mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-10 18:06:55 +00:00
Code Activity
4276 commits 18 branches 550 tags 293 MiB
Commit graph

2467 commits

Author SHA1 Message Date
Anushka Mittal
08a3087100
New operators (#2543) 
* added anyin operator

Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>

* allin, anynotin, allnotin added

Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>

* added operator handler info

Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>

* fixes typos and variable names

Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>

* reusing code from in.go in new operators

Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>

* Added more test cases for new operators

Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>

* updated openapiv3schema

Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>

* matching logic

Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>

* added deprecated tag for In and NotIn

Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>
 2021-10-26 17:29:42 -07:00
Jim Bugwadia
9e9af4872e
Merge pull request #2600 from JimBugwadia/image_verify_variable_substitution 
add variable substitution for imageVerify and allow PEM in ConfigMaps
 2021-10-26 14:53:14 -07:00
Jim Bugwadia
5e33c62d4c fmt 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-26 14:24:41 -07:00
Jim Bugwadia
84c7d9d2a0 fix tests 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-26 14:24:24 -07:00
Jim Bugwadia
a9b96ff882 fmt 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-26 13:25:41 -07:00
Jim Bugwadia
85c346c0a6 skip var substitution in attestations 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-26 13:22:00 -07:00
Jim Bugwadia
219a4d9950 add back context check 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-26 11:00:14 -07:00
Jim Bugwadia
836d88191d make fmt 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-26 10:49:51 -07:00
Jim Bugwadia
ef9e9ec9ac add variable substitutoion for imageVerify and allow PEM in ConfigMaps 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-26 10:41:27 -07:00
Pooja Singh
9252470d47
Fix | GenerateRequests Status Failed, but resource is created! (#2566) 
* compare generated resource before updating

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* create resource if not found during update

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-10-25 16:28:11 -07:00
Marcus Noble
913bbd567a
Handle durations with standard comparison operators (#2569) 
* Handle durations with standard comparison operators

Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>

* Fix error strings

Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>

* Added CLI tests for duration operations

Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>

* Added tests with different units

Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2021-10-22 12:41:25 -07:00
Pooja Singh
afe102d41b
Fix for - Kyverno CLI permitting namespaces field in a Policy resource (#2199) 
* bug fixed

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* added test case

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* updated error message

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* removed comments

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* added check for any/all tags

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* corrected exclude logic

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-10-21 13:18:22 -07:00
Kumar Mallikarjuna
085e46f7c4
Merge pull request #2560 from AverageMarcus/compare_quantities 
Added support for comparing resource quantities
 2021-10-21 12:17:08 +05:30
Kumar Mallikarjuna
b1c40e172d
Escape variables (#2563) 
* Escape variables

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* Escape variables test - nested

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* Fixed missing changes

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>
 2021-10-20 17:10:24 -07:00
Vyankatesh Kudtarkar
27cac66b87 fix comment 2021-10-19 22:08:55 +05:30
Marcus Noble
509f561d67
Added support for comparing resource quantities 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2021-10-19 15:22:26 +01:00
Vyankatesh Kudtarkar
b31b343910 Fix foreach issue 2021-10-19 15:34:53 +05:30
Jim Bugwadia
e3fe8e0cc1
fix mutate handling of skipped rules (#2557) 2021-10-18 15:42:34 -07:00
Jim Bugwadia
e0b1f08a28
fix check for CREATE request (#2551) 
* fix check for CREATE request

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add unit test

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fmt

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix test

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-18 09:34:07 -07:00
Jamie
caf2180dca
fix: found a handful other magic strings that needed some webhook love (#2546) 
Signed-off-by: Random J Developer <interns@coreweave.com>

Signed-off-by: Jamie Roberts <jroberts@coreweave.com>
 2021-10-15 09:54:07 -07:00
ShutingZhao
28183be24f fix webhook update for PodExecOptions 
Signed-off-by: ShutingZhao <shutting06@gmail.com>
 2021-10-14 13:22:07 -07:00
Marcus Noble
d69b81e03e
added base64 jmespath functions (#2542) 
* added base64 jmespath functions

Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>

* added base64_decode test to emulate working with secret

Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>

* Update regex to allow number in func name

Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>

* Added CLI tests for preconditions and custom funcs

Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>

Co-authored-by: AverageMarcus <git@marcusnoble.co.uk>
Co-authored-by: Bricktop <marcel.mueller1@rwth-aachen.de>
 2021-10-14 11:46:06 -07:00
Kumar Mallikarjuna
d0a36b6dcc
element variable lifecycle (#2535) 
* Foreach element with background false

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* Tests for foreach element

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* Update Test_Validation_invalid_backgroundPolicy

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* CLI: Print invalid policies

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* Remove redundant Sprintf() calls

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* Updated tests for foreach list

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>
 2021-10-14 10:14:11 -07:00
Pooja Singh
40c089dd42
Merge pull request #2539 from NoSkillGirl/update_test_command_help 
Updated `test` command help
 2021-10-14 21:49:02 +05:30
Vyankatesh Kudtarkar
2798287497
support list foreach (#2522) 
* support list foreach

