Johannes Kleinlercher
df7027d11c
feat: possibility to create a GrafanaDashboard CR ( #7992 )
...
* feat: possibility to create a GrafanaDashboard CR
* fix: support more than one dashboard in configmap
* add changelog and update documentation
---------
Signed-off-by: Johannes Kleinlercher <johannes@kleinlercher.at>
Signed-off-by: treydock <treydock@gmail.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: treydock <treydock@gmail.com>
Co-authored-by: treydock <tdockendorf@osc.edu>
2023-08-15 16:38:19 +00:00
Vishal Choudhary
e9e44291bf
Support for Cosign 2.0 ( #7248 )
...
* cosign 2.0 version upgrade
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* IgnoreTlog and IgnoreSCT updated
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* removed cli packages
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* lazy evaluate vars in conditions (#7238 )
* lazy evaluate vars in conditions
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove unnecessary conversion
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix test
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* Update test/conformance/kuttl/validate/clusterpolicy/standard/variables/lazyload/conditions/03-manifests.yaml
Signed-off-by: shuting <shutting06@gmail.com>
* Update test/conformance/kuttl/validate/clusterpolicy/standard/variables/lazyload/README.md
Signed-off-by: shuting <shutting06@gmail.com>
* added error check in test
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shutting06@gmail.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* in-toto-golang update
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added rekor
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* quote image in error (#7259 )
Signed-off-by: bakito <github@bakito.ch>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: auto update webhooks not configuring fail endpoint (#7261 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix latest version check (#7263 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump svenstaro/upload-release-action from 2.5.0 to 2.6.0 (#7270 )
Bumps [svenstaro/upload-release-action](https://github.com/svenstaro/upload-release-action ) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/svenstaro/upload-release-action/releases )
- [Changelog](https://github.com/svenstaro/upload-release-action/blob/master/CHANGELOG.md )
- [Commits](7319e4733e...58d5258088#7272 )
Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime ) from 0.14.6 to 0.15.0.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases )
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md )
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.14.6...v0.15.0 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: add yaml util to check empty document (#7276 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#7274 )
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.6.1 to 5.7.0.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#7274 )
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.6.1 to 5.7.0.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#7274 )
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.6.1 to 5.7.0.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* go mod update
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* removed cosign 1.13.1 dependency
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added default rekor url
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated cosign option
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#7274 )
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.6.1 to 5.7.0.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* go mod update
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* go sum fix
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* NIT
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix failing test: Test_VerifyManifest_MustAll_InvalidYAML
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* suggestions from jim
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* go mod fix
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updates to cosign verification
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* kuttl test ignore sct
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* go mod fixes
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* go mod update
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* downgrading gcr version
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* null pointer error
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated failing cli tests
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated kuttl test with complete subjects
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fixed issue with wildcard replacement
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* engine tests
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* removed conflicts with notary
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated go mod
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* codegen and test
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added pubkeys test
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* add default CTLogPubKeys
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* cleanup
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* unwanted test
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: auth checks with the APIVersion and the subresource (#7628 )
* fix auth checks with apiVersion and subresource
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add kuttl tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* remove duplicate code
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update permissions
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: harden rbac permissions (#7638 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore(deps): bump sigstore/cosign-installer from 3.0.5 to 3.1.0 (#7664 )
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.5 to 3.1.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](dd6b2e2b61...d13028333d#7663 )
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.3 to 2.2.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](80e868c13c...08b4669551#7650 )
* Bump notation-go from 1.0.0-rc.3 -> 1.0.0-rc.6
Signed-off-by: webstradev <e.s.westra.95@gmail.com>
* fixed tests
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added tests for repository
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
---------
Signed-off-by: webstradev <e.s.westra.95@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: webstradev <e.s.westra.95@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
* fix: vscode debug config (#7653 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: pr updater workflow (#7665 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: add specific loaders from #7597 (#7671 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: add cluster select and relabling config for ServiceMonitors (#7659 )
* feat: add cluster select and relabling config for ServiceMonitors
Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>
* feat: add cluster select and relabling config for ServiceMonitors
Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>
---------
Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>
* fix: cleanup controller context from #7597 (#7672 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: cleanup controller rbac (#7669 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: migrate context loaders (part 1) from #7597 (#7676 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: migrate context loaders (part 2) from #7597 (#7677 )
* refactor: migrate context loaders (part 1) from #7597
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: migrate context loaders (part 2) from #7597
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: add lazy loading feature flag (#7680 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: image verification (#7652 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* Fix deferred loading (#7597 )
* handle nested contexts
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add feature flag
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add kuttl tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix linter issues
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix CLI regclient
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix: token permissions on report vulns workflow (#7611 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: token permissions (#7619 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: update the flag descriptions of the reports-controller (#7617 )
Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com>
* fix: panic if env var not defined (#7613 )
* fix: panic if env var not defined
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* use toggles instead of a flag
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* update toggle name
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* update toggle name
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix roles
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix role
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* update manifests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove extra unlock
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix loader reset
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* propagate context
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* cm resolver
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* level management
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* address review comments
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add enableDeferredLoading to other controllers
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* re-enable ACR credhelper
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* improve tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove image registry client init
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* check for invalid reset/restore
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* recursive kuttl test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* add pre/post queries
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add check for a recursive match
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* new test suite
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* eval loaders at creation level
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* kuttl test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* add an index for resolving deps in order
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* improve comment
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* extract remove method
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* merge main
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* flags
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feature flag
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix flag
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* update unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* two rules kuttl test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* update unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* revert
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* per rule checkpoint
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix mutate chained rules
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* per rule checpoint/restore
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* log error
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Emmanuel Ferdman <emmanuelferdman@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
* fix: factorise confimap informer code (#7667 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* chore(deps): bump sigstore/cosign-installer from 3.1.0 to 3.1.1 (#7689 )
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](d13028333d...6e04d228eb#7688 )
Signed-off-by: JaeHeung Han <hylowaker@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: add background only policy support (#6666 )
* feat: add background only policy support
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* webhook
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* validation
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* all disabled
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: pr updater workflow (#7697 )
* fix: pr updater workflow
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* Update .github/workflows/pr-update.yaml
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* fix: customizable tracer configuration (#7644 )
* fix: customizable tracer configuration
Signed-off-by: Daniel Laszlo <laszlodaniel@icloud.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>
* fix: harden rbac permissions (#7638 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>
* chore(deps): bump sigstore/cosign-installer from 3.0.5 to 3.1.0 (#7664 )
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.5 to 3.1.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](dd6b2e2b61...d13028333d#7663 )
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.3 to 2.2.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](80e868c13c...08b4669551#7650 )
* Bump notation-go from 1.0.0-rc.3 -> 1.0.0-rc.6
Signed-off-by: webstradev <e.s.westra.95@gmail.com>
* fixed tests
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added tests for repository
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
---------
Signed-off-by: webstradev <e.s.westra.95@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: webstradev <e.s.westra.95@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>
* fix: vscode debug config (#7653 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>
* fix: pr updater workflow (#7665 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>
* refactor: add specific loaders from #7597 (#7671 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>
