kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00

Author	SHA1	Message	Date
Charles-Edouard Brétéché	103ba4b947	chore: add unit tests for pkg/utils/yaml (#4512 ) * chore: add unit tests for pkg/utils/yaml Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * testify Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>	2022-09-06 08:31:30 +00:00
Charles-Edouard Brétéché	429fe175bf	chore: add unit tests for pkg/utils/wildcard (#4510 ) * chore: add unit tests for pkg/utils/wildcard Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * testify Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-06 08:02:41 +00:00
Charles-Edouard Brétéché	870462cc6d	chore: add unit tests for pkg/utils/os (#4509 ) * chore: add unit tests for pkg/utils/os Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * review Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-06 07:19:29 +00:00
Charles-Edouard Brétéché	1eb67422ef	chore: add unit tests for pkg/utils/image (#4508 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-05 20:46:57 +00:00
Charles-Edouard Brétéché	bcd06c7cbd	chore: update maintainers (#4511 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-05 15:02:10 -04:00
Charles-Edouard Brétéché	dca4f83580	docs: add section for generating helm docs and crds (#4507 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-05 17:08:07 +02:00
Charles-Edouard Brétéché	a86a76848f	chore: add wildcard unit test (#4506 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-05 17:25:58 +05:30
Charles-Edouard Brétéché	fffd6aa9a0	chore: upgrade golang to 1.18 (#4505 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-05 09:32:45 +05:30
Charles-Edouard Brétéché	4b83f91fd3	docs: add section about switching between docker and ko (#4501 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-04 15:31:24 +02:00
David Young	eb96862cd1	Auto-detect Kyverno version in policies chart (#4460 ) * Auto-detect Kyverno version in policies chart Signed-off-by: David Young <davidy@funkypenguin.co.nz> * Don't bump chart (another process will do this) Signed-off-by: David Young <davidy@funkypenguin.co.nz> * Also don't bump version in README Signed-off-by: David Young <davidy@funkypenguin.co.nz> Signed-off-by: David Young <davidy@funkypenguin.co.nz> Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-02 15:41:02 +00:00
Charles-Edouard Brétéché	7c9792d03f	chore: refactor helm targets in makefile (#4498 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-02 23:14:04 +08:00
Charles-Edouard Brétéché	98a272efd6	feat: support switchin build with docker or ko (#4492 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-02 13:34:22 +00:00
Charles-Edouard Brétéché	62de89d3d0	fix: incorrect kustomize call in makefile (#4493 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-02 11:36:01 +00:00
Charles-Edouard Brétéché	5e5627e81f	refactor: verify codegen targets in makefile (#4494 )	2022-09-02 09:49:35 +00:00
Charles-Edouard Brétéché	caafbb74b9	fix: fetch history in pre-checks job (#4491 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-02 16:55:41 +08:00
Abhishek Kumar	5681a2a2dc	Improve printer column name for validationFailureAction (#4488 ) Signed-off-by: Abhishek Kumar <abhishek22512@gmail.com> Signed-off-by: Abhishek Kumar <abhishek22512@gmail.com> Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-02 05:33:33 +00:00
Samuel Torres	b135edf171	chore: Bump helm-docs version to v1.11.0 (#4489 ) In order to fix an issue on M1 Macbooks, see https://github.com/norwoodj/helm-docs/issues/131, we're bumping the helm-docs tool to the v1.11.0 which fixes that issue, making the generation of the helm docs to work again. Signed-off-by: Samuel Torres <samuelpirestorres@gmail.com> Signed-off-by: Samuel Torres <samuelpirestorres@gmail.com>	2022-09-01 23:03:14 +00:00
Batuhan Apaydın	cd0d87542a	chore: publish helm charts to ghcr.io (#4479 ) Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>	2022-09-01 19:15:33 +00:00
Charles-Edouard Brétéché	b65d9fc5c6	chore: bump cache action and improve paths (#4485 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-01 17:41:48 +00:00
Charles-Edouard Brétéché	89ccf7998f	chore: relax auto update PRs conditions (#4486 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-01 17:14:57 +00:00
Charles-Edouard Brétéché	b8e2d69693	fix: release workflow (#4483 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-01 16:19:19 +00:00
Charles-Edouard Brétéché	ee5f6d19a1	refactor: clean webhooks logs (#4484 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-01 23:48:14 +08:00
Charles-Edouard Brétéché	ae31378546	refactor: webhook policy context creation (#4480 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-01 16:52:36 +02:00
Charles-Edouard Brétéché	f168b85061	docs: add api docs generation (#4476 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>	2022-09-01 11:23:31 +00:00
Charles-Edouard Brétéché	0c40cd8814	fix: auto update pr workflow (#4478 )	2022-09-01 10:54:23 +00:00
Charles-Edouard Brétéché	6d726fe1be	chore: add makefile help comments (#4477 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-01 10:16:36 +00:00
Mritunjay Kumar Sharma	c07f6bd8a8	refactor: to remove generate cleanup controller (#4041 ) - refactored cleanup controller - handle delete policy Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com>	2022-09-01 09:39:06 +00:00
shuting	c1b1cbb7da	Add PodSecurity description (#4475 ) Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-09-01 09:03:41 +00:00
