Ved Ratan
9f2cc6c99c
feat: add ttl controller ( #7821 )
...
* added the ttl controller
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fixed label and vars
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* added logger
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* applied fixes
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* removed comments
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* more lint fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* applied changes
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* minor fixes
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix logger, separate parse logic
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* added tests
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* added kuttl tests, validation utilities
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* commented code
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* renamed tests
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix test
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* created log.go
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix log.go
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* added README.md refactor code
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* added validation webhook
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* label-validation fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* added flag, updated verbs
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* updated verbs
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* updated helm chart
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* test fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* linter
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* imporoved webhook validation
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* linter fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* webhook names and path constants
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* constant label
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix label selector
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl test fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* helm docs
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix controller logger
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: manager logger
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix failure policy
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* move kuttl tests in separate job
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* remove rbac steps
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* remove configmaps from core cluster role
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix logger
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* rename flag
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix error
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix linter
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
Signed-off-by: Ved Ratan <82467006+VedRatan@users.noreply.github.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-02 16:47:40 +02:00
Jim Bugwadia
be2abbeaa8
add flag for policy reports ( #7888 )
...
* add flag for policy reports
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove logger param
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* update launch
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove logging changes
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove logging changes
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove logging changes
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* update Helm chart
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
2023-07-26 12:22:51 +08:00
treydock
9429e12281
feat(chart) Add configurations for cleanup jobs and webhooks ( #7871 )
...
allow nodeSelector, tolerations and affinity settings for webhooksCleanup
allow affinity settings for cleanup jobs
Add helper to handle the labels for cleanup jobs, add component label
Fixes #7843
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Co-authored-by: shuting <shuting@nirmata.com>
2023-07-21 03:30:44 +00:00
Md Shahbaz Alam
41c3490ba9
Feat: Upgrade controller-gen to v0.12.0 and fix tooling ( #7683 )
...
* Upgrade controller-gen and fix tooling
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
* Address comments
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
* Add a marker in the sed command
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
* Upgrade to the latest version and rearrange the annotations
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
* Fix failing Verify Codegen tests
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
* Remove unnecessary file
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
* Restore original version in test folder
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
* Add creationTimestamp: null again in the test folder
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
---------
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
Co-authored-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-29 15:58:18 +00:00
Charles-Edouard Brétéché
1d5fe217da
feat: add background only policy support ( #6666 )
...
* feat: add background only policy support
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* webhook
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* validation
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* all disabled
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-28 12:54:27 +00:00
Charles-Edouard Brétéché
441641515a
feat: add lazy loading feature flag ( #7680 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-27 13:44:15 +08:00
Charles-Edouard Brétéché
f9209de3ff
fix: cleanup controller rbac ( #7669 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-26 15:38:00 +00:00
Charles-Edouard Brétéché
f3a5a885e0
fix: cleanup controller context from #7597 ( #7672 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-26 14:57:23 +00:00
Charles-Edouard Brétéché
9636eb7e3a
fix: harden rbac permissions ( #7638 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-26 11:57:24 +08:00
Charles-Edouard Brétéché
e267a1dacf
fix: harden certs secrets management ( #7634 )
...
* fix: harden certs secrets management
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* rbac
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* informers
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-22 20:14:53 +08:00
Charles-Edouard Brétéché
511e9fefaf
fix: harden cleanup controller rbac ( #7626 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-21 12:53:48 +00:00
Charles-Edouard Brétéché
76139ea0ce
fix: service account name env var defined twice ( #7623 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-21 07:29:09 +00:00
Charles-Edouard Brétéché
362c5db2ed
fix: panic if env var not defined ( #7613 )
...
* fix: panic if env var not defined
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-21 04:12:01 +00:00
Vishal Choudhary
cec6a8ab20
Helpers to providers ( #7572 )
...
* renamed helpers
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* related changes
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
---------
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
2023-06-16 20:25:46 +00:00
Charles-Edouard Brétéché
b2707c0cd1
feat: make aggregated reports optional ( #7475 )
...
* feat: make aggregated reports optional
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* helm
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* changelog
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-16 15:19:22 +00:00
Vishal Choudhary
43685aedc2
Enable flexible registry credential configurations ( #7114 )
...
* types added
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added secret fetching and client creation
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* codegen
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fixed tests
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* validate target resource scope & namespace settings (#7098 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: mutation code (#7095 )
* fix: mutation code
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* lazy loading of context vars (#7071 )
* lazy loading of context vars
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* gofumpt
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add kuttl tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* moved to policy context
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* removed errors
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* RegistryClientLoader
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* [Feature] Add kuttl tests with policy exceptions disabled (#7117 )
* added tests
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* removed redundant code
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* typo fix and README changes
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
---------
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* Conditions message (#7113 )
* add message to conditions
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* extend tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump zgosalvez/github-actions-ensure-sha-pinned-actions (#7123 )
Bumps [zgosalvez/github-actions-ensure-sha-pinned-actions](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions ) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/releases )
- [Commits](21991cec25...555a30da26#7121 )
Bumps [sigs.k8s.io/kustomize/kyaml](https://github.com/kubernetes-sigs/kustomize ) from 0.14.1 to 0.14.2.
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases )
- [Commits](https://github.com/kubernetes-sigs/kustomize/compare/kyaml/v0.14.1...kyaml/v0.14.2 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/kustomize/kyaml
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump oras.land/oras-go/v2 from 2.0.2 to 2.1.0 (#7102 )
Bumps [oras.land/oras-go/v2](https://github.com/oras-project/oras-go ) from 2.0.2 to 2.1.0.
- [Release notes](https://github.com/oras-project/oras-go/releases )
- [Commits](https://github.com/oras-project/oras-go/compare/v2.0.2...v2.1.0 )
---
updated-dependencies:
- dependency-name: oras.land/oras-go/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* add condition msg to v2beta1 (#7126 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: print container flags and their values (#7127 )
* add condition msg to v2beta1
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* print flags settings
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* remove the container flag genWorker from the admission controller (#7132 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump google.golang.org/grpc from 1.54.0 to 1.55.0 (#7103 )
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.54.0 to 1.55.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.54.0...v1.55.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* remove the duplicate entry (#7125 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump sigs.k8s.io/kustomize/api from 0.13.2 to 0.13.3 (#7120 )
Bumps [sigs.k8s.io/kustomize/api](https://github.com/kubernetes-sigs/kustomize ) from 0.13.2 to 0.13.3.
