mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-10 09:56:55 +00:00
Code Activity
979 commits 18 branches 550 tags 293 MiB
Commit graph

122 commits

Author SHA1 Message Date
Shuting Zhao
465d999aba remove comment pattern 2019-10-07 14:16:48 -07:00
Shuting Zhao
87d9cdd9dd best practice: volume white list 2019-10-07 12:46:34 -07:00
Shuting Zhao
16a851cd8b update sysctl 2019-10-07 11:35:04 -07:00
Shuting Zhao
c80f9e0f9d best_practice: sysctl 2019-10-07 11:21:14 -07:00
Shuting Zhao
2243e9e2e7 best practice: validate container capability 2019-10-04 18:15:39 -07:00
Shuting Zhao
0c09ba53eb best-practice: validate default proc mount 2019-10-04 17:48:57 -07:00
Shuting Zhao
1bd8663e4c add selinux best practice 2019-10-04 17:28:42 -07:00
Shuting Zhao
04c147eb77 add security context "fsgroup" 2019-10-04 16:50:23 -07:00
shivkumar dudhani
7782c776f1 merge with master 2019-10-01 16:28:54 -07:00
Shuting Zhao
23c9212d67 fix hostpid/hostipc test runner 2019-10-01 14:53:58 -07:00
Shuting Zhao
5009e8abb7 change anypattern to pattern, refer #357 2019-10-01 14:45:16 -07:00
shivkumar dudhani
515a31199e update equality operator 2019-10-01 13:08:34 -07:00
shivkumar dudhani
17d80a08c0 introduce equality anchor 2019-10-01 12:35:14 -07:00
shivkumar dudhani
808cccb421 update validation logic 2019-09-28 14:09:46 -07:00
shivkumar dudhani
c65f12b97b initial commit 2019-09-25 15:12:33 -07:00
Shuting Zhao
4a43eef696 correct spelling 2019-09-18 12:31:14 -07:00
Shuting Zhao
658fb84e91 update best_practice Disallow privileged and privilege escalation 2019-09-17 18:42:08 -07:00
Shuting Zhao
f4eee4b30a update best-practice run as non-root uesr 2019-09-17 18:36:24 -07:00
Shuting Zhao
5e0415911a add best-practice: policy_validate_disallow_default_serviceaccount 2019-09-16 14:16:54 -07:00
Shuting Zhao
2e22c21164 add policy_validate_disallow_node_port.yaml 2019-09-10 11:57:33 -07:00
shuting
6004ab0a29
Rename resource_validate_hostPID_hostIPC.yaml to resource_validate_hostpid_hostipc.yaml 2019-09-10 00:04:33 -07:00
shuting
fd7614ae23
Rename policy_validate_hostPID_hosIPC.yaml to policy_validate_hostpid_hosipc.yaml 2019-09-10 00:03:49 -07:00
Shuting Zhao
3440d5b63e update readme 2019-09-09 23:40:05 -07:00
Shuting Zhao
019815c523 add policy_validate_namespace_quota.yaml - add policy_validate_default_network_policy.yaml 2019-09-09 23:38:16 -07:00
Shuting Zhao
3237f3d799 add policy_validate_not_readonly_rootfilesystem.yaml 2019-09-09 18:13:38 -07:00
Shuting Zhao
3eeba1a32b add policy_validate_hostPID_hosIPC.yaml 2019-09-09 17:34:25 -07:00
Shuting Zhao
d0fd3e69ef update testrunner, unit test for validate_host_network_port 2019-09-09 16:08:15 -07:00
Shuting Zhao
0fe5a065dd add validate_hostpath testrunner 2019-09-09 15:06:54 -07:00
Shuting Zhao
f1192d1dc1 update readme link 2019-09-09 14:55:12 -07:00
Shuting Zhao
b494dec7f3 add validate_namespace test runner 2019-09-09 14:33:55 -07:00
Shuting Zhao
d92026f94a add disallow_priviledgedprivelegesecalation test runner 2019-09-09 10:56:19 -07:00
Shuting Zhao
ae8264deae Merge branch 'best_practice_policies' of https://github.com/nirmata/kyverno into best_practice_policies 
# Conflicts:
#	examples/best_practices/policy_validate_container_disallow_priviledgedprivelegesecalation.yaml
#	examples/best_practices/policy_validate_container_security_context.yaml
#	examples/best_practices/validate_container_security_context.yaml
 2019-09-09 10:36:56 -07:00
Shivkumar Dudhani
e33998701d
Merge branch 'master' into best_practice_policies 2019-09-08 10:41:45 -07:00
shivkumar dudhani
59c1e83466 upate readme links and remove duplicate policies 2019-09-08 10:41:07 -07:00
Jim Bugwadia
10c1490817
Update README.md 
update table
 2019-09-07 10:12:20 -07:00
Shuting Zhao
b667c47587 update testrunner for examples/best_practices/policy_validate_container_security_context.yaml 2019-09-06 18:54:19 -07:00
shivkumar dudhani
7bae501e7b move resources to seperate folder 2019-09-06 17:49:51 -07:00
Shuting Zhao
bc087d7918 Merge branch 'master' of https://github.com/nirmata/kyverno into best_practice_policies 
# Conflicts:
#	examples/best_practices/validate_default_namespace.yaml
 2019-09-06 17:04:44 -07:00
Shuting Zhao
a8e02dfb42 update examples/best_practices/validate_host_path.yaml 2019-09-06 17:02:47 -07:00
shivkumar dudhani
ff60dc05fd add policies 2019-09-06 10:03:24 -07:00
Shuting Zhao
08e8b5bd4c rename policy to cluster policy 2019-09-04 11:29:46 -07:00
Shuting Zhao
1cc2dc35c2 rebase master 2019-09-04 11:08:56 -07:00
Shuting Zhao
4b18f128cb update examples/best_practices/validate_container_security_context.yaml 2019-09-04 11:08:25 -07:00
Jim Bugwadia
ad8b1bf719 start best practice policies 2019-09-04 11:08:25 -07:00
shivkumar dudhani
fa53519e2a change CRD Name to ClusterPolicy & ClusterPolicyViolations 2019-09-03 14:51:51 -07:00
shivkumar dudhani
a31f9c383d scneario file test runner 2019-08-30 00:22:37 -07:00
Shuting Zhao
31566844bb Merge commit '5672c4d67c479aecadffd9d367661493b42d5015' into 285_allow_OR_across_overlay_patterns 
# Conflicts:
#	pkg/webhooks/policyvalidation.go
 2019-08-21 17:25:01 -07:00
shivkumar dudhani
35e0c7ca49 fix build errors + add example for exclude policy 2019-08-21 16:34:17 -07:00
Shuting Zhao
97335270cd add anyPattern in validate rule 2019-08-21 12:38:15 -07:00
Shuting Zhao
a110efb96c Merge branch 'policyViolation' into 254_dynamic_webhook_configurations 
# Conflicts:
#	main.go
#	pkg/annotations/annotations.go
#	pkg/annotations/controller.go
#	pkg/controller/controller.go
#	pkg/controller/controller_test.go
#	pkg/engine/engine.go
#	pkg/engine/generation.go
#	pkg/engine/mutation.go
#	pkg/engine/validation.go
#	pkg/event/controller.go
#	pkg/webhooks/mutation.go
#	pkg/webhooks/policyvalidation.go
#	pkg/webhooks/report.go
#	pkg/webhooks/server.go
#	pkg/webhooks/validation.go
 2019-08-14 19:00:37 -07:00