mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00
Code Activity
7335 commits 15 branches 540 tags 276 MiB
Commit graph

144 commits

Author SHA1 Message Date
Jim Bugwadia
a9fef256c7
updates for foreach and mutate (#2891) 
* updates for foreach and mutate

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* allow tests to pass on Windows

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix linter check

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add elementIndex variable

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fmt

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix jsonResult usage

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add mutate validation and fix error in validate.foreach

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* format

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update message

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* do not skip validation for all array entries when one is skipped

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add foreach tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix fmt

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix format errors

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* remove unused declarations

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* revert namespaceWithLabelYaml

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix mutate of element list

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update CRDs

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* Update api/kyverno/v1/policy_types.go

Co-authored-by: Steven E. Harris <seh@panix.com>

* Update pkg/engine/forceMutate.go

Co-authored-by: Steven E. Harris <seh@panix.com>

* Update pkg/engine/forceMutate.go

Co-authored-by: Steven E. Harris <seh@panix.com>

* Update pkg/engine/forceMutate.go

Co-authored-by: Steven E. Harris <seh@panix.com>

* Update pkg/engine/mutation.go

Co-authored-by: Steven E. Harris <seh@panix.com>

* Update pkg/engine/mutation.go

Co-authored-by: Steven E. Harris <seh@panix.com>

* Update pkg/engine/mutation.go

Co-authored-by: Steven E. Harris <seh@panix.com>

* Update pkg/engine/validate/validate.go

Co-authored-by: Steven E. Harris <seh@panix.com>

* Update pkg/engine/validate/validate.go

Co-authored-by: Steven E. Harris <seh@panix.com>

* Update test/cli/test/custom-functions/policy.yaml

Co-authored-by: Steven E. Harris <seh@panix.com>

* Update test/cli/test/foreach/policies.yaml

Co-authored-by: Steven E. Harris <seh@panix.com>

* accept review comments and format

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add comments to strategicMergePatch buffer

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* load context and evaluate preconditions foreach element

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add test for foreach mutate context and precondition

* precondition testcase

* address review comments

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update message

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* format

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

Co-authored-by: Steven E. Harris <seh@panix.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
 2022-01-05 09:36:33 +08:00
Jose Armesto
831a9826d1
Restructure project to follow standards (#2632) 
Signed-off-by: Jose Armesto <github@armesto.net>
 2021-10-29 18:13:20 +02:00
Vyankatesh Kudtarkar
b31b343910 Fix foreach issue 2021-10-19 15:34:53 +05:30
Jim Bugwadia
e0b1f08a28
fix check for CREATE request (#2551) 
* fix check for CREATE request

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add unit test

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fmt

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix test

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-18 09:34:07 -07:00
Kumar Mallikarjuna
d0a36b6dcc
element variable lifecycle (#2535) 
* Foreach element with background false

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* Tests for foreach element

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* Update Test_Validation_invalid_backgroundPolicy

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* CLI: Print invalid policies

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* Remove redundant Sprintf() calls

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* Updated tests for foreach list

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>
 2021-10-14 10:14:11 -07:00
Vyankatesh Kudtarkar
2798287497
support list foreach (#2522) 
* support list foreach

* fix testcase for each

* fix mutate issue

* Fix mutate patch issue

* fix yaml

* fix e2e test foreach validate list

* code indentation

* fix comments

* delete unwanted files
 2021-10-14 00:20:52 -07:00
Jim Bugwadia
e0e6074afc add validation; add 'element' to context 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-10-02 16:53:02 -07:00
Jim Bugwadia
3957a1400e fix deny check and fmt 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-09-27 23:40:05 -07:00
Jim Bugwadia
a905a61581 fix deny rules 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-09-27 14:28:55 -07:00
Jim Bugwadia
39061d91c4 implement validate.foreach 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-09-26 02:12:31 -07:00
Max Goncharenko
903963c26d
add special variable substitution logic for preconditions (#1930) 
* add special variable substitution logic for preconditions

Signed-off-by: Max Goncharenko <kacejot@fex.net>

* handle NotFoundVariable error in proper way

Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com>

* remove excess log; fix grammar

Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com>

* removed isPrecondition flag; added test case for empty deny string; fixed related issue

Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com>

* fix test case

Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com>

* fix go lint

Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com>

* fix tests

Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com>
 2021-07-28 09:54:50 -07:00
Max Goncharenko
6d0ad5598e
Jmespath notfound error (#1907) 
* return err, if variable path could not be resolved

