Thomas Hartland
101ba33020
Only set up logging context if it will be used ( #4213 )
...
This change is applied in two areas in the admission
handler that had high heap allocations seen in profiling.
Signed-off-by: Thomas Hartland <thomas.hartland@diamond.ac.uk>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
2022-07-14 15:44:13 +08:00
Prateek Pandey
812ff9a8ba
use the unstructured list instead of interface type ( #4211 )
...
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
2022-07-12 15:10:56 +00:00
Byron Ibarra
f0c0000746
Fix UpdateRequest labeling ( #4199 )
...
Co-authored-by: Byron Ibarra V <bibarrav@falabella.cl>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
2022-07-12 18:40:05 +05:30
Jim Bugwadia
531355adce
Release 1.7 ( #4200 )
...
* cherry-pick fix attestation checks https://github.com/kyverno/kyverno/pull/3999
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove TUF initialization from main (#4098 )
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix imageVerify validation checks and conversion logic (#4038 )
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
* release event memory (#4138 )
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
* fix merge of image verify and mutate patches
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix patch join
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* handle embedded strings with spaces
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
2022-07-10 20:00:00 -07:00
Vyankatesh Kudtarkar
0cb9b9c248
external.metrics.k8s.io/v1beta1 issue ( #4182 )
...
Signed-off-by: Vyankatesh vyankateshkd@gmail.com
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
2022-07-01 05:05:15 +00:00
Prateek Pandey
3b607807de
delete policy reports on policy deletion ( #4174 ) ( #4175 )
...
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
2022-07-01 04:41:05 +00:00
shuting
ebb3ebd0a3
tag v1.7.2-rc1 ( #4167 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-06-28 17:57:58 +00:00
Prateek Pandey
2ad7da76b4
feat: split policy report per policy bases ( #4147 ) ( #4166 )
...
* feat: split policy report per policy bases
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
* add policy name as a handler key
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
* update merge change request logic
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
* handle the delete resource update on policy report
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
* add splitPolicyReport feature gate
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
* delete old reports if splitPolicyReport feature enable
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
* use trim policyname as label and create name
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
* fix change request result
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
2022-06-28 16:32:52 +00:00
shuting
4aff3de0fe
Re-implement #4159 ( #4165 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-06-28 09:54:22 +00:00
shuting
1ca2f3ce1d
Cherry pick #4155 ( #4164 )
...
* Re-implement #4155
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Address https://github.com/kyverno/kyverno/pull/4162 comments
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-06-28 09:27:34 +00:00
shuting
4ba30ee140
Cherry-pick #4148
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-06-28 16:21:53 +08:00
shuting
b652b4855c
Use kyverno namespace informer to list pods while processing URs ( #4156 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-06-28 16:21:53 +08:00
Jim Bugwadia
6be50399bd
Cherry-pick #4138 to 1.7 ( #4160 )
...
* cherry-pick fix attestation checks https://github.com/kyverno/kyverno/pull/3999
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove TUF initialization from main (#4098 )
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix imageVerify validation checks and conversion logic (#4038 )
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
* release event memory (#4138 )
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
2022-06-28 11:56:45 +08:00
Prateek Pandey
db440c1b10
fix: use dev tag for init container local build target ( #4141 )
...
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
2022-06-21 10:30:49 +05:30
shuting
060b12d2a2
tag v1.7.1 ( #4132 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-06-17 09:49:23 +00:00
ShutingZhao
b666bedd83
fix build failures
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-06-17 13:17:57 +05:30
Charles-Edouard Brétéché
40fb652c8a
fix: bool fields in image verification types ( #4053 )
...
* refactor: add policy event listener in ur controller (#4012 )
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
(cherry picked from commit cd1fa030ee
2022-06-17 13:17:57 +05:30
Charles-Edouard Brétéché
fc5a5eaae3
cherry-pick #4013
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-06-17 13:17:57 +05:30
Jim Bugwadia
c97f0f062e
Release 1.7 ( #4130 )
...
* cherry-pick fix attestation checks https://github.com/kyverno/kyverno/pull/3999
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove TUF initialization from main (#4098 )
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix imageVerify validation checks and conversion logic (#4038 )
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
2022-06-16 21:47:08 -07:00
Prateek Pandey
55f26601c7
fix: use policyName key to get the policy name ( #4113 )
...
In case of namespace policy `ur.spec.policy`
contains namespace/policy-name combinations, hence
can't be used to set the policy name label.
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
2022-06-17 00:56:54 +08:00
Batuhan Apaydın
db154f9df3
chore(dockerfile): use buildx features for cross-compilation ( #4023 ) ( #4123 )
...
* chore(dockerfile): use buildx features for cross-compilation
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
* feat(kyverno): main container image
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2022-06-16 09:53:43 +00:00
vivek kumar sahu
0fe8dcb3b6
Updated jp command flags and also added URL for help. ( #4122 )
...
Signed-off-by: viveksahu26 <vivekkumarsahu650@gmail.com>
2022-06-16 17:29:47 +08:00
Prateek Pandey
65a812db4c
fix: handle nil ur while retry ( #4109 )
...
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
2022-06-15 17:57:15 +08:00
Jim Bugwadia
5baa956e11
Release 1.7 ( #4099 )
...
* cherry-pick fix attestation checks https://github.com/kyverno/kyverno/pull/3999
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove TUF initialization from main (#4098 )
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
2022-06-10 10:40:47 +01:00
shuting
6589fd2137
Bump Charts version to 2.5.0 ( #4092 )
...
