kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00

Author	SHA1	Message	Date
Jim Bugwadia	46f02a8ba7	optimize JSON context processing using in-memory maps (#8322 ) * optimize JSON context processing using in memory maps Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix excessive logs Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix mutate resource diff Signed-off-by: Jim Bugwadia <jim@nirmata.com> * uncomment tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * copy resource, as it can be modified Signed-off-by: Jim Bugwadia <jim@nirmata.com> * clear prior resource to prevent mutating original Signed-off-by: Jim Bugwadia <jim@nirmata.com> * linter fix Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix ImageInfo to unstructured conversion Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix custom image extractors Signed-off-by: Jim Bugwadia <jim@nirmata.com> * do not update mutated resource in JSON context Signed-off-by: Jim Bugwadia <jim@nirmata.com> * address review comments Signed-off-by: Jim Bugwadia <jim@nirmata.com> --------- Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: shuting <shuting@nirmata.com> Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2023-12-04 07:35:36 +00:00
Charles-Edouard Brétéché	095b22b6af	fix: ttl cleanup not working with cluster wide resources (#9060 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-12-03 00:35:13 +01:00
Jim Bugwadia	296578a456	create interpreter once and reuse across searches (#8299 ) * create interpreter once and reuse across searches Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix excessive logs Signed-off-by: Jim Bugwadia <jim@nirmata.com> * refactor(jmespath): reuse fCall instead of intr Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * refactor(jmespath): use new api Use the new JMESPath API to decouple Interpreter from FunctionCaller Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore: bump go-jmespath Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(jmespath): test case using older API Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> --------- Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Khaled Emara <khaled.emara@nirmata.com> Co-authored-by: Khaled Emara <KhaledEmaraDev@gmail.com>	2023-11-30 16:59:11 +01:00
Mariam Fahmy	1404ea0966	fix: delete VAPs in case Kyverno policies can't be translated (#8887 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-11-27 06:36:01 +00:00
Vishal Choudhary	c630f17ec4	fix: block mutation only when failurePolicy is set to fail (#8952 ) * fix: only block mutation when failurePolicy is set to fail Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: kuttl test Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: add else check Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: update defaulting ns label policy's failure policy to be fail based on readme, this test has nothing to do with failurePolicy and resource should not be blocked in case of ignore failurePolicy Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: there is another Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: update policy Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * nit Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: add logs Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * Update pkg/webhooks/resource/mutation/mutation.go Signed-off-by: shuting <shuting@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Signed-off-by: shuting <shuting@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: shuting <shutting06@gmail.com>	2023-11-22 17:01:46 +00:00
Vishal Choudhary	72524c792c	fix: update KeysAreMissing() to ignore negations in resource (#8953 ) * fix: update KeysAreMissing() to ignore negations in resource KeysAreMissing() checks if a key is missing in a resource, since a negation should not be present in the resource, it should not count as a missing key Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: add tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: pod is supposed to fail Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2023-11-22 09:06:40 +00:00
Vishal Choudhary	5fe16cd487	feat: add checks for max response size in API Call (#8957 ) * feat: add checks for max response size in API Call GET request Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: added changes suggested by jim Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * cleanup Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2023-11-21 10:01:51 +00:00
