shuting
|
8e4dbe0729
|
fix: panic for policy variable validation (#7079)
* fix panic
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* check errors
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-05-15 14:27:45 +00:00 |
|
Mariam Fahmy
|
bb628e1fe6
|
Supporting ValidatingAdmissionPolicy in kyverno cli (apply and test command) (#6656)
* feat: add policy reporter to the dev lab
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: remove obsolete structs from CLI
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* more
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* Supporting ValidatingAdmissionPolicy in kyverno apply
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* chore: bump k8s from v0.26.3 to v0.27.0-rc.0
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Support validating admission policy in kyverno apply
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Support validating admission policy in kyverno test
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* refactoring
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Adding kyverno apply tests for validating admission policy
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* running codegen-all
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Adding IsVap field in TestResults
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* chore: bump k8s from v0.27.0-rc.0 to v0.27.1
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Fix vap in engine response
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
|
2023-05-10 08:12:53 +00:00 |
|
shuting
|
9cac3698ec
|
validate target resource scope & namespace settings (#7098)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
|
2023-05-05 11:08:08 +00:00 |
|
shuting
|
f87b0204e6
|
fix: generate policy validation to prevent endless loop (#7026)
* refactor policy validation
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add loop check for generate
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add kuttl tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* linter fixes
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* linter fixes
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
|
2023-04-28 13:54:17 +00:00 |
|
shuting
|
e14fe847bc
|
feat: new access checks for background policies (#6970)
* switch to use sar for access checks
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update helm config
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix username
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update msg
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix sa name
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update install.yaml
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
|
2023-04-24 10:31:42 +00:00 |
|
Md Sahil
|
0873a9fc02
|
Support for Context vars in cleanup (#6084)
* Added Context in CleanupPolicySpec
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added context.go file with loadVariable()
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added loadAPIData() in context.go and called from handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added conditionals for not supported context variables
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted versions in CRDs
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted CRDs to v0.11.1
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Imported fmt in handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added Context in CleanupPolicySpec
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added context.go file with loadVariable()
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added loadAPIData() in context.go and called from handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added conditionals for not supported context variables
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted versions in CRDs
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted CRDs to v0.11.1
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Imported fmt in handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Removed duplicate import
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* make verify-codegen
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Updated kuttl test
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Fixed kuttl failure
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* moved policy check to validation
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reused functions
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added kuttl test
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added more configMap
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* removed unecessary check
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* auto codegen
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* updated codegen
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Renamed ApplyJMESPath() to applyJMESPath()
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
---------
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-04-20 15:06:13 +08:00 |
|
yinka
|
60cf8afff9
|
spec.background field implementation for PolicyExceptions (#6127)
* spec.background field implementation for PolicyExceptions
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* generated files
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* add kuttl test
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* set background to false
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* checks for variables
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* check if aggregate is nil
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* reject variables in polex
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* update
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* Update pkg/validation/exception/validate.go
Signed-off-by: shuting <shutting06@gmail.com>
* updates
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* change error
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* remove file
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* fix
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* fix lint error
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
---------
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
Signed-off-by: shuting <shutting06@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: shuting <shutting06@gmail.com>
|
2023-02-06 15:45:31 +00:00 |
|
yinka
|
ec110353a8
|
validate polex activation and namespace (#6046)
* validate polex activation and namespace
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* push updates
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* push updates
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* push updates
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* pass polex options to handler
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* replace pointer
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* remove exceptionoption argument
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* remove nested if
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* revert change
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* fix line
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* pass polex options differently
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* push update
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* move struct
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* Update pkg/validation/exception/validate.go
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: yinka <damilola.olayinka@nirmata.com>
* Update pkg/webhooks/exception/validate.go
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: yinka <damilola.olayinka@nirmata.com>
* Update pkg/webhooks/exception/validate.go
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: yinka <damilola.olayinka@nirmata.com>
* Update pkg/webhooks/exception/validate.go
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: yinka <damilola.olayinka@nirmata.com>
* fix
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* add unit test
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* remove lines
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* fix error
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
Signed-off-by: yinka <damilola.olayinka@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
|
2023-01-23 09:48:54 +00:00 |
|
shuting
|
c24e25fb56
|
fix cleanup var 'target.*' (#5888)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
|
2023-01-05 14:38:23 +00:00 |
|
shuting
|
18455b4d21
|
feat: cleanup enhancements-1 (#5796)
* update fields description
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update cleanup controller clusterrole name
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* - add variables validations to support "request." and "images."; - update debug log level to 4
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add missing files
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
|
2023-01-04 09:03:56 +00:00 |
|
Charles-Edouard Brétéché
|
3cce75ae0f
|
refactor: auth package and add full unit test coverage (#5749)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2022-12-22 13:24:37 +08:00 |
|
Charles-Edouard Brétéché
|
3975323362
|
chore: bump deps including k8s ones (#5751)
* chore: bump deps including k8s ones
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix linter
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2022-12-21 22:33:51 +00:00 |
|
Charles-Edouard Brétéché
|
59dd95b888
|
refactor: use typed client in auth (#5743)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2022-12-21 17:12:26 +00:00 |
|
Charles-Edouard Brétéché
|
4618dc39d0
|
feat: add policy exception validation webhook (#5679)
* feat: add policy exception validation webhook
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* handler
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* validation
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
|
2022-12-15 08:34:44 +00:00 |
|
Charles-Edouard Brétéché
|
87ce4b85de
|
feat: introduce v2alpha1 (#5625)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2022-12-08 11:45:47 +00:00 |
|
Charles-Edouard Brétéché
|
db9faf5835
|
fix: cleanup policy validation (#5514)
* fix: cleanup policy validation
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
|
2022-12-01 16:02:21 +08:00 |
|