kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 07:57:07 +00:00

Author	SHA1	Message	Date
Mario Vázquez	944bf1728e	Fixes #3555 (#3558 ) Signed-off-by: Mario Vazquez <mavazque@redhat.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-04-08 22:54:35 +08:00
Charles-Edouard Brétéché	06c2b2bb79	refactor: switch to admission v1 (#3526 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-04-06 20:43:07 +00:00
Charles-Edouard Brétéché	98598e33cf	refactor: metrics package (#3549 ) * refactor: use BackgroundProcessingEnabled method Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: webhooks metrics reporting Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: metrics package Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-04-07 02:14:13 +08:00
Charles-Edouard Brétéché	594a04db01	refactor: simplify autogen package (#3532 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-04-05 15:12:22 +00:00
Charles-Edouard Brétéché	4b3de26433	refactor: use BackgroundProcessingEnabled method (#3544 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-04-05 04:16:45 +08:00
Charles-Edouard Brétéché	a93ac45586	refactor: move some helpers in utils package (#3539 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-04-04 18:58:22 +00:00
Charles-Edouard Brétéché	cb6f55cdcd	refactor: use GetValidationFailureAction method (#3546 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-04-04 16:33:12 +00:00
Charles-Edouard Brétéché	857cd1209c	refactor: separate kube utils package (#3527 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-04-01 08:34:25 +00:00
Charles-Edouard Brétéché	663ad49dca	refactor: add a json patch util and use it in autogen package (#3524 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-04-01 13:26:47 +08:00
Charles-Edouard Brétéché	1fe203732f	refactor: separate json utils package (#3523 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-31 16:34:52 +00:00
Charles-Edouard Brétéché	9fc65fa5a7	refactor: use policy interface and introduce admission utils package (#3512 ) * refactor: use more policy interface Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: migrate to policy interface Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-31 20:25:54 +08:00
Charles-Edouard Brétéché	04d094f775	fix: reduce dependency to ns lister (#3509 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>	2022-03-31 12:48:36 +05:30
Charles-Edouard Brétéché	04740c52fa	refactor: use more policy interface (#3510 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-31 12:14:00 +05:30
Charles-Edouard Brétéché	83343697b9	refactor: make use of policy interface (#3499 ) - refactor: make use of policy interface Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-30 18:34:30 +05:30
Charles-Edouard Brétéché	20069c13c3	feat: stop mutating rules (#3410 ) * feat: stop adding autogen annotation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * feat: stop mutating rules Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * feat: stop mutating rules Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: use toggle Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: review comments Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-28 22:01:27 +08:00
shuting	d1bf3d4742	clean up dependencies (#3469 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-03-25 08:40:25 +00:00
Charles-Edouard Brétéché	3cf83bc77f	refactor: match and exclude conflict validation (#3454 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-23 17:04:17 +05:30
Charles-Edouard Brétéché	06fc472f52	refactor: add IsNamespaced() method to API policy types (#3450 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-23 13:03:15 +05:30
Charles-Edouard Brétéché	f263cbedca	fix: use PodControllersAnnotation constant (#3448 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-22 20:43:19 +00:00
Vyankatesh Kudtarkar	e268be9e88	support for deprecated API's (#3439 ) * support for deprecated API's * add testcase * update condition * fix logic	2022-03-22 18:25:35 +00:00
Charles-Edouard Brétéché	d129b7a4c7	refactor: ExcludeResources validation (#3445 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>	2022-03-22 15:21:44 +00:00
Charles-Edouard Brétéché	11bbb4f83e	refactor: replace ExcludeResources by MatchResources (#3444 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-22 14:24:40 +00:00
Charles-Edouard Brétéché	51254b2d5a	refactor: ResourceDescription validation (#3446 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-22 21:17:51 +08:00
Charles-Edouard Brétéché	c8c631d4a7	refactor: MatchResources validation (#3422 ) * refactor: ValidationFailureActionOverrides validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: MatchResources validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-21 19:51:12 +08:00
Charles-Edouard Brétéché	bdcecf9882	refactor: ValidationFailureActionOverrides validation (#3421 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-21 16:53:12 +08:00
Charles-Edouard Brétéché	4136566bd9	feat: add toggle package for feature flags (#3419 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-18 16:16:42 +00:00
Charles-Edouard Brétéché	0c8e8c1212	feat: move GetRules() at the policy level (#3420 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-18 15:18:32 +00:00
Charles-Edouard Brétéché	865eef248d	feat: stop adding autogen annotation (#3379 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-18 11:30:49 +00:00
Charles-Edouard Brétéché	4ce5c972ee	refactor: Policy name validation (#3409 ) * refactor: UserInfo validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: Rule type validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: Rule names validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: Policy name validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-18 01:02:35 +08:00
Charles-Edouard Brétéché	cc212ac766	refactor: Rule names validation (#3406 ) * refactor: UserInfo validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: Rule type validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: Rule names validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-03-17 11:36:21 +08:00
