1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-15 17:51:20 +00:00
Commit graph

5520 commits

Author SHA1 Message Date
Charles-Edouard Brétéché
3b9af3b085
refactor: helm admission controller config (#6473)
* refactor: helm admission controller config

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* tuf stuff

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* refactor: helm admission controller config

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-03 22:38:33 +08:00
shuting
c8a3b19d2c
disallow variabels in clone/cloneList (#6438)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-03-03 11:32:40 +00:00
shuting
ea306d6d7f
rename generateExistingOnPolicyUpdate to generateExisting (#6470)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-03-03 12:05:53 +01:00
dependabot[bot]
ab16c91906
chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc (#6465)
Bumps [go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc](https://github.com/open-telemetry/opentelemetry-go) from 0.36.0 to 0.37.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/metric/v0.36.0...metric/v0.37.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-03 10:14:04 +00:00
shuting
0b359d07db
rename GenerateExistingOnPolicyUpdate to GenerateExisting (#6321)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-03-03 09:34:55 +00:00
dependabot[bot]
29a70e0faf
chore(deps): bump k8s.io/apiextensions-apiserver from 0.26.1 to 0.26.2 (#6466)
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.26.1 to 0.26.2.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.26.1...v0.26.2)

---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-03 08:56:02 +00:00
dependabot[bot]
834bcd4ab1
chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc (#6467)
Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc](https://github.com/open-telemetry/opentelemetry-go) from 1.13.0 to 1.14.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.13.0...v1.14.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-03 09:17:12 +01:00
Charles-Edouard Brétéché
add898c1c7
refactor: helm admission controller config (#6460)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-03 12:24:32 +08:00
shuting
c36e9a266d
update resource info in polex events (#6459)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-03-02 17:19:32 +00:00
Charles-Edouard Brétéché
5c9273de84
refactor: helm admission controller config (#6457)
* refactor: helm admission controller config

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* pdb

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* refactor: helm admission controller config

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* certs

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-03 00:23:22 +08:00
dependabot[bot]
6b8ac1cf5a
chore(deps): bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp (#6449)
Bumps [go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp](https://github.com/open-telemetry/opentelemetry-go-contrib) from 0.39.0 to 0.40.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.39.0...zpages/v0.40.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-02 15:23:01 +00:00
Charles-Edouard Brétéché
8e37609756
refactor: helm admission controller config (#6454)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-02 22:56:13 +08:00
Charles-Edouard Brétéché
0dfa053462
refactor: helm admission controller replicas (#6453)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-02 12:01:06 +00:00
dependabot[bot]
53f7a3ff96
chore(deps): bump k8s.io/pod-security-admission from 0.26.1 to 0.26.2 (#6448)
Bumps [k8s.io/pod-security-admission](https://github.com/kubernetes/pod-security-admission) from 0.26.1 to 0.26.2.
- [Release notes](https://github.com/kubernetes/pod-security-admission/releases)
- [Commits](https://github.com/kubernetes/pod-security-admission/compare/v0.26.1...v0.26.2)

---
updated-dependencies:
- dependency-name: k8s.io/pod-security-admission
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-02 10:38:29 +00:00
dependabot[bot]
8cac8ddcc6
chore(deps): bump k8s.io/cli-runtime from 0.26.1 to 0.26.2 (#6447)
Bumps [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime) from 0.26.1 to 0.26.2.
- [Release notes](https://github.com/kubernetes/cli-runtime/releases)
- [Commits](https://github.com/kubernetes/cli-runtime/compare/v0.26.1...v0.26.2)

---
updated-dependencies:
- dependency-name: k8s.io/cli-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-02 09:50:03 +00:00
dependabot[bot]
72b850dffd
chore(deps): bump sigs.k8s.io/controller-runtime from 0.14.4 to 0.14.5 (#6446)
Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.14.4 to 0.14.5.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.14.4...v0.14.5)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-02 08:39:27 +00:00
dependabot[bot]
b914e5ebb8
chore(deps): bump k8s.io/klog/v2 from 2.90.0 to 2.90.1 (#6445)
Bumps [k8s.io/klog/v2](https://github.com/kubernetes/klog) from 2.90.0 to 2.90.1.
- [Release notes](https://github.com/kubernetes/klog/releases)
- [Changelog](https://github.com/kubernetes/klog/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes/klog/compare/v2.90.0...v2.90.1)

---
updated-dependencies:
- dependency-name: k8s.io/klog/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-02 09:02:47 +01:00
shuting
264eaec049
fix: remove timestamp checks for the clone rule (#6439)
* remove timestamp checks

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add kuttl tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-03-01 15:49:05 +00:00
dependabot[bot]
f4f729623d
chore(deps): bump slsa-framework/slsa-github-generator (#6435)
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.4.0...v1.5.0)

