kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00

Author	SHA1	Message	Date
Bricktop	3815b40c64	Fix various static checks related to condition handling (#2528 ) Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de>	2021-10-13 11:29:45 +02:00
Bricktop	2d0df77963	Format error messages correctly (#2519 ) * Format error messages correctly Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de> * No punctuation at the end or errors Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de> * Replace loop with simple if Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de> * Fix more errors Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de>	2021-10-12 14:29:20 -07:00
Sachin	e16d773957	Remove unused function (#2517 )	2021-10-11 12:46:28 -07:00
Bricktop	67a2466c32	Remove dead code in various packages (#2514 )	2021-10-11 12:44:43 -07:00
shuting	b10947b975	Dynamic webhooks (#2425 ) * support k8s 1.22, update admissionregistration.k8s.io/v1beta1 to admissionregistration.k8s.io/v1 Signed-off-by: ShutingZhao <shutting06@gmail.com> * - add failurePolicy to policy spec; - fix typo Signed-off-by: ShutingZhao <shutting06@gmail.com> * - add schema validation for failurePolicy; - add a printer column Signed-off-by: ShutingZhao <shutting06@gmail.com> * set default failure policy to fail if not defined Signed-off-by: ShutingZhao <shutting06@gmail.com> * resolve conflicts Signed-off-by: ShutingZhao <shutting06@gmail.com> * fix missing type for printerColumn Signed-off-by: ShutingZhao <shutting06@gmail.com> * refactor policy controller Signed-off-by: ShutingZhao <shutting06@gmail.com> * add webhook config manager Signed-off-by: ShutingZhao <shutting06@gmail.com> * - build webhook objects per policy update; - add fail webhook to default webhook configurations Signed-off-by: ShutingZhao <shutting06@gmail.com> * fix panic on policy update Signed-off-by: ShutingZhao <shutting06@gmail.com> * build default webhook: match empty if autoUpdateWebhooks is enabled, otherwise match all Signed-off-by: ShutingZhao <shutting06@gmail.com> * - set default webhook configs rule to empty; - handle policy deletion Signed-off-by: ShutingZhao <shutting06@gmail.com> * reset webhook config if policies with a specific failurePolicy are cleaned up Signed-off-by: ShutingZhao <shutting06@gmail.com> * handle wildcard pocliy Signed-off-by: ShutingZhao <shutting06@gmail.com> * update default webhook timeout to 10s Signed-off-by: ShutingZhao <shutting06@gmail.com> * cleanups Signed-off-by: ShutingZhao <shutting06@gmail.com> * added webhook informer to re-create it immediately if missing Signed-off-by: ShutingZhao <shutting06@gmail.com> * update tag webhookTimeoutSeconds description Signed-off-by: ShutingZhao <shutting06@gmail.com> * fix e2e tests Signed-off-by: ShutingZhao <shutting06@gmail.com> * fix linter issue Signed-off-by: ShutingZhao <shutting06@gmail.com> * correct metric endpoint Signed-off-by: ShutingZhao <shutting06@gmail.com> * add pol.generate.kind to webhooks Signed-off-by: ShutingZhao <shutting06@gmail.com>	2021-10-05 00:15:09 -07:00
Jim Bugwadia	731ffde0e7	fix messages and tests Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-10-03 03:15:22 -07:00
Jim Bugwadia	89d1e4afab	format Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-10-02 16:57:40 -07:00
Jim Bugwadia	e0e6074afc	add validation; add 'element' to context Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-10-02 16:53:02 -07:00
Jim Bugwadia	1ebd2c99f2	add messages and set rule to skip when pattern does not match Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-09-30 23:34:04 -07:00
Jim Bugwadia	6ae3063038	merge main Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-09-30 11:53:33 -07:00
NoSkillGirl	9513cca68f	removing commented test case Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-09-29 11:02:07 +05:30
NoSkillGirl	ff540bfb06	removing print statement Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-09-29 10:59:54 +05:30
NoSkillGirl	83a815d7cf	added test cases Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-09-28 20:17:03 +05:30
Jim Bugwadia	3957a1400e	fix deny check and fmt Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-09-27 23:40:05 -07:00
Jim Bugwadia	a905a61581	fix deny rules Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-09-27 14:28:55 -07:00
Jim Bugwadia	536b64bed1	fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-09-26 21:15:13 -07:00
Jim Bugwadia	67660647d9	update tests Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-09-26 18:30:53 -07:00
Jim Bugwadia	39061d91c4	implement validate.foreach Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-09-26 02:12:31 -07:00
NoSkillGirl	f9c789967c	added test cases Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-09-23 15:01:34 +05:30
NoSkillGirl	799ae0f80d	added test cases Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-09-22 14:33:59 +05:30
NoSkillGirl	d6e977a34d	updated logic for key in resources Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-09-22 01:51:57 +05:30
NoSkillGirl	aba3bad8fc	adding logic for checking key in resources Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-09-21 20:15:09 +05:30
NoSkillGirl	4a5d4a2bac	debugging Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-09-21 12:12:34 +05:30
Max Goncharenko	a0ff8bbd0b	Implement global anchor (#2311 ) * implement global anchor for patch strategic merge Signed-off-by: Max Goncharenko <kacejot@fex.net> * fixed unit tests for mutation global anchor Signed-off-by: Max Goncharenko <kacejot@fex.net> * added global anchor in validation Signed-off-by: Max Goncharenko <kacejot@fex.net> * fix some global anchor issues found during testing Signed-off-by: Max Goncharenko <kacejot@fex.net> * run go tidy Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com> * fixed tests Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com> * fixed some tests Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com> * finish implementing global anchor Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com> * WIP: lower global anchor strictness Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com> * Revert "WIP: lower global anchor strictness" This reverts commit `08e176a042`. Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com> * global anchor for mutation Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com>	2021-09-13 08:59:28 -07:00
