kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00

Author	SHA1	Message	Date
shuting	618a69961e	Disable auto-gen when a rule has mixed of kinds: pod & pod controllers (#1847 ) * disable auto-gen when a rule has mixed of kinds: pod & pod controllers Signed-off-by: Shuting Zhao <shutting06@gmail.com> * Bugfix : Make match.resources.kinds required (#1843) * Fix Dev setup * make kind required in MatchResources * add test cases Co-authored-by: vyankatesh <vyankatesh@neualto.com> * address PR comments Signed-off-by: Shuting Zhao <shutting06@gmail.com> * update background canAutoGen unit tests Signed-off-by: Shuting Zhao <shutting06@gmail.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> Co-authored-by: vyankatesh <vyankatesh@neualto.com>	2021-04-29 14:59:37 -07:00
Vyankatesh Kudtarkar	34af7a930c	Bugfix : Make match.resources.kinds required (#1852 ) * Fix Dev setup * Bugfix : Make match.resources.kinds required Co-authored-by: vyankatesh <vyankatesh@neualto.com>	2021-04-29 11:14:55 -07:00
Vyankatesh Kudtarkar	a0193e13e5	test cases for match/exclude GVK (#1851 ) * Fix Dev setup * add test_cases for GVK Co-authored-by: vyankatesh <vyankatesh@neualto.com>	2021-04-29 10:58:17 -07:00
Pooja Singh	d3e4fede02	Fix for commented yaml files in Kyverno CLI (#1849 ) * fix for commented policy yaml file Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * fix for commented resource yaml file Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-04-29 10:41:15 -07:00
Pooja Singh	1e4c950104	Feature/1515 - handle configmap and api variable cli (#1789 ) * added store package Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added changes to handle api and configmap variables in cli Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * removed comments Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * refactoring code Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added test case for mutation Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added test case for validation Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * code improvement Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-04-29 10:09:44 -07:00
Vyankatesh Kudtarkar	caa6a90b27	Bug 1799: Fix mutate policy defaults and Fix endless look of auto-gen rules. (#1839 ) * Fix Dev setup * Mutate policy defaults (1799) * fix look for exclude ResourceDescription * fix condition * reuse code Co-authored-by: vyankatesh <vyankatesh@neualto.com>	2021-04-29 09:51:23 -07:00
Shuting Zhao	e9c2d899c9	fix the unit test Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-28 14:52:26 -07:00
Shuting Zhao	85dde7e960	Enable image substitution in the background mode Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-28 14:21:11 -07:00
Max Goncharenko	0776b438d3	Support operators (>=, <, etc ...) on list values (#1838 ) Signed-off-by: Max Goncharenko <kacejot@fex.net>	2021-04-28 13:31:55 -07:00
Max Goncharenko	9da2d44ee1	Fix #1737 : forceMutate does not handle StrategicMerge patchesJson6902 (#1775 ) * Fix #1737: forceMutate does not handle StrategicMerge patchesJson6902 Signed-off-by: Max Goncharenko <kacejot@fex.net> * go fmt Signed-off-by: Max Goncharenko <kacejot@fex.net> * updated PR due to the comments Signed-off-by: Max Goncharenko <kacejot@fex.net>	2021-04-28 13:12:44 -07:00
Pooja Singh	434a4cdb14	Bug fix/1783 generate endlessly (#1804 ) * debug Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * bug fix Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * error handling Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added resource cache Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * reverting back to api call attempt Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-04-26 12:58:34 -07:00
Pooja Singh	1da4f74562	Merge pull request #1817 from NoSkillGirl/validate_policy_in_cli_according_to_crd Validate policy in cli according to policy schema	2021-04-23 15:51:47 +05:30