* feat: add cluster select and relabling config for ServiceMonitors (#7659 )
* feat: add cluster select and relabling config for ServiceMonitors
Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>
* feat: add cluster select and relabling config for ServiceMonitors
Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>
---------
Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>
* fix: cleanup controller context from #7597 (#7672 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>
* fix: cleanup controller rbac (#7669 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>
* refactor: migrate context loaders (part 1) from #7597 (#7676 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>
* refactor: migrate context loaders (part 2) from #7597 (#7677 )
* refactor: migrate context loaders (part 1) from #7597
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: migrate context loaders (part 2) from #7597
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>
* feat: add lazy loading feature flag (#7680 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>
* fix: image verification (#7652 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>
* Fix deferred loading (#7597 )
* handle nested contexts
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add feature flag
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add kuttl tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix linter issues
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix CLI regclient
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix: token permissions on report vulns workflow (#7611 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: token permissions (#7619 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: update the flag descriptions of the reports-controller (#7617 )
Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com>
* fix: panic if env var not defined (#7613 )
* fix: panic if env var not defined
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* use toggles instead of a flag
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* update toggle name
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* update toggle name
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix roles
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix role
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* update manifests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove extra unlock
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix loader reset
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* propagate context
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* cm resolver
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* level management
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* address review comments
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add enableDeferredLoading to other controllers
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* re-enable ACR credhelper
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* improve tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove image registry client init
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* check for invalid reset/restore
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* recursive kuttl test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* add pre/post queries
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add check for a recursive match
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* new test suite
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* eval loaders at creation level
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* kuttl test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* add an index for resolving deps in order
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* improve comment
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* extract remove method
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* merge main
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* flags
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feature flag
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix flag
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* update unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* two rules kuttl test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* update unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* revert
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* per rule checkpoint
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix mutate chained rules
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* per rule checpoint/restore
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* log error
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Emmanuel Ferdman <emmanuelferdman@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>
* fix: factorise confimap informer code (#7667 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>
* chore(deps): bump sigstore/cosign-installer from 3.1.0 to 3.1.1 (#7689 )
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](d13028333d...6e04d228eb#7704 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* test: add kuttl tests for background only policies (#7709 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* Feat: Upgrade controller-gen to v0.12.0 and fix tooling (#7683 )
* Upgrade controller-gen and fix tooling
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
* Address comments
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
* Add a marker in the sed command
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
* Upgrade to the latest version and rearrange the annotations
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
* Fix failing Verify Codegen tests
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
* Remove unnecessary file
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
* Restore original version in test folder
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
* Add creationTimestamp: null again in the test folder
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
---------
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
Co-authored-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: release signing (#7711 ) (#7713 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore: use github token instead of pat (#7716 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: reduce token permissions (#7719 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: reduce token permissions (#7721 )
* fix: reduce token permissions
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: reduce token permissions
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: make `test --fail-only` return 1 if there are failed tests (#7717 )
Signed-off-by: Carles Figuerola <cfiguerola@expediagroup.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* remove redundant tests (#7702 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: use gh token instead of pat (#7723 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: remove obsolete scripts (#7720 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: reduce token permission (#7729 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: use github token instead of pat (#7727 )
* fix: remove jmespath replace directive
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: use github token instead of pat
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: use golang builtin version management (#7654 )
* fix: use golang builtin version management
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: template for user setup in kuttl (#7731 )
Signed-off-by: Alok N <alokme123@gmail.com>
* feat: Add option to add imagePullSecrets to cleanup CronJobs (#7730 )
* Add option to add imagePullSecrets to cleanup CronJobs
Signed-off-by: Alexander Olzem <olzemal@pm.me>
* Update chart README
Signed-off-by: Alexander Olzem <olzemal@pm.me>
---------
Signed-off-by: Alexander Olzem <olzemal@pm.me>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: typo in check cmd (#7733 )
Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com>
* fix: nits in cli flags (#7736 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore: bump ko version (#7738 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore: bump kind node versions (#7737 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: refactor cli values loading and remove dead code (#7739 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* [Feature] round() JMESPath function (#7489 )
* adding roundoff
Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>
* removing unnecessary
Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>
* adding test
Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>
* adding edge case
Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>
* fixing error
Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>
* updating function call
Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>
* updating function jpRound
Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>
* error handling negative
Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>
* fix
Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>
* fix linter
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* parsing
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* cleanup
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore(deps): bump ubuntu from `6120be6` to `0bced47` in /.devcontainer (#7744 )
Bumps ubuntu from `6120be6` to `0bced47`.
---
updated-dependencies:
- dependency-name: ubuntu
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* fix: improve cli apply args check (#7746 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: remove cli dead code (#7748 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* Replaced gcr crane with gcr remote (#7747 )
* fix: oras-go/v2 version in go.sum
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* refactor: move kyverno constants out of v1 package (#7760 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore: use register-gen to register k8s types (#7761 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore(deps): bump fluxcd/flux2 from 0.41.2 to 2.0.0 (#7764 )
Bumps [fluxcd/flux2](https://github.com/fluxcd/flux2 ) from 0.41.2 to 2.0.0.
- [Release notes](https://github.com/fluxcd/flux2/releases )
- [Changelog](https://github.com/fluxcd/flux2/blob/main/.goreleaser.yml )
- [Commits](dbda8fbdb8...9ea0a535ea#7765 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: add table output to cli apply command (#7757 )
* feat: add table output to cli apply command
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* factorise
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
* chore: bump cosign in gh workflows (#7715 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore: switch to deepcopy-gen (#7766 )
* chore: switch to deepcopy-gen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore: increase linter timeout (#7767 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* undo: revert back to cosign 2.0.2
cosign 2.1.1 has dependency conflicts with oras
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* remove markers
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore: remove 0_14 version of gcr
k8s-sigstore-manifest got a new version so we can finally upgrade gcr to v0.15
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* add: add logging to tlogs and sct
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* undo: remove registryOpts in favor of registry client opts
added the missing parts from registryOptions in registry client opts
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore: add generated files
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore: clean go mod
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: remove bad logs
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* bug: fix go mod
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: update kubebuilder version in crds
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* update: rollback policy to ignore tlog
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore: update codegen
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
---------
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: shuting <shutting06@gmail.com>
Signed-off-by: bakito <github@bakito.ch>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: webstradev <e.s.westra.95@gmail.com>
Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>
Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com>
Signed-off-by: JaeHeung Han <hylowaker@users.noreply.github.com>
Signed-off-by: Daniel Laszlo <laszlodaniel@icloud.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
Signed-off-by: Carles Figuerola <cfiguerola@expediagroup.com>
Signed-off-by: Alok N <alokme123@gmail.com>
Signed-off-by: Alexander Olzem <olzemal@pm.me>
Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: shuting <shutting06@gmail.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
Co-authored-by: Marc Brugger <github@bakito.ch>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: webstradev <e.s.westra.95@gmail.com>
Co-authored-by: Frank Jogeleit <frank.jogeleit@lovoo.com>
Co-authored-by: Emmanuel Ferdman <emmanuelferdman@gmail.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: JaeHeung Han <hylowaker@users.noreply.github.com>
Co-authored-by: Daniel Laszlo <laszlodaniel@icloud.com>
Co-authored-by: Md Shahbaz Alam <shahbazalam75508@gmail.com>
Co-authored-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
Co-authored-by: Carles-Figuerola <carles@figuerola.info>
Co-authored-by: Alok Naushad <alokme123@gmail.com>
Co-authored-by: Alex Olzem <olzemal@gmail.com>
Co-authored-by: SukhveerS <78963782+Rexbeast2@users.noreply.github.com>
2023-08-15 14:25:55 +00:00
treydock
0b5f9a0f25
feat(chart) Allow podSecurityContext and securityContext for webhooksCleanup ( #7970 )
...
