kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00

Author	SHA1	Message	Date
Charles-Edouard Brétéché	06fc472f52	refactor: add IsNamespaced() method to API policy types (#3450 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-23 13:03:15 +05:30
Charles-Edouard Brétéché	f263cbedca	fix: use PodControllersAnnotation constant (#3448 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-22 20:43:19 +00:00
shuting	e5679bc6ff	Update MAINTAINERS.md (#3449 ) Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-03-22 19:19:46 +00:00
Vyankatesh Kudtarkar	e268be9e88	support for deprecated API's (#3439 ) * support for deprecated API's * add testcase * update condition * fix logic	2022-03-22 18:25:35 +00:00
Abhi Kapoor	1b10f18086	Drop v1alpha1 PolicyReport CRD (#3437 ) * Drop v1alpha1 PolicyReport CRD Signed-off-by: abhi-kapoor <43758739+abhi-kapoor@users.noreply.github.com> * Drop v1alpha1 kyverno package Signed-off-by: abhi-kapoor <43758739+abhi-kapoor@users.noreply.github.com> * Update Makefile to remove references for v1alpha1 Signed-off-by: abhi-kapoor <43758739+abhi-kapoor@users.noreply.github.com> * Update helm manifests Signed-off-by: abhi-kapoor <43758739+abhi-kapoor@users.noreply.github.com>	2022-03-22 17:08:25 +00:00
Charles-Edouard Brétéché	d129b7a4c7	refactor: ExcludeResources validation (#3445 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>	2022-03-22 15:21:44 +00:00
Charles-Edouard Brétéché	11bbb4f83e	refactor: replace ExcludeResources by MatchResources (#3444 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-22 14:24:40 +00:00
Charles-Edouard Brétéché	51254b2d5a	refactor: ResourceDescription validation (#3446 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-22 21:17:51 +08:00
Sambhav Kothari	2239849f99	Fix incorrectly renamed file (#3443 ) Helm test files are not the same as kyverno test files. This should remain test.yaml. Signed-off-by: Sambhav Kothari <sambhavs.email@gmail.com>	2022-03-22 09:41:42 +00:00
Aidan Delaney	4ec3b36f7f	Remove support for test.yaml (#3442 ) kyverno-test.yaml is now the only supported test file name Signed-off-by: Aidan Delaney <adelaney21@bloomberg.net>	2022-03-22 14:09:08 +05:30
Vyankatesh Kudtarkar	9ed1872864	fix cli panic for --cluster flag (#3436 )	2022-03-21 07:01:23 -07:00
Thomas Hartland	0360ad25c1	Fix check for generated webhook rules being equal to what the API server has (#3407 ) * Add webhookRulesEqual function and test Signed-off-by: Thomas Hartland <thomas.hartland@diamond.ac.uk> * Handle edge cases in webhookRulesEqual function Signed-off-by: Thomas Hartland <thomas.hartland@diamond.ac.uk>	2022-03-21 12:41:53 +00:00
Charles-Edouard Brétéché	c8c631d4a7	refactor: MatchResources validation (#3422 ) * refactor: ValidationFailureActionOverrides validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: MatchResources validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-21 19:51:12 +08:00
Charles-Edouard Brétéché	5816144912	feat: use IsReady method (#3426 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-21 09:18:54 +00:00
Charles-Edouard Brétéché	bdcecf9882	refactor: ValidationFailureActionOverrides validation (#3421 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-21 16:53:12 +08:00
Chip Zoller	e454c71aa6	PR and issue template updates per contributors' meetings (#3428 ) * add cherry pick requirement Signed-off-by: Chip Zoller <chipzoller@gmail.com> * adopt github issue forms Signed-off-by: Chip Zoller <chipzoller@gmail.com> * update PR template with test checklist reminders Signed-off-by: Chip Zoller <chipzoller@gmail.com> * Add "other" issue template Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add "triage" label to all new issues Signed-off-by: Chip Zoller <chipzoller@gmail.com>	2022-03-19 21:31:54 -04:00
Naman Lakhwani	433ad5e0c4	[imageVerify]: correcting error msg (#3398 ) * corrected err msgs Signed-off-by: Naman Lakhwani <namanlakhwani@gmail.com> * this msg is not required explicitly Signed-off-by: Naman Lakhwani <namanlakhwani@gmail.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2022-03-18 12:47:27 -07:00