NoSkillGirl	7a6648c9a1	simplified bool comparison Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-04-23 11:56:15 +05:30
NoSkillGirl	8f9c97411b	added test cases Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-04-23 01:15:45 +05:30
NoSkillGirl	b98f1116f3	refactoring code Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-04-23 00:20:50 +05:30
Vyankatesh Kudtarkar	ab8d077384	Fix Dev setup (#1815 ) Co-authored-by: vyankatesh <vyankatesh@neualto.com>	2021-04-21 12:35:13 -07:00
NoSkillGirl	fe05f0385d	added error handling Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-04-21 10:28:11 +05:30
NoSkillGirl	3362ef95fc	added policy crd as go file Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-04-21 10:28:11 +05:30
NoSkillGirl	4cfc21779c	added policy validation according to api server Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-04-21 10:28:11 +05:30
Yashvardhan Kukreja	69c3418ca9	added: a pre-flight validation check for ensuring that only 'any'/'all' fields are present under conditions (#1791 ) Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>	2021-04-16 17:23:01 -07:00
Max Goncharenko	6a0305674a	JMESPath custom functions (#1772 ) * JMESPath: Support regex expressions Signed-off-by: Max Goncharenko <kacejot@fex.net> * JMESPath: Add string functions Signed-off-by: Max Goncharenko <kacejot@fex.net> * Removed {{$}} variable handling logic Signed-off-by: Max Goncharenko <kacejot@fex.net> * Name all functions in snake case; Update error message; Fix {{@}} behavior Signed-off-by: Max Goncharenko <kacejot@fex.net>	2021-04-16 16:17:00 -07:00
shuting	f93f3344d2	fix result removal for DELETION requests (#1811 ) Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-16 13:51:35 -07:00
shuting	f515bc5dbf	skip rule application if referred path not exist (#1806 ) Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-15 17:33:34 -07:00
shuting	081244a102	Fix array variables substitution (#1800 ) * fix array variables substitution Signed-off-by: Shuting Zhao <shutting06@gmail.com> * Add ability to marshal complex vars to string Signed-off-by: Max Goncharenko <kacejot@fex.net> * Added tests for variable substitution Signed-off-by: Max Goncharenko <kacejot@fex.net> Co-authored-by: Max Goncharenko <kacejot@fex.net>	2021-04-14 13:09:00 -07:00
Frank Jogeleit	0e3e42ea33	Fix Typo in builder method names (#1798 ) Signed-off-by: Frank Jogeleit <fj@move-elevator.de>	2021-04-13 16:41:07 -07:00
Max Goncharenko	8050c4e77b	moved variable substitution to higher level to avoid unhandled cases (#1785 ) Signed-off-by: Max Goncharenko <kacejot@fex.net>	2021-04-13 11:44:43 -07:00
shuting	9dab21619f	Match endpoint to the exact Kyverno Pod's IP (#1787 ) * update log message Signed-off-by: Shuting Zhao <shutting06@gmail.com> * update printer column - validation failure action Signed-off-by: Shuting Zhao <shutting06@gmail.com> * match endpoint ip with the exact pod ip Signed-off-by: Shuting Zhao <shutting06@gmail.com> * - add tag "app.kubernetes.io/name"; - reduce throttling requests when deletes webhook configs Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add [SelfSubjectAccessReview,,] to resource filters Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-12 20:29:51 -07:00
shuting	f3ca1d78f1	Fix log message (#1779 ) * update log message Signed-off-by: Shuting Zhao <shutting06@gmail.com> * update printer column - validation failure action Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-08 12:10:30 -07:00
Vyankatesh Kudtarkar	e2cd04c91f	Fix #1446 :Failed to mutate policy (#1767 ) * Fix failed to mutate policy Signed-off-by: vyankatesh <vyankatesh@neualto.com> * fix autogen rule issue Signed-off-by: vyankatesh <vyankatesh@neualto.com> * fix issue Signed-off-by: vyankatesh <vyankatesh@neualto.com> * fix issue Signed-off-by: vyankatesh <vyankatesh@neualto.com> * addPolicy and AddNsPolicy changes * fix code indentation * change kind -> policy Signed-off-by: vyankatesh <vyankatesh@neualto.com> * fix kind for policy * fix comments Co-authored-by: vyankatesh <vyankatesh@neualto.com>	2021-04-07 16:34:45 -07:00
