kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00

Author	SHA1	Message	Date
Charles-Edouard Brétéché	0077fdae2b	feat: add validation message in cel engine response (#12052 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-02-03 11:13:06 +00:00
Mariam Fahmy	4c950dcb32	feat: use v1 of ValidatingAdmissionPolicies (#12050 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2025-01-31 14:21:43 +00:00
Mariam Fahmy	226cacd65c	fix: match the old object against the object selector for VAPs in the CLI (#12051 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2025-01-31 14:47:32 +01:00
Mariam Fahmy	d1536580da	feat: add CEL PolicyException CRD (#12038 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2025-01-31 11:39:17 +00:00
Charles-Edouard Brétéché	f59b78aef0	feat: process cel engine response in webhook handler (#12047 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-31 11:07:22 +00:00
Charles-Edouard Brétéché	b8f7a83942	feat: support adminssion review in cel engine (#12046 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-31 08:03:59 +00:00
Charles-Edouard Brétéché	7a4e1bede9	feat: use more admission attributes (#12044 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-30 23:58:12 +00:00
Charles-Edouard Brétéché	2ab3b2dd51	fix: cel lib get config map return type (#12042 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-31 01:15:05 +02:00
Charles-Edouard Brétéché	f448db3f36	feat: use admission attributes (#12041 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-30 20:36:41 +00:00
abhashsolanki18	5c9adf9fb5	fix: error handling and reduce log clutter (#11979 ) * fix: error handling and reduce log clutter Signed-off-by: abhashsolanki18 <abhashsolanki18@gmail.com> * fixed lint test Signed-off-by: abhashsolanki18 <abhashsolanki18@gmail.com> --------- Signed-off-by: abhashsolanki18 <abhashsolanki18@gmail.com>	2025-01-30 09:47:09 +00:00
Charles-Edouard Brétéché	dfa9f2f727	feat(validating policies): add support for ns and object selectors (#12034 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-30 01:07:01 +02:00
Charles-Edouard Brétéché	30360e871a	feat: execute handler (#12033 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-29 11:24:13 -08:00
Charles-Edouard Brétéché	a36f8c857c	fix: don't sort cel policies (#12028 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-29 15:00:46 +00:00
Charles-Edouard Brétéché	bff9590ebc	fix: bad usage of wait group (#12029 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-29 12:28:41 +00:00
Charles-Edouard Brétéché	1d3a9294cc	feat: watch validating policies (#12008 ) * feat: watch validating policies Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * rest config Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-28 16:24:40 +00:00
Mariam Fahmy	da717c4b17	feat: add validation action to VPs (#12017 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2025-01-28 14:34:26 +01:00
Charles-Edouard Brétéché	26e75fbf59	feat: add validating policy webhook handler (#12015 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-28 09:06:30 +00:00
Charles-Edouard Brétéché	92436bf4ed	refactor: use k8s wait group (#12010 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-27 23:25:33 +00:00
Charles-Edouard Brétéché	db4f7fb5e6	feat: register cel context lib (#12007 ) * feat: register cel context lib Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * unit test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-27 16:16:27 +00:00
Mariam Fahmy	b8c6931aa5	feat: add autogen package for ValidatingPolicies (#11996 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2025-01-27 12:36:11 +00:00
Charles-Edouard Brétéché	a5fe768a53	feat: implement cel engine context provider (#11995 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-24 15:42:58 +00:00
Mariam Fahmy	1703428ffb	chore: remove unused functions in autogen (#11993 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2025-01-24 12:30:11 +00:00
Charles-Edouard Brétéché	ed80be3eff	feat: add support for more context elements (#11986 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-24 08:37:33 +00:00
Johann Schley	02c54490bc	Fix default value for apiCall context (#11733 ) * chore(deps): bump golang.org/x/crypto from 0.29.0 to 0.30.0 (#11712) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.29.0 to 0.30.0. - [Commits](https://github.com/golang/crypto/compare/v0.29.0...v0.30.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Johann Schley <johann.schley@swisscom.com> * add test for apiCall default value Signed-off-by: Johann Schley <johann.schley@swisscom.com> * move fallback to default into fetch function Signed-off-by: Johann Schley <johann.schley@swisscom.com> * Update pkg/engine/apicall/apiCall.go improved log message text Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: Johann Schley <johann.schley@swisscom.com> * Update pkg/engine/apicall/apiCall.go Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: Johann Schley <johann.schley@swisscom.com> * address comments Signed-off-by: Johann Schley <johann.schley@swisscom.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Johann Schley <johann.schley@swisscom.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Johann Schley <johann.schley@swisscom.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2025-01-24 04:54:32 +00:00
Charles-Edouard Brétéché	144bf436ed	fix: implement cel context lib correctly (#11983 ) * fix: implement cel context lib correctly Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more changes Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-23 11:02:33 +00:00
Charles-Edouard Brétéché	f5467fcd61	refactor: reduce generic policy interface (#11977 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-22 16:32:30 +00:00
Charles-Edouard Brétéché	61d69c9290	refactor: reduce generic policy interface (#11974 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-22 09:03:48 +00:00
Charles-Edouard Brétéché	9d11e8f98c	feat: introduce evaluation results in cel engine (#11971 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-21 16:41:45 +00:00
Charles-Edouard Brétéché	54a8a53205	feat: add validating policy engine api wrapper (#11963 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-21 15:59:34 +08:00
Charles-Edouard Brétéché	a30fc14d4d	feat: add namespace support in CLI values (#11958 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-20 13:43:13 +02:00