UgOrange	0079ca1e39	feat: Add external_url_check custom JMESPath function (#8614 ) Signed-off-by: lichanghao.orange <lichanghao.orange@bytedance.com> Signed-off-by: UgOrange <lichanghao.orange@bytedance.com>	2023-11-21 04:17:26 +00:00
AdamKorcz	31c089bcc6	fix: change names of fuzzing policies (#8947 ) Signed-off-by: AdamKorcz <adam@adalogics.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-11-20 01:05:58 +00:00
Dirk Pahl	d8c2c5818d	Make server ports configurable, resolves #7279 (#7728 ) * Make server ports configurable, resolves #7279 Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com> * Make server ports configurable, resolves #7279 Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com> * Switch to flags instead of env vars Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com> * Could not use internal package in webhooks pkg Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com> * Add helm chart changes Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com> * make codegen-docs-all Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com> * make codegen-manifest-all Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com> --------- Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com> Co-authored-by: Dirk Pahl <dirk.pahl@deutschebahn.com> Co-authored-by: shuting <shuting@nirmata.com>	2023-11-17 14:19:53 +00:00
shuting	7b5d7c1e50	chore: bump k8s package to 1.29 (#8929 ) * bumo k8s pkgs to 1.29 Signed-off-by: ShutingZhao <shuting@nirmata.com> * replace to fork Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-11-17 15:42:47 +08:00
Romuald	139551b7ac	fix: use ungreedy pattern to process all variables (#8311 ) * use ungreedy pattern to process all variables Signed-off-by: Romuald du Song <rdusong@chapsvision.com> * use different strategy for regexp to remove the use of ungreedy flag Signed-off-by: Romuald du Song <rdusong@chapsvision.com> --------- Signed-off-by: Romuald du Song <rdusong@chapsvision.com>	2023-11-14 13:23:28 +00:00
Mariam Fahmy	c0e0cea9f4	feat: compute policy exceptions as a part of the rule execution (#8713 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2023-11-13 15:43:25 +00:00
Mariam Fahmy	31858abb0b	fix: use validate.message in case there is no message associated with the CEL expression (#8883 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-11-13 14:53:24 +00:00
AdamKorcz	4da963367d	Close reponse right after succesful request (#8894 ) Signed-off-by: AdamKorcz <adam@adalogics.com>	2023-11-13 13:41:32 +00:00
Satyajit Behera	adc0f175d2	Reduced verbosity of admission request filter INFO log message (#8712 ) * Reduced verbosity of admission request filter INFO log message Signed-off-by: satyazzz123 <beherasatyajit716@gmail.com> * Changed the verbosity level to 4 Signed-off-by: Satyajit Behera <105061492+satyazzz123@users.noreply.github.com> --------- Signed-off-by: satyazzz123 <beherasatyajit716@gmail.com> Signed-off-by: Satyajit Behera <105061492+satyazzz123@users.noreply.github.com> Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-11-10 11:34:34 +00:00
Jim Bugwadia	c1015bf619	Reduce deps (#8654 ) * fix excessive logs Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove cosign dependency from API package Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update UserAgent Signed-off-by: Jim Bugwadia <jim@nirmata.com> --------- Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2023-11-09 13:04:24 +00:00
Vishal Choudhary	878bc48e51	chore: bump cosign to v2.2.1 (#8855 ) Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2023-11-09 12:22:35 +00:00
shuting	5bd3faca97	chore (deps): bump a couple of deps (#8867 ) * bump github.com/distribution/distribution from 2.8.2+incompatible to 2.8.3+incompatible Signed-off-by: ShutingZhao <shuting@nirmata.com> * bump sigs.k8s.io/kubectl-validate from 0.0.1 to 0.0.2 Signed-off-by: ShutingZhao <shuting@nirmata.com> * bump aquasecurity/trivy-action from 0.13.1 to 0.14.0 Signed-off-by: ShutingZhao <shuting@nirmata.com> * bump sigstore/scaffolding from 838c26c783a08cf497dfff29d95ca90c6eeba3df to 46eb35c1c415d976c7f9d3ee4c936e65c35e8e3e Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-11-09 16:25:15 +05:30
