Charles-Edouard Brétéché
396282ab77
chore: remove unnecessary cleanup steps from kuttl tests ( #6771 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-03 17:35:38 +00:00
Charles-Edouard Brétéché
4cf5903545
fix: allow empty image ( #6767 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-03 17:01:35 +00:00
Charles-Edouard Brétéché
89928e286a
chore: use Audit instead of audit in kuttl tests ( #6770 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-03 16:27:21 +00:00
Pradeep Lakshmi Narasimha
cc9adc5cd8
Adding validation to reject audit mode policy creation/updation when mutateDigest is set to true ( #6757 )
...
* Adding validation to reject audit mode policy creation/updation when mutateDigest is set to true
Signed-off-by: praddy26 <pradeep.vaishnav4@gmail.com>
* fix tests
Signed-off-by: realshuting <shutting06@gmail.com>
---------
Signed-off-by: praddy26 <pradeep.vaishnav4@gmail.com>
Signed-off-by: realshuting <shutting06@gmail.com>
Co-authored-by: realshuting <shutting06@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-04-03 15:52:32 +00:00
Charles-Edouard Brétéché
75280aad28
fix: quit when loosing leadership ( #6718 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-04-03 15:17:44 +00:00
Charles-Edouard Brétéché
9ac141fcb9
fix: don't filter on group when service based apiservice discovery fails ( #6766 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-03 14:44:01 +00:00
Charles-Edouard Brétéché
247af9d516
fix: missing image pull secrets in helm hooks ( #6764 )
...
* fix: missing image pull secrets in helm hooks
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* release notes
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-03 14:09:56 +00:00
Charles-Edouard Brétéché
8f84d222ef
chore: use Enforce instead of enforce in kuttl tests ( #6763 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-03 13:36:30 +00:00
shuting
389a64fe18
bump allowed PSA to 1.26 ( #6762 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-04-03 12:50:11 +00:00
Ved Ratan
367156f60b
[Chore] Bump to Go 1.20 ( #6683 )
...
* changed go version 1.19->1.20
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* updated go version in actions
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* bumped golangci-lint
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix conflicts
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fixed some linter issues
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fixed some linter issues
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* possible fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* small fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
---------
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
Signed-off-by: Ved Ratan <82467006+VedRatan@users.noreply.github.com>
2023-04-03 11:40:47 +00:00
Liang Deng
0be5255be9
feat: lint Helm charts for Artifact Hub ( #6758 )
...
Signed-off-by: Liang Deng <283304489@qq.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-03 07:56:52 +00:00
Charles-Edouard Brétéché
b4a4e3a4f3
refactor: don't process context/preconditions in invokeHandler ( #6751 )
...
* refactor: engine handlers
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: don't process context/preconditions in invokeHandler
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-03 12:57:48 +08:00
shuting
e75c766acd
add new test ( #6752 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-03-31 13:56:32 +02:00
shuting
a243b405d2
add a kuttl test ( #6622 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-03-31 12:27:25 +02:00
Charles-Edouard Brétéché
263fd8a7a8
refactor: introduce image mutation handler ( #6735 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-31 06:41:48 +00:00
shuting
55d2eeaded
refactor - fire generate upon trigger deletion ( #6736 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-03-31 06:08:14 +00:00
shuting
efe09b286e
fix source in events ( #6739 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-03-31 07:34:31 +02:00
Charles-Edouard Brétéché
94f0829a37
fix: no skip result when no image match the rule ( #6733 )
...
* fix: no skip result when no image match the rule
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-30 15:31:11 +00:00
dependabot[bot]
c1973b2d1d
chore(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3 ( #6729 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](e38b1902ae...80e868c13c
2023-03-30 14:09:29 +00:00
Charles-Edouard Brétéché
eaaa8a0236
refactor: engine responses ( #6738 )
...
* refactor: engine responses
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-30 11:59:32 +00:00
shuting
af99bb1d0c
update install.yaml ( #6737 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-03-30 11:09:40 +00:00
dependabot[bot]
0dbf900fe9
chore(deps): bump github.com/go-logr/logr from 1.2.3 to 1.2.4 ( #6731 )
...
Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr ) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/go-logr/logr/releases )
- [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md )
- [Commits](https://github.com/go-logr/logr/compare/v1.2.3...v1.2.4 )
---
updated-dependencies:
- dependency-name: github.com/go-logr/logr
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-30 10:25:21 +00:00
Charles-Edouard Brétéché
d0841e4918
refactor: introduce pss validation handler ( #6724 )
...
* refactor: remove rules pointer
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: introduce pss validation handler
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* handler
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-30 09:51:16 +00:00
shuting
e2a8d9fa04
fix: event message for the image verify rule ( #6734 )
...
* debug
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* debug
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* debug
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* debug
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-03-30 09:14:02 +00:00
dependabot[bot]
5155412089
chore(deps): bump go.uber.org/multierr from 1.10.0 to 1.11.0 ( #6732 )
...
