D N Siva Sathyaseelan
|
0ee73430de
|
feat:Add support for condition validation across multiple image verification attestations or context entry (#9960)
* added Validate in ImageVerification
Signed-off-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>
* added Validate in ImageVerification
Signed-off-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>
* validate block added
Signed-off-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>
* Name feild is added in Attestation struct
Signed-off-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>
* added imageInfo in policy context
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added response from FetchAttestations to contex entry
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added validate logic
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* condition for name collision in Attestation array is added
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added multiple image verification test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added multiple image verification test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* unit test added
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* ValidateVariable is applied in validate
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* change in regex, logic, conformance test, unit test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some logical changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some logical changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some logical changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some logical changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some change in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* context entries are added as variables
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some logical implementations
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Validate and multiple Image verification is working
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* moved validate to verify
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Some changes in imageverifier
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Some changes in imageverifier
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* unit test added
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* lint fixes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* lint fixes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* lint fixes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* lint fixes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added validate in verifyimage in v2 policies
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* validate is moved to verifyAttestation
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in unit tests
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* removed loadcontext
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* enhanced tests
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* enhanced tests
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Added getRawResp to fing report in statemants
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* aome changes in unit tests
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* aome changes in unit tests
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in ivm
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* changes in verify in imageverifer
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added conformance test for trivy and vex
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added Validate in ImageVerification
Signed-off-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>
* added Validate in ImageVerification
Signed-off-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>
* added imageInfo in policy context
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added response from FetchAttestations to contex entry
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added validate logic
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* condition for name collision in Attestation array is added
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added multiple image verification test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added multiple image verification test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* unit test added
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* ValidateVariable is applied in validate
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* change in regex, logic, conformance test, unit test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some logical changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some logical changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some logical changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some logical changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some change in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* context entries are added as variables
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some logical implementations
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Validate and multiple Image verification is working
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* moved validate to verify
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Some changes in imageverifier
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Some changes in imageverifier
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* unit test added
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* lint fixes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* lint fixes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* lint fixes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* lint fixes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added validate in verifyimage in v2 policies
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* validate is moved to verifyAttestation
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in unit tests
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* removed loadcontext
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* enhanced tests
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* enhanced tests
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Added getRawResp to fing report in statemants
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* aome changes in unit tests
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* aome changes in unit tests
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* helm test fix
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in ivm
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* changes in verify in imageverifer
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* codegen applied
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* codegen resolved
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
---------
Signed-off-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
Signed-off-by: D N Siva Sathyaseelan <95441117+sivasathyaseeelan@users.noreply.github.com>
Co-authored-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>
|
2024-09-05 10:33:37 +00:00 |
|
Vishal Choudhary
|
86b8a6d0f3
|
feat: show violations and mutations as warning (#10214)
* feat: add audit warning to policy spec
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: emit warning when audit warning is set
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: add audit warn to policy cache
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: add warnings for validation
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: add warnings for mutation
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: add chainsaw test
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: add more chainsaw test
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* chore: fix ci
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: rename field to emit warning
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: unit tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: validate tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: cleanup
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: remove validation action failure fro mutation unit tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2024-09-05 10:02:00 +00:00 |
|
Vishal Choudhary
|
903ece34bf
|
feat: add support for signature algorithm in cosign cert and kms verification (#10086)
* feat: add support for signature algorithm in cosign cert and kms verification
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: add signature algo at attestor level
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2024-09-05 06:57:44 +00:00 |
|
D N Siva Sathyaseelan
|
cc966bf7af
|
feat:support default value into apiCall context variables (#10594)
* initial changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* test changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* logical changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added Check for default in transformAndStore
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* codegen applied
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* considered an edge case
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* fix: remove error when jsondata and default is nil
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* codegen done
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
---------
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
|
