mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00
Code Activity
2687 commits 16 branches 550 tags 288 MiB
Commit graph

119 commits

Author SHA1 Message Date
Shuting Zhao
ece16de329 clean up policy violation code - remove pvGenerator 2020-11-02 18:09:20 -08:00
Shuting Zhao
f8c659ffa5 fix report update 2020-11-02 15:58:43 -08:00
Shuting Zhao
6952c6cc74 fix results entry removal when policy / rule gets deleted 2020-10-30 16:56:44 -07:00
Shuting Zhao
596647dadb generate policy report in background scan 2020-10-29 13:35:18 -07:00
Shuting Zhao
f499c1ebb7 remove 2020-10-27 20:46:41 -07:00
Shuting Zhao
32d834ea26 - update json tag of report summary; - update definition manifests; - fix dclient creation 2020-10-26 16:08:25 -07:00
Shuting Zhao
c89f16c598 clean up policy report 2020-10-22 19:57:28 -07:00
Shuting Zhao
25409e42ea - remove job controller; - remove in-memory configmap; - clean up kustomize manifest 2020-10-21 17:56:17 -07:00
Shuting Zhao
c906baa1a7 - update policy report types; - upgrade k8s library; - update code gen 2020-10-15 17:54:58 -07:00
Shuting Zhao
f798e9cf2d add report logic in command apply 2020-10-15 17:29:07 -07:00
Shuting Zhao
2a3775a2fa - resolve PR comments; - refactor jobs controller 2020-10-13 18:54:57 -07:00
Shuting Zhao
6b5e935e49 Merge branch 'feature/reports-cli' of https://github.com/evalsocket/kyverno into policyreport 
# Conflicts:
#	Makefile
#	cmd/kyverno/main.go
#	go.mod
#	go.sum
#	pkg/client/clientset/versioned/clientset.go
#	pkg/client/clientset/versioned/fake/clientset_generated.go
#	pkg/client/clientset/versioned/fake/register.go
#	pkg/client/clientset/versioned/scheme/register.go
#	pkg/client/informers/externalversions/factory.go
#	pkg/client/informers/externalversions/generic.go
#	pkg/client/listers/kyverno/v1/expansion_generated.go
#	pkg/policy/common.go
#	pkg/policy/controller.go
#	pkg/policy/existing.go
#	pkg/policyviolation/builder.go
#	pkg/policyviolation/generator.go
#	pkg/webhooks/server.go
#	pkg/webhooks/validate_audit.go
#	pkg/webhooks/validation.go
 2020-10-12 18:30:37 -07:00
Shuting Zhao
cdc5190c56 update nirmata/kyverno to kyverno/kyverno 2020-10-07 11:12:31 -07:00
Mohan B E
51ac382c6c
Feature/configmaps var 724 (#1118) 
* added configmap data substitution for foreground mutate and validate

* added configmap data substitution for foreground mutate and validate fmt

* added configmap lookup for background

* added comments to resource cache

* added configmap data lookup in preConditions

* added parse strings in In operator and configmap lookup docs

* added configmap lookup docs

* modified configmap lookup docs
 2020-09-22 14:11:49 -07:00
evalsocket
68855c2ca9 improvment added in jobs sheduler 2020-09-15 06:59:05 -07:00
evalsocket
5a69b489a6 packages adde 2020-09-12 05:54:04 -07:00
evalsocket
32619c40f2 remove hard coded variables 2020-09-12 05:45:05 -07:00
evalsocket
7b29da672c fixed e2e test 2020-09-11 06:02:01 -07:00
evalsocket
94a549bdb7 build failed fix 2020-09-11 05:28:37 -07:00
evalsocket
6a0a5132b5 resolve conflict 2020-09-11 05:16:31 -07:00
evalsocket
37f96c5722 bug fixes 2020-09-10 05:10:29 -07:00
Yuvraj
b7524467a3
Reconcile Generate request on policy update (#1096) 
* policy report crd added

