shuting
|
813b80d3d9
|
fix: update match conditions for autogen rules (#12146)
* fix: update match conditions for autogen rules
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: autogen match condition prefix
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: merge main
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: shuting <shuting@nirmata.com>
|
2025-02-12 08:34:19 +00:00 |
|
Mariam Fahmy
|
7d5750a717
|
chore: move celexceptions to the new group (#12143)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2025-02-11 19:05:22 +02:00 |
|
Mariam Fahmy
|
f012241a82
|
feat: add cel-autogen chainsaw tests (#12135)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
|
2025-02-10 22:30:12 +00:00 |
|
Vishal Choudhary
|
de0d8e04f8
|
feat: add image data fetching support (#12134)
|
2025-02-10 18:33:01 +05:30 |
|
shuting
|
0548d09c21
|
feat: add status.autogen (#12109)
* feat: add status.autogen
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: update codegen
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: update codegen
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
|
2025-02-07 22:22:49 +05:30 |
|
Charles-Edouard Brétéché
|
e3ac39827d
|
feat: use dedicated group for new policies (#12123)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-07 12:51:03 +01:00 |
|
Mariam Fahmy
|
a4c10f6bb4
|
feat: compile and evaluate polex's match conditions (#12113)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2025-02-06 15:30:59 +02:00 |
|
Renato Vassão
|
d7751856ba
|
log action and message when creating event (#12092)
Signed-off-by: Renato Vassão <renatomvd@hotmail.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
|
2025-02-06 11:19:29 +00:00 |
|
shuting
|
e9e82f8832
|
feat: add autogen pod controllers to webhooks (#12112)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
|
2025-02-06 10:38:02 +00:00 |
|
Charles-Edouard Brétéché
|
02fceb64f7
|
feat: implement background scan (#12101)
* feat: implement background scan
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* scanner
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor request
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-06 05:49:41 +02:00 |
|
Charles-Edouard Brétéché
|
208314b04a
|
feat: use namespace in bg scan instead of just labels (#12102)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-05 18:34:26 +00:00 |
|
Mariam Fahmy
|
04efe351a7
|
chore: remove polex match constraints (#12103)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2025-02-05 17:56:58 +00:00 |
|
Mariam Fahmy
|
970c255765
|
feat: validate CELPolicyExceptions (#12083)
* feat: validate CELPolicyExceptions
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* chore: add cel-policy-exceptions tests in the CI
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2025-02-05 15:01:11 +00:00 |
|
shuting
|
1f3d82893b
|
feat: add vpol status (#11956)
* feat: add vpol status
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* feat: update status API
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: update code-gen manifests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* feat: reconcile vpol.status.conditions
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: add missing files
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: add default webhook filters
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: update codegen
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: update codegen
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: enable .status subresource
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: add missing files
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: linter
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
|
2025-02-05 14:16:53 +00:00 |
|
Charles-Edouard Brétéché
|
8fc6e78c16
|
feat: add validating policies to reports aggregation (#12096)
* feat: add validating policies to reports aggregation
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chainsaw test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* unit tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-05 13:21:28 +00:00 |
|
Charles-Edouard Brétéché
|
4a4aef54d3
|
feat: add reporting to validating admission handler (#12090)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-04 20:32:18 +00:00 |
|
Charles-Edouard Brétéché
|
4f63ef5bc1
|
feat: consider Warn validation action (#12081)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-04 14:35:52 +00:00 |
|
Charles-Edouard Brétéché
|
3b0c9d662c
|
refactor: webhook server/handlers (#12079)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-04 14:52:48 +02:00 |
|
Mariam Fahmy
|
192e655c45
|
chore: remove polex compiler (#12078)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2025-02-04 11:52:19 +00:00 |
|
Charles-Edouard Brétéché
|
b908b1037a
|
feat: consider validation actions (#12072)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-04 06:29:40 +02:00 |
|
Charles-Edouard Brétéché
|
e55a90cc4b
|
feat: implement match conditions failure policy (#12071)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-04 00:04:26 +02:00 |
|
Charles-Edouard Brétéché
|
884a77a044
|
feat: add context provider in admission handling (#12070)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-03 19:11:31 +02:00 |
|
Mariam Fahmy
|
202ab74ff5
|
feat: compile CEL exceptions (#12066)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2025-02-03 17:17:41 +02:00 |
|
Charles-Edouard Brétéché
|
1cb0d1c356
|
feat: add message expression support to validating policies (#12063)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-03 14:04:19 +00:00 |
|
Vishal Choudhary
|
7d8ed212a4
|
feat: create image data loader (#12036)
* feat: add image data loader to context
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: build
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: linter
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: update types
