mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-15 17:51:20 +00:00
Code Activity
3687 commits 15 branches 540 tags 276 MiB
Commit graph

2085 commits

Author SHA1 Message Date
shuting
1ebf2723b2 cherry-pick ddab7a3a66 
Signed-off-by: ShutingZhao <shutting06@gmail.com>
 2021-11-11 14:36:22 -08:00
Jim Bugwadia
c4c29bc6ad Merge pull request #2559 from vyankyGH/Fix/Foreach_issue 
Fix : Foreach fails the whole policy if the list is not there
Signed-off-by: ShutingZhao <shutting06@gmail.com>
 2021-10-19 10:31:43 -07:00
Jim Bugwadia
f5b11a3544 fix mutate handling of skipped rules (#2557) 
Signed-off-by: ShutingZhao <shutting06@gmail.com>
 2021-10-18 15:53:19 -07:00
Jim Bugwadia
1c3ff11f7c fix check for CREATE request (#2551) 
* fix check for CREATE request

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add unit test

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fmt

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix test

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: ShutingZhao <shutting06@gmail.com>
 2021-10-18 09:46:51 -07:00
Jamie
3de1b7b69f fix: found a handful other magic strings that needed some webhook love (#2546) 
Signed-off-by: Random J Developer <interns@coreweave.com>

Signed-off-by: Jamie Roberts <jroberts@coreweave.com>
Signed-off-by: ShutingZhao <shutting06@gmail.com>
 2021-10-15 09:58:05 -07:00
Jim Bugwadia
519c51b8b2 Merge pull request #2545 from realshuting/fix_podexec 
Fix webhook update for PodExecOptions

Signed-off-by: ShutingZhao <shutting06@gmail.com>
 2021-10-14 14:27:59 -07:00
Marcus Noble
b6b807a206 added base64 jmespath functions (#2542) 
* added base64 jmespath functions

Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>

* added base64_decode test to emulate working with secret

Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>

* Update regex to allow number in func name

Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>

* Added CLI tests for preconditions and custom funcs

Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>

Co-authored-by: AverageMarcus <git@marcusnoble.co.uk>
Co-authored-by: Bricktop <marcel.mueller1@rwth-aachen.de>
Signed-off-by: ShutingZhao <shutting06@gmail.com>
 2021-10-14 11:47:31 -07:00
Kumar Mallikarjuna
57ea6a809a element variable lifecycle (#2535) 
* Foreach element with background false

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* Tests for foreach element

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* Update Test_Validation_invalid_backgroundPolicy

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* CLI: Print invalid policies

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* Remove redundant Sprintf() calls

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* Updated tests for foreach list

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>
Signed-off-by: ShutingZhao <shutting06@gmail.com>
 2021-10-14 10:20:18 -07:00
Vyankatesh Kudtarkar
17956bfd19 support list foreach (#2522) 
* support list foreach

* fix testcase for each

* fix mutate issue

* Fix mutate patch issue

* fix yaml

* fix e2e test foreach validate list

* code indentation

* fix comments

* delete unwanted files

Signed-off-by: ShutingZhao <shutting06@gmail.com>
 2021-10-14 00:21:40 -07:00
Vyankatesh Kudtarkar
2143709d1a cherry-pick wildcard support 
Signed-off-by: ShutingZhao <shutting06@gmail.com>
 2021-10-14 00:20:22 -07:00
Pooja Singh
ab742f4d68 Merge pull request #2538 from NoSkillGirl/adding_error_count_for_mutate_in_CLI 
Added error count for mutate response | CLI

Signed-off-by: ShutingZhao <shutting06@gmail.com>
 2021-10-13 17:50:40 -07:00
Marcus Noble
2729d369f8 fixed incorrect character class in regex (#2526) 
* fixed incorrect character class in regex

* added general support for functions in allowed vars

* Update pkg/kyverno/common/regex.go

Co-authored-by: Bricktop <marcel.mueller1@rwth-aachen.de>

* convert tests to use test cases

* fixed formatting

Co-authored-by: Bricktop <marcel.mueller1@rwth-aachen.de>
Signed-off-by: ShutingZhao <shutting06@gmail.com>
 2021-10-13 17:42:35 -07:00
shuting
e557a09aed fix mutate foreach auto-gen rules (#2507) 
Signed-off-by: ShutingZhao <shutting06@gmail.com>
 2021-10-13 16:35:25 -07:00
Jim Bugwadia
0153bd7c72
fix cmd line tests (#2502) 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-07 15:25:44 -07:00
shuting
9dc2c2b4bf
Bugfixes - handle verifyImage rules for webhooks configurations (#2501) 
* dynamic webhooks for verifyImages rule

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* add namespace env to the initContainer

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* add debug log

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* update operator schema validation tag

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* set policy to ready if auto-update-webhook disabled

