1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00
Commit graph

7567 commits

Author SHA1 Message Date
Harshita Sao
838ea5b931
fix: fixed the pinned dependencies issue (#10910)
Signed-off-by: harshitasao <harshitasao@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-08-28 13:15:02 +00:00
dependabot[bot]
12a515cc0d
chore(deps): bump github.com/notaryproject/notation-go (#10939)
Bumps [github.com/notaryproject/notation-go](https://github.com/notaryproject/notation-go) from 1.2.0-rc.1 to 1.2.0.
- [Release notes](https://github.com/notaryproject/notation-go/releases)
- [Commits](https://github.com/notaryproject/notation-go/compare/v1.2.0-rc.1...v1.2.0)

---
updated-dependencies:
- dependency-name: github.com/notaryproject/notation-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-28 07:27:53 +00:00
Charles-Edouard Brétéché
ad4f0ab038
feat: bump controller gen package (#10927)
* feat: bump controller gen package

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix chainsaw test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* bump annotation

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-08-28 14:23:19 +08:00
Mariam Fahmy
2140a0239b
chore: rename validationFailureAction to failureAction under the rule (#10893)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
2024-08-27 20:07:57 +00:00
dependabot[bot]
ee5fdcad47
chore(deps): bump github.com/notaryproject/notation-core-go (#10932)
Bumps [github.com/notaryproject/notation-core-go](https://github.com/notaryproject/notation-core-go) from 1.1.0-rc.1 to 1.1.0.
- [Release notes](https://github.com/notaryproject/notation-core-go/releases)
- [Commits](https://github.com/notaryproject/notation-core-go/compare/v1.1.0-rc.1...v1.1.0)

---
updated-dependencies:
- dependency-name: github.com/notaryproject/notation-core-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-08-27 13:21:04 +00:00
dependabot[bot]
754310a143
chore(deps): bump sonarsource/sonarcloud-github-action (#10900)
Bumps [sonarsource/sonarcloud-github-action](https://github.com/sonarsource/sonarcloud-github-action) from 2.3.0 to 3.0.0.
- [Release notes](https://github.com/sonarsource/sonarcloud-github-action/releases)
- [Commits](e44258b109...eb21172326)

---
updated-dependencies:
- dependency-name: sonarsource/sonarcloud-github-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-27 08:52:19 +00:00
Charles-Edouard Brétéché
896294176b
fix: update docs generation (#10926)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-08-27 00:31:30 +00:00
Charles-Edouard Brétéché
e636809c76
chore: improve our crds generator code (#10925)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-08-26 23:32:19 +00:00
dependabot[bot]
3314f269be
chore(deps): bump github/codeql-action from 3.26.2 to 3.26.5 (#10920)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.2 to 3.26.5.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](429e197704...2c779ab0d0)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-26 21:56:10 +00:00
dependabot[bot]
411918c730
chore(deps): bump zgosalvez/github-actions-ensure-sha-pinned-actions (#10918)
Bumps [zgosalvez/github-actions-ensure-sha-pinned-actions](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions) from 3.0.10 to 3.0.11.
- [Release notes](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/releases)
- [Commits](b88cd0aad2...3c16e895bb)

---
updated-dependencies:
- dependency-name: zgosalvez/github-actions-ensure-sha-pinned-actions
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-26 13:13:03 +00:00
dependabot[bot]
07f7f2abae
chore(deps): bump sigstore/scaffolding from 0.7.5 to 0.7.7 (#10919)
Bumps [sigstore/scaffolding](https://github.com/sigstore/scaffolding) from 0.7.5 to 0.7.7.
- [Release notes](https://github.com/sigstore/scaffolding/releases)
- [Changelog](https://github.com/sigstore/scaffolding/blob/main/release.md)
- [Commits](634364a897...fd2699d622)

---
updated-dependencies:
- dependency-name: sigstore/scaffolding
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-26 08:41:04 +00:00
Chip Zoller
b24c17e285
move Chip Zoller to emeritus (#10882)
* move to emeritus

Signed-off-by: chipzoller <chipzoller@gmail.com>

* remove from codeowners

Signed-off-by: chipzoller <chipzoller@gmail.com>

* fix error, remove treydock

Signed-off-by: chipzoller <chipzoller@gmail.com>

---------

Signed-off-by: chipzoller <chipzoller@gmail.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
2024-08-22 20:33:37 +00:00
Khaled Emara
aceb7d5068
feat(gctx): retry logic (#10796)
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
2024-08-21 19:32:58 +00:00
Vishal Choudhary
4287f8cc29
feat: regexp support for sigstore bundle (#10901)
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2024-08-21 15:34:04 +00:00
Vishal Choudhary
39e5808e66
chore: bump notary version to 1.2.0-rc-1 (#10891)
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-08-20 13:34:44 +00:00
Jim Bugwadia
f06399200c
remove wildcard permissions (#10785)
* remove wildcard permissions

