mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00
Code Activity
2586 commits 16 branches 550 tags 288 MiB
Commit graph

1368 commits

Author SHA1 Message Date
Shuting Zhao
2292bf860b update policyreport group to wgpolicyk8s.io 2020-11-11 15:09:07 -08:00
shuting
5e07ecc5f3
Add Policy Report (#1229) 
* add report in cli

* policy report crd added

* policy report added

* configmap added

* added jobs

* added jobs

* bug fixed

* added logic for cli

* common function added

* sub command added for policy report

* subcommand added for report

* common package changed

* configmap added

* added logic for kyverno cli

* added logic for jobs

* added logic for jobs

* added logic for jobs

* added logic for cli

* buf fix

* cli changes

* count bug fix

* docs added for command

* go fmt

* refactor codebase

* remove policy controller for policyreport

* policy report removed

* bug fixes

* bug fixes

* added job trigger if needed

* job deletation logic added

* build failed fix

* fixed e2e test

* remove hard coded variables

* packages adde

* improvment added in jobs sheduler

* policy report yaml added

* cronjob added

* small fixes

* remove background sync

* documentation added for report command

* remove extra log

* small improvement

* tested policy report

* revert hardcoded changes

* changes for demo

* demo changes

* resource aggrigation added

* More changes

* More changes

* - resolve PR comments; - refactor jobs controller

* set rbac for jobs

* add clean up in job controller

* add short names

* remove application scope for policyreport

* move job controller to policyreport

* add report logic in command apply

* - update policy report types;  - upgrade k8s library; - update code gen

* temporarily comment out code to pass CI build

* generate / update policyreport to cluster

* add unit test for CLI report

* add test for apply - generate policy report

* fix unit test

* - remove job controller; - remove in-memory configmap; - clean up kustomize manifest

* remove dependency

* add reportRequest / clusterReportRequest

* clean up policy report

* generate report request

* update crd clusterReportRequest

* - update json tag of report summary; - update definition manifests; -  fix dclient creation

* aggregate reportRequest into policy report

* fix unit tests

* - update report summary to optional; - generate clusterPolicyReport; - remove reportRequests after merged to report

* remove

* generate reportRequest in kyverno namespace

* update resource filter in helm chart

* - rename reportRequest to reportChangeRequest; -rename clusterReportRequest to clusterReportChangeRequest

* generate policy report in background scan

* skip generating report change request if there's entry results

* fix results entry removal when policy / rule gets deleted

* rename apiversion from policy.kubernetes.io to policy.k8s.io

* update summary.* to lower case

* move reportChangeRequest to kyverno.io/v1alpha1

* remove policy report flag

* fix report update

* clean up policy violation CRD

* remove violation CRD from manifest

* clean up policy violation code - remove pvGenerator

* change severity fields to lower case

* update import library

* set report category

Co-authored-by: Yuvraj <yuvraj.yad001@gmail.com>
Co-authored-by: Yuvraj <10830562+evalsocket@users.noreply.github.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
 2020-11-09 11:26:12 -08:00
Jim Bugwadia
50fa042bbc
Merge pull request #1233 from realshuting/add_kubectl_printer_columns 
Print validationFailureAction with kubectl get
 2020-11-03 17:55:02 -08:00
Shuting Zhao
97e6382aaf update description 2020-11-03 16:57:47 -08:00
Shuting Zhao
d19a44d34c print fields failreAction and background for kyverno policy 2020-11-03 16:31:41 -08:00
Shuting Zhao
61e4088a53 improve eventGen logging 2020-11-03 16:07:02 -08:00
Shuting Zhao
8e0650804f improve error log 2020-11-03 15:41:17 -08:00
Shuting Zhao
d8d5160bce fix #1192 2020-11-03 15:31:58 -08:00
Jim Bugwadia
48b98bd17b
allow text after patch versions (#1230) 2020-11-02 22:14:36 -08:00
Jim Bugwadia
7e9b08baeb
Feature/make operators case insensitive (#1217) 
* fix typo

* make operators case insensitive

* fix case statement
 2020-10-29 15:00:22 -07:00
Jim Bugwadia
062d794cad fix conversion errors 2020-10-22 11:59:11 -07:00
Jim Bugwadia
ac2ab7b74e update pod security context and switch to higher port 2020-10-22 00:41:25 -07:00
Jim Bugwadia
1f24ea6f75
fix regex for allowed variable to support spaces (#1200) 
* fix regex for allowed variable to support spaces

* remove log

* fix regex
 2020-10-19 12:36:55 -07:00
Jim Bugwadia
ae0c09a05c remove ContextEntry.path (prototype for API server lookup) 2020-10-14 18:48:23 -07:00
Jim Bugwadia
7f5c19332a update name 2020-10-14 18:30:18 -07:00
Jim Bugwadia
2c9a99b55d fix mutation.go 2020-10-14 18:21:55 -07:00
Jim Bugwadia
2de8d60015 Merge branch 'master' into feature/migrate_website 2020-10-14 18:00:44 -07:00
Jim Bugwadia
4ea1126fce remove docs and update README.md 2020-10-14 17:39:45 -07:00
Pooja Singh
7ed8c18110
small fix (#1195) 2020-10-14 14:58:16 -07:00
Pooja Singh
e3521ef96c
cleanup cli output (#1180) 2020-10-09 15:19:28 -07:00
Jim Bugwadia
5c328f3cc9
Merge pull request #1176 from realshuting/self-signed-cert 
Use Self-signed certificate to build TLS webhook server
 2020-10-07 15:37:14 -07:00
Shuting Zhao
2152d354a9 migrate repo 2020-10-07 15:09:52 -07:00
Shuting Zhao
e8c5d47bdf update names 2020-10-07 14:44:36 -07:00
Shuting Zhao
3c65f343fe update secret with unstructured obj 2020-10-07 14:30:00 -07:00
Shuting Zhao
db92f20364 - use self-signed certificate to build TLS webhook server; 
- remove CSR related code
 2020-10-07 14:19:23 -07:00
Shuting Zhao
cdc5190c56 update nirmata/kyverno to kyverno/kyverno 2020-10-07 11:12:31 -07:00
Pooja Singh
ccdcb6ae89
Feature/read from stdin validate (#1171) 
* temp