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases )
- [Commits](https://github.com/kubernetes-sigs/kustomize/compare/api/v0.13.2...api/v0.13.3 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/kustomize/api
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* update background scan logging messages (#7142 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* Update chart with v2 to v3 migration guidance. (#7144 )
* add Saxo Bank and Velux as adopters
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* update chart README and validations
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* add Controller Internals info (#7147 )
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* Supporting ValidatingAdmissionPolicy in kyverno cli (apply and test command) (#6656 )
* feat: add policy reporter to the dev lab
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: remove obsolete structs from CLI
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* more
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* Supporting ValidatingAdmissionPolicy in kyverno apply
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* chore: bump k8s from v0.26.3 to v0.27.0-rc.0
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Support validating admission policy in kyverno apply
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Support validating admission policy in kyverno test
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* refactoring
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Adding kyverno apply tests for validating admission policy
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* running codegen-all
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Adding IsVap field in TestResults
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* chore: bump k8s from v0.27.0-rc.0 to v0.27.1
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Fix vap in engine response
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump sigs.k8s.io/kustomize/api from 0.13.3 to 0.13.4 (#7150 )
Bumps [sigs.k8s.io/kustomize/api](https://github.com/kubernetes-sigs/kustomize ) from 0.13.3 to 0.13.4.
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases )
- [Commits](https://github.com/kubernetes-sigs/kustomize/compare/api/v0.13.3...api/v0.13.4 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/kustomize/api
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump golang.org/x/crypto from 0.8.0 to 0.9.0 (#7149 )
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.8.0 to 0.9.0.
- [Commits](https://github.com/golang/crypto/compare/v0.8.0...v0.9.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* Added `omit-events` flag to allow disabling of event emission (#7010 )
* added comma seperated flag
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* reason added in logs
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added requested changes
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* kuttl test init
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated kuttl tests
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated behavior
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fixed flawed behavior
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated test location and added readme
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* tests
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated step
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* omit events
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
---------
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: let reports controller quit when loosing the lead (#7153 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump slsa-framework/slsa-github-generator (#7160 )
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator ) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases )
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md )
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.5.0...v1.6.0 )
---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore: bump otel deps (#7152 )
* chore: bump otel deps
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump github.com/cloudflare/circl from 1.3.2 to 1.3.3 (#7172 )
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump github.com/docker/distribution (#7171 )
Bumps [github.com/docker/distribution](https://github.com/docker/distribution ) from 2.8.1+incompatible to 2.8.2+incompatible.
- [Release notes](https://github.com/docker/distribution/releases )
- [Commits](https://github.com/docker/distribution/compare/v2.8.1...v2.8.2 )
---
updated-dependencies:
- dependency-name: github.com/docker/distribution
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump github.com/go-logr/zapr from 1.2.3 to 1.2.4 (#7177 )
Bumps [github.com/go-logr/zapr](https://github.com/go-logr/zapr ) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/go-logr/zapr/releases )
- [Commits](https://github.com/go-logr/zapr/compare/v1.2.3...v1.2.4 )
---
updated-dependencies:
- dependency-name: github.com/go-logr/zapr
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* Add refactor note (#7169 )
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fixed typo in the v2 to v3 helm migration guide (#7163 )
* fixed typo in the v2 to v3 helm migration guide
Signed-off-by: Richard Parke <richardparke15@gmail.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Richard Parke <richardparke15@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump github.com/distribution/distribution (#7178 )
Bumps [github.com/distribution/distribution](https://github.com/distribution/distribution ) from 2.8.1+incompatible to 2.8.2+incompatible.
- [Release notes](https://github.com/distribution/distribution/releases )
- [Commits](https://github.com/distribution/distribution/compare/v2.8.1...v2.8.2 )
---
updated-dependencies:
- dependency-name: github.com/distribution/distribution
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* tweaks (#7166 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: add logging feature to helm chart (#7181 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* refactor: hide json context from caller (#7139 )
* refactor: hide json context from caller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* unit tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: add omit-events feature in helm chart (#7185 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: preconditions in mutate existing rules (#7183 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: use structured jsonpatch instead of byte arrays (#7186 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added secret lister
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* changes from review
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added rclientloader to policy context
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* refactor changes
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* NIT
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added RegistryClientLoaderNewOrDie to policy context
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* CI fixes
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: panic for policy variable validation (#7079 )
* fix panic
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* check errors
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: remove policy-reporter from dev lab (#7196 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: cleanup controller metrics name (#7198 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: http request metrics (#7197 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* remove unused code (#7203 )
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* handle Deny rules where conditions eval to true (#7204 )
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* [Bug] Enforce message wrong (#7208 )
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fixed tests
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
---------
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump codecov/codecov-action from 3.1.3 to 3.1.4 (#7207 )
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 3.1.3 to 3.1.4.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](894ff025c7...eaaf4bedf3#7215 )
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.3 to 3.0.4.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](204a51a57a...03d0fecf17#7220 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: mutate existing auth check (#7219 )
* fix auth check when using variables in ns
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add kuttl tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: do not exclude kube-system service accounts by default (#7225 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* docs: add reports system design doc (#6949 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump k8s.io/apimachinery from 0.27.1 to 0.27.2 (#7227 )
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery ) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.27.1...v0.27.2 )
---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump k8s.io/cli-runtime from 0.27.1 to 0.27.2 (#7228 )