* added namespaced rule

* remove extra field from crd

* revert crd change

* remove policy report chnages

* remove policy report chnages

* remove policy report chnages

* remove policy report chnages

* added logic for gr

* revert changes

* fixed generate rules

* fixed generate rules

* fixed generate rules

* fixed generate rules

* remove extra logs

* remove extra logs

* fixed e2e test

* remove extra logs

* crd issue resolved

* added check for sync

* add labels update

* add label update

* added permission to role

* roles added to helm

* roles added to helm
 2020-09-03 14:34:23 -07:00
Yuvraj
e15ed829ca remove policy controller for policyreport 2020-09-03 22:19:37 +05:30
Yuvraj
e59425dfcd go fmt 2020-09-02 14:19:11 +05:30
Yuvraj
eb518a25f3 buf fix 2020-09-01 01:05:29 +05:30
Yuvraj
0bc1b3b3e8 added logic for cli 2020-08-31 23:18:25 +05:30
Yuvraj
22437289f5 added logic for jobs 2020-08-31 00:26:30 +05:30
Yuvraj
ea3e4241ed added logic for jobs 2020-08-31 00:06:21 +05:30
Yuvraj
9fb2b8dbb1 added logic for cli 2020-08-28 16:14:46 +05:30
Yuvraj
2a9477ba06 configmap added 2020-08-27 01:18:18 +05:30
Mohan B E
f60deecdce
Feature/namespaced policy 280 (#1058) 
* namespaced policy crd and cache

* modified main.go

* removed kyverno

* implemented policy violation generator for namespaced policy on audit

* modified cache

* added validation for cluster resource types

* install.yaml

* install.yaml

* removed namespaces from crd and refactored code

* modified NamespacePolicy to Policy

* added ClusterRole aggregate for policies

* modified clusterrole
 2020-08-19 09:07:23 -07:00
shuting
87fa77fbcc
965 add validate audit handler (#967) 
* store policy names cache to reduce lookup time

* add validate audit handler

* fix #958, remove auto-gen annotation on Pod

* formatting code

* update processTime to readable format

* #586, add back unit test

* update logging info

* remove unused interface

* handle generate policy in a single thread in weboook

* resolve pr comments
 2020-07-09 11:48:34 -07:00
Jim Bugwadia
65193feccb
update logging, naming, and event retry (#959) 
* update logging and naming

* check per policy patch count
 2020-06-30 11:53:27 -07:00
shuting
7ffeb6efca
skip generate violation on pre-exist pod (#952) 2020-06-25 09:52:54 -07:00
Shuting Zhao
139000fe3f fix namespace lister 2020-05-26 22:26:07 -07:00
Jim Bugwadia
838d02c475
Bugfix/659 support wildcards for namespaces (#871) 
* - support wildcards for namespaces

* do not annotate resource, unless policy is an autogen policy

* close HTTP body

* improve messages

* remove policy store

Policy store was not fully implemented and simply provided a way
to list all polices and get a policy by name, which can be done via
standard client-go interfaces.

We need to revisit and design a better PolicyStore that provides fast
lookups for matching policies based on names, namespaces, etc.

* handle wildcard namespaces in background processing

* fix unit tests 1) remove platform dependent path usage 2) remove policy store

* add test case for mutate with wildcard namespaces
 2020-05-26 10:36:56 -07:00
Shuting Zhao
0670abe2d2 set log level 2020-05-18 21:16:48 -07:00
Shuting Zhao
416f5ecc00 Merge branch 'master' into 744_deny_requests 
# Conflicts:
#	pkg/utils/util.go
#	pkg/webhooks/server.go
 2020-05-18 18:05:22 -07:00
Shuting Zhao
ad4f06f22d Merge branch 'master' into 744_deny_requests 
# Conflicts:
#	pkg/webhooks/mutation.go
#	pkg/webhooks/server.go
#	pkg/webhooks/validation.go
 2020-05-18 12:32:42 -07:00
Shuting Zhao
f97c202d52 extract controller resync period to a constant file 2020-05-18 11:56:17 -07:00
Jim Bugwadia
bf1aaba99b allow cross platform builds 2020-05-17 09:51:46 -07:00
shravan
1b2868620e 744 fixing tests and making sure policy with variables that are not request.object are not allowed in background mode 2020-05-06 00:29:40 +05:30
shivkumar dudhani
e6e5bbb603 Merge branch 'master' into access_check 2020-03-17 17:23:18 -07:00
shivkumar dudhani
d327309d72 refactor logging 2020-03-17 16:25:34 -07:00
shivkumar dudhani
1b1ab78f77 logs & access 2020-03-17 11:05:20 -07:00
shravan
36e775edb0 527 resolved merge conflicts 2020-02-24 20:19:28 +05:30
shravan
592df74c57 527 tested mutate needs further testing 2020-02-22 23:35:02 +05:30
shravan
e1b9a13590 resolving merge conflicts 2020-01-25 14:55:36 +05:30
shravan
78cae242c5 522 restructured files 2020-01-25 14:53:12 +05:30
Shivkumar Dudhani
8c1d79ab28
linter suggestions (#655) 
* cleanup phase 1

* linter fixes phase 2
 2020-01-24 12:05:53 -08:00