Frank Jogeleit	072d9f7951	Add Support for policies.kyverno.io/severity annotation (#1763 ) Signed-off-by: Frank Jogeleit <fj@move-elevator.de>	2021-04-07 14:56:27 -07:00
Max Goncharenko	01004e1db0	Fix #1754 Invalid variable validation (#1770 ) Signed-off-by: Max Goncharenko <kacejot@fex.net>	2021-04-06 10:56:06 -07:00
Shuting Zhao	741f230272	add unit tests Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-05 14:41:30 -07:00
Shuting Zhao	4b8b8cbfa6	remove namespace field on kind Namespace Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-05 13:05:47 -07:00
Jim Bugwadia	3cffc3654a	Merge pull request #1762 from realshuting/1757_default_image_info Set default image registry and tag if not present	2021-04-01 13:40:13 -07:00
Jim Bugwadia	fb368ba24b	Merge pull request #1755 from realshuting/1749_fix_concurrent_read_write Fix concurrent read/write when loading configmap data	2021-04-01 13:39:27 -07:00
Shuting Zhao	1cf8efd472	set default image registry and tag if not present Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-01 09:50:34 -07:00
shuting	72fd921cb6	fix exclude logic (#1756 ) Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-03-31 22:02:36 -07:00
Shuting Zhao	cab81eadda	operate on the copy of configmap data Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-03-31 15:22:25 -07:00
Shuting Zhao	b0cee60100	change the order for variable validation: add allowed vars first Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-03-31 14:29:46 -07:00
Shuting Zhao	4d01f76797	- fix variable validation; - update log level Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-03-31 13:24:36 -07:00
treydock	91713ee566	Check webhooks are present during liveness (#1748 ) Fixes #1747 Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>	2021-03-31 12:44:56 -07:00
treydock	0131f375f1	Register webhooks only once service endpoint is ready (#1741 ) * Register webhooks only once service endpoint is ready Fixes #1740 Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Wait for webhook to become ready in main loop Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Better error handling and logging around checking endpoint Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Log soft failure as info, remove redundant return Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>	2021-03-30 13:46:01 -07:00
Pooja Singh	ca5a4e1986	added multiple item logic for clone in generate policy (#1744 ) Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-03-29 22:36:16 -07:00
Pooja Singh	118b979ef1	skipping schema check for unknown kinds (#1736 ) Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-03-29 12:13:26 -07:00
Jim Bugwadia	e7a8eb93ee	Merge pull request #1714 from kacejot/vars-substitution Bug Fix: #1506 issue; Resolve path reference in entire rule	2021-03-26 14:53:30 -07:00
Vyankatesh Kudtarkar	057ec4e690	Fix : 1657 (Update variable paths when auto generate the controller rules) and 1615 ( kyverno apply pipe through to kubectl) (#1735 ) * Fix 1657and 1615 Signed-off-by: vyankatesh <vyankatesh@neualto.com> * fix build issue Signed-off-by: vyankatesh <vyankatesh@neualto.com> * remove logs Signed-off-by: vyankatesh <vyankatesh@neualto.com> Co-authored-by: vyankatesh <vyankatesh@neualto.com>	2021-03-26 11:03:45 -07:00
Jim Bugwadia	f29f6b0369	add comment Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-03-26 10:47:59 -07:00
Jim Bugwadia	908950c47a	address comments Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-03-25 21:27:16 -07:00
Jim Bugwadia	72cdbafbae	fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-03-25 18:11:32 -07:00
Jim Bugwadia	8d03f8c59e	merge main Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-03-25 18:00:02 -07:00

... 2 3 4 5 6 ...

1951 commits