mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-05 15:37:19 +00:00
Code Activity
6624 commits 16 branches 550 tags 287 MiB
Commit graph

6624 commits

This branch
This branch
All branches
Author SHA1 Message Date
gcp-cherry-pick-bot[bot]
68e60ffc72
Add policyKind option to kyverno-policies chart (#8827) (#8923) 
Fixes #4317 #8568

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Co-authored-by: treydock <tdockendorf@osc.edu>
Co-authored-by: shuting <shuting@nirmata.com>
 2023-11-16 18:14:36 +08:00
Vishal Choudhary
c9f802e87f
chore(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.45.0 to 0.46.0 (#8893) (#8897) 
* chore(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.45.0 to 0.46.0



* feat: bump other otel deps



---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
 2023-11-13 15:26:37 +00:00
gcp-cherry-pick-bot[bot]
1fc15cca49
Close reponse right after succesful request (#8894) (#8896) 
Signed-off-by: AdamKorcz <adam@adalogics.com>
Co-authored-by: AdamKorcz <44787359+AdamKorcz@users.noreply.github.com>
 2023-11-13 14:51:01 +00:00
gcp-cherry-pick-bot[bot]
208ac97bd7
Reduced verbosity of admission request filter INFO log message (#8712) (#8882) 
* Reduced verbosity of admission request filter INFO log message



* Changed the verbosity level to 4



---------

Signed-off-by: satyazzz123 <beherasatyajit716@gmail.com>
Signed-off-by: Satyajit Behera <105061492+satyazzz123@users.noreply.github.com>
Co-authored-by: Satyajit Behera <105061492+satyazzz123@users.noreply.github.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-11-13 14:04:54 +08:00
shuting
a411fe6377
release 1.11.0 (#8874) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-11-10 16:59:42 +08:00
shuting
3ea6f18c84
release 1.11.0-rc.8 (#8869) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-11-09 15:43:07 +00:00
shuting
0517ca7c52
bump cosign 2.2.1 (#8868) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-11-09 14:57:10 +00:00
shuting
3abb8058c9
release v1.11.0-rc.7 (#8841) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-11-06 15:06:53 +00:00
shuting
062ec65d11
bump bump google.golang.org/grpc from 1.58.2 to 1.59.0 (#8839) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-11-06 14:23:21 +00:00
shuting
df3f436edc
release v1.11.0-rc.6 (#8836) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-11-06 12:15:21 +00:00
gcp-cherry-pick-bot[bot]
52b1ccf1c9
fix: generate policy fails if triggered resource name exceeds 63 characters limit (#8466) (#8835) 
* fix: generate label resource name character length issue



* add source label



* modify newUR function



* fix



* improve readability



* remove generate source name label



* Revert changes



* update ResourceSpec



* add URGenerateResourceUIDLabel



* make codegen crds all



* make codegen client all



* add GenerateSourceUIDLabel



* modify comment



* make codegen crds all



* make codegen-docs-all



* make codegen-all



* set trigger uid



* add uid in transform()



* add name label



* fix: use resource name labels along with its UID



* fix: use the resource name label only if its uid label isn't set



* fix



* add kuttl tests



* fix: delete the trigger resource in the test



* fix: delete the source in the kuttl test



* add generate trigger uid label



* modify TriggerInfo function



* populate uid field for new update requests



* populate new ur spec with uid



* handle downstream resources cleanup



* populate uid of ur status



* fetch triggers by the UID label



* label triggers



* fetch trigger by comparing UID



* fetch cloneList downstream resource by UID



* update test names



* remove trigger name label assertions from kuttl tests



* add unit name selector



* add sleep



* assert events on failures



* rename tests



---------

Signed-off-by: Chandan-DK <chandandk468@gmail.com>
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: shuting <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Chandan-DK <chandandk468@gmail.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2023-11-06 11:26:39 +00:00
shuting
1144e2454b
release v1.11.0-rc.5 (#8823) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-11-03 03:46:19 +00:00
gcp-cherry-pick-bot[bot]
a44c43b301
feat: update descriptions of image verify cache flags (#8770) (#8822) 
* feat: update descriptions of image verify cache flags



* Update cmd/internal/flag.go




* Update cmd/internal/flag.go




* Update cmd/internal/flag.go




* feat: update description of imageVerifyCacheEnabled



---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2023-11-02 16:50:06 +00:00
gcp-cherry-pick-bot[bot]
2ede6e874a
Changes to correctly run delete operation in kyverno11beta4 (#8786) (#8820) 
* Changes to correctly run delete operation in kyverno11beta4