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update codegen

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* codegen

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix background controller perms

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* remove secrets perm

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix reports-controller role

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add wildcard check and limit generate policy checks based on `synchronize`

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update manifest

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix permissions

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix wildcard check

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update default QPS and burst for better performance and to prevent test failure

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix test permissions

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix test permissions

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix test permissions

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix test permissions

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix test permissions

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix test permissions

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix test permissions

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix perms

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix perms

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix test permissions

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix test permissions

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix merge issues

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix merge issues

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

---------

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-08-20 11:55:32 +03:00
Vishal Choudhary
0c2a88638b
fix: properly use useCache field in image verification policies (#10709)
* fix: properly use useCache field in image verification policies

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: add test

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: revert client changes

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-08-19 14:26:07 +00:00
dependabot[bot]
4d5d487e1d
chore(deps): bump ubuntu from 2e863c4 to 8a37d68 in /.devcontainer (#10885)
Bumps ubuntu from `2e863c4` to `8a37d68`.

---
updated-dependencies:
- dependency-name: ubuntu
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-19 11:29:41 +00:00
shuting
bd71af3291
feat: support foreach for generate.data (#10875)
* chore: refactor

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* feat: add foreach for generate.daya to api

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: refactor generator

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: linter

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* feat: update rule validation

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* feat: update rule validation -2

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* feat: support foreach.data

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: policy validation

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: context variables

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: add a chainsaw test

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: sync on policy deletion

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: enable new chainsaw tests in CI

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: update code-gen

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: validate targets scope for ns-policies

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: add missing files

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: remove unreasonable test

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: update docs

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: update install.yaml

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2024-08-19 06:55:19 +00:00
Jim Bugwadia
c96f224e8e
reduce recursions for nested var substutution (#10877)
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
2024-08-18 17:40:27 +08:00
Khaled Emara
a5915a310b
chore(log): add caller (#10874)
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
2024-08-16 14:08:55 +00:00
Vishal Choudhary
06ffd1c961
feat: add support for sigstore bundle verification (#10567)
* feat: add support for sigstore bundle verification

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: missed change

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: ci

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: linter

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: another linter

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: add size check in layer

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-08-16 11:36:48 +00:00
Vishal Choudhary
f69ffe12ec
feat: add full regexp support to cosign (#10815)
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2024-08-16 07:03:59 +00:00
Garry O'Donnell
5a60836279
feat: add updateRequestThreshold config option to kyverno helm chart (#10739)
Signed-off-by: Garry O'Donnell <garry.o'donnell@diamond.ac.uk>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-08-15 15:40:57 +00:00
Jim Bugwadia
3c63152f18
update message (#10862)
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
2024-08-15 14:42:29 +00:00
Khaled Emara
40ba712987
fix(log): set zerolog level to logr level (#10867)
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-08-15 13:49:50 +00:00
Jim Bugwadia
2e39e27102
rename package: d4f --> breaker (#10863)
* rename package: d4f --> breaker

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* rename package: d4f --> breaker

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

---------

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
2024-08-15 10:53:20 +00:00
dependabot[bot]
90be7c40fa
chore(deps): bump github/codeql-action from 3.26.1 to 3.26.2 (#10861)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.1 to 3.26.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](29d86d22a3...429e197704)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-15 07:30:34 +00:00
Chip Zoller
787ec22b4a
move Marcel to emeritus (#10857)
Signed-off-by: chipzoller <chipzoller@gmail.com>
2024-08-14 23:58:28 +00:00
Khaled Emara
95bf469fd5
fix(codegen): missing crd version (#10852)
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
2024-08-14 16:52:22 +00:00
shuting
5203809b73
chore: refactor background controller (#10850)
* chore: refactor

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* feat: add foreach for generate.daya to api

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: refactor

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
2024-08-14 14:32:49 +00:00
dependabot[bot]
03d898330f
chore(deps): bump sigs.k8s.io/controller-runtime from 0.18.4 to 0.18.5 (#10833)
Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.18.4 to 0.18.5.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.18.4...v0.18.5)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-14 10:20:48 +00:00
Mohd Kamaal
90d4a961b6
Updated application logic to treat an empty 'group' string as the core API group for GlobalContextEntry (#10572)
* Updated application logic to treat an empty 'group' string as the core API group for GlobalContextEntry

Signed-off-by: Mohdcode <mohdkamaal2019@gmail.com>

* Updated application logic to treat an empty 'group' string as the core API group for GlobalContextEntry

Signed-off-by: Mohdcode <mohdkamaal2019@gmail.com>

* Updated application logic to treat an empty 'group' string as the core API group for GlobalContextEntry