Bumps [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime ) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/cli-runtime/compare/v0.27.1...v0.27.2 )
---
updated-dependencies:
- dependency-name: k8s.io/cli-runtime
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump sigstore/cosign-installer from 3.0.4 to 3.0.5 (#7229 )
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.4 to 3.0.5.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](03d0fecf17...dd6b2e2b61#7232 )
Bumps [k8s.io/pod-security-admission](https://github.com/kubernetes/pod-security-admission ) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/pod-security-admission/compare/v0.27.1...v0.27.2 )
---
updated-dependencies:
- dependency-name: k8s.io/pod-security-admission
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: match logic misbehave (#7218 )
* add rule name in ur for mutate existing
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix match logic
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* linter fixes
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix the match logic to only apply to the new object, unless it's a delete request
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#7240 )
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.8.2...v1.8.3 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump github.com/onsi/gomega from 1.27.6 to 1.27.7 (#7239 )
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.27.6 to 1.27.7.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.27.6...v1.27.7 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump k8s.io/kube-aggregator from 0.27.1 to 0.27.2 (#7241 )
Bumps [k8s.io/kube-aggregator](https://github.com/kubernetes/kube-aggregator ) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/kube-aggregator/compare/v0.27.1...v0.27.2 )
---
updated-dependencies:
- dependency-name: k8s.io/kube-aggregator
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.27.1 to 0.27.2 (#7242 )
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver ) from 0.27.1 to 0.27.2.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases )
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.27.1...v0.27.2 )
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* passing rclientloader directly
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* lazy evaluate vars in conditions (#7238 )
* lazy evaluate vars in conditions
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove unnecessary conversion
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix test
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* Update test/conformance/kuttl/validate/clusterpolicy/standard/variables/lazyload/conditions/03-manifests.yaml
Signed-off-by: shuting <shutting06@gmail.com>
* Update test/conformance/kuttl/validate/clusterpolicy/standard/variables/lazyload/README.md
Signed-off-by: shuting <shutting06@gmail.com>
* added error check in test
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shutting06@gmail.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* quote image in error (#7259 )
Signed-off-by: bakito <github@bakito.ch>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: auto update webhooks not configuring fail endpoint (#7261 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix latest version check (#7263 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump svenstaro/upload-release-action from 2.5.0 to 2.6.0 (#7270 )
Bumps [svenstaro/upload-release-action](https://github.com/svenstaro/upload-release-action ) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/svenstaro/upload-release-action/releases )
- [Changelog](https://github.com/svenstaro/upload-release-action/blob/master/CHANGELOG.md )
- [Commits](7319e4733e...58d5258088#7272 )
Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime ) from 0.14.6 to 0.15.0.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases )
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md )
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.14.6...v0.15.0 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* feat: add yaml util to check empty document (#7276 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#7274 )
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.6.1 to 5.7.0.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* NIT
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* Azure to ACR
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* go mod fix
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* codegen
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* NIT
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* adding kuttl test
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* use pointer
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fixes
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* cleanup
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* global client
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* cleanup
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* added kubeclient
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added nil kubeclient check
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* context
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* factory
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* more fixes
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* secrets lister
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* flags
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix cli
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix kuttl test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix kuttl test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix kuttl test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* factories
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: Richard Parke <richardparke15@gmail.com>
Signed-off-by: shuting <shutting06@gmail.com>
Signed-off-by: bakito <github@bakito.ch>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Ved Ratan <82467006+VedRatan@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Mariam Fahmy <55502281+MariamFahmy98@users.noreply.github.com>
Co-authored-by: rparke <50015370+rparke@users.noreply.github.com>
Co-authored-by: shuting <shutting06@gmail.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
Co-authored-by: Marc Brugger <github@bakito.ch>
2023-06-16 13:37:08 +00:00
siddharth
a89860e8ab
fix: update kyverno admission-controller role to have delete verb for… ( #7527 )
...
* fix: update kyverno admission-controller role to have delete verb for secret
Kyverno stopped working due to the following error:
```
tls "msg"="failed to delete CA secret" "error"="secrets \"kyverno-svc.kyverno.svc.kyverno-tls-ca\" is forbidden: User \"system:serviceaccount:kyverno:kyverno-admission-controller\
```
I'm still not sure why it tries to delete the secret.
Signed-off-by: siddharth <sedflix@gmail.com>
* add codegen-manifest-all
---------
Signed-off-by: siddharth <sedflix@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-06-15 09:39:52 +00:00
Charles-Edouard Brétéché
d4a6d4fc8e
fix: rule name not required in the crd schema ( #7464 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-08 09:54:58 +00:00
Fabian Sabau
9f76a65eb1
fixed typo in admission controller chart template ( #7440 )
...
* fix: typo in admission controller chart template
Signed-off-by: Fabian-Daniel Sabau <fabian-daniel.sabau@1und1.de>
* generate manifests
Signed-off-by: Fabian-Daniel Sabau <fabian-daniel.sabau@1und1.de>
---------
Signed-off-by: Fabian-Daniel Sabau <fabian-daniel.sabau@1und1.de>
Co-authored-by: Fabian-Daniel Sabau <fabian-daniel.sabau@1und1.de>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-06 16:52:20 +00:00
Charles-Edouard Brétéché
c11db51836
fix: helm template for cleanup jobs image ( #7430 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-06 13:04:36 +00:00
Charles-Edouard Brétéché
210fb3ca0b
fix: missing extraEnvVars in helm chart ( #7403 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-03 12:47:34 +00:00
Charles-Edouard Brétéché
5ebb37fd44
fix: missing/incorrect env variables ( #7383 )
...
* fix: panic if an env variable is missing
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-02 09:19:18 +00:00
Raúl Garcia Sanchez
57347e93df
Add missing delete verb to admission cleanup clusterrole ( #7375 )
...
* Add missing delete verb
Otherwise the admission cleanup report will not be able to cleanup resources
```
Error from server (Forbidden): admissionreports.kyverno.io "fffa1589-55d5-4428-a467-7778e497295f" is forbidden: User "system:serviceaccount:kyverno:kyverno-cleanup-jobs" cannot delete resource "admissionreports" in API group "kyverno.io" in the namespace "postgres"
```
Signed-off-by: Raúl Garcia Sanchez <info@raulgarcia.de>
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
* updated manifests
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
---------
Signed-off-by: Raúl Garcia Sanchez <info@raulgarcia.de>
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-06-02 09:10:57 +02:00
Vishal Choudhary
80d139bb5d
Added fetchAttestations method to notaryV2 implimentation ( #6800 )
...
