mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00
Code Activity
4252 commits 15 branches 540 tags 276 MiB
Commit graph

63 commits

Author SHA1 Message Date
Charles-Edouard Brétéché
f34a542587
refactor: client gen code (#3695) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-04-27 12:30:43 +00:00
shuting
2b432490b5
Feat - add the new CR UpdateRequest for post mutation (#3592) 
* add new CR UpdateRequest

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add clienset for updaterequests

Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2022-04-12 22:37:28 +05:30
Sambhav Kothari
e9e96e7b1c
Run E2E tests on all supported k8s versions (#3256) 2022-02-23 15:52:08 +00:00
shuting
ae4d148318
Update dev image tag in Make targets (#3159) 
* - update dev images tag; - update chart testing

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* update to use dev tag when setting up e2e tests infra

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* default chart test image tag for busybox to latest

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* set image tag to latest for chart testing

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* correct tag

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* remove test tag in e2e.yaml

Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2022-02-03 15:41:58 +08:00
Jim Bugwadia
b17e76493e
tighten and clarify Kyverno roles and permissions (#2799) 
* update roles and rolebindings

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* revert label and fix perms

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update role

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* restrict role

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix whitespace

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix tests and roles

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* remove ingress extensions/v1beta1

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix chart

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix role

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* tighten and clarify Kyverno roles and permissions

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fake commit to trigger workflows

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* revert tests and update test role

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add newlines

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* remove update role

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* make fmt

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* remove invalid param

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* cleanup roles in Helm templates

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* remove `mutate` cluster role binding

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-12-10 04:34:06 +00:00
Jose Armesto
831a9826d1
Restructure project to follow standards (#2632) 
Signed-off-by: Jose Armesto <github@armesto.net>
 2021-10-29 18:13:20 +02:00
Sachin
e16d773957
Remove unused function (#2517) 2021-10-11 12:46:28 -07:00
shuting
e288ed7fd2
Fix upgrade issue from 1.4.2 to 1.4.3-rc1 (#2387) 
* update git command to get tag in 'v*' format

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* add label "appVersion" to report change request

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* fix linter issue

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* update git hash

Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-09-14 01:06:56 -07:00
Frank Jogeleit
c522343c03
Update PolicyReport CRDs to wgpolicyk8s.io/v1alpha2 (#1825) 2021-08-21 10:35:17 -07:00
shuting
6d5e988ebe
BugFix - update the annotation lastRequestTimestamp from active instances (#2019) 
* fix webhook monitor - inactive instance did not get latest request timestamp

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* add checks for registered webhook configs

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* update veridy_deployment.sh

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* add debug steps in e2d workflow

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* fix CI errors

Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-06-15 18:39:22 -07:00
vyankatesh
ab959d0ca4 bump kind to 0.11.0, k8s v1.21 2021-06-08 11:18:48 +05:30
Shuting Zhao
8affebb680 bump kind to 0.10.0, k8s 1.20.2 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-04-05 13:58:51 -07:00
Yashvardhan Kukreja
6f15432a21
added: make target to auto generate code (#1603) 
* added: make auto-generate target to sync the auto-generated code by kubebuilder

Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>

* synced: all the auto-generable files with kubebuilder's controller-gen

Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>
 2021-03-01 10:58:58 -08:00
shuting
d82f19be4e
Feature/fix dev mode execution (#1477) 
* add serverIP to X.509 certificate SANs

* disable webhook monitor in debug mode

Signed-off-by: Shuting Zhao <shutting06@gmail.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>

Co-authored-by: Jim Bugwadia <jim@nirmata.com>
 2021-01-20 15:25:27 -08:00
Yuvraj
5ecdfda4e0
Improve github action (#1385) 
* Improve github action

Improve the github action

fix issue

Trigger Krew on relese and skip prerelease

Updated create infrastructure script

* More changes

* More changes

* Added check for prerelease

* Added check for prerelease

* Revert change
 2020-12-15 11:46:53 -08:00
Yuvraj
2ffe9b024b
Added kustomize install script (#1392) 2020-12-13 11:43:01 +05:30
shuting
f73c40ab4e
Migrate image to GitHub registry (#1299) 
* migrate image to GitHub registry

