mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-15 17:51:20 +00:00
Code Activity
4711 commits 15 branches 540 tags 276 MiB
Commit graph

4711 commits

This branch
This branch
All branches
Author SHA1 Message Date
Eng Zer Jun
f40a3bc8f5
refactor: move from io/ioutil to io and os packages (#4752) 
The io/ioutil package has been deprecated as of Go 1.16 [1]. This commit
replaces the existing io/ioutil functions with their new definitions in
io and os packages.

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
 2022-09-30 12:55:19 +05:30
Charles-Edouard Brétéché
8784f95cc7
refactor: split main in a couple of funcs and use local loggers (#4754) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-30 08:13:13 +02:00
Charles-Edouard Brétéché
a986a98535
fix: helm self signed cert (#4745) 
* fix: helm self signed cert

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* release note

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
 2022-09-29 20:18:39 +00:00
yinka
528bcbad6b
add and use package level logger (#4750) 
* add and use package level logger

Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* small fixes

Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* fix comments

Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* add Info and Error functions

Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* small fixes

Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* move function calls

Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* replace init function

Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-29 19:43:20 +00:00
Charles-Edouard Brétéché
7fa796e24a
fix: watch error in resource controller (#4751) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-29 23:39:34 +05:30
Charles-Edouard Brétéché
5a3532da91
chore: use constant in cert manager controller (#4747) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-29 17:50:19 +02:00
Charles-Edouard Brétéché
205bb28b52
feat: add typed client support and metrics wrapper (#4724) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-29 17:12:50 +05:30
Charles-Edouard Brétéché
da3970de5b
chore: speed up helm docs gen on mac (#4742) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
 2022-09-29 09:06:37 +00:00
Charles-Edouard Brétéché
8e24dbece0
fix: reports not generated (#4743) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-29 08:39:14 +00:00
yinka
bb2e193d44
feat: allow users enable JSON logging with a --loggingFormat=json flag (#4661) 
* feat: add feature flag to disable background scan (#4638)

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* allow users configure JSON logging with a --logging-format=json flag

Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* Clean up changes

Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* added kubeconfig and context flag to kyverno apply (#4524)

Signed-off-by: Sandesh More <sandesh.more@infracloud.io>

Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* chore: publish sbom result to a different repositry from an image (#4665)

Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>

Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* Fix issue for wildcard versions (#4670)

* Fix wildcard issue

Co-Authored-By: vyankd <51167361+vyankd@users.noreply.github.com>

* Delete res.yaml

Co-Authored-By: vyankd <51167361+vyankd@users.noreply.github.com>

Co-authored-by: vyankd <51167361+vyankd@users.noreply.github.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* chore: bump minimum go version (#4677)

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* fix: namespaced policy not validated in engine (#4653)

* fix: namespaced policy not validated in engine

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* fix test

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* fix: handle auth permission for cloneList validation (#4684)

Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* fix: bump net standard lib (#4685)

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* small fixes

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* add json logger

Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* fix import

Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* fix go mod

Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* fix go mod

Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* chore: simplify go mod (#4692)

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* fix: jmespath random error handling (#4697)

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* refactor: replace signal package by signal.NotifyContext (#4691)

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* fix: namespaced policy targets namespace validation and scoping them to the policy's namespace (#4671)

Signed-off-by: praddy26 <pradeep.vaishnav4@gmail.com>

Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* fix: shutdown controllers workers gracefully (#4681)

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* fix: split webhook handlers per failure policy (#4650)

* fix: split webhook handlers per failure policy

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* fix handlers

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* rolling update

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* better error message

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* refactor: use pod name as leader id (#4680)

* refactor: use pod name as leader id

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* fix manifests

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* makefile

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* leader client

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* fix: missing client wrapper (#4703)

* fix: missing client wrapper

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* v1beta1

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* v1alpha2

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* policy report

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* chore: refactor manifests related makefile targets (#4706)

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>

* deps

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
Co-authored-by: Sandesh More <34198712+sandeshlmore@users.noreply.github.com>
Co-authored-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Co-authored-by: vyankd <51167361+vyankd@users.noreply.github.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Pradeep Lakshmi Narasimha <pradeep.vaishnav4@gmail.com>
 2022-09-29 07:49:29 +00:00
Charles-Edouard Brétéché
82a9eeb16c
fix: use a single leader election (#4722) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-29 07:23:21 +00:00
Prateek Pandey
01dbf7389d
fix: containerd dependency vulnerability (#4629) 
upgrade the containerd indirect deps to
fixed version

Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>

Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
Signed-off-by: shuting <shuting@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2022-09-29 05:40:55 +00:00
shuting
1d83e86c12
Add PSa policy validations (#4735) 
* Validate PSa control names

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* Add validation checks for the PSa rule

Signed-off-by: ShutingZhao <shuting@nirmata.com>

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-29 12:03:13 +08:00
Abhinav Sinha
a1182859ad
Added x509_decode JMESPath function (#4664) 
* Added `x509_decode` JMESPath function

Signed-off-by: Abhinav Sinha <abhinav@nirmata.com>

* Use `crypto/x509` stdlib

Signed-off-by: Abhinav Sinha <abhinav@nirmata.com>

* Return result as `map[string]interface{}`

Signed-off-by: Abhinav Sinha <abhinav@nirmata.com>

* Made minor fixes

Signed-off-by: Abhinav Sinha <abhinav@nirmata.com>

* Fixed error with unmarshalling decoded certificate

Signed-off-by: Abhinav Sinha <abhinav@nirmata.com>

* Added e2e test for decoding X.509 certs

Signed-off-by: Abhinav Sinha <abhinav@nirmata.com>

* Reverted to using `smallstep/zcrypto` for X.509

Signed-off-by: Abhinav Sinha <abhinav@nirmata.com>

* Minor fix

Signed-off-by: Abhinav Sinha <abhinav@nirmata.com>

* Addressed reviews

Signed-off-by: Abhinav Sinha <abhinav@nirmata.com>

* Removed redundant dependency on `pkg/errors`

Signed-off-by: Abhinav Sinha <abhinav@nirmata.com>

Signed-off-by: Abhinav Sinha <abhinav@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2022-09-28 18:15:39 +00:00
Prateek Pandey
38c252952d
feat: add matchlabel selector support with multiple clone (#4713) 
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>

Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
 2022-09-28 17:44:38 +02:00
Charles-Edouard Brétéché
c28c0f2f42
docs: add policy cache controller docs (#4714) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
 2022-09-28 13:08:26 +00:00
Charles-Edouard Brétéché
7302578623
fix: output make messages to stderr (#4727) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-28 12:39:03 +00:00
Charles-Edouard Brétéché
e0ab72bb9a
feat: reports v2 implementation (#4608) 
This PR refactors the reports generation code.
It removes RCR and CRCR crds and replaces them with AdmissionReport, ClusterAdmissionReport, BackgroundScanReport and ClusterBackgroundScanReport crds.

The new reports system is based on 4 controllers:

Admission reports controller is responsible for cleaning up admission reports and attaching admission reports to their corresponding resource in case of a creation
Background scan reports controller is responsible for creating background scan reports when a resource and/or policy changes
Aggregation controller takes care of aggregation per resource reports into higher level reports (per namespace)
Resources controller is responsible for watching reports that need background scan reports
I added two new flags to disable admission reports and/or background scan reports, the whole reporting system can be disabled if something goes wrong.

I also added a flag to split reports in chunks to avoid creating too large resources.

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
Co-authored-by: prateekpandey14 <prateek.pandey@nirmata.com>
 2022-09-28 17:15:16 +05:30
shuting
34c6920129
Support PSa integration by controlName only (#4710) 
* Remove "restrictedField" and "values" from podSecurity.exclude

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* Remove commented code

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* Add unit tests for restricted_runAsNonRoot

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* Add baseline unit tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* Add unit tests for restricted controls

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* Removes PSa tests at the engine level

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* - Update API docs; - Add unit tests for wildcard images

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* Remove autogen conversion for PSa policies

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* copy pod with DeepCopy()

Signed-off-by: ShutingZhao <shuting@nirmata.com>

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-28 10:03:53 +00:00
Charles-Edouard Brétéché
56c74272bb
chore: update client code generator (#4711) 
* chore: update client code generator

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* fix inconsistency on my mac

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-28 09:31:06 +00:00
Charles-Edouard Brétéché
ec5c469175
chore: group unit and cli tests targets and separate sections (#4693) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-28 11:55:17 +08:00
Shivansh Yadav
2a5407f7f0
fix: remove deprecation notice (#4635) 
Signed-off-by: Shivansh-yadav13 <yadavshivansh@gmail.com>

Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
 2022-09-27 18:18:16 +00:00
Charles-Edouard Brétéché
332a5aa01f
chore: enable overriding images repo (#4694) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-27 17:47:59 +00:00
Charles-Edouard Brétéché
073ff38cc9
fix: change key used in test (#4718) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-27 17:18:14 +00:00
Charles-Edouard Brétéché
104b686edc
chore: refactor manifests related makefile targets (#4706) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-27 06:08:06 +00:00
Charles-Edouard Brétéché
160259d954
fix: missing client wrapper (#4703) 
* fix: missing client wrapper

