kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2025-04-23 20:48:37 +00:00

Author	SHA1	Message	Date
Shuting Zhao	56eeefa6d1	tag v1.4.0 Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-06-18 12:14:46 -07:00
Shuting Zhao	a9e3092fca	tag v1.4.0-rc4 Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-06-17 17:52:11 -07:00
treydock	68555a374d	Fix build errors with Go 1.16 (#2034 ) Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>	2021-06-17 15:36:13 -07:00
treydock	bc3755d0b1	Fix Helm chart metrics service to allow NodePort (#2035 ) Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>	2021-06-17 15:20:31 -07:00
vyankatesh	4f3a780cc4	fix issue	2021-06-17 20:49:28 +05:30
Shuting Zhao	3e4ee51267	tag v1.4.0-rc3 Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-06-16 23:49:47 -07:00
shuting	65975a8b65	Enable webhooks configuration via Helm (#2032 ) * helm - enable configurations of webhooks Signed-off-by: Shuting Zhao <shutting06@gmail.com> * retry on update failure Signed-off-by: Shuting Zhao <shutting06@gmail.com> * update Readme Signed-off-by: Shuting Zhao <shutting06@gmail.com> * address lint errors Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-06-16 23:29:07 -07:00
Shuting Zhao	e61f6f9dd9	tag v1.4.0-rc2 Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-06-15 21:59:19 -07:00
Pooja Singh	fec236c365	Merge pull request #3 from NoSkillGirl/master sync with master	2021-06-16 09:40:04 +05:30
NoSkillGirl	e40cd614de	fixing reviewdog error Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-06-16 09:19:58 +05:30
NoSkillGirl	3c1cb89249	seperating code for get resources Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-06-16 08:17:31 +05:30
NoSkillGirl	4d574a7846	removed cluster function Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-06-16 08:12:03 +05:30
NoSkillGirl	f42aff1a42	code optimization Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-06-16 07:56:08 +05:30
shuting	6d5e988ebe	BugFix - update the annotation lastRequestTimestamp from active instances (#2019 ) * fix webhook monitor - inactive instance did not get latest request timestamp Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add checks for registered webhook configs Signed-off-by: Shuting Zhao <shutting06@gmail.com> * update veridy_deployment.sh Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add debug steps in e2d workflow Signed-off-by: Shuting Zhao <shutting06@gmail.com> * fix CI errors Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-06-15 18:39:22 -07:00
NoSkillGirl	b8ada99d50	trying to change the way resource is stored in map Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-06-15 23:35:22 +05:30
NoSkillGirl	09b1592f11	added loop for namespace Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-06-15 18:14:51 +05:30
Jim Bugwadia	6b85b6dc95	Merge pull request #2021 from RinkiyaKeDad/bot_fix moved label bot yaml to workflows	2021-06-15 01:12:00 -07:00
RinkiyaKeDad	4e6cdb9005	moved bot yaml to workflows Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>	2021-06-15 12:44:23 +05:30
Arsh Sharma	15e4a4e4ca	initial commit (#2005 ) Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>	2021-06-14 23:35:40 -07:00
shuting	fa419439ec	fix merge eror (#2016 ) Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-06-14 15:50:34 -07:00
Jim Bugwadia	0172879ad1	Merge pull request #2017 from kyverno/add_chip add Chip Zoller as a maintainer	2021-06-14 15:01:00 -07:00
Jim Bugwadia	188ea0ff56	add Chip Zoller as a maintainer Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-06-14 14:27:16 -07:00
Jim Bugwadia	b7532c8c33	Merge pull request #2015 from realshuting/fix_prometheus_panics Fix prometheus panics	2021-06-14 14:20:36 -07:00
Shuting Zhao	2abeb9dda7	fix prometheus panics Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-06-14 13:42:57 -07:00
shuting	6f07ea407f	Customize namespaceSelector of Webhookconfigurations (#2003 ) * customize namespaceSelector of webhook configurations from configMap Signed-off-by: Shuting Zhao <shutting06@gmail.com> * update webhook configurations base on UPDATEs of Kyverno ConfigMap Signed-off-by: Shuting Zhao <shutting06@gmail.com> * register webhook configurations with the namespaceSelector from ConfigMap Signed-off-by: Shuting Zhao <shutting06@gmail.com> * address golint comment Signed-off-by: Shuting Zhao <shutting06@gmail.com> * validate webhooks config format Signed-off-by: Shuting Zhao <shutting06@gmail.com> * fix NotDefined scenario Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-06-14 13:01:40 -07:00
Jim Bugwadia	b486493f87	Merge pull request #2009 from kyverno/readme/fix_slack_link fix slack link	2021-06-14 10:56:53 -07:00
Jim Bugwadia	f71b583605	fix slack link Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-06-13 16:44:16 -07:00
treydock	f1491fe6d3	Allow metrics service annotations to be defined separate from main service (#1988 ) * Allow metrics service annotations to be defined separate from main service Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Add test for metrics during Helm deployment testing Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Make services separate for kustomize Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Run 'make kustomize-crd' Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Fix e2e tests for metrics Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Fix Helm chart for metrics service Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Fix helm chart testing Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>	2021-06-10 13:53:29 -07:00
