* add image verification
* inline policy list
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* cosign version and dependencies updates
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add registry initialization
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add build tag to exclude k8schain for cloud providers
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add build tag to exclude k8schain for cloud providers
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* generate deep copy and other fixtures
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix deep copy issues
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* mutate images to add digest
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add certificates to Kyverno container for HTTPS lookups
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* align flag syntax
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* update docs
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* update dependencies
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* update dependencies
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* patch image with digest and fix checks
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* hardcode image for demos
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add default registry (docker.io) before calling reference.Parse
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix definition
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* increase webhook timeout
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix args
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* run gofmt
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* rename for clarity
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix HasImageVerify check
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* align make test commands
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* align make test commands
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* align make test commands
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix linter error
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* format
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* handle API conflict and retry
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* format
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix reviewdog issues
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix make for unit tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* improve error message
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix durations
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* handle errors in tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* print policy name
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* update tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add retries and duration to error log
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix time check in tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* round creation times in test
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix retry loop
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove timing check for policy creation
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix e2e error - policy not found
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
* update string comparison method
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
* fix test Generate_Namespace_Label_Actions
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
* add debug info for e2e tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix error
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix generate bug
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix format
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add check for update operations
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* increase time for deleteing a resource
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix check
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Shuting Zhao <shutting06@gmail.com>
* apply pod's rules if the owner is not k8s pod-controllers
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
* add unit tests
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
* forbid variables in match/exclude/patchesJson6902.path sections
Signed-off-by: Max Goncharenko <kacejot@fex.net>
* fix e2e test
Signed-off-by: Max Goncharenko <kacejot@fex.net>
* edits related to the PR comments
Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com>
* return err, if variable path could not be resolved
Signed-off-by: Max Goncharenko <kacejot@fex.net>
* fixed {{@}} behavior
Signed-off-by: Max Goncharenko <kacejot@fex.net>
* fix json merge logic
Signed-off-by: Max Goncharenko <kacejot@fex.net>
* add e2e tests for Flux use case
Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com>
* fixed {{@}} behavior
Signed-off-by: Max Goncharenko <kacejot@fex.net>
* removed white space from test
Signed-off-by: Max Goncharenko <kacejot@fex.net>
* Pass by value in policy cache
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
* Removes check for strategicMergePatch in forceMutate
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
* Removes failed test
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
* Fix#1737: forceMutate does not handle StrategicMerge patchesJson6902
Signed-off-by: Max Goncharenko <kacejot@fex.net>
* go fmt
Signed-off-by: Max Goncharenko <kacejot@fex.net>
* updated PR due to the comments
Signed-off-by: Max Goncharenko <kacejot@fex.net>
* fix#1585 issue; validate on DELETE the oldResource
Signed-off-by: Max Goncharenko <kacejot@fex.net>
* apply PR edits for #1585 issue fix; add test with nested var
Signed-off-by: Max Goncharenko <kacejot@fex.net>
