mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00
Code Activity
3196 commits 16 branches 550 tags 288 MiB
Commit graph

3196 commits

This branch
This branch
All branches
Author SHA1 Message Date
Pooja Singh
4d10c3e245
Merge pull request #1857 from realshuting/remove_log 
Remove debug log
 2021-05-03 21:52:23 +05:30
Shuting Zhao
636b9a9fc1 remove debug log 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-04-30 10:56:52 -07:00
Shuting Zhao
7e575d0e19 tag v1.3.6-rc1 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-04-29 15:03:48 -07:00
shuting
618a69961e
Disable auto-gen when a rule has mixed of kinds: pod & pod controllers (#1847) 
* disable auto-gen when a rule has mixed of kinds: pod & pod controllers

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* Bugfix :  Make match.resources.kinds required (#1843)

* Fix Dev setup

* make kind required in MatchResources

* add test cases

Co-authored-by: vyankatesh <vyankatesh@neualto.com>

* address PR comments

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* update background canAutoGen unit tests

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Co-authored-by: vyankatesh <vyankatesh@neualto.com>
 2021-04-29 14:59:37 -07:00
Vyankatesh Kudtarkar
34af7a930c
Bugfix : Make match.resources.kinds required (#1852) 
* Fix Dev setup

* Bugfix : Make match.resources.kinds required

Co-authored-by: vyankatesh <vyankatesh@neualto.com>
 2021-04-29 11:14:55 -07:00
Vyankatesh Kudtarkar
a0193e13e5
test cases for match/exclude GVK (#1851) 
* Fix Dev setup

* add test_cases for GVK

Co-authored-by: vyankatesh <vyankatesh@neualto.com>
 2021-04-29 10:58:17 -07:00
Pooja Singh
d3e4fede02
Fix for commented yaml files in Kyverno CLI (#1849) 
* fix for commented policy yaml file

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* fix for commented resource yaml file

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-04-29 10:41:15 -07:00
Pooja Singh
1e4c950104
Feature/1515 - handle configmap and api variable cli (#1789) 
* added store package

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* added changes to handle api and configmap variables in cli

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* removed comments

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* refactoring code

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* added test case for mutation

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* added test case for validation

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* code improvement

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-04-29 10:09:44 -07:00
Vyankatesh Kudtarkar
caa6a90b27
Bug 1799: Fix mutate policy defaults and Fix endless look of auto-gen rules. (#1839) 
* Fix Dev setup

* Mutate policy defaults (1799)

* fix look for exclude ResourceDescription

* fix condition

* reuse code

Co-authored-by: vyankatesh <vyankatesh@neualto.com>
 2021-04-29 09:51:23 -07:00
Jim Bugwadia
df6c896a20
Merge pull request #1846 from realshuting/background_image_properties 
Enable image substitution in the background mode
 2021-04-28 15:34:50 -07:00
Shuting Zhao
e9c2d899c9 fix the unit test 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-04-28 14:52:26 -07:00
Shuting Zhao
85dde7e960 Enable image substitution in the background mode 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-04-28 14:21:11 -07:00
Max Goncharenko
0776b438d3
Support operators (>=, <, etc ...) on list values (#1838) 
Signed-off-by: Max Goncharenko <kacejot@fex.net>
 2021-04-28 13:31:55 -07:00
Max Goncharenko
9da2d44ee1
Fix #1737: forceMutate does not handle StrategicMerge patchesJson6902 (#1775) 
* Fix #1737: forceMutate does not handle StrategicMerge patchesJson6902

Signed-off-by: Max Goncharenko <kacejot@fex.net>

* go fmt

Signed-off-by: Max Goncharenko <kacejot@fex.net>

* updated PR due to the comments

Signed-off-by: Max Goncharenko <kacejot@fex.net>
 2021-04-28 13:12:44 -07:00
Bricktop
64f49caa84
Add e2e test with nested jmesPath in context (#1786) 
Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de>
 2021-04-26 14:02:52 -07:00
Pooja Singh
434a4cdb14
Bug fix/1783 generate endlessly (#1804) 
* debug

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* bug fix

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* error handling

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* added resource cache

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* reverting back to api call attempt

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-04-26 12:58:34 -07:00
Pooja Singh
1da4f74562
Merge pull request #1817 from NoSkillGirl/validate_policy_in_cli_according_to_crd 
Validate policy in cli according to policy schema
 2021-04-23 15:51:47 +05:30
NoSkillGirl
7a6648c9a1 simplified bool comparison 
Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-04-23 11:56:15 +05:30
NoSkillGirl
8f9c97411b added test cases 
Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-04-23 01:15:45 +05:30
NoSkillGirl
b98f1116f3 refactoring code 
Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-04-23 00:20:50 +05:30
Vyankatesh Kudtarkar
ab8d077384
Fix Dev setup (#1815) 
Co-authored-by: vyankatesh <vyankatesh@neualto.com>
 2021-04-21 12:35:13 -07:00
Simon Metzger
6e76fd68f0
allow fsGroup values greater than zero (#1822) 
change the policy require-non-root-groups to allow fsGroup values greater than zero

Signed-off-by: Metzger, Simon <smnmtzgr@gmail.com>
 2021-04-21 12:12:26 -07:00
NoSkillGirl
fe05f0385d added error handling 
Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-04-21 10:28:11 +05:30
NoSkillGirl
3362ef95fc added policy crd as go file 
Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-04-21 10:28:11 +05:30
NoSkillGirl
4cfc21779c added policy validation according to api server 
Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-04-21 10:28:11 +05:30
treydock
b5fd23588a
Fix Helm charts (#1828) 
* Fix Helm charts to render  correctly