Chandan-DK	cafc0990f9	fix: generate policy fails if triggered resource name exceeds 63 characters limit (#8466 ) * fix: generate label resource name character length issue Signed-off-by: Chandan-DK <chandandk468@gmail.com> * add source label Signed-off-by: Chandan-DK <chandandk468@gmail.com> * modify newUR function Signed-off-by: Chandan-DK <chandandk468@gmail.com> * fix Signed-off-by: Chandan-DK <chandandk468@gmail.com> * improve readability Signed-off-by: Chandan-DK <chandandk468@gmail.com> * remove generate source name label Signed-off-by: Chandan-DK <chandandk468@gmail.com> * Revert changes Signed-off-by: Chandan-DK <chandandk468@gmail.com> * update ResourceSpec Signed-off-by: Chandan-DK <chandandk468@gmail.com> * add URGenerateResourceUIDLabel Signed-off-by: Chandan-DK <chandandk468@gmail.com> * make codegen crds all Signed-off-by: Chandan-DK <chandandk468@gmail.com> * make codegen client all Signed-off-by: Chandan-DK <chandandk468@gmail.com> * add GenerateSourceUIDLabel Signed-off-by: Chandan-DK <chandandk468@gmail.com> * modify comment Signed-off-by: Chandan-DK <chandandk468@gmail.com> * make codegen crds all Signed-off-by: Chandan-DK <chandandk468@gmail.com> * make codegen-docs-all Signed-off-by: Chandan-DK <chandandk468@gmail.com> * make codegen-all Signed-off-by: Chandan-DK <chandandk468@gmail.com> * set trigger uid Signed-off-by: Chandan-DK <chandandk468@gmail.com> * add uid in transform() Signed-off-by: Chandan-DK <chandandk468@gmail.com> * add name label Signed-off-by: Chandan-DK <chandandk468@gmail.com> * fix: use resource name labels along with its UID Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix: use the resource name label only if its uid label isn't set Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * add kuttl tests Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix: delete the trigger resource in the test Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix: delete the source in the kuttl test Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * add generate trigger uid label Signed-off-by: Chandan-DK <chandandk468@gmail.com> * modify TriggerInfo function Signed-off-by: Chandan-DK <chandandk468@gmail.com> * populate uid field for new update requests Signed-off-by: Chandan-DK <chandandk468@gmail.com> * populate new ur spec with uid Signed-off-by: Chandan-DK <chandandk468@gmail.com> * handle downstream resources cleanup Signed-off-by: Chandan-DK <chandandk468@gmail.com> * populate uid of ur status Signed-off-by: Chandan-DK <chandandk468@gmail.com> * fetch triggers by the UID label Signed-off-by: ShutingZhao <shuting@nirmata.com> * label triggers Signed-off-by: ShutingZhao <shuting@nirmata.com> * fetch trigger by comparing UID Signed-off-by: ShutingZhao <shuting@nirmata.com> * fetch cloneList downstream resource by UID Signed-off-by: ShutingZhao <shuting@nirmata.com> * update test names Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove trigger name label assertions from kuttl tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * add unit name selector Signed-off-by: ShutingZhao <shuting@nirmata.com> * add sleep Signed-off-by: ShutingZhao <shuting@nirmata.com> * assert events on failures Signed-off-by: ShutingZhao <shuting@nirmata.com> * rename tests Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: Chandan-DK <chandandk468@gmail.com> Signed-off-by: Chip Zoller <chipzoller@gmail.com> Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Signed-off-by: shuting <shuting@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Chip Zoller <chipzoller@gmail.com> Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2023-11-06 10:37:13 +00:00
Vishal Choudhary	6ad156f5d0	feat: update descriptions of image verify cache flags (#8770 ) * feat: update descriptions of image verify cache flags Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * Update cmd/internal/flag.go Co-authored-by: Chip Zoller <chipzoller@gmail.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * Update cmd/internal/flag.go Co-authored-by: Chip Zoller <chipzoller@gmail.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * Update cmd/internal/flag.go Co-authored-by: Chip Zoller <chipzoller@gmail.com> Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: update description of imageVerifyCacheEnabled Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> Co-authored-by: Chip Zoller <chipzoller@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2023-11-02 16:10:17 +00:00