Signed-off-by: Max Goncharenko <kacejot@fex.net>

* fixed {{@}} behavior

Signed-off-by: Max Goncharenko <kacejot@fex.net>

* fix json merge logic

Signed-off-by: Max Goncharenko <kacejot@fex.net>

* add e2e tests for Flux use case

Signed-off-by: Maxim Goncharenko <goncharenko.maxim@apriorit.com>
 2021-07-01 22:56:50 -07:00
Pooja Singh
1e4c950104
Feature/1515 - handle configmap and api variable cli (#1789) 
* added store package

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* added changes to handle api and configmap variables in cli

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* removed comments

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* refactoring code

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* added test case for mutation

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* added test case for validation

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>

* code improvement

Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
 2021-04-29 10:09:44 -07:00
Max Goncharenko
0776b438d3
Support operators (>=, <, etc ...) on list values (#1838) 
Signed-off-by: Max Goncharenko <kacejot@fex.net>
 2021-04-28 13:31:55 -07:00
shuting
f515bc5dbf
skip rule application if referred path not exist (#1806) 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-04-15 17:33:34 -07:00
shuting
081244a102
Fix array variables substitution (#1800) 
* fix array variables substitution

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* Add ability to marshal complex vars to string

Signed-off-by: Max Goncharenko <kacejot@fex.net>

* Added tests for variable substitution

Signed-off-by: Max Goncharenko <kacejot@fex.net>

Co-authored-by: Max Goncharenko <kacejot@fex.net>
 2021-04-14 13:09:00 -07:00
Max Goncharenko
8050c4e77b
moved variable substitution to higher level to avoid unhandled cases (#1785) 
Signed-off-by: Max Goncharenko <kacejot@fex.net>
 2021-04-13 11:44:43 -07:00
Jim Bugwadia
6dff9e0ab9 merge and resolve conflicts 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-03-25 16:43:12 -07:00
shuting
c08843ef77
Add Images info to variables context (#1725) 
* - remove supportMutateValidate; - refactor new context in the webhook

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* add ImageInfo to variables context

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* revert unexpected changes

Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-03-23 10:34:03 -07:00
Max Goncharenko
24c4f06ecd Fix #1506; Resolve path reference in entire rule instead of just pattern/overlay 
Signed-off-by: Max Goncharenko <kacejot@fex.net>
 2021-03-16 13:45:40 +02:00
Yashvardhan Kukreja
10c714d5ba
feat: [preconditions, conditions] added backwards-compatible support for logical operators (#1604) 
Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>
 2021-03-01 20:31:06 -08:00
Jim Bugwadia
0be7903c47 fix tests 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-02-02 00:20:03 -08:00
Jim Bugwadia
ed232ba118 add test case 2020-12-23 15:57:12 -08:00
Jim Bugwadia
e2f10c6f83 update validation logic 2020-12-23 15:10:07 -08:00
Jim Bugwadia
6afd2e6f3a
ignore non-policy files in CLI and improve validation messages (#1362) 
* improve validation message

* improve error behaviors

* fix tests

* fix tests
 2020-12-07 11:26:04 -08:00
Jim Bugwadia
74b656768e
1251 fix generate panic (#1252) 
* improve error message

* fix panic and add error logs

* update log levels and messages

* fix tests
 2020-11-12 16:44:57 -08:00
Shuting Zhao
cdc5190c56 update nirmata/kyverno to kyverno/kyverno 2020-10-07 11:12:31 -07:00
Jim Bugwadia
65193feccb
update logging, naming, and event retry (#959) 
* update logging and naming