* moved to oras
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* linting error fix
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added error checking
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fixed errors
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added final build
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added predicate fetching
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added checks in statements
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* removed continuous checking if predicate is found
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* renamed notaryv2 to notary
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* changed notaryv2 to notary
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* run codegen all
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* changes
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* commented cert
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added variable support to certs
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* renamed notaryV2 to notary
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* deprecated predicate types
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* disallow keys and keyless under attestors if type is set to notary
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* gcr crane implementation init
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added changes
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* types
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* using remote puller and pusher
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* implemented notation repository interface
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated notary implementation and fixed errors
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* removed oras
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* kuttl test init
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added image verify test
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* check image attestation notary
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added readme
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added tests for extract statements
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: remove status from policy webhooks (#6939 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: split chart values in readme per component (#6936 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
* fix: incorrect json patch validation (#6941 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: add verbosity level in helm chart values (#6940 )
* feat: add verbosity level in helm chart values
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: match on ephemeral containers (#6963 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: refine event permissions in default roles (#6957 )
* remove the event delete permission
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add '- events.k8s.io/v1'
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Add kuttl test for ephemeral containers (#6966 )
* Move Sam to Emeritus status
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add kuttl test for ephemeral containers
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
---------
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* refactor: restructure cli test command (#6942 )
* refactor: restructure cli test command
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: add credential helpers flags (#6974 )
* feat: add credential helpers flags
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore(deps): bump aquasecurity/trivy-action from 0.9.2 to 0.10.0 (#6976 )
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.9.2 to 0.10.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](1f0aa582c8...e5f43133f6#6084 )
* Added Context in CleanupPolicySpec
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added context.go file with loadVariable()
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added loadAPIData() in context.go and called from handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added conditionals for not supported context variables
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted versions in CRDs
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted CRDs to v0.11.1
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Imported fmt in handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added Context in CleanupPolicySpec
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added context.go file with loadVariable()
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added loadAPIData() in context.go and called from handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added conditionals for not supported context variables
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted versions in CRDs
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted CRDs to v0.11.1
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Imported fmt in handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Removed duplicate import
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* make verify-codegen
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Updated kuttl test
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Fixed kuttl failure
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* moved policy check to validation
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reused functions
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added kuttl test
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added more configMap
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* removed unecessary check
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* auto codegen
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* updated codegen
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Renamed ApplyJMESPath() to applyJMESPath()
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
---------
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore(deps): bump actions/setup-python from 4.5.0 to 4.6.0 (#6981 )
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.5.0 to 4.6.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](d27e3f3d7c...57ded4d7d5#6982 )
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](40a12dcee2...894ff025c7#6978 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: restrict default permissions (#6972 )
* restrict admission permissions
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* restrict background permissions
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update install.yaml
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* kuttl README (#6984 )
* Added Context in CleanupPolicySpec
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added context.go file with loadVariable()
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added loadAPIData() in context.go and called from handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added conditionals for not supported context variables
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted versions in CRDs
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted CRDs to v0.11.1
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Imported fmt in handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added Context in CleanupPolicySpec
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added context.go file with loadVariable()
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added loadAPIData() in context.go and called from handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added conditionals for not supported context variables
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted versions in CRDs
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted CRDs to v0.11.1
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Imported fmt in handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Removed duplicate import
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* make verify-codegen
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Updated kuttl test
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Fixed kuttl failure
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* moved policy check to validation
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reused functions
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added kuttl test
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added more configMap
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* removed unecessary check
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* auto codegen
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* updated codegen
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Renamed ApplyJMESPath() to applyJMESPath()
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added Readme in context-cleanup-pod
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
---------
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore(deps): bump github/codeql-action from 2.2.12 to 2.3.0 (#6989 )
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.12 to 2.3.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](7df0ce3489...b2c19fb9a2#6987 )
Bumps [github.com/notaryproject/notation-core-go](https://github.com/notaryproject/notation-core-go ) from 1.0.0-rc.2 to 1.0.0-rc.3.
- [Release notes](https://github.com/notaryproject/notation-core-go/releases )
- [Commits](https://github.com/notaryproject/notation-core-go/compare/v1.0.0-rc.2...v1.0.0-rc.3 )
---
updated-dependencies:
- dependency-name: github.com/notaryproject/notation-core-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* feat: new access checks for background policies (#6970 )
* switch to use sar for access checks
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update helm config
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix username
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update msg
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix sa name
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update install.yaml
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: bump kind image to 1.27.1 (#6993 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: bump k8s deps to 1.27 (#6868 )
* feat: bump k8s deps to 1.27
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* bump k8s 1.27.1
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: ShutingZhao <shuting@nirmata.com>
* fix: disable autogen in foreach mutation with json patches (#6996 )
* fix: disable autogen in foreach mutation with json patches
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: add server ip config to cleanup controller (#6999 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: add features section in helm values (#6935 )
* feat: add features section in helm values
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* configs
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* overrides
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: add reports cleanup jobs to prevent outage (#6960 )
* feat: add reports cleanup jobs to prevent outage
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* security cotnext
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
* feat: add registry credential helpers feature (#7002 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: improve instrumented clients (#7006 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: record configmap resource version to not reload when version didn't change (#7007 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore(deps): bump sigstore/cosign-installer from 3.0.2 to 3.0.3 (#7012 )
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](9e9de2292d...204a51a57a#7016 )
Red Hat ACM is useful for distributed kyverno policies across a
managed fleet of clusters. Adding to adopters file with a link that
describes details of using the ACM policy generator with Kyverno.
Signed-off-by: Gus Parvin <gparvin@redhat.com>
* fix: helm template with metricsRefreshInterval (#7019 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* add support for Kubernetes API server POST (#6948 )
* allow POST for Kubernetes API calls
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add kuttl tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fmt and undo local changes
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix codegen and unit test
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix unit test
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix tests and extends docs
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* feat: update built-in resource schemas (#7014 )
* feat: update built-in resource schemas
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix unit test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore: use github.com/evanphx/json-patch/v5 (#7015 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore(deps): bump github/codeql-action from 2.3.0 to 2.3.1 (#7025 )
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.0 to 2.3.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b2c19fb9a2...8662eabe0e#7027 )
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
* refactor: engine patchers (#7030 )
* refactor: engine patchers
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore(deps): bump github/codeql-action from 2.3.1 to 2.3.2 (#7033 )
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.1 to 2.3.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8662eabe0e...f3feb00acb#7036 )
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* update development doc (#7037 )
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix: generate policy validation to prevent endless loop (#7026 )
* refactor policy validation
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add loop check for generate
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add kuttl tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* linter fixes
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* linter fixes
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: remove deletionTimestamp checks (#7039 )
* remove deletionTimestamp check
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* remove deletionTimestamp check
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add back source check
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* remove deletionTimestamp check
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore(deps): bump k8s.io/klog/v2 from 2.90.1 to 2.100.1 (#7055 )
Bumps [k8s.io/klog/v2](https://github.com/kubernetes/klog ) from 2.90.1 to 2.100.1.