Fixes #7962
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-07 12:24:53 +00:00
Vishal Choudhary
b385693509
feat: add basic structure for image verify cache ( #7890 )
...
* feat: add interface for image verify cache
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: add basic client for cache
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: add ttl to client
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: add flags and flag setup
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: added a default image verify cache
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: add propogation of cache to image verifier
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: add useCache to image verification types
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* bug: add ivcache to image verifier
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: add logger to cache
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* typo: DisabledImageVerfiyCache
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* typo: DisabledImageVerfiyCache
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* Update cmd/internal/flag.go
Signed-off-by: shuting <shutting06@gmail.com>
* feat: add use cache to v2beta1 crd
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* bug: change public attribute TTL to private
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: replace nil in test with disabled cache
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: convert ttl time to time.Duration
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: update opts to use time.Duration
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat:add policy version and remove delete functions
by adding policy version, old entries will automatically become outdated and we will not have to remove them manually
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: remove clear and update get and set to take interface as input
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* style: fix lint issue
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
---------
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-06 21:54:52 +02:00
Mike Bryant
fd67707c00
feat: Add support for server-side-apply in generate rules ( #7705 )
...
* feat: Add support for server-side-apply in generate rules
Signed-off-by: Mike Bryant <mike@mikebryant.me.uk>
* chore: run make codegen-all
Signed-off-by: Mike Bryant <mike.bryant@mettle.co.uk>
* chore: Remove unnecessary file I got from copy/paste
Signed-off-by: Mike Bryant <mike.bryant@mettle.co.uk>
---------
Signed-off-by: Mike Bryant <mike@mikebryant.me.uk>
Signed-off-by: Mike Bryant <mike.bryant@mettle.co.uk>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-08-02 17:59:37 +00:00
Ved Ratan
9f2cc6c99c
feat: add ttl controller ( #7821 )
...
* added the ttl controller
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fixed label and vars
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* added logger
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* applied fixes
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* removed comments
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* more lint fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* applied changes
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* minor fixes
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix logger, separate parse logic
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* added tests
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* added kuttl tests, validation utilities
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* commented code
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* renamed tests
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix test
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* created log.go
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix log.go
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* added README.md refactor code
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* added validation webhook
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* label-validation fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* added flag, updated verbs
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* updated verbs
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* updated helm chart
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* test fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* linter
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* imporoved webhook validation
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* linter fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* webhook names and path constants
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* constant label
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix label selector
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl test fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* helm docs
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix controller logger
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: manager logger
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix failure policy
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* move kuttl tests in separate job
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* remove rbac steps
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* remove configmaps from core cluster role
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix logger
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* rename flag
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix error
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix linter
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
Signed-off-by: Ved Ratan <82467006+VedRatan@users.noreply.github.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-02 16:47:40 +02:00
Alexej Disterhoft
590dce5830
fix(chart): only create ServiceMonitor if cluster supports it ( #7926 )
...
* fix: only create ServiceMonitor if cluster supports it
Adds an additional check to the ServiceMonitor template to ensure that
the cluster supports the `monitoring.coreos.com/v1` API version.
Signed-off-by: Alexej Disterhoft <alexej@disterhoft.de>
2023-07-28 12:27:36 +00:00
Jim Bugwadia
be2abbeaa8
add flag for policy reports ( #7888 )
...
* add flag for policy reports
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove logger param
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* update launch
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove logging changes
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove logging changes
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove logging changes
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* update Helm chart
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
2023-07-26 12:22:51 +08:00
treydock
2273529a35
fix(policy chart): Skip DELETE requests on policies using deny statements ( #7883 )
...
Fixes #7456
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Co-authored-by: shuting <shuting@nirmata.com>
2023-07-24 14:29:35 +00:00
treydock
9429e12281
feat(chart) Add configurations for cleanup jobs and webhooks ( #7871 )
...
allow nodeSelector, tolerations and affinity settings for webhooksCleanup
allow affinity settings for cleanup jobs
Add helper to handle the labels for cleanup jobs, add component label
Fixes #7843
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Co-authored-by: shuting <shuting@nirmata.com>
2023-07-21 03:30:44 +00:00
treydock
752185c5af
Add nodeSelector for cleanupJob CronJob resources ( #7851 )
...
Fixes #7826
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
2023-07-19 13:40:31 +00:00
Marc Brugger
5505d3e085
feat: allow pod labels for cleanup jobs ( #7808 )
...
Signed-off-by: bakito <github@bakito.ch>
2023-07-11 17:11:13 +02:00
Paul N
faa50615d6
fix: admission controller rbac templating ( #7774 )
...
Fixes an regression introduced in #7633 where the helm template would render multiple
resources on the same line, resulting in invalid yaml.
This removes the hyphen in the template to ensure that each resource is
rendered on a new line
Signed-off-by: Paul Nicholson <brenix@gmail.com>
2023-07-07 11:36:42 +02:00
Alex Olzem
b9d3e9bb58
feat: Add option to add imagePullSecrets to cleanup CronJobs ( #7730 )
...
* Add option to add imagePullSecrets to cleanup CronJobs
Signed-off-by: Alexander Olzem <olzemal@pm.me>
* Update chart README
Signed-off-by: Alexander Olzem <olzemal@pm.me>
---------
Signed-off-by: Alexander Olzem <olzemal@pm.me>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-07-01 22:16:18 +00:00
Md Shahbaz Alam
41c3490ba9
Feat: Upgrade controller-gen to v0.12.0 and fix tooling ( #7683 )
...
* Upgrade controller-gen and fix tooling
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
* Address comments
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
* Add a marker in the sed command
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
* Upgrade to the latest version and rearrange the annotations
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
* Fix failing Verify Codegen tests
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
* Remove unnecessary file
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
* Restore original version in test folder
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
* Add creationTimestamp: null again in the test folder
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
---------
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
Co-authored-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-29 15:58:18 +00:00
Charles-Edouard Brétéché
1d5fe217da
feat: add background only policy support ( #6666 )
...
* feat: add background only policy support
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* webhook
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* validation
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* all disabled
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-28 12:54:27 +00:00
Charles-Edouard Brétéché
441641515a
feat: add lazy loading feature flag ( #7680 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-27 13:44:15 +08:00
Charles-Edouard Brétéché
f9209de3ff
fix: cleanup controller rbac ( #7669 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-26 15:38:00 +00:00
Charles-Edouard Brétéché
f3a5a885e0
fix: cleanup controller context from #7597 ( #7672 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-26 14:57:23 +00:00
Frank Jogeleit
8aef874d75
feat: add cluster select and relabling config for ServiceMonitors ( #7659 )
...