* check per policy patch count
 2020-06-30 11:53:27 -07:00
Shuting Zhao
ea66d7a7b8 fix CI 2020-05-20 13:58:56 -07:00
Shuting Zhao
df452187bf fix CI 2020-05-19 10:32:42 -07:00
shravan
6f01bb4d59 744 only user requests will be denied 2020-05-07 14:18:42 +05:30
shravan
5ec300a12d 744 added tests 2020-05-07 02:35:24 +05:30
shravan
7682935701 744 fixing broken tests 2020-05-06 22:52:29 +05:30
Yuvraj
4fa5a056f3 Fix conflict 
Signed-off-by: Yuvraj <yuvraj.yad001@gmail.com>
 2020-03-27 14:10:21 +05:30
Yuvraj
801c7513cb golanfci-lint changes 
Signed-off-by: Yuvraj <yuvraj.yad001@gmail.com>
 2020-03-24 00:35:05 +05:30
shravan
46c3b78518 725 fixing tests 2020-03-16 14:18:51 +05:30
shravan
6f07aac36a 725 fixing tests 2020-03-06 17:19:41 +05:30
shivkumar dudhani
03ee46e1d9 support nested variable resolution 2020-02-26 16:41:48 -08:00
shivkumar dudhani
5cee543755 refactor variable substitution 2020-02-14 11:59:28 -08:00
shravan
70ea63cab3 658 removing unused commented out code 2020-02-07 15:02:36 +05:30
shravan
88083e91d6 658 removing outdated test from previous commit 2020-02-06 15:40:58 +05:30
shravan
dd7e63e1a6 658 removing outdated tests and fixing broken ones 2020-02-05 17:00:47 +05:30
Shivkumar Dudhani
8c1d79ab28
linter suggestions (#655) 
* cleanup phase 1

* linter fixes phase 2
 2020-01-24 12:05:53 -08:00
Shuting Zhao
5a44ab3e16 generate violation in validate when substitute path not present 2020-01-09 17:44:11 -08:00
Shuting Zhao
472fa29fce move mutation to subpackage pkg/engine/mutate 2020-01-07 17:06:17 -08:00
Shivkumar Dudhani
5b8ab3842b
Support variable substitution (#549) 
* initial commit

* variable substitution

* update tests

* update test

* refactor engine packages for validate & generate

* update vendor

* update toml

* support variable substitution in overlay mutation

* missing update

* fix indentation in logs

* store context values as single JSON document using merge patches.

* remove duplicate functions

* fix message string

* Handle processing of policies in background (#569)

* remove condition check while generating mutation patch as conditions are verified in the first iteration

* initial commit

* background policy validation

* correct message

* skip non-background policy process for add/update

* fix order to correct policy registration

* update comment

Co-authored-by: shuting <shutting06@gmail.com>

* refactor

Co-authored-by: shuting <shutting06@gmail.com>
 2019-12-30 17:08:50 -08:00
Shivkumar Dudhani
ffe3bdb677
remove newline from engine response strings (#537) 
* remove newline from engine response strings

