ToLToL
1b9a2fca21
Extend Pod Security Admission ( #4364 )
...
* init commit for pss
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add test for Volume Type control
* add test for App Armor control except ExemptProfile. Fix PSS profile check in EvaluatePSS()
* remove unused code, still a JMESPATH problem with app armor ExemptProfile()
* test for Host Process / Host Namespaces controls
* test for Privileged containers controls
* test for HostPathVolume control
* test for HostPorts control
* test for HostPorts control
* test for SELinux control
* test for Proc mount type control
* Set to baseline
* test for Seccomp control
* test for Sysctl control
* test for Privilege escalation control
* test for Run as non root control
* test for Restricted Seccomp control
* Add problems to address
* add solutions to problems
* Add validate rule for PSA
* api.Version --> string. latest by default
* Exclude all values for a restrictedField
* add tests for kyverno engine
* code to be used to match kyverno rule's namespace
* Refacto pkg/pss
* fix multiple problems: not matching containers, add contains methods, select the right container when we have the same exclude.RestrictedField for multiple containers:
* EvaluatePod
* Use EvaluatePod in kyverno engine
* Set pod instead of container in context to use full Jmespath. e.g.: securityContext.capabilities.add --> spec.containers[*].securityContext.capabilities.add
* Check if PSSCheckResult matched at least one exclude value
* add tests for engine
* fix engine validation test
* config
* update go.mod and go.sum
* crds
* Check validate value: add PodSecurity
* exclude all restrictedFields when we only specify the controlName
* ExemptProfile(): check if exclud.RestrictedField matches at least one restrictedField.path
* handle containers, initContainers, ephemeralContainers when we only specify the controlName (all restrictedFields are excluded)
* refacto pks/pss/evaluate.go and add pkg/engine/validation_test.go
* add all controls with containers in restrictedFields as comments
* add tests for capabilities and privileged containers and fix some errors
* add tests for host ports control
* add tests for proc mount control
* add tests for privilege escalation control
* add tests for capabilities control
* remove comments
* new algo
* refacto algo, working. Add test for hostProcess control
* remove unused code
* fix getPodWithNotMatchingContainers(), add tests for host namespaces control
* refacto ExemptProfile()
* get values for a specific container. add test for SELinuxOptions control
* fix allowedValues for SELinuxOptions
* add tests for seccompProfile_baseline control
* refacto checkContainers(), add test for seccomp control
* add test for running as non root control
* add some tests for runAsUser control, have to update current PSA version
* add sysctls control
* add allowed values for restrictedVolumes control
* add some tests for appArmor, volume types controls
* add tests for volume types control
* add tests for hostPath volume control
* finish merge conflicts and add tests for runAsUser
* update charts and crds
* exclude.images optional
* change volume types control exclude values
* add appAmor control
* fix: did not match any exclude value for pod-level restrictedFields
* create autogen for validate.PodSecurity
* clean code, remove logs
* fix sonatype lift errors
* fix sonatype lift errors: duplication
* fix crash in pkg/policy/validate/ tests and unmarshall errors for pkg/engine tests
* beginning of autogen implement for validate.exclude
* Autogen for validation.PodSecurity
* working autogen with simple tests
* change validate.PodSecurity failure response format
* make codegen
* fix lint errors, remove debug prints
* fix tags
* fix tags
* fix crash when deleting pods matching validate.podSecurity rule. Only check validatePodSecurity() when it's not a delete request
* Changes requested
* Changes requested 2
* Changes requested 3
* Changes requested 4
* Changes requested and make codegen
* fix host namespaces control
* fix lint
* fix codegen error
* update docs/crd/v1/index.html
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix path
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update crd schema
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update charts/kyverno/templates/crds.yaml
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: ShutingZhao <shuting@nirmata.com>
2022-08-31 09:16:31 +00:00
Charles-Edouard Brétéché
a53ad6a5dd
docs: add section for deploying a local build ( #4458 )
...
* docs: add section for deploying a local build
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* review
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* review
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* fix merge
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-08-31 08:06:12 +00:00
Charles-Edouard Brétéché
8ddc72d792
refactor: clearly separate makefile docker targets for build and publish ( #4454 )
...
* refactor: clearly separate makefile ko targets for build and publish
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* fixes
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* refactor: clearly separate makefile docker targets for build and publish
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-08-31 12:22:46 +08:00
Charles-Edouard Brétéché
fc79ca96a2
refactor: clearly separate makefile ko targets for build and publish ( #4450 )
...
