mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-15 17:51:20 +00:00
Code Activity
6598 commits 15 branches 540 tags 276 MiB
Commit graph

500 commits

Author SHA1 Message Date
dependabot[bot]
0a14dfacbc
chore(deps): bump actions/setup-python from 4.7.0 to 4.7.1 (#8575) 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.7.0 to 4.7.1.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](61a6322f88...65d7f2d534)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-13 05:06:52 +00:00
dependabot[bot]
7db6fc421e
chore(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0 (#8597) 
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](08b4669551...483ef80eb9)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-11 08:59:11 +00:00
Charles-Edouard Brétéché
20655f5af4
fix: cache error in gh workflows (#8518) 
* fix: cache error in gh workflows

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* setup caches

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-09-27 08:24:27 +00:00
dependabot[bot]
45a45b6c46
chore(deps): bump sigstore/scaffolding (#8522) 
Bumps [sigstore/scaffolding](https://github.com/sigstore/scaffolding) from d5eada0a29719b385d26831ead049f188bbfd824 to d21c412f3c2f95421413f43741c2e62c19241dfe.
- [Release notes](https://github.com/sigstore/scaffolding/releases)
- [Changelog](https://github.com/sigstore/scaffolding/blob/main/release.md)
- [Commits](d5eada0a29...d21c412f3c)

---
updated-dependencies:
- dependency-name: sigstore/scaffolding
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-25 08:50:44 +00:00
dependabot[bot]
313c5df2bb
chore(deps): bump actions/checkout from 4.0.0 to 4.1.0 (#8523) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](3df4ab11eb...8ade135a41)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-25 07:39:53 +00:00
dependabot[bot]
ebb7868d97
chore(deps): bump adRise/update-pr-branch from 0.6.0 to 0.7.0 (#8506) 
Bumps [adRise/update-pr-branch](https://github.com/adrise/update-pr-branch) from 0.6.0 to 0.7.0.
- [Release notes](https://github.com/adrise/update-pr-branch/releases)
- [Commits](437fab6e0a...cd305ecbd7)

---
updated-dependencies:
- dependency-name: adRise/update-pr-branch
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
 2023-09-22 14:10:01 +00:00
dependabot[bot]
a043325237
chore(deps): bump sigstore/scaffolding (#8505) 
Bumps [sigstore/scaffolding](https://github.com/sigstore/scaffolding) from b52f64ebe86d2d081b753d7d8549e0b668dcabb7 to d5eada0a29719b385d26831ead049f188bbfd824.
- [Release notes](https://github.com/sigstore/scaffolding/releases)
- [Changelog](https://github.com/sigstore/scaffolding/blob/main/release.md)
- [Commits](b52f64ebe8...d5eada0a29)

---
updated-dependencies:
- dependency-name: sigstore/scaffolding
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-22 07:30:38 +00:00
Charles-Edouard Brétéché
af50fabc6e
chore: fix release (#8482) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-09-21 08:24:45 +00:00
Charles-Edouard Brétéché
5eb3ca2d96
fix: release archive name template (#8475) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-09-20 22:35:49 +00:00
Charles-Edouard Brétéché
1a73ca7e9f
fix: publish images workflow (#8473) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-09-20 21:50:00 +00:00
Charles-Edouard Brétéché
da5496bd64
fix: release workflow (#8471) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-09-20 19:46:40 +00:00
Charles-Edouard Brétéché
69441c6d0f
chore: add a required job to simplify branch protection (#8464) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-09-20 11:19:35 +00:00
Charles-Edouard Brétéché
4f0e378a34
fix: custom-sigstore conformance job (#8459) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-09-20 09:12:02 +00:00
dependabot[bot]
8ed197cb51
chore(deps): bump fluxcd/flux2 from 2.1.0 to 2.1.1 (#8457) 
Bumps [fluxcd/flux2](https://github.com/fluxcd/flux2) from 2.1.0 to 2.1.1.
- [Release notes](https://github.com/fluxcd/flux2/releases)
- [Changelog](https://github.com/fluxcd/flux2/blob/main/.goreleaser.yml)
- [Commits](22cf986a79...026ab61ba7)

