mohamedasifs123
|
d566e9886c
|
Fix :variables are not getting processed in validation message for "anyPattern" (#9713)
* Update validate_resource.go
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Create pod.yaml
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Create chainsaw-test.yaml
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Create policy.yaml
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Update validate_resource.go
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* test
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* test
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* test
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* test
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Update chainsaw-test.yaml
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Create README.md
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/variable-substitution-failure-messages/README.md
Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/variable-substitution-failure-messages/README.md
Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/variable-substitution-failure-messages/chainsaw-test.yaml
Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/variable-substitution-failure-messages/README.md
Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
---------
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
|
2024-02-21 07:20:43 +00:00 |
|
Charles-Edouard Brétéché
|
747bc017e5
|
fix: follow up for #9534 (#9543)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2024-01-29 08:54:58 +00:00 |
|
mohamedasifs123
|
e3274386e7
|
Update validate_resource.go (#9534)
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
|
2024-01-28 20:41:42 +00:00 |
|
Mariam Fahmy
|
b61a1f3d18
|
fix: set v2beta1 of exceptions the storage version (#9254)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
|
2023-12-22 10:13:58 +00:00 |
|
Mariam Fahmy
|
8e0a7aa204
|
feat: promote policy exceptions to v2 (#9208)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2023-12-19 10:43:39 +00:00 |
|
Vishal Choudhary
|
1f4181645b
|
fix: allow changes to preexisting resource in violation of a policy in Enforce (#9027)
* fix: allow changes to preexisting resource in violation of a policy in Enforce
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: missing error check
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* nit: cleanup
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: update old policy context
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: preconditions always retured true
internal.CheckPreconditions always returned true when v.anyAllConditions, it should be populated with rule.RawAnyAllConditions when newValidator() is used to create a validator
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: fix chainsaw test
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: nit
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* debug
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: update test
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: add namespace
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: add test for bad to good conversion
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: add test step
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
|
2023-12-12 09:17:53 +00:00 |
|
Mariam Fahmy
|
c0e0cea9f4
|
feat: compute policy exceptions as a part of the rule execution (#8713)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
|
2023-11-13 15:43:25 +00:00 |
|
Charles-Edouard Brétéché
|
6d9d3b7f4c
|
fix: remove jmespath replace directive (#7726)
* fix: remove jmespath replace directive
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* master
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
|
2023-07-07 10:22:26 +00:00 |
|
Charles-Edouard Brétéché
|
644ed25fd0
|
fix: misleading error message in deny conditions (#7503)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-06-13 12:51:08 +00:00 |
|
Mariam Fahmy
|
7f6fb24057
|
feat: support cel expression in validate rules (#7070)
* feat: support cel expression in validate rules
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Adding CEL preconditions in kyverno policies
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Support parameter resources in validate.cel subrule
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Adding CEL preconditions in kyverno policies
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Add kuttl tests for validate.cel subrule
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Fix disallow-host-path kuttl test
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Add kuttl test for cel preconditions
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Fix kuttl tests for validate.cel
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Use K8S API Validation and AuditAnnotation
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Use K8S API ParamKind and ParamRef
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
---------
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
|
2023-05-31 14:30:55 -07:00 |
|
Jim Bugwadia
|
f287e0a220
|
Conditions message (#7113)
* add message to conditions
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* extend tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
|
2023-05-08 15:34:23 +08:00 |
|
Charles-Edouard Brétéché
|
784ca07419
|
refactor: engine rule response creation (#6784)
* refactor: engine rule response creation
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* private fields
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* more private
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* more more private
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* more private
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* more private
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* more private
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* more private
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* more private
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* more private
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* more private
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* more private
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* more private
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix unit tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-04-05 10:35:38 +00:00 |
|
Charles-Edouard Brétéché
|
40ac8eb863
|
feat: add context/preconditions support to mutate existing (#6754)
* refactor: engine handlers
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: add context/preconditions support to mutate existing
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* readme
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix and context kuttl test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* validation
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* final fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
|
2023-04-03 19:58:58 +00:00 |
|
Charles-Edouard Brétéché
|
b4a4e3a4f3
|
refactor: don't process context/preconditions in invokeHandler (#6751)
* refactor: engine handlers
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: don't process context/preconditions in invokeHandler
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-04-03 12:57:48 +08:00 |
|
Charles-Edouard Brétéché
|
263fd8a7a8
|
refactor: introduce image mutation handler (#6735)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-03-31 06:41:48 +00:00 |
|
Charles-Edouard Brétéché
|
d0841e4918
|
refactor: introduce pss validation handler (#6724)
* refactor: remove rules pointer
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: introduce pss validation handler
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* handler
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-03-30 09:51:16 +00:00 |
|
Charles-Edouard Brétéché
|
43811733dc
|
refactor: remove rules pointer (#6722)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-03-29 17:44:09 +00:00 |
|
Charles-Edouard Brétéché
|
341ed36e54
|
refactor: make use of handlers in engine validation (#6704)
* refactor: make use of handlers in engine validation
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* polex
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-03-28 07:47:53 +02:00 |
|