* refactor: clearly separate makefile ko targets for build and publish
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* fixes
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-08-30 17:30:28 +02:00
Charles-Edouard Brétéché
361fb533a8
chore: fix workflows related to ko recent changes ( #4441 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-08-30 14:06:30 +00:00
Charles-Edouard Brétéché
2b495c7ef3
chore: fix workflows related to ko recent changes ( #4438 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
2022-08-30 12:59:08 +08:00
Charles-Edouard Brétéché
504acea12c
chore: remove godownloader and install-cli script ( #4442 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-08-29 17:19:13 +02:00
Charles-Edouard Brétéché
8e65e558e4
fix: ko login ( #4427 )
2022-08-27 12:26:17 +08:00
Charles-Edouard Brétéché
e0da0c996c
fix: ko login ( #4424 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-08-26 15:54:48 +00:00
Charles-Edouard Brétéché
4864be14f1
fix: make ldflags optional in .ko.yaml ( #4419 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-08-26 13:40:27 +00:00
Charles-Edouard Brétéché
9e49b25484
refactor: makefile build targets ( #4418 )
...
* refactor: makefile
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* refactor: makefile build targets
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-08-26 15:23:04 +08:00
Jason Hall
95f3c0ea48
fix: Add --bare for ko-build-dev targets ( #4417 )
...
Signed-off-by: Jason Hall <jason@chainguard.dev>
Signed-off-by: Jason Hall <jason@chainguard.dev>
2022-08-25 19:41:50 +00:00
Jason Hall
6055713dfc
Use ko to build images ( #4366 )
...
This updates Makefile targets to build images using `docker buildx
build` to use `ko build` instead.
End-to-end tests are accomplished by building and loading the image
directly into the KinD cluster via ko.
Also:
- use GitHub Actions token to push to ghcr.io (setup-ko sets this up for us)
- allow forks to push to their forked repo's packages (useful for testing)
Signed-off-by: Jason Hall <jason@chainguard.dev>
Signed-off-by: Jason Hall <jason@chainguard.dev>
2022-08-25 20:32:40 +02:00
Charles-Edouard Brétéché
3454635ece
refactor: makefile ( #4403 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-08-25 16:59:24 +00:00
Charles-Edouard Brétéché
cf0ee93de8
feat: enable autogen internals by default ( #4381 )
...
* feat: enable autogen internals by default
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* change e2e tests
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* change e2e tests matrix
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-08-25 23:01:43 +08:00
Charles-Edouard Brétéché
961e06adcd
chore: improve docker image tagging ( #4409 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-08-25 13:13:51 +05:30
Charles-Edouard Brétéché
91373e1329
fix: goimports check not working in ci job ( #4387 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
2022-08-24 13:38:49 +00:00
Charles-Edouard Brétéché
b29207f585
fix: use official controller-gen ( #4171 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
2022-07-01 15:25:59 +00:00
Prateek Pandey
a14cab0947
fix: use dev tag for init container local build target ( #4142 )
...
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
2022-06-21 10:30:22 +05:30
Prateek Pandey
0d44003386
refactor: bump KIND version to use v1.24.0 k8s release ( #3877 )
...
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2022-06-01 14:39:55 +00:00
Charles-Edouard Brétéché
dae3dad027
refactor: used typed admission request in ur ( #4022 )
...
* refactor: add policy event listener in ur controller (#4012 )
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
(cherry picked from commit cd1fa030ee
2022-05-29 07:27:14 +00:00
Shubham Nazare
165c5d9fc3
feat: Extend CLI to cover generate policies ( #3456 )
...
- Change in namespace for test-generate example
- Change cloneResource to cloneSourceResource
- Add support for namespaced Policy and fix log messages
- Add test-generate in Makefile and an example of namespaced Policy
- Fix namespaced policy issue and add comments
- Refactor according to new generate controller
- Add json tag to GeneratedResource field of RuleResponse struct
Signed-off-by: Shubham Nazare <shubham4443@gmail.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
2022-05-25 14:26:22 +00:00
Charles-Edouard Brétéché
288125ebd0
chore: add informer util ( #3796 )
2022-05-04 12:39:14 +00:00
Sambhav Kothari
dd0f6baa7d
Enable tests in makefile ( #3699 )
2022-05-01 14:20:22 -07:00
Charles-Edouard Brétéché
b7f42a0d1f
refactor: remove some api unnecessary pointers (3) ( #3707 )
...
* refactor: remove some api unnecessary pointers
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* refactor: remove some api unnecessary pointers (2)
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* refactor: remove some api unnecessary pointers (3)
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-04-28 12:30:23 +00:00
shuting
2a656f6de0
feat: mutate existing resources ( #3669 )
...
