Shuting Zhao
|
261560eafb
|
mutate rule: do not ignore empty key in resource if overlay has nested anchor
|
2019-11-27 16:07:15 -08:00 |
|
Shuting Zhao
|
a1ce6e4297
|
fix annotation patch in mutate rule
|
2019-11-13 17:56:56 -08:00 |
|
Shivkumar Dudhani
|
7a12e12cb5
|
skip validation if the resource updates dont violate policy rules (#477)
|
2019-11-13 13:13:07 -08:00 |
|
Shuting Zhao
|
2a14c1f5dc
|
- add profiling; - fix CLI
|
2019-11-11 21:23:26 -08:00 |
|
Shuting Zhao
|
85d04f609c
|
remove overlay failure conditionNotPresent as it allows the tag not present
|
2019-11-11 21:03:34 -08:00 |
|
Shuting Zhao
|
5a3ed62b13
|
Merge branch 'master' into 345_support_usergroup_info
# Conflicts:
# pkg/engine/validation_test.go
# pkg/webhooks/annotations.go
# pkg/webhooks/annotations_test.go
# pkg/webhooks/mutation.go
# pkg/webhooks/server.go
# pkg/webhooks/validation.go
|
2019-11-11 19:19:08 -08:00 |
|
Shuting Zhao
|
6c8f4f90da
|
fix patches annotation
|
2019-11-11 18:52:26 -08:00 |
|
Shuting Zhao
|
6048d59949
|
change engine interface to take policyContext struct
|
2019-11-08 18:57:27 -08:00 |
|
Shuting Zhao
|
a7aec886b4
|
handle processOverlay with overlayError
|
2019-11-06 16:16:29 -08:00 |
|
Shuting Zhao
|
9f7b6eaaf6
|
skip applying mutate rule if condition key is not present in the resource, consider the rule as success
|
2019-11-05 16:27:06 -08:00 |
|
shivkumar dudhani
|
3fa8834b4a
|
policy validation: refactoring
|
2019-10-21 14:22:31 -07:00 |
|
shivkumar dudhani
|
70ff2fa177
|
update engineResponse Name
|
2019-10-08 10:57:24 -07:00 |
|
shivkumar dudhani
|
cf32510067
|
remove old function refereces and update tests
|
2019-09-05 09:37:57 -07:00 |
|
shivkumar dudhani
|
6228b8343e
|
refactor engine api
|
2019-09-03 15:48:13 -07:00 |
|
shivkumar dudhani
|
fa53519e2a
|
change CRD Name to ClusterPolicy & ClusterPolicyViolations
|
2019-09-03 14:51:51 -07:00 |
|
shivkumar dudhani
|
5b80da32ba
|
replace policyInfo with engineResponse
|
2019-08-26 13:34:42 -07:00 |
|
shivkumar dudhani
|
b062d70e29
|
initial redesign
|
2019-08-23 18:34:23 -07:00 |
|
shivkumar dudhani
|
e507fb6422
|
recieve stats + update violation status move to aggregator
|
2019-08-20 12:51:25 -07:00 |
|
shivkumar dudhani
|
0b5cc03b2d
|
engineResponse to contain stats
|
2019-08-19 18:57:19 -07:00 |
|
shivkumar dudhani
|
61d7ea276a
|
rebase
|
2019-08-19 17:26:52 -07:00 |
|
shivkumar dudhani
|
8b1066be29
|
initial commit
|
2019-08-19 16:40:10 -07:00 |
|
Shuting Zhao
|
4c34ff7a37
|
Change of annotation purpose #262
|
2019-08-19 16:10:10 -07:00 |
|
Shuting Zhao
|
a110efb96c
|
Merge branch 'policyViolation' into 254_dynamic_webhook_configurations
# Conflicts:
# main.go
# pkg/annotations/annotations.go
# pkg/annotations/controller.go
# pkg/controller/controller.go
# pkg/controller/controller_test.go
# pkg/engine/engine.go
# pkg/engine/generation.go
# pkg/engine/mutation.go
# pkg/engine/validation.go
# pkg/event/controller.go
# pkg/webhooks/mutation.go
# pkg/webhooks/policyvalidation.go
# pkg/webhooks/report.go
# pkg/webhooks/server.go
# pkg/webhooks/validation.go
|
