1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00
Commit graph

6962 commits

Author SHA1 Message Date
Charles-Edouard Brétéché
451d362104
feat: add more granular rbac rules to remove wildcards (#9507)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-24 16:07:18 +00:00
Khaled Emara
3ef598c155
chore(helm): omit normal events by default (#9493)
* chore(helm): omit normal events by default

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* fix(tests): fix tests related to events

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

---------

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
2024-01-24 13:16:18 +01:00
Charles-Edouard Brétéché
0b7a6a1e3e
fix: kyverno apply panic for mutate policies (#9492)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-24 09:37:48 +00:00
dependabot[bot]
2c343916eb
chore(deps): bump github.com/notaryproject/notation-core-go (#9498)
Bumps [github.com/notaryproject/notation-core-go](https://github.com/notaryproject/notation-core-go) from 1.0.1 to 1.0.2.
- [Release notes](https://github.com/notaryproject/notation-core-go/releases)
- [Commits](https://github.com/notaryproject/notation-core-go/compare/v1.0.1...v1.0.2)

---
updated-dependencies:
- dependency-name: github.com/notaryproject/notation-core-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-24 09:02:44 +00:00
dependabot[bot]
c602420d74
chore(deps): bump google.golang.org/grpc from 1.60.1 to 1.61.0 (#9499)
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.60.1 to 1.61.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.60.1...v1.61.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-24 08:23:27 +00:00
Anushka Mittal
36e66cb59a
add Anushka Mittal as contributor (#9496)
* add Anushka Mittal as contributor

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>

* correct typo

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>

---------

Signed-off-by: anushkamittal2001 <anushka@nirmata.com>
2024-01-24 08:47:37 +01:00
Vishal Choudhary
87c7ce254a
feat: add skipImageReferences in verify images (#8633)
* feat: add skipImageReferences in verify images

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: chainsaw tests

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: chainsaw-test.yaml

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: typo in assert

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-23 12:27:39 +00:00
Mariam Fahmy
d47684c0d9
feat: support validatingadmissionpolicybindings in CLI apply command (#9468)
* feat: support validatingadmissionpolicybindings in CLI apply command

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix linter issue

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-01-23 11:47:38 +00:00
dependabot[bot]
91a7a9d7e5
chore(deps): bump sigstore/scaffolding (#9489)
Bumps [sigstore/scaffolding](https://github.com/sigstore/scaffolding) from 46394ad8ebba8fb0d5b72ec9255aa967c0d716e3 to 1901c68b0941dab2ba169bbd4b87b28ab1c882b1.
- [Release notes](https://github.com/sigstore/scaffolding/releases)
- [Changelog](https://github.com/sigstore/scaffolding/blob/main/release.md)
- [Commits](46394ad8eb...1901c68b09)

---
updated-dependencies:
- dependency-name: sigstore/scaffolding
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-23 06:56:53 +00:00
Charles-Edouard Brétéché
7a34ed95bd
chore: bump a couple of deps (#9487)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-22 23:14:25 +02:00
Khaled Emara
8f7562b56d
chore(contrib): add Khaled Emara as contributor (#9469)
* chore(contrib): add Khaled Emara as contributor

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* chore(contrib): remove maintainers from contributors

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* chore(contrib): remove example John Doe from contributors

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

---------

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
2024-01-22 20:31:41 +00:00
Siva Sathyaseelan
9da03844a5
test: added test for pkg/utils/admission/cleanup.go (#9486)
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-22 21:00:09 +01:00
dependabot[bot]
5dd2003d09
chore(deps): bump k8s.io/apiextensions-apiserver from 0.29.0 to 0.29.1 (#9471)
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.29.0 to 0.29.1.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.29.0...v0.29.1)

---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-22 18:48:42 +00:00
dependabot[bot]
4317959cd5
chore(deps): bump github.com/onsi/gomega from 1.31.0 to 1.31.1 (#9472)
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.31.0 to 1.31.1.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.31.0...v1.31.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-22 16:14:46 +00:00
Charles-Edouard Brétéché
0ec8e2292c
fix: align clusterroles and bindings names (#9482)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-22 15:37:20 +00:00
Lukas Wöhrl
349e363a41
feat: support all valid jsonpatches in validation webhook (#9476)
Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-22 14:49:08 +00:00
Charles-Edouard Brétéché
2f4b823030
feat: improve crd migration helm hooks (#9481)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-22 14:13:29 +00:00
dependabot[bot]
0ee6933d71
chore(deps): bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp (#9474)
Bumps [go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp](https://github.com/open-telemetry/opentelemetry-go-contrib) from 0.46.1 to 0.47.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.46.1...zpages/v0.47.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-22 13:38:45 +00:00
dependabot[bot]
98ab4ddbb3
chore(deps): bump sigstore/scaffolding (#9480)
Bumps [sigstore/scaffolding](https://github.com/sigstore/scaffolding) from 04ed71b11e4d7589db77aef3093a571e461d11f7 to 46394ad8ebba8fb0d5b72ec9255aa967c0d716e3.
- [Release notes](https://github.com/sigstore/scaffolding/releases)
- [Changelog](https://github.com/sigstore/scaffolding/blob/main/release.md)
- [Commits](04ed71b11e...46394ad8eb)