* feat: mutate existing, replace GR by UR in webhook server (#3601 )
* add attributes for post mutation
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add UR informer to webhook server
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* - replace gr with ur in the webhook server; - create ur for mutateExsiting policies
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* replace gr by ur across entire packages
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add YAMLs
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update api docs & fix unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add UR deletion handler
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add api docs for v1beta1
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix clientset method
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix v1beta1 client registration
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* feat: mutate existing - generates UR for admission requests (#3623 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* replace with UR in policy controller generate rules (#3635 )
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
* - enable mutate engine to process mutateExisting rules; - add unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* implemented ur background reconciliation for mutateExisting policies
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix webhook update error
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* temporary comment out new unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* feat: mutate existing, replace GR by UR in webhook server (#3601 )
* add attributes for post mutation
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add UR informer to webhook server
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* - replace gr with ur in the webhook server; - create ur for mutateExsiting policies
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* replace gr by ur across entire packages
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix missing policy.kyverno.io/policy-name label (#3599 )
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
* refactor cli code from pkg to cmd (#3591 )
* refactor cli code from pkg to cmd
Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com>
* fixes in imports
Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com>
* fixes tests
Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com>
* fixed conflicts
Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com>
* moved non-commands to utils
Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
* add YAMLs
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update api docs & fix unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add UR deletion handler
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add api docs for v1beta1
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix clientset method
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add-kms-libraries for cosign (#3603 )
* add-kms-libraries
Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>
* Shifted providers to cosign package
Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Add support for custom image extractors (#3596 )
Signed-off-by: Sambhav Kothari <skothari44@bloomberg.net>
* Update vulnerable dependencies (#3577 )
Signed-off-by: Shubham Gupta <shubham.gupta2956@gmail.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix v1beta1 client registration
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* feat: mutate existing - generates UR for admission requests (#3623 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* updating version in Chart.yaml (#3618 )
* updatimg version in Chart.yaml
Signed-off-by: Prateeknandle <prateeknandle@gmail.com>
* changes from, make gen-helm
Signed-off-by: Prateeknandle <prateeknandle@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Allow kyverno-policies to have preconditions defined (#3606 )
* Allow kyverno-policies to have preconditions defined
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
* Fix docs
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* replace with UR in policy controller generate rules (#3635 )
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* - enable mutate engine to process mutateExisting rules; - add unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* implemented ur background reconciliation for mutateExisting policies
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix webhook update error
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* temporary comment out new unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Image verify attestors (#3614 )
* fix logs
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix logs
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* support multiple attestors
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* rm CLI tests (not currently supported)
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* apply attestor repo
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix linter issues
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix entryError assignment
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* format
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add intermediary certs
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* Allow defining imagePullSecrets (#3633 )
* Allow defining imagePullSecrets
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
* Use dict for imagePullSecrets
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
* Simplify how imagePullSecrets is defined
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Fix race condition in pCache (#3632 )
* fix race condition in pCache
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* refact: remove unused Run function from generate (#3638 )
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
* Remove helm mode setting (#3628 )
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* refactor: image utils (#3630 )
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* -resolve lift comments; -fix informer sync issue
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* refact the update request cleanup controller
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
* - fix delete request for mutateExisting; - fix context variable substitution; - improve logging
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* - enable events; - add last applied annotation
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* enable mutate existing on policy creation
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update autogen code
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* merge main
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* address list comments
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update api docs
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix "Implicit memory aliasing in for loop"
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* remove unused definitions
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update api docs
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
Co-authored-by: Mritunjay Kumar Sharma <mritunjaysharma394@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Co-authored-by: Anushka Mittal <55237170+anushkamittal20@users.noreply.github.com>
Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>
Co-authored-by: Shubham Gupta <shubham.gupta2956@gmail.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Prateek Nandle <56027872+Prateeknandle@users.noreply.github.com>
Co-authored-by: treydock <tdockendorf@osc.edu>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-04-25 12:20:40 +00:00
Sambhav Kothari
ec4e4ba452
Add support for custom image extractors ( #3596 )
...
Signed-off-by: Sambhav Kothari <skothari44@bloomberg.net>
2022-04-14 09:08:30 -07:00
Charles-Edouard Brétéché
339cac028e
chore: add some make help comments ( #3560 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-04-07 10:48:47 +05:30
Charles-Edouard Brétéché
4b3de26433
refactor: use BackgroundProcessingEnabled method ( #3544 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2022-04-05 04:16:45 +08:00
Charles-Edouard Brétéché
20069c13c3
feat: stop mutating rules ( #3410 )
...