---
updated-dependencies:
- dependency-name: fluxcd/flux2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-20 07:33:32 +00:00
Charles-Edouard Brétéché
33dbdc9c5b
fix: linter (#8454) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-09-19 11:36:29 +00:00
dependabot[bot]
12d61720b5
chore(deps): bump sigstore/scaffolding (#8448) 
Bumps [sigstore/scaffolding](https://github.com/sigstore/scaffolding) from 9fb4937ae18ed8456d725e99cb2871d309673022 to b52f64ebe86d2d081b753d7d8549e0b668dcabb7.
- [Release notes](https://github.com/sigstore/scaffolding/releases)
- [Changelog](https://github.com/sigstore/scaffolding/blob/main/release.md)
- [Commits](9fb4937ae1...b52f64ebe8)

---
updated-dependencies:
- dependency-name: sigstore/scaffolding
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-19 07:29:27 +00:00
Vishal Choudhary
e2469415b7
feat: add support for custom sigstore using TUF (#8385) 
* feat; add support for custom sigstore using TUF

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add kuttl test

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add commit hash

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add kyverno.yaml

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update kyverno deployment

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update ordering

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update deployment

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update create image step

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: remove wait step

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: install crane

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: set sha on install crane

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add cosign installer

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update custom deployment

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: helm chart linting

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update Chart.yaml

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: helm values liniting error

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: remove step

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: kind-deploy-kyverno

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: create configmap in kyverno namespace

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update policy

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: create kyverno ns

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: use envfrom

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: indentation

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update tuf root

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add sigstore volume

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: nit

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: remove tuf root

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: use default tuf instead :(

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update Create kind cluster

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: remove root

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update impl

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: nit

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: use custom test

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: remove force

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: cosign initialize

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add yes flag

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* update manifest

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: move tuf to features

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update comments

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore: helmchart generate

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: trailing white space

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: remove old fields

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: decouple env config map from tuf

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* change the way we pass flags

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: re add envConfigMap

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix env vars

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* remove envConfigMap

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-09-18 13:16:08 +00:00
Charles-Edouard Brétéché
d8186ef4ab
chore: add workflow to test cli with kubectl-validate enabled (#8407) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-09-14 19:04:55 +00:00
dependabot[bot]
51fc790aa7
chore(deps): bump docker/login-action from 2.2.0 to 3.0.0 (#8372) 
Bumps [docker/login-action](https://github.com/docker/login-action) from 2.2.0 to 3.0.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](465a07811f...343f7c4344)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-13 17:29:46 +00:00
dependabot[bot]
a5198e78a9
chore(deps): bump goreleaser/goreleaser-action from 4.6.0 to 5.0.0 (#8344) 
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 4.6.0 to 5.0.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](5fdedb94ab...7ec5c2b0c6)

---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-12 10:15:28 +00:00
Charles-Edouard Brétéché
cc34e01d43
chore: compress cli test files by default (#8345) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-09-12 08:08:17 +00:00
Charles-Edouard Brétéché
103ef137a3
chore: validate test files are up to date (#8342) 
* chore: validate test files are up to date

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* makefile

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* codegen

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-09-12 12:53:37 +08:00
dependabot[bot]
2cc0f9ddd4
chore(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 (#8303) 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](0b7f8abb15...a8a3f3ad30)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-07 10:05:24 +00:00
Mariam Fahmy
29bb18d633
chore: remove validating admission policy support from v1.26 (#8294) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-09-07 07:50:56 +00:00
dependabot[bot]
4449736315
chore(deps): bump goreleaser/goreleaser-action from 4.4.0 to 4.6.0 (#8284) 
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 4.4.0 to 4.6.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](3fa32b8bb5...5fdedb94ab)