* remove registry login
 2020-11-24 11:49:08 -08:00
shuting
bc2e7fcbb3
Revert "Migrate image to GitHub registry" 2020-11-19 13:59:26 -08:00
Shuting Zhao
4d2d4b9985 Update install.yaml 2020-11-19 12:31:08 -08:00
Shuting Zhao
0d963455c9 remove jq installation 2020-11-11 14:46:22 -08:00
Shuting Zhao
06f2fd8f39 install linux tool 2020-11-11 14:33:09 -08:00
Shuting Zhao
f6b3dadfba update ci.sh 2020-11-11 14:24:04 -08:00
Shuting Zhao
b3e5cafdec install kustomize with a specific version in ci automation 2020-11-11 14:09:45 -08:00
shuting
5e07ecc5f3
Add Policy Report (#1229) 
* add report in cli

* policy report crd added

* policy report added

* configmap added

* added jobs

* added jobs

* bug fixed

* added logic for cli

* common function added

* sub command added for policy report

* subcommand added for report

* common package changed

* configmap added

* added logic for kyverno cli

* added logic for jobs

* added logic for jobs

* added logic for jobs

* added logic for cli

* buf fix

* cli changes

* count bug fix

* docs added for command

* go fmt

* refactor codebase

* remove policy controller for policyreport

* policy report removed

* bug fixes

* bug fixes

* added job trigger if needed

* job deletation logic added

* build failed fix

* fixed e2e test

* remove hard coded variables

* packages adde

* improvment added in jobs sheduler

* policy report yaml added

* cronjob added

* small fixes

* remove background sync

* documentation added for report command

* remove extra log

* small improvement

* tested policy report

* revert hardcoded changes

* changes for demo

* demo changes

* resource aggrigation added

* More changes

* More changes

* - resolve PR comments; - refactor jobs controller

* set rbac for jobs

* add clean up in job controller

* add short names

* remove application scope for policyreport

* move job controller to policyreport

* add report logic in command apply

* - update policy report types;  - upgrade k8s library; - update code gen

* temporarily comment out code to pass CI build

* generate / update policyreport to cluster

* add unit test for CLI report

* add test for apply - generate policy report

* fix unit test

* - remove job controller; - remove in-memory configmap; - clean up kustomize manifest

* remove dependency

* add reportRequest / clusterReportRequest

* clean up policy report

* generate report request

* update crd clusterReportRequest

* - update json tag of report summary; - update definition manifests; -  fix dclient creation

* aggregate reportRequest into policy report

* fix unit tests

* - update report summary to optional; - generate clusterPolicyReport; - remove reportRequests after merged to report

* remove

* generate reportRequest in kyverno namespace

* update resource filter in helm chart

* - rename reportRequest to reportChangeRequest; -rename clusterReportRequest to clusterReportChangeRequest

* generate policy report in background scan

* skip generating report change request if there's entry results

* fix results entry removal when policy / rule gets deleted

* rename apiversion from policy.kubernetes.io to policy.k8s.io

* update summary.* to lower case

* move reportChangeRequest to kyverno.io/v1alpha1

* remove policy report flag

* fix report update

* clean up policy violation CRD

* remove violation CRD from manifest

* clean up policy violation code - remove pvGenerator

* change severity fields to lower case

* update import library

* set report category

Co-authored-by: Yuvraj <yuvraj.yad001@gmail.com>
Co-authored-by: Yuvraj <10830562+evalsocket@users.noreply.github.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
 2020-11-09 11:26:12 -08:00
Jim Bugwadia
8be30879f6 print deployment YAML on timeout 2020-10-22 12:43:50 -07:00
Jim Bugwadia
2ba2222f4e add debug info on timeout 2020-10-22 12:30:24 -07:00
Shuting Zhao
cdc5190c56 update nirmata/kyverno to kyverno/kyverno 2020-10-07 11:12:31 -07:00
Yuvraj
9c0d54f35a
e2e workflow added (#1021) 
* e2e flow added