* Update test/cli/test/deny-pod-deletion/deny-pod-deletion.yaml




* Update test/cli/test/deny-pod-deletion/deny-pod-deletion.yaml




* Add README.md for new test



* Correct policy.yaml



* Add new lines in test files



* Correct kyverno-test file



* Correct values.yaml



* Correct test files



* Add new test



---------

Signed-off-by: Anushka Mittal <anushka@nirmata.com>
Signed-off-by: shuting <shutting06@gmail.com>
Signed-off-by: anushkamittal2001 <anushka@nirmata.com>
Signed-off-by: Anushka Mittal <138426011+anushkamittal2001@users.noreply.github.com>
Co-authored-by: Anushka Mittal <138426011+anushkamittal2001@users.noreply.github.com>
Co-authored-by: shuting <shutting06@gmail.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2023-11-02 21:31:23 +08:00
gcp-cherry-pick-bot[bot]
3de7c54a86
fix: display a message when the controller has no permissions for VAPs (#8776) (#8814) 
* fix: display a message when the controller has no permissions for VAPs



* fix: add a warning when a Kyverno policy is created



---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-11-01 14:40:20 +00:00
shuting
ef90f0b07a
chore(deps): bump helm/chart-testing-action from 2.4.0 to 2.6.0 (#8809) (#8810) 
Bumps [helm/chart-testing-action](https://github.com/helm/chart-testing-action) from 2.4.0 to 2.6.0.
- [Release notes](https://github.com/helm/chart-testing-action/releases)
- [Commits](e878887317...b43128a8b2)

---
updated-dependencies:
- dependency-name: helm/chart-testing-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-01 15:14:10 +05:30
gcp-cherry-pick-bot[bot]
37353487ec
fix: display helm warnings together (#8784) (#8805) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-11-01 04:47:53 +00:00
gcp-cherry-pick-bot[bot]
24f8b877b6
fix: generate events for scanning VAPs in reports controller (#8783) (#8804) 
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-11-01 04:15:23 +00:00
gcp-cherry-pick-bot[bot]
0a98200abd
chore: upgrade docker/docker to v24.0.7 (#8793) (#8797) 
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
 2023-10-31 09:16:00 +00:00
gcp-cherry-pick-bot[bot]
ff407b7d78
add VAP and VAPB to admission controller ClusterRole (#8768) (#8794) 
* add VAP and VAPB to admission controller ClusterRole



* make conditional



* remove manual additions



---------

Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: chipzoller <chipzoller@gmail.com>
Signed-off-by: shuting <shuting@nirmata.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2023-10-31 07:57:11 +00:00
gcp-cherry-pick-bot[bot]
e792e87e97
feat: update verify images types with better descriptions (#8779) (#8791) 
* feat: update verify images types with better descriptions



* feat: revert cert and certchain



---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2023-10-31 05:30:26 +00:00
gcp-cherry-pick-bot[bot]
e4b5322c48
fix: rename vap logging name to ValidatingAdmissionPolicy (#8785) (#8788) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-10-30 18:02:29 +00:00
gcp-cherry-pick-bot[bot]
e1b476c88e
fix: print the number of VAPs being applied to the resources in test command (#8778) (#8782) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-10-30 15:03:34 +00:00
gcp-cherry-pick-bot[bot]
babb39c905
fix: grafana dashboard to support replicas (#8751) (#8759) 
Signed-off-by: Alex Kennedy <alexzanderkennedy@gmail.com>
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: shuting <shuting@nirmata.com>
Co-authored-by: Alex Kennedy <alexzanderkennedy@gmail.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2023-10-27 09:01:38 +00:00
gcp-cherry-pick-bot[bot]
8b60e37ff1
Revert "add secrets name in background-controller's role (#8721)" (#8752) (#8757) 
This reverts commit 580c02ce76.

Co-authored-by: shuting <shuting@nirmata.com>
 2023-10-27 08:20:51 +00:00
Vishal Choudhary
4c9f5b8f28
feat: disable validate maintainer for helm gha (#8747) (#8748) 
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
 2023-10-26 13:34:53 +00:00
gcp-cherry-pick-bot[bot]
d25b07c930
fix: revert maintainers in helm charts (#8737) (#8746) 
* fix: revert maintainers in helm charts



* feat: codegnen



* fix: revert helm release changes



---------

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
 2023-10-26 11:38:01 +00:00
shuting
526d4895b7
fix: fetch correct branch name in helm-release workflow (#8744) (#8745) 
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: shuting <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
 2023-10-26 09:30:29 +00:00
Vishal Choudhary
f9fccbd0bf
fix: replace base_ref with ref_name in helm test GHA (#8735) (#8736) 
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
 2023-10-25 14:35:24 +00:00
Vishal Choudhary
407ffa79de
fix: dynamically get branch name in helm test (#8732) (#8734) 
* fix: dynamically get branch name in helm test



