mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 07:57:07 +00:00
Code Activity
4065 commits 20 branches 550 tags 288 MiB
Commit graph

83 commits

Author SHA1 Message Date
Charles-Edouard Brétéché
65409890b4
refactor: remove ns lister from webhookconfig (#3452) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Co-authored-by: Prateek Pandey <prateekpandey14@gmail.com>
 2022-03-23 16:04:02 +08:00
shuting
376a8d3b22
Reduce throttling requests for Kyverno managed resources (#3016) 
* remove resoureCache from the event controller

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* create rcr using typed client to reduce PUT throttling request

Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2022-01-21 18:36:05 +08:00
shuting
b10947b975
Dynamic webhooks (#2425) 
* support k8s 1.22, update admissionregistration.k8s.io/v1beta1  to admissionregistration.k8s.io/v1

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* - add failurePolicy to policy spec; - fix typo

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* - add schema validation for failurePolicy; - add a printer column

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* set default failure policy to fail if not defined

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* resolve conflicts

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* fix missing type for printerColumn

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* refactor policy controller

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* add webhook config manager

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* - build webhook objects per policy update; - add fail webhook to default webhook configurations

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* fix panic on policy update

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* build default webhook: match empty if autoUpdateWebhooks is enabled, otherwise match all

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* - set default webhook configs rule to empty; - handle policy deletion

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* reset webhook config if policies with a specific failurePolicy are cleaned up

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* handle wildcard pocliy

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* update default webhook timeout to 10s

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* cleanups

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* added webhook informer to re-create it immediately if missing

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* update tag webhookTimeoutSeconds description

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* fix e2e tests

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* fix linter issue

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* correct metric endpoint

Signed-off-by: ShutingZhao <shutting06@gmail.com>

* add pol.generate.kind to webhooks

Signed-off-by: ShutingZhao <shutting06@gmail.com>
 2021-10-05 00:15:09 -07:00
Valentin Velkov
63f4c9a884
Configurable success events on policies & resources. Generating failure events on policies by default. (#1939) 
* Remove unused event.Reason const

Signed-off-by: Velkov <valentin.velkov@sap.com>

* Generate failure events on policies

Signed-off-by: Velkov <valentin.velkov@sap.com>

* Generate success events on policy

Signed-off-by: Velkov <valentin.velkov@sap.com>

* Introduce 'generateSuccessEvents' flag

Signed-off-by: Velkov <valentin.velkov@sap.com>

* Unit tests & chart fix

Signed-off-by: Velkov <valentin.velkov@sap.com>
 2021-06-29 14:43:11 -07:00
Vyankatesh Kudtarkar
9e831ec959
Bug Fix: Extends match / exclude to use apiGroup and apiVersion (#1218) (#1656) 
* Extends match / exclude to use apiGroup and apiVersion

Signed-off-by: vyankatesh <vyankatesh@neualto.com>

* fix gvk issue

Signed-off-by: vyankatesh <vyankatesh@neualto.com>

Co-authored-by: vyankatesh <vyankatesh@neualto.com>
 2021-03-04 16:45:52 -08:00
shuting
2f2d6c2e38
Upgrade client libraries to 0.20.2 (#1547) 
* upgrade clients to 0.20.2

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* remove debug log

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* fix unit tests

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* fix e2e test

Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-02-07 20:26:56 -08:00
shuting
39b27a16ed
Reduce throttling requests (GET) (#1522) 
* add resource lister to even handler

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* use lister to get Kyverno deployment

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* add lister for webhook configs

Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-02-05 09:58:10 -08:00
shuting
2fc3b3b998
Fixes 1410 strategic merge patch (#1414) 
* fixes #1410

* fix unit test

* re-initialize worker immediately on failure
 2020-12-23 17:48:00 -08:00
Shuting Zhao
61e4088a53 improve eventGen logging 2020-11-03 16:07:02 -08:00
Shuting Zhao
cdc5190c56 update nirmata/kyverno to kyverno/kyverno 2020-10-07 11:12:31 -07:00
Yuvraj
b648c2edd6
Events take several minutes to show on the resource (#1083) 
* git action added

* changed retry method

* remove time method

* increase worker for event generator
 2020-08-26 14:28:34 +05:30
Mohan B E
a14828246d
Feature/api version 852 (#1028) 
* apiVersion support for generate

* added apiVersion to crds
 2020-08-07 09:47:33 +05:30
shuting
75a7543c6d
Events fix (#1006) 
* remove success event

* remove event success message

* remove events generated on clusterpolicy
 2020-07-20 20:30:02 +05:30
Jim Bugwadia
65193feccb
update logging, naming, and event retry (#959) 
* update logging and naming

* check per policy patch count
 2020-06-30 11:53:27 -07:00
Shuting Zhao
f97c202d52 extract controller resync period to a constant file 2020-05-18 11:56:17 -07:00
Shuting Zhao
5128a00e91 suppress log 2020-05-18 11:56:15 -07:00
shivkumar dudhani
29f56e292a use klog as logger for event broadcasting 2020-03-27 08:22:05 -07:00
shivkumar dudhani
1b1ab78f77 logs & access 2020-03-17 11:05:20 -07:00
shivkumar dudhani
e499264ea9 refactor events 2020-02-19 19:24:34 -08:00
Shivkumar Dudhani
8c1d79ab28
linter suggestions (#655) 
* cleanup phase 1