Signed-off-by: Mohdcode <mohdkamaal2019@gmail.com>

* Update global_context_entry_types.go

Signed-off-by: Mohd Kamaal <102820439+Mohdcode@users.noreply.github.com>

---------

Signed-off-by: Mohdcode <mohdkamaal2019@gmail.com>
Signed-off-by: Mohd Kamaal <102820439+Mohdcode@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-08-14 08:43:51 +00:00
dependabot[bot]
9dd646bb56
chore(deps): bump github/codeql-action from 3.26.0 to 3.26.1 (#10839)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.0 to 3.26.1.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](eb055d739a...29d86d22a3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-14 07:50:01 +00:00
treydock
56a8435be3
Move Trey Dockendorf to Maintainer Emeritus (#10835)
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
2024-08-13 21:51:00 +00:00
Pradeep Lakshmi Narasimha
bbed507114
fix: Reconfigured metric kyverno_policy_results_total to kyverno_policy_results in grafana dashboard config #1325 (#10832)
Signed-off-by: Pradeep Lakshmi Narasimha <pradeep.vaishnav4@gmail.com>
2024-08-13 18:40:03 +00:00
shuting
481798c836
refactor: update updaterequest to be created for each policy (#10793)
* chore: remove v1beta1 updaterequest definitions

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* feat: update UR to map a policy instead a rule; adapt UR mapping changes for admission review

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* feat: update code-gen

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: linter

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: remove unused function

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: add missing files

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: add missing files

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: update ur in policy controller

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* feat: update crds

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* feat: adapt ur changes in the background controller

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: linter

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: more linter

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* feat: modify mapping relationship for deletion events

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* feat: remedy missing target for policy application

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: fetching logic for triggers

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: clean up targets upon policy deletion

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: update crds

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* merge main

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* merge main

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: adds delay before assertion

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: update docs

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: wrong yaml format

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* feat: update error handling logic

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix(attempt): enable more debug info

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix(attempt): enable debug log

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix(attempt): enable debug log

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix(attempt): enable debug log

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: makefile to update ur crds

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: generate existing

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: skip empty ur generation

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: update install.yaml

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
2024-08-13 17:14:06 +00:00
Khaled Emara
de37a045be
feat(logger): replace zap with zerlog for perf (#10790)
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-08-13 15:12:21 +00:00
Khaled Emara
e0ff371ccc
test(gctx): cli variable injection (#10809)
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-08-13 13:15:53 +00:00
Mariam Fahmy
25b7142ee0
feat: generate VAPs from exceptions (#10771)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-08-13 11:55:22 +00:00
Mariam Fahmy
3a69702b49
fix: check permissions for validate.cel subrules only (#10829)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
2024-08-13 12:25:29 +03:00
Khaled Emara
b8a69a7eac
feat(audit): enable audit logs for kind (#10822)
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
2024-08-12 15:57:16 +00:00
Khaled Emara
bbb1d6103c
feat(mutate): don't eagerly process img-ver (#10703)
* feat(mutate): don't eagerly process img-ver

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* test(mutate): add mutate with img-ver test

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

---------

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-08-12 14:59:27 +00:00
Khaled Emara
65a43d2059
feat(mutate): minimize unmarshals (#10702)
* feat(mutate): minimize unmarshals

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* test(mutate): test type assertion

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* chore(codegen): remove unused import

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

---------

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
2024-08-09 11:12:20 +00:00
dependabot[bot]
6e73e8514b
chore(deps): bump sigstore/cosign-installer from 3.5.0 to 3.6.0 (#10813)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.5.0 to 3.6.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](59acb6260d...4959ce089c)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-09 17:12:12 +08:00
Mariam Fahmy
f35b449435
feat: add tests checking policy creation (#10816)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-08-08 14:18:17 +00:00
Mariam Fahmy
60a8384fd4
feat: add tests for different values of generateExisting (#10807)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-08-08 12:11:20 +00:00
dependabot[bot]
ef05ab7b29
chore(deps): bump github.com/google/go-containerregistry (#10810)
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) from 0.20.1 to 0.20.2.
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](https://github.com/google/go-containerregistry/compare/v0.20.1...v0.20.2)

---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-08-08 11:08:39 +00:00
dependabot[bot]
6447a3e9f9
chore(deps): bump fossas/fossa-action from 1.3.3 to 1.4.0 (#10800)
Bumps [fossas/fossa-action](https://github.com/fossas/fossa-action) from 1.3.3 to 1.4.0.
- [Release notes](https://github.com/fossas/fossa-action/releases)
- [Commits](47ef11b1e1...09bcf127dc)

---
updated-dependencies:
- dependency-name: fossas/fossa-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-08-08 06:46:35 +00:00
Mariam Fahmy
c7122edfa8
feat: add tests for different values of mutateExistingOnPolicyUpdate (#10797)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-08-07 15:06:01 +00:00