---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-01 15:15:38 +00:00
dependabot[bot]
1bc6f7f2e9
chore(deps): bump go.opentelemetry.io/otel/exporters/prometheus (#6436)
Bumps [go.opentelemetry.io/otel/exporters/prometheus](https://github.com/open-telemetry/opentelemetry-go) from 0.36.0 to 0.37.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/metric/v0.36.0...metric/v0.37.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/prometheus
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-01 11:42:13 +00:00
dependabot[bot]
f93ef8a2eb
chore(deps): bump k8s.io/kube-aggregator from 0.26.1 to 0.26.2 (#6433)
Bumps [k8s.io/kube-aggregator](https://github.com/kubernetes/kube-aggregator) from 0.26.1 to 0.26.2.
- [Release notes](https://github.com/kubernetes/kube-aggregator/releases)
- [Commits](https://github.com/kubernetes/kube-aggregator/compare/v0.26.1...v0.26.2)

---
updated-dependencies:
- dependency-name: k8s.io/kube-aggregator
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-03-01 11:05:43 +00:00
dependabot[bot]
87afbf84aa
chore(deps): bump k8s.io/api from 0.26.1 to 0.26.2 (#6432)
Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.26.1 to 0.26.2.
- [Release notes](https://github.com/kubernetes/api/releases)
- [Commits](https://github.com/kubernetes/api/compare/v0.26.1...v0.26.2)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-01 10:28:45 +00:00
dependabot[bot]
08ecb8bc5e
chore(deps): bump github.com/go-git/go-git/v5 from 5.5.2 to 5.6.0 (#6431)
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.5.2 to 5.6.0.
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](https://github.com/go-git/go-git/compare/v5.5.2...v5.6.0)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-01 09:50:01 +00:00
Charles-Edouard Brétéché
b4d62e9a3b
fix: error log (#6429)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-03-01 09:14:50 +00:00
dependabot[bot]
4968e79175
chore(deps): bump fluxcd/flux2 from 0.40.1 to 0.40.2 (#6434)
Bumps [fluxcd/flux2](https://github.com/fluxcd/flux2) from 0.40.1 to 0.40.2.
- [Release notes](https://github.com/fluxcd/flux2/releases)
- [Changelog](https://github.com/fluxcd/flux2/blob/main/.goreleaser.yml)
- [Commits](c88a2f4137...2c7d650d44)

---
updated-dependencies:
- dependency-name: fluxcd/flux2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-01 08:27:34 +00:00
dependabot[bot]
5affbd394b
chore(deps): bump github.com/onsi/gomega from 1.27.1 to 1.27.2 (#6430)
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.1 to 1.27.2.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.27.1...v1.27.2)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-01 07:46:13 +00:00
shuting
86fc31f63b
feat: add validations for generate immutable fields (#6328)
* add validations for generate immutable fields

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore(deps): bump github.com/onsi/gomega from 1.26.0 to 1.27.0 (#6334)

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.26.0 to 1.27.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.26.0...v1.27.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Jmespath typo fix (#6342)

Signed-off-by: Abhishek Kumar <abhishek22512@gmail.com>

* chore(deps): bump golang.org/x/net from 0.6.0 to 0.7.0 (#6341)

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.6.0 to 0.7.0.
- [Release notes](https://github.com/golang/net/releases)
- [Commits](https://github.com/golang/net/compare/v0.6.0...v0.7.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* chore(deps): bump zgosalvez/github-actions-ensure-sha-pinned-actions (#6348)

Bumps [zgosalvez/github-actions-ensure-sha-pinned-actions](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions) from 2.0.5 to 2.1.0.
- [Release notes](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/releases)
- [Commits](bd2868d14a...b9ddf6a515)

---
updated-dependencies:
- dependency-name: zgosalvez/github-actions-ensure-sha-pinned-actions
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/onsi/gomega from 1.27.0 to 1.27.1 (#6347)

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.0 to 1.27.1.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.27.0...v1.27.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* fix: dump admission response (#6349)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: use labels.Everything in userinfo clusterroles matching (#6351)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* update k8s.gcr.io to registry.k8s.io (#6340)

Signed-off-by: Rayan Das <rayandas91@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* Notary v2 (#6011)

* fix make debug-deploy

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* improve log messages

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* initial update

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* initial update

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update registry credentials handling order

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* comment out ACR helper - breaks anonymous image pull

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* merge main and refactor verifiers

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix opt init

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* remove local address

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update to NotaryV2 RC

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix fmt

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update deps

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* format imports

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* remove env and no-op statement

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix merge issues

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix linter issue

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* remove unused field

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* make fmt

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* renable ACR credential helper

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* Update .vscode/launch.json

Signed-off-by: shuting <shutting06@gmail.com>

---------

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: shuting <shutting06@gmail.com>

* chore(deps): bump fluxcd/flux2 from 0.39.0 to 0.40.0 (#6362)

