Gurmannat Sohal
6902a2b092
Unit tests for Pod Security Admission Integrations ( #8585 )
...
* feat: enable field-restricted exclusions using the psa
Signed-off-by: Liang Deng <283304489@qq.com>
* fix ci error
Signed-off-by: Liang Deng <283304489@qq.com>
* fix ci error
Signed-off-by: Liang Deng <283304489@qq.com>
* initial unit tests
* Add all remaining unit tests
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* fine grain unit tests by adding fields and values
* add detailed pod level exclusion and related tests
* add tests for init & ephemeral containers
* add kuttl tests for the new advanced support
* add kuttl tests for the new advanced support
* add readme for kuttl tests
* add replacement in go.mod
* resolving CI errors
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* fix ci errors
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* fix ci errors
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* updating pod-security-admissio
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* resolving null pointer panic
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* resolved conformance error
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* chainsaw
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chainsaw
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* remove duplication
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* fix linting
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* remove over computation
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* added field checks, pss skip condition
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* correcting chainsaw tests
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* merge branch 'main' into unit-tests
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* fix builds
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: Liang Deng <283304489@qq.com>
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
Signed-off-by: shuting <shuting@nirmata.com>
Signed-off-by: Gurmannat Sohal <95538438+itsgurmannatsohal@users.noreply.github.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Liang Deng <283304489@qq.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-12-26 22:28:08 +08:00
Mariam Fahmy
4fff841cdc
fix: remove policy informer from vap controller ( #9279 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-12-26 11:45:26 +00:00
Charles-Edouard Brétéché
1ef82ab530
feat: stop serving v2alpha1 cleanup policies ( #9270 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-12-25 20:42:19 +00:00
Frank Wittig
2a9262c325
Add imagePullSecrets to post-upgrade job ( #9264 )
...
Signed-off-by: Frank Wittig <frank@e5k.de>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2023-12-24 12:42:48 -05:00
Mariam Fahmy
5f09fa810c
chore: introduce v2 for updaterequests ( #9267 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-12-23 00:09:02 +00:00
treydock
8308a6c69c
Support setting global extraEnvVars ( #9269 )
...
Fixes #9243
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
2023-12-22 22:07:11 +00:00
Charles-Edouard Brétéché
2b5aef75f1
feat: add cleanup policies v2 ( #9261 )
...
* feat: add cleanup policies v2
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-12-22 20:43:27 +02:00
Vishal Choudhary
ce00df13fa
fix: use http.MaxBytesReader instead of content length for API Calls ( #9265 )
...
* fix: use http.MaxBytesReader instead of content length for API Calls
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: add unit tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: added test for chunked transfer
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2023-12-22 17:05:52 +00:00
Mariam Fahmy
6bffca067a
chore: introduce v2 for internal reports resources ( #9262 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-12-22 14:09:00 +00:00
shuting
67b96a7cf2
refactor: mutate checks ( #9255 )
...
* refactor
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-12-22 15:07:17 +02:00
Charles-Edouard Brétéché
b790fc4ced
chore: bump a couple of deps ( #9260 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-12-22 11:55:15 +00:00
Shubham Singh
6aaa06702f
bug: making images consistent with image ( #9147 )
...
* adding `ReferenceWithTag` and `GetReferenceWithTag` + Populating them
Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com>
* Adding tests for the same
Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com>
* `ReferenceWithTag()` -> `ReferenceWithTag`
Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com>
* `Strings()` -> `ReferenceWithTag`
Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com>
* added `ReferenceWithTag` to image_test
Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com>
* sorting out linter
Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com>
---------
Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2023-12-22 11:15:50 +00:00
Charles-Edouard Brétéché
b54e6230c5
refactor: events controller ( #9236 )
...
* refactor: make events controller shutdown graceful
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* nit
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* drain
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: events controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* exception
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* remove queue
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-12-22 11:47:22 +01:00
Mariam Fahmy
b61a1f3d18
fix: set v2beta1 of exceptions the storage version ( #9254 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-12-22 10:13:58 +00:00
Vishal Choudhary
ca31df9025
chore: bump k8s from 0.29.0-alpha.3 to stable ( #9253 )
...
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2023-12-22 09:27:03 +00:00
hub_Prateek
f344bcf9a7
Fixed error log ( #9232 )
...
