kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00

Author	SHA1	Message	Date
Charles-Edouard Brétéché	30261b5235	feat: add conditions support (#3378 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-18 22:00:01 +08:00
Charles-Edouard Brétéché	865eef248d	feat: stop adding autogen annotation (#3379 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-18 11:30:49 +00:00
shuting	cc10feb906	fix webhook configuration issue when auto update is disabled (#3417 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-03-18 10:05:00 +00:00
Aidan Delaney	def19d2ec0	Ignore test files that do not end in test.yaml (#3402 ) Some editors create backup files when editing. So users will edit kyverno-test.yaml and end up with both kyverno-test.yaml and kyverno-test.yaml~ (or some variant). This change ignores backup files that append a character to the string `test.yaml` Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com> Signed-off-by: Aidan Delaney <adelaney21@bloomberg.net> Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com> Co-authored-by: Sambhav Kothari <skothari44@bloomberg.net>	2022-03-18 09:31:01 +00:00
Charles-Edouard Brétéché	4ce5c972ee	refactor: Policy name validation (#3409 ) * refactor: UserInfo validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: Rule type validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: Rule names validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: Policy name validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-18 01:02:35 +08:00
Abhinav Sinha	17caa561ec	Replace `ToUnstructured()` with Marshal/Unmarshal (#3150 ) Signed-off-by: Abhinav Sinha <abhinav@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-17 14:20:24 +00:00
Christian Kotzbauer	860253d6aa	[ImageVerify] Verify additional certificate-extensions (#3404 ) * feat: add additionalExtensions to keyless imageVerify Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de> * feat: regenerate code Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de>	2022-03-17 08:42:12 +00:00
Charles-Edouard Brétéché	b0860ba177	fix: filter resources names with helm custom release name (#3361 ) * fix: configmap resource filters generated by helm does not account for namespace Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: ignore resources by helm chart Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-17 07:51:08 +00:00
Charles-Edouard Brétéché	cc212ac766	refactor: Rule names validation (#3406 ) * refactor: UserInfo validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: Rule type validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: Rule names validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-03-17 11:36:21 +08:00
Charles-Edouard Brétéché	adcb71f1d6	refactor: Rule type validation (#3400 ) * refactor: UserInfo validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: Rule type validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-16 21:57:31 +00:00
Charles-Edouard Brétéché	33df85cc0c	chore: remove check-helm-docs workflow (#3408 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-16 13:55:21 -07:00
Charles-Edouard Brétéché	5541189c6c	refactor: UserInfo validation (#3399 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-16 16:15:46 +00:00
shuting	69518b7c9c	Fix webhook re-creation error (#3403 ) * fix webhook re-creation issue Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix webhook monitor blocking call Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-03-16 15:23:46 +00:00
Charles-Edouard Brétéché	4ad7607ea4	chore: add make help target (#3405 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-16 13:48:31 +00:00
Thomas Hartland	36f532840d	Only queue one retry if webhook update fails (#3353 ) Queueing two retries can lead to exponential growth. Adding a delay before the retry should reduce the number of failed attempts to update webhooks. Signed-off-by: Thomas Hartland <thomas.hartland@diamond.ac.uk> Co-authored-by: Prateek Pandey <prateekpandey14@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-16 12:08:03 +00:00
Charles-Edouard Brétéché	9ac35f9698	chore: add more codegen target and verifications (#3393 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Prateek Pandey <prateekpandey14@gmail.com>	2022-03-16 15:01:35 +05:30
Abhi Kapoor	ac8dea1cba	Return warning on admission response when mutating pods (#3272 ) - Return the warning as part of the validate response - Warn when autogen annotation is being used to exclude pod controllers - Reutrn admission response based on the autogen annotation value - Update the existing log message to align with admission response warning Co-authored-by: abhinav454 <43758739+abhinav454@users.noreply.github.com> Co-authored-by: Prateek Pandey <prateekpandey14@gmail.com>	2022-03-16 04:50:33 +00:00
Sambhav Kothari	6498425937	Add a registry flag to allow direct access to container registries in the CLI (#3396 ) * Add a registry flag to allow direct access to container registries in the CLI Signed-off-by: Sambhav Kothari <sambhavs.email@gmail.com>	2022-03-16 09:56:47 +05:30
Charles-Edouard Brétéché	9e623bbf6e	feat: add rules to status (#3376 ) * fix: configmap resource filters generated by helm does not account for namespace Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * feat: add rules to status Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-15 14:49:16 +00:00
Charles-Edouard Brétéché	cc807b383e	chore: makefile should not makefile go.mod (#3394 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-15 16:30:57 +05:30
Charles-Edouard Brétéché	8602e63f23	refactor: ImageVerification validation (#3372 ) * fix: configmap resource filters generated by helm does not account for namespace Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: ImageVerification validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-15 08:48:58 +00:00
Vyankatesh Kudtarkar	68093cd44c	Cli Apply command support Dir as resources (#3391 ) * apply command support dir as resources * fix issue	2022-03-15 16:00:59 +08:00