Bumps [fluxcd/flux2](https://github.com/fluxcd/flux2) from 0.39.0 to 0.40.0.
- [Release notes](https://github.com/fluxcd/flux2/releases)
- [Changelog](https://github.com/fluxcd/flux2/blob/main/.goreleaser.yml)
- [Commits](978cc0c5b8...2cac6ce281)

---
updated-dependencies:
- dependency-name: fluxcd/flux2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* oldObject translation solved in autogen (#6305)

* OldObject translation solved in autogen

Signed-off-by: Abhishek Kumar <abhishek22512@gmail.com>

* CronJob fixed in autogen

Signed-off-by: Abhishek Kumar <abhishek22512@gmail.com>

* tests added

Signed-off-by: Abhishek Kumar <abhishek22512@gmail.com>

---------

Signed-off-by: Abhishek Kumar <abhishek22512@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* fix: logger key value in wrong order (#6365)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: missing metrics for policies in audit mode (#6363)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore(deps): bump github.com/notaryproject/notation-go (#6361)

Bumps [github.com/notaryproject/notation-go](https://github.com/notaryproject/notation-go) from 1.0.0-rc.1 to 1.0.0-rc.3.
- [Release notes](https://github.com/notaryproject/notation-go/releases)
- [Commits](https://github.com/notaryproject/notation-go/compare/v1.0.0-rc.1...v1.0.0-rc.3)

---
updated-dependencies:
- dependency-name: github.com/notaryproject/notation-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: role matching from authentication infos (#6358)

* fix: role matching from authentication infos

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* more tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: delete certificate secret if type is not TLS (#6368)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* refactor: user/groups exclusions (#6357)

* refactor: user/groups exclusions

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* wildcard

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* add labels to downstream and source resources (#6322)

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* update generate validation checks

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Abhishek Kumar <abhishek22512@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Rayan Das <rayandas91@gmail.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: shuting <shutting06@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Abhishek Kumar <76171953+octonawish-akcodes@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Rayan Das <rayandas91@gmail.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
2023-03-01 06:52:20 +00:00
shuting
0c91e87bbb
fix: delete downstream for a generate rule removal, with data and sync (#6393)
* remove policy handler for updates

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* remove policy update handler from the ur controller

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* rework cleanup downstream on policy deletion

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix downstream deletion on data rule removal

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add kuttl test for clusterpolicy

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* linter fix

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add kuttl test for policy

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* update api docs

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add delays

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix name assertion

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* delete downstream when deletes the clone source

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add kuttl test pol-clone-sync-delete-source

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* linter fixes

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add kuttl test pol-clone-sync-delete-downstream

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add kuttl test pol-data-sync-modify-rule

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix panic

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix panic

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix labels

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix policy assertions

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix annotation missing names

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* rename policy

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* remove dead code

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* create unique namespaces

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* create more unique namespaces

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix assertion

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2023-03-01 03:48:18 +00:00
dependabot[bot]
8299e03279
chore(deps): bump go.opentelemetry.io/otel/trace from 1.13.0 to 1.14.0 (#6421)
Bumps [go.opentelemetry.io/otel/trace](https://github.com/open-telemetry/opentelemetry-go) from 1.13.0 to 1.14.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.13.0...v1.14.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/trace
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-28 17:24:16 +00:00
Abhishek Kumar
c4acd2da96
SLSA provenance added for background and reports controller (#6384)
Signed-off-by: Abhishek Kumar <abhishek22512@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2023-02-28 16:54:37 +00:00
dependabot[bot]
6b5307dbb2
chore(deps): bump go.opentelemetry.io/otel/sdk from 1.13.0 to 1.14.0 (#6420)
Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) from 1.13.0 to 1.14.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.13.0...v1.14.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-28 16:17:51 +00:00
dependabot[bot]
96ea34d6c5
chore(deps): bump go.opentelemetry.io/otel from 1.13.0 to 1.14.0 (#6422)
Bumps [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) from 1.13.0 to 1.14.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.13.0...v1.14.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2023-02-28 15:53:10 +00:00
Charles-Edouard Brétéché
5585ed5e9d
chore: add cascading kuttl test (#6425)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-02-28 15:27:27 +00:00
shuting
efae284745
check errors (#6424)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-02-28 14:58:28 +00:00
Charles-Edouard Brétéché
8e123bc2ce
chore: split kuttl tests (#6423)
* fix: makefile build/kind targets and add target to save built images to files

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* try in ci

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* prepare for kuttl

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* load

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* install

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* makefile

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* makefile

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore: split kuttl tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* config