* added pipe logic for validate

* fixed test cases - policy mutation
 2020-10-06 17:50:53 -07:00
Pooja Singh
7fc0eaaee3
added condition for exclude selector (#1169) 
* added exclude selector condition

* small fix
 2020-10-06 14:27:40 -07:00
Pooja Singh
168c92333c
Feature/read from stdin (#1165) 
* temp

* added pipe logic for apply

* removed comments

* updated readme
 2020-10-01 18:22:58 -07:00
Pooja Singh
2f9d77f6d1
Merge pull request #1151 from NoSkillGirl/bug/validate_apiversion_change 
fixed yaml package for CLI validate
 2020-10-01 18:34:48 +05:30
Jim Bugwadia
5f8c38966a
remove mutation message when no rules are applied (#1162) 2020-09-30 11:37:40 -07:00
NoSkillGirl
b9b28b40fb fixed yaml package 2020-09-30 00:51:07 +05:30
Shuting Zhao
b8b1d81df0 handles array parsing in configmap value 2020-09-22 18:26:52 -07:00
Mohan B E
bd406f5bb8
added conversion of overlay to patch strategic merge (#1138) 
* added conversion of overlay to patch strategic merge and modified unittest for the same

* updated best practice policy
 2020-09-22 16:19:09 -07:00
Mohan B E
51ac382c6c
Feature/configmaps var 724 (#1118) 
* added configmap data substitution for foreground mutate and validate

* added configmap data substitution for foreground mutate and validate fmt

* added configmap lookup for background

* added comments to resource cache

* added configmap data lookup in preConditions

* added parse strings in In operator and configmap lookup docs

* added configmap lookup docs

* modified configmap lookup docs
 2020-09-22 14:11:49 -07:00
Yuvraj
e5fb55f1c6
Generate policy with backword compatibility (#1125) 
* fix generate label issue

* fix generate issue for old namespace

* small fix

* added backword compatibility

* condition changed

* extra code remove
 2020-09-18 12:34:43 -07:00
Mohan B E
a1081c8f82
fixed policy validationa and patch strategic merge bug (#1136) 2020-09-18 12:18:13 -07:00
Pooja Singh
46158ee695
Fixes CLI bug - mutate resource and variable substitution (#1123) 
* fixed passing multiple resource for -f flag

* fixed saving mutated resource

* comment removed
 2020-09-16 12:05:07 -07:00
Pooja Singh
ba5c656d76
converting patches to patchesJSON6902 (#1115) 
* converting patches to patchesJSON6902

* updated readme

* removed patch section from readme
 2020-09-16 10:53:05 -07:00
shuting
3fa745bc3e
Bugfix policymutation (#1119) 
* fix policy mutation - autogen does not have exclude

* update doc
 2020-09-15 22:58:55 -07:00
shuting
f82b4a4952
skip policy mutation on status update (#1112) 2020-09-14 10:56:06 -07:00
Mohan B E
95542908eb
fixed additional anchor bug in patch strategic merge (#1114) 2020-09-14 10:25:00 -07:00
NoSkillGirl
b1a2ab398b fixed duplicate name 2020-09-09 20:17:20 +05:30
Mohan B E
c5e9d6db15
added autogen for patch strategic merge (#1104) 2020-09-04 16:20:20 -07:00
NoSkillGirl
4f8a765ce1 fixed return 2020-09-04 19:42:29 +05:30
Yuvraj
b7524467a3
Reconcile Generate request on policy update (#1096) 
* policy report crd added

* added namespaced rule

* remove extra field from crd

* revert crd change

* remove policy report chnages

* remove policy report chnages

* remove policy report chnages

* remove policy report chnages

* added logic for gr

* revert changes

* fixed generate rules

* fixed generate rules

* fixed generate rules

* fixed generate rules

* remove extra logs

* remove extra logs

* fixed e2e test

* remove extra logs

* crd issue resolved

* added check for sync

* add labels update

* add label update

* added permission to role

* roles added to helm

* roles added to helm
 2020-09-03 14:34:23 -07:00
Pooja Singh
154b1c1eb9
Merge pull request #1095 from NoSkillGirl/feature/support_openapi_v3 
added validation for openapi_v3
 2020-09-03 23:02:17 +05:30
Mohan B E
118b40c644
added invalid field validation for policy (#1094) 2020-09-03 22:14:54 +05:30
shuting
931d7cd47c
Set mutating webhhok reinvocationPolicy to IfNeeded (#1097) 
* add watch policy to clusterrole kyverno:customresources

* fix build

* fix nil pointer

* skip json patches if the mutation is re-invoked

* set resource mutating webhook invocation policy to IfNeeded
 2020-09-03 08:54:37 -07:00
NoSkillGirl
70108232ec added return 2020-09-03 09:47:43 +05:30