shuting
6416d8600e
chore: bump to go 1.22.2 ( #10001 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2024-04-08 09:30:05 +00:00
Khaled Emara
c9055ac2ff
fix(autogen): only generate rule for request kind ( #9984 )
...
* fix(autogen): only generate rule for request kind
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* feat(autogen): use jsoniter instead of std for json
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* chore(atogen): use sets instead of manipulating strings
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(autogen): formatting linter
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(autogen): backwards compatability
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* revert(autogen): old behavior
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix: builds error
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: ShutingZhao <shuting@nirmata.com>
2024-04-04 08:09:30 +00:00
Charles-Edouard Brétéché
c241cfce44
fix: polex matching code ( #9955 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-04-03 18:56:48 +00:00
Vishal Choudhary
83f2846572
feat: add TSA cert chain support in cosign ( #9961 )
...
* feat: add TSA cert chain support in cosign
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: add chainsaw test
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: add unit test
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: unit tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
2024-03-30 20:50:07 +00:00
Vishal Choudhary
912364293c
fix: cosign ctlog unit tests ( #9970 )
...
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2024-03-29 16:49:11 +00:00
Vishal Choudhary
93eac3f7a4
fix: deferred loader panic when mutate and generate policies are applied ( #9935 )
...
* fix: deferred loader panic when mutate and generate policies are applied
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: update policies
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* remove clusterrolebinding
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: copy only json context
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: polctx
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-03-29 14:37:15 +01:00
Vishal Choudhary
1a1954002f
fix: add rekor opts to cosign certificate verification and make rekor url optional ( #9957 )
...
* fix: add rekor opts to cosign certificate verification and make rekor url optional
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: linter
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2024-03-28 18:17:24 -07:00
Charles-Edouard Brétéché
76bd67739a
fix: polex mem footprint ( #9954 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-03-28 09:31:40 +00:00
Charles-Edouard Brétéché
4438b24b69
refactor: exception selector interface ( #9907 )
...
* refactor: exception selector interface
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-03-28 08:03:01 +00:00
Charles-Edouard Brétéché
ad62014b33
chore: simplify getting exception name ( #9916 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-03-15 15:02:57 +00:00
Khaled Emara
429e84be10
fix(globalcontext): panics and validation ( #9903 )
2024-03-14 16:12:39 +00:00
Vishal Choudhary
f2833861f8
fix: properly update policy context after preexisting resource in violation check ( #9893 )
...
* fix: properly update policy context after preexisting resource in violation check
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* chore: remove all copy function usages
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* chore: nit
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* refactor context resource swap
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* feat: chainsaw tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: test:
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: logger panic
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: copy cover policycontext
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: ShutingZhao <shuting@nirmata.com>
2024-03-13 16:24:53 +00:00
Jim Bugwadia
5e69204c99
add unit test ( #9894 )
...
* add unit test
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* revert change
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
2024-03-13 17:09:30 +08:00
Arnaud Tournier
1e09f22e59
give public access to PreProcessPattern ( #9887 )
...
Signed-off-by: Arnaud Tournier <ltearno@gmail.com>
2024-03-12 09:25:00 +00:00
Jim Bugwadia
befcd73ea1
add control names and images to PSS results ( #9869 )
...
* add control names and images to PSS results
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove init
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix tets
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* update chainsaw tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add unit test
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-03-11 09:32:05 +00:00
Khaled Emara
b9fc1e3d50
chore(apicall): remove duplicate code ( #9880 )
...
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
2024-03-11 15:30:29 +08:00
Suruchi Kumari
26df05d8c1
[Bug] [CLI] PSS report does not show properties with control details ( #9785 )
...
* add properties in pss report
Signed-off-by: GitHub <noreply@github.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove tests
Signed-off-by: GitHub <noreply@github.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix
Signed-off-by: GitHub <noreply@github.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix lint
Signed-off-by: GitHub <noreply@github.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* chore: move chainsaw config at the root of the repo (#9768 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* chore(deps): bump svenstaro/upload-release-action from 2.7.0 to 2.9.0 (#9767 )
Bumps [svenstaro/upload-release-action](https://github.com/svenstaro/upload-release-action ) from 2.7.0 to 2.9.0.