* feat: add cluster select and relabling config for ServiceMonitors
Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>
* feat: add cluster select and relabling config for ServiceMonitors
Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>
---------
Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>
2023-06-26 14:24:15 +00:00
Charles-Edouard Brétéché
9636eb7e3a
fix: harden rbac permissions ( #7638 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-26 11:57:24 +08:00
Charles-Edouard Brétéché
e267a1dacf
fix: harden certs secrets management ( #7634 )
...
* fix: harden certs secrets management
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* rbac
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* informers
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-22 20:14:53 +08:00
shuting
2264d21cd2
enable webhook clean up ( #7633 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-06-22 09:14:41 +00:00
Charles-Edouard Brétéché
511e9fefaf
fix: harden cleanup controller rbac ( #7626 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-21 12:53:48 +00:00
Charles-Edouard Brétéché
76139ea0ce
fix: service account name env var defined twice ( #7623 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-21 07:29:09 +00:00
Charles-Edouard Brétéché
362c5db2ed
fix: panic if env var not defined ( #7613 )
...
* fix: panic if env var not defined
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-21 04:12:01 +00:00
Vishal Choudhary
cec6a8ab20
Helpers to providers ( #7572 )
...
* renamed helpers
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* related changes
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
---------
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
2023-06-16 20:25:46 +00:00
Charles-Edouard Brétéché
b2707c0cd1
feat: make aggregated reports optional ( #7475 )
...
* feat: make aggregated reports optional
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* helm
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* changelog
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-16 15:19:22 +00:00
Vishal Choudhary
43685aedc2
Enable flexible registry credential configurations ( #7114 )
...
* types added
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added secret fetching and client creation
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* codegen
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fixed tests
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* validate target resource scope & namespace settings (#7098 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: mutation code (#7095 )
* fix: mutation code
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* lazy loading of context vars (#7071 )
* lazy loading of context vars
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* gofumpt
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add kuttl tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* moved to policy context
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* removed errors
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* RegistryClientLoader
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* [Feature] Add kuttl tests with policy exceptions disabled (#7117 )
* added tests
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* removed redundant code
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* typo fix and README changes
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
---------
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* Conditions message (#7113 )
* add message to conditions
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* extend tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump zgosalvez/github-actions-ensure-sha-pinned-actions (#7123 )
Bumps [zgosalvez/github-actions-ensure-sha-pinned-actions](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions ) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/releases )
- [Commits](21991cec25...555a30da26#7121 )
Bumps [sigs.k8s.io/kustomize/kyaml](https://github.com/kubernetes-sigs/kustomize ) from 0.14.1 to 0.14.2.
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases )
- [Commits](https://github.com/kubernetes-sigs/kustomize/compare/kyaml/v0.14.1...kyaml/v0.14.2 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/kustomize/kyaml
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump oras.land/oras-go/v2 from 2.0.2 to 2.1.0 (#7102 )
Bumps [oras.land/oras-go/v2](https://github.com/oras-project/oras-go ) from 2.0.2 to 2.1.0.
- [Release notes](https://github.com/oras-project/oras-go/releases )
- [Commits](https://github.com/oras-project/oras-go/compare/v2.0.2...v2.1.0 )
---
updated-dependencies:
- dependency-name: oras.land/oras-go/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* add condition msg to v2beta1 (#7126 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: print container flags and their values (#7127 )
* add condition msg to v2beta1
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* print flags settings
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* remove the container flag genWorker from the admission controller (#7132 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump google.golang.org/grpc from 1.54.0 to 1.55.0 (#7103 )
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.54.0 to 1.55.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.54.0...v1.55.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* remove the duplicate entry (#7125 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump sigs.k8s.io/kustomize/api from 0.13.2 to 0.13.3 (#7120 )
Bumps [sigs.k8s.io/kustomize/api](https://github.com/kubernetes-sigs/kustomize ) from 0.13.2 to 0.13.3.
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases )
- [Commits](https://github.com/kubernetes-sigs/kustomize/compare/api/v0.13.2...api/v0.13.3 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/kustomize/api
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* update background scan logging messages (#7142 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* Update chart with v2 to v3 migration guidance. (#7144 )
* add Saxo Bank and Velux as adopters
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* update chart README and validations
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* add Controller Internals info (#7147 )
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* Supporting ValidatingAdmissionPolicy in kyverno cli (apply and test command) (#6656 )
* feat: add policy reporter to the dev lab
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: remove obsolete structs from CLI
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* more
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* Supporting ValidatingAdmissionPolicy in kyverno apply
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* chore: bump k8s from v0.26.3 to v0.27.0-rc.0
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Support validating admission policy in kyverno apply
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Support validating admission policy in kyverno test
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* refactoring
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Adding kyverno apply tests for validating admission policy
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* running codegen-all
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Adding IsVap field in TestResults
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* chore: bump k8s from v0.27.0-rc.0 to v0.27.1
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Fix vap in engine response
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump sigs.k8s.io/kustomize/api from 0.13.3 to 0.13.4 (#7150 )
Bumps [sigs.k8s.io/kustomize/api](https://github.com/kubernetes-sigs/kustomize ) from 0.13.3 to 0.13.4.
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases )
- [Commits](https://github.com/kubernetes-sigs/kustomize/compare/api/v0.13.3...api/v0.13.4 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/kustomize/api
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump golang.org/x/crypto from 0.8.0 to 0.9.0 (#7149 )
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.8.0 to 0.9.0.
- [Commits](https://github.com/golang/crypto/compare/v0.8.0...v0.9.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* Added `omit-events` flag to allow disabling of event emission (#7010 )
* added comma seperated flag
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* reason added in logs
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added requested changes
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* kuttl test init
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated kuttl tests
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated behavior
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fixed flawed behavior
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated test location and added readme
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* tests
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated step
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* omit events
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
---------
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: let reports controller quit when loosing the lead (#7153 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump slsa-framework/slsa-github-generator (#7160 )
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator ) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases )
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md )
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.5.0...v1.6.0 )
---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore: bump otel deps (#7152 )
* chore: bump otel deps
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump github.com/cloudflare/circl from 1.3.2 to 1.3.3 (#7172 )
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump github.com/docker/distribution (#7171 )
Bumps [github.com/docker/distribution](https://github.com/docker/distribution ) from 2.8.1+incompatible to 2.8.2+incompatible.
- [Release notes](https://github.com/docker/distribution/releases )
- [Commits](https://github.com/docker/distribution/compare/v2.8.1...v2.8.2 )
---
updated-dependencies:
- dependency-name: github.com/docker/distribution
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump github.com/go-logr/zapr from 1.2.3 to 1.2.4 (#7177 )
Bumps [github.com/go-logr/zapr](https://github.com/go-logr/zapr ) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/go-logr/zapr/releases )
- [Commits](https://github.com/go-logr/zapr/compare/v1.2.3...v1.2.4 )
---
updated-dependencies:
- dependency-name: github.com/go-logr/zapr
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* Add refactor note (#7169 )
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fixed typo in the v2 to v3 helm migration guide (#7163 )
* fixed typo in the v2 to v3 helm migration guide
Signed-off-by: Richard Parke <richardparke15@gmail.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Richard Parke <richardparke15@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump github.com/distribution/distribution (#7178 )
Bumps [github.com/distribution/distribution](https://github.com/distribution/distribution ) from 2.8.1+incompatible to 2.8.2+incompatible.
