Charles-Edouard Brétéché
3686f6506c
docs: add resource exclusions note in helm docs ( #4989 )
...
* docs: add resource exclusions note in helm docs
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* nit
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fixes
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-16 06:58:56 -04:00
Charles-Edouard Brétéché
42b224aa26
chore: add myself in approvers ( #4990 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-15 23:55:00 +00:00
Samuel Torres
8dc56d3f68
feat: Add container registry setting on Helm Chart ( #4281 )
...
To make the customization of the container registries easier, eg.
a custom private registry, this change adds a new property on the
images configuration to allow setting a custom image registry
without needing to customize the repository of the image.
Signed-off-by: Samuel Torres <samuelpirestorres@gmail.com>
2022-10-15 11:48:36 -04:00
Charles-Edouard Brétéché
5f6b04ca69
fix: config reloading not working correctly ( #4951 )
...
* fix: config reloading not working correctly
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* nits
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-14 17:36:46 +00:00
Charles-Edouard Brétéché
1f3c429cd7
fix: missing autogen rules in status ( #4971 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-14 17:02:10 +00:00
Charles-Edouard Brétéché
afe9036347
fix: add user info in admission request logs ( #4969 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-14 16:29:48 +00:00
Charles-Edouard Brétéché
f0703a5c6b
fix: don't produce empty admission reports ( #4966 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-14 15:55:51 +00:00
Charles-Edouard Brétéché
47780bf37f
fix: improve banned types management in reports ( #4953 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-10-14 23:20:30 +08:00
Charles-Edouard Brétéché
e749907302
fix: missing watchers in resource report controller ( #4967 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-14 13:55:50 +00:00
Batuhan Apaydın
29a26e54f7
chore: Push and sign install manifests to GHCR ( #4895 )
...
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
Co-authored-by: Stefan Prodan <@stefanprodan>
Co-authored-by: Charles-Edouard Brétéché <@eddycharly>
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
2022-10-14 12:48:32 +00:00
Pratik Shah
caab013a86
Fixed issue-4530: Added separate attestor type for secrets and KMS ( #4733 )
...
Signed-off-by: Pratik Shah <pratik@infracloud.io>
Signed-off-by: Vyankatesh <vyankateshkd@gmail.com>
2022-10-14 09:40:46 +00:00
Charles-Edouard Brétéché
064980bd9a
fix: admission reports printer ( #4950 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-14 08:22:00 +00:00
Charles-Edouard Brétéché
7ceea1a08f
chore: bump a few deps ( #4943 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
2022-10-14 07:13:19 +00:00
Pratik Shah
8a0083105d
Added support to specify key signature algorithm in verifyImages ( #4855 )
...
Signed-off-by: Pratik Shah <pratik@infracloud.io>
Signed-off-by: Pratik Shah <pratik@infracloud.io>
2022-10-14 05:39:57 +00:00
Charles-Edouard Brétéché
16aca2816f
fix: don't report ready until certs are valid ( #4934 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-14 04:23:42 +00:00
Chip Zoller
b7247b5935
Update issue templates and scan for vulns action ( #4952 )
...
* update version drop-down
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* Add workflow to detect and report on image vulnerabilities
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* pin deps
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* bump JasonEtco/create-an-issue
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* bump versions in drop-downs
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* fix background mode scan with request.operation
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* Revert "bump versions in drop-downs"
This reverts commit 5fcea048ddf0d44c7aca
2022-10-13 22:11:58 +00:00
Chip Zoller
3c70843fdf
Fix background scan with request.operation ( #4947 )
...
* update version drop-down
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* Add workflow to detect and report on image vulnerabilities
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* pin deps
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* bump JasonEtco/create-an-issue
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* bump versions in drop-downs
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* fix background mode scan with request.operation
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* Revert "bump versions in drop-downs"
This reverts commit 5fcea048ddf0d44c7aca
2022-10-13 16:34:49 +00:00
Charles-Edouard Brétéché
56d90888e0
fix: consider generateName when matching resources ( #4945 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-13 16:02:01 +00:00
Charles-Edouard Brétéché
a62a0c1f9f
fix: probes should work in debug mode ( #4926 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
2022-10-13 14:40:35 +00:00
Charles-Edouard Brétéché
9e933e8d21
fix: set operation in context when necessary ( #4940 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-13 19:33:49 +05:30
Batuhan Apaydın
38a15a948f
chore: add COSIGN_REPOSITORY env to ko-publish-dev step ( #4922 )
2022-10-13 10:55:39 +00:00
Charles-Edouard Brétéché
ed88e9f8d2
fix: panic when bad variable substitution ( #4928 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
2022-10-13 10:16:47 +00:00
Charles-Edouard Brétéché
090b68e55d
feat: make cert renewer private and add server name support ( #4904 )
...
* fix: remove unnecessary dependencies from tls package
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: make cert renewer private and add server name support
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* nits
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-13 09:46:05 +00:00
Charles-Edouard Brétéché
cd5e0cfa74
chore: bump a couple of deps ( #4925 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-13 11:04:23 +02:00
XDRAGON2002
03c41e7746
[Cleanup] Disable PolicySkipped events ( #4913 )
...