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

* Make Helm chart policies consistent

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
 2021-04-20 13:08:30 -07:00
Frank Jogeleit
56183cc73d
Add severity to pod security policies (#1797) 
Signed-off-by: Frank Jogeleit <fj@move-elevator.de>
 2021-04-16 17:41:30 -07:00
Yashvardhan Kukreja
69c3418ca9
added: a pre-flight validation check for ensuring that only 'any'/'all' fields are present under conditions (#1791) 
Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>
 2021-04-16 17:23:01 -07:00
Max Goncharenko
6a0305674a
JMESPath custom functions (#1772) 
* JMESPath: Support regex expressions

Signed-off-by: Max Goncharenko <kacejot@fex.net>

* JMESPath: Add string functions

Signed-off-by: Max Goncharenko <kacejot@fex.net>

* Removed {{$}} variable handling logic

Signed-off-by: Max Goncharenko <kacejot@fex.net>

* Name all functions in snake case; Update error message; Fix {{@}} behavior

Signed-off-by: Max Goncharenko <kacejot@fex.net>
 2021-04-16 16:17:00 -07:00
Shuting Zhao
4a4fdc54ee release v1.3.5 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-04-16 14:04:00 -07:00
shuting
f93f3344d2
fix result removal for DELETION requests (#1811) 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-04-16 13:51:35 -07:00
Shuting Zhao
a4b639f754 tag v1.3.5-rc5 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-04-15 17:35:25 -07:00
shuting
f515bc5dbf
skip rule application if referred path not exist (#1806) 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-04-15 17:33:34 -07:00
Chip Zoller
e2c522f4c6
fix link to PR doc (#1803) 
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
 2021-04-15 10:34:02 -07:00
Shuting Zhao
3f18b5f7df tag v1.3.5-rc3 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-04-14 13:12:12 -07:00
shuting
081244a102
Fix array variables substitution (#1800) 
* fix array variables substitution

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* Add ability to marshal complex vars to string

Signed-off-by: Max Goncharenko <kacejot@fex.net>

* Added tests for variable substitution

Signed-off-by: Max Goncharenko <kacejot@fex.net>

Co-authored-by: Max Goncharenko <kacejot@fex.net>
 2021-04-14 13:09:00 -07:00
Frank Jogeleit
0e3e42ea33
Fix Typo in builder method names (#1798) 
Signed-off-by: Frank Jogeleit <fj@move-elevator.de>
 2021-04-13 16:41:07 -07:00
Max Goncharenko
8050c4e77b
moved variable substitution to higher level to avoid unhandled cases (#1785) 
Signed-off-by: Max Goncharenko <kacejot@fex.net>
 2021-04-13 11:44:43 -07:00
treydock
67973c2776
Add Helm tests to Github Actions (#1793) 
This reverts commit 2749280b6c.

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
 2021-04-13 10:39:27 -07:00
shuting
2749280b6c
Revert "Add Helm tests to Github Actions (#1790)" (#1792) 
This reverts commit 9c7f7019f3.
 2021-04-12 21:57:21 -07:00
treydock
9c7f7019f3
Add Helm tests to Github Actions (#1790) 
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
 2021-04-12 20:55:13 -07:00
shuting
9dab21619f
Match endpoint to the exact Kyverno Pod's IP (#1787) 
* update log message

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* update printer column - validation failure action

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* match endpoint ip with the exact pod ip

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* - add tag "app.kubernetes.io/name"; - reduce throttling requests when deletes webhook configs

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* add [SelfSubjectAccessReview,*,*] to resource filters

Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-04-12 20:29:51 -07:00
Chip Zoller
fae48094d8
add PR docs guide (#1788) 
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
 2021-04-12 18:00:29 -07:00
Bricktop
9a6f7043b0
Add e2e test for mutation (#1761) 
Signed-off-by: MarcelMue <marcel.mueller1@rwth-aachen.de>
Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de>
 2021-04-08 16:14:08 -07:00
shuting
f3ca1d78f1
Fix log message (#1779) 
* update log message

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* update printer column - validation failure action

Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-04-08 12:10:30 -07:00
Vyankatesh Kudtarkar
e2cd04c91f
Fix #1446 :Failed to mutate policy (#1767) 
* Fix failed to mutate policy

Signed-off-by: vyankatesh <vyankatesh@neualto.com>

* fix autogen rule issue

Signed-off-by: vyankatesh <vyankatesh@neualto.com>

* fix issue

Signed-off-by: vyankatesh <vyankatesh@neualto.com>

* fix issue

Signed-off-by: vyankatesh <vyankatesh@neualto.com>

* addPolicy and AddNsPolicy changes

* fix code indentation

* change kind -> policy

Signed-off-by: vyankatesh <vyankatesh@neualto.com>

* fix kind for policy

* fix comments

Co-authored-by: vyankatesh <vyankatesh@neualto.com>
 2021-04-07 16:34:45 -07:00
Frank Jogeleit
072d9f7951
Add Support for policies.kyverno.io/severity annotation (#1763) 
Signed-off-by: Frank Jogeleit <fj@move-elevator.de>
 2021-04-07 14:56:27 -07:00
Shuting Zhao
6f41acde03 tag v1.3.5-rc3 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-04-06 11:13:56 -07:00
Max Goncharenko
01004e1db0
Fix #1754 Invalid variable validation (#1770) 
Signed-off-by: Max Goncharenko <kacejot@fex.net>
 2021-04-06 10:56:06 -07:00
Jim Bugwadia
675c808b2f
Merge pull request #1766 from realshuting/1764_fix_generate 
Remove namespace field on kind Namespace
 2021-04-05 21:27:04 -07:00