---
updated-dependencies:
- dependency-name: sigstore/scaffolding
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-22 13:59:47 +01:00
Mariam Fahmy
5fc7e96890
feat: migrate existing cleanup policies to the new storage version in helm hook (#9420)
* feat: migrate existing cleanup policies to the new storage version in helm hook

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix codegen

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: use kyverno CLI migrate command

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-01-22 12:53:36 +01:00
Vishal Choudhary
a0afda4f0a
fix: allow multiple keys in verifyImages.attestations.attestors.entries (#8880)
* fix: allow multiple keys in verifyImages.attestations.attestors.entries

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: tests

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2024-01-22 06:49:22 +00:00
Khaled Emara
566db3abfd
helm: add profiling support (#9338)
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
2024-01-22 02:08:43 +00:00
Mariam Fahmy
ea748276bb
feat: migrate existing policy exceptions to the new storage version in helm hook (#9412)
* feat: migrate existing policy exceptions to the new storage version in helm

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: add permissions for the admission controller to patch exceptions

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix codegen

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* move migration hook to a separate directory

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* use cli

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: update admission controller permissions

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-21 20:13:56 +00:00
mehul gautam
3145b96f57
Update DEVELOPMENT.md (#9464)
* Update DEVELOPMENT.md

Signed-off-by: mehul gautam  <112504479+hellspawn679@users.noreply.github.com>
Signed-off-by: root <root@max>

* fix: change generic policy to not return any (#9463)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: root <root@max>

* added Amit as a contributor (#9461)

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: root <root@max>

* chore: load cli image when deploying locally (#9465)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: root <root@max>

* Update DEVELOPMENT.md

Signed-off-by: mehul gautam  <mehulsharma4786@gmail.com>
Signed-off-by: root <root@max>

---------

Signed-off-by: mehul gautam  <112504479+hellspawn679@users.noreply.github.com>
Signed-off-by: root <root@max>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>
Signed-off-by: mehul gautam  <mehulsharma4786@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Amit kumar <amit9116260192@gmail.com>
2024-01-21 09:57:20 +00:00
Jim Bugwadia
6fbfe53c58
update README for new features and OSS security index card (#9467)
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
2024-01-21 09:24:56 +00:00
Charles-Edouard Brétéché
fe4faed59f
chore: load cli image when deploying locally (#9465)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-20 23:48:49 +00:00
Amit kumar
0e04beeb09
added Amit as a contributor (#9461)
Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-20 19:48:13 +00:00
Charles-Edouard Brétéché
8795916e14
fix: change generic policy to not return any (#9463)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-20 19:20:22 +02:00
Chip Zoller
8ff23a7d06
bump versions; remove ancient (#9458)
Signed-off-by: chipzoller <chipzoller@gmail.com>
2024-01-20 05:45:58 +05:30
Charles-Edouard Brétéché
cad231fc15
feat: add resource migration command (#9296)
* feat: add resource migration command

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* finalize PR

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix unit tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-19 11:47:28 +00:00
Suruchi Kumari
a045c4923b
[Feature] Security Improvements based on CLOMonitor Checks (#9395)
* Added Security Insights

Signed-off-by: coder12git <suruchikumarimfp4@gmail.com>

* add self-assesssment evidence url

Signed-off-by: coder12git <suruchikumarimfp4@gmail.com>

* updated changes

Signed-off-by: coder12git <suruchikumarimfp4@gmail.com>

* set bug-bounty to false

Signed-off-by: coder12git <suruchikumarimfp4@gmail.com>

---------

Signed-off-by: coder12git <suruchikumarimfp4@gmail.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
2024-01-19 10:50:17 +00:00
dependabot[bot]
5905ab9ea4
chore(deps): bump k8s.io/klog/v2 from 2.120.0 to 2.120.1 (#9446)
Bumps [k8s.io/klog/v2](https://github.com/kubernetes/klog) from 2.120.0 to 2.120.1.
- [Release notes](https://github.com/kubernetes/klog/releases)
- [Changelog](https://github.com/kubernetes/klog/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes/klog/compare/v2.120.0...v2.120.1)

---
updated-dependencies:
- dependency-name: k8s.io/klog/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-19 10:13:07 +00:00
Charles-Edouard Brétéché
a597d65a33
chore: bump otel deps (#9442)
* chore: bump otel deps