- [Release notes](https://github.com/svenstaro/upload-release-action/releases )
- [Changelog](https://github.com/svenstaro/upload-release-action/blob/master/CHANGELOG.md )
- [Commits](1beeb572c1...04733e069f#9791 )
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix: remove unnecessary validation check for podSecurity rule (#9790 )
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* update versions (#9783 )
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* chore: add tests for exceptions in the CLI (#9781 )
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* chore(deps): bump go.opentelemetry.io/otel/sdk/metric (#9799 )
Bumps [go.opentelemetry.io/otel/sdk/metric](https://github.com/open-telemetry/opentelemetry-go ) from 1.23.1 to 1.24.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.23.1...v1.24.0 )
---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/sdk/metric
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc (#9797 )
Bumps [go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc](https://github.com/open-telemetry/opentelemetry-go ) from 1.23.1 to 1.24.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.23.1...v1.24.0 )
---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* chore(deps): bump codecov/codecov-action from 4.0.1 to 4.0.2 (#9794 )
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](e0b68c6749...0cfda1dd0a#9796 )
Bumps [go.opentelemetry.io/otel/exporters/prometheus](https://github.com/open-telemetry/opentelemetry-go ) from 0.45.2 to 0.46.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/example/prometheus/v0.45.2...example/prometheus/v0.46.0 )
---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/prometheus
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace (#9795 )
Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace](https://github.com/open-telemetry/opentelemetry-go ) from 1.23.1 to 1.24.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.23.1...v1.24.0 )
---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* changes
Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc (#9798 )
Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc](https://github.com/open-telemetry/opentelemetry-go ) from 1.23.1 to 1.24.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.23.1...v1.24.0 )
---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* chore(deps): bump codecov/codecov-action from 4.0.2 to 4.1.0 (#9811 )
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 4.0.2 to 4.1.0.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](0cfda1dd0a...54bcd8715e#9809 )
Bumps [go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp](https://github.com/open-telemetry/opentelemetry-go-contrib ) from 0.48.0 to 0.49.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.48.0...zpages/v0.49.0 )
---
updated-dependencies:
- dependency-name: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* chore(deps): bump golang.org/x/crypto from 0.19.0 to 0.20.0 (#9810 )
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.19.0 to 0.20.0.
- [Commits](https://github.com/golang/crypto/compare/v0.19.0...v0.20.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix lint
Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix(globalcontext): old WaitGroup not stopping (#9813 )
* fix(globalcontext): old waitgroup not stopping
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* chore(globalcontext): add AGE
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* feat(globalcontext): add lastRefreshTime
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(globalcontext): unhandled intormer run exception
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* chore(globalcontext): comment wording
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* chore(globalcontext): codegen
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(globalcontext): linter
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
---------
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add empty declaration of properties
Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add changes
Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix: add podSecurity validation checks for exceptions (#9817 )
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* chore(deps): bump github.com/sigstore/sigstore from 1.8.1 to 1.8.2 (#9825 )
Bumps [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore ) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/sigstore/sigstore/releases )
- [Commits](https://github.com/sigstore/sigstore/compare/v1.8.1...v1.8.2 )
---
updated-dependencies:
- dependency-name: github.com/sigstore/sigstore
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault (#9821 )
Bumps [github.com/sigstore/sigstore/pkg/signature/kms/hashivault](https://github.com/sigstore/sigstore ) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/sigstore/sigstore/releases )
- [Commits](https://github.com/sigstore/sigstore/compare/v1.8.1...v1.8.2 )
---
updated-dependencies:
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/hashivault
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/azure (#9823 )
Bumps [github.com/sigstore/sigstore/pkg/signature/kms/azure](https://github.com/sigstore/sigstore ) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/sigstore/sigstore/releases )
- [Commits](https://github.com/sigstore/sigstore/compare/v1.8.1...v1.8.2 )
---
updated-dependencies:
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/azure
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* chore(deps): bump kyverno/action-install-chainsaw from 0.1.6 to 0.1.7 (#9832 )
Bumps [kyverno/action-install-chainsaw](https://github.com/kyverno/action-install-chainsaw ) from 0.1.6 to 0.1.7.