* bump chart versions to v2.4.2
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Update "make gen-helm"
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Bump chart to v2.5.0
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* bump chart to 2.5.0
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-06-09 09:57:53 -04:00
shuting
2acb161c5b
bump chart versions to v2.4.2 ( #4089 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-06-07 14:11:12 -04:00
shuting
29f54396e2
cherry-pick #4079 ( #4088 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: treydock <tdockendorf@osc.edu>
2022-06-07 16:01:30 +00:00
shuting
72b7b304f4
Remove s390X ( #4063 ) ( #4064 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-06-03 08:57:38 +00:00
shuting
673a1c0318
Bump charts version to 2.4.1 ( #4061 )
...
* Fix handling of kyverno-policies version check when port in image tag (#4042 )
* Fix handling of kyverno-policies version check when port in image tag
Fixes #4031
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
* Add release notes for chart
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
* Fix release notes and use splitList
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Ensure preconditions are present with default values (#4046 )
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Bump charts version
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: treydock <tdockendorf@osc.edu>
2022-06-03 06:52:34 +00:00
treydock
e3b792bfc0
Ensure preconditions are present with default values ( #4046 )
...
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-06-03 11:31:38 +05:30
treydock
09c138fb6b
Fix handling of kyverno-policies version check when port in image tag ( #4042 )
...
* Fix handling of kyverno-policies version check when port in image tag
Fixes #4031
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
* Add release notes for chart
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
* Fix release notes and use splitList
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-06-03 11:31:38 +05:30
shuting
704dc46ec3
Tag v1.7.0 ( #4050 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-06-02 11:15:18 +00:00
Prateek Pandey
bb4b5e1d85
refactor: bump KIND version to use v1.24.0 k8s release ( #4049 )
...
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
2022-06-01 15:13:13 +00:00
Vyankatesh Kudtarkar
eb9a36ddc8
fix policy typo ( #4039 ) ( #4045 )
2022-05-31 16:51:05 +00:00
shuting
de41b176f6
Tag 1.7.0-rc3 ( #4036 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-05-30 09:01:16 +00:00
shuting
1f4575678c
Fix labels with invalid charrs ( #4034 ) ( #4035 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-05-30 05:46:03 +00:00
shuting
845a83d3e2
Cherry-pick #4022 ( #4033 )
...
* Cherry-pick #4022
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Remove unused file
2022-05-30 09:26:03 +05:30
Vyankatesh Kudtarkar
1ac444451e
fix vulnerable ( #4027 ) ( #4028 )
2022-05-26 05:43:08 +00:00
Vyankatesh Kudtarkar
515d59ebcb
Request operation value by default to CREATE ( #3894 ) ( #4026 )
...
* set by default request.operation to CREATE
Signed-off-by: viveksahu26 <vivekkumarsahu650@gmail.com>
* Added test cases
Signed-off-by: viveksahu26 <vivekkumarsahu650@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Co-authored-by: vivek kumar sahu <vivekkumarsahu650@gmail.com>
2022-05-26 04:36:36 +00:00
shuting
6e57e6a44b
Release v1.7.0-rc2 ( #4021 )
...
* Tag 1.7.0-rc2
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Update Helm doc
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-05-25 08:56:34 +00:00
Charles-Edouard Brétéché
f2c8096d5f
Cherry pick #4007 #4008 ( #4020 )
...
* fix: remove update ur status in generator (#4008 )
* fix: stop mutating cached resource in ur controller (#4003 )
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
(cherry picked from commit dac733755b2e91d233c0#4007
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-05-25 08:15:59 +00:00
Charles-Edouard Brétéché
56d32e93e7
fix: stop mutation policies when autogen internals is enabled (#4004,#4009,#3996) ( #4016 )
...
* fix: stop mutation policies when autogen internals is enabled (#4004 )
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
(cherry picked from commit c9f8a68d8a#4009 )
* fix: stop mutating cached resource in ur controller (#4003 )
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
(cherry picked from commit dac733755b3a3556919f#3996 )
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
(cherry picked from commit 1712dfa947
2022-05-25 12:14:40 +08:00
Jim Bugwadia
eaa629714e
cherry-pick fix attestation checks https://github.com/kyverno/kyverno/pull/3999 ( #4015 )
...
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
2022-05-24 16:25:26 +00:00
Charles-Edouard Brétéché
d55f2c34a2
refactor: add policy event listener in ur controller ( #4012 ) ( #4014 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
(cherry picked from commit cd1fa030ee
2022-05-24 16:01:11 +00:00
shuting
93c69780bb
Support @ for mutate targets ( #3998 ) ( #4010 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-05-24 13:05:50 +00:00
Prateek Pandey
07e1afaa61
fix: stop mutating cached resource in ur controller ( #4003 ) ( #4006 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-05-24 16:09:51 +05:30
Charles-Edouard Brétéché
78e7c5dc18
fix: move ur controller filtering in reconciler ( #3964 ) ( #3994 )
...
* refactor: use BackgroundProcessingEnabled method
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* refactor: webhooks metrics reporting
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* refactor: metrics package
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* fix: move ur controller filtering in reconciler (#3964 )
* fix: move ur controller filtering in reconciler
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* fix: mark ur retry on conflict
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* fix: test data
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* fix: add filter back in update ur handler
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* fix: added some logs about attempts and increased backoff
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* fix: reconciliation logic
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* fix: Test_Generate_Synchronize_Flag
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* fix: small nits
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
(cherry picked from commit 1936d86623
2022-05-23 23:53:49 +08:00
Prateek Pandey
8dbadbc96b
fix: release ur when handler pod is gone ( #3993 )
...
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
2022-05-23 14:23:10 +00:00
Prateek Pandey
97b874897b
fix: mark ur retry on conflict ( #3961 ) ( #3963 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-05-18 07:20:07 +00:00
shuting
c98d80627c
fix: replica count in helm chart ( #3954 ) ( #3962 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-05-18 04:16:13 +00:00
