kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00

Author	SHA1	Message	Date
Charles-Edouard Brétéché	78016a5a51	refactor: introduce engine interface in engine api (#6181 ) * refactor: introduce policy context interface in engine api Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more interface funcs Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * interface Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * rename Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * merge main Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor: introduce engine interface in engine api Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor: introduce engine interface in engine api Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * makefile Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2023-02-02 10:58:34 +00:00
Fish-pro	fdfdcc058f	Remove dependency on github.com/pkg/errors (#6165 ) Signed-off-by: Fish-pro <zechun.chen@daocloud.io>	2023-02-01 14:38:04 +08:00
Charles-Edouard Brétéché	8290112b84	refactor: introduce policy context interface in engine api (#6177 ) * refactor: introduce policy context interface in engine api Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more interface funcs Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * interface Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * rename Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * merge main Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2023-01-31 15:28:48 +00:00
Charles-Edouard Brétéché	848596ca8d	refactor: introduce context loader interface in engine api (#6164 ) * refactor: introduce context loader interface in engine api Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * factory Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * mock Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-01-31 22:30:40 +08:00
Fish-pro	cb22ecc2fc	Clean up the unnecessary package import rename (#6166 ) Signed-off-by: Fish-pro <zechun.chen@daocloud.io>	2023-01-31 12:59:41 +08:00
Charles-Edouard Brétéché	2f487ffda0	fix: reduce dependency from engine to cli (#6134 ) * fix: remove dependency from engine to cli Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-01-30 15:30:47 +00:00
Jim Bugwadia	787a1dc40a	Service call (#5755 ) * fix digest and verify logic Signed-off-by: Jim Bugwadia <jim@nirmata.com> * allow attestations with no attestors Signed-off-by: Jim Bugwadia <jim@nirmata.com> * require predicateType Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix typo Signed-off-by: Jim Bugwadia <jim@nirmata.com> * updates Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix linter issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> * make service optional Signed-off-by: Jim Bugwadia <jim@nirmata.com> * make codegen-all Signed-off-by: Jim Bugwadia <jim@nirmata.com> * linter issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> * gofmt Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add api token Signed-off-by: Jim Bugwadia <jim@nirmata.com> * codegen again! Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix API call Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix tests and formatting Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * revert changes to clientset & rename requestType Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-12-27 08:36:49 +00:00
Jim Bugwadia	af4c8ed886	use camel case for ForEach naming (#5660 ) Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2022-12-12 19:24:13 +00:00
Charles-Edouard Brétéché	ff728d5f2b	feat: propagate context through engine (#5639 ) * feat: propagate context through engine Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: propagate context through engine Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: propagate context through engine Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: propagate context through engine Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2022-12-09 21:45:11 +08:00
Charles-Edouard Brétéché	8376bf8b6b	feat: use lister in registry client (#5620 )	2022-12-09 00:51:45 +08:00
Charles-Edouard Brétéché	ed97ff66d0	fix: registry client not propagated correctly (#5622 ) * fix: registry client not propagated correctly Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2022-12-08 23:23:18 +08:00
Charles-Edouard Brétéché	7219b4f8a3	refactor: registry client (#5596 ) * refactor: registry client Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2022-12-07 23:08:37 +08:00
Pratik Shah	f8ed1a9301	issue-4613: Add support for cache enhancements with informers (#5484 ) Signed-off-by: Pratik Shah <pratik@infracloud.io> Signed-off-by: Pratik Shah <pratik@infracloud.io>	2022-12-02 13:59:51 +00:00
Charles-Edouard Brétéché	5b89e2e5f8	refactor: make policy context immutable and fields private (#5523 ) * refactor: make policy context immutable and fields private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor: make policy context immutable and fields private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-12-02 16:14:23 +08:00
Charles-Edouard Brétéché	c3be9e36a5	feat: propagate context to dynamic client (#5495 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-11-29 13:59:40 +00:00