Max Goncharenko	4c7ca97eac	Patch strategic merge preprocessing: implement anchor handling (#2156 ) * finished walkMap Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com> * added validation to the patchStrategicMerge Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com> * finished fixing tests Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com> * fixed part of old tests Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com> * patchStrategicMerge anchor preprocessing is finished Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com> * fix #1915 and #1896 Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com> * fix lint errors Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com> * removed debug logs Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com> * added failing test Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com> * Fix unnecessary deletion Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com>	2021-07-23 10:53:37 -07:00
treydock	3b1fd912cb	Move log to debug for wildcard pattern matching (#2064 ) Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>	2021-06-23 16:48:09 -07:00
Arsh Sharma	7e9be24d90	updating minio verison (#1956 )	2021-06-09 19:16:26 -07:00
RinkiyaKeDad	29c6e901ab	added test, removed comment Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>	2021-06-03 11:16:50 +05:30
RinkiyaKeDad	e94479717c	fixed spacing problem in operators Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>	2021-06-02 12:16:54 +05:30
Max Goncharenko	0776b438d3	Support operators (>=, <, etc ...) on list values (#1838 ) Signed-off-by: Max Goncharenko <kacejot@fex.net>	2021-04-28 13:31:55 -07:00
Max Goncharenko	24c4f06ecd	Fix #1506 ; Resolve path reference in entire rule instead of just pattern/overlay Signed-off-by: Max Goncharenko <kacejot@fex.net>	2021-03-16 13:45:40 +02:00
Max Goncharenko	536f364724	Add AND logical operator support (#1539 ) Signed-off-by: Max Goncharenko <kacejot@fex.net>	2021-02-05 17:52:31 -08:00
shuting	ab5f2274f9	1314 validate rule (#1368 ) * fixes 1314 * fix panic	2020-12-08 22:52:37 -08:00
Jim Bugwadia	1c2262b6e2	merge main	2020-12-04 16:52:10 -08:00
Jim Bugwadia	f3b644f624	handle anchors in keys	2020-12-04 15:59:15 -08:00
Jim Bugwadia	13a9a4721a	wildcard label and annotation keys validate patterns (#1360 )	2020-12-04 12:05:24 -08:00
Jim Bugwadia	44afdf2f95	wildcard label and annotation keys validate patterns	2020-12-04 09:28:30 -08:00
Shuting Zhao	e985ee4031	correct misspelled words	2020-11-17 12:01:01 -08:00
Shuting Zhao	8e0650804f	improve error log	2020-11-03 15:41:17 -08:00
Shuting Zhao	d8d5160bce	fix #1192	2020-11-03 15:31:58 -08:00
Jim Bugwadia	062d794cad	fix conversion errors	2020-10-22 11:59:11 -07:00
Shuting Zhao	cdc5190c56	update nirmata/kyverno to kyverno/kyverno	2020-10-07 11:12:31 -07:00
Mohan B E	a827f88dc7	resolved conditional anchor issue and added validation to pattern labels (#1060 ) * resolved conditional anchor issue and added validation to pattern labels * restored IsConditionAnchor * added annotation and anypattern validation * added conditional anchor key checker * reverted docs * fixed tests * modified validation * modified validate condition check	2020-08-28 18:22:22 -07:00
Mohan B E	3feb41e5f3	wildcard for numeric values (#1074 ) * wildcard for numeric values * changed error message	2020-08-21 12:48:05 -07:00
Mohan B E	6e827f912f	Feature/e2e 575 (#1018 ) * added api templates * E2E test for generate roles, rolebindings, clusterrole and clusterrolebindings * table driven e2e tests * table driven e2e tests and go fmt * removed unwanted vars * increased sleep time * removed role generation clone * increated sleep time * added rolebinding clone and retry mechanism for get resources * modified test for clone * added namespace to role * added namespace variable * added git actions job * changed build name * removed docker login * added role verbs * removed github actions job and rbac file * added clusterrole test with clone * fixed travis issue	2020-08-06 10:46:10 +05:30
Yuvraj	ffe18aab86	Resolve Kyverno panic when sync the generate request (#975 ) * handle validate error panic * return error in validate array * fix error log message Co-authored-by: Yuvraj <yuvraj@neualto.com>	2020-07-09 11:50:05 -07:00
Jim Bugwadia	838d02c475	Bugfix/659 support wildcards for namespaces (#871 ) * - support wildcards for namespaces * do not annotate resource, unless policy is an autogen policy * close HTTP body * improve messages * remove policy store Policy store was not fully implemented and simply provided a way to list all polices and get a policy by name, which can be done via standard client-go interfaces. We need to revisit and design a better PolicyStore that provides fast lookups for matching policies based on names, namespaces, etc. * handle wildcard namespaces in background processing * fix unit tests 1) remove platform dependent path usage 2) remove policy store * add test case for mutate with wildcard namespaces	2020-05-26 10:36:56 -07:00
Yuvraj	4fa5a056f3	Fix conflict Signed-off-by: Yuvraj <yuvraj.yad001@gmail.com>	2020-03-27 14:10:21 +05:30
Yuvraj	801c7513cb	golanfci-lint changes Signed-off-by: Yuvraj <yuvraj.yad001@gmail.com>	2020-03-24 00:35:05 +05:30
shivkumar dudhani	d327309d72	refactor logging	2020-03-17 16:25:34 -07:00

1 2

63 commits