Charles-Edouard Brétéché	1a1973c1b5	chore: add helm crds to make codegen target (#3375 ) * fix: configmap resource filters generated by helm does not account for namespace Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: add helm crds to make codegen target Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-14 15:12:29 +00:00
Charles-Edouard Brétéché	5de83edafa	fix: metrics config defaults (#3387 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-14 22:21:50 +08:00
Vyankatesh Kudtarkar	154cea21c3	fix for gvk not working for existing resources policy (#3384 )	2022-03-14 16:03:13 +05:30
vivek kumar sahu	c456b541af	e2e test for mutate global anchor Policy (#2574 ) * Added e2e test for mutate-global-anchor-policy Signed-off-by: vivek kumar sahu <vivekkumarsahu650@gmail.com> * Updated config.go for mutate globar anchor policy Signed-off-by: viveksahu26 <vivekkumarsahu650@gmail.com> * Added resources for mutate global anchor policy Signed-off-by: viveksahu26 <vivekkumarsahu650@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-14 09:15:06 +00:00
Abhinav Sinha	9bb7238a22	Add `codecov` to CI (#3382 ) * Add `codecov` to CI Signed-off-by: Abhinav Sinha <abhinav@nirmata.com> * Add `codecov` badge for `main` to `README.md` Signed-off-by: Abhinav Sinha <abhinav@nirmata.com> * Addressed code review Signed-off-by: Abhinav Sinha <abhinav@nirmata.com>	2022-03-14 16:21:27 +08:00
Christian Kotzbauer	851a81845c	Update cosign to v1.6.0 (#3341 ) Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de> fix ecr-helper creation Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2022-03-11 11:25:10 -08:00
Charles-Edouard Brétéché	de6fa9fd19	fix: generate api reference docs (#3377 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-11 20:02:59 +05:30
Vyankatesh Kudtarkar	b3a53f0658	fix PodExecOptions issue (#3373 ) * fix PodExecOptions issue * add note * update comment	2022-03-11 15:09:32 +05:30
shuting	61245f0b69	Update OWNERS.md (#3371 )	2022-03-10 10:30:05 -08:00
Charles-Edouard Brétéché	8d08250e07	feat: add autogen controllers to policy status (#3332 ) * feat: add autogen controllers to policy status Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * feat: add autogen controllers to policy status Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-10 23:51:29 +08:00
Charles-Edouard Brétéché	78239a2947	chore: gen helm crds from config crds (#3356 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-10 15:07:48 +00:00
Charles-Edouard Brétéché	d8da39d12d	refactor: introduce api common types (#3365 ) * fix: configmap resource filters generated by helm does not account for namespace Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: move api functions closer to the struct they belong to Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: introduce api common types Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-10 14:45:15 +00:00
Naman Lakhwani	126742ad57	adding emptyDir vol for keyless signing (#3366 ) * adding emptyDir vol Signed-off-by: Naman Lakhwani <namanlakhwani@gmail.com> * adding env TUF_ROOT Signed-off-by: Naman Lakhwani <namanlakhwani@gmail.com>	2022-03-10 08:09:22 +00:00
Charles-Edouard Brétéché	753d24d53c	refactor: move api functions closer to the struct they belong to (#3363 ) * fix: configmap resource filters generated by helm does not account for namespace Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: move api functions closer to the struct they belong to Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-09 16:04:09 +00:00
Charles-Edouard Brétéché	ce5f648f30	refactor: introduce rules getters and setters (#3350 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Prateek Pandey <prateekpandey14@gmail.com>	2022-03-09 15:28:31 +00:00
Charles-Edouard Brétéché	ea977b259c	refactor: move controller autogen annotation in api package (#3364 ) * fix: configmap resource filters generated by helm does not account for namespace Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refator: move controller autogen annotation in api package Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-09 21:48:04 +08:00
Shubham Nazare	4c1a8336b0	Add new test-case-selector flag to test command (#3183 ) * added new test-case flag to test command Signed-off-by: Shubham Nazare <shubham4443@gmail.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> Co-authored-by: Sambhav Kothari <skothari44@bloomberg.net>	2022-03-09 07:40:53 +00:00
Ivan Wallis	deda7a5336	support RSA, ECDSA and EDDSA public key verification (#3362 ) Signed-off-by: Ivan Wallis <iwallis@gmail.com>	2022-03-08 21:58:14 -08:00
Charles-Edouard Brétéché	2987647692	fix: configmap resource filters generated by helm does not account for namespace (#3358 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-09 02:04:25 +08:00
Charles-Edouard Brétéché	51501cce9d	chore: check helm docs are up to date (#3310 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-08 15:10:53 +00:00
Vyankatesh Kudtarkar	148a892277	Fix any_all wildcard issue (#3352 )	2022-03-08 12:59:33 +00:00
Charles-Edouard Brétéché	8187b9331e	fix: invalid path in helm-test workflow (#3344 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Sambhav Kothari <skothari44@bloomberg.net>	2022-03-08 01:08:46 +00:00
Sambhav Kothari	e1ca384ecc	Add Bloomberg to adopters (#3348 )	2022-03-07 20:31:24 +00:00
Prateek Nandle	666130bf6c	updated description field of foreach (#3157 ) Signed-off-by: Prateeknandle <prateeknandle@gmail.com>	2022-03-07 19:26:19 +05:30
Charles-Edouard Brétéché	51db68ba20	chore: verify codegen in CI (#3343 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-07 15:13:36 +05:30
Gasmi Christophe	e0503088ec	Update generate clusterrole (#3336 ) - Update clusterrole.yaml - Fix apigroup for resourcequota and limitrange Signed-off-by: Christophe Gasmi <rekcah78@gmail.com>	2022-03-07 12:57:57 +05:30
Charles-Edouard Brétéché	90d0badda4	fix: CRD generation (#3334 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-06 11:07:51 -08:00
Charles-Edouard Brétéché	1293ef4691	refactor: reduce usage of reflect.DeepEqual (#3328 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-02 17:20:27 +00:00

1 2 3 4 5 ...

4045 commits