- [Release notes](https://github.com/kubernetes/klog/releases )
- [Changelog](https://github.com/kubernetes/klog/blob/main/RELEASE.md )
- [Commits](https://github.com/kubernetes/klog/compare/v2.90.1...v2.100.1 )
---
updated-dependencies:
- dependency-name: k8s.io/klog/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* fix: add background scan interval log (#7065 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: flaky github action (#7068 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: engine response policy (#7063 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: add opt-in setting to deploy v3 chart (#7066 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* require generate.apiVersion (#7080 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: remove excluded groups from matching (#7083 )
* fix: remove excluded groups from matching
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: add config inclusions support (#7082 )
* feat: add config inclusions support
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore: add makefile target for kwok (#7097 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore(deps): bump github/codeql-action from 2.3.2 to 2.3.3 (#7099 )
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.2 to 2.3.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f3feb00acb...29b1f65c5e#7098 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: mutation code (#7095 )
* fix: mutation code
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* lazy loading of context vars (#7071 )
* lazy loading of context vars
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* gofumpt
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add kuttl tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* [Feature] Add kuttl tests with policy exceptions disabled (#7117 )
* added tests
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* removed redundant code
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* typo fix and README changes
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
---------
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* Conditions message (#7113 )
* add message to conditions
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* extend tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* chore(deps): bump zgosalvez/github-actions-ensure-sha-pinned-actions (#7123 )
Bumps [zgosalvez/github-actions-ensure-sha-pinned-actions](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions ) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/releases )
- [Commits](21991cec25...555a30da26#7121 )
Bumps [sigs.k8s.io/kustomize/kyaml](https://github.com/kubernetes-sigs/kustomize ) from 0.14.1 to 0.14.2.
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases )
- [Commits](https://github.com/kubernetes-sigs/kustomize/compare/kyaml/v0.14.1...kyaml/v0.14.2 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/kustomize/kyaml
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
* chore(deps): bump oras.land/oras-go/v2 from 2.0.2 to 2.1.0 (#7102 )
Bumps [oras.land/oras-go/v2](https://github.com/oras-project/oras-go ) from 2.0.2 to 2.1.0.
- [Release notes](https://github.com/oras-project/oras-go/releases )
- [Commits](https://github.com/oras-project/oras-go/compare/v2.0.2...v2.1.0 )
---
updated-dependencies:
- dependency-name: oras.land/oras-go/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
* add condition msg to v2beta1 (#7126 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* feat: print container flags and their values (#7127 )
* add condition msg to v2beta1
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* print flags settings
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* remove the container flag genWorker from the admission controller (#7132 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore(deps): bump google.golang.org/grpc from 1.54.0 to 1.55.0 (#7103 )
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.54.0 to 1.55.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.54.0...v1.55.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* remove the duplicate entry (#7125 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore(deps): bump sigs.k8s.io/kustomize/api from 0.13.2 to 0.13.3 (#7120 )
Bumps [sigs.k8s.io/kustomize/api](https://github.com/kubernetes-sigs/kustomize ) from 0.13.2 to 0.13.3.
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases )
- [Commits](https://github.com/kubernetes-sigs/kustomize/compare/api/v0.13.2...api/v0.13.3 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/kustomize/api
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
* fixed error
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* undo mistake
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* go mod conflict fix
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* changes from review
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* NIT
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated image
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated checks
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fixed verifying wrong ref
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated cert in tests
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* added warning when predicate type is used
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: panic for policy variable validation (#7079 )
* fix panic
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* check errors
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: remove policy-reporter from dev lab (#7196 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: cleanup controller metrics name (#7198 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: http request metrics (#7197 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* remove unused code (#7203 )
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* handle Deny rules where conditions eval to true (#7204 )
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
* [Bug] Enforce message wrong (#7208 )
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fixed tests
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
---------
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* chore(deps): bump codecov/codecov-action from 3.1.3 to 3.1.4 (#7207 )
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 3.1.3 to 3.1.4.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](894ff025c7...eaaf4bedf3#7215 )
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.3 to 3.0.4.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](204a51a57a...03d0fecf17#7220 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: mutate existing auth check (#7219 )
* fix auth check when using variables in ns
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add kuttl tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: do not exclude kube-system service accounts by default (#7225 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* docs: add reports system design doc (#6949 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore(deps): bump k8s.io/apimachinery from 0.27.1 to 0.27.2 (#7227 )
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery ) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.27.1...v0.27.2 )
---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
* chore(deps): bump k8s.io/cli-runtime from 0.27.1 to 0.27.2 (#7228 )
Bumps [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime ) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/cli-runtime/compare/v0.27.1...v0.27.2 )
---
updated-dependencies:
- dependency-name: k8s.io/cli-runtime
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump sigstore/cosign-installer from 3.0.4 to 3.0.5 (#7229 )
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.4 to 3.0.5.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](03d0fecf17...dd6b2e2b61#7232 )
Bumps [k8s.io/pod-security-admission](https://github.com/kubernetes/pod-security-admission ) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/pod-security-admission/compare/v0.27.1...v0.27.2 )
---
updated-dependencies:
- dependency-name: k8s.io/pod-security-admission
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* fix: match logic misbehave (#7218 )
* add rule name in ur for mutate existing
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix match logic
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* linter fixes
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix the match logic to only apply to the new object, unless it's a delete request
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#7240 )
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.8.2...v1.8.3 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/onsi/gomega from 1.27.6 to 1.27.7 (#7239 )
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.27.6 to 1.27.7.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.27.6...v1.27.7 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump k8s.io/kube-aggregator from 0.27.1 to 0.27.2 (#7241 )
Bumps [k8s.io/kube-aggregator](https://github.com/kubernetes/kube-aggregator ) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/kube-aggregator/compare/v0.27.1...v0.27.2 )
---
updated-dependencies:
- dependency-name: k8s.io/kube-aggregator
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.27.1 to 0.27.2 (#7242 )
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver ) from 0.27.1 to 0.27.2.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases )
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.27.1...v0.27.2 )
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* updated kuttl tests
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fixed mistake in assert
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* quote image in error (#7259 )
Signed-off-by: bakito <github@bakito.ch>
* fix: auto update webhooks not configuring fail endpoint (#7261 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix latest version check (#7263 )
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore(deps): bump svenstaro/upload-release-action from 2.5.0 to 2.6.0 (#7270 )
Bumps [svenstaro/upload-release-action](https://github.com/svenstaro/upload-release-action ) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/svenstaro/upload-release-action/releases )
- [Changelog](https://github.com/svenstaro/upload-release-action/blob/master/CHANGELOG.md )
- [Commits](7319e4733e...58d5258088#7272 )
Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime ) from 0.14.6 to 0.15.0.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases )
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md )
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.14.6...v0.15.0 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* feat: add yaml util to check empty document (#7276 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#7274 )
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.6.1 to 5.7.0.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* fixed api version in kuttl tests
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated kuttl tests
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* go sum update
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated admission controller assert
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* updated image
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* removed admission controller changes
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* go mod fix
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
---------
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
Signed-off-by: Gus Parvin <gparvin@redhat.com>
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
Signed-off-by: bakito <github@bakito.ch>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Md Sahil <85174511+MdSahil-oss@users.noreply.github.com>
Co-authored-by: Gus Parvin <gparvin@redhat.com>
Co-authored-by: Raúl Garcia Sanchez <info@raulgarcia.de>
Co-authored-by: Mariam Fahmy <55502281+MariamFahmy98@users.noreply.github.com>
Co-authored-by: Ved Ratan <82467006+VedRatan@users.noreply.github.com>
Co-authored-by: Marc Brugger <github@bakito.ch>
2023-06-01 16:05:28 +08:00
Mariam Fahmy
7f6fb24057
feat: support cel expression in validate rules ( #7070 )
...