Anushka Mittal	f3c03f5257	Changes to correctly run delete operation in kyverno11beta4 (#8786 ) * Changes to correctly run delete operation in kyverno11beta4 Co-authored-by: Anushka Mittal <anushka@nirmata.com> Co-authored-by: Julian-Chu <yulang.chu@gmail.com> Signed-off-by: Anushka Mittal <anushka@nirmata.com> * Update test/cli/test/deny-pod-deletion/deny-pod-deletion.yaml Co-authored-by: Chip Zoller <chipzoller@gmail.com> Signed-off-by: shuting <shutting06@gmail.com> * Update test/cli/test/deny-pod-deletion/deny-pod-deletion.yaml Co-authored-by: Chip Zoller <chipzoller@gmail.com> Signed-off-by: shuting <shutting06@gmail.com> * Add README.md for new test Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Correct policy.yaml Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Add new lines in test files Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Correct kyverno-test file Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Correct values.yaml Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Correct test files Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Add new test Signed-off-by: anushkamittal2001 <anushka@nirmata.com> --------- Signed-off-by: Anushka Mittal <anushka@nirmata.com> Signed-off-by: shuting <shutting06@gmail.com> Signed-off-by: anushkamittal2001 <anushka@nirmata.com> Signed-off-by: Anushka Mittal <138426011+anushkamittal2001@users.noreply.github.com> Co-authored-by: shuting <shutting06@gmail.com> Co-authored-by: Chip Zoller <chipzoller@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2023-11-02 08:25:46 -04:00
Mariam Fahmy	f0be3bdc0b	fix: display a message when the controller has no permissions for VAPs (#8776 ) * fix: display a message when the controller has no permissions for VAPs Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix: add a warning when a Kyverno policy is created Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-11-01 21:52:03 +08:00
Mariam Fahmy	e175998dd2	fix: generate events for scanning VAPs in reports controller (#8783 )	2023-10-31 13:53:28 +00:00
Mariam Fahmy	50c8d20f9c	fix: rename vap logging name to ValidatingAdmissionPolicy (#8785 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-10-30 15:54:34 +00:00
Charles-Edouard Brétéché	c96199dee1	chore: move utils/wildcard in ext (#8772 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-10-29 23:59:53 +00:00
Charles-Edouard Brétéché	a4b889de63	feat: add ext/yaml package (#8760 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-10-27 11:08:39 +00:00
Rakshit Gondwal	b574802c12	feat: support conditions in PolicyException (#8577 ) * feat: support conditions in PolicyException Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com> * fix matchesException func Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com> * add codegen-all files Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com> * fix after review Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com> * remove variable validation from PolicyException Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com> * fix after review Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com> * add kuttl tests Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com> * remove ValidateVariables() from tests Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com> * fix errors Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com> * remove check-variables kuttl test Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com> * fix after review Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com> * add sleep step to kuttl Signed-off-by: Rakshit Gondwal <98955085+rakshitgondwal@users.noreply.github.com> * miinor fix Signed-off-by: Rakshit Gondwal <98955085+rakshitgondwal@users.noreply.github.com> * add readme for kuttl test Signed-off-by: Rakshit Gondwal <98955085+rakshitgondwal@users.noreply.github.com> --------- Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com> Signed-off-by: Rakshit Gondwal <98955085+rakshitgondwal@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2023-10-24 10:45:52 +00:00
Mariam Fahmy	d688af2539	fix: allow cleanup controller to update the policy status (#8681 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-10-18 21:22:42 +08:00
Mariam Fahmy	c5dbb572c2	remove duplicated log messages (#8673 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-10-17 16:08:44 +00:00
Vishal Choudhary	15a8970e23	feat: add support for days in ttl labels (#8660 )	2023-10-16 13:01:07 +00:00
Mariam Fahmy	e969248483	chore: bump cleanup policies to v2beta1 (#8621 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-10-12 19:45:33 +08:00
Rodrigo Fior Kuntzer	9c64b10cd2	fix: allow dropping metrics, labels and configuring histogram bucket boundaries to avoid high cardinality. (#8569 ) Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com> Co-authored-by: shuting <shuting@nirmata.com>	2023-10-12 09:50:27 +00:00