Charles-Edouard Brétéché	4136566bd9	feat: add toggle package for feature flags (#3419 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-18 16:16:42 +00:00
Charles-Edouard Brétéché	0c8e8c1212	feat: move GetRules() at the policy level (#3420 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-18 15:18:32 +00:00
Charles-Edouard Brétéché	30261b5235	feat: add conditions support (#3378 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-18 22:00:01 +08:00
Charles-Edouard Brétéché	865eef248d	feat: stop adding autogen annotation (#3379 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-18 11:30:49 +00:00
shuting	cc10feb906	fix webhook configuration issue when auto update is disabled (#3417 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-03-18 10:05:00 +00:00
Aidan Delaney	def19d2ec0	Ignore test files that do not end in test.yaml (#3402 ) Some editors create backup files when editing. So users will edit kyverno-test.yaml and end up with both kyverno-test.yaml and kyverno-test.yaml~ (or some variant). This change ignores backup files that append a character to the string `test.yaml` Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com> Signed-off-by: Aidan Delaney <adelaney21@bloomberg.net> Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com> Co-authored-by: Sambhav Kothari <skothari44@bloomberg.net>	2022-03-18 09:31:01 +00:00
Charles-Edouard Brétéché	4ce5c972ee	refactor: Policy name validation (#3409 ) * refactor: UserInfo validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: Rule type validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: Rule names validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: Policy name validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-18 01:02:35 +08:00
Abhinav Sinha	17caa561ec	Replace `ToUnstructured()` with Marshal/Unmarshal (#3150 ) Signed-off-by: Abhinav Sinha <abhinav@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-17 14:20:24 +00:00
Christian Kotzbauer	860253d6aa	[ImageVerify] Verify additional certificate-extensions (#3404 ) * feat: add additionalExtensions to keyless imageVerify Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de> * feat: regenerate code Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de>	2022-03-17 08:42:12 +00:00
Charles-Edouard Brétéché	b0860ba177	fix: filter resources names with helm custom release name (#3361 ) * fix: configmap resource filters generated by helm does not account for namespace Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: ignore resources by helm chart Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-17 07:51:08 +00:00
Charles-Edouard Brétéché	cc212ac766	refactor: Rule names validation (#3406 ) * refactor: UserInfo validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: Rule type validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: Rule names validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-03-17 11:36:21 +08:00
Charles-Edouard Brétéché	adcb71f1d6	refactor: Rule type validation (#3400 ) * refactor: UserInfo validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: Rule type validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-16 21:57:31 +00:00
Charles-Edouard Brétéché	33df85cc0c	chore: remove check-helm-docs workflow (#3408 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-16 13:55:21 -07:00
Charles-Edouard Brétéché	5541189c6c	refactor: UserInfo validation (#3399 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-16 16:15:46 +00:00
shuting	69518b7c9c	Fix webhook re-creation error (#3403 ) * fix webhook re-creation issue Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix webhook monitor blocking call Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-03-16 15:23:46 +00:00
Charles-Edouard Brétéché	4ad7607ea4	chore: add make help target (#3405 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-16 13:48:31 +00:00
Thomas Hartland	36f532840d	Only queue one retry if webhook update fails (#3353 ) Queueing two retries can lead to exponential growth. Adding a delay before the retry should reduce the number of failed attempts to update webhooks. Signed-off-by: Thomas Hartland <thomas.hartland@diamond.ac.uk> Co-authored-by: Prateek Pandey <prateekpandey14@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-16 12:08:03 +00:00