* add scenario file updates

* cr: remove . in trailing msg string
 2019-12-04 18:04:42 -08:00
shuting
ded0183aa2
Merge pull request #478 from nirmata/472_update_apiversion 
472 update apiversion
 2019-11-13 15:19:27 -08:00
Shuting Zhao
eab9609c6a update api in tests 2019-11-13 13:56:07 -08:00
Shuting Zhao
b67577994a update apiversion to v1 in code 2019-11-13 13:41:08 -08:00
Shivkumar Dudhani
7a12e12cb5
skip validation if the resource updates dont violate policy rules (#477) 2019-11-13 13:13:07 -08:00
Shuting Zhao
5a3ed62b13 Merge branch 'master' into 345_support_usergroup_info 
# Conflicts:
#	pkg/engine/validation_test.go
#	pkg/webhooks/annotations.go
#	pkg/webhooks/annotations_test.go
#	pkg/webhooks/mutation.go
#	pkg/webhooks/server.go
#	pkg/webhooks/validation.go
 2019-11-11 19:19:08 -08:00
Shuting Zhao
6048d59949 change engine interface to take policyContext struct 2019-11-08 18:57:27 -08:00
Shuting Zhao
ec331b8d17 remove resource info in the validation error 2019-11-07 12:30:58 -08:00
Shuting Zhao
a30b8a604d update format 2019-11-07 12:13:35 -08:00
Shuting Zhao
443619757e update tests/scenario 2019-11-07 12:13:35 -08:00
Shuting Zhao
98fa90bf1e update validation_test.go 2019-11-07 12:13:34 -08:00
shivkumar dudhani
a191bd67f4 update message string 2019-11-01 15:21:23 -07:00
shivkumar dudhani
fd72ee3178 add unit tests 2019-10-10 17:34:20 -07:00
shivkumar dudhani
515a31199e update equality operator 2019-10-01 13:08:34 -07:00
shivkumar dudhani
17d80a08c0 introduce equality anchor 2019-10-01 12:35:14 -07:00
shivkumar dudhani
808cccb421 update validation logic 2019-09-28 14:09:46 -07:00
shivkumar dudhani
ae3059b858 unit test initial check 2019-09-26 11:00:30 -07:00
shivkumar dudhani
087efffd96 support existance on list type 2019-09-25 21:01:45 -07:00
shivkumar dudhani
c65f12b97b initial commit 2019-09-25 15:12:33 -07:00
shivkumar dudhani
5dab189743 fix event resource name + add filtered kinds to policy controller & namespace + fix messages 2019-09-12 15:04:35 -07:00
Shuting Zhao
d0fd3e69ef update testrunner, unit test for validate_host_network_port 2019-09-09 16:08:15 -07:00
shivkumar dudhani
f56603e4d4 update message to show resource path of failure for validation + print custom message on failure + anyPattern to return on first success validation + update scenarios for test runner 2019-09-05 12:44:38 -07:00
shivkumar dudhani
6228b8343e refactor engine api 2019-09-03 15:48:13 -07:00
shivkumar dudhani
786cbf5522 fix test 2019-09-03 15:02:00 -07:00
shivkumar dudhani
d43b4d93c2 rebase with master 2019-08-30 01:08:54 -07:00
Shuting Zhao
998f612679 fix engine unit test 2019-08-15 15:23:54 -07:00
Shuting Zhao
a110efb96c Merge branch 'policyViolation' into 254_dynamic_webhook_configurations 
# Conflicts:
#	main.go
#	pkg/annotations/annotations.go
#	pkg/annotations/controller.go
#	pkg/controller/controller.go
#	pkg/controller/controller_test.go
#	pkg/engine/engine.go
#	pkg/engine/generation.go
#	pkg/engine/mutation.go
#	pkg/engine/validation.go
#	pkg/event/controller.go
#	pkg/webhooks/mutation.go
#	pkg/webhooks/policyvalidation.go
#	pkg/webhooks/report.go
#	pkg/webhooks/server.go
#	pkg/webhooks/validation.go
 2019-08-14 19:00:37 -07:00
Shuting Zhao
6b1b6dddfa combine policy engine returns into single struct 2019-08-14 15:18:46 -07:00
shivkumar dudhani
0a1185d1fd correct unit tests 2019-06-28 17:11:19 -07:00
belyshevdenis
46cbbf9568 Implemented validation across same yaml 2019-06-20 18:21:55 +03:00
Denis Belyshev
9bacfe4363 Implemented at least one exists logic 2019-06-13 17:20:00 +03:00
shivdudhani
200f3fce63 refactor code 2019-06-05 17:43:59 -07:00
Denis Belyshev
50610af82d Added nil support 2019-06-05 17:35:34 +03:00
Denis Belyshev
e571f730b2 127: Implemented usage of result package in validation and mutation functions. 2019-06-05 13:43:07 +03:00
Denis Belyshev
aadb3c0140 Fixed namespaces in validation_test.go 2019-06-05 10:24:18 +03:00
belyshevdenis
18842b81a1 Fixed bug #117 
Added validation tests
 2019-06-04 17:33:21 +03:00
Denis Belyshev
f57422ef79 Fixed issue when number comes from resource as string and does not being validated 2019-05-28 14:25:29 +03:00
Denis Belyshev
cde2f2b0a0 Fixed issue: string patterns always return true 2019-05-28 14:07:15 +03:00
Denis Belyshev
435a19152a I have finished implementing patterns 2019-05-27 18:07:24 +03:00
shivdudhani
19e137690f resolve merge conflicts with branch release-0.1 2019-05-22 16:17:26 -07:00
shivdudhani
857aa81f3e update the project name in api version and test 2019-05-22 10:53:01 -07:00
kacejot
9bea87ec75 Merge branch 'master' into mutating-overlay 2019-05-22 14:58:42 +01:00
shuting
de83a16493 rename pkg to kyverno 2019-05-21 11:00:09 -07:00
Maxim Goncharenko
302090cd86 Implemented base for Mutation Overlay 2019-05-21 18:27:56 +03:00
Maxim Goncharenko
0aebb2a88e Fixed int and float types mismatch 2019-05-20 17:07:09 +03:00
Maxim Goncharenko
be13b041b6 Fixed issue with validation error messages 2019-05-20 14:48:38 +03:00
Maxim Goncharenko
0a486a7f54 I have finished implementing validation logic using TDD 2019-05-17 14:03:06 +03:00
Maxim Goncharenko
00b667b6e4 Added tests for validation logic 2019-05-16 21:37:54 +03:00