kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2025-03-10 09:56:55 +00:00

Author	SHA1	Message	Date
Jim Bugwadia	6fa8a97583	update log levels (#4286 ) Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2022-08-02 10:57:25 +05:30
Jim Bugwadia	4aa0767728	add applyRules to control whether one or all rules are applied (#4196 ) * add ruleSelector Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix selector logic for skipped rules Signed-off-by: Jim Bugwadia <jim@nirmata.com> * change names Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix generated paths Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix linter issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add image variable to context when rule processing starts Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix messages Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update generate rules Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-07-29 15:02:26 +08:00
vivek kumar sahu	03cec01fb5	feature: added new type of event, PolicySkipped (#4251 ) * feature: added new type of event, PolicySkipped Signed-off-by: viveksahu26 <vivekkumarsahu650@gmail.com> * fix html docs Signed-off-by: viveksahu26 <vivekkumarsahu650@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-07-28 14:01:50 +08:00
shuting	750b4b106c	Reset policy status on termination (#4269 ) - reset policy status to false on termination - retry reconciling policies when .status.ready=false Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-07-27 14:15:06 +05:30
Tathagata Paul	9b41e2e017	Add shutdown methods for exporters and controllers (#4214 ) * add shutdown methods for exporters and controllers Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * remove shutdown exporter and add timeout in main.go Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * move ctx timeout to main Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * change variable order Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com>	2022-07-25 09:25:26 +00:00
Guilhem Lettron	96999f8995	fix: use only 1 kubernetes client (#4256 ) Signed-off-by: Guilhem Lettron <guilhem@barpilot.io> Co-authored-by: shuting <shuting@nirmata.com>	2022-07-25 13:49:51 +08:00
Prateek Pandey	3f1997c0e8	fix split policyreport name with background scan (#4237 ) - fix split policyreport name with background scan - fix the label selector initialising - refactor the generatePolicyName func Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-07-21 14:31:42 +05:30
Vyankatesh Kudtarkar	530e38a6f4	fix check depreciated api issue (#4243 )	2022-07-21 13:11:39 +08:00
shuting	23a1df0d7b	Cherry-pick #4233 (#4236 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-07-20 22:22:15 +05:30
shuting	7a2045bc11	Revert "fix: metrics with invalid validationMode (#4198 )" (#4241 ) This reverts commit `65c100566c`.	2022-07-20 15:22:03 +00:00
Ramón Berrutti	65c100566c	fix: metrics with invalid validationMode (#4198 ) Signed-off-by: Ramón Berrutti <ramonberrutti@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-07-20 09:06:15 +00:00
vivek kumar sahu	f6c131cfcc	precondition failure will skip rule independent of audit or enforce mode (#4163 ) * precondition fails will skip rule independent of audit or enforce mode Signed-off-by: viveksahu26 <vivekkumarsahu650@gmail.com> * Added cli-test cases Signed-off-by: viveksahu26 <vivekkumarsahu650@gmail.com> * small fix Signed-off-by: viveksahu26 <vivekkumarsahu650@gmail.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-07-14 09:35:27 +05:30
Byron Ibarra	f8a79be9a5	Fix UpdateRequest labeling (from pull #4199 ) (#4212 ) Signed-off-by: Byron Ibarra V <bibarrav@falabella.cl>	2022-07-13 03:08:15 +05:30
Prateek Pandey	c0cc4b781c	use the unstructured list instead of interface type (#4210 ) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-07-12 15:07:40 +00:00
Tathagata Paul	3e2894b6fa	feat: Opentelemetry support for metrics and traces (#3910 ) * integrating opentelemetry Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * fix multiple imports Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * fixed cli help statement Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * added init file for metrics Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-07-11 17:49:47 +00:00
Thomas Hartland	6e9609409b	Use non-blocking channel send for UpdateWebhookChan (#4204 ) If the channel send is blocked then there is already an update queued, and there is no point waiting to queue another one. In profiling, the channel send in monitor.go has been seen to "leak" goroutines as the channel is not being read from fast enough, but the root cause is not known. Signed-off-by: Thomas Hartland <thomas.hartland@diamond.ac.uk>	2022-07-12 00:21:20 +08:00
Jim Bugwadia	58337716c8	Fix merging JSON patches (#4202 ) * fix merge of image verify and mutate patches Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update json patch merge logic Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2022-07-11 09:26:31 +05:30
Charles-Edouard Brétéché	210a709bb3	feat: policy status for autogen rules (#4173 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-07-03 15:09:18 -07:00