Sandesh More	fa178ebd82	added apiCalls support in kyverno-apply command (#4938 ) Signed-off-by: Sandesh More <sandesh.more@infracloud.io> Signed-off-by: Sandesh More <sandesh.more@infracloud.io>	2022-10-19 16:39:15 +00:00
Charles-Edouard Brétéché	1e25bfd16f	feat: remove context api call constraints (#4389 ) * feat: add raw api call support Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * feat: remove context api call constraints Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-01 08:30:04 +00:00
shuting	3bf3dcc1af	Add the metric "kyverno_client_queries_total" (#4359 ) * Add metric "kyverno_kube_client_queries_total" Signed-off-by: ShutingZhao <shuting@nirmata.com> * publish metric for missing queries Signed-off-by: ShutingZhao <shuting@nirmata.com> * Refactor the way Kyverno registers QPS metric Signed-off-by: ShutingZhao <shuting@nirmata.com> * Move clientsets to a dedicated folder Signed-off-by: ShutingZhao <shuting@nirmata.com> * Wrap Kyverno client and policyreport client to register client query metric Signed-off-by: ShutingZhao <shuting@nirmata.com> * address linter comments Signed-off-by: ShutingZhao <shuting@nirmata.com> * address linter comments Signed-off-by: ShutingZhao <shuting@nirmata.com> * Switch to use wrapper clients Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-08-31 11:33:47 +05:30
Charles-Edouard Brétéché	5cc97993dc	feat: add raw api call support (#3820 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-08-23 18:52:54 +02:00
vivek kumar sahu	c95bb74992	Context vars substitution in CLI (#4290 ) * context variables substitution will be independent of sequence Signed-off-by: viveksahu26 <vivekkumarsahu650@gmail.com> * Added test cases Signed-off-by: viveksahu26 <vivekkumarsahu650@gmail.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-08-09 05:48:57 +00:00
Anton Popovichenko	afc9a56d33	Feature: Add support for allowing insecure registries. (#3983 ) Now you can work with self signed registries by updating your deployment with adding `--allowInsecureRegistry` to the `args` field. Signed-off-by: Anton Popovichenko <anton.popovichenko@mendix.com> Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-25 11:03:36 +02:00
Charles-Edouard Brétéché	1afda6a137	refactor: make registry client variables private (#3975 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-23 18:45:25 +05:30
Charles-Edouard Brétéché	5aaf2d8770	chore: make kyverno api import aliases consistent (#3939 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-17 13:12:43 +02:00
Charles-Edouard Brétéché	97e5e64fd4	chore: enable whitespace linter (#3864 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>	2022-05-10 17:01:29 +00:00
Jim Bugwadia	bc07943c81	handle subresources (#3841 ) * handle subresources Signed-off-by: Jim Bugwadia <jim@nirmata.com> * make fmt Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix logger name Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix webhook and logs Signed-off-by: Jim Bugwadia <jim@nirmata.com> * make fmt Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-05-09 18:50:50 -07:00
Sambhav Kothari	876a216b5f	Improve logging and error handling in json context (#3825 )	2022-05-07 11:32:48 +00:00
Sambhav Kothari	6e48fdf4ce	Fix issue with image registry when decoding OCI descriptors with out of spec keys (#3799 )	2022-05-04 13:38:56 -04:00
Charles-Edouard Brétéché	f70ef051dc	refactor: move ImageExtractorConfigs in api package (#3781 )	2022-05-03 08:45:08 +00:00
Jim Bugwadia	3cb620499e	Remove YAML multiline support in CM values (#3721 ) * remove YAML multiline support in CM values Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove unused code Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-05-02 08:57:35 +01:00
Vyankatesh Kudtarkar	56c90fd087	Support context variables when using foreach CLI (#3637 ) * Support context variables when using foreach CLI * add testcases	2022-04-25 16:36:31 +00:00
Sambhav Kothari	44b5bf0b57	Allow definition of inline variables in context (#3658 ) Signed-off-by: Sambhav Kothari <skothari44@bloomberg.net>	2022-04-25 19:06:07 +08:00
Naman Lakhwani	9f3fc941ef	[imageVerify]: adding `digestMutate` to simplify tag-to-digest mutation (#3531 ) * added digestMutate Signed-off-by: Naman Lakhwani <namanlakhwani@gmail.com> * rebase Signed-off-by: Naman Lakhwani <namanlakhwani@gmail.com> * setting always to true Signed-off-by: Naman Lakhwani <namanlakhwani@gmail.com> * small nit Signed-off-by: Naman Lakhwani <namanlakhwani@gmail.com> * make codegen Signed-off-by: Naman Lakhwani <namanlakhwani@gmail.com> * crds & failing rule if mutation fails Signed-off-by: Naman Lakhwani <namanlakhwani@gmail.com> * adding new func to fetch digest and changing naming to mutateDigest Signed-off-by: Naman Lakhwani <namanlakhwani@gmail.com> * small nits Signed-off-by: Naman Lakhwani <namanlakhwani@gmail.com> * generating crds Signed-off-by: Naman Lakhwani <namanlakhwani@gmail.com> * minor nit Signed-off-by: Naman Lakhwani <namanlakhwani@gmail.com> * correcting error format Signed-off-by: Naman Lakhwani <namanlakhwani@gmail.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2022-04-22 01:08:49 -07:00