* feat: support cel expression in validate rules
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Adding CEL preconditions in kyverno policies
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Support parameter resources in validate.cel subrule
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Adding CEL preconditions in kyverno policies
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Add kuttl tests for validate.cel subrule
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Fix disallow-host-path kuttl test
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Add kuttl test for cel preconditions
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Fix kuttl tests for validate.cel
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Use K8S API Validation and AuditAnnotation
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Use K8S API ParamKind and ParamRef
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
---------
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
2023-05-31 14:30:55 -07:00
Justin Seiser
2521c63b86
feat(cronjobs): Enable podAnnotations on CronJobs ( #7366 )
...
Signed-off-by: Justin S <justinseiser@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-05-31 18:48:07 +00:00
Charles-Edouard Brétéché
1de8b5f0fb
fix: config map name in helm chart ( #7341 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-05-30 17:29:27 -04:00
Charles-Edouard Brétéché
6cf0f36339
fix: do not exclude kube-system service accounts by default ( #7225 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-05-17 22:23:30 +00:00
Charles-Edouard Brétéché
b3a56176e5
feat: add omit-events feature in helm chart ( #7185 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-05-12 15:11:20 +00:00
Charles-Edouard Brétéché
4aabcafd12
feat: add logging feature to helm chart ( #7181 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-05-12 12:09:01 +00:00
shuting
cb89fbae44
remove the duplicate entry ( #7125 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-05-09 08:22:55 +00:00
shuting
ef55e716a6
add condition msg to v2beta1 ( #7126 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-05-08 10:51:52 -04:00
Jim Bugwadia
f287e0a220
Conditions message ( #7113 )
...
* add message to conditions
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* extend tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
2023-05-08 15:34:23 +08:00
Charles-Edouard Brétéché
b9afce90ad
fix: mutation code ( #7095 )
...
* fix: mutation code
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-05-05 15:40:23 +00:00
Charles-Edouard Brétéché
7583aad6fd
feat: add config inclusions support ( #7082 )
...
* feat: add config inclusions support
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-05-03 16:40:36 +00:00
Jim Bugwadia
0c22858bbc
add support for Kubernetes API server POST ( #6948 )
...
* allow POST for Kubernetes API calls
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add kuttl tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fmt and undo local changes
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix codegen and unit test
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix unit test
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix tests and extends docs
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
2023-04-26 16:31:44 -07:00
Charles-Edouard Brétéché
f930c8eb48
feat: add registry credential helpers feature ( #7002 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-25 22:41:04 +08:00
Charles-Edouard Brétéché
f145ac44eb
feat: add reports cleanup jobs to prevent outage ( #6960 )
...
* feat: add reports cleanup jobs to prevent outage
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* security cotnext
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-04-25 12:47:52 +00:00
Charles-Edouard Brétéché
e39587b2bd
feat: add features section in helm values ( #6935 )
...
* feat: add features section in helm values
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* configs
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* overrides
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-25 11:23:01 +00:00
Charles-Edouard Brétéché
6d7f19688a
feat: bump k8s deps to 1.27 ( #6868 )
...
* feat: bump k8s deps to 1.27
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* bump k8s 1.27.1
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: ShutingZhao <shuting@nirmata.com>
2023-04-24 16:23:26 +00:00
shuting
e14fe847bc
feat: new access checks for background policies ( #6970 )
...
* switch to use sar for access checks
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update helm config
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix username
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update msg
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix sa name
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update install.yaml
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-04-24 10:31:42 +00:00
shuting
a247d13eb5
chore: restrict default permissions ( #6972 )
...
* restrict admission permissions
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* restrict background permissions
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update install.yaml
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-04-23 16:50:47 +00:00
Md Sahil
0873a9fc02
Support for Context vars in cleanup ( #6084 )
...
* Added Context in CleanupPolicySpec
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added context.go file with loadVariable()
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added loadAPIData() in context.go and called from handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added conditionals for not supported context variables
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted versions in CRDs
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted CRDs to v0.11.1
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Imported fmt in handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added Context in CleanupPolicySpec
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added context.go file with loadVariable()
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added loadAPIData() in context.go and called from handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added conditionals for not supported context variables
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted versions in CRDs
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reverted CRDs to v0.11.1
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Imported fmt in handlers.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Removed duplicate import
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* make verify-codegen
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Updated kuttl test
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Fixed kuttl failure
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* moved policy check to validation
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Reused functions
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added kuttl test
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Added more configMap
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* removed unecessary check
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* auto codegen
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* updated codegen
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
* Renamed ApplyJMESPath() to applyJMESPath()
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
---------
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-20 15:06:13 +08:00
shuting
2cd407f1d1
fix: refine event permissions in default roles ( #6957 )
...
* remove the event delete permission
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add '- events.k8s.io/v1'
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-04-17 15:41:45 +00:00
Charles-Edouard Brétéché
b9ee8bf984
feat: add verbosity level in helm chart values ( #6940 )
...
* feat: add verbosity level in helm chart values
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-17 11:51:43 +00:00
Charles-Edouard Brétéché
3f51e99109
refactor: configuration config map controller ( #6829 )
...
* refactor: configuration config map controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* rbac
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* clean
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* clean
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-11 12:05:20 +00:00
Jim Bugwadia
9fe330d7cf
fix API call SA token and response ( #6842 )
...