Charles-Edouard Brétéché	9ac35f9698	chore: add more codegen target and verifications (#3393 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Prateek Pandey <prateekpandey14@gmail.com>	2022-03-16 15:01:35 +05:30
Abhi Kapoor	ac8dea1cba	Return warning on admission response when mutating pods (#3272 ) - Return the warning as part of the validate response - Warn when autogen annotation is being used to exclude pod controllers - Reutrn admission response based on the autogen annotation value - Update the existing log message to align with admission response warning Co-authored-by: abhinav454 <43758739+abhinav454@users.noreply.github.com> Co-authored-by: Prateek Pandey <prateekpandey14@gmail.com>	2022-03-16 04:50:33 +00:00
Sambhav Kothari	6498425937	Add a registry flag to allow direct access to container registries in the CLI (#3396 ) * Add a registry flag to allow direct access to container registries in the CLI Signed-off-by: Sambhav Kothari <sambhavs.email@gmail.com>	2022-03-16 09:56:47 +05:30
Charles-Edouard Brétéché	9e623bbf6e	feat: add rules to status (#3376 ) * fix: configmap resource filters generated by helm does not account for namespace Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * feat: add rules to status Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-15 14:49:16 +00:00
Charles-Edouard Brétéché	cc807b383e	chore: makefile should not makefile go.mod (#3394 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-15 16:30:57 +05:30
Charles-Edouard Brétéché	8602e63f23	refactor: ImageVerification validation (#3372 ) * fix: configmap resource filters generated by helm does not account for namespace Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: ImageVerification validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-15 08:48:58 +00:00
Vyankatesh Kudtarkar	68093cd44c	Cli Apply command support Dir as resources (#3391 ) * apply command support dir as resources * fix issue	2022-03-15 16:00:59 +08:00
Charles-Edouard Brétéché	1a1973c1b5	chore: add helm crds to make codegen target (#3375 ) * fix: configmap resource filters generated by helm does not account for namespace Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: add helm crds to make codegen target Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-14 15:12:29 +00:00
Charles-Edouard Brétéché	5de83edafa	fix: metrics config defaults (#3387 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-14 22:21:50 +08:00
Vyankatesh Kudtarkar	154cea21c3	fix for gvk not working for existing resources policy (#3384 )	2022-03-14 16:03:13 +05:30
vivek kumar sahu	c456b541af	e2e test for mutate global anchor Policy (#2574 ) * Added e2e test for mutate-global-anchor-policy Signed-off-by: vivek kumar sahu <vivekkumarsahu650@gmail.com> * Updated config.go for mutate globar anchor policy Signed-off-by: viveksahu26 <vivekkumarsahu650@gmail.com> * Added resources for mutate global anchor policy Signed-off-by: viveksahu26 <vivekkumarsahu650@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-14 09:15:06 +00:00
Abhinav Sinha	9bb7238a22	Add `codecov` to CI (#3382 ) * Add `codecov` to CI Signed-off-by: Abhinav Sinha <abhinav@nirmata.com> * Add `codecov` badge for `main` to `README.md` Signed-off-by: Abhinav Sinha <abhinav@nirmata.com> * Addressed code review Signed-off-by: Abhinav Sinha <abhinav@nirmata.com>	2022-03-14 16:21:27 +08:00
Christian Kotzbauer	851a81845c	Update cosign to v1.6.0 (#3341 ) Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de> fix ecr-helper creation Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2022-03-11 11:25:10 -08:00
Charles-Edouard Brétéché	de6fa9fd19	fix: generate api reference docs (#3377 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-11 20:02:59 +05:30
Vyankatesh Kudtarkar	b3a53f0658	fix PodExecOptions issue (#3373 ) * fix PodExecOptions issue * add note * update comment	2022-03-11 15:09:32 +05:30
shuting	61245f0b69	Update OWNERS.md (#3371 )	2022-03-10 10:30:05 -08:00

1 2 3 4 5 ...

4064 commits