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: replace crane with remote
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: linter
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: linter
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-03 13:42:40 +00:00 |
|
Charles-Edouard Brétéché
|
2bf7262814
|
feat: add admission request cel variable (#12054)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-03 11:40:05 +00:00 |
|
Charles-Edouard Brétéché
|
0077fdae2b
|
feat: add validation message in cel engine response (#12052)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-03 11:13:06 +00:00 |
|
Mariam Fahmy
|
4c950dcb32
|
feat: use v1 of ValidatingAdmissionPolicies (#12050)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2025-01-31 14:21:43 +00:00 |
|
Mariam Fahmy
|
226cacd65c
|
fix: match the old object against the object selector for VAPs in the CLI (#12051)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2025-01-31 14:47:32 +01:00 |
|
Mariam Fahmy
|
d1536580da
|
feat: add CEL PolicyException CRD (#12038)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2025-01-31 11:39:17 +00:00 |
|
Charles-Edouard Brétéché
|
f59b78aef0
|
feat: process cel engine response in webhook handler (#12047)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-31 11:07:22 +00:00 |
|
Charles-Edouard Brétéché
|
b8f7a83942
|
feat: support adminssion review in cel engine (#12046)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-31 08:03:59 +00:00 |
|
Charles-Edouard Brétéché
|
7a4e1bede9
|
feat: use more admission attributes (#12044)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-30 23:58:12 +00:00 |
|
Charles-Edouard Brétéché
|
2ab3b2dd51
|
fix: cel lib get config map return type (#12042)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-31 01:15:05 +02:00 |
|
Charles-Edouard Brétéché
|
f448db3f36
|
feat: use admission attributes (#12041)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-30 20:36:41 +00:00 |
|
abhashsolanki18
|
5c9adf9fb5
|
fix: error handling and reduce log clutter (#11979)
* fix: error handling and reduce log clutter
Signed-off-by: abhashsolanki18 <abhashsolanki18@gmail.com>
* fixed lint test
Signed-off-by: abhashsolanki18 <abhashsolanki18@gmail.com>
---------
Signed-off-by: abhashsolanki18 <abhashsolanki18@gmail.com>
|
2025-01-30 09:47:09 +00:00 |
|
Charles-Edouard Brétéché
|
dfa9f2f727
|
feat(validating policies): add support for ns and object selectors (#12034)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-30 01:07:01 +02:00 |
|
Charles-Edouard Brétéché
|
30360e871a
|
feat: execute handler (#12033)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-29 11:24:13 -08:00 |
|
Charles-Edouard Brétéché
|
a36f8c857c
|
fix: don't sort cel policies (#12028)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-29 15:00:46 +00:00 |
|
Charles-Edouard Brétéché
|
bff9590ebc
|
fix: bad usage of wait group (#12029)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-29 12:28:41 +00:00 |
|
Charles-Edouard Brétéché
|
1d3a9294cc
|
feat: watch validating policies (#12008)
* feat: watch validating policies
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* rest config
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-28 16:24:40 +00:00 |
|
Mariam Fahmy
|
da717c4b17
|
feat: add validation action to VPs (#12017)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2025-01-28 14:34:26 +01:00 |
|
Charles-Edouard Brétéché
|
26e75fbf59
|
feat: add validating policy webhook handler (#12015)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-28 09:06:30 +00:00 |
|
Charles-Edouard Brétéché
|
92436bf4ed
|
refactor: use k8s wait group (#12010)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-27 23:25:33 +00:00 |
|
Charles-Edouard Brétéché
|
db4f7fb5e6
|
feat: register cel context lib (#12007)
* feat: register cel context lib
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* unit test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-27 16:16:27 +00:00 |
|
Mariam Fahmy
|
b8c6931aa5
|
feat: add autogen package for ValidatingPolicies (#11996)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2025-01-27 12:36:11 +00:00 |
|
Charles-Edouard Brétéché
|
a5fe768a53
|
feat: implement cel engine context provider (#11995)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-24 15:42:58 +00:00 |
|
Mariam Fahmy
|
1703428ffb
|
chore: remove unused functions in autogen (#11993)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2025-01-24 12:30:11 +00:00 |
|
Charles-Edouard Brétéché
|
ed80be3eff
|
feat: add support for more context elements (#11986)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-24 08:37:33 +00:00 |
|
Johann Schley
|
02c54490bc
|
Fix default value for apiCall context (#11733)
* chore(deps): bump golang.org/x/crypto from 0.29.0 to 0.30.0 (#11712)
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.29.0 to 0.30.0.
- [Commits](https://github.com/golang/crypto/compare/v0.29.0...v0.30.0)
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Johann Schley <johann.schley@swisscom.com>
* add test for apiCall default value
Signed-off-by: Johann Schley <johann.schley@swisscom.com>
* move fallback to default into fetch function
Signed-off-by: Johann Schley <johann.schley@swisscom.com>
* Update pkg/engine/apicall/apiCall.go
improved log message text
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Johann Schley <johann.schley@swisscom.com>
* Update pkg/engine/apicall/apiCall.go
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Johann Schley <johann.schley@swisscom.com>
* address comments
Signed-off-by: Johann Schley <johann.schley@swisscom.com>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Johann Schley <johann.schley@swisscom.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Johann Schley <johann.schley@swisscom.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
|
2025-01-24 04:54:32 +00:00 |
|