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
2023-04-11 14:03:10 +08:00
Charles-Edouard Brétéché
5ec66918f6
feat: add subresource support to resource filters ( #6780 )
...
* feat: add subresource support to resource filters
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* filter
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* values
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-05 13:51:07 +00:00
Charles-Edouard Brétéché
efde33c816
fix: drop hardcoded default exclusions ( #6789 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-05 13:05:04 +00:00
Charles-Edouard Brétéché
a710cccb7a
fix: replace background sa name in config by a flag ( #6790 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-05 11:50:29 +00:00
Charles-Edouard Brétéché
2f1ac317f4
feat: add flag to skip resource filters in reports controller ( #6778 )
...
* feat: add flag to skip resource filters in reports controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-04 13:05:29 +00:00
Charles-Edouard Brétéché
72e864fbca
feat: update resource filters ( #6765 )
...
* feat: update resource filters
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-04 06:25:52 +00:00
Charles-Edouard Brétéché
40ac8eb863
feat: add context/preconditions support to mutate existing ( #6754 )
...
* refactor: engine handlers
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: add context/preconditions support to mutate existing
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* readme
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix and context kuttl test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* validation
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* final fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-04-03 19:58:58 +00:00
shuting
389a64fe18
bump allowed PSA to 1.26 ( #6762 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-04-03 12:50:11 +00:00
shuting
af99bb1d0c
update install.yaml ( #6737 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-03-30 11:09:40 +00:00
Charles-Edouard Brétéché
07dd0b0082
chore: update tools versions ( #6720 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-29 19:24:37 +08:00
Charles-Edouard Brétéché
dc8a60a43e
feat: add operations support in match/exclude ( #6658 )
...
* feat: add operations support in match/exclude
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* clean
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* matching
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* operation
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* make operation mandatory
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-29 04:22:21 +00:00
Charles-Edouard Brétéché
7c571f76f4
feat: add support for ready message ( #6670 )
...
* feat: add support for ready message
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* Update .vscode/launch.json
Signed-off-by: shuting <shutting06@gmail.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shutting06@gmail.com>
2023-03-24 07:33:55 +00:00
shuting
cb6fd07899
fix: handle upgrade for generateExisting policies ( #6655 )
...
* add generateExistingOnPolicyUpdate as a potiner
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* deny policy with generateExistingOnPolicyUpdate specified
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* convert existing flag
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update api docs
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-03-23 16:36:51 +00:00
Charles-Edouard Brétéché
3c16c60912
refactor: admission reports aggregation ( #6568 )
...
* refactor: addmission reports aggregation
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix kuttl
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-17 12:07:17 +00:00
shuting
868df6ebdc
bring back install-latest-testing.yaml ( #6578 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-03-15 16:28:59 +00:00
Charles-Edouard Brétéché
8b2effa706
fix: admission reports apiVersion column ( #6555 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-13 15:11:37 +01:00
shuting
0b359d07db
rename GenerateExistingOnPolicyUpdate to GenerateExisting ( #6321 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-03-03 09:34:55 +00:00
shuting
d5684f6794
add labels to downstream and source resources ( #6322 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-02-22 10:49:09 +00:00
Jim Bugwadia
29997fe446
Notary v2 ( #6011 )
...
* fix make debug-deploy
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* improve log messages
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* initial update
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* initial update
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* update registry credentials handling order
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* comment out ACR helper - breaks anonymous image pull
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* merge main and refactor verifiers
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix opt init
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove local address
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* update to NotaryV2 RC
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix fmt
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* update deps
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* format imports
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove env and no-op statement
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix merge issues
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix linter issue
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove unused field
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* make fmt
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* renable ACR credential helper
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* Update .vscode/launch.json
Signed-off-by: shuting <shutting06@gmail.com>
---------
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: shuting <shutting06@gmail.com>
2023-02-20 16:26:10 +00:00
shuting
6ff2790957
add new fields to UR; add helpers ( #6294 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-02-10 14:56:17 +00:00
Brian Dunnigan
d33e616d69
#6055 Add JMESPath support to imageExtractors ( #6183 )
...
Signed-off-by: Brian Dunnigan <bdunnigan@clarityinnovates.com>
Co-authored-by: bdunnigan <bdunnigan@clarityinnovates.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2023-02-08 11:54:59 +00:00
shuting
6b3be9ada1
feat: enable leader election for the background controller ( #6237 )
...
* enable leader election for the background controller
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update api docs
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-02-07 14:44:51 +01:00
yinka
60cf8afff9
spec.background field implementation for PolicyExceptions ( #6127 )
...
* spec.background field implementation for PolicyExceptions
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* generated files
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* add kuttl test
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* set background to false
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* checks for variables
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* check if aggregate is nil
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* reject variables in polex
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* update
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* Update pkg/validation/exception/validate.go
Signed-off-by: shuting <shutting06@gmail.com>
* updates
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* change error
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* remove file
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* fix
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* fix lint error
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
---------
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
Signed-off-by: shuting <shutting06@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: shuting <shutting06@gmail.com>
2023-02-06 15:45:31 +00:00
Charles-Edouard Brétéché
d97a56938c
chore: remove install manifest ( #6217 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-02-03 16:37:40 +00:00
shuting
740b7f5a3a
remove exceptionNamespace from init-container ( #6187 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-02-01 10:13:34 +01:00
shuting
b4c1590ff3
feat: template background controller ( #6157 )
...
* add make targets for background controller
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* template background controller
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix code-gen manifests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* remove unused code
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* trim spaces
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Update Makefile
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: shuting <shutting06@gmail.com>
* Update Makefile
Signed-off-by: shuting <shutting06@gmail.com>
* fix
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* refactor: move resolvers into engine api package (#6162 )
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* add rbac
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add more rbac
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add debug info
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add notes to helm install
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix permissions
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: shuting <shutting06@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2023-01-31 17:12:34 +01:00
Charles-Edouard Brétéché
8250dc6ca3
fix: use conditions to show policy ready status ( #6071 )
...
* fix: use conditions to show policy ready status
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-01-30 10:16:49 +00:00
Charles-Edouard Brétéché
45554e7f2a
fix: Overriding .Values.service.port doesn't work ( #6118 )
...
* fix: Overriding .Values.service.port doesn't work
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-01-28 23:54:29 +00:00
Charles-Edouard Brétéché
7b3db15662
refactor: add names and security context helpers to helm chart ( #6136 )
...