* remove skip events
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
* update conditions
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
* improve conditions
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
* remove redundant function
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-10-13 08:32:20 +00:00
Sandesh More
17ba925490
add filter for validation policies when ValidationFailureActionOverrides is used ( #4809 )
...
Signed-off-by: Sandesh More <sandesh.more@infracloud.io>
Signed-off-by: Sandesh More <sandesh.more@infracloud.io>
2022-10-13 07:59:10 +00:00
Charles-Edouard Brétéché
4f3656abc6
chore: update controller-tools to v0.10.0 ( #4918 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2022-10-13 07:23:44 +00:00
Charles-Edouard Brétéché
8f7db3d4be
fix: use constants defined in openapi controller ( #4919 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-13 06:29:38 +00:00
Batuhan Apaydın
f45584bfd6
chore: signing helm releases ( #4801 )
...
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-10-12 20:14:44 +00:00
Charles-Edouard Brétéché
25963aba60
fix: openapi controller discovery ( #4912 )
...
* refactor: openapi controller part 2
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* rename
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* rename 2
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* move controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* move controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: openapi controller discovery
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-12 12:23:47 -07:00
Charles-Edouard Brétéché
b3021f5a57
refactor: openapi controller part 2 ( #4910 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-12 22:24:16 +05:30
Charles-Edouard Brétéché
7cef1c00d9
fix: clean background scan reports ( #4908 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-12 21:13:33 +05:30
James Callahan
33b5bb2a8a
fix: don't specify rules when aggregationRule is set ( #4867 )
...
Fixes #4866
Signed-off-by: James Callahan <jamescallahan@bitgo.com>
Signed-off-by: James Callahan <jamescallahan@bitgo.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-10-12 14:17:51 +00:00
Charles-Edouard Brétéché
de67a507cd
refactor: openapi controller part 1 ( #4901 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
2022-10-12 11:38:48 +00:00
Charles-Edouard Brétéché
d25dccbd9c
fix: remove unnecessary dependencies from tls package ( #4903 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-12 09:36:26 +00:00
Charles-Edouard Brétéché
8e15982448
fix: reduce webhook controller logs ( #4897 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-12 10:39:27 +02:00
Charles-Edouard Brétéché
c213deab4b
chore: add argocd lab ( #4884 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-12 07:25:48 +00:00
Charles-Edouard Brétéché
4aed9359cb
refactor: manage webhooks with webhook controller ( #4846 )
...
* refactor: add config support to webhook controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: add client config to webhook controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* migrate verify webhook
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* v1
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: move policy webhooks management in webhook controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* policy validating webhook config
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* watch policies
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: migrate resource webhook management in webhook controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* mutating webhook
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* auto update
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* cleanup
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* auto update and wildcard policies
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* policy readiness
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: can't use v1 admission
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* reduce reconcile
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* watchdog
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* cleanup
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* health check
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* runtime utils
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* runtime utils
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* cleanup
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* watchdog check
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* remove delete from mutating webhook
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* cleanup
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2022-10-12 06:52:42 +00:00
Charles-Edouard Brétéché
7d897016e9
fix: auto gen enabled when using names ( #4863 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2022-10-12 06:09:02 +00:00
Charles-Edouard Brétéché
465f9d204b
fix: non watchable resources in report controller ( #4888 )
...
* fix: non watchable resources in report controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix events
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-12 13:36:24 +08:00
XDRAGON2002
f6cb33de95
Fix result colour ( #4885 )
...
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
2022-10-11 20:36:31 +00:00
Charles-Edouard Brétéché
f7db09fcc2
fix: background scan labels ( #4865 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
2022-10-11 19:54:22 +00:00
Prateek Pandey
23ab7390a3
fix: hardening policy validation for generate cloneList ( #4881 )
...
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
2022-10-11 23:35:07 +05:30
Charles-Edouard Brétéché
ea37d46137
docs: add section in helm docs to install with argocd ( #4878 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-11 17:48:30 +02:00
XDRAGON2002
df12c80b95
fix test output numbering ( #4853 )
...
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
2022-10-11 12:30:11 +00:00
Batuhan Apaydın
2860775dc3
feature: use cert extension oid as key ( #4854 )
...
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
Co-authored-by: Furkan Türkal <furkan.turkal@trendyol.com>
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
Co-authored-by: Furkan Türkal <furkan.turkal@trendyol.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
2022-10-10 12:39:09 -07:00
Charles-Edouard Brétéché
afaee3dedb
chore: add launch.json for vscode debugging ( #4856 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
2022-10-10 13:50:04 +00:00
Chip Zoller
5346bce5ca
Add workflow to detect and report on image vulns ( #4850 )
...
* update version drop-down
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* Add workflow to detect and report on image vulnerabilities
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* pin deps
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
2022-10-10 15:10:16 +02:00
Charles-Edouard Brétéché
c5f4fd2d01
docs: add debug instructions ( #4843 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
2022-10-10 09:14:17 +00:00
Sachin Maurya
bec5632344
e2e test for mutate policy ( #3383 )
...
Signed-off-by: slayer321 <sachin.maurya7666@gmail.com>
Signed-off-by: slayer321 <sachin.maurya7666@gmail.com>
2022-10-08 10:57:41 -04:00