- [Release notes](https://github.com/distribution/distribution/releases )
- [Commits](https://github.com/distribution/distribution/compare/v2.8.1...v2.8.2 )
---
updated-dependencies:
- dependency-name: github.com/distribution/distribution
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* tweaks (#7166 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: add logging feature to helm chart (#7181 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* refactor: hide json context from caller (#7139 )
* refactor: hide json context from caller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* unit tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: add omit-events feature in helm chart (#7185 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: preconditions in mutate existing rules (#7183 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: use structured jsonpatch instead of byte arrays (#7186 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added secret lister
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* changes from review
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added rclientloader to policy context
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* refactor changes
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* NIT
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added RegistryClientLoaderNewOrDie to policy context
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* CI fixes
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: panic for policy variable validation (#7079 )
* fix panic
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* check errors
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: remove policy-reporter from dev lab (#7196 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: cleanup controller metrics name (#7198 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: http request metrics (#7197 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* remove unused code (#7203 )
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* handle Deny rules where conditions eval to true (#7204 )
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* [Bug] Enforce message wrong (#7208 )
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fixed tests
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
---------
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump codecov/codecov-action from 3.1.3 to 3.1.4 (#7207 )
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 3.1.3 to 3.1.4.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](894ff025c7...eaaf4bedf3#7215 )
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.3 to 3.0.4.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](204a51a57a...03d0fecf17#7220 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: mutate existing auth check (#7219 )
* fix auth check when using variables in ns
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add kuttl tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: do not exclude kube-system service accounts by default (#7225 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* docs: add reports system design doc (#6949 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump k8s.io/apimachinery from 0.27.1 to 0.27.2 (#7227 )
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery ) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.27.1...v0.27.2 )
---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump k8s.io/cli-runtime from 0.27.1 to 0.27.2 (#7228 )
Bumps [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime ) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/cli-runtime/compare/v0.27.1...v0.27.2 )
---
updated-dependencies:
- dependency-name: k8s.io/cli-runtime
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump sigstore/cosign-installer from 3.0.4 to 3.0.5 (#7229 )
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.4 to 3.0.5.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](03d0fecf17...dd6b2e2b61#7232 )
Bumps [k8s.io/pod-security-admission](https://github.com/kubernetes/pod-security-admission ) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/pod-security-admission/compare/v0.27.1...v0.27.2 )
---
updated-dependencies:
- dependency-name: k8s.io/pod-security-admission
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: match logic misbehave (#7218 )
* add rule name in ur for mutate existing
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix match logic
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* linter fixes
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix the match logic to only apply to the new object, unless it's a delete request
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#7240 )
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.8.2...v1.8.3 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump github.com/onsi/gomega from 1.27.6 to 1.27.7 (#7239 )
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.27.6 to 1.27.7.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.27.6...v1.27.7 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump k8s.io/kube-aggregator from 0.27.1 to 0.27.2 (#7241 )
Bumps [k8s.io/kube-aggregator](https://github.com/kubernetes/kube-aggregator ) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/kube-aggregator/compare/v0.27.1...v0.27.2 )
---
updated-dependencies:
- dependency-name: k8s.io/kube-aggregator
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.27.1 to 0.27.2 (#7242 )
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver ) from 0.27.1 to 0.27.2.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases )
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.27.1...v0.27.2 )
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* passing rclientloader directly
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* lazy evaluate vars in conditions (#7238 )
* lazy evaluate vars in conditions
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove unnecessary conversion
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix test
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* Update test/conformance/kuttl/validate/clusterpolicy/standard/variables/lazyload/conditions/03-manifests.yaml
Signed-off-by: shuting <shutting06@gmail.com>
* Update test/conformance/kuttl/validate/clusterpolicy/standard/variables/lazyload/README.md
Signed-off-by: shuting <shutting06@gmail.com>
* added error check in test
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shutting06@gmail.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* quote image in error (#7259 )
Signed-off-by: bakito <github@bakito.ch>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: auto update webhooks not configuring fail endpoint (#7261 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix latest version check (#7263 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump svenstaro/upload-release-action from 2.5.0 to 2.6.0 (#7270 )
Bumps [svenstaro/upload-release-action](https://github.com/svenstaro/upload-release-action ) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/svenstaro/upload-release-action/releases )
- [Changelog](https://github.com/svenstaro/upload-release-action/blob/master/CHANGELOG.md )
- [Commits](7319e4733e...58d5258088#7272 )
Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime ) from 0.14.6 to 0.15.0.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases )
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md )
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.14.6...v0.15.0 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* feat: add yaml util to check empty document (#7276 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#7274 )
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.6.1 to 5.7.0.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* NIT
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* Azure to ACR
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* go mod fix
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* codegen
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* NIT
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* adding kuttl test
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* use pointer
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fixes
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* cleanup
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* global client
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* cleanup
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* added kubeclient
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added nil kubeclient check
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* context
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* factory
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* more fixes
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* secrets lister
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* flags
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix cli
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix kuttl test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix kuttl test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix kuttl test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* factories
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: Richard Parke <richardparke15@gmail.com>
Signed-off-by: shuting <shutting06@gmail.com>
Signed-off-by: bakito <github@bakito.ch>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Ved Ratan <82467006+VedRatan@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Mariam Fahmy <55502281+MariamFahmy98@users.noreply.github.com>
Co-authored-by: rparke <50015370+rparke@users.noreply.github.com>
Co-authored-by: shuting <shutting06@gmail.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
Co-authored-by: Marc Brugger <github@bakito.ch>
2023-06-16 13:37:08 +00:00
siddharth
a89860e8ab
fix: update kyverno admission-controller role to have delete verb for… ( #7527 )
...
* fix: update kyverno admission-controller role to have delete verb for secret
Kyverno stopped working due to the following error:
```
tls "msg"="failed to delete CA secret" "error"="secrets \"kyverno-svc.kyverno.svc.kyverno-tls-ca\" is forbidden: User \"system:serviceaccount:kyverno:kyverno-admission-controller\
```
I'm still not sure why it tries to delete the secret.
Signed-off-by: siddharth <sedflix@gmail.com>
* add codegen-manifest-all
---------
Signed-off-by: siddharth <sedflix@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-06-15 09:39:52 +00:00
Mariam Fahmy
a9cd47e0eb
feat: add API server priority and fairness configuration for kyverno ( #7468 )
...
* feat: add API server priority and fairness configuration for kyverno
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix: move priority level config specification to values.yaml
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* feat: support all versions of flowcontrol resources
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix: use namespaces instead of clusterscope in rules for the namespaced resources
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
---------
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
2023-06-14 15:19:36 +02:00
Charles-Edouard Brétéché
dc97a4386b
fix: image pull secrets in admission controller ( #7474 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-09 16:20:19 +08:00
Charles-Edouard Brétéché
d4a6d4fc8e
fix: rule name not required in the crd schema ( #7464 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-08 09:54:58 +00:00
Fabian Sabau
9f76a65eb1
fixed typo in admission controller chart template ( #7440 )
...
