mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-09 17:37:12 +00:00
16 commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Vishal Choudhary
|
7d8ed212a4
|
feat: create image data loader (#12036)
* feat: add image data loader to context Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: build Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: linter Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: update types Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: replace crane with remote Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: linter Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: linter Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> |
||
Charles-Edouard Brétéché
|
4e84edff68
|
feat: add support for loading validating policies in the cli (#11883)
* feat: add support for loading validating policies in the cli Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * copy data Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * legacy loader Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> |
||
Jim Bugwadia
|
f06399200c
|
remove wildcard permissions (#10785)
* remove wildcard permissions Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update codegen Signed-off-by: Jim Bugwadia <jim@nirmata.com> * codegen Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix background controller perms Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove secrets perm Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix reports-controller role Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add wildcard check and limit generate policy checks based on `synchronize` Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update manifest Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix permissions Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix wildcard check Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update default QPS and burst for better performance and to prevent test failure Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test permissions Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test permissions Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test permissions Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test permissions Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test permissions Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test permissions Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test permissions Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix perms Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix perms Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test permissions Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test permissions Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix merge issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix merge issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> --------- Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com> |
||
|
Jim Bugwadia
|
6d48a185d1
|
Fix cli load policies from fs (#10270)
* skip invalid policy files Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix file-system policy loader Signed-off-by: Jim Bugwadia <jim@nirmata.com> * propagate policy schema error Signed-off-by: Jim Bugwadia <jim@nirmata.com> --------- Signed-off-by: Jim Bugwadia <jim@nirmata.com> |
||
Khaled Emara
|
10258921ac
|
feat(validation-webhook): validate global context reference (#9678)
* feat(validation-webhook): validate global context reference Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(validation-webhook): global reference name Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * test(globalcontext): fix tests after valdiation Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(policycache): dont add NotReady Policies Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): rename e2e tests Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): add entry errors Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * test(globalcontext): fix chainsaw test Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> --------- Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> |
||
|
Vishal Choudhary
|
4108415153
|
feat: use awslabs keychain for AWS and gcr keychain for GCP (#9416)
* feat: use awslabs keychain for AWS and gcr keychain for GCP Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * chore: remove unused var Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * chore: remove more unused vars Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: gofumpt Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> |
||
Mariam Fahmy
|
d47684c0d9
|
feat: support validatingadmissionpolicybindings in CLI apply command (#9468)
* feat: support validatingadmissionpolicybindings in CLI apply command Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix linter issue Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> |
||
|
Charles-Edouard Brétéché
|
482c243517
|
refactor: remove openapi package (#8538)
* refactor: openapi package Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * kubectl validate Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * rm Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * go mod Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix vscode Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> |
||
|
Charles-Edouard Brétéché
|
dc71610df7
|
refactor: cli commands tests and error handling (#8367)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> |
||
|
Charles-Edouard Brétéché
|
d24b0848a6
|
chore: add cli commands unit tests (#8366)
* chore: add cli unit tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chore: add cli commands unit tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> |
||
Vishal Choudhary
|
07877ef37a
|
feat: add custom keychains using fluxcd/oci/auth package (#7908)
* feat:add usage of flux auth package for creating keychain
for every oci provider, we will create a client from flux and use its login() method
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: add registry checking
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* bug: update azure keychain to return anonymous kc
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* bug: remove google keychain
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* bug: kubeconfig redefined
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* bug: fix kubeconfig flag being double defined
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated comments (#7902)
Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
* chore(deps): bump google.golang.org/grpc from 1.56.2 to 1.57.0 (#7918)
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.56.2 to 1.57.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.56.2...v1.57.0)
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/go-git/go-git/v5 from 5.8.0 to 5.8.1 (#7919)
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.8.0 to 5.8.1.
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](https://github.com/go-git/go-git/compare/v5.8.0...v5.8.1)
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
* refactor validating admission policies (#7835)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* feat: update default keychain in registry to be empty (#7906)
* feat: update default keychain to be empty
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: update registryCredentialHelpers description
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
---------
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: rename vap to its full name (#7929)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix(chart): only create ServiceMonitor if cluster supports it (#7926)
* fix: only create ServiceMonitor if cluster supports it
Adds an additional check to the ServiceMonitor template to ensure that
the cluster supports the `monitoring.coreos.com/v1` API version.
Signed-off-by: Alexej Disterhoft <alexej@disterhoft.de>
* add IITS Consulting as adopter from Google Form (#7932)
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* Adding other folder's subfolders to workflows/conformance.yaml's tests array (#7927)
Signed-off-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com>
Co-authored-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
* feat: add create metrics-config cli command (#7782)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore(deps): bump svenstaro/upload-release-action from 2.6.1 to 2.7.0 (#7940)
Bumps [svenstaro/upload-release-action](https://github.com/svenstaro/upload-release-action) from 2.6.1 to 2.7.0.
- [Release notes](https://github.com/svenstaro/upload-release-action/releases)
- [Changelog](https://github.com/svenstaro/upload-release-action/blob/master/CHANGELOG.md)
- [Commits](
|
||
|
Charles-Edouard Brétéché
|
3b44af8dbd
|
refactor: move utils cobra to command package (#8291)
* refactor: introduce cli variables package Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * lint Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor: move utils cobra to command package Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> |
||
|
Charles-Edouard Brétéché
|
04e21da671
|
fix: cli dependency to controller-runtime logger (#8280)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> |
||
|
Charles-Edouard Brétéché
|
cbeb5157d6
|
refactor: cli policy package (#8279)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> |
||
|
Charles-Edouard Brétéché
|
c51bc5beb8
|
docs: improve cli commands docs (#8259)
* chore: improve cli commands docs Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * docs Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * experimental Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * version Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * unit tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * oci Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * oci Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * jp Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * apply Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * create Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> |
||
|
Charles-Edouard Brétéché
|
cef4a9b546
|
refactor: move all cli commands in a commands package (#8231)
* chore: name all cli command files the same Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor: move all cli commands in a commands package Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * root Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> |