* fix testcase for each

* fix mutate issue

* Fix mutate patch issue

* fix yaml

* fix e2e test foreach validate list

* code indentation

* fix comments

* delete unwanted files
 2021-10-14 00:20:52 -07:00
Vyankatesh Kudtarkar
2089767c85
wildcard support (#2485) 
* wildcard support

* remove console

* fix issue

* fix deny condition

* fix comments

* fix regex issue

* remove UserInfo
 2021-10-14 00:15:32 -07:00
NoSkillGirl
9fbf2974f8 updated test help 
Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-10-14 09:38:18 +05:30
Bricktop
d62234d776
Fix remaining static check findings (#2541) 
Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de>
 2021-10-13 16:00:41 -07:00
Bricktop
ab8822963b
Add exclusions to make gosec happy (#2540) 
* Add exclusions to make gosec happy

Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de>

* Add forgotten file

Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de>
 2021-10-13 15:05:13 -07:00
Bricktop
3f15ec5a1e
Remove dead code and unused variables (#2537) 
* Remove dead code and unused variables

Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de>

* Remove unnecessary definitions

Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de>
 2021-10-13 22:45:23 +02:00
NoSkillGirl
8f89c70a3d added error count 
Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-10-14 01:40:33 +05:30
Sachin
0d402ec09c
Implicit memory aliasing in for loop. (#2530) 
Signed-off-by: slayer321 <sachin.maurya7666@gmail.com>
 2021-10-13 11:03:25 -07:00
Sachin
787d6de696
unnecessary use of fmt.Sprintf (#2531) 
Signed-off-by: slayer321 <sachin.maurya7666@gmail.com>
 2021-10-13 11:00:04 -07:00
Sachin
a42e944c22
fix Potential file inclusion via variable (#2523) 
Signed-off-by: slayer321 <sachin.maurya7666@gmail.com>
 2021-10-13 10:48:45 -07:00
Bricktop
3815b40c64
Fix various static checks related to condition handling (#2528) 
Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de>
 2021-10-13 11:29:45 +02:00
Sachin
9aad9cdb43
fix file permissions (#2520) 
Signed-off-by: slayer321 <sachin.maurya7666@gmail.com>
 2021-10-12 14:30:11 -07:00
Bricktop
2d0df77963
Format error messages correctly (#2519) 
* Format error messages correctly

Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de>

* No punctuation at the end or errors

Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de>

* Replace loop with simple if

Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de>

* Fix more errors

Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de>
 2021-10-12 14:29:20 -07:00
Marcus Noble
806bd184b7
fixed incorrect character class in regex (#2526) 
* fixed incorrect character class in regex

* added general support for functions in allowed vars

* Update pkg/kyverno/common/regex.go

Co-authored-by: Bricktop <marcel.mueller1@rwth-aachen.de>

* convert tests to use test cases

* fixed formatting

Co-authored-by: Bricktop <marcel.mueller1@rwth-aachen.de>
 2021-10-12 17:17:25 +02:00
Bricktop
fe0947dcb3
Add error handling where missing (#2516) 
Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de>
 2021-10-11 14:57:43 -07:00
Bricktop
23864d89c8
Ensure make invocations pass linter (#2518) 
Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de>
 2021-10-11 14:43:09 -07:00
Sachin
e16d773957
Remove unused function (#2517) 2021-10-11 12:46:28 -07:00
Bricktop
67a2466c32
Remove dead code in various packages (#2514) 2021-10-11 12:44:43 -07:00
NoSkillGirl
143fe4e3cb added log statement 
Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-10-11 15:48:53 +05:30
NoSkillGirl
8b739453b3 added retry 
Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-10-11 15:48:53 +05:30
shuting
514a851d2f
fix mutate foreach auto-gen rules (#2507) 
Signed-off-by: ShutingZhao <shutting06@gmail.com>
 2021-10-09 13:31:52 -07:00
Jim Bugwadia
0153bd7c72
fix cmd line tests (#2502) 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-07 15:25:44 -07:00
shuting
9dc2c2b4bf
Bugfixes - handle verifyImage rules for webhooks configurations (#2501) 
* dynamic webhooks for verifyImages rule

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* add namespace env to the initContainer

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* add debug log

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* update operator schema validation tag

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* set policy to ready if auto-update-webhook disabled

Signed-off-by: ShutingZhao <shutting06@gmail.com>
 2021-10-07 13:50:30 -07:00
Vyankatesh Kudtarkar
5164d833ed Fix autogen for varifyImage 2021-10-07 17:16:46 +05:30
Vyankatesh Kudtarkar
ee19d49a94 Fix autogen issue 2021-10-07 16:21:39 +05:30
Vyankatesh Kudtarkar
176f139f26 Fix autogen issue for Foreach mutate policy 2021-10-07 16:12:34 +05:30