kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00

Author	SHA1	Message	Date
Jim Bugwadia	13caaed8b7	Feature/cosign (#2078 ) * add image verification * inline policy list Signed-off-by: Jim Bugwadia <jim@nirmata.com> * cosign version and dependencies updates Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add registry initialization Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add build tag to exclude k8schain for cloud providers Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add build tag to exclude k8schain for cloud providers Signed-off-by: Jim Bugwadia <jim@nirmata.com> * generate deep copy and other fixtures Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix deep copy issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> * mutate images to add digest Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add certificates to Kyverno container for HTTPS lookups Signed-off-by: Jim Bugwadia <jim@nirmata.com> * align flag syntax Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update docs Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update dependencies Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update dependencies Signed-off-by: Jim Bugwadia <jim@nirmata.com> * patch image with digest and fix checks Signed-off-by: Jim Bugwadia <jim@nirmata.com> * hardcode image for demos Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add default registry (docker.io) before calling reference.Parse Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix definition Signed-off-by: Jim Bugwadia <jim@nirmata.com> * increase webhook timeout Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix args Signed-off-by: Jim Bugwadia <jim@nirmata.com> * run gofmt Signed-off-by: Jim Bugwadia <jim@nirmata.com> * rename for clarity Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix HasImageVerify check Signed-off-by: Jim Bugwadia <jim@nirmata.com> * align make test commands Signed-off-by: Jim Bugwadia <jim@nirmata.com> * align make test commands Signed-off-by: Jim Bugwadia <jim@nirmata.com> * align make test commands Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix linter error Signed-off-by: Jim Bugwadia <jim@nirmata.com> * format Signed-off-by: Jim Bugwadia <jim@nirmata.com> * handle API conflict and retry Signed-off-by: Jim Bugwadia <jim@nirmata.com> * format Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix reviewdog issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix make for unit tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * improve error message Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix durations Signed-off-by: Jim Bugwadia <jim@nirmata.com> * handle errors in tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * print policy name Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add retries and duration to error log Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix time check in tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * round creation times in test Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix retry loop Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove timing check for policy creation Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix e2e error - policy not found Signed-off-by: Shuting Zhao <shutting06@gmail.com> * update string comparison method Signed-off-by: Shuting Zhao <shutting06@gmail.com> * fix test Generate_Namespace_Label_Actions Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add debug info for e2e tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix error Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix generate bug Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix format Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add check for update operations Signed-off-by: Jim Bugwadia <jim@nirmata.com> * increase time for deleteing a resource Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix check Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Shuting Zhao <shutting06@gmail.com>	2021-07-09 18:01:46 -07:00
Valentin Velkov	63f4c9a884	Configurable success events on policies & resources. Generating failure events on policies by default. (#1939 ) * Remove unused event.Reason const Signed-off-by: Velkov <valentin.velkov@sap.com> * Generate failure events on policies Signed-off-by: Velkov <valentin.velkov@sap.com> * Generate success events on policy Signed-off-by: Velkov <valentin.velkov@sap.com> * Introduce 'generateSuccessEvents' flag Signed-off-by: Velkov <valentin.velkov@sap.com> * Unit tests & chart fix Signed-off-by: Velkov <valentin.velkov@sap.com>	2021-06-29 14:43:11 -07:00
Yashvardhan Kukreja	43a138a12b	feat: added kyverno_policy_rule_results_info metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>	2021-05-24 08:05:14 +05:30
shuting	3c5f9f8888	1398 - Reduce RCR throttling requests (#1406 ) * reduce RCR throttling requests by merging policy application (policy - namespace) results into single RCR * - refactor policy controller; - fix RCR issue * - refactor RCR controller; - fix cpolr on ns update; - reduce throttling when getting resources; - fix tests * update CRD schema * fix typo	2020-12-21 11:04:19 -08:00
Mohan B E	51ac382c6c	Feature/configmaps var 724 (#1118 ) * added configmap data substitution for foreground mutate and validate * added configmap data substitution for foreground mutate and validate fmt * added configmap lookup for background * added comments to resource cache * added configmap data lookup in preConditions * added parse strings in In operator and configmap lookup docs * added configmap lookup docs * modified configmap lookup docs	2020-09-22 14:11:49 -07:00
Yuvraj	b7524467a3	Reconcile Generate request on policy update (#1096 ) * policy report crd added * added namespaced rule * remove extra field from crd * revert crd change * remove policy report chnages * remove policy report chnages * remove policy report chnages * remove policy report chnages * added logic for gr * revert changes * fixed generate rules * fixed generate rules * fixed generate rules * fixed generate rules * remove extra logs * remove extra logs * fixed e2e test * remove extra logs * crd issue resolved * added check for sync * add labels update * add label update * added permission to role * roles added to helm * roles added to helm	2020-09-03 14:34:23 -07:00
shuting	39de46fe39	983 kustomize support (#1026 ) * prototype - strategic merge patch * add end to end test * add engine strategic merge patch support * set webhook reinvocationPolicy to IfNeeded * refactor engine mutate code * support JMESPath in strategic merge patch * implement patchesJson6902 * update doc * resolve pr comments	2020-08-05 09:11:23 -07:00
Yuvraj	4535f43283	Added Synchronize flag in Generate Request (#980 ) * fix Synchronize flag issue	2020-07-14 02:12:11 +05:30
shuting	87fa77fbcc	965 add validate audit handler (#967 ) * store policy names cache to reduce lookup time * add validate audit handler * fix #958, remove auto-gen annotation on Pod * formatting code * update processTime to readable format * #586, add back unit test * update logging info * remove unused interface * handle generate policy in a single thread in weboook * resolve pr comments	2020-07-09 11:48:34 -07:00
Jim Bugwadia	65193feccb	update logging, naming, and event retry (#959 ) * update logging and naming * check per policy patch count	2020-06-30 11:53:27 -07:00
shivkumar dudhani	a5ce084da4	CR comments	2020-02-18 18:25:41 -08:00
Shivkumar Dudhani	8c1d79ab28	linter suggestions (#655 ) * cleanup phase 1 * linter fixes phase 2	2020-01-24 12:05:53 -08:00
Shuting Zhao	f78ca61859	generate violation in mutation when substitute path not present	2020-01-09 12:24:37 -08:00
Shivkumar Dudhani	5b8ab3842b	Support variable substitution (#549 ) * initial commit * variable substitution * update tests * update test * refactor engine packages for validate & generate * update vendor * update toml * support variable substitution in overlay mutation * missing update * fix indentation in logs * store context values as single JSON document using merge patches. * remove duplicate functions * fix message string * Handle processing of policies in background (#569) * remove condition check while generating mutation patch as conditions are verified in the first iteration * initial commit * background policy validation * correct message * skip non-background policy process for add/update * fix order to correct policy registration * update comment Co-authored-by: shuting <shutting06@gmail.com> * refactor Co-authored-by: shuting <shutting06@gmail.com>	2019-12-30 17:08:50 -08:00

14 commits