kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00

Author	SHA1	Message	Date
shuting	77fb10a430	Clean up RCRs if the count exceeds the threshold (#4148 ) * Clean up RCRs if the count exceeds the limit Signed-off-by: ShutingZhao <shuting@nirmata.com> * Sets reports to inactive on resourceExhausted error Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix linter Signed-off-by: ShutingZhao <shuting@nirmata.com> * Add a container flag changeRequestLimit Signed-off-by: ShutingZhao <shuting@nirmata.com> * Skip generating RCRs if resourceExhausted error occurs Signed-off-by: ShutingZhao <shuting@nirmata.com> * set default RCR limit to 1000 Signed-off-by: ShutingZhao <shuting@nirmata.com> * Update log messages and CHANGELOG.md Signed-off-by: ShutingZhao <shuting@nirmata.com> * Address review comments Signed-off-by: ShutingZhao <shuting@nirmata.com> * Extract mapper to a separate file Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-06-28 06:18:57 +00:00
shuting	cd2d89bf55	Wait for informers' cache to be synced before starting controllers (#4155 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-06-28 04:55:52 +00:00
shuting	47b1266503	- Disable events generation on DELETE; - Reduce event generation retry from 10 to 3 (#4159 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-06-28 11:58:23 +08:00
Jim Bugwadia	b68f4ba679	release event memory (#4138 ) Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-06-23 00:37:46 +08:00
Furkan Türkal	af3da5e19a	bump cosign to 1.9.1 to fix fulcio panic (#4117 ) Signed-off-by: Furkan <furkan.turkal@trendyol.com> Co-authored-by: Batuhan <batuhan.apaydin@trendyol.com> Co-authored-by: Batuhan <batuhan.apaydin@trendyol.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2022-06-16 16:03:22 +00:00
Prateek Pandey	02b806deee	fix: use policyName key to get the policy name (#4114 ) In case of namespace policy `ur.spec.policy` contains namespace/policy-name combinations, hence can't be used to set the policy name label. Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-06-16 11:23:37 +00:00
Andrew Bulford	11942560c3	fix: Stop incorrect any block condition logging (#4107 ) Previously the "no condition passed for 'any' block" would be logged for all `any` blocks because the log line always occurs, even if conditions are found. Co-authored-by: Samuel Torres <samuel.torres@form3.tech> Signed-off-by: Andrew Bulford <andrew.bulford@form3.tech> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>	2022-06-15 15:39:24 +00:00
Jim Bugwadia	c3be689851	remove TUF initialization from main (#4098 ) Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2022-06-10 00:52:12 -07:00
shuting	8260820a16	Fix labels with invalid charrs (#4034 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-05-30 05:21:08 +00:00
Charles-Edouard Brétéché	dae3dad027	refactor: used typed admission request in ur (#4022 ) * refactor: add policy event listener in ur controller (#4012) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `cd1fa030ee`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: used typed admission request in ur Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: used typed admission request in ur Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * Handle the error properly Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> Co-authored-by: ShutingZhao <shuting@nirmata.com>	2022-05-29 07:27:14 +00:00
Shubham Nazare	165c5d9fc3	feat: Extend CLI to cover generate policies (#3456 ) - Change in namespace for test-generate example - Change cloneResource to cloneSourceResource - Add support for namespaced Policy and fix log messages - Add test-generate in Makefile and an example of namespaced Policy - Fix namespaced policy issue and add comments - Refactor according to new generate controller - Add json tag to GeneratedResource field of RuleResponse struct Signed-off-by: Shubham Nazare <shubham4443@gmail.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-05-25 14:26:22 +00:00
Anton Popovichenko	afc9a56d33	Feature: Add support for allowing insecure registries. (#3983 ) Now you can work with self signed registries by updating your deployment with adding `--allowInsecureRegistry` to the `args` field. Signed-off-by: Anton Popovichenko <anton.popovichenko@mendix.com> Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-25 11:03:36 +02:00
Charles-Edouard Brétéché	4a6d5f7864	refactor: move policy deletion code from policy controller to ur controller (#4013 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-24 21:05:11 +02:00
Charles-Edouard Brétéché	74f5f30e3b	fix: bypass policy mutation if autogen internals enabled (#4007 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-24 17:37:01 +00:00
Charles-Edouard Brétéché	3a3556919f	fix: use background helper in ur generator (#4009 ) * fix: stop mutating cached resource in ur controller (#4003) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `dac733755b`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: use background helper in ur generator Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-24 16:58:45 +00:00
Charles-Edouard Brétéché	2e91d233c0	fix: remove update ur status in generator (#4008 ) * fix: stop mutating cached resource in ur controller (#4003) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `dac733755b`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: remove update ur status in generator Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-25 00:31:56 +08:00
Charles-Edouard Brétéché	cd1fa030ee	refactor: add policy event listener in ur controller (#4012 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-24 22:41:17 +08:00
Charles-Edouard Brétéché	b967d7388b	chore: remove unused ur errors (#4011 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>	2022-05-24 13:59:12 +00:00
Charles-Edouard Brétéché	73fdbd3e76	refactor: ur cleaner controller (#3974 ) * fix: move ur controller filtering in reconciler Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: mark ur retry on conflict Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: test data Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: add filter back in update ur handler Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: added some logs about attempts and increased backoff Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: reconciliation logic Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: Test_Generate_Synchronize_Flag Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: small nits Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: interface and logger Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: remove useless Control and ControlInterface Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: use GetObjectWithTombstone helper Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: reoder methods Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: is not found check Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: move check in reconcile code Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: stop mutating cached resource in ur controller (#4003) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `dac733755b`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-05-24 13:30:00 +00:00
Vyankatesh Kudtarkar	bea0b794d5	add validation check to ensure the annotations quoted (#3976 )	2022-05-24 12:45:23 +00:00