Charles-Edouard Brétéché	adcb71f1d6	refactor: Rule type validation (#3400 ) * refactor: UserInfo validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: Rule type validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-16 21:57:31 +00:00
Charles-Edouard Brétéché	5541189c6c	refactor: UserInfo validation (#3399 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-16 16:15:46 +00:00
Abhi Kapoor	ac8dea1cba	Return warning on admission response when mutating pods (#3272 ) - Return the warning as part of the validate response - Warn when autogen annotation is being used to exclude pod controllers - Reutrn admission response based on the autogen annotation value - Update the existing log message to align with admission response warning Co-authored-by: abhinav454 <43758739+abhinav454@users.noreply.github.com> Co-authored-by: Prateek Pandey <prateekpandey14@gmail.com>	2022-03-16 04:50:33 +00:00
Charles-Edouard Brétéché	8602e63f23	refactor: ImageVerification validation (#3372 ) * fix: configmap resource filters generated by helm does not account for namespace Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: ImageVerification validation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-03-15 08:48:58 +00:00
Vyankatesh Kudtarkar	154cea21c3	fix for gvk not working for existing resources policy (#3384 )	2022-03-14 16:03:13 +05:30
Vyankatesh Kudtarkar	b3a53f0658	fix PodExecOptions issue (#3373 ) * fix PodExecOptions issue * add note * update comment	2022-03-11 15:09:32 +05:30
Charles-Edouard Brétéché	ce5f648f30	refactor: introduce rules getters and setters (#3350 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Prateek Pandey <prateekpandey14@gmail.com>	2022-03-09 15:28:31 +00:00
Charles-Edouard Brétéché	ea977b259c	refactor: move controller autogen annotation in api package (#3364 ) * fix: configmap resource filters generated by helm does not account for namespace Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refator: move controller autogen annotation in api package Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-09 21:48:04 +08:00
Vyankatesh Kudtarkar	148a892277	Fix any_all wildcard issue (#3352 )	2022-03-08 12:59:33 +00:00
Charles-Edouard Brétéché	90d0badda4	fix: CRD generation (#3334 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-03-06 11:07:51 -08:00
Charles-Edouard Brétéché	7232de45c6	refactor: introduce autogen package (#3316 ) * refactor: pass only spec instead of whole policy when possible Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: introduce autogen package Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2022-03-01 23:19:31 +00:00
Charles-Edouard Brétéché	1154612489	refactor: pass only spec instead of whole policy when possible (#3315 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2022-03-01 22:42:19 +00:00
Prateek Pandey	66969d35ea	validate and block policy based on the matched kind cache (#3283 ) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> Co-authored-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-02-23 22:27:18 +05:30
Vyankatesh Kudtarkar	373f421b07	Fix panic for provides a set to the key of a precondition and deny condition (#3162 )	2022-02-03 14:46:58 +00:00
Sambhav Kothari	98284114f5	Relax rule context validation to follow JMESPath grammar (#3129 ) Signed-off-by: Sambhav Kothari <sambhavs.email@gmail.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2022-01-31 18:23:59 +00:00
Kumar Mallikarjuna	5ad0d15240	Namespace Specific ValidationFailureAction (#2794 ) * Implement ValidationFailureActionOverride Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com> * Update CRDs Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com> * Update getEnforceFailureErrorMsg() Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com> * Allow validate policies to be checked Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com> * Fix linting issues Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com> * Added tests for ValidationFailureActionOverrides Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com> * Added schema validation Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com> * Added description for ValidationFailureActionOverrides Signed-off-by: Kumar Mallikarjuna <kumar@nirmata.com> * Policy validation Signed-off-by: Kumar Mallikarjuna <kumar@nirmata.com> * Update CRDs Signed-off-by: Kumar Mallikarjuna <kumar@nirmata.com> * Replace literals with constants Signed-off-by: Kumar Mallikarjuna <kumar@nirmata.com> * Updated Policy Cache Signed-off-by: Kumar Mallikarjuna <kumar@nirmata.com> * Refactor Signed-off-by: Kumar Mallikarjuna <kumar@nirmata.com> Co-authored-by: shuting <shutting06@gmail.com>	2022-01-21 12:36:44 +00:00
Liu Shaohui	25722366f0	Fix: namespace quota policy failed to be applied for two resources named ResourceQuota with different APIVersions (#2612 ) Signed-off-by: Shaohui Liu <liushaohui@xiaomi.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-01-20 12:48:52 +05:30
shuting	ad56087b91	list resources once per policy in the background reconcilliation (#3026 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-01-19 16:42:01 +00:00
shuting	b6447e0649	Remove resourceCache from engine (#3013 ) * update log messages Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove resourceCache from the background controller when: - register resource scope - list resources per namespace Signed-off-by: ShutingZhao <shuting@nirmata.com> * - use client call for configmap lookup; - remove resourceCache from policy controller, webhook server and generate controller Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-01-18 12:59:35 +00:00
Sambhav Kothari	1af9e48b0d	Add image data to validate image configs (#2946 ) * Add image data to validate image configs Signed-off-by: Sambhav Kothari <sambhavs.email@gmail.com> * Add tests for image context Signed-off-by: Sambhav Kothari <sambhavs.email@gmail.com> * Add e2e test cases for image size policy Signed-off-by: Sambhav Kothari <sambhavs.email@gmail.com>	2022-01-17 04:06:44 +00:00

... 3 4 5 6 7 ...

673 commits