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* v1beta1

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* v1alpha2

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* policy report

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-26 16:54:29 +00:00
Charles-Edouard Brétéché
481a09823f
refactor: use pod name as leader id (#4680) 
* refactor: use pod name as leader id

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* fix manifests

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* makefile

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* leader client

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-26 16:25:27 +00:00
Charles-Edouard Brétéché
665e513c5e
fix: split webhook handlers per failure policy (#4650) 
* fix: split webhook handlers per failure policy

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* fix handlers

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* rolling update

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* better error message

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
 2022-09-26 15:55:46 +00:00
Charles-Edouard Brétéché
8741c34081
fix: shutdown controllers workers gracefully (#4681) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
 2022-09-26 15:24:57 +00:00
Pradeep Lakshmi Narasimha
e305aea95c
fix: namespaced policy targets namespace validation and scoping them to the policy's namespace (#4671) 
Signed-off-by: praddy26 <pradeep.vaishnav4@gmail.com>

Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
 2022-09-26 14:54:13 +00:00
Charles-Edouard Brétéché
79bff1c19c
refactor: replace signal package by signal.NotifyContext (#4691) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
 2022-09-26 14:24:32 +00:00
Charles-Edouard Brétéché
6a8085522a
fix: jmespath random error handling (#4697) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-26 13:33:52 +00:00
Charles-Edouard Brétéché
7209445cd3
chore: simplify go mod (#4692) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-26 18:25:03 +05:30
Charles-Edouard Brétéché
9e872305a2
fix: bump net standard lib (#4685) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
 2022-09-26 08:22:29 +00:00
Prateek Pandey
9cc1e6b2b3
fix: handle auth permission for cloneList validation (#4684) 
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
 2022-09-26 13:23:00 +05:30
Charles-Edouard Brétéché
4d7e1281de
fix: namespaced policy not validated in engine (#4653) 
* fix: namespaced policy not validated in engine

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* fix test

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
 2022-09-26 12:47:37 +08:00
Charles-Edouard Brétéché
e8839a3ff7
chore: bump minimum go version (#4677) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-25 10:11:28 +00:00
Vyankatesh Kudtarkar
23269b7f5c
Fix issue for wildcard versions (#4670) 
* Fix wildcard issue

Co-Authored-By: vyankd <51167361+vyankd@users.noreply.github.com>

* Delete res.yaml

Co-Authored-By: vyankd <51167361+vyankd@users.noreply.github.com>

Co-authored-by: vyankd <51167361+vyankd@users.noreply.github.com>
 2022-09-23 22:04:39 +08:00
Batuhan Apaydın
e35da69c92
chore: publish sbom result to a different repositry from an image (#4665) 
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>

Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
 2022-09-21 22:06:34 -05:00
Sandesh More
01b1ece704
added kubeconfig and context flag to kyverno apply (#4524) 
Signed-off-by: Sandesh More <sandesh.more@infracloud.io>
 2022-09-20 19:05:18 +05:30
Charles-Edouard Brétéché
328fdc8b3d
feat: add feature flag to disable background scan (#4638) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
 2022-09-19 12:00:36 +00:00
Charles-Edouard Brétéché
6eea7c45f7
feat: add explicit key support to controller utils (#4628) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-19 11:25:03 +00:00
Prateek Pandey
71404df826
refactor: update log based on the policy types (#4646) 
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>

Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-19 10:56:55 +00:00
Charles-Edouard Brétéché
fe8c5bbdf2
refactor: split policyreport api files (#4641) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-19 10:28:51 +00:00
Charles-Edouard Brétéché
47b3704848
fix: missing elements in v2beta1 api (#4654) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-19 09:55:04 +00:00
Charles-Edouard Brétéché
42a2df56c1
refactor: add a couple of constants in api (#4640) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-19 09:11:12 +00:00
Charles-Edouard Brétéché
634dff5639
feat: introduce RCR interface (#4642) 
* feat: introduce RCR interface

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* fix codegen

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-19 08:42:11 +00:00
Charles-Edouard Brétéché
b9baae9746
fix: incorrect namespace in report controller (#4637) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
 2022-09-19 07:33:34 +00:00
Charles-Edouard Brétéché
316640c72b
fix: remove RCR from mutation webhook (#4636) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-19 09:04:50 +02:00
Charles-Edouard Brétéché
d256735399
feat: add controller utils tools (#4639) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-18 10:12:29 +01:00