---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-07 06:43:42 +00:00
Mariam Fahmy
bbd137db24
feat: add kuttl tests for validating admission policy backgroundscan reports (#8292) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-09-07 02:22:12 +00:00
Mariam Fahmy
c6e7ec2172
fix: add generate VAPs test suite to v1.28 (#8287) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-09-06 20:28:21 +08:00
dependabot[bot]
7a3a3194eb
chore(deps): bump actions/checkout from 3.6.0 to 4.0.0 (#8262) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.6.0 to 4.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](f43a0e5ff2...3df4ab11eb)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2023-09-05 09:27:02 +00:00
dependabot[bot]
39fdbb4c38
chore(deps): bump aquasecurity/trivy-action from 0.11.2 to 0.12.0 (#8235) 
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.11.2 to 0.12.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](41f05d9ecf...fbd16365eb)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-09-04 18:40:19 +00:00
dependabot[bot]
e153ead117
chore(deps): bump sigstore/cosign-installer from 3.1.1 to 3.1.2 (#8236) 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](6e04d228eb...11086d2504)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-04 12:07:07 +00:00
Charles-Edouard Brétéché
cea61db1d9
chore: build cli only once for conformance tests (#8210) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-09-01 10:21:35 +00:00
dependabot[bot]
ef952146f7
chore(deps): bump actions/checkout from 3.5.3 to 3.6.0 (#8204) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.3 to 3.6.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3.5.3...f43a0e5ff2bd294095638e18286ca9a3d1956744)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-01 09:21:45 +02:00
Charles-Edouard Brétéché
f3ad487bf7
chore: monitor helm secret size (#8195) 
* chore: monitor helm secret size

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* below case

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* Update .github/workflows/conformance.yaml

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* Update .github/workflows/conformance.yaml

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* Update .github/workflows/conformance.yaml

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* Update .github/workflows/conformance.yaml

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-08-31 13:19:23 +00:00
Mariam Fahmy
c583b64120
feat: generate validating admission policies and their bindings from Kyverno policies (#7840) 
* feat: generate validating admission policies and their bindings from Kyverno policies

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* feat: add generate VAPs feature flag

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: use container flags instead of feature flags

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: limit VAP generation to cluster policies

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* feat: add policy checks for generating VAPs

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* chore: rename package

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* feat: translate match/exclude resources in Kyverno policies to their alternatives in validating admission policies

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* feat: add vap info in kyverno policy status

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: delete the translation of

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* feat: add kuttl tests

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* feat: add generateValidatingAdmissionPolicy feature flag in the helm chart

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* chore: update codegen

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* feat: add validating admission policy kuttl tests in the workflow

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: check K8s server version

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix lint issue

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: remove the kind config of VAPs

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-08-31 10:25:21 +00:00
Charles-Edouard Brétéché
7de8503e87
chore: increase setup-build-env timeout (#8187) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-08-30 20:44:51 +00:00
Charles-Edouard Brétéché
f9cd20be91
fix: build cli in conformance tests (#8143) 
* fix: build cli in conformance tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-08-29 09:58:27 +00:00
Charles-Edouard Brétéché
147e3197c4
chore: add a timeout to setup-build-env action (#8153) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-08-29 08:39:43 +00:00
dependabot[bot]
2fefc825ed
chore(deps): bump kyverno/action-install-cli from 0.1.0 to 0.2.0 (#8133) 
Bumps [kyverno/action-install-cli](https://github.com/kyverno/action-install-cli) from 0.1.0 to 0.2.0.
- [Release notes](https://github.com/kyverno/action-install-cli/releases)
- [Commits](a3d781ac3f...fcee92fca5)