shuting	85b486eb27	Support `@` for mutate targets (#3998 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-05-24 17:49:36 +05:30
Charles-Edouard Brétéché	c9f8a68d8a	fix: stop mutation policies when autogen internals is enabled (#4004 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-24 13:08:29 +02:00
Charles-Edouard Brétéché	e47176d695	refactor: background controllers cleanup (#4001 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-24 10:27:26 +00:00
Charles-Edouard Brétéché	dac733755b	fix: stop mutating cached resource in ur controller (#4003 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-24 11:25:37 +02:00
Charles-Edouard Brétéché	1712dfa947	refactor: move label helper utils from policy package to background package (#3996 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-24 13:11:12 +05:30
Jim Bugwadia	8fe9163f4e	fix attestation checks (#3999 ) * fix attestation checks Signed-off-by: Jim Bugwadia <jim@nirmata.com> * make fmt Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix linter issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> * make codegen Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * dos2unix Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2022-05-24 14:57:01 +08:00
Charles-Edouard Brétéché	caa769fb1d	refactor: clean updaterequest generator (#3949 ) * refactor: clean updaterequest generator Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: clean updaterequest generator Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-05-23 22:39:12 +08:00
Charles-Edouard Brétéché	005400c606	chore: enable nosprintfhostport linter (#3989 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>	2022-05-23 14:14:52 +00:00
Charles-Edouard Brétéché	dd4fd943b1	feat: add controller utils package (#3952 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-05-23 13:45:04 +00:00
Charles-Edouard Brétéché	1afda6a137	refactor: make registry client variables private (#3975 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-23 18:45:25 +05:30
Charles-Edouard Brétéché	5340c5608c	fix: ur is nil in ur controller (#3986 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-23 11:19:27 +05:30
Charles-Edouard Brétéché	facac02e1d	fix: remove unused field (#3971 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>	2022-05-20 13:04:26 +02:00
Charles-Edouard Brétéché	c1df363a0e	fix: release ur when handler pod is gone (#3973 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-20 17:43:00 +08:00
Charles-Edouard Brétéché	1936d86623	fix: move ur controller filtering in reconciler (#3964 ) * fix: move ur controller filtering in reconciler Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: mark ur retry on conflict Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: test data Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: add filter back in update ur handler Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: added some logs about attempts and increased backoff Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: reconciliation logic Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: Test_Generate_Synchronize_Flag Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: small nits Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-20 00:06:56 +08:00
Charles-Edouard Brétéché	c988d519b4	fix: mark ur retry on conflict (#3961 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-18 06:07:13 +00:00
Charles-Edouard Brétéché	41a3f6c388	chore: make kyverno informers and listers import aliases consistent (#3958 ) * chore: make kyverno api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: make apimachinery api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: make dclient api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: make clients import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: make kube informers and listers import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: make kyverno informers and listers import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-05-18 04:02:31 +00:00
Charles-Edouard Brétéché	840307fc69	chore: enable ifshort linter (#3945 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-17 18:55:13 +00:00
Vyankatesh Kudtarkar	bee9f4df55	fix panic issue for ur (#3953 )	2022-05-17 16:57:47 +00:00
shuting	e7ccbb68d8	Cleanup URs on trigger deletion (#3955 ) * Clean URs on trigger deletion Signed-off-by: ShutingZhao <shuting@nirmata.com> * Make kyverno api import aliases consistent Signed-off-by: ShutingZhao <shuting@nirmata.com> * Fix gofumpt error Signed-off-by: ShutingZhao <shuting@nirmata.com> * Remove unused code Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-05-17 16:10:47 +00:00
Charles-Edouard Brétéché	572a76ce33	chore: make kube informers and listers import aliases consistent (#3957 ) * chore: make kyverno api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: make apimachinery api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: make dclient api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: make clients import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: make kube informers and listers import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-17 17:51:03 +02:00
Charles-Edouard Brétéché	a6d4cd186d	chore: make clients import aliases consistent (#3956 ) * chore: make kyverno api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: make apimachinery api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: make dclient api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: make clients import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-17 15:26:32 +00:00
Charles-Edouard Brétéché	5243763674	chore: make dclient import aliases consistent (#3951 ) * chore: make kyverno api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: make apimachinery api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: make dclient api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-17 14:40:51 +00:00
Charles-Edouard Brétéché	666bcb3c15	chore: make k8s api import aliases consistent (#3950 ) * chore: make kyverno api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: make apimachinery api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-17 22:14:31 +08:00
Charles-Edouard Brétéché	b3e227dbaf	fix: use admissionrequest subresource to filter webhooks (#3944 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-05-17 12:15:02 +00:00
Charles-Edouard Brétéché	5aaf2d8770	chore: make kyverno api import aliases consistent (#3939 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-17 13:12:43 +02:00
Charles-Edouard Brétéché	8f806424c3	fix: cache warmup log message (#3943 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-05-17 08:55:27 +00:00
Prateek Pandey	a6718819c5	fix: use patch to update handler status in UR (#3928 ) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-05-17 16:21:53 +08:00
Prateek Pandey	8aebe3d06a	fix: handle UR delete once trigger namespace deleted (#3934 ) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-05-17 06:56:12 +00:00
Charles-Edouard Brétéché	0099ef54ad	chore: enable gofmt and gofumpt linters (#3931 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-17 06:19:03 +00:00
Charles-Edouard Brétéché	c12f94d6d4	chore: enble gci linter (#3930 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-05-17 07:56:48 +02:00

1 2 3 4 5 ...

2551 commits