Vyankatesh Kudtarkar	12693e1a9c	fix external.metrics.k8s.io/v1beta1 issue (#4139 ) * fix external.metrics.k8s.io/v1beta1 issue * update find resource discovery method * revert validate.go * revert chnages * update discovery method * fix error handler issue * add logger support	2022-07-01 03:00:05 +00:00
Prateek Pandey	808e6ae8b7	delete policy reports on policy deletion (#4174 ) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-06-30 15:45:02 +00:00
Prateek Pandey	9226873e68	feat: split policy report per policy bases (#4147 ) * feat: split policy report per policy bases Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * add policy name as a handler key Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * update merge change request logic Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * handle the delete resource update on policy report Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * add splitPolicyReport feature gate Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * delete old reports if splitPolicyReport feature enable Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * use trim policyname as label and create name Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * fix change request result Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-06-28 15:27:57 +00:00
shuting	77fb10a430	Clean up RCRs if the count exceeds the threshold (#4148 ) * Clean up RCRs if the count exceeds the limit Signed-off-by: ShutingZhao <shuting@nirmata.com> * Sets reports to inactive on resourceExhausted error Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix linter Signed-off-by: ShutingZhao <shuting@nirmata.com> * Add a container flag changeRequestLimit Signed-off-by: ShutingZhao <shuting@nirmata.com> * Skip generating RCRs if resourceExhausted error occurs Signed-off-by: ShutingZhao <shuting@nirmata.com> * set default RCR limit to 1000 Signed-off-by: ShutingZhao <shuting@nirmata.com> * Update log messages and CHANGELOG.md Signed-off-by: ShutingZhao <shuting@nirmata.com> * Address review comments Signed-off-by: ShutingZhao <shuting@nirmata.com> * Extract mapper to a separate file Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-06-28 06:18:57 +00:00
shuting	cd2d89bf55	Wait for informers' cache to be synced before starting controllers (#4155 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-06-28 04:55:52 +00:00
shuting	47b1266503	- Disable events generation on DELETE; - Reduce event generation retry from 10 to 3 (#4159 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-06-28 11:58:23 +08:00
Jim Bugwadia	b68f4ba679	release event memory (#4138 ) Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-06-23 00:37:46 +08:00
Furkan Türkal	af3da5e19a	bump cosign to 1.9.1 to fix fulcio panic (#4117 ) Signed-off-by: Furkan <furkan.turkal@trendyol.com> Co-authored-by: Batuhan <batuhan.apaydin@trendyol.com> Co-authored-by: Batuhan <batuhan.apaydin@trendyol.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2022-06-16 16:03:22 +00:00
Prateek Pandey	02b806deee	fix: use policyName key to get the policy name (#4114 ) In case of namespace policy `ur.spec.policy` contains namespace/policy-name combinations, hence can't be used to set the policy name label. Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-06-16 11:23:37 +00:00
Andrew Bulford	11942560c3	fix: Stop incorrect any block condition logging (#4107 ) Previously the "no condition passed for 'any' block" would be logged for all `any` blocks because the log line always occurs, even if conditions are found. Co-authored-by: Samuel Torres <samuel.torres@form3.tech> Signed-off-by: Andrew Bulford <andrew.bulford@form3.tech> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>	2022-06-15 15:39:24 +00:00
Jim Bugwadia	c3be689851	remove TUF initialization from main (#4098 ) Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2022-06-10 00:52:12 -07:00
shuting	8260820a16	Fix labels with invalid charrs (#4034 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-05-30 05:21:08 +00:00
Charles-Edouard Brétéché	dae3dad027	refactor: used typed admission request in ur (#4022 ) * refactor: add policy event listener in ur controller (#4012) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `cd1fa030ee`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: used typed admission request in ur Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: used typed admission request in ur Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * Handle the error properly Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> Co-authored-by: ShutingZhao <shuting@nirmata.com>	2022-05-29 07:27:14 +00:00
Shubham Nazare	165c5d9fc3	feat: Extend CLI to cover generate policies (#3456 ) - Change in namespace for test-generate example - Change cloneResource to cloneSourceResource - Add support for namespaced Policy and fix log messages - Add test-generate in Makefile and an example of namespaced Policy - Fix namespaced policy issue and add comments - Refactor according to new generate controller - Add json tag to GeneratedResource field of RuleResponse struct Signed-off-by: Shubham Nazare <shubham4443@gmail.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-05-25 14:26:22 +00:00