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix semconv version

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-19 09:36:28 +00:00
dependabot[bot]
0b9afc28f5
chore(deps): bump sigstore/scaffolding (#9449)
Bumps [sigstore/scaffolding](https://github.com/sigstore/scaffolding) from 708dd95c1ad1e1586f619fad746c312f71c303c0 to 04ed71b11e4d7589db77aef3093a571e461d11f7.
- [Release notes](https://github.com/sigstore/scaffolding/releases)
- [Changelog](https://github.com/sigstore/scaffolding/blob/main/release.md)
- [Commits](708dd95c1a...04ed71b11e)

---
updated-dependencies:
- dependency-name: sigstore/scaffolding
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-19 09:00:10 +00:00
dependabot[bot]
1cd8db9da0
chore(deps): bump k8s.io/kube-aggregator from 0.29.0 to 0.29.1 (#9444)
Bumps [k8s.io/kube-aggregator](https://github.com/kubernetes/kube-aggregator) from 0.29.0 to 0.29.1.
- [Commits](https://github.com/kubernetes/kube-aggregator/compare/v0.29.0...v0.29.1)

---
updated-dependencies:
- dependency-name: k8s.io/kube-aggregator
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-19 16:18:55 +08:00
Mariam Fahmy
560aab2e69
fix PSA chainsaw tests (#9389)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-18 23:23:52 +00:00
Swastik Gour
eba5c63c8e
request to be added to the kyverno contributors (#9419)
Signed-off-by: swastik959 <Sswastik959@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
2024-01-18 22:50:07 +00:00
Chandan-DK
ad8014faf6
adding myself (Chandan-DK) to CONTRIBUTORS.md (#9441)
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
2024-01-18 22:06:05 +01:00
Mariam Fahmy
a791d9ac35
feat: skip generating VAP when an exception is defined (#9386)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-01-18 15:55:27 +00:00
Mariam Fahmy
b4acbdea2c
fix: use the correct API version for VAPs in the generated events (#9392)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2024-01-18 14:02:07 +00:00
dependabot[bot]
14b4bd7d2c
chore(deps): bump github.com/onsi/gomega from 1.30.0 to 1.31.0 (#9435)
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.30.0 to 1.31.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.30.0...v1.31.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-18 12:31:37 +00:00
dependabot[bot]
e4633a8ae2
chore(deps): bump k8s.io/cli-runtime from 0.29.0 to 0.29.1 (#9437)
Bumps [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime) from 0.29.0 to 0.29.1.
- [Commits](https://github.com/kubernetes/cli-runtime/compare/v0.29.0...v0.29.1)

---
updated-dependencies:
- dependency-name: k8s.io/cli-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-18 11:51:55 +00:00
Charles-Edouard Brétéché
c17b6f6d85
chore: bump a couple of deps (#9440)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-18 11:13:27 +00:00
dependabot[bot]
fd4d7b2b27
chore(deps): bump sigstore/scaffolding (#9439)
Bumps [sigstore/scaffolding](https://github.com/sigstore/scaffolding) from bc13121659512e76af239502fad1249fd4a4db9e to 708dd95c1ad1e1586f619fad746c312f71c303c0.
- [Release notes](https://github.com/sigstore/scaffolding/releases)
- [Changelog](https://github.com/sigstore/scaffolding/blob/main/release.md)
- [Commits](bc13121659...708dd95c1a)

---
updated-dependencies:
- dependency-name: sigstore/scaffolding
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-18 10:29:42 +00:00
Mariam Fahmy
33ffd7a0d7
fix: add v1beta1 of VAPs in the CLI (#9404)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-01-18 09:40:53 +00:00
Vishal Choudhary
0747933b54
chore: use upstream cosign on main (#9433)
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-18 08:42:56 +00:00
dependabot[bot]
452cedb41c
chore(deps): bump k8s.io/apimachinery from 0.29.0 to 0.29.1 (#9438)
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.29.0 to 0.29.1.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.29.0...v0.29.1)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-18 08:09:21 +00:00
Charles-Edouard Brétéché
c7b2bd61e9
chore: bump a couple of deps (#9426)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-18 06:53:49 +05:30
Charles-Edouard Brétéché
faa3dd6816
fix: nancy ignore list (#9428)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-17 22:25:57 +00:00
Mariam Fahmy
f0564b3019
feat: re-evaluate policy exceptions for existing resources and modify reports accordingly (#8659)
* feat: re-evaluate policy exceptions for existing resources and modify reports accordingly

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: use v2 of exceptions

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix chainsaw test

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: use properties in the reports result

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix chainsaw tests

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-01-17 10:00:15 -08:00