Charles-Edouard Brétéché	1e25bfd16f	feat: remove context api call constraints (#4389 ) * feat: add raw api call support Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * feat: remove context api call constraints Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-01 08:30:04 +00:00
shuting	99f6dedb20	fix logger format (#4474 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-09-01 07:33:36 +00:00
Charles-Edouard Brétéché	599a68e896	feat: enable autogen from makefile (#4467 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-01 14:14:56 +08:00
Charles-Edouard Brétéché	f44a2f1a70	chore: speed up local image builds (#4468 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-08-31 18:04:47 -07:00
Charles-Edouard Brétéché	6173013a6c	chore: enable cherry-pick bot (#4470 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-08-31 19:12:00 +00:00
Charles-Edouard Brétéché	f503be1b23	docs: add section for generated code (#4465 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-08-31 16:19:37 +02:00
Charles-Edouard Brétéché	891ab41bef	fix: local image build with docker (#4462 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-08-31 10:41:58 +00:00
Charles-Edouard Brétéché	70f2e4e84d	fix: warning in all makefile targets (#4464 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-08-31 09:58:27 +00:00
ToLToL	1b9a2fca21	Extend Pod Security Admission (#4364 ) * init commit for pss Signed-off-by: ShutingZhao <shuting@nirmata.com> * add test for Volume Type control * add test for App Armor control except ExemptProfile. Fix PSS profile check in EvaluatePSS() * remove unused code, still a JMESPATH problem with app armor ExemptProfile() * test for Host Process / Host Namespaces controls * test for Privileged containers controls * test for HostPathVolume control * test for HostPorts control * test for HostPorts control * test for SELinux control * test for Proc mount type control * Set to baseline * test for Seccomp control * test for Sysctl control * test for Privilege escalation control * test for Run as non root control * test for Restricted Seccomp control * Add problems to address * add solutions to problems * Add validate rule for PSA * api.Version --> string. latest by default * Exclude all values for a restrictedField * add tests for kyverno engine * code to be used to match kyverno rule's namespace * Refacto pkg/pss * fix multiple problems: not matching containers, add contains methods, select the right container when we have the same exclude.RestrictedField for multiple containers: * EvaluatePod * Use EvaluatePod in kyverno engine * Set pod instead of container in context to use full Jmespath. e.g.: securityContext.capabilities.add --> spec.containers[].securityContext.capabilities.add Check if PSSCheckResult matched at least one exclude value * add tests for engine * fix engine validation test * config * update go.mod and go.sum * crds * Check validate value: add PodSecurity * exclude all restrictedFields when we only specify the controlName * ExemptProfile(): check if exclud.RestrictedField matches at least one restrictedField.path * handle containers, initContainers, ephemeralContainers when we only specify the controlName (all restrictedFields are excluded) * refacto pks/pss/evaluate.go and add pkg/engine/validation_test.go * add all controls with containers in restrictedFields as comments * add tests for capabilities and privileged containers and fix some errors * add tests for host ports control * add tests for proc mount control * add tests for privilege escalation control * add tests for capabilities control * remove comments * new algo * refacto algo, working. Add test for hostProcess control * remove unused code * fix getPodWithNotMatchingContainers(), add tests for host namespaces control * refacto ExemptProfile() * get values for a specific container. add test for SELinuxOptions control * fix allowedValues for SELinuxOptions * add tests for seccompProfile_baseline control * refacto checkContainers(), add test for seccomp control * add test for running as non root control * add some tests for runAsUser control, have to update current PSA version * add sysctls control * add allowed values for restrictedVolumes control * add some tests for appArmor, volume types controls * add tests for volume types control * add tests for hostPath volume control * finish merge conflicts and add tests for runAsUser * update charts and crds * exclude.images optional * change volume types control exclude values * add appAmor control * fix: did not match any exclude value for pod-level restrictedFields * create autogen for validate.PodSecurity * clean code, remove logs * fix sonatype lift errors * fix sonatype lift errors: duplication * fix crash in pkg/policy/validate/ tests and unmarshall errors for pkg/engine tests * beginning of autogen implement for validate.exclude * Autogen for validation.PodSecurity * working autogen with simple tests * change validate.PodSecurity failure response format * make codegen * fix lint errors, remove debug prints * fix tags * fix tags * fix crash when deleting pods matching validate.podSecurity rule. Only check validatePodSecurity() when it's not a delete request * Changes requested * Changes requested 2 * Changes requested 3 * Changes requested 4 * Changes requested and make codegen * fix host namespaces control * fix lint * fix codegen error * update docs/crd/v1/index.html Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix path Signed-off-by: ShutingZhao <shuting@nirmata.com> * update crd schema Signed-off-by: ShutingZhao <shuting@nirmata.com> * update charts/kyverno/templates/crds.yaml Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: ShutingZhao <shuting@nirmata.com>	2022-08-31 09:16:31 +00:00