* fix: typo in admission controller chart template
Signed-off-by: Fabian-Daniel Sabau <fabian-daniel.sabau@1und1.de>
* generate manifests
Signed-off-by: Fabian-Daniel Sabau <fabian-daniel.sabau@1und1.de>
---------
Signed-off-by: Fabian-Daniel Sabau <fabian-daniel.sabau@1und1.de>
Co-authored-by: Fabian-Daniel Sabau <fabian-daniel.sabau@1und1.de>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-06 16:52:20 +00:00
Charles-Edouard Brétéché
c11db51836
fix: helm template for cleanup jobs image ( #7430 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-06 13:04:36 +00:00
zirain
424b98a747
charts: changes validationFailureAction default value ( #7411 )
...
* charts: changes validationFailureAction default value
Signed-off-by: hejianpeng <hejianpeng2@huawei.com>
* fix helm docs
Signed-off-by: hejianpeng <hejianpeng2@huawei.com>
---------
Signed-off-by: hejianpeng <hejianpeng2@huawei.com>
2023-06-05 08:58:19 +00:00
Chip Zoller
df641106a1
update migration guide with generate guidance ( #7409 )
...
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
2023-06-03 23:55:55 +02:00
Charles-Edouard Brétéché
210fb3ca0b
fix: missing extraEnvVars in helm chart ( #7403 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-03 12:47:34 +00:00
Raúl Garcia Sanchez
9b0343d836
Allow setting verbs for clusterrole extraresources on backgroundController ( #7380 )
...
* fix webhookCleanup enable switch syntax
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
* chore: cleanup codecov workflow (#5829 )
* chore: cleanup codecov workflow
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore: cleanup codecov workflow
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
* updated template file to match with syntax fix
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
* align definition of clusterRole extraResources for
backgroundController with adminissionController
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
* update test routine clusterRole definition
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
* Update scripts/config/standard/kyverno.yaml
fine for me
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Raúl Garcia Sanchez <info@raulgarcia.de>
* Update charts/kyverno/values.yaml
fine for me 👍
Co-authored-by: shuting <shutting06@gmail.com>
Signed-off-by: Raúl Garcia Sanchez <info@raulgarcia.de>
---------
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Raúl Garcia Sanchez <info@raulgarcia.de>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shutting06@gmail.com>
2023-06-02 09:47:38 +00:00
Charles-Edouard Brétéché
5ebb37fd44
fix: missing/incorrect env variables ( #7383 )
...
* fix: panic if an env variable is missing
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-02 09:19:18 +00:00
Raúl Garcia Sanchez
57347e93df
Add missing delete verb to admission cleanup clusterrole ( #7375 )
...
* Add missing delete verb
Otherwise the admission cleanup report will not be able to cleanup resources
```
Error from server (Forbidden): admissionreports.kyverno.io "fffa1589-55d5-4428-a467-7778e497295f" is forbidden: User "system:serviceaccount:kyverno:kyverno-cleanup-jobs" cannot delete resource "admissionreports" in API group "kyverno.io" in the namespace "postgres"
```
Signed-off-by: Raúl Garcia Sanchez <info@raulgarcia.de>
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
* updated manifests
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
---------
Signed-off-by: Raúl Garcia Sanchez <info@raulgarcia.de>
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-06-02 09:10:57 +02:00
Vishal Choudhary
80d139bb5d
Added fetchAttestations method to notaryV2 implimentation ( #6800 )
...
* moved to oras
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* linting error fix
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added error checking
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fixed errors
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added final build
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added predicate fetching
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added checks in statements
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* removed continuous checking if predicate is found
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* renamed notaryv2 to notary
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* changed notaryv2 to notary
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* run codegen all
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* changes
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* commented cert
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added variable support to certs
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* renamed notaryV2 to notary
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* deprecated predicate types
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* disallow keys and keyless under attestors if type is set to notary
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* gcr crane implementation init
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added changes
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* types
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* using remote puller and pusher
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* implemented notation repository interface
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated notary implementation and fixed errors
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* removed oras
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* kuttl test init
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added image verify test
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* check image attestation notary
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added readme
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added tests for extract statements
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: remove status from policy webhooks (#6939 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: split chart values in readme per component (#6936 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
* fix: incorrect json patch validation (#6941 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: add verbosity level in helm chart values (#6940 )
* feat: add verbosity level in helm chart values
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: match on ephemeral containers (#6963 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: refine event permissions in default roles (#6957 )
* remove the event delete permission
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add '- events.k8s.io/v1'
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Add kuttl test for ephemeral containers (#6966 )
* Move Sam to Emeritus status
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add kuttl test for ephemeral containers
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
---------
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* refactor: restructure cli test command (#6942 )
* refactor: restructure cli test command
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: add credential helpers flags (#6974 )
* feat: add credential helpers flags
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore(deps): bump aquasecurity/trivy-action from 0.9.2 to 0.10.0 (#6976 )
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.9.2 to 0.10.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](1f0aa582c8...e5f43133f6#6084 )
* Added Context in CleanupPolicySpec
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added context.go file with loadVariable()
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added loadAPIData() in context.go and called from handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added conditionals for not supported context variables
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted versions in CRDs
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted CRDs to v0.11.1
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Imported fmt in handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added Context in CleanupPolicySpec
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added context.go file with loadVariable()
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added loadAPIData() in context.go and called from handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added conditionals for not supported context variables
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted versions in CRDs
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted CRDs to v0.11.1
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Imported fmt in handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Removed duplicate import
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* make verify-codegen
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Updated kuttl test
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Fixed kuttl failure
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* moved policy check to validation
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reused functions
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added kuttl test
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added more configMap
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* removed unecessary check
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* auto codegen
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* updated codegen
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Renamed ApplyJMESPath() to applyJMESPath()
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
---------
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore(deps): bump actions/setup-python from 4.5.0 to 4.6.0 (#6981 )
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.5.0 to 4.6.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](d27e3f3d7c...57ded4d7d5#6982 )
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](40a12dcee2...894ff025c7#6978 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: restrict default permissions (#6972 )
* restrict admission permissions
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* restrict background permissions
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update install.yaml
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* kuttl README (#6984 )
* Added Context in CleanupPolicySpec
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added context.go file with loadVariable()
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added loadAPIData() in context.go and called from handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added conditionals for not supported context variables
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted versions in CRDs
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted CRDs to v0.11.1
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Imported fmt in handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added Context in CleanupPolicySpec
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added context.go file with loadVariable()
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added loadAPIData() in context.go and called from handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added conditionals for not supported context variables
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted versions in CRDs
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted CRDs to v0.11.1
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Imported fmt in handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Removed duplicate import
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* make verify-codegen
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Updated kuttl test
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Fixed kuttl failure
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* moved policy check to validation
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reused functions
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added kuttl test
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added more configMap
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* removed unecessary check
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* auto codegen
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* updated codegen
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Renamed ApplyJMESPath() to applyJMESPath()
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added Readme in context-cleanup-pod
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
---------
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore(deps): bump github/codeql-action from 2.2.12 to 2.3.0 (#6989 )
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.12 to 2.3.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](7df0ce3489...b2c19fb9a2#6987 )
Bumps [github.com/notaryproject/notation-core-go](https://github.com/notaryproject/notation-core-go ) from 1.0.0-rc.2 to 1.0.0-rc.3.