Signed-off-by: ShutingZhao <shutting06@gmail.com>
 2021-10-07 13:50:30 -07:00
Vyankatesh Kudtarkar
5164d833ed Fix autogen for varifyImage 2021-10-07 17:16:46 +05:30
Vyankatesh Kudtarkar
ee19d49a94 Fix autogen issue 2021-10-07 16:21:39 +05:30
Vyankatesh Kudtarkar
176f139f26 Fix autogen issue for Foreach mutate policy 2021-10-07 16:12:34 +05:30
Pooja Singh
80936fa2d8
Merge pull request #2492 from realshuting/bugfixes 
bugfixes - dynamic webhooks, e2e failure
 2021-10-07 13:11:13 +05:30
Jim Bugwadia
69bb7090a4
Merge pull request #2493 from JimBugwadia/feature/foreach_mutate 
Feature/foreach mutate
 2021-10-07 00:32:22 -07:00
Jim Bugwadia
b56757ce2a generate code and CRDs 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-06 23:16:40 -07:00
Jim Bugwadia
1c0a303106 fix merge error 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-06 22:48:56 -07:00
Jim Bugwadia
7c761b4bc9 Merge branch 'main' into feature/foreach_mutate 2021-10-06 22:45:03 -07:00
Jim Bugwadia
4c63442028 separate MutateResourceWithImageInfo from buildContext and add comments 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-06 22:19:47 -07:00
ShutingZhao
6dbb529267 fix e2e test failure 
Signed-off-by: ShutingZhao <shutting06@gmail.com>
 2021-10-06 22:12:48 -07:00
Jim Bugwadia
ed93a9bddf
Merge pull request #2487 from JimBugwadia/feature/cosign_attest 
Feature/cosign attest
 2021-10-06 22:10:03 -07:00
Jim Bugwadia
683543d8e2 fmt 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-06 22:05:28 -07:00
Jim Bugwadia
fa1816d605 fix tests 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-06 21:50:26 -07:00
ShutingZhao
b42c44eff0 update policy status to false if error occurs 2021-10-06 20:48:36 -07:00
ShutingZhao
08d75245a2 matching resources should be updated separate for mutate and validate rules 
Signed-off-by: ShutingZhao <shutting06@gmail.com>
 2021-10-06 20:43:19 -07:00
Jim Bugwadia
b9d4ee6876 fix tests 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-06 18:31:20 -07:00
Vyankatesh Kudtarkar
05a0737184
Fix Autogen issue for any/all block and new rule foreach (#2471) 
* Fix Autogen issue for any/all block and Support gvk in match kind block

* remove log and fix test

* Fix issues

* Fix cronjob issue

* Fix autogen for Foreach

* Fix autogen for For each

* Fix for each issue

* adding missing assignements

* Update autogen for foreach rule
 2021-10-06 16:19:55 -07:00
Pooja Singh
ac5929fc7a
added validation for generte resource (#2484) 
Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-10-06 16:18:28 -07:00
Kumar Mallikarjuna
254be4c1d3
Leader Election for initContainer (#2489) 
* Local build

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* Leader Election for initContainer

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* Lease deletion

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* Use wrc client

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* log error out

Signed-off-by: ShutingZhao <shutting06@gmail.com>

Co-authored-by: ShutingZhao <shutting06@gmail.com>
 2021-10-06 16:12:07 -07:00
Jim Bugwadia
676bd5f4be fmt 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-06 11:18:36 -07:00
Jim Bugwadia
0bb35aa302 merge main 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-06 10:51:43 -07:00
Anushka Mittal
7963263776
Adding log statements in context.go (#2483) 
* adding logs in context.go

Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>

* minor modifications

Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>
 2021-10-06 10:29:28 -07:00
Jim Bugwadia
619ee6ac61 fix loop 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-06 09:55:23 -07:00
Jim Bugwadia
7c57ac24e6 update CRDs 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-06 00:58:45 -07:00
Jim Bugwadia
90edc69dcf merge and update 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-05 22:42:42 -07:00
shuting
b7473b018b
update deepcopy methods for types.fo (#2478) 2021-10-05 16:57:10 -07:00
Pooja Singh
ca62172b6f
Merge pull request #2462 from NoSkillGirl/feat/support_mutate_in_cli 
Kyverno CLI | Support mutate policies for `test` command
 2021-10-05 21:27:31 +05:30
NoSkillGirl
364174d372 removed print statements 
Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-10-05 14:57:48 +05:30
shuting
b10947b975
Dynamic webhooks (#2425) 
* support k8s 1.22, update admissionregistration.k8s.io/v1beta1  to admissionregistration.k8s.io/v1

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* - add failurePolicy to policy spec; - fix typo

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* - add schema validation for failurePolicy; - add a printer column

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* set default failure policy to fail if not defined

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* resolve conflicts

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* fix missing type for printerColumn

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* refactor policy controller

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* add webhook config manager

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* - build webhook objects per policy update; - add fail webhook to default webhook configurations

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* fix panic on policy update

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* build default webhook: match empty if autoUpdateWebhooks is enabled, otherwise match all

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* - set default webhook configs rule to empty; - handle policy deletion

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* reset webhook config if policies with a specific failurePolicy are cleaned up

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* handle wildcard pocliy

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* update default webhook timeout to 10s

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* cleanups

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* added webhook informer to re-create it immediately if missing

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* update tag webhookTimeoutSeconds description

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* fix e2e tests

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* fix linter issue

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* correct metric endpoint

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* add pol.generate.kind to webhooks

Signed-off-by: ShutingZhao <shutting06@gmail.com>
 2021-10-05 00:15:09 -07:00
NoSkillGirl
0614c2db1f fixed rule pointer 
Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-10-05 12:39:58 +05:30
NoSkillGirl
5ca33ce902 Merge branch 'main' of github.com:kyverno/kyverno into feat/support_mutate_in_cli 2021-10-05 12:23:34 +05:30
NoSkillGirl
a2e106a87a fixed global variable test cases 
Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-10-05 11:11:54 +05:30
NoSkillGirl
8e0ac567e1 fixed test-validate-image-tag-ignore test case 
Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-10-05 11:11:54 +05:30
NoSkillGirl
7b94a7477b panic fix 
Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-10-05 11:11:54 +05:30
NoSkillGirl
1bf48c54a8 improving if condition 
Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-10-05 11:11:54 +05:30