* Fixed error log
Signed-off-by: hub-Prateek <prateeksaxena462003@gmail.com>
* Removed the event
Signed-off-by: hub-Prateek <prateeksaxena462003@gmail.com>
---------
Signed-off-by: hub-Prateek <prateeksaxena462003@gmail.com>
2023-12-22 07:32:08 +00:00
Mariam Fahmy
af0ff92ca3
fix: remove unused file in a test ( #9240 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-12-21 11:49:57 +00:00
Mariam Fahmy
154b34407b
fix launch.json ( #9239 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-12-21 10:53:16 +00:00
Honnix
47cafaabd3
Support more signature algorithms ( #9102 )
...
* Support more signature algorithms
Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com>
* Fix codegen
Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com>
* Fail loudly for unsupported algorithm
Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com>
* Fix codegen
Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com>
* Fix more
Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com>
---------
Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-12-21 13:27:33 +05:30
dependabot[bot]
9507a65219
chore(deps): bump aquasecurity/trivy-action from 0.13.1 to 0.16.0 ( #9224 )
...
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.13.1 to 0.16.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](https://github.com/aquasecurity/trivy-action/compare/0.13.1...91713af97dc80187565512baba96e4364e983601 )
---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-20 19:59:00 +00:00
shuting
85e0d9b836
fix mutate existing force reconciliation ( #9230 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-12-20 16:29:37 +00:00
Vishal Choudhary
2b745163ba
fix: add support for fips endpoints in AWS authentication ( #9233 )
...
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2023-12-20 15:29:00 +00:00
Charles-Edouard Brétéché
d1138764f5
feat: add deprecation warnings in the CLI ( #9222 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-12-20 12:45:26 +00:00
Charles-Edouard Brétéché
438a53cb3d
feat: enable kubectl-validate by default in cli ( #9220 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-12-20 08:37:26 +00:00
dependabot[bot]
8858d4fd48
chore(deps): bump fluxcd/flux2 from 2.2.1 to 2.2.2 ( #9225 )
...
Bumps [fluxcd/flux2](https://github.com/fluxcd/flux2 ) from 2.2.1 to 2.2.2.
- [Release notes](https://github.com/fluxcd/flux2/releases )
- [Changelog](https://github.com/fluxcd/flux2/blob/main/.goreleaser.yml )
- [Commits](9b3958825a...5c5c15ea21
2023-12-20 07:54:28 +00:00
raffis
cdd5d4fd22
fix(kubectl-kyverno): apply registry auth ( #9151 )
...
* fix(kubectl-kyverno): apply registry auth
Signed-off-by: Raffael Sahli <raffael.sahli@doodle.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Raffael Sahli <raffael.sahli@doodle.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-12-19 21:33:05 +00:00
Mariam Fahmy
fe8f8faa8b
fix: add chainsaw test for mutate existing ( #9210 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-12-19 18:15:34 +00:00
Mariam Fahmy
d5e5219601
chore: remove v2alpha1 version of policy exceptions ( #9211 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-12-19 16:27:08 +00:00
Charles-Edouard Brétéché
c335670065
chore: add missing context unit test ( #9213 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-12-19 15:54:48 +00:00
Charles-Edouard Brétéché
584f841c1e
refactor: make CLI store non static ( #9200 )
...
* refactor: make CLI store non static
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* registry access
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* apply
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-12-19 22:45:53 +08:00
dependabot[bot]
2967b67d0d
chore(deps): bump google.golang.org/grpc from 1.60.0 to 1.60.1 ( #9203 )
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.60.0 to 1.60.1.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.60.0...v1.60.1 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-19 13:36:07 +00:00
Pushkar Mishra
a3b358b78a
Extended the Trivy scan for N-2 Kyverno versions ( #8903 )
...
* closes #8840
Signed-off-by: Pushkar Mishra <pushkarmishra029@gmail.com>
* fixed
Signed-off-by: Pushkar Mishra <pushkarmishra029@gmail.com>
* fix
Signed-off-by: Pushkar Mishra <pushkarmishra029@gmail.com>
---------
Signed-off-by: Pushkar Mishra <pushkarmishra029@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-12-19 13:01:40 +00:00
dependabot[bot]
818ee8b32d
chore(deps): bump kyverno/action-install-chainsaw from 0.1.0 to 0.1.1 ( #9205 )
...
Bumps [kyverno/action-install-chainsaw](https://github.com/kyverno/action-install-chainsaw ) from 0.1.0 to 0.1.1.