- [Release notes](https://github.com/notaryproject/notation-core-go/releases )
- [Commits](https://github.com/notaryproject/notation-core-go/compare/v1.0.0-rc.2...v1.0.0-rc.3 )
---
updated-dependencies:
- dependency-name: github.com/notaryproject/notation-core-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* feat: new access checks for background policies (#6970 )
* switch to use sar for access checks
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update helm config
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix username
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update msg
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix sa name
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update install.yaml
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: bump kind image to 1.27.1 (#6993 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: bump k8s deps to 1.27 (#6868 )
* feat: bump k8s deps to 1.27
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* bump k8s 1.27.1
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: ShutingZhao <shuting@nirmata.com>
* fix: disable autogen in foreach mutation with json patches (#6996 )
* fix: disable autogen in foreach mutation with json patches
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: add server ip config to cleanup controller (#6999 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: add features section in helm values (#6935 )
* feat: add features section in helm values
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* configs
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* overrides
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: add reports cleanup jobs to prevent outage (#6960 )
* feat: add reports cleanup jobs to prevent outage
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* security cotnext
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
* feat: add registry credential helpers feature (#7002 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: improve instrumented clients (#7006 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: record configmap resource version to not reload when version didn't change (#7007 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore(deps): bump sigstore/cosign-installer from 3.0.2 to 3.0.3 (#7012 )
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](9e9de2292d...204a51a57a#7016 )
Red Hat ACM is useful for distributed kyverno policies across a
managed fleet of clusters. Adding to adopters file with a link that
describes details of using the ACM policy generator with Kyverno.
Signed-off-by: Gus Parvin <gparvin@redhat.com>
* fix: helm template with metricsRefreshInterval (#7019 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* add support for Kubernetes API server POST (#6948 )
* allow POST for Kubernetes API calls
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add kuttl tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fmt and undo local changes
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix codegen and unit test
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix unit test
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix tests and extends docs
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* feat: update built-in resource schemas (#7014 )
* feat: update built-in resource schemas
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix unit test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore: use github.com/evanphx/json-patch/v5 (#7015 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore(deps): bump github/codeql-action from 2.3.0 to 2.3.1 (#7025 )
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.0 to 2.3.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b2c19fb9a2...8662eabe0e#7027 )
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
* refactor: engine patchers (#7030 )
* refactor: engine patchers
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore(deps): bump github/codeql-action from 2.3.1 to 2.3.2 (#7033 )
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.1 to 2.3.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8662eabe0e...f3feb00acb#7036 )
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* update development doc (#7037 )
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix: generate policy validation to prevent endless loop (#7026 )
* refactor policy validation
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add loop check for generate
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add kuttl tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* linter fixes
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* linter fixes
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: remove deletionTimestamp checks (#7039 )
* remove deletionTimestamp check
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* remove deletionTimestamp check
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add back source check
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* remove deletionTimestamp check
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore(deps): bump k8s.io/klog/v2 from 2.90.1 to 2.100.1 (#7055 )
Bumps [k8s.io/klog/v2](https://github.com/kubernetes/klog ) from 2.90.1 to 2.100.1.
- [Release notes](https://github.com/kubernetes/klog/releases )
- [Changelog](https://github.com/kubernetes/klog/blob/main/RELEASE.md )
- [Commits](https://github.com/kubernetes/klog/compare/v2.90.1...v2.100.1 )
---
updated-dependencies:
- dependency-name: k8s.io/klog/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* fix: add background scan interval log (#7065 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: flaky github action (#7068 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: engine response policy (#7063 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: add opt-in setting to deploy v3 chart (#7066 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* require generate.apiVersion (#7080 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: remove excluded groups from matching (#7083 )
* fix: remove excluded groups from matching
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: add config inclusions support (#7082 )
* feat: add config inclusions support
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore: add makefile target for kwok (#7097 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore(deps): bump github/codeql-action from 2.3.2 to 2.3.3 (#7099 )
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.2 to 2.3.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f3feb00acb...29b1f65c5e#7098 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: mutation code (#7095 )
* fix: mutation code
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* lazy loading of context vars (#7071 )
* lazy loading of context vars
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* gofumpt
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add kuttl tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* [Feature] Add kuttl tests with policy exceptions disabled (#7117 )
* added tests
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* removed redundant code
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* typo fix and README changes
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
---------
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* Conditions message (#7113 )
* add message to conditions
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* extend tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* chore(deps): bump zgosalvez/github-actions-ensure-sha-pinned-actions (#7123 )
Bumps [zgosalvez/github-actions-ensure-sha-pinned-actions](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions ) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/releases )
- [Commits](21991cec25...555a30da26#7121 )
Bumps [sigs.k8s.io/kustomize/kyaml](https://github.com/kubernetes-sigs/kustomize ) from 0.14.1 to 0.14.2.
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases )
- [Commits](https://github.com/kubernetes-sigs/kustomize/compare/kyaml/v0.14.1...kyaml/v0.14.2 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/kustomize/kyaml
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
* chore(deps): bump oras.land/oras-go/v2 from 2.0.2 to 2.1.0 (#7102 )
Bumps [oras.land/oras-go/v2](https://github.com/oras-project/oras-go ) from 2.0.2 to 2.1.0.
- [Release notes](https://github.com/oras-project/oras-go/releases )
- [Commits](https://github.com/oras-project/oras-go/compare/v2.0.2...v2.1.0 )
---
updated-dependencies:
- dependency-name: oras.land/oras-go/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
* add condition msg to v2beta1 (#7126 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* feat: print container flags and their values (#7127 )
* add condition msg to v2beta1
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* print flags settings
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* remove the container flag genWorker from the admission controller (#7132 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore(deps): bump google.golang.org/grpc from 1.54.0 to 1.55.0 (#7103 )
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.54.0 to 1.55.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.54.0...v1.55.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* remove the duplicate entry (#7125 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore(deps): bump sigs.k8s.io/kustomize/api from 0.13.2 to 0.13.3 (#7120 )
Bumps [sigs.k8s.io/kustomize/api](https://github.com/kubernetes-sigs/kustomize ) from 0.13.2 to 0.13.3.