shuting	360bcc83ee	Revert "chore: bump cleanup policies to v2beta1 (#8594 )" (#8609 ) This reverts commit `fff3ad047e`.	2023-10-09 15:01:24 +00:00
Mariam Fahmy	fff3ad047e	chore: bump cleanup policies to v2beta1 (#8594 ) * chore: bump cleanup policies to v2beta1 Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * chore: remove the support of v2alpha1 cleanup policies Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-10-09 19:37:15 +08:00
Mariam Fahmy	8cbe66a06a	feat: generate events for CEL policies that generate VAPs (#8564 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-10-09 10:16:35 +00:00
Vishal Choudhary	5882ed32a3	refactor: common remote authenticator for notary and cosign (#8494 ) * refactor: common remote authenticator for notary and cosign Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix: add user agent Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * refactor: move getGCRRemoteOption out of BuildGCRRemoteOption Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> --------- Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2023-10-09 09:07:00 +00:00
Mariam Fahmy	adb789247a	refactor: use GetKind() from the cleanup policy interface (#8565 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-10-09 08:06:32 +00:00
Mariam Fahmy	cd986849d5	fix: use v2beta1 of policy exceptions (#8587 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-10-09 15:27:25 +08:00
AdamKorcz	080a96fed4	Refactor fuzzing utils and add 3 fuzzers (#8555 ) * Refactor fuzzing utils and add 3 fuzzers Signed-off-by: AdamKorcz <adam@adalogics.com> * Fix lint issues Signed-off-by: AdamKorcz <adam@adalogics.com> * use latest go-jmespath Signed-off-by: AdamKorcz <adam@adalogics.com> * Check layer size (#8552) * fix excessive logs Signed-off-by: Jim Bugwadia <jim@nirmata.com> * check fetched layer size Signed-off-by: Jim Bugwadia <jim@nirmata.com> * check sig layer size Signed-off-by: Jim Bugwadia <jim@nirmata.com> --------- Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: AdamKorcz <adam@adalogics.com> * fix lint issues Signed-off-by: AdamKorcz <adam@adalogics.com> --------- Signed-off-by: AdamKorcz <adam@adalogics.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2023-10-05 16:33:26 +00:00
Jim Bugwadia	2fe07f694e	Check layer size (#8552 ) * fix excessive logs Signed-off-by: Jim Bugwadia <jim@nirmata.com> * check fetched layer size Signed-off-by: Jim Bugwadia <jim@nirmata.com> * check sig layer size Signed-off-by: Jim Bugwadia <jim@nirmata.com> --------- Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2023-09-28 22:12:13 +05:30
Charles-Edouard Brétéché	482c243517	refactor: remove openapi package (#8538 ) * refactor: openapi package Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * kubectl validate Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * rm Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * go mod Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix vscode Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-09-27 16:21:47 +00:00
Mariam Fahmy	eedc993ed9	fix: apply exceptions after executing the policy itself (#8544 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-09-27 14:52:39 +00:00
Mariam Fahmy	538e8958aa	refactor: get the last execution time from the cleanup policy interface (#8531 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-09-27 08:55:25 +02:00
Charles-Edouard Brétéché	15630ffaaa	fix: creating ClusterAdmissionReports fails for resources with colon in name (#8530 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-09-26 11:44:35 +00:00
Mariam Fahmy	7add300ffa	feat: remove the creation of cronjobs in cleanup controller (#8526 ) * feat: remove the creation of cronjobs in cleanup controller Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix: use lastExecutionTime instead of nextExecutionTime Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-09-26 12:02:17 +02:00
Vishal Choudhary	e5c004a6b4	fix: only fetch pub keys when tlogs and scts are not ignored (#8521 )	2023-09-25 08:16:10 +00:00
Charles-Edouard Brétéché	61aa713d27	fix: image cache panic and cleanup (#8512 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-09-22 10:40:16 +00:00
Charles-Edouard Brétéché	6cf57ee81f	fix: make sure we don't modify reports not owned by kyverno (#8502 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-09-22 04:01:21 +00:00
Vishal Choudhary	e6bebeae9b	feat: improve assertion and error messages (#8489 )	2023-09-21 12:39:54 +00:00

1 2 3 4 5 ...

3492 commits