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* more test suites

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* config

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2023-02-28 15:33:46 +01:00
Ryan Grenz
7d79b6771e
Fix ServiceMonitor additionalLabels don't render properly (issue #6413) (#6414)
Signed-off-by: Ryan Grenz <ryan.grenz@fil.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2023-02-28 13:58:59 +00:00
Charles-Edouard Brétéché
7696fb2a2b
fix: makefile build/kind targets and add target to save built images to files (#6416)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-02-28 09:33:53 +00:00
dependabot[bot]
04e0d5f6f8
chore(deps): bump slsa-framework/slsa-github-generator (#6406)
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.4.0...v1.5.0)

---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-28 07:56:52 +00:00
Charles-Edouard Brétéché
33a07f3c80
fix: cascading mutations (#6411)
* fix: cascading mutations

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* remove explicit AddResource call

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* update resource in context

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-02-27 18:33:07 +01:00
Chip Zoller
bc7b73401e
More kuttl standard generate tests (#6332)
* add test cpol-data-sync-delete-downstream

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add test cpol-data-sync-modify-downstream

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* rename to be more descriptive

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add test pol-data-sync-delete-downstream

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* cleanup test

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add test cpol-data-nosync-delete-rule

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add test cpol-data-nosync-delete-policy

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* fix formatting

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add Kyverno kuttl specific snippets to BEST_PRACTICES

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add reminder note

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add test cpol-data-nosync-modify-rule

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add test cpol-data-nosync-modify-downstream

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add test pol-data-nosync-create-policy-invalid

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add test pol-data-sync-delete-policy

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* separate files

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add test pol-data-nosync-delete-downstream

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add test pol-data-nosync-delete-rule

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add test pol-data-nosync-delete-policy

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* fix description

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* fix description

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add test pol-data-nosync-modify-rule

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add test pol-data-nosync-modify-downstream

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add test existing-basic-create-data

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add test existing-basic-create-preconditions-data

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add basic clone multiple test

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add delays

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add generate permissions

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* reorder source and ClusterPolicy, cleanup removal, README update

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add test for cascading-mutation

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* Change creation order, remove cleanup

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* increase sleep

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* remove unused test files

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* remove networkpolicies from perms

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add networkpolicies back

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* clarify readme

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

---------

Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-02-27 14:39:18 +00:00
Charles-Edouard Brétéché
fb3a90c703
refactor: remove MutateResourceWithImageInfo (#6397)
* refactor: remove new resource from policy context

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fallback

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* test something else

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix kuttl test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix cli tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* clean

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* changelog

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-02-27 13:45:00 +00:00
yinka
c7320ab1d8
cleanup-controller metrics (#6338)
* cleanup-controller metrics

Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* add more tags, track errors

Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-02-27 13:02:20 +00:00
shuting
ccfcce83da
add kuttl test pol-clone-sync-modify-source (#6407)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-02-27 11:51:21 +00:00
dependabot[bot]
b6baa655cb
chore(deps): bump github/codeql-action from 2.2.4 to 2.2.5 (#6405)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.4 to 2.2.5.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](17573ee1cc...32dc499307)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2023-02-27 10:58:37 +00:00
dependabot[bot]
30ebd47345
chore(deps): bump github.com/stretchr/testify from 1.8.1 to 1.8.2 (#6402)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.1...v1.8.2)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-27 10:00:25 +00:00
dependabot[bot]
ba2efe3800
chore(deps): bump zgosalvez/github-actions-ensure-sha-pinned-actions (#6404)
Bumps [zgosalvez/github-actions-ensure-sha-pinned-actions](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions) from 2.1.0 to 2.1.1.
- [Release notes](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/releases)
- [Commits](b9ddf6a515...0168d43369)

---
updated-dependencies:
- dependency-name: zgosalvez/github-actions-ensure-sha-pinned-actions
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-27 09:03:13 +01:00
Charles-Edouard Brétéché
3331b13561
feat: add view aggregated cluster role support (#6350)
* feat: add view aggregated cluster role support

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* release note

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix kuttl

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: treydock <tdockendorf@osc.edu>
2023-02-25 20:57:56 +01:00
shuting
3653130806
feat: add the kuttl test for Policy (Namespaced) with generate rule, data, and sync (#6387)
* add the test

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* update readme

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-02-24 21:59:17 +00:00
dependabot[bot]
70acfb4af8
chore(deps): bump svenstaro/upload-release-action from 2.4.1 to 2.5.0 (#6390)
Bumps [svenstaro/upload-release-action](https://github.com/svenstaro/upload-release-action) from 2.4.1 to 2.5.0.
- [Release notes](https://github.com/svenstaro/upload-release-action/releases)
- [Changelog](https://github.com/svenstaro/upload-release-action/blob/master/CHANGELOG.md)
- [Commits](cc92c9093e...7319e4733e)

---
updated-dependencies:
- dependency-name: svenstaro/upload-release-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2023-02-24 20:57:02 +00:00
shuting
d3c2cd23fa
add kuttl tests (#6336)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-02-24 14:59:55 +00:00