* linter fixes phase 2
 2020-01-24 12:05:53 -08:00
Shivkumar Dudhani
1171ac691b
cleanup phase 1 (#653) 2020-01-24 09:37:12 -08:00
Shivkumar Dudhani
ffd2179b03
538 (#587) 
* initial commit

* background policy validation

* correct message

* skip non-background policy process for add/update

* add Generate Request CR

* generate Request Generator Initial

* test generate request CR generation

* initial commit gr generator

* generate controller initial framework

* add crd for generate request

* gr cleanup controller initial commit

* cleanup controller initial

* generate mid-commit

* generate rule processing

* create PV on generate error

* embed resource type

* testing phase 1- generate resources with variable substitution

* fix tests

* comment broken test #586

* add printer column for state

* return if existing resource for clone

* set resync time to 2 mins & remove resource version check in update handler for gr

* generate events for reporting

* fix logs

* cleanup

* CR fixes

* fix logs
 2020-01-07 10:33:28 -08:00
Shivkumar Dudhani
085856baa1
add event source and format event messages (#565) 2019-12-26 11:50:41 -08:00
shivkumar dudhani
10fc1b47ba Merge branch 'master' into v1.1.0 2019-12-12 16:54:42 -08:00
Shivkumar Dudhani
a81d5c9ae7
update event message (#515) 2019-11-18 17:13:48 -08:00
shivkumar dudhani
3c3931b67b wat for cache sync and cleanup 2019-11-15 15:59:37 -08:00
shivkumar dudhani
57e8e2a395 Revert "wait for cache to sync and cleanup" 
This reverts commit 9c3b32b903.
 2019-11-15 15:57:18 -08:00
shivkumar dudhani
9c3b32b903 wait for cache to sync and cleanup 2019-11-15 15:53:22 -08:00
Shuting Zhao
b67577994a update apiversion to v1 in code 2019-11-13 13:41:08 -08:00
Shuting Zhao
f820cb4c83 implement #387 Generate clusterpolicyviolation when policy action set to "enforce" 2019-10-21 15:55:20 -07:00
shivkumar dudhani
5dab189743 fix event resource name + add filtered kinds to policy controller & namespace + fix messages 2019-09-12 15:04:35 -07:00
shivkumar dudhani
973abe6233 ignore creationg of event and PV if Name is not assgined. 2019-09-04 15:30:09 -07:00
shivkumar dudhani
fa53519e2a change CRD Name to ClusterPolicy & ClusterPolicyViolations 2019-09-03 14:51:51 -07:00
shivkumar dudhani
5b80da32ba replace policyInfo with engineResponse 2019-08-26 13:34:42 -07:00
Shuting Zhao
a83e5c1d05 Merge commit '2192703df1bb26cb8b30a1aece6f9afeed09b214' into 254_dynamic_webhook_configurations 
# Conflicts:
#	pkg/engine/generation.go
#	pkg/engine/overlay.go
#	pkg/engine/utils.go
#	pkg/engine/utils_test.go
#	pkg/gencontroller/controller.go
#	pkg/gencontroller/generation.go
#	pkg/webhooks/mutation.go
#	pkg/webhooks/server.go
 2019-08-19 16:44:38 -07:00
shivkumar dudhani
6580e0e73a remove temp clientNew 2019-08-17 09:58:14 -07:00
Shuting Zhao
a110efb96c Merge branch 'policyViolation' into 254_dynamic_webhook_configurations 
# Conflicts:
#	main.go
#	pkg/annotations/annotations.go
#	pkg/annotations/controller.go
#	pkg/controller/controller.go
#	pkg/controller/controller_test.go
#	pkg/engine/engine.go
#	pkg/engine/generation.go
#	pkg/engine/mutation.go
#	pkg/engine/validation.go
#	pkg/event/controller.go
#	pkg/webhooks/mutation.go
#	pkg/webhooks/policyvalidation.go
#	pkg/webhooks/report.go
#	pkg/webhooks/server.go
#	pkg/webhooks/validation.go
 2019-08-14 19:00:37 -07:00
shivkumar dudhani
aed0ed0dc1 clean up 2019-08-14 10:01:47 -07:00
shivkumar dudhani
1e621146be test policy engine on admission requests 2019-08-09 16:55:43 -07:00
shivkumar dudhani
135f241a4a event generator cleanup 2019-08-09 13:41:56 -07:00
Shuting Zhao
4ef50c66ea - add resource namespace in event info - improve event text 2019-08-06 11:30:44 -07:00
Shuting Zhao
1ecf92a634 - update vendor - add profiling library 2019-08-02 11:20:56 -07:00
shivkumar dudhani
14bc6859f6 annotations json path update 2019-07-24 14:25:28 -04:00
shivkumar dudhani
4166d13684 correct case 2019-07-19 16:18:36 -07:00
shivkumar dudhani
91030987ea handle retrys events 2019-07-19 16:17:10 -07:00
shivkumar dudhani
e5f208e303 annotation generation from policy controller 2019-07-17 17:53:13 -07:00
Shuting Zhao
749021774f resolve merge conflict 2019-07-08 18:03:21 -07:00
Shuting Zhao
42b8bcc968 Merge branch 'master' into 192_create-events_on_generation 2019-07-08 18:00:55 -07:00
Shuting Zhao
e820a80c5b add events for generation 2019-07-08 16:53:34 -07:00
shivkumar dudhani
942f0f5ac3 get resource using kind & add cache invalidate mechanism and retry 2019-07-08 15:34:21 -07:00