Vineeth Reddy	34cf44a857	improve log message for generate policies (#1993 ) Signed-off-by: vineethvanga18 <reddy.8@iitj.ac.in>	2021-06-10 12:48:26 -07:00
Arsh Sharma	7e9be24d90	updating minio verison (#1956 )	2021-06-09 19:16:26 -07:00
Vyankatesh Kudtarkar	9d00348a52	Fix: mutate policies kept applying to these terminating Pods (#1978 ) * Fix Dev setup * Fix mutate policies kept applying to these terminating Pods * fix patch resource issue Co-authored-by: vyankatesh <vyankatesh@neualto.com>	2021-06-09 18:34:10 -07:00
Vineeth Reddy	6d2cb87370	change min support kubernetes version to 1.16 for kyverno 1.4 (#1935 ) * change min support kubernetes version to 1.16 for kyverno 1.4 Signed-off-by: vineethvanga18 <reddy.8@iitj.ac.in> * migrate deployment to apps/v1 Signed-off-by: vineethvanga18 <reddy.8@iitj.ac.in>	2021-06-08 13:14:28 -07:00
Shuting Zhao	2ca824210d	tag v1.4.0-rc1 Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-06-08 13:09:20 -07:00
shuting	e9a972a362	feat: HA (#1931 ) * Fix Dev setup * webhook monitor - start webhook monitor in main process Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add leaderelection Signed-off-by: Jim Bugwadia <jim@nirmata.com> * - add isLeader; - update to use configmap lock Signed-off-by: Shuting Zhao <shutting06@gmail.com> * - add initialization method - add methods to get attributes Signed-off-by: Shuting Zhao <shutting06@gmail.com> * address comments Signed-off-by: Shuting Zhao <shutting06@gmail.com> * remove newContext in runLeaderElection Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add leader election to GenerateController Signed-off-by: Jim Bugwadia <jim@nirmata.com> * skip processing for non-leaders Signed-off-by: Jim Bugwadia <jim@nirmata.com> * skip processing for non-leaders Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add leader election to generate cleanup controller Signed-off-by: Jim Bugwadia <jim@nirmata.com> * Gracefully drain request * HA - Webhook Register / Webhook Monitor / Certificate Renewer (#1920) * enable leader election for webhook register Signed-off-by: Shuting Zhao <shutting06@gmail.com> * extract certManager to its own process Signed-off-by: Shuting Zhao <shutting06@gmail.com> * leader election for cert manager Signed-off-by: Shuting Zhao <shutting06@gmail.com> * certManager - init certs by the leader Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add leader election to webhook monitor Signed-off-by: Shuting Zhao <shutting06@gmail.com> * update log message Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add leader election to policy controller Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add leader election to policy report controller Signed-off-by: Shuting Zhao <shutting06@gmail.com> * rebuild leader election config Signed-off-by: Shuting Zhao <shutting06@gmail.com> * start informers in leaderelection Signed-off-by: Shuting Zhao <shutting06@gmail.com> * start policy informers in main Signed-off-by: Shuting Zhao <shutting06@gmail.com> * enable leader election in main Signed-off-by: Shuting Zhao <shutting06@gmail.com> * move eventHandler to the leader election start method Signed-off-by: Shuting Zhao <shutting06@gmail.com> * address reviewdog comments Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add clusterrole leaderelection Signed-off-by: Shuting Zhao <shutting06@gmail.com> * fixed generate flow (#1936) Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * - init separate kubeclient for leaderelection - fix webhook monitor Signed-off-by: Shuting Zhao <shutting06@gmail.com> * address reviewdog comments Signed-off-by: Shuting Zhao <shutting06@gmail.com> * cleanup Kyverno managed resources on stopLeading Signed-off-by: Shuting Zhao <shutting06@gmail.com> * tag v1.4.0-beta1 Signed-off-by: Shuting Zhao <shutting06@gmail.com> * fix cleanup process on Kyverno stops Signed-off-by: Shuting Zhao <shutting06@gmail.com> * bump kind to 0.11.0, k8s v1.21 (#1980) Co-authored-by: vyankatesh <vyankatesh@neualto.com> Co-authored-by: vyankatesh <vyankateshkd@gmail.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Pooja Singh <36136335+NoSkillGirl@users.noreply.github.com>	2021-06-08 12:37:19 -07:00
Jim Bugwadia	eaa96f3def	Merge pull request #1974 from vyankyGH/update/e2e-test Update e2e tests	2021-06-08 11:56:20 -07:00
Ahmed Waleed Malik	3c4c6dae92	Remove runAsUser specification from Security Context (#1972 ) This fails on openshift since we cannot specify users within this range. Also, this template should be as close as possible to the vanilla manifest for deployment https://github.com/kyverno/kyverno/blob/main/definitions/release/install.yaml Vanilla manifest omits the user specification https://github.com/kyverno/kyverno/blob/main/definitions/release/install.yaml#L2478 Signed-off-by: Waleed Malik <ahmedwaleedmalik@gmail.com>	2021-06-08 10:14:20 -07:00