---
updated-dependencies:
- dependency-name: kyverno/action-install-cli
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-28 07:35:53 +00:00
dependabot[bot]
410c02b36f
chore(deps): bump actions/checkout from 3.5.3 to 3.6.0 (#8119) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.3 to 3.6.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](c85c95e3d7...f43a0e5ff2)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-25 07:17:21 +00:00
dependabot[bot]
4700566966
chore(deps): bump fluxcd/flux2 from 2.0.1 to 2.1.0 (#8118) 
Bumps [fluxcd/flux2](https://github.com/fluxcd/flux2) from 2.0.1 to 2.1.0.
- [Release notes](https://github.com/fluxcd/flux2/releases)
- [Changelog](https://github.com/fluxcd/flux2/blob/main/.goreleaser.yml)
- [Commits](9b3162495c...22cf986a79)

---
updated-dependencies:
- dependency-name: fluxcd/flux2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-25 06:46:11 +00:00
dependabot[bot]
58b5d65c85
chore(deps): bump slsa-framework/slsa-github-generator (#8093) 
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) from 1.8.0 to 1.9.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.8.0...v1.9.0)

---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-23 16:11:32 +08:00
Alok N
cf5ec3df58
feat: use kyverno/action-install-cli action for conformance workflow (#8072) 
* feat: use kyverno/action-install-cli for conformance workflow

* Update .github/workflows/conformance.yaml

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-08-21 22:26:37 +02:00
Charles-Edouard Brétéché
ce4beb0e92
feat: support wildcard in subjects statements (#8068) 
* feat: support wildcard in subjects statements

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* kuttl tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* sa tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* more tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* more tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-08-20 20:46:42 -04:00
Charles-Edouard Brétéché
1abf2cb51a
chore: remove tests for k8s v1.24 (#8043) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-08-17 12:05:35 +08:00
Charles-Edouard Brétéché
ce34f8e2a6
chore: add k8s 1.28 testing (#8036) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-08-16 08:49:45 +00:00
dependabot[bot]
1df6578708
chore(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 (#8023) 
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 3.6.0 to 3.7.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](639cd343e1...3a91952989)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-15 07:53:28 +00:00
dependabot[bot]
f74c80f57b
chore(deps): bump goreleaser/goreleaser-action from 4.3.0 to 4.4.0 (#8001) 
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 4.3.0 to 4.4.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](336e29918d...3fa32b8bb5)

---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-10 07:41:31 +00:00
dependabot[bot]
bc95283b04
chore(deps): bump slsa-framework/slsa-github-generator (#7968) 
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.7.0...v1.8.0)

---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-04 11:03:50 +02:00
Ved Ratan
9f2cc6c99c
feat: add ttl controller (#7821) 
* added the ttl controller

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fixed label and vars

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* added logger

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* applied fixes

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* removed comments

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* lint

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* lint

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* lint

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* more lint fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* applied changes

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* minor fixes

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix logger, separate parse logic

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* added tests

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* added kuttl tests, validation utilities

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* commented code

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* renamed tests

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix test

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* created log.go

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix log.go

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* added README.md refactor code

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* lint fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* lint

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* lint fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* added validation webhook

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* label-validation fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* added flag, updated verbs

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* updated verbs

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* updated helm chart

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* test fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* lint

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* linter

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* imporoved webhook validation

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* linter fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* lint

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* lint fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix codegen

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* webhook names and path constants

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* constant label

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix label selector

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* kuttl test fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* helm docs

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix controller logger

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: manager logger

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix failure policy

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* kuttl tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* move kuttl tests in separate job

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* remove rbac steps

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* remove configmaps from core cluster role

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix logger

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* rename flag

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* kuttl

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix error

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix linter

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Ved Ratan <vedratan8@gmail.com>
Signed-off-by: Ved Ratan <82467006+VedRatan@users.noreply.github.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-08-02 16:47:40 +02:00
Vishal Choudhary
c38a014468
test: add tests for ghcr private repository (#7791) 2023-07-31 11:12:24 +00:00