Mritunjay Kumar Sharma	b815caef5d	refactor cli code from pkg to cmd (#3591 ) * refactor cli code from pkg to cmd Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com> * fixes in imports Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com> * fixes tests Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com> * fixed conflicts Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com> * moved non-commands to utils Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-04-14 12:20:18 +00:00
Charles-Edouard Brétéché	3d554ce53b	refactor: engine context (#3563 ) Co-authored-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-04-09 11:52:50 +00:00
Charles-Edouard Brétéché	83343697b9	refactor: make use of policy interface (#3499 ) - refactor: make use of policy interface Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-30 18:34:30 +05:30
Sambhav Kothari	6498425937	Add a registry flag to allow direct access to container registries in the CLI (#3396 ) * Add a registry flag to allow direct access to container registries in the CLI Signed-off-by: Sambhav Kothari <sambhavs.email@gmail.com>	2022-03-16 09:56:47 +05:30
Sambhav Kothari	2eb8f5f285	Fix memory leak when updating ggcr keychain (#3088 ) Signed-off-by: Sambhav Kothari <sambhavs.email@gmail.com>	2022-01-26 12:45:05 -08:00
shuting	b6447e0649	Remove resourceCache from engine (#3013 ) * update log messages Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove resourceCache from the background controller when: - register resource scope - list resources per namespace Signed-off-by: ShutingZhao <shuting@nirmata.com> * - use client call for configmap lookup; - remove resourceCache from policy controller, webhook server and generate controller Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-01-18 12:59:35 +00:00
Sambhav Kothari	1af9e48b0d	Add image data to validate image configs (#2946 ) * Add image data to validate image configs Signed-off-by: Sambhav Kothari <sambhavs.email@gmail.com> * Add tests for image context Signed-off-by: Sambhav Kothari <sambhavs.email@gmail.com> * Add e2e test cases for image size policy Signed-off-by: Sambhav Kothari <sambhavs.email@gmail.com>	2022-01-17 04:06:44 +00:00
Jose Armesto	831a9826d1	Restructure project to follow standards (#2632 ) Signed-off-by: Jose Armesto <github@armesto.net>	2021-10-29 18:13:20 +02:00
Sunghoon Kang	e401d57b35	Check client if nil before loading resource list (#2562 ) Unlike loading resource, current implementation doesn't check if client is nil or not when loading resource list. This commit checks if client is nil or not before loading resource list. Signed-off-by: Sunghoon Kang <hoon@linecorp.com>	2021-10-26 17:30:19 -07:00
Jim Bugwadia	836d88191d	make fmt Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-10-26 10:49:51 -07:00
Jim Bugwadia	ef9e9ec9ac	add variable substitutoion for imageVerify and allow PEM in ConfigMaps Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-10-26 10:41:27 -07:00
Kumar Mallikarjuna	f6933bb439	Block scalars for value files (#2380 ) * Block scalars for value files Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com> * Handle non-block values Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com> * Unit tests for block scalars Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>	2021-09-13 16:33:30 +05:30
Max Goncharenko	0fdd349849	Changed error to info for NotFoundError in jsonContext (#2140 ) * changed error to info for NotFoundError in jsonContext Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com> * raise log level for NotFoundError in jsonContext Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com>	2021-07-14 14:50:28 -07:00
Trey Dockendorf	beabeddb81	Fix reviewdog failure Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>	2021-05-04 11:14:07 -04:00
Trey Dockendorf	d7886bddc9	Fix tests with variables to use Mock store Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>	2021-05-03 19:54:19 -04:00
Pooja Singh	1e4c950104	Feature/1515 - handle configmap and api variable cli (#1789 ) * added store package Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added changes to handle api and configmap variables in cli Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * removed comments Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * refactoring code Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added test case for mutation Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added test case for validation Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * code improvement Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-04-29 10:09:44 -07:00
Max Goncharenko	6a0305674a	JMESPath custom functions (#1772 ) * JMESPath: Support regex expressions Signed-off-by: Max Goncharenko <kacejot@fex.net> * JMESPath: Add string functions Signed-off-by: Max Goncharenko <kacejot@fex.net> * Removed {{$}} variable handling logic Signed-off-by: Max Goncharenko <kacejot@fex.net> * Name all functions in snake case; Update error message; Fix {{@}} behavior Signed-off-by: Max Goncharenko <kacejot@fex.net>	2021-04-16 16:17:00 -07:00
Shuting Zhao	cab81eadda	operate on the copy of configmap data Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-03-31 15:22:25 -07:00

1 2

59 commits