mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00
Code Activity
3130 commits 16 branches 550 tags 288 MiB
Commit graph

1758 commits

Author SHA1 Message Date
Yashvardhan Kukreja
ca347b27bf
feat: added functionality for delimiting multi-line block by newline characters 
Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>
 2021-03-01 00:46:50 +05:30
Arsh Sharma
da8e449d3c
fix: removed validator (#1646) 
Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>
 2021-02-26 11:27:21 -08:00
Arsh Sharma
86879bd267
feat(operators): supporting subset checking (#1613) 
* fix(operators): supporting subset checking

Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>

* fix(operators): removed print statement

Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>

* test(operators): added test file for in

Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>

* fix(operators): fixed switching

Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>

* tests(operators): completed tests for In and NotIn

Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>

* chore(operators): code cleanup

Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>

* chore(operators): added comments for tests

Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>

* fix(operators): changed logic based on new definitions

Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>

* test: updated NotIn tests

Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>
 2021-02-26 10:53:54 -08:00
Pooja Singh
070f13783f
added namespace label in context (#1644) 
Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-02-25 20:52:53 -08:00
Jim Bugwadia
0d1f0b5897
Merge pull request #1636 from realshuting/1621_fix_configmap_variables 
Substitute variables in context.configMap
 2021-02-25 19:53:11 -08:00
Jim Bugwadia
b0ac8c5610
Merge pull request #1645 from realshuting/1340_json_patch 
Support AllowMissingPathOnRemove and EnsurePathExistsOnAdd in patchesJSON6902
 2021-02-25 19:51:10 -08:00
Arsh Sharma
a0d28f0b16
fix: list operators in deny conditions (#1641) 
* fix: list operators in deny conditions

Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>

* fix: regenerated YAMLs

Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>
 2021-02-25 19:13:35 -08:00
Pooja Singh
f438e0d5e6
Fix for - Generate policy fails if trigger resource name exceed 58 characters (#1631) 
* seperated generated-by label

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* restricted label to 63 characters

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* seperated labels and restriced char count to 63

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-02-25 18:48:45 -08:00
Shuting Zhao
7795f335c8 fix negative index 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-02-25 18:36:13 -08:00
Shuting Zhao
517c60fadc add unit tests 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-02-25 18:02:52 -08:00
Shuting Zhao
c4ebef7b0d - support AllowMissingPathOnRemove and EnsurePathExistsOnAdd in patchesJSON6902 
- upgrade to evanphx/json-patch/v5

Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-02-25 15:25:07 -08:00
Shuting Zhao
492d0e8009 remove kustomize patchesJSON6902 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-02-25 15:25:07 -08:00
Shuting Zhao
edc89c7b50 fix unit test 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-02-22 17:22:34 -08:00
Shuting Zhao
d770d6680b add request.namespace in the background process 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-02-22 17:22:23 -08:00
Shuting Zhao
17c72c1578 substitute variables in context.configMap 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-02-22 16:27:20 -08:00
shuting
267be0815f
Bug fixes - policy validation, auto-generated rules, apiCall support in mutate and generate (#1629) 
* Fix invalid policy reports generated for blocked resource

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* fix 1464 - copy context and preconditions to auto-gen rules

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* fix 1628 - add policy validations

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* fix 1593 - support apiCall in mutate and generate

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* fix test

Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-02-22 12:08:26 -08:00
shuting
6fc349716c
Switch to use annotations to store resource info in cluster/reportChangeRequest (#1625) 
* skip sending API request for filtered resource

* fix PR comment

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* fixes https://github.com/kyverno/kyverno/issues/1490

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* fix bug - namespace is not returned properly

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* reduce throttling - list resource using lister

* refactor resource cache

* fix test

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* fix label selector

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* fix build failure

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* fixes #1480

* store resource name and kind in (c)rcr's annotation
 2021-02-19 09:09:41 -08:00
Vyankatesh Kudtarkar
164885d087
Update Kyverno test command (#1608) 
* fix link (#1566)

Signed-off-by: vyankatesh <vyankatesh@neualto.com>

* update icon in chart.yaml

Signed-off-by: Shuting Zhao <shutting06@gmail.com>
Signed-off-by: vyankatesh <vyankatesh@neualto.com>

* Adding default policies for restricted mode and adding notes to helm install (#1556)

* Adding default policies for restricted mode, taking validationFailureAction from values.yaml and adding notes on helm install