- [Release notes](https://github.com/kyverno/action-install-chainsaw/releases )
- [Commits](6ab03ccb2c...d12e54dd35
2023-12-19 11:42:25 +00:00
Mariam Fahmy
8e0a7aa204
feat: promote policy exceptions to v2 ( #9208 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-12-19 10:43:39 +00:00
dependabot[bot]
c395fcd9e2
chore(deps): bump golang.org/x/crypto from 0.16.0 to 0.17.0 ( #9201 )
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.16.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.16.0...v0.17.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-19 08:26:57 +00:00
shuting
7282ecca9f
fix: add skipBackgoundRequests to configure loop protection option ( #9157 )
...
* fix typo
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add new attribute skipBackgroundRequests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* move to per rule config
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* check flag
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* clean up
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update docs
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix logger
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add retryCount to ur.status
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add chainsaw tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-12-19 06:25:12 +00:00
Charles-Edouard Brétéché
8a7c2f0332
chore: bump a couple of deps ( #9198 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-12-19 02:52:23 +00:00
kanha gupta
cdc68a629a
support for Add Variable unit test ( #9124 )
...
Signed-off-by: Kanha gupta <kanhag4163@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-12-19 00:14:17 +00:00
dependabot[bot]
6bcc1dccaa
chore(deps): bump github.com/aptible/supercronic from 0.2.28 to 0.2.29 ( #9181 )
...
Bumps [github.com/aptible/supercronic](https://github.com/aptible/supercronic ) from 0.2.28 to 0.2.29.
- [Release notes](https://github.com/aptible/supercronic/releases )
- [Commits](https://github.com/aptible/supercronic/compare/v0.2.28...v0.2.29 )
---
updated-dependencies:
- dependency-name: github.com/aptible/supercronic
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-18 21:24:10 +00:00
Charles-Edouard Brétéché
05fcb43982
chore: add cli update test ( #9192 )
...
* chore: add cli update test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* update
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-12-18 20:47:27 +00:00
dependabot[bot]
b5d383aba4
chore(deps): bump fluxcd/flux2 from 2.2.0 to 2.2.1 ( #9184 )
...
Bumps [fluxcd/flux2](https://github.com/fluxcd/flux2 ) from 2.2.0 to 2.2.1.
- [Release notes](https://github.com/fluxcd/flux2/releases )
- [Changelog](https://github.com/fluxcd/flux2/blob/main/.goreleaser.yml )
- [Commits](53ad742e2d...9b3958825a
2023-12-18 20:18:19 +00:00
Charles-Edouard Brétéché
f8de6810fa
fix: enable additional report printers by default ( #9194 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-12-18 17:38:41 +00:00
dependabot[bot]
ea05b2286d
chore(deps): bump zgosalvez/github-actions-ensure-sha-pinned-actions ( #9183 )
...
Bumps [zgosalvez/github-actions-ensure-sha-pinned-actions](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions ) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/releases )
- [Commits](b1b635d242...ba37328d4e
2023-12-18 17:00:50 +00:00
Mariam Fahmy
e22cd9818f
fix: deprecate spec.schemaValidation ( #9189 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-12-18 16:32:11 +00:00
Charles-Edouard Brétéché
3f865d2038
fix: deep copy resource in cli when operation is update ( #9191 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-12-18 15:31:19 +00:00
Charles-Edouard Brétéché
e68bca6563
chore: fix conformance tests ( #9187 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-12-18 14:12:57 +01:00
Mariam Fahmy
68a1258899
fix: limit the trigger name to a maximum of 63 characters for mutate existing rules ( #9162 )
...
* fix: limit the trigger name to a maximum of 63 characters for mutate existing rules
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix chainsaw test
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-12-18 09:23:40 +00:00
Anushka Mittal
8439ff085a
remove unnecessary if condition ( #9180 )
...
Signed-off-by: anushkamittal2001 <anushka@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
2023-12-18 09:21:50 +00:00
dependabot[bot]
9372ac01ee
chore(deps): bump sigstore/scaffolding from 0.6.12 to 0.6.13 ( #9182 )
...
Bumps [sigstore/scaffolding](https://github.com/sigstore/scaffolding ) from 0.6.12 to 0.6.13.
- [Release notes](https://github.com/sigstore/scaffolding/releases )
- [Changelog](https://github.com/sigstore/scaffolding/blob/main/release.md )
- [Commits](9e5583eaf4...a6e9b1a7a4
2023-12-18 07:16:51 +00:00
Vishal Choudhary
c5298cdf85
chore: use sigstore/cosign 2.2.2 on main ( #9179 )
...
* chore: use official cosign on main
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* cleanup: remove redundant if check
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* cleanup: extra require statement
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2023-12-18 06:41:26 +00:00