2024-09-05 13:57:44 +08:00 |
|
Vishal Choudhary
|
95f54a1cb6
|
feat: enable custom data in policy reports using properties (#10933)
* feat: enable custom data in policy reports using properties
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: dont throw error in variable substitution for properties
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
|
2024-09-03 17:36:07 +00:00 |
|
Mariam Fahmy
|
bde90340a6
|
chore: remove v1alpha1 of VAPs and use v1beta1 (#10955)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2024-08-29 15:31:25 +00:00 |
|
shuting
|
2cd462570a
|
feat: foreach support for clone (#10888)
* chore: add chainsaw tests for foreach clone
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: update webhooks for foreach generate
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: rename generatePattern
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: chainsaw tests for generateExisting
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: add missing files
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: add chainsaw tests for foreach clone, sync=true
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: linter issues
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: add chainsaw test foreach clonelist, sync=true, delete source
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: sync deletion for cloneList
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
|
2024-08-29 11:59:22 +00:00 |
|
Mariam Fahmy
|
2140a0239b
|
chore: rename validationFailureAction to failureAction under the rule (#10893)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
|
2024-08-27 20:07:57 +00:00 |
|
shuting
|
bd71af3291
|
feat: support foreach for generate.data (#10875)
* chore: refactor
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* feat: add foreach for generate.daya to api
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: refactor generator
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: linter
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* feat: update rule validation
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* feat: update rule validation -2
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* feat: support foreach.data
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: policy validation
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: context variables
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: add a chainsaw test
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: sync on policy deletion
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: enable new chainsaw tests in CI
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: update code-gen
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: validate targets scope for ns-policies
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: add missing files
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: remove unreasonable test
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: update docs
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: update install.yaml
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
|
2024-08-19 06:55:19 +00:00 |
|
Vishal Choudhary
|
06ffd1c961
|
feat: add support for sigstore bundle verification (#10567)
* feat: add support for sigstore bundle verification
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: missed change
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: ci
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: linter
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: another linter
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: add size check in layer
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2024-08-16 11:36:48 +00:00 |
|
Vishal Choudhary
|
f69ffe12ec
|
feat: add full regexp support to cosign (#10815)
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
|
2024-08-16 07:03:59 +00:00 |
|
Khaled Emara
|
65a43d2059
|
feat(mutate): minimize unmarshals (#10702)
* feat(mutate): minimize unmarshals
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* test(mutate): test type assertion
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* chore(codegen): remove unused import
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
---------
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
|
2024-08-09 11:12:20 +00:00 |
|
Mariam Fahmy
|
c796bb765c
|
fix: return policies with either audit or enforce rules from the cache (#10667)
* fix: return policies with either audit or enforce rules from the cache
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* feat: introduce validationFailureAction under verifyImage rules
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* feat: add chainsaw tests
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
|
2024-08-06 18:24:28 +00:00 |
|
Khaled Emara
|
c0cf6c5bf1
|
feat(json): unmarshal at decode time (#10700)
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2024-08-05 15:46:50 +03:00 |
|
Charles-Edouard Brétéché
|
fc694bc24c
|
feat: add kyverno json support to validation rule (#10763)
* feat: add kyverno json support to validation rule
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* v2beta1
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* validation
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* engine handler
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* bindings
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* context functions
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* better bindings
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2024-08-02 08:24:30 +00:00 |
|
Khaled Emara
|
d173752041
|
feat(json): unmarshal once per policy (#10701)
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
|
2024-07-30 10:52:41 +00:00 |
|
Khaled Emara
|
c2646f7a9d
|
feat(json): reduce reliance on DocumentToUntyped() (#10724)
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2024-07-29 11:57:20 +00:00 |
|
Mariam Fahmy
|
ff88c4c39a
|
feat: migrate validationFailureAction and validationFailureActionOverrides (#10528)
* feat: migrate validationFailureAction and validationFailureActionOverrides under validate rule
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* feat: add unit tests
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2024-06-26 09:13:02 +02:00 |
|
Mariam Fahmy
|
abe2a2310b
|
feat: migrate webhookTimeoutSeconds and failurePolicy (#10515)
* feat: migrate webhookTimeoutSeconds and failurePolicy
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix lint issue
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2024-06-20 13:04:37 +00:00 |
|
Mariam Fahmy
|
9285006f7a
|
feat: add mutateExistingOnPolicyUpdate field under the mutate rule (#10461)
* fix
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* feat: add mutateExistingOnPolicyUpdate field under the mutate rule
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2024-06-19 09:29:19 +00:00 |
|
Vishal Choudhary
|
334594c128
|
feat: add support for cosign experimental OCI 1.1 signatures (#10228)
* feat: add support for cosign experimental OCI 1.1 signatures
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: remove unrelated changes
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: linter
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: requested changes
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2024-06-18 23:03:53 +00:00 |
|
Mariam Fahmy
|
846439b13e
|
feat: add generateExisting field under the generate rule (#10441)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2024-06-13 13:41:46 +00:00 |
|
Vishal Choudhary
|
83f2846572
|
feat: add TSA cert chain support in cosign (#9961)
* feat: add TSA cert chain support in cosign
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: add chainsaw test
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: add unit test
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: unit tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
|
2024-03-30 20:50:07 +00:00 |
|
Khaled Emara
|
bd6eff61cb
|
chore(gctx): document schema better (#9923)
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
|
2024-03-20 19:34:40 +00:00 |
|
Khaled Emara
|
429e84be10
|
fix(globalcontext): panics and validation (#9903)
|
2024-03-14 16:12:39 +00:00 |
|
Jim Bugwadia
|
a95cd808a4
|
update versions (#9783)
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
|
2024-02-26 07:26:37 +00:00 |
|
Khaled Emara
|
8a4d9941de
|
feat: add globalcontext loader and interface (#9602)
* feat(globalcontext): add interface
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(globalcontext): package import path
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* design(contextloader): move globalcontext from Load to init
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(globalcontext): remove pointer
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* design(globalcontext): create specific Store
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2024-02-05 11:24:37 +00:00 |
|
Srikanth Iyengar
|
63b03a8442
|
(docs) changed docs tool to kubernetes-sigs/reference-docs (#9212)
* (docs) updated gen-crd tool to reference-docs/genref
Signed-off-by: Srikanth Iyengar <ksrikanth3012@gmail.com>
* (docs) updated branch with recent docs
Signed-off-by: Srikanth Iyengar <ksrikanth3012@gmail.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* (docs) codegen
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Srikanth Iyengar <ksrikanth3012@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
|
2024-02-04 13:57:00 +01:00 |
|