2019-08-14 19:00:37 -07:00 |
|
Shuting Zhao
|
6b1b6dddfa
|
combine policy engine returns into single struct
|
2019-08-14 15:18:46 -07:00 |
|
Shuting Zhao
|
e87c72291f
|
- Patch resource between every rule application - move mutation & validation to mutate webhook
|
2019-08-14 11:51:01 -07:00 |
|
shivkumar dudhani
|
e7b538be79
|
add process existing for mutation & validation + come cleanup
|
2019-08-13 11:32:12 -07:00 |
|
shivkumar dudhani
|
1e621146be
|
test policy engine on admission requests
|
2019-08-09 16:55:43 -07:00 |
|
shivkumar dudhani
|
373d9a45ad
|
clean up mutation
|
2019-08-09 12:59:37 -07:00 |
|
shivkumar dudhani
|
a30ad6bab2
|
cleanup
|
2019-08-09 11:08:02 -07:00 |
|
shivkumar dudhani
|
8901917fe3
|
show mutation changes in annotation
|
2019-07-25 16:20:22 -04:00 |
|
shivkumar dudhani
|
fa8e31cd6f
|
handle overlay array mismatch
|
2019-07-24 14:25:51 -04:00 |
|
shivkumar dudhani
|
0831839910
|
handled skipped element in array
|
2019-07-24 06:33:51 -04:00 |
|
shivkumar dudhani
|
94a6f1a71a
|
match % exclude resources
|
2019-07-23 23:34:03 -04:00 |
|
shivkumar dudhani
|
bbed451039
|
cleanup
|
2019-07-20 01:11:25 -07:00 |
|
shivkumar dudhani
|
99782e4d95
|
pull
|
2019-07-19 20:32:57 -07:00 |
|
shivkumar dudhani
|
3cb978c16f
|
clean up + fix bugs
|
2019-07-19 20:30:55 -07:00 |
|
Shuting Zhao
|
9fd59297f8
|
remove rule name in failure even info
|
2019-07-19 17:52:24 -07:00 |
|
shivkumar dudhani
|
0ee748a95f
|
resource patched after every rule + rm PatchBytes
|
2019-07-05 15:20:43 -07:00 |
|
shivkumar dudhani
|
444549d9b7
|
ctr get policy->client notfrom plister(kind empty)
|
2019-06-28 17:22:00 -07:00 |
|
Shuting Zhao
|
b63b3b869e
|
create event from policy info
|
2019-06-26 18:04:50 -07:00 |
|
shivkumar dudhani
|
059993a78f
|
rule info uses type of rule
|
2019-06-25 23:58:28 -07:00 |
|
shivkumar dudhani
|
b7655ae747
|
introduce info struct for engine responses
|
2019-06-25 18:16:02 -07:00 |
|
Denis Belyshev
|
181a1282e0
|
Fixed mutation by overlays
|
2019-06-05 16:44:53 +03:00 |
|
Denis Belyshev
|
8c7ea8d741
|
Fixed combining of results in Mutate function
|
2019-06-05 15:40:31 +03:00 |
|
Denis Belyshev
|
e571f730b2
|
127: Implemented usage of result package in validation and mutation functions.
|
2019-06-05 13:43:07 +03:00 |
|
shivdudhani
|
c205cca38b
|
introduce glog, remove log.logger references
|
2019-05-30 12:28:56 -07:00 |
|
kacejot
|
101870fb5e
|
Added Overlay logic to mutation handling
|
2019-05-22 22:54:38 +01:00 |
|
kacejot
|
ab31d980b6
|
Updated mutation base due to spec
|
2019-05-22 18:28:38 +01:00 |
|
Maxim Goncharenko
|
302090cd86
|
Implemented base for Mutation Overlay
|
2019-05-21 18:27:56 +03:00 |
|
shuting
|
91b7a1b9ac
|
- handle operation remove case: if path does not exist - remove duplicate log - support validate in CLI
|
2019-05-20 15:14:01 -07:00 |
|