mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00
Code Activity
2950 commits 16 branches 550 tags 288 MiB
Commit graph

125 commits

Author SHA1 Message Date
shuting
3c5f9f8888
1398 - Reduce RCR throttling requests (#1406) 
* reduce RCR throttling requests by merging policy application (policy - namespace) results into single RCR

* - refactor policy controller; - fix RCR issue

* - refactor RCR controller; - fix cpolr on ns update; - reduce throttling when getting resources; - fix tests

* update CRD schema

* fix typo
 2020-12-21 11:04:19 -08:00
Jim Bugwadia
2285e6b1b6 update docs 2020-12-14 02:38:33 -08:00
Jim Bugwadia
59ba4fe3ac add annotation wildcard support 2020-12-02 12:25:56 -08:00
Jim Bugwadia
76b6974fc2 update CRD docs 2020-12-01 23:19:08 -08:00
Shuting Zhao
45dd5b736d update short names, scope 2020-12-01 12:52:17 -08:00
shuting
370828afec
Fix typo, add short names (#1344) 
* fix typo

* add short names for report change request
 2020-11-30 23:26:49 -08:00
Jim Bugwadia
2344b2c305
1319 fix throttling (#1341) 
* fix policy status and generate controller issues

* shorten ACTION column name

* update logs

Co-authored-by: Shuting Zhao <shutting06@gmail.com>
 2020-11-30 11:22:20 -08:00
Jim Bugwadia
2aeb5aa982 validate conditiona.operator as enum 2020-11-29 00:37:36 -08:00
Chip Zoller
7ee346b0de
column misspelling (#1290) 
* column misspelling

* edit description with tip about conditional adds

* Enhance bug report template
 2020-11-23 14:05:46 -08:00
Jim Bugwadia
cb6de3da35
Merge pull request #1276 from realshuting/bug_fixes 
Update CRDs
 2020-11-18 17:48:41 -08:00
Shuting Zhao
4be7528604 - reverse tag removal changes; - remove defaults 2020-11-18 17:36:06 -08:00
Shuting Zhao
c23c318052 remove tags 2020-11-18 17:16:47 -08:00
Shuting Zhao
8acc302336 remove default tag 2020-11-18 17:00:26 -08:00
Shuting Zhao
010c97f3ab remove background default tag 2020-11-18 16:46:08 -08:00
Jim Bugwadia
ed37395fbd
Merge pull request #1275 from realshuting/bug_fixes 
Bug fix - failed to generate reportChangeRequest due to exceeding the label size limit
 2020-11-18 15:30:28 -08:00
Shuting Zhao
168bb21093 add optional tag to gr.status 2020-11-18 15:07:12 -08:00
Chip Zoller
2c86496728
Add new sample policies (#1272) 
* new samples; updates

* typos

* add policy to restrict LoadBalancer

* correct sample numbering

* fix typos

* add EnsurePodProbesDifferent

* add DisallowSecrets policy

* add AddDefaultLabels policy

* typo
 2020-11-18 14:58:32 -08:00
Shuting Zhao
2d8092d97c fixes https://github.com/kyverno/kyverno/issues/1238 2020-11-18 14:31:43 -08:00
Shuting Zhao
50c72e871f - add status to gr; - add printer column to gr 2020-11-18 12:07:25 -08:00
Shuting Zhao
b9fb926ddb fixes for golint ./... 2020-11-17 13:07:30 -08:00
Shuting Zhao
9d7c304ffe update clusterpolicy description 2020-11-16 11:47:16 -08:00
Jim Bugwadia
46b1b7a0a0 update type docs 2020-11-15 18:51:48 -08:00
Shuting Zhao
2ff9d03b3f - set tag optional in generaterequest; - fix generate controller error log 2020-11-13 17:44:34 -08:00
Shuting Zhao
943935ee1b properly deserialize anyPattern 2020-11-13 16:25:51 -08:00
Shuting Zhao
365dd6e408 update kyverno crd types.go 2020-11-13 16:02:44 -08:00
Shuting Zhao
047b2b8739 update types.go to generate schema 2020-11-12 19:48:39 -08:00
Shuting Zhao
5c38aab03d temporary check in the types for referencing 2020-11-12 16:44:14 -08:00
Shuting Zhao
58bc63e1ad remove policy violation from types.go 2020-11-11 15:50:17 -08:00
Shuting Zhao
2292bf860b update policyreport group to wgpolicyk8s.io 2020-11-11 15:09:07 -08:00
shuting
5e07ecc5f3
Add Policy Report (#1229) 
* add report in cli

* policy report crd added

* policy report added

* configmap added

* added jobs

* added jobs

* bug fixed

* added logic for cli

* common function added

* sub command added for policy report

* subcommand added for report

* common package changed

* configmap added

* added logic for kyverno cli

* added logic for jobs

* added logic for jobs

* added logic for jobs

* added logic for cli

* buf fix

* cli changes

* count bug fix

* docs added for command

* go fmt

* refactor codebase

* remove policy controller for policyreport

* policy report removed

* bug fixes

* bug fixes

* added job trigger if needed

* job deletation logic added

* build failed fix

* fixed e2e test

* remove hard coded variables

* packages adde

* improvment added in jobs sheduler

* policy report yaml added

* cronjob added

* small fixes

* remove background sync

* documentation added for report command

* remove extra log

* small improvement

* tested policy report

* revert hardcoded changes

* changes for demo

* demo changes

* resource aggrigation added

* More changes

* More changes

* - resolve PR comments; - refactor jobs controller

* set rbac for jobs

* add clean up in job controller

* add short names

* remove application scope for policyreport

* move job controller to policyreport

* add report logic in command apply

* - update policy report types;  - upgrade k8s library; - update code gen

* temporarily comment out code to pass CI build

* generate / update policyreport to cluster

* add unit test for CLI report

* add test for apply - generate policy report

* fix unit test

* - remove job controller; - remove in-memory configmap; - clean up kustomize manifest

