kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2025-03-23 00:01:55 +00:00

Author	SHA1	Message	Date
Charles-Edouard Brétéché	06ac41e045	chore: add some cel unit tests (#12453 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-03-19 12:13:16 +00:00
Charles-Edouard Brétéché	2bb687550c	feat: add imagedata cel lib (#12442 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-03-19 17:03:23 +08:00
Charles-Edouard Brétéché	d3305512d4	chore: move imageverify cel lib (#12449 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-03-19 08:28:35 +00:00
Frank Jogeleit	b1ef884c82	fix: engine response for ivpol background scanning (#12436 ) Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de>	2025-03-18 18:20:41 +00:00
Frank Jogeleit	843da25193	fix: set correct policy for ivpols (#12434 ) Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de>	2025-03-18 13:21:34 +00:00
Frank Jogeleit	fea8b37971	fix: check if response includes a policy for ivpol (#12433 ) Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de>	2025-03-18 12:43:10 +00:00
Frank Jogeleit	f869638edf	Implement Reporting and Background scan for ImageVerificationPolicy (#12432 ) Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de>	2025-03-18 11:39:00 +00:00
shuting	c0ab93b95b	fix: autogen status for ivpol (#12431 ) * feat: enable mutating webhook for ivpol Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: add objects to payload Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: add chainsaw test Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: add update codegen Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: propagate policy response to admission reponse Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: update chainsaw tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: ivpol autogen meta Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2025-03-18 10:40:21 +00:00
Charles-Edouard Brétéché	c0d7332d14	feat: simplify resource cel lib (#12427 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-03-18 08:58:59 +00:00
Charles-Edouard Brétéché	6c8446b831	feat: simplify resource cel lib (#12426 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-03-17 16:31:01 +00:00
Charles-Edouard Brétéché	e785ee4882	feat: add globalcontext CEL lib (#12425 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-03-17 16:53:32 +01:00
shuting	4f9b07070a	feat: enable mutating webhook for ivpol (#12423 ) * feat: enable mutating webhook for ivpol Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: add objects to payload Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: add chainsaw test Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: add update codegen Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: propagate policy response to admission reponse Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: update chainsaw tests Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2025-03-17 12:31:37 +00:00
momantech	1982ebca47	chore: make function comment match function name (#12417 ) Signed-off-by: momantech <cuimoman@qq.com>	2025-03-17 11:31:55 +00:00
shuting	5c5a5fc0b0	feat: reconcile `ivpol.status` (#12392 ) * feat: update ivpol.status api Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: fix unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: update codegen Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: update codegen Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: reconcile ivpol.status Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: linter issues Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: autogen fields replacement Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: add unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: update ivpol autogen rules Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: invoke ivpol webhook handler Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: shuting <shuting@nirmata.com>	2025-03-15 05:29:19 +05:30
Charles-Edouard Brétéché	af550f54d5	feat: add cel user lib (#12414 ) * feat: add cel user lib Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * unit test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-03-14 13:51:25 +01:00
Charles-Edouard Brétéché	ff7f57713e	feat: add user info in cel engine (#12410 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-03-14 09:35:44 +00:00
Vishal Choudhary	e190f84845	feat: webhook integration image verification policies (#12403 ) Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2025-03-14 08:37:42 +00:00
Charles-Edouard Brétéché	400b0b82dd	feat: support vps in cli test command (#12384 ) * feat: support vps in cli test command Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * context in test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-03-14 08:14:49 +00:00
Mohd Kamaal	19b816ba70	solves the cronjob autogen nested path issue (#12383 ) * solves the cronjob autogen nested path issue Signed-off-by: Mohd Kamaal <mohdkamaal2019@gmail.com> * format the file using linter Signed-off-by: Mohd Kamaal <mohdkamaal2019@gmail.com> * autogen path change in validating-polcies Signed-off-by: Mohd Kamaal <mohdcode@MBA.local> --------- Signed-off-by: Mohd Kamaal <mohdkamaal2019@gmail.com> Signed-off-by: Mohd Kamaal <mohdcode@MBA.local> Co-authored-by: Mohd Kamaal <mohdcode@MBA.local>	2025-03-13 14:22:51 +00:00
Vishal Choudhary	d56e6037a4	fix: image parse func and add chainsaw tests (#12396 ) * fix: image parse func and add chainsaw tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: linter Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2025-03-13 07:01:40 +00:00
Frank Jogeleit	6fdbdbce28	Fix: data access in audit annotations (#12394 ) Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de>	2025-03-12 16:44:50 +00:00
Vishal Choudhary	98ecf30a62	fix: add missing context type and http type in ivpols (#12393 ) Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2025-03-12 14:47:21 +00:00
shuting	91e6ae14fe	feat: register webhook for ivpol (#12391 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2025-03-12 16:04:11 +05:30
Frank Jogeleit	f59cae97f2	Fix: data access in message expressions (#12390 ) Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de>	2025-03-12 09:32:29 +00:00
Charles-Edouard Brétéché	9f70209361	feat: mock list resources in context (#12380 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-03-11 17:21:30 +00:00
Frank Jogeleit	1a7c581220	fix: providing the http provider in the compiler (#12379 ) Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de>	2025-03-11 15:00:20 +00:00
Charles-Edouard Brétéché	0d43a2d997	feat: make image ref parsing a static function (#12374 ) * feat: make image ref parsing a static function Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * typo Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-03-11 14:19:36 +00:00