* feat: stop adding autogen annotation
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* feat: stop mutating rules
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* feat: stop mutating rules
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* fix: use toggle
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* fix: review comments
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2022-03-28 22:01:27 +08:00
Charles-Edouard Brétéché
88afd0dd31
refactor: create e2e infra using make to speed up e2e tests ( #3470 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
2022-03-26 00:08:38 +08:00
Abhi Kapoor
1b10f18086
Drop v1alpha1 PolicyReport CRD ( #3437 )
...
* Drop v1alpha1 PolicyReport CRD
Signed-off-by: abhi-kapoor <43758739+abhi-kapoor@users.noreply.github.com>
* Drop v1alpha1 kyverno package
Signed-off-by: abhi-kapoor <43758739+abhi-kapoor@users.noreply.github.com>
* Update Makefile to remove references for v1alpha1
Signed-off-by: abhi-kapoor <43758739+abhi-kapoor@users.noreply.github.com>
* Update helm manifests
Signed-off-by: abhi-kapoor <43758739+abhi-kapoor@users.noreply.github.com>
2022-03-22 17:08:25 +00:00
Charles-Edouard Brétéché
4ad7607ea4
chore: add make help target ( #3405 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-03-16 13:48:31 +00:00
Charles-Edouard Brétéché
9ac35f9698
chore: add more codegen target and verifications ( #3393 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Prateek Pandey <prateekpandey14@gmail.com>
2022-03-16 15:01:35 +05:30
Sambhav Kothari
6498425937
Add a registry flag to allow direct access to container registries in the CLI ( #3396 )
...
* Add a registry flag to allow direct access to container registries in the CLI
Signed-off-by: Sambhav Kothari <sambhavs.email@gmail.com>
2022-03-16 09:56:47 +05:30
Charles-Edouard Brétéché
cc807b383e
chore: makefile should not makefile go.mod ( #3394 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-03-15 16:30:57 +05:30
Charles-Edouard Brétéché
1a1973c1b5
chore: add helm crds to make codegen target ( #3375 )
...
* fix: configmap resource filters generated by helm does not account for namespace
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
* chore: add helm crds to make codegen target
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2022-03-14 15:12:29 +00:00
Abhinav Sinha
9bb7238a22
Add codecov to CI ( #3382 )
...
* Add `codecov` to CI
Signed-off-by: Abhinav Sinha <abhinav@nirmata.com>
* Add `codecov` badge for `main` to `README.md`
Signed-off-by: Abhinav Sinha <abhinav@nirmata.com>
* Addressed code review
Signed-off-by: Abhinav Sinha <abhinav@nirmata.com>
2022-03-14 16:21:27 +08:00
Charles-Edouard Brétéché
de6fa9fd19
fix: generate api reference docs ( #3377 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-03-11 20:02:59 +05:30
Charles-Edouard Brétéché
78239a2947
chore: gen helm crds from config crds ( #3356 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2022-03-10 15:07:48 +00:00
Shubham Nazare
4c1a8336b0
Add new test-case-selector flag to test command ( #3183 )
...
* added new test-case flag to test command
Signed-off-by: Shubham Nazare <shubham4443@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Co-authored-by: Sambhav Kothari <skothari44@bloomberg.net>
2022-03-09 07:40:53 +00:00
Charles-Edouard Brétéché
51501cce9d
chore: check helm docs are up to date ( #3310 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2022-03-08 15:10:53 +00:00
Charles-Edouard Brétéché
51db68ba20
chore: verify codegen in CI ( #3343 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-03-07 15:13:36 +05:30
Prateek Pandey
4846bd0293
fetch tag across all branches instead of current branch ( #3324 )
...
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
2022-03-01 11:59:28 -08:00
Naman Lakhwani
985e2cc158
adding check for digest and update git command
...
Signed-off-by: Naman Lakhwani <namanlakhwani@gmail.com>
2022-03-01 18:36:16 +05:30
Naman Lakhwani
6b5bcfcc42
correcting makefile latest tag ( #3314 )
...
Signed-off-by: Naman Lakhwani <namanlakhwani@gmail.com>
2022-02-28 19:02:24 +00:00
Charles-Edouard Brétéché
b7f6fc81db
feat: gen kyverno-policies helm chart docs ( #3301 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-02-25 16:22:00 +00:00
Sambhav Kothari
c4075af3d1
Improve CLI test times by instantiating openapi controller once ( #3297 )
...
Signed-off-by: Sambhav Kothari <sambhavs.email@gmail.com>
2022-02-24 23:34:12 +08:00
Sambhav Kothari
e9e96e7b1c
Run E2E tests on all supported k8s versions ( #3256 )
2022-02-23 15:52:08 +00:00
Naman Lakhwani
a9c9b25bb5
latest will point to main ( #3285 )
...
Signed-off-by: Naman Lakhwani <namanlakhwani@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2022-02-23 15:30:49 +00:00