Signed-off-by: Raj Das <mail.rajdas@gmail.com>

* Adding emoji

Signed-off-by: Raj Das <mail.rajdas@gmail.com>

* Update NOTES.txt

* minor fix

Signed-off-by: Raj Das <mail.rajdas@gmail.com>

* adding to readme

Signed-off-by: Raj Das <mail.rajdas@gmail.com>
Signed-off-by: vyankatesh <vyankatesh@neualto.com>

* update links and formatting in PR template (#1573)

* update links and formatting in PR template

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* update policy submission request template

Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: vyankatesh <vyankatesh@neualto.com>

* fix: restricting empty value to pass through the validation checks (#1574)

Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>
Signed-off-by: vyankatesh <vyankatesh@neualto.com>

* Actually fix contributor link in PR template (#1575)

* update links and formatting in PR template

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* update policy submission request template

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* actually fix contrib guidelines

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* actually fix contrib guidelines

Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: vyankatesh <vyankatesh@neualto.com>

* code improvement (#1567)

* code improvement

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* added if conditions

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* fixed unit test cases

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
Signed-off-by: vyankatesh <vyankatesh@neualto.com>

* feat(operators): support subset checking for in and notin (#1555)

* feat(operators): support subset checking for in and notin

Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>

* feat(operators): fixed NotIn function

Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>
Signed-off-by: vyankatesh <vyankatesh@neualto.com>

* panic fix (#1601)

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
Signed-off-by: vyankatesh <vyankatesh@neualto.com>

* update kyverno cli test cmd

Signed-off-by: vyankatesh <vyankatesh@neualto.com>

* code indentation

Signed-off-by: vyankatesh <vyankatesh@neualto.com>

* change  help text

Signed-off-by: vyankatesh <vyankatesh@neualto.com>

Co-authored-by: Dekel <dekelb@users.noreply.github.com>
Co-authored-by: Shuting Zhao <shutting06@gmail.com>
Co-authored-by: Raj Babu Das <mail.rajdas@gmail.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>
Co-authored-by: Pooja Singh <36136335+NoSkillGirl@users.noreply.github.com>
Co-authored-by: Arsh Sharma <56963264+RinkiyaKeDad@users.noreply.github.com>
Co-authored-by: vyankatesh <vyankatesh@neualto.com>
 2021-02-17 11:30:41 -08:00
Jim Bugwadia
731474a9a2
rename context2 -> enginecontext (#1605) 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-02-16 19:17:20 -08:00
Yashvardhan Kukreja
478f32b8b4
fix: allowed templatised values to be exempted from validation checks (#1599) 
Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>
 2021-02-16 13:06:07 -08:00
Pooja Singh
a21195f362
panic fix (#1609) 
Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-02-16 12:48:04 -08:00
Pooja Singh
33ec907a09
panic fix (#1601) 
Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-02-15 11:27:09 -08:00
Arsh Sharma
596bc9ba6f
feat(operators): support subset checking for in and notin (#1555) 
* feat(operators): support subset checking for in and notin

Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>

* feat(operators): fixed NotIn function

Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>
 2021-02-10 13:05:36 -08:00
Pooja Singh
0de83ebe17
code improvement (#1567) 
* code improvement

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* added if conditions

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* fixed unit test cases

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-02-10 10:28:50 -08:00
Yashvardhan Kukreja
fe6652d9ca
fix: restricting empty value to pass through the validation checks (#1574) 
Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>
 2021-02-09 17:16:02 -08:00
Pooja Singh
4788085c4f
Panic fix in generation.go (#1563) 
* added if condition

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* fixed test condition

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-02-09 10:34:57 -08:00
shuting
8dcfa185b1
Remove duplicate results' entries from policy report (#1559) 
* remove duplicate results' entries from policy report

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* improve error reporting when removing duplicate result entries

Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-02-08 14:42:17 -08:00
Pooja Singh
c148573d48
issue fixed (#1558) 
Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-02-08 10:36:39 -08:00
Raj Babu Das
72eb5e3503
Adding support for applying git raw by kyverno cli (#1554) 
Signed-off-by: Raj Das <mail.rajdas@gmail.com>
 2021-02-08 10:08:06 -08:00
Yashvardhan Kukreja
d141f74015
performed cleanups (#1552) 2021-02-07 21:19:25 -08:00
shuting
2f2d6c2e38
Upgrade client libraries to 0.20.2 (#1547) 
* upgrade clients to 0.20.2