Charles-Edouard Brétéché	a53ad6a5dd	docs: add section for deploying a local build (#4458 ) * docs: add section for deploying a local build Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * review Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * review Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix merge Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-08-31 08:06:12 +00:00
Charles-Edouard Brétéché	f243a7dd84	refactor: make toggles easier to define and use (#4456 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-08-31 06:41:14 +00:00
shuting	3bf3dcc1af	Add the metric "kyverno_client_queries_total" (#4359 ) * Add metric "kyverno_kube_client_queries_total" Signed-off-by: ShutingZhao <shuting@nirmata.com> * publish metric for missing queries Signed-off-by: ShutingZhao <shuting@nirmata.com> * Refactor the way Kyverno registers QPS metric Signed-off-by: ShutingZhao <shuting@nirmata.com> * Move clientsets to a dedicated folder Signed-off-by: ShutingZhao <shuting@nirmata.com> * Wrap Kyverno client and policyreport client to register client query metric Signed-off-by: ShutingZhao <shuting@nirmata.com> * address linter comments Signed-off-by: ShutingZhao <shuting@nirmata.com> * address linter comments Signed-off-by: ShutingZhao <shuting@nirmata.com> * Switch to use wrapper clients Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-08-31 11:33:47 +05:30
shuting	423afb57d8	skip validate rules if conditional anchor key doesn't exist in the resource (#4451 ) Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-08-31 05:09:53 +00:00
Charles-Edouard Brétéché	8ddc72d792	refactor: clearly separate makefile docker targets for build and publish (#4454 ) * refactor: clearly separate makefile ko targets for build and publish Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fixes Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: clearly separate makefile docker targets for build and publish Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-08-31 12:22:46 +08:00
Riko Kudo	5f5cda9fee	Yaml signing and verification (#4235 ) * enable YAML verification using k8s-manifest-sigstore Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> comment out role and rolebinding for dryrun Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> update k8s-manifest-sigstore version Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> fix pubkey setting Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> fix pubkey setting Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> fix log message Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> change default value of dryrun option Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> update crd Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> support gpg signature Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> * upgrade manifest sigstore version and support multi sigs Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> fix validate.manifest rule Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> update crd and add small fix Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> fix manifest verify policy Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> set cosign experimental env when keyless verification Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> * improve default ignoreFields Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> * fix manifest verify policy Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> fix manifest verify policy Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> fix manifest verify policy Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> * add unit-test for k8smanifest Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> update install yaml Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> * update k8s-manifest-sigstore version and support one or more signatures Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> add unit-test for k8smanifest multi-signature Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> fix verifyManifest result message Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> fix verifyManifest result message Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> * fix manifest verify policy and move dryrun rbac to dryrun dir Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> * update k8s-manifest-sigstore version Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> update k8s-manifest-sigstore version Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> update k8s-manifest-sigstore version and resolve conflict Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> enable YAML verification using k8s-manifest-sigstore Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> comment out role and rolebinding for dryrun Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> fix pubkey setting Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> fix pubkey setting Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> update crd Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> upgrade manifest sigstore version and support multi sigs Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> fix validate.manifest