kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00

Author	SHA1	Message	Date
Charles-Edouard Brétéché	ad4c4da690	feat: remove generate request CRD (#6043 ) * feat: remove generate request CRD Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * changelog Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-01-19 19:39:05 +08:00
Charles-Edouard Brétéché	af3882f869	feat: add missing polex flags (#6030 ) * feat: add missing polex flags Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chart defaul Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-01-19 11:56:22 +08:00
Charles-Edouard Brétéché	330709a7b4	fix: generate policy exception events (#5987 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-01-13 09:18:14 +00:00
Eileen	0b378b3ed8	feat: generate k8s event for exception (#5770 ) Signed-off-by: Eileen Yu <eileenylj@gmail.com> Signed-off-by: Eileen Yu <eileenylj@gmail.com>	2022-12-22 15:34:09 -08:00
Eileen	e0f0fdf242	feat: Implement PolicyException (#5680 ) * feat: Handle Exception Signed-off-by: Eileen Yu <eileenylj@gmail.com> * fixes Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Eileen Yu <eileenylj@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2022-12-16 09:13:14 +00:00
Pratik Shah	f8ed1a9301	issue-4613: Add support for cache enhancements with informers (#5484 ) Signed-off-by: Pratik Shah <pratik@infracloud.io> Signed-off-by: Pratik Shah <pratik@infracloud.io>	2022-12-02 13:59:51 +00:00
Charles-Edouard Brétéché	5b89e2e5f8	refactor: make policy context immutable and fields private (#5523 ) * refactor: make policy context immutable and fields private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor: make policy context immutable and fields private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-12-02 16:14:23 +08:00
Charles-Edouard Brétéché	1ea4a0db19	refactor: use internal cmd package in kyverno (#5507 )	2022-11-30 13:37:53 +00:00
Charles-Edouard Brétéché	dfded5cc60	feat: propagate context to the metrics package (#5479 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2022-11-28 10:30:14 +00:00
Prateek Pandey	2b4ff1ef6d	fix: synchronize source resource update to clone list resource (#5317 ) * fix: synchronize source resource update to clone list target resource Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * add kuttl test to verify the clone list synchronized behavior Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * refactor functions parameters Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * fix the kuttl test description and behavior README Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * Use entire content to compare Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-11-11 19:30:54 +00:00
Charles-Edouard Brétéché	cc8f643767	refactor: admission metrics (counter and latency) (#5245 ) * refactor: move all middlewares in handlers sub package Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor: admission metrics (counter and latency) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * builder Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * cleanup Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2022-11-09 18:52:20 +08:00
shuting	da84b777bc	fix: too much information for the Policy Rule Execution Latency metric (#5208 ) * remove general_rule_latency_type Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove resource_request_operation Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove resource_namespace Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove resource_kind Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix linter Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-11-04 14:31:23 +08:00
Charles-Edouard Brétéché	d2658a1bc8	refactor: support Audit and Enforce validation failure actions (#5152 ) * feat: remove policy mutation code Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor: support Audit and Enforce failure actions Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * typo Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * update changelog Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-11-01 09:56:52 +00:00
shuting	cf2b8dafa6	skip generating events on empty rule response (#5158 ) Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-10-27 08:34:55 +00:00
Charles-Edouard Brétéché	c4b3301ab0	fix: go routines not gracefully shut down in controllers (#5022 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>	2022-10-19 08:54:48 +00:00
Vyankatesh Kudtarkar	f5748b1e70	remove RBACInfo check (#5015 )	2022-10-17 14:47:06 +00:00
Charles-Edouard Brétéché	6270d40f50	fix: global anchor warning (#4962 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-10-17 17:15:57 +05:30
Vyankatesh Kudtarkar	f3e40efcd7	fix principal and role variables are not substituted (#5000 )	2022-10-17 05:16:14 +00:00
XDRAGON2002	03c41e7746	[Cleanup] Disable PolicySkipped events (#4913 ) * remove skip events Signed-off-by: Anant Vijay <anantvijay3@gmail.com> * update conditions Signed-off-by: Anant Vijay <anantvijay3@gmail.com> * improve conditions Signed-off-by: Anant Vijay <anantvijay3@gmail.com> * remove redundant function Signed-off-by: Anant Vijay <anantvijay3@gmail.com> Signed-off-by: Anant Vijay <anantvijay3@gmail.com> Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-10-13 08:32:20 +00:00
shuting	e75b57e635	skip succeed rules when building the blocked return message (#4804 ) Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-10-04 10:34:37 +00:00
Charles-Edouard Brétéché	e0ab72bb9a	feat: reports v2 implementation (#4608 ) This PR refactors the reports generation code. It removes RCR and CRCR crds and replaces them with AdmissionReport, ClusterAdmissionReport, BackgroundScanReport and ClusterBackgroundScanReport crds. The new reports system is based on 4 controllers: Admission reports controller is responsible for cleaning up admission reports and attaching admission reports to their corresponding resource in case of a creation Background scan reports controller is responsible for creating background scan reports when a resource and/or policy changes Aggregation controller takes care of aggregation per resource reports into higher level reports (per namespace) Resources controller is responsible for watching reports that need background scan reports I added two new flags to disable admission reports and/or background scan reports, the whole reporting system can be disabled if something goes wrong. I also added a flag to split reports in chunks to avoid creating too large resources. Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> Co-authored-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-09-28 17:15:16 +05:30
Charles-Edouard Brétéché	20b8697ad8	refactor: move mutation handler out of webhooks package (#4567 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-09 12:48:29 +02:00
Charles-Edouard Brétéché	e900815dc0	refactor: move validation handler out of webhooks package (#4556 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-09 07:52:38 +00:00
Charles-Edouard Brétéché	3e5645dd32	refactor: make webhook metrics helpers static (#4554 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-09 07:11:16 +03:00
Charles-Edouard Brétéché	16c2d880c8	refactor: move webhook events utils in utils package (#4545 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-08 18:10:27 +02:00
Charles-Edouard Brétéché	3b556abe63	chore: add unit test for updating ur status (#4541 ) * fix: defer ur update until validation passes Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: add unit test for updating ur status Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-08 21:59:51 +08:00
Charles-Edouard Brétéché	ed31fb0326	refactor: introduce ur updater (#4535 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-08 20:07:18 +08:00
Charles-Edouard Brétéché	f0fa50b27e	refactor: webhook block and unit tests (#4531 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-08 08:36:31 +00:00
Charles-Edouard Brétéché	8e33532b38	refactor: webhook exclusion and unit tests (#4528 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-08 06:19:18 +00:00
Charles-Edouard Brétéché	c8bbb5bead	refactor: utils for warnings and unit tests (#4523 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-07 14:01:42 +00:00
Charles-Edouard Brétéché	ae31378546	refactor: webhook policy context creation (#4480 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-01 16:52:36 +02:00

31 commits