kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2024-12-15 17:51:20 +00:00

Author	SHA1	Message	Date
Mariam Fahmy	4d1f040e49	fix: add the resource name to the SubjectAccessReview (#10221 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2024-08-07 12:46:44 +00:00
Mariam Fahmy	b495c6d112	feat: support authorizer variable in CEL expressions (#8024 ) * feat: support authorizer variable in CEL expressions Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * feat: add the auth reason Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * feat: add kuttl tests Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix lint issue Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix kuttl test Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix: add helpers Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-09-05 10:16:50 +00:00
shuting	955570b0c5	fix: auth checks with the APIVersion and the subresource (#7628 ) * fix auth checks with apiVersion and subresource Signed-off-by: ShutingZhao <shuting@nirmata.com> * add kuttl tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove duplicate code Signed-off-by: ShutingZhao <shuting@nirmata.com> * update permissions Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-06-22 14:14:06 +00:00
Charles-Edouard Brétéché	7a838de4f1	feat: add auth checker interface (#7323 ) * feat: add auth checker interface Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-05-30 18:01:44 +08:00
shuting	e14fe847bc	feat: new access checks for background policies (#6970 ) * switch to use sar for access checks Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * update helm config Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix username Signed-off-by: ShutingZhao <shuting@nirmata.com> * update msg Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix sa name Signed-off-by: ShutingZhao <shuting@nirmata.com> * update install.yaml Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-04-24 10:31:42 +00:00
Charles-Edouard Brétéché	aadaec09e1	fix: remove a couple DeepEqual and fix deletion check bug (#6640 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-03-22 04:46:35 +00:00
Charles-Edouard Brétéché	c491c24039	fix: lookup GVR from GVK (#6517 ) * fix: lookup GVR from GVK Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * typo Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-03-10 15:15:48 +08:00
Charles-Edouard Brétéché	3cce75ae0f	refactor: auth package and add full unit test coverage (#5749 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2022-12-22 13:24:37 +08:00
Charles-Edouard Brétéché	59dd95b888	refactor: use typed client in auth (#5743 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2022-12-21 17:12:26 +00:00
Charles-Edouard Brétéché	c3be9e36a5	feat: propagate context to dynamic client (#5495 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-11-29 13:59:40 +00:00
yinka	688b4fb8e3	add package logger in files (#4766 ) * add package logger in files Signed-off-by: damilola olayinka <holayinkajr@gmail.com> * add package logger to initContainer and other files Signed-off-by: damilola olayinka <holayinkajr@gmail.com> * helm docs Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * helm default values Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * release notes Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: damilola olayinka <holayinkajr@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-10-02 19:45:03 +00:00
Charles-Edouard Brétéché	2c86416900	refactor: add auth interface and unit tests (#4518 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-07 06:54:34 +00:00
shuting	3bf3dcc1af	Add the metric "kyverno_client_queries_total" (#4359 ) * Add metric "kyverno_kube_client_queries_total" Signed-off-by: ShutingZhao <shuting@nirmata.com> * publish metric for missing queries Signed-off-by: ShutingZhao <shuting@nirmata.com> * Refactor the way Kyverno registers QPS metric Signed-off-by: ShutingZhao <shuting@nirmata.com> * Move clientsets to a dedicated folder Signed-off-by: ShutingZhao <shuting@nirmata.com> * Wrap Kyverno client and policyreport client to register client query metric Signed-off-by: ShutingZhao <shuting@nirmata.com> * address linter comments Signed-off-by: ShutingZhao <shuting@nirmata.com> * address linter comments Signed-off-by: ShutingZhao <shuting@nirmata.com> * Switch to use wrapper clients Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-08-31 11:33:47 +05:30
Charles-Edouard Brétéché	5243763674	chore: make dclient import aliases consistent (#3951 ) * chore: make kyverno api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: make apimachinery api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: make dclient api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-17 14:40:51 +00:00
Charles-Edouard Brétéché	0099ef54ad	chore: enable gofmt and gofumpt linters (#3931 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-17 06:19:03 +00:00
Charles-Edouard Brétéché	c79223393b	refactor: dclient package (#3775 ) * refactor: replace clientset by inteface Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: dclient package Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-03 13:30:04 +08:00
Charles-Edouard Brétéché	8b36441cd1	refactor: auth package logger (#3696 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-04-27 13:34:08 +00:00
shuting	630a9cc94c	Fix Kyverno crash when CRD is not installed (#1353 ) * ignore Kyverno CRDs existence check when server is not available * clean up cluster / reportChangeRequest * resolve PR comments	2020-12-03 19:19:36 -08:00
Shuting Zhao	cdc5190c56	update nirmata/kyverno to kyverno/kyverno	2020-10-07 11:12:31 -07:00
NoSkillGirl	b61412ca7a	minor validation changes	2020-08-31 18:18:10 +05:30
Mohan B E	a14828246d	Feature/api version 852 (#1028 ) * apiVersion support for generate * added apiVersion to crds	2020-08-07 09:47:33 +05:30
shivkumar dudhani	36eca5e886	CI fixes	2020-03-17 18:34:44 -07:00
shivkumar dudhani	1b1ab78f77	logs & access	2020-03-17 11:05:20 -07:00
shivkumar dudhani	b1063a95e1	refactor & validate operations for generate rules in PolicyValidation	2020-03-11 18:14:23 -07:00

24 commits