rule Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> update crd and add small fix Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> fix manifest verify policy Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> update k8s-manifest-sigstore version and support one or more signatures Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> fix verifyManifest result message Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> fix verifyManifest result message Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> fix manifest verify policy and move dryrun rbac to dryrun dir Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> add small fix Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> * remove generic name Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> * fix sonatype-lift issue and unit-test error Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> * fix gofumpt error Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> * update manifest rule to use attestor Signed-off-by: Riko Kudo <rurikudo@ibm.com> * remove unused value Signed-off-by: Riko Kudo <rurikudo@ibm.com> * resolve conflict Signed-off-by: Riko Kudo <rurikudo@ibm.com> * fix install.yaml Signed-off-by: Riko Kudo <rurikudo@ibm.com> * fix to set COSIGN_EXPERIMENTAL env variable when keyless verification Signed-off-by: Riko Kudo <rurikudo@ibm.com> * fix misspell Signed-off-by: Riko Kudo <rurikudo@ibm.com> * enable kyverno cli in validate.manifests rule (#3) * enable kyverno cli in validate.manifests rule Signed-off-by: Riko Kudo <rurikudo@ibm.com> * update k8s-manifest-sigstore version and improve error handling for better result output Signed-off-by: Riko Kudo <rurikudo@ibm.com> * update crds and deepcopy Signed-off-by: Riko Kudo <rurikudo@ibm.com> * update unit test Signed-off-by: Riko Kudo <rurikudo@ibm.com> * update k8s-manifest-sigstore version Signed-off-by: Riko Kudo <rurikudo@ibm.com> * change to use spec.rules.exclude.subjects instead of skipUsers (#4) Signed-off-by: Riko Kudo <rurikudo@ibm.com> * update k8s-manifest-sigstore version Signed-off-by: Riko Kudo <rurikudo@ibm.com> * fix yaml signing sigstore (#5) * update k8s-manifest-sigstore version Signed-off-by: Riko Kudo <rurikudo@ibm.com> * add a comment for dryrun option field Signed-off-by: Riko Kudo <rurikudo@ibm.com> * enable to include ClusterPolicy/Policy in match resource Signed-off-by: Riko Kudo <rurikudo@ibm.com> * fix log style and env variable settings Signed-off-by: Riko Kudo <rurikudo@ibm.com> * simplify manifest verify func Signed-off-by: Riko Kudo <rurikudo@ibm.com> * fix func name Signed-off-by: Riko Kudo <rurikudo@ibm.com> Signed-off-by: Riko Kudo <rurikudo@ibm.com> * fix sonatype warning Signed-off-by: Riko Kudo <rurikudo@ibm.com> * fix default ignoreFields Signed-off-by: Riko Kudo <rurikudo@ibm.com> * fix yaml signing sigstore rbac (#6) * fix dryrun rbac to have minimal permissions Signed-off-by: Riko Kudo <rurikudo@ibm.com> * fix lint error Signed-off-by: Riko Kudo <rurikudo@ibm.com> Signed-off-by: Riko Kudo <rurikudo@ibm.com> * fix unit-test error Signed-off-by: Riko Kudo <rurikudo@ibm.com> * fix gofumpt error Signed-off-by: Riko Kudo <rurikudo@ibm.com> * fix log style Signed-off-by: Riko Kudo <rurikudo@ibm.com> * updated CRD documentation Signed-off-by: Riko Kudo <rurikudo@ibm.com> * resolve go.mod conflicts Signed-off-by: Riko Kudo <rurikudo@ibm.com> * updated helm stuff Signed-off-by: Riko Kudo <rurikudo@ibm.com> Signed-off-by: Ruriko Kudo <rurikudo@ibm.com> Signed-off-by: Riko Kudo <rurikudo@ibm.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2022-08-30 10:14:54 -07:00
Charles-Edouard Brétéché	bfffbeabe5	docs: add pushing images section (#4452 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-08-30 16:10:38 +00:00
Charles-Edouard Brétéché	fc79ca96a2	refactor: clearly separate makefile ko targets for build and publish (#4450 ) * refactor: clearly separate makefile ko targets for build and publish Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fixes Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-08-30 17:30:28 +02:00
Charles-Edouard Brétéché	361fb533a8	chore: fix workflows related to ko recent changes (#4441 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-08-30 14:06:30 +00:00
Charles-Edouard Brétéché	26989b0604	docs: add local image build section (#4449 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-08-30 15:15:13 +02:00
Charles-Edouard Brétéché	2b495c7ef3	chore: fix workflows related to ko recent changes (#4438 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>	2022-08-30 12:59:08 +08:00
Chip Zoller	1f6e7b17ce	Update issue template drop-down version numbers (#4446 ) * add chipzoller to CODEOWNERS Signed-off-by: Chip Zoller <chipzoller@gmail.com> * update version drop-downs Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add explanation section Signed-off-by: Chip Zoller <chipzoller@gmail.com> * bump versions in issue template drop-downs Signed-off-by: Chip Zoller <chipzoller@gmail.com> Signed-off-by: Chip Zoller <chipzoller@gmail.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-08-29 21:41:04 +00:00
Charles-Edouard Brétéché	2a4ae98962	docs: add section for local builds (#4445 ) * docs: add section for dev tools Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * docs: add section for local builds Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * typo Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-08-29 20:36:04 +00:00

1 2 3 4 5 ...

4611 commits