- [Release notes](https://github.com/kyverno/action-install-chainsaw/releases )
- [Commits](204730d723...3bf0752f44#9831 )
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.17.0 to 0.18.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](84384bd6e7...062f259268#9830 )
Bumps [github.com/sigstore/sigstore/pkg/signature/kms/gcp](https://github.com/sigstore/sigstore ) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/sigstore/sigstore/releases )
- [Commits](https://github.com/sigstore/sigstore/compare/v1.8.1...v1.8.2 )
---
updated-dependencies:
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* [Bug] [CLI] Restore warn-exit-code functionality for apply command (#9828 )
* Restore warn-exite-code functionality for apply command
Signed-off-by: Matt Veitas <mveitas@gmail.com>
* Nove error handling
Signed-off-by: Matt Veitas <mveitas@gmail.com>
* Uncomment println statement
Signed-off-by: Matt Veitas <mveitas@gmail.com>
* Fixing linting
Signed-off-by: Matt Veitas <mveitas@gmail.com>
* Adding conformance tets for cli apply command with warn-exit-code
Signed-off-by: Matt Veitas <mveitas@gmail.com>
* Update path to kubectl-kyverno binary
Signed-off-by: Matt Veitas <mveitas@gmail.com>
* Add prepare-cli as needed dependency
Signed-off-by: Matt Veitas <mveitas@gmail.com>
* feat: install kubectl-kyverno in standard conformance tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: update chainsaw config
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: move CLI chainsaw tests to a separate action
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: CLI path
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: name
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: add chainsaw flag '--no-cluster'
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: CLI name
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: Matt Veitas <mveitas@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: shuting <shuting@nirmata.com>
Co-authored-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/aws (#9822 )
Bumps [github.com/sigstore/sigstore/pkg/signature/kms/aws](https://github.com/sigstore/sigstore ) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/sigstore/sigstore/releases )
- [Commits](https://github.com/sigstore/sigstore/compare/v1.8.1...v1.8.2 )
---
updated-dependencies:
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/aws
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove comment and shift line 91
Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* modify test
Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* added rseperate function for adding properties in result
Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix test
Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add test for pss report
Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove comments
Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix: remove duplicate chainsaw tests for PSA (#9835 )
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* modify policy
Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* modify policy in test_dta
Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* docs: Add new adopter to ADOPTERS.md (#9841 )
Signed-off-by: Younsung Lee <cysl@kakao.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix: use gcr crane opts while fetching image descriptors (#9838 )
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix: add missing unit tests for podSecurity.hostpathVolume check (#9845 )
* fix: add missing unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: update pinned lib
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: uncomment code
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix: release CRDs manifests (#9849 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* chore(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#9842 )
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.8.4 to 1.9.0.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.8.4...v1.9.0 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix name access for policy types
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* modify pkg report
Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* modify name
Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add bindings
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* Revert "add bindings"
This reverts commit c616c11d9bb4dd0554104025fcfb9cf9e25dc02d.
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* revert add bindings
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* update chainsaw
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* update name
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* Revert "update name"
This reverts commit 84de45b4ce1c5f94d8cbd0a66e893c7907f4a600.
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* simplify results
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
---------
Signed-off-by: GitHub <noreply@github.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com>
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Signed-off-by: Matt Veitas <mveitas@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: shuting <shuting@nirmata.com>
Signed-off-by: Younsung Lee <cysl@kakao.com>
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: Matt Veitas <mveitas@gmail.com>
Co-authored-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Younsung Lee <cysl@kakao.com>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2024-03-07 13:54:00 -08:00
shuting
bc2f50ae13
fix: add missing unit tests for podSecurity.hostpathVolume check ( #9845 )
...
* fix: add missing unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: update pinned lib
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: uncomment code
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2024-03-04 15:23:06 +00:00
Vishal Choudhary
cc7934f42a
fix: use gcr crane opts while fetching image descriptors ( #9838 )
...
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2024-03-04 08:14:00 +00:00
Mariam Fahmy
07a6bf42f5
fix: add podSecurity validation checks for exceptions ( #9817 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-02-28 08:21:10 +00:00
Khaled Emara
511df7a466
fix(globalcontext): old WaitGroup not stopping ( #9813 )
...
* fix(globalcontext): old waitgroup not stopping
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* chore(globalcontext): add AGE
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* feat(globalcontext): add lastRefreshTime
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(globalcontext): unhandled intormer run exception
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* chore(globalcontext): comment wording
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* chore(globalcontext): codegen
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(globalcontext): linter
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
---------
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
2024-02-27 18:24:39 +00:00
Mariam Fahmy
103cd460d0
fix: remove unnecessary validation check for podSecurity rule ( #9790 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-02-26 06:56:51 +00:00
Vaibhav Mewada
ea48bdeb31
changed the log level in match policy context ( #9626 )
...