Bumps [go.uber.org/multierr](https://github.com/uber-go/multierr ) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/uber-go/multierr/releases )
- [Changelog](https://github.com/uber-go/multierr/blob/master/CHANGELOG.md )
- [Commits](https://github.com/uber-go/multierr/compare/v1.10.0...v1.11.0 )
---
updated-dependencies:
- dependency-name: go.uber.org/multierr
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-30 08:30:59 +00:00
dependabot[bot]
b3a68241d8
chore(deps): bump github.com/onsi/gomega from 1.27.5 to 1.27.6 ( #6730 )
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.27.5 to 1.27.6.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.27.5...v1.27.6 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-30 07:47:13 +00:00
Charles-Edouard Brétéché
af526ff350
test: bgscan report with image verification rule passing ( #6728 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-29 22:49:09 +00:00
Charles-Edouard Brétéché
749ea6dacf
chore: bump default k8s version to v1.26.2 ( #6727 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-29 22:02:40 +00:00
Charles-Edouard Brétéché
d13751c8bf
fix: missing volume for sigstore in reports controller ( #6726 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-29 16:55:46 -04:00
shuting
805f7b72a9
remove unused ctx ( #6725 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-03-29 18:23:29 +00:00
Charles-Edouard Brétéché
43811733dc
refactor: remove rules pointer ( #6722 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-29 17:44:09 +00:00
Vyom Yadav
c01b5cc381
fix: Don't check for subresource existence when it is the trigger. ( #6544 )
...
Signed-off-by: Vyom-Yadav <jackhammervyom@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-03-29 15:54:42 +00:00
Charles-Edouard Brétéché
c7192912fa
refactor: add preconditions check to engine invokeHandler ( #6721 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-29 13:33:02 +00:00
Charles-Edouard Brétéché
3e5cfe3ae4
test: add kuttl test for bad manifest signatures ( #6719 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-29 12:09:22 +00:00
Charles-Edouard Brétéché
07dd0b0082
chore: update tools versions ( #6720 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-29 19:24:37 +08:00
dependabot[bot]
bf6e326d5f
chore(deps): bump sigs.k8s.io/controller-runtime from 0.14.5 to 0.14.6 ( #6717 )
...
Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime ) from 0.14.5 to 0.14.6.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases )
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md )
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.14.5...v0.14.6 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-29 09:28:46 +00:00
Charles-Edouard Brétéché
7e8f72ccd3
fix: cap and validate webhook timeout ( #6715 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-29 07:02:52 +00:00
Charles-Edouard Brétéché
dc8a60a43e
feat: add operations support in match/exclude ( #6658 )
...
* feat: add operations support in match/exclude
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* clean
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* matching
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* operation
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* make operation mandatory
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-29 04:22:21 +00:00
Chip Zoller
12294dc47b
bump versions, license ( #6714 )
...
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-28 22:17:06 +00:00
Charles-Edouard Brétéché
74664d4280
chore: remove dead code ( #6710 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-28 14:43:25 +00:00
Charles-Edouard Brétéché
f812335280
fix: allow overriding PDB api version ( #6708 )
...
* fix: allow overriding PDB api version
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* changelog
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-28 14:09:47 +00:00
Charles-Edouard Brétéché
db29d8b2ba
fix: propagate error when parsing an image fails ( #6706 )
...
* fix: propagate error when parsing an image fails
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* Apply suggestions from code review
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-28 13:36:07 +00:00
Charles-Edouard Brétéché
391f1ae487
fix: allow image to be not present ( #6707 )
...
* fix: allow image to be not present
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* log
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-28 13:02:29 +00:00
dependabot[bot]
70cd7124c9
chore(deps): bump github/codeql-action from 2.2.8 to 2.2.9 ( #6705 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.8 to 2.2.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](67a35a0858...04df1262e6
2023-03-28 08:23:52 +00:00
Charles-Edouard Brétéché
341ed36e54
refactor: make use of handlers in engine validation ( #6704 )
...
* refactor: make use of handlers in engine validation
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* polex
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-28 07:47:53 +02:00
Charles-Edouard Brétéché
54c5a4e127
test: add kuttl tests for manifests verification ( #6701 )
...
* test: add kuttl tests for manifests verification
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* more
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix readme
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-27 12:19:19 -04:00
Charles-Edouard Brétéché
dbc442b9e1
refactor: introduce image validation handler ( #6697 )
...
* refactor: factorise rule handler invocation code
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: introduce validation handler
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: introduce image validation handler
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-27 15:11:27 +00:00
Charles-Edouard Brétéché
d96499462e
chore: update argocd lab ( #6698 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-27 22:35:46 +08:00
Charles-Edouard Brétéché
84d4bb4998
refactor: introduce validation handler ( #6695 )
...
* refactor: factorise rule handler invocation code
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: introduce validation handler
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-03-27 13:53:42 +00:00
shuting
0c702f49b1
add mutate.targets validations ( #6693 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-03-27 13:52:44 +00:00