RinkiyaKeDad	d1be681773	replacing pod security standard from default to baseline Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>	2021-06-08 13:02:02 +05:30
vyankatesh	ab959d0ca4	bump kind to 0.11.0, k8s v1.21	2021-06-08 11:18:48 +05:30
vyankatesh	4ae3f2469f	Merge branch 'main' of https://github.com/kyverno/kyverno into main	2021-06-08 11:02:43 +05:30
Vyankatesh Kudtarkar	8eb1d4c7fb	Update variable paths when auto generate the controller rules (#1914 ) * Fix Dev setup * Update variable paths * fix testcase issue Co-authored-by: vyankatesh <vyankatesh@neualto.com>	2021-06-07 13:35:53 -07:00
Yashvardhan Kukreja	a931f8f8f5	added: admission_request_timestamp for kyverno_admission_review_latency_milliseconds and a small fix (#1970 ) Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>	2021-06-07 12:53:13 -07:00
Pooja Singh	e227636271	1947/e2e generate policy (#1951 ) * fixed generate flow Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added test for generate policy with clone Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * small conflict fix Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * print logs for e2e Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * changing log level Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added wait while creating policy Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * remove log level from e2e Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added a clusterpolicy check while creating a namespaced resource in e2e tests Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * updated the github_action name for e2e tests Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * changing waiting time to 1 sec Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * remove log Signed-off-by: Shuting Zhao <shutting06@gmail.com> Co-authored-by: Shuting Zhao <shutting06@gmail.com>	2021-06-07 12:36:00 -07:00
Yashvardhan Kukreja	10e23da431	added: JSON for Grafana Dashboard (#1952 ) Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>	2021-06-03 13:33:58 -07:00
Jim Bugwadia	5dfd16ce44	Merge pull request #1946 from RinkiyaKeDad/1944_more_than_fix fix operator matching with spacing	2021-06-02 23:06:03 -07:00
vyankatesh	eceaa3c77a	Merge branch 'main' of https://github.com/kyverno/kyverno into main	2021-06-03 11:33:25 +05:30
RinkiyaKeDad	29c6e901ab	added test, removed comment Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>	2021-06-03 11:16:50 +05:30
Pooja Singh	d9ad564989	fixed generate flow (#1948 ) Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-06-02 12:09:48 -07:00
Pooja Singh	605d182ee3	e2e test cases for generate (#1835 ) * added sample test Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * case: when creating the new namespace without the label, there should not have any generated resource Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * case: when adding the matched label to the namespace, the target resource should be generated Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * removing comments Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * trying to check updated network policy Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * case: when synchronize flag is set to true in the policy, one cannot delete the generated resource Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * trying to check updated generate policy Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * case: change synchronize to false in the policy, the label in generated resource should be updated to policy.kyverno.io/synchronize: disable Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * case: when changing the content in generate.data, the change should be synced to the generated resource Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added comments Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * case: with synchronize==false, one should be able to delete the generated resource Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * handling error Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added retrying Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * minor e2e fixes Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * e2e fixes Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added logs of mutate error Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * printing configmap Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * printing configmap using BY Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * removing print statements Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * print configmap name Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * printing complete configmap Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-06-02 11:48:28 -07:00
RinkiyaKeDad	e94479717c	fixed spacing problem in operators Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>	2021-06-02 12:16:54 +05:30
shuting	1412c1f84e	- update version to v1.3.6; - split Kustomization manifests; - revert release/install.yaml (#1945 ) Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-06-01 21:58:37 -07:00

... 3 4 5 6 7 ...

3504 commits