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* remove debug log

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* fix unit tests

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* fix e2e test

Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-02-07 20:26:56 -08:00
shuting
bd44dbff41
Reduce RCR Throttling (#1545) 
* buffer report change requests

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* fix clusterReportChangeRequest

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* further reduce RCRs in background scan

Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-02-07 19:46:50 -08:00
Yashvardhan Kukreja
6b3ab3fe23
added: generic NumericOperator to handle numeric operations for kyverno policies (#1536) 
Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>
 2021-02-05 19:49:23 -08:00
shuting
c42d545c20
Revert "Adding HTTP(git raw or any public url ) URL applying functionality to kyverno cli (#1527)" (#1548) 
This reverts commit 0487330b33.
 2021-02-05 19:34:15 -08:00
Raj Babu Das
0487330b33
Adding HTTP(git raw or any public url ) URL applying functionality to kyverno cli (#1527) 
* Adding feature to apply from http url

Signed-off-by: Raj Das <mail.rajdas@gmail.com>

* Adding comment

Signed-off-by: Raj Das <mail.rajdas@gmail.com>

* formatting imports

Signed-off-by: Raj Das <mail.rajdas@gmail.com>

* removing fmt.print

Signed-off-by: Raj Das <mail.rajdas@gmail.com>
 2021-02-05 18:42:39 -08:00
Max Goncharenko
536f364724
Add AND logical operator support (#1539) 
Signed-off-by: Max Goncharenko <kacejot@fex.net>
 2021-02-05 17:52:31 -08:00
Jim Bugwadia
b91022d438
Merge pull request #1518 from kyverno/test_cli 
test command for kyverno
 2021-02-05 12:44:07 -08:00
shuting
6953aa86bc
compare policy status before actually update it (#1523) 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-02-05 09:58:24 -08:00
shuting
39b27a16ed
Reduce throttling requests (GET) (#1522) 
* add resource lister to even handler

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* use lister to get Kyverno deployment

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* add lister for webhook configs

Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-02-05 09:58:10 -08:00
Jim Bugwadia
ba9d003774
update APICall docs (#1534) 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-02-03 13:10:02 -08:00
Pooja Singh
32522e7827
namespace selector (#1532) 
* updated crd with namespace selector

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* added logic for validate

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* added condition in utils for namespace labels

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* added function for extracting namespace label using lister

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* added logic for generate

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* added lister in generate

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* commented generate controller changes

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* added ns lister

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* added ns label in apply.go

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* added ns label in generation.go

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* added ns label in mutation.go

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* added ns label for validation

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* using dynaminc informer

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-02-03 13:09:42 -08:00
vyankatesh_neualto
2f92b95015 #1513 [BUG] CLI Panic when assigning variables 
Signed-off-by: vyankatesh_neualto <vyankatesh@neualto.com>
 2021-02-03 18:27:45 +05:30
vyankatesh_neualto
18f20abbf9 fix engine.PolicyContext issue 
Signed-off-by: vyankatesh_neualto <vyankatesh@neualto.com>
 2021-02-02 20:02:07 +05:30
vyankyGH
27f9b4747a
Merge branch 'main' into test_cli 2021-02-02 18:57:05 +05:30
vyankatesh_neualto
ce9ab9ef69 adding kyverno test command with git support 
Signed-off-by: vyankatesh_neualto <vyankatesh@neualto.com>
 2021-02-02 18:45:38 +05:30
Jim Bugwadia
0be7903c47 fix tests 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-02-02 00:20:03 -08:00
Jim Bugwadia
2bb812aa2d redo changes reverted by merge 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-02-01 23:22:19 -08:00
vyankatesh_neualto
01ac9058d9 code indentation 
Signed-off-by: vyankatesh_neualto <vyankatesh@neualto.com>
 2021-02-02 09:25:22 +05:30
vyankatesh_neualto
7482c5c1fe initial commit for kyverno test command 
Signed-off-by: vyankatesh_neualto <vyankatesh@neualto.com>
 2021-02-02 09:25:22 +05:30
Yashvardhan Kukreja
03c77e4145
feat: validation 'value' field under 'deny.conditions' in a rule object (#1510) 
Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>
 2021-02-01 13:27:16 -08:00