Charles-Edouard Brétéché	5cc408dddb	feat: use policy provider (#11947 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-20 09:43:05 +00:00
Mariam Fahmy	77a7e5193a	feat: add MAP's mutation logic for the CLI (#11946 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2025-01-17 15:16:34 +00:00
Charles-Edouard Brétéché	7351501ef6	feat(cli,apply): load validating policies (#11933 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-17 09:53:17 +00:00
shuting	97ed53f6bb	feat: register webhook configurations for validatingpolicies (#11892 ) * feat: add spec.webhookConfiguration Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: refactor build webhook for kyverno policies Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: update yamls Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: add listers Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: update api Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: remove matchPolicy Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: update crd yaml Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: add short name Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: update deepcopy Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: upadte spec Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: fix description Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: add missing files Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: register webhook for validatingpolicies Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: fix import Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: add unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: update docs Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: update manifests Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: update unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: update manifests Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2025-01-17 11:33:47 +02:00
abhashsolanki18	d2e6759115	fix:[Bug] [CLI] CEL scanning a namespace yaml object makes Kyverno crash (#11834 ) * fix:[Bug] [CLI] CEL scanning a namespace yaml object makes Kyverno crash Signed-off-by: abhashsolanki18 <abhashsolanki18@gmail.com> * Fix nil pointer dereference in namespace handling for ValidatingAdmissionPolicy. Signed-off-by: abhashsolanki18 <abhashsolanki18@gmail.com> * added test for namespace resource Signed-off-by: abhashsolanki18 <abhashsolanki18@gmail.com> * fixed test Signed-off-by: abhashsolanki18 <abhashsolanki18@gmail.com> * fixed test Signed-off-by: abhashsolanki18 <abhashsolanki18@gmail.com> * fixed test, combined binding and policy Signed-off-by: abhashsolanki18 <abhashsolanki18@gmail.com> --------- Signed-off-by: abhashsolanki18 <abhashsolanki18@gmail.com>	2025-01-16 13:39:24 +00:00
Mariam Fahmy	a72868bd6f	chore: move CEL package to admissionpolicy package (#11931 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2025-01-15 13:04:18 +00:00
Frank Jogeleit	c0d7df709a	Implement Object type checking based on OpenAPI v3 schema (#11919 ) * Implement Object type checking based on OpenAPI v3 schema Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de> * Fix conflicting resource name Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de> * make typeName an configurable argument Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de> --------- Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-14 15:36:09 +00:00
Charles-Edouard Brétéché	6af7ab8905	feat: add CEL variables type checking (#11920 ) * feat: add CEL variables support Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: add CEL variables type checking Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more types Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * provider Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-14 15:57:55 +01:00
Mariam Fahmy	4678078c3d	feat: add auditAnnotation in CEL Compiler (#11918 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2025-01-14 13:16:29 +00:00
Charles-Edouard Brétéché	9177c57b21	feat: add CEL variables support (#11913 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-14 09:41:18 +00:00
Charles-Edouard Brétéché	616cb93bc4	feat: add validating policy compiler (#11906 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-13 13:56:36 +01:00
Charles-Edouard Brétéché	bdc55fbc93	feat: add context cel lib to get config map (#11898 ) * feat: add context cel lib to get config map Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * function name Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix type Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-10 14:19:50 +00:00
Frank Jogeleit	032d428b12	feat: setup validating policy cel environment (#11897 ) Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de>	2025-01-10 13:54:04 +00:00
Charles-Edouard Brétéché	4e84edff68	feat: add support for loading validating policies in the cli (#11883 ) * feat: add support for loading validating policies in the cli Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * copy data Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * legacy loader Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-10 10:43:48 +00:00
Charles-Edouard Brétéché	1d03b932a4	refactor: get policy helper (#11891 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-01-10 09:30:54 +00:00
Charles-Edouard Brétéché	8be679cdfb	feat: bump kube deps to 1.32 (#11877 )	2025-01-09 19:51:43 +08:00
Charles-Edouard Brétéché	47e99166a5	feat: add kyverno vap API (#11790 ) * feat: add kyverno vap API Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * add context lib Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2025-01-08 15:56:36 +00:00
Damien Degois	c282f71212	remove policy exception dependancy from globalcontext and add some tests (#11788 ) Signed-off-by: Damien Degois <damien@degois.info> Co-authored-by: shuting <shuting@nirmata.com>	2025-01-03 16:16:37 +00:00
Damien Degois	e0fe6ec59a	fix global context error message logic error (#11815 ) following same file line 91 and github.com/kyverno/kyverno/pkg/globalcontext/store#35 the proper handling should be `!ok` Signed-off-by: Damien Degois <damien@degois.info> Co-authored-by: shuting <shuting@nirmata.com>	2025-01-03 11:47:07 +00:00
Sandesh More	37c73f9314	Fix: Policy with failureActionOverrides not applying desired failure actions in desired namespaces (#11811 ) Signed-off-by: Sandesh More <sandesh.more@infracloud.io> Co-authored-by: sandesh more <samore@purestorage.com>	2025-01-03 10:50:49 +00:00

1 2 3 4 5 ...

3878 commits