* refactor: add names and security context helpers to helm chart
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* nit
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-01-28 10:11:34 +01:00
Charles-Edouard Brétéché
e4b19ebb25
refactor: helm admission controller part 2 ( #6130 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-01-27 08:52:26 -05:00
Charles-Edouard Brétéché
d36336d499
refactor: helm rbac component ( #6096 )
...
* refactor: helm labels management
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* labels
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* labels
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* labels
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* readme
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: helm rbac component
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix kuttl test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-01-26 22:40:12 +00:00
Charles-Edouard Brétéché
04c4673153
refactor: helm admission controller (part 1) ( #6119 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-01-26 16:41:39 +00:00
Charles-Edouard Brétéché
6545f64ce1
refactor: helm labels management ( #6073 )
...
* refactor: helm labels management
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* labels
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* labels
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* labels
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* readme
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
2023-01-24 20:41:24 +00:00
Charles-Edouard Brétéché
c933da999f
refactor: helm tests ( #6074 )
...
* refactor: helm tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* test other components
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* values
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* resources
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* image
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* annotations
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* annotations
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* delete
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-01-23 08:31:22 -05:00
Charles-Edouard Brétéché
e50c39ab7a
refactor: helm templating management ( #6076 )
...
* refactor: helm templating management
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fic
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-01-22 22:53:21 +00:00
Charles-Edouard Brétéché
e191a21b4d
refactor: helm chart crds management ( #6067 )
...
* refactor: helm chart crds management
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-01-20 22:01:33 +01:00
Charles-Edouard Brétéché
17805be0d7
refactor: helm configmaps ( #6064 )
...
* refactor: helm configmaps
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: helm configmaps
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* readme
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* changelog
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-01-20 14:36:54 +00:00
fsl
b8ecab76be
fix: comment format ( #6042 )
...
Signed-off-by: fengshunli <1171313930@qq.com>
Signed-off-by: fengshunli <1171313930@qq.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-01-20 08:56:35 +00:00
Charles-Edouard Brétéché
3fa0bb1f27
feat: remove report controllers from kyverno admission controller ( #6045 )
...
* feat: remove reports controller from kyverno admission controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* helm
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* rbac
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* helm
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* helm
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* helm
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-01-19 21:28:28 +08:00
Charles-Edouard Brétéché
ad4c4da690
feat: remove generate request CRD ( #6043 )
...
* feat: remove generate request CRD
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* changelog
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-01-19 19:39:05 +08:00
Charles-Edouard Brétéché
af3882f869
feat: add missing polex flags ( #6030 )
...
* feat: add missing polex flags
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chart defaul
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-01-19 11:56:22 +08:00
Eileen
0a19556a79
feat: support select namespace by label ( #4461 )
...
Signed-off-by: Eileen <eileenylj@gmail.com>
Reconstruct ValidationFailureActionOverrides
- Add `NamespaceSelector`
- Generate relative manifests
- Rewrite namespace matching logic in engineResponse
- Add test cases for validatetionFailureActionOverrides
- (WIP) Set Enforce as default
2023-01-18 10:21:34 +00:00
shuting
c6a9df5cc5
create events for cleanup policies ( #5982 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-01-12 08:25:25 +00:00
shuting
1997a291f3
fix: invoke cleanup process during shutdown ( #5974 )
...
* invoke cleanup process during shutdown
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix shutdown cleanup
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix shutdown panic
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* cleanup webhooks by the label
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2023-01-12 12:47:40 +08:00
Charles-Edouard Brétéché
7781cb5718
feat: add cluster role aggregation to cleanup controller ( #5966 )
...
* feat: add cluster role aggregation to cleanup controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* convention
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-01-10 21:54:27 +00:00
shuting
6ce8e16884
fix: update policy exception CRD description ( #5948 )
...
* update exception crds
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update api doc
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-01-09 15:40:59 +00:00
shuting
18455b4d21
feat: cleanup enhancements-1 ( #5796 )
...
* update fields description
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update cleanup controller clusterrole name
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* - add variables validations to support "request." and "images."; - update debug log level to 4
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add missing files
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-01-04 09:03:56 +00:00
Adrien F
b23965cd76
fix(chart/kyverno): handle multiple extraArgs in init container ( #5846 )
...
The lack of the nindent was causing rendering to fail:
```
Error: YAML parse error on kyverno/templates/deployment.yaml: error converting YAML to JSON: yaml: line 75: did not find expected key
helm.go:81: [debug] error converting YAML to JSON: yaml: line 75: did not find expected key
YAML parse error on kyverno/templates/deployment.yaml
helm.sh/helm/v3/pkg/releaseutil.(*manifestFile).sort
```
Reproducible by having the following values:
```
initContainer:
extraArgs:
- "--loggingFormat=json"
- "-v=-1"
```
Signed-off-by: Adrien Fillon <adrien.fillon@manomano.com>
Signed-off-by: Adrien Fillon <adrien.fillon@manomano.com>
2023-01-03 14:34:11 +00:00
Charles-Edouard Brétéché
0092f4aa0b
fix: enum values for ValidationFailureActionOverride ( #5835 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-01-02 19:31:51 +01:00
Njegos Railic
c429f845dd
Adding support for overriding the default registry ( #4715 )
...
Signed-off-by: Njegos Railic <railic.njegos@gmail.com>
Signed-off-by: Njegos Railic <railic.njegos@gmail.com>
2023-01-02 17:14:40 +00:00
Charles-Edouard Brétéché
eabd7a238b
fix: default value for validationFailureAction ( #5832 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-01-02 15:16:13 +00:00
shuting
c3ab0687bb
chore: update publicKey description ( #5789 )
...
* update publicKey description
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update api doc
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-12-27 14:19:26 +00:00
Jim Bugwadia
787a1dc40a
Service call ( #5755 )
...
* fix digest and verify logic
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* allow attestations with no attestors
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* require predicateType
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix typo
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* updates
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix linter issues
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* make service optional
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* make codegen-all
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* linter issues
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* gofmt
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add api token
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* codegen again!
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix API call
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix tests and formatting
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* revert changes to clientset & rename requestType
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2022-12-27 08:36:49 +00:00
Charles-Edouard Brétéché
3975323362
chore: bump deps including k8s ones ( #5751 )
...
* chore: bump deps including k8s ones
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix linter
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-12-21 22:33:51 +00:00