Signed-off-by: Vaibhav Mewada <vaibhav@zoop.one>
Co-authored-by: Vaibhav Mewada <vaibhav@zoop.one>
Co-authored-by: shuting <shuting@nirmata.com>
2024-02-23 11:13:55 +00:00
Khaled Emara
2b2587469d
feat: enhance global context ( #9710 )
...
* feat(globalcontext): add event handling
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* feat(globalcontext): handle cache sync error
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* feat(globalcontext): ensure api is called during init
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* design(events): decouple events from policies a bit
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* feat(globalcontext): use status
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(globalcontext): make status optional
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(globalcontext): status update
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(globalcontext): codegen
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* chore(globalcontext): delete yaml annotations
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(globalcontext): fix status in tests
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(globalcotext): update enqueue func
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(globalcontext): error
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* chore(globalcontext): rbac
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* chore(globalcontext): retry logic
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(globalcontext): unknown api call in test
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* bump
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix: set unique name for each testing resource
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: update readme
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: log msg
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: add delays
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: delay gctce creation
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* debug: check Kyverno status
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* debug: update chainsaw config
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* debug: revert chainsaw config
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* test(globalcontext): print actual status
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(globalcontext): add necessary delays and check status before applying
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* test(globalcontext): long refreshInterval
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* debug: log success
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* debug: print informer data
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(globalcontext): use client instead of informer
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* debug: print status after update
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* debug: print ResourceVersion
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* debug: remove gcecontroller from other controllers
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(globalcontext): update status only once
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* chore: remove excess logs
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(globalcontext): add store to cleanup controller
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
---------
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-02-23 10:34:04 +00:00
shuting
7a93dcdbc9
chore: default logging format to rfc3339 ( #9775 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2024-02-23 10:01:42 +00:00
Mariam Fahmy
956b403c7e
fix: add validation check for podSecurity subrule ( #9770 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-02-23 15:16:53 +08:00
Mariam Fahmy
2a277a01c4
feat: apply VAP bindings in CLI apply command in offline mode ( #9751 )
...
* feat: apply VAP bindings in CLI apply command in offline mode
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix lint
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix chainsaw tests
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-02-21 07:52:25 +00:00
mohamedasifs123
d566e9886c
Fix :variables are not getting processed in validation message for "anyPattern" ( #9713 )
...
* Update validate_resource.go
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Create pod.yaml
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Create chainsaw-test.yaml
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Create policy.yaml
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Update validate_resource.go
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* test
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* test
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* test
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* test
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Update chainsaw-test.yaml
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Create README.md
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/variable-substitution-failure-messages/README.md
Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/variable-substitution-failure-messages/README.md
Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/variable-substitution-failure-messages/chainsaw-test.yaml
Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/variable-substitution-failure-messages/README.md
Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
---------
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
2024-02-21 07:20:43 +00:00
mohamedasifs123
66f54d8fd6
fix: Policies skipped because of preconditions not met should not be included in admission requests denial responses ( #9719 )
...
* Update block.go
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Update block.go
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* lint
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Update block.go
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* test added
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* test
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* test
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* --signoff
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Create README.md
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Rename Policy1.yaml to policy-1.yaml
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/check-message-upon-resource-failure/README.md
Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/check-message-upon-resource-failure/README.md
Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/check-message-upon-resource-failure/chainsaw-test.yaml
Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Rename Policy2.yaml to policy-2.yaml
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
* Update chainsaw-test.yaml
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
---------
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-02-20 15:42:18 +00:00
Charles-Edouard Brétéché
a1cb4f1c30
fix: remove deprecated imageSignatureRepository flag ( #9698 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-02-08 12:10:29 +00:00
Charles-Edouard Brétéché
7775541b46
fix: reports aggregation ( #9697 )
...
* chore: rename admission to ephemeral in reports aggregation controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: reports aggregation
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* second queue
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* cleanup
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* nit
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* flag
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-02-08 10:36:01 +00:00
Khaled Emara
10258921ac
feat(validation-webhook): validate global context reference ( #9678 )
...
* feat(validation-webhook): validate global context reference
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(validation-webhook): global reference name
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* test(globalcontext): fix tests after valdiation
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(policycache): dont add NotReady Policies
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* chore(globalcontext): rename e2e tests
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* chore(globalcontext): add entry errors
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* test(globalcontext): fix chainsaw test
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
---------
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
2024-02-08 07:46:58 +00:00
Suruchi Kumari
704c6722ec
[Bug] Fix message and formatting of podSecurity validation failure with restrictedField ( #9658 )
...