shuting	b5b1287282	chore: improve error handling (#12376 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2025-03-11 13:52:04 +01:00
Vishal Choudhary	d812982b2e	feat: webhook handlers for image verification (#12318 ) * feat: webhook support for image verification Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: add validation Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: add tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: ci Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: codegen Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: trim prefix Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: only use matched policies Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: conflicts Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: remove commented code Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2025-03-11 07:38:11 +00:00
Charles-Edouard Brétéché	c655ba72c2	fix: use pointer in context config map getter (#12365 )	2025-03-10 14:31:34 +00:00
Charles-Edouard Brétéché	1c3bddf8ca	feat: support mock in CLI for VPs (#12344 ) * feat: support mock in CLI for VPs Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * implement get cm mock Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * move into cel package Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-03-10 13:28:44 +00:00
Charles-Edouard Brétéché	a9ac540ddc	fix: nits in cel context lib (#12333 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-03-09 17:47:11 +00:00
Frank Jogeleit	1ac2dd9fa6	Add CEL context.Lib to the imageverification compiler (#12337 ) Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de>	2025-03-09 17:06:53 +00:00
Javier Solana	b00b2c96c8	chore: add dryrun as label (#11962 ) * chore: add dryrun as label Signed-off-by: Javier Solana <javier.solana@cabify.com> * check request.Dryrun to avoif SIGSEGV Signed-off-by: Javier Solana <javier.solana@cabify.com> * chore: add dryrun Signed-off-by: Javier Solana <javier.solana@cabify.com> * chore: add dryrun Signed-off-by: Javier Solana <javier.solana@cabify.com> * chore: update doc to add DryRun Signed-off-by: Javier Solana <javier.solana@cabify.com> * chore: update to add DryRun Signed-off-by: Javier Solana <javier.solana@cabify.com> * chore: update crds Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: Javier Solana <javier.solana@cabify.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Javier Solana <javier.solana@cabify.com> Co-authored-by: shuting <shuting@nirmata.com>	2025-03-07 23:30:22 +08:00
Frank Jogeleit	29849e196f	Add CEL HTTP Lib to the imageverification compiler (#12335 ) Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de>	2025-03-07 13:31:38 +00:00
Charles-Edouard Brétéché	c55354d5a1	chore: remove unused code (#12325 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-03-07 10:21:49 +00:00
shuting	d7a37924a9	feat: skip applying a VP which is converted to VAP (#12312 ) * feat: skip vpol application if it's converted to vap Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: add missing error checks Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2025-03-07 08:07:50 +00:00
Vishal Choudhary	4b4e6cc415	feat: add parse image reference function (#12317 ) Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-03-07 07:34:08 +00:00
Frank Jogeleit	da1fbd9475	Cel HTTP Lib (#12241 ) * Implement HTTP CEL lib for external API calls Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de> * fix lint errors Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de> --------- Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de>	2025-03-06 15:13:13 +00:00
Frank Jogeleit	1cc5b7a3ab	Skip reporting for vpol when vap generation is enabled (#12311 ) Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de>	2025-03-06 14:35:34 +00:00
Khaled Emara	c61d0735e3	feat(vp): implement gctx in context library (#12055 ) * feat(vp): implement gctx in context library Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * test(cel): add chainsaw test for validating policies gctx Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> --------- Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2025-03-06 09:27:03 +00:00
shuting	637f756994	feat: support json payload via CLI apply command (#12296 ) * chore: remove unused code Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: support json in CLI apply command Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: remove not used validation expressions Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: update codegen docs Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: add unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2025-03-06 08:48:26 +00:00
Vishal Choudhary	32f13d5894	fix: use object key in json image verification (#12298 )	2025-03-05 19:53:19 +00:00
Frank Jogeleit	6967533d9d	feat: support CELPolicyException in the report-controller (#12287 ) * feat: support CELPolicyException in the report-controller Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de> * feat: support CELPolicyException in the report-controller Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de> --------- Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de>	2025-03-05 12:54:35 +00:00
Vishal Choudhary	c47b48bda6	feat: autogenerate image verification policies for pod controllers (#12290 ) * feat: autogen for image verification Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: linter Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2025-03-04 21:30:23 +00:00
shuting	84e9517bad	feat: add cel evaluator for json payload (#12288 ) * feat: add cel evaluator for json payload Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: linter fixes Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: shuting <shuting@nirmata.com>	2025-03-04 15:20:26 +00:00
Vishal Choudhary	0dda60bf12	fix: autogen refactor (#12286 ) * fix: autogen refactor Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: more refactor Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2025-03-04 18:55:45 +08:00
Vishal Choudhary	70dc8cb81a	feat: image verify performance fix and tests (#12282 ) Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2025-03-04 06:34:31 +00:00
Vishal Choudhary	00f3e2f775	feat: add evaluation config to image verification policies (#12279 ) * feat: add evaluation config to image verification policies Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: ci Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: unit tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2025-03-03 21:27:07 +05:30
刘旭	608b9fd5b7	fix(gctx): add event handler before informer start (#12263 ) Signed-off-by: liuxu <liuxu623@gmail.com>	2025-03-03 13:46:49 +00:00

1 2 3 4 5 ...

3994 commits