry-pick-bot[bot]
a5e216e2b2
fix: compute operations for mutatingwebhookconf (#10639) (#10641) 2024-07-10 11:34:52 +00:00
Mariam Fahmy
547cbd99be
fix: CEL policies aren't applied to deleted resources (#10624) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2024-07-09 12:35:06 +00:00
shuting
c55a7f8d86
release v1.12.5-rc.1 (#10632) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2024-07-09 11:56:04 +00:00
Mariam Fahmy
55a4cb95f0
refactor: add a function to check if VAPs are registered in the API server (#10625) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2024-07-09 10:10:29 +00:00
Mariam Fahmy
587d91655a
fix: remove unused parameters (#10626) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2024-07-09 08:30:56 +00:00
Charles-Edouard Brétéché
2b946980ab
feat: add reports circuit breaker (cherry-pick #10499 #10596 #10610 #10613) (#10628) 
* feat: add reports circuit breaker (#10499)

* feat: add reports circuit breaker

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* improve metrics and granularity

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feat: make reports breaker threshold configurable (#10596)

* feat: make reports breaker threshold configurable

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* lower default threshold

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* release notes

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: detect watcher not running (#10610)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feat: don't rely on events unicity in resource counters (#10613)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
 2024-07-08 15:44:00 +00:00
gcp-cherry-pick-bot[bot]
b88b627ce2
fix(json-ctx): overwrite element each iteration (#10615) (#10616) 
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: Khaled Emara <khaled.emara@nirmata.com>
 2024-07-05 15:40:13 +00:00
shuting
7e40b2efa4
cherry-pick #10382 (#10593) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
 2024-07-05 11:26:17 +02:00
gcp-cherry-pick-bot[bot]
6134f9ee4a
feat(events): normalize gctx events reason to be inline with other po… (#10395) (#10612) 
* feat(events): normalize gctx events reason to be inline with other policies



* chore(events): hide queue limit messages at a higher level



* test(gctx): add factory test



---------

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2024-07-04 14:48:04 +00:00
Mariam Fahmy
b5946eb6f3
fix: get ns labels in the cluster mode when using the CLI (cherry-pick #10348) (#10549) 
* fix: get ns labels in the cluster mode when using the CLI

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* chore: fix chainsaw test

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2024-07-03 17:34:19 +00:00
Mariam Fahmy
4a474149c4
fix: cleanup policy name is appended to logs (#10583) (#10599) 2024-07-03 16:27:00 +00:00
Mariam Fahmy
4ad8e51203
fix: failed to delete resource (#10582) (#10598) 2024-07-03 21:59:02 +08:00
gcp-cherry-pick-bot[bot]
475b3d03bf
feat: fix notary tests (#10579) (#10584) 
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
 2024-07-02 17:17:39 +00:00
gcp-cherry-pick-bot[bot]
a581738333
fix: correctly validate patterns for old and new objects (#10310) (#10537) 
* fix: correctly validate patterns for old and new objects



* test: add new scenario to the existing test



* fix: indention



* fix: chainsaw tests



---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2024-06-25 15:40:10 +00:00