* fix format
Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com>
* fix test
Signed-off-by: GitHub <noreply@github.com>
---------
Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com>
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-02-08 12:16:23 +08:00
Charles-Edouard Brétéché
6f440ab6c0
chore: rename admission to ephemeral in reports aggregation controller ( #9690 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-02-07 10:29:56 +00:00
Charles-Edouard Brétéché
64176cdbea
fix: don't delete garbage collected policy reports ( #9679 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-02-07 07:10:51 +00:00
Charles-Edouard Brétéché
f1c81dbc69
feat: remove admission controller ( #9677 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-02-07 06:20:35 +00:00
Khaled Emara
1eda4789d1
test(globalcontext): add e2e tests ( #9661 )
...
* fix(globalcontext): validation
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(globalcontext): use existence instead of ready for now
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* chore(globalcontext): improve not ready error message
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(globalcontext): allow any APICall
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(globalcontext): prevent double marshal
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* test(globalcontext): add e2e tests
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* chore(globalcontext): move vaildation to OpenAPI V3
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
---------
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-02-06 17:03:32 +00:00
Khaled Emara
8a4d9941de
feat: add globalcontext loader and interface ( #9602 )
...
* feat(globalcontext): add interface
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(globalcontext): package import path
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* design(contextloader): move globalcontext from Load to init
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(globalcontext): remove pointer
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* design(globalcontext): create specific Store
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-02-05 11:24:37 +00:00
Charles-Edouard Brétéché
b532525321
fix: global context crd improvements ( #9621 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-02-02 17:42:20 +00:00
Vishal Choudhary
3142af64a0
feat: add global context entry validation webhook ( #9619 )
...
* feat: add global context entry validation webhook
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: use `k8s.io/apimachinery/pkg/util/json` instead of `encoding/json`
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: lint
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2024-02-02 18:04:50 +01:00
Charles-Edouard Brétéché
2b712107d2
feat: consider maxAPICallResponseLength ( #9620 )
...
* chore: move global context package out of engine
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: consider maxAPICallResponseLength
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-02-02 15:35:57 +00:00
Charles-Edouard Brétéché
b59353c657
chore: move global context package out of engine ( #9618 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-02-02 14:35:24 +00:00
Vishal Choudhary
10ae9e306c
feat: update refreshInterval in globalcontext CRD to use a duration ( #9615 )
2024-02-02 12:06:51 +00:00
Khaled Emara
226fa9515a
feat: add globalcontext controller ( #9601 )
...
* feat: add globalcontext controller
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* rework controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* rbac
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* cmd
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix rbac
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* engine
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* k8s resources
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* k8s resource
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* resync zero
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* api call
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* api call
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* clean
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix linter
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-02-02 10:41:35 +00:00
Mariam Fahmy
3510998d4f
feat: Support CEL expression warnings ( #9566 )
...
* feat: support CEL expression warnings
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: allow the policy creation but return warnings to the API server
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix tests
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: ShutingZhao <shuting@nirmata.com>
2024-02-02 10:04:02 +00:00
shuting
5f0d53fe34
feat: apply .matchConditions when generating reports ( #9599 )
...
* enable matchconditions for reports
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add chainsaw tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: linter issues
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: move files
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2024-02-02 08:32:28 +00:00
M Viswanath Sai
d102abeb99
Feat: Human readable timestamps in logs ( #9276 )
...
* added timestamp flag and subsequent behaviour changes for logging
Signed-off-by: mviswanathsai <mviswanath.sai.met21@itbhu.ac.in>
* Changed verbose verbosity level in cli
Signed-off-by: mviswanathsai <mviswanath.sai.met21@itbhu.ac.in>
* fix linter
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* log level
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: mviswanathsai <mviswanath.sai.met21@itbhu.ac.in>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-02-01 19:14:47 +00:00
Vishal Choudhary
34c6044c8f
chore(deps): bump github.com/sigstore/cosign/v2 from 2.2.2 to 2.2.3 ( #9600 )
...
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2024-02-01 15:50:24 +00:00
Charles-Edouard Brétéché
1e0bac2d6f
feat: add global context crd to codegen ( #9595 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-02-01 12:32:13 +00:00
Charles-Edouard Brétéché
0b85bc41b7
feat: add global context crd ( #9591 )
...
* feat: add global context crd
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* merge main
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-02-01 10:58:31 +00:00