Anton Popovichenko	afc9a56d33	Feature: Add support for allowing insecure registries. (#3983 ) Now you can work with self signed registries by updating your deployment with adding `--allowInsecureRegistry` to the `args` field. Signed-off-by: Anton Popovichenko <anton.popovichenko@mendix.com> Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-25 11:03:36 +02:00
Charles-Edouard Brétéché	4a6d5f7864	refactor: move policy deletion code from policy controller to ur controller (#4013 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-24 21:05:11 +02:00
Charles-Edouard Brétéché	74f5f30e3b	fix: bypass policy mutation if autogen internals enabled (#4007 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-24 17:37:01 +00:00
Charles-Edouard Brétéché	3a3556919f	fix: use background helper in ur generator (#4009 ) * fix: stop mutating cached resource in ur controller (#4003) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `dac733755b`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: use background helper in ur generator Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-24 16:58:45 +00:00
Charles-Edouard Brétéché	2e91d233c0	fix: remove update ur status in generator (#4008 ) * fix: stop mutating cached resource in ur controller (#4003) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `dac733755b`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: remove update ur status in generator Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-25 00:31:56 +08:00
Charles-Edouard Brétéché	cd1fa030ee	refactor: add policy event listener in ur controller (#4012 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-24 22:41:17 +08:00
Charles-Edouard Brétéché	b967d7388b	chore: remove unused ur errors (#4011 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>	2022-05-24 13:59:12 +00:00
Charles-Edouard Brétéché	73fdbd3e76	refactor: ur cleaner controller (#3974 ) * fix: move ur controller filtering in reconciler Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: mark ur retry on conflict Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: test data Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: add filter back in update ur handler Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: added some logs about attempts and increased backoff Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: reconciliation logic Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: Test_Generate_Synchronize_Flag Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: small nits Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: interface and logger Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: remove useless Control and ControlInterface Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: use GetObjectWithTombstone helper Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: reoder methods Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: is not found check Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: move check in reconcile code Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: stop mutating cached resource in ur controller (#4003) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `dac733755b`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-05-24 13:30:00 +00:00
Vyankatesh Kudtarkar	bea0b794d5	add validation check to ensure the annotations quoted (#3976 )	2022-05-24 12:45:23 +00:00
shuting	85b486eb27	Support `@` for mutate targets (#3998 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-05-24 17:49:36 +05:30
Charles-Edouard Brétéché	c9f8a68d8a	fix: stop mutation policies when autogen internals is enabled (#4004 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-24 13:08:29 +02:00
Charles-Edouard Brétéché	e47176d695	refactor: background controllers cleanup (#4001 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-24 10:27:26 +00:00
Charles-Edouard Brétéché	dac733755b	fix: stop mutating cached resource in ur controller (#4003 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-24 11:25:37 +02:00
Charles-Edouard Brétéché	1712dfa947	refactor: move label helper utils from policy package to background package (#3996 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-24 13:11:12 +05:30
Jim Bugwadia	8fe9163f4e	fix attestation checks (#3999 ) * fix attestation checks Signed-off-by: Jim Bugwadia <jim@nirmata.com> * make fmt Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix linter issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> * make codegen Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * dos2unix Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2022-05-24 14:57:01 +08:00
Charles-Edouard Brétéché	caa769fb1d	refactor: clean updaterequest generator (#3949 ) * refactor: clean updaterequest generator Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: clean updaterequest generator Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-05-23 22:39:12 +08:00
Charles-Edouard Brétéché	005400c606	chore: enable nosprintfhostport linter (#3989 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>	2022-05-23 14:14:52 +00:00
Charles-Edouard Brétéché	dd4fd943b1	feat: add controller utils package (#3952 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-05-23 13:45:04 +00:00

... 4 5 6 7 8 ...

2822 commits