* add kustomize image change in ci
 2020-08-06 11:56:31 +05:30
Pooja Singh
59b2378274
reading kyverno svc from environment variable (#962) 
* reading kyverno svc from environment variable

* updated readme
 2020-07-04 19:35:31 -07:00
Yuvraj
d5ea0415de
remove arm from goreleaser (#903) 
* Feature : Added complete release cycle and created install bash script for kyverno-cli
 2020-06-04 11:45:37 -07:00
shivkumar dudhani
90a80db748 fix scripts 2020-03-20 09:52:30 -07:00
Shivkumar Dudhani
61b202c64a
420 init container (#501) 
* init container to cleanup stale webhook configurations if any.

* remove test code

* use internal pkg for os signals

* move webhook cleanup before http.server shutown.

* update make file and remove init

* update CI script
 2019-11-18 11:41:37 -08:00
Shuting Zhao
b67577994a update apiversion to v1 in code 2019-11-13 13:41:08 -08:00
shivkumar dudhani
9803028abc remove unused yamls 2019-11-06 15:40:19 -08:00
Shuting Zhao
a83e5c1d05 Merge commit '2192703df1bb26cb8b30a1aece6f9afeed09b214' into 254_dynamic_webhook_configurations 
# Conflicts:
#	pkg/engine/generation.go
#	pkg/engine/overlay.go
#	pkg/engine/utils.go
#	pkg/engine/utils_test.go
#	pkg/gencontroller/controller.go
#	pkg/gencontroller/generation.go
#	pkg/webhooks/mutation.go
#	pkg/webhooks/server.go
 2019-08-19 16:44:38 -07:00
shivkumar dudhani
6580e0e73a remove temp clientNew 2019-08-17 09:58:14 -07:00
Shuting Zhao
a110efb96c Merge branch 'policyViolation' into 254_dynamic_webhook_configurations 
# Conflicts:
#	main.go
#	pkg/annotations/annotations.go
#	pkg/annotations/controller.go
#	pkg/controller/controller.go
#	pkg/controller/controller_test.go
#	pkg/engine/engine.go
#	pkg/engine/generation.go
#	pkg/engine/mutation.go
#	pkg/engine/validation.go
#	pkg/event/controller.go
#	pkg/webhooks/mutation.go
#	pkg/webhooks/policyvalidation.go
#	pkg/webhooks/report.go
#	pkg/webhooks/server.go
#	pkg/webhooks/validation.go
 2019-08-14 19:00:37 -07:00
shivkumar dudhani
3dda879e51 policyviolation, policy controller reconciliation 2019-08-07 16:14:33 -07:00
Shuting Zhao
80d1d926ca add profiling flags 2019-08-02 11:18:02 -07:00
Shuting Zhao
6d49a728a1 - update install_debug.yaml - add debug log 2019-07-23 17:54:31 -07:00
Shuting Zhao
edd34416e1 remove extra line for local debug 2019-07-03 14:11:18 -07:00
Shuting Zhao
d8da84a5b5 added trace in debug mode on issue faile to register webhookConfigurations 2019-07-03 14:09:52 -07:00
Shuting Zhao
b63b3b869e create event from policy info 2019-06-26 18:04:50 -07:00
shuting
044ca7a408 - addd cleanup script - remove imagepullpolicy in install.yaml 2019-06-12 18:23:16 -07:00
shuting
1013a8a637 Allow user to run Kyverno in debug mode 2019-06-10 18:10:51 -07:00
shivdudhani
6cc4148fac move client to pkg, helper script for self-signed certs & update documentation 2019-05-29 14:12:09 -07:00
shuting
09bfdc6ba3 - Change kube-policy to kyverno in install.yaml - Install in namespace kyverno 2019-05-21 18:36:24 -07:00
shuting
3fce50b2d3 change project name in compile-image script to kyverno 2019-05-21 13:40:17 -07:00
Maxim Goncharenko
738397ecae Added version arg for compile-image.sh 2019-05-14 14:18:16 +03:00
Maxim Goncharenko
9e8540f280 Made update-codegen script crossplatform 2019-05-13 21:24:02 +03:00