* remove dependency

* add reportRequest / clusterReportRequest

* clean up policy report

* generate report request

* update crd clusterReportRequest

* - update json tag of report summary; - update definition manifests; -  fix dclient creation

* aggregate reportRequest into policy report

* fix unit tests

* - update report summary to optional; - generate clusterPolicyReport; - remove reportRequests after merged to report

* remove

* generate reportRequest in kyverno namespace

* update resource filter in helm chart

* - rename reportRequest to reportChangeRequest; -rename clusterReportRequest to clusterReportChangeRequest

* generate policy report in background scan

* skip generating report change request if there's entry results

* fix results entry removal when policy / rule gets deleted

* rename apiversion from policy.kubernetes.io to policy.k8s.io

* update summary.* to lower case

* move reportChangeRequest to kyverno.io/v1alpha1

* remove policy report flag

* fix report update

* clean up policy violation CRD

* remove violation CRD from manifest

* clean up policy violation code - remove pvGenerator

* change severity fields to lower case

* update import library

* set report category

Co-authored-by: Yuvraj <yuvraj.yad001@gmail.com>
Co-authored-by: Yuvraj <10830562+evalsocket@users.noreply.github.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
 2020-11-09 11:26:12 -08:00
Shuting Zhao
97e6382aaf update description 2020-11-03 16:57:47 -08:00
Shuting Zhao
d19a44d34c print fields failreAction and background for kyverno policy 2020-11-03 16:31:41 -08:00
Jim Bugwadia
ae0c09a05c remove ContextEntry.path (prototype for API server lookup) 2020-10-14 18:48:23 -07:00
Jim Bugwadia
4ea1126fce remove docs and update README.md 2020-10-14 17:39:45 -07:00
Shuting Zhao
cdc5190c56 update nirmata/kyverno to kyverno/kyverno 2020-10-07 11:12:31 -07:00
Mohan B E
bd406f5bb8
added conversion of overlay to patch strategic merge (#1138) 
* added conversion of overlay to patch strategic merge and modified unittest for the same

* updated best practice policy
 2020-09-22 16:19:09 -07:00
Mohan B E
51ac382c6c
Feature/configmaps var 724 (#1118) 
* added configmap data substitution for foreground mutate and validate

* added configmap data substitution for foreground mutate and validate fmt

* added configmap lookup for background

* added comments to resource cache

* added configmap data lookup in preConditions

* added parse strings in In operator and configmap lookup docs

* added configmap lookup docs

* modified configmap lookup docs
 2020-09-22 14:11:49 -07:00
NoSkillGirl
b1a2ab398b fixed duplicate name 2020-09-09 20:17:20 +05:30
Mohan B E
f60deecdce
Feature/namespaced policy 280 (#1058) 
* namespaced policy crd and cache

* modified main.go

* removed kyverno

* implemented policy violation generator for namespaced policy on audit

* modified cache

* added validation for cluster resource types

* install.yaml

* install.yaml

* removed namespaces from crd and refactored code

* modified NamespacePolicy to Policy

* added ClusterRole aggregate for policies

* modified clusterrole
 2020-08-19 09:07:23 -07:00
Pooja Singh
5a68653749
Supporting annotations in match/exclude (#1045) 
* Supporting annotations in match/exclude filters

* updated readme

* small fix
 2020-08-17 17:12:27 -07:00
Mohan B E
a14828246d
Feature/api version 852 (#1028) 
* apiVersion support for generate

* added apiVersion to crds
 2020-08-07 09:47:33 +05:30
shuting
39de46fe39
983 kustomize support (#1026) 
* prototype - strategic merge patch

* add end to end test

* add engine strategic merge patch support

* set webhook reinvocationPolicy to IfNeeded

* refactor engine mutate code

* support JMESPath in strategic merge patch

* implement patchesJson6902

* update doc

* resolve pr comments
 2020-08-05 09:11:23 -07:00
Pooja Singh
7195b20e90
Feature/print mutated policy (#1014) 
* added printing mutation policy

* added mutated method in common

* improved yaml print

* updated readme

* small fix

* small fix
 2020-07-29 09:11:58 -07:00
Mohan BE
9b033fd755 added +optional for optional fields 2020-07-23 18:09:34 +05:30
Mohan BE
d41eb93e66 simplified comments 2020-07-22 12:44:06 +05:30
Mohan BE
df33504c0f added prefixes to comments 2020-07-22 12:33:12 +05:30
Mohan BE
f3dc56a7f8 added commentsto types.go 2020-07-22 09:34:56 +05:30
Mohan BE
fcfe89ac8b modified types.go comments 2020-07-22 09:26:39 +05:30
Mohan BE
3e1cef790a added field type specification to types 2020-07-21 11:33:51 +05:30
Mohan BE
2525ce3423 added one line comment to types and added API docs link to README.md 2020-07-20 22:29:20 +05:30