* fix: add env variable branch name



* fix: use head ref



* cleanup: remove debug statements



---------

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
 2023-10-25 11:09:41 +00:00
shuting
023ac8635a
release v1.11.0-rc.4 (#8723) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-10-24 10:54:21 +00:00
gcp-cherry-pick-bot[bot]
662a254520
add secrets name in background-controller's role (#8721) (#8722) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2023-10-24 09:48:17 +00:00
shuting
573d589c49
cherry-pick 8707 (#8717) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
 2023-10-24 04:30:54 +00:00
Vishal Choudhary
b321490e7b
[Helm] AdmissionReport cleanup job tag bump (#8708) (#8714) 
* update chart metadata



* bump tag



* adjust name



* do not validate maintainers



* feat: update codegen



* feat: update codegen



* feat: update kubeversion in helm template



---------

Signed-off-by: chipzoller <chipzoller@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: chipzoller <chipzoller@gmail.com>
 2023-10-23 15:36:21 +00:00
gcp-cherry-pick-bot[bot]
0e0bef1ebe
fix: add permissions to secrets for background controller role (#8690) (#8715) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
 2023-10-23 22:53:02 +08:00
shuting
899a9f0a3a
release v1.11.0-rc.3 (#8706) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-10-20 10:42:45 +00:00
shuting
de673f07e6
feat: generate events for CEL policies that generate VAPs (#8564) (#8705) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-10-20 09:48:30 +00:00
shuting
452392c05b
fix typo (#8666) (#8704) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-10-20 11:57:48 +03:00
gcp-cherry-pick-bot[bot]
c3db00b154
feat: fix outdated description of imageregistrycredentials (#8688) (#8699) 
* feat: fix outdated description of imageregistrycredentials



* feat: generate crd



---------

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2023-10-20 12:30:54 +08:00
gcp-cherry-pick-bot[bot]
2212201553
fix: add codegen-cli-crds target to codegen-crds-all (#8692) (#8695) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-10-19 15:42:03 +00:00
gcp-cherry-pick-bot[bot]
6fcf2bc22b
feat: Implement global values for image registry in Kyverno Helm chart (#8625) (#8694) 
* feat: Add image registry to global values



* Fix indentation



* Update documentation



---------

Signed-off-by: Franco <franco@giantswarm.io>
Co-authored-by: Franco Hielpos <48300215+fhielpos@users.noreply.github.com>
 2023-10-19 14:30:17 +00:00
gcp-cherry-pick-bot[bot]
cf65fc2f48
fix: allow cleanup controller to update the policy status (#8681) (#8684) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-10-19 15:16:46 +08:00
gcp-cherry-pick-bot[bot]
2c570e007e
remove duplicated log messages (#8673) (#8676) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2023-10-18 11:49:38 +08:00
gcp-cherry-pick-bot[bot]
28c504a3c1
feat: add support for days in ttl labels (#8660) (#8662) 
Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
 2023-10-16 13:58:04 +00:00
gcp-cherry-pick-bot[bot]
d5c25fcdc2
fix(helm): add values for declaratively enabling PDBs (#8652) (#8658) 
* fix(helm): add values for declaratively enabling PDBs



* update codegen docs



---------

Signed-off-by: Erik Godding Boye <egboye@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Erik Godding Boye <egboye@gmail.com>
Co-authored-by: ShutingZhao <shuting@nirmata.com>
 2023-10-16 09:22:21 +00:00
gcp-cherry-pick-bot[bot]
456a164a30
fix(helm): add missing policyexceptions RBAC to background-controller (#8648) (#8657) 
Signed-off-by: Erik Godding Boye <egboye@gmail.com>
Co-authored-by: Erik Godding Boye <egboye@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2023-10-16 08:34:25 +00:00
shuting
6be88f3646
release v1.11.0-rc.2 (#8643) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-10-13 09:08:32 +00:00
shuting
a4e47ef6df
bump Go 1.21.3 (#8638) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-10-12 16:44:36 +00:00
gcp-cherry-pick-bot[bot]
4ba272452c
chore(deps): bump golang.org/x/net from 0.15.0 to 0.17.0 (#8626) (#8636) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.15.0 to 0.17.0.
- [Commits](https://github.com/golang/net/compare/v0.15.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-12 15:54:11 +00:00
shuting
762f9396e1
release v1.11.0-rc.1 (#8634) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2023-10-12 13:39:14 +00:00