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases )
- [Commits](https://github.com/kubernetes-sigs/kustomize/compare/api/v0.13.2...api/v0.13.3 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/kustomize/api
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
* fixed error
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* undo mistake
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* go mod conflict fix
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* changes from review
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* NIT
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated image
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated checks
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fixed verifying wrong ref
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated cert in tests
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added warning when predicate type is used
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: panic for policy variable validation (#7079 )
* fix panic
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* check errors
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: remove policy-reporter from dev lab (#7196 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: cleanup controller metrics name (#7198 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: http request metrics (#7197 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* remove unused code (#7203 )
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* handle Deny rules where conditions eval to true (#7204 )
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
* [Bug] Enforce message wrong (#7208 )
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fixed tests
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
---------
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* chore(deps): bump codecov/codecov-action from 3.1.3 to 3.1.4 (#7207 )
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 3.1.3 to 3.1.4.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](894ff025c7...eaaf4bedf3#7215 )
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.3 to 3.0.4.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](204a51a57a...03d0fecf17#7220 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: mutate existing auth check (#7219 )
* fix auth check when using variables in ns
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add kuttl tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: do not exclude kube-system service accounts by default (#7225 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* docs: add reports system design doc (#6949 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore(deps): bump k8s.io/apimachinery from 0.27.1 to 0.27.2 (#7227 )
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery ) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.27.1...v0.27.2 )
---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
* chore(deps): bump k8s.io/cli-runtime from 0.27.1 to 0.27.2 (#7228 )
Bumps [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime ) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/cli-runtime/compare/v0.27.1...v0.27.2 )
---
updated-dependencies:
- dependency-name: k8s.io/cli-runtime
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump sigstore/cosign-installer from 3.0.4 to 3.0.5 (#7229 )
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.4 to 3.0.5.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](03d0fecf17...dd6b2e2b61#7232 )
Bumps [k8s.io/pod-security-admission](https://github.com/kubernetes/pod-security-admission ) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/pod-security-admission/compare/v0.27.1...v0.27.2 )
---
updated-dependencies:
- dependency-name: k8s.io/pod-security-admission
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* fix: match logic misbehave (#7218 )
* add rule name in ur for mutate existing
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix match logic
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* linter fixes
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix the match logic to only apply to the new object, unless it's a delete request
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#7240 )
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.8.2...v1.8.3 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/onsi/gomega from 1.27.6 to 1.27.7 (#7239 )
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.27.6 to 1.27.7.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.27.6...v1.27.7 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump k8s.io/kube-aggregator from 0.27.1 to 0.27.2 (#7241 )
Bumps [k8s.io/kube-aggregator](https://github.com/kubernetes/kube-aggregator ) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/kube-aggregator/compare/v0.27.1...v0.27.2 )
---
updated-dependencies:
- dependency-name: k8s.io/kube-aggregator
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.27.1 to 0.27.2 (#7242 )
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver ) from 0.27.1 to 0.27.2.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases )
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.27.1...v0.27.2 )
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* updated kuttl tests
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fixed mistake in assert
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* quote image in error (#7259 )
Signed-off-by: bakito <github@bakito.ch>
* fix: auto update webhooks not configuring fail endpoint (#7261 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix latest version check (#7263 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore(deps): bump svenstaro/upload-release-action from 2.5.0 to 2.6.0 (#7270 )
Bumps [svenstaro/upload-release-action](https://github.com/svenstaro/upload-release-action ) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/svenstaro/upload-release-action/releases )
- [Changelog](https://github.com/svenstaro/upload-release-action/blob/master/CHANGELOG.md )
- [Commits](7319e4733e...58d5258088#7272 )
Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime ) from 0.14.6 to 0.15.0.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases )
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md )
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.14.6...v0.15.0 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* feat: add yaml util to check empty document (#7276 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#7274 )
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.6.1 to 5.7.0.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* fixed api version in kuttl tests
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated kuttl tests
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* go sum update
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated admission controller assert
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated image
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* removed admission controller changes
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* go mod fix
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
---------
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
Signed-off-by: Gus Parvin <gparvin@redhat.com>
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
Signed-off-by: bakito <github@bakito.ch>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Md Sahil <85174511+MdSahil-oss@users.noreply.github.com>
Co-authored-by: Gus Parvin <gparvin@redhat.com>
Co-authored-by: Raúl Garcia Sanchez <info@raulgarcia.de>
Co-authored-by: Mariam Fahmy <55502281+MariamFahmy98@users.noreply.github.com>
Co-authored-by: Ved Ratan <82467006+VedRatan@users.noreply.github.com>
Co-authored-by: Marc Brugger <github@bakito.ch>
2023-06-01 16:05:28 +08:00
Mariam Fahmy
7f6fb24057
feat: support cel expression in validate rules ( #7070 )
...
* feat: support cel expression in validate rules
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Adding CEL preconditions in kyverno policies
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Support parameter resources in validate.cel subrule
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Adding CEL preconditions in kyverno policies
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Add kuttl tests for validate.cel subrule
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Fix disallow-host-path kuttl test
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Add kuttl test for cel preconditions
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Fix kuttl tests for validate.cel
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Use K8S API Validation and AuditAnnotation
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Use K8S API ParamKind and ParamRef
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
---------
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
2023-05-31 14:30:55 -07:00
Justin Seiser
2521c63b86
feat(cronjobs): Enable podAnnotations on CronJobs ( #7366 )
...
Signed-off-by: Justin S <justinseiser@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-05-31 18:48:07 +00:00
Charles-Edouard Brétéché
5dacdef364
fix: helm migration guide ( #7360 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-05-31 09:14:51 -04:00
Marc Brugger
049992403c
feat: cleanup jobs resources ( #7337 )
...
* feat: cleanup jobs resources
Signed-off-by: bakito <github@bakito.ch>
* empty resources by default
Signed-off-by: bakito <github@bakito.ch>
---------
Signed-off-by: bakito <github@bakito.ch>
2023-05-31 10:09:13 +00:00
Adam Johnson
efef465aab
feat: cleanup job tolerations ( #7331 )
...
* feat: cleanup job tolerations
Signed-off-by: Adam Johnson <adamjohnson01@gmail.com>
* Update charts/kyverno/templates/cleanup/cleanup-cluster-admission-reports.yaml
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Adam Johnson <adamjohnson01@gmail.com>
---------
Signed-off-by: Adam Johnson <adamjohnson01@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-05-31 08:29:38 +00:00
Charles-Edouard Brétéché
1de8b5f0fb
fix: config map name in helm chart ( #7341 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-05-30 17:29:27 -04:00
Marcus Vaal
b1d38ffcbf
feat: [Feature] add podLabels and podAnnotations to background clean and reports controllers ( #7312 )
...
* feat: [Feature] add podLabels and podAnnotations to background clean and reports controllers
Signed-off-by: mvaal <mvaal@expediagroup.com>
* Fixed spacing issue
Signed-off-by: mvaal <mvaal@expediagroup.com>
* make codegen-helm-docs
Signed-off-by: mvaal <mvaal@expediagroup.com>
* Fixed copy/paste variable
Signed-off-by: mvaal <mvaal@expediagroup.com>
* Fix linting
Signed-off-by: mvaal <mvaal@expediagroup.com>
---------
Signed-off-by: mvaal <mvaal@expediagroup.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-05-29 09:03:26 +00:00
Mathew Wicks
35e378358d
fix: chart app.kubernetes.io/instance label value ( #7315 )
...
Signed-off-by: Mathew Wicks <thesuperzapper@users.noreply.github.com>
2023-05-27 00:33:29 +02:00
Johannes Kleinlercher
Vishal Choudhary
treydock
Mike Bryant
Ved Ratan
Alexej Disterhoft
Jim Bugwadia
Marc Brugger
Paul N
Alex Olzem
Md Shahbaz Alam
Charles-Edouard Brétéché
Frank Jogeleit
shuting
siddharth
Mariam Fahmy
Fabian Sabau
zirain
Chip Zoller
Raúl Garcia Sanchez
Justin Seiser
Adam Johnson
Marcus Vaal
Mathew Wicks