mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00
Code Activity
1338 commits 16 branches 550 tags 288 MiB
Commit graph

651 commits

Author SHA1 Message Date
Shuting Zhao
45dc0bd358 Merge commit 'da5c03f89df3007088b27fc84b08827170e16eda' into 345_support_usergroup_info 
# Conflicts:
#	test/scenarios/samples/best_practices/add_safe_to_evict2.yaml
 2019-11-13 00:31:07 -08:00
Jim Bugwadia
9d63cfc192 Merge branch 'master' into 452_make_sample_policy_rule_names_consistent 2019-11-12 23:16:01 -08:00
Shuting Zhao
3dd9672a5d handle error properly 2019-11-12 10:05:10 -08:00
Shuting Zhao
2a14c1f5dc - add profiling; - fix CLI 2019-11-11 21:23:26 -08:00
Shuting Zhao
546a25d025 add missing file 2019-11-11 21:06:09 -08:00
Shuting Zhao
85d04f609c remove overlay failure conditionNotPresent as it allows the tag not present 2019-11-11 21:03:34 -08:00
Shuting Zhao
5a3ed62b13 Merge branch 'master' into 345_support_usergroup_info 
# Conflicts:
#	pkg/engine/validation_test.go
#	pkg/webhooks/annotations.go
#	pkg/webhooks/annotations_test.go
#	pkg/webhooks/mutation.go
#	pkg/webhooks/server.go
#	pkg/webhooks/validation.go
 2019-11-11 19:19:08 -08:00
Shuting Zhao
d26029d3be fix unit test 2019-11-11 19:08:46 -08:00
Shuting Zhao
6c8f4f90da fix patches annotation 2019-11-11 18:52:26 -08:00
Jim Bugwadia
8348c5761c fix tests 2019-11-11 18:51:21 -08:00
Jim Bugwadia
87be5ca4b8 update policies and test cases 2019-11-11 17:55:54 -08:00
Jim Bugwadia
3ffb0cfa39 add disallow_sysctl and move policies 2019-11-11 17:17:09 -08:00
Shuting Zhao
02fd1227be reverse listResource interface 2019-11-11 16:10:55 -08:00
Shuting Zhao
586b197b00 user sharedInformer for rolebindings and clusterrolebindings 2019-11-11 15:43:13 -08:00
Shuting Zhao
03e85c2266 make getRoleRef a separate package 2019-11-11 14:52:09 -08:00
Shuting Zhao
4a80f70957 add unit test 2019-11-11 14:29:36 -08:00
Jim Bugwadia
05503e4fd1 update other policies 2019-11-11 14:09:07 -08:00
Shuting Zhao
5b0a6d62a4 add unit test 2019-11-11 09:56:53 -08:00
Jim Bugwadia
dd4d091c23 update restrict_automount_sa_token 2019-11-10 21:57:20 -08:00
Jim Bugwadia
5e8b6c4183 update add_networkPolicy 2019-11-10 21:27:50 -08:00
Jim Bugwadia
244909ebb3 update require_probes 2019-11-10 21:18:17 -08:00
Jim Bugwadia
c1be682a93 update require_pod_requests_limits 2019-11-10 21:06:49 -08:00
Jim Bugwadia
f668113904 update add_ns_quota 2019-11-10 20:58:57 -08:00
Jim Bugwadia
a6d5fb6e30 update restrict_image_registries 2019-11-10 18:13:01 -08:00
Jim Bugwadia
f31abbffab update disallow_latest_tag 2019-11-10 17:54:38 -08:00
Jim Bugwadia
7f54e8e2e3 Merge branch '451_fix_disallow_host_net_port' into 452_make_sample_policy_rule_names_consistent 
# Conflicts:
#	samples/best_practices/disallow_host_network_hostport.yaml
#	test/scenarios/samples/best_practices/disallow_host_network_port.yaml
 2019-11-10 17:35:43 -08:00
Jim Bugwadia
20736e5e81 update disallow_default_namespace and disallow_host_network_port and disallow_host_pid_ipc 2019-11-10 15:50:18 -08:00
Jim Bugwadia
170e2a5179 update disallow_docker_sock_mount and disallow_host_network_port 2019-11-10 12:53:48 -08:00
Jim Bugwadia
fd1a26db29 update DisallowBindMounts 2019-11-09 16:33:19 -08:00
Jim Bugwadia
fae8ac0325 update RequireReadOnlyRootFS 2019-11-09 16:18:33 -08:00
Jim Bugwadia
121b81a83b update disallow new capabilities 2019-11-09 16:07:16 -08:00
Shivkumar Dudhani
1613434c46
458 cleanup (#464) 
* cleanup of policy violation on policy spec changes + refactoring

* remove unused code

* remove duplicate types

* cleanup references

* fix info log and clean code

* code clean

* remove dead code
 2019-11-08 20:45:26 -08:00
Jim Bugwadia
cba79c69a2 update disallow_priviledged 2019-11-08 20:04:42 -08:00
Jim Bugwadia
5ce8fd7a9a update disallow_root_user 2019-11-08 19:25:43 -08:00
Jim Bugwadia
6baa678e27 rename add_safe_to_evict 2019-11-08 19:02:49 -08:00
Shuting Zhao
981b378c86 match rbac info when process a rule 2019-11-08 18:58:09 -08:00
Shuting Zhao
6048d59949 change engine interface to take policyContext struct 2019-11-08 18:57:27 -08:00
Shuting Zhao
0e9a952d64 get rbac info for an admission request 2019-11-08 18:56:24 -08:00
Shuting Zhao
3f59b4cf10 change client.ListResource to take listOptions 2019-11-08 18:54:43 -08:00
Shuting Zhao
a7e55ed25e update types for match/exclude 2019-11-08 18:53:29 -08:00
Shivkumar Dudhani
687c0c6470
Merge pull request #418 from nirmata/391_feature 
Check if mutating webhook admission control is enabled
 2019-11-08 12:55:28 -08:00
Shuting Zhao
ec331b8d17 remove resource info in the validation error 2019-11-07 12:30:58 -08:00
Shuting Zhao
a30b8a604d update format 2019-11-07 12:13:35 -08:00
Shuting Zhao
443619757e update tests/scenario 2019-11-07 12:13:35 -08:00
Shuting Zhao
15895d3852 - aggregate resource info per rule; - remove resource info in each success message; 2019-11-07 12:13:35 -08:00
Shuting Zhao
2dec70cc72 make expected message optional in scenario file 2019-11-07 12:13:34 -08:00
Shuting Zhao
98fa90bf1e update validation_test.go 2019-11-07 12:13:34 -08:00
Shuting Zhao
58054ef5b6 remove duplicate test 2019-11-07 12:13:34 -08:00
Shuting Zhao
de9ebd899b improve validation error message; update scenario files 2019-11-07 12:13:34 -08:00
Shuting Zhao
e3c9282e6a fix edit failure blocked by annotation change 
- as we change the patches key in annotation to "policies.kyverno.io/patches" in commit bdb3f40f15
 2019-11-07 12:13:34 -08:00