1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00
Commit graph

7246 commits

Author SHA1 Message Date
shuting
8929bd72a1
chore: update perf docs for 1.12 (#10116)
* fix: update kwok installation

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* feat: create deployment

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* feat: create pod

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: update commands

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: update readme

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
2024-04-29 13:09:44 +03:00
dependabot[bot]
ac4eeaaf8b
chore(deps): bump sigs.k8s.io/kustomize/api from 0.16.0 to 0.17.1 (#10127)
Bumps [sigs.k8s.io/kustomize/api](https://github.com/kubernetes-sigs/kustomize) from 0.16.0 to 0.17.1.
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases)
- [Commits](https://github.com/kubernetes-sigs/kustomize/compare/api/v0.16.0...api/v0.17.1)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/kustomize/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-29 17:13:54 +08:00
dependabot[bot]
e4b14faf60
chore(deps): bump github.com/docker/docker (#9926)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 25.0.1+incompatible to 25.0.5+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v25.0.1...v25.0.5)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-27 09:09:00 +00:00
dependabot[bot]
c444fb73d8
chore(deps): bump ubuntu from 22.04 to 24.04 in /.devcontainer (#10118)
Bumps ubuntu from 22.04 to 24.04.

---
updated-dependencies:
- dependency-name: ubuntu
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-26 11:14:14 +00:00
dependabot[bot]
9fbdc927ce
chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc (#10119)
Bumps [go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc](https://github.com/open-telemetry/opentelemetry-go) from 1.25.0 to 1.26.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.25.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-26 10:32:39 +00:00
dependabot[bot]
23cfc62ffb
chore(deps): bump go.opentelemetry.io/otel/sdk/metric (#10111)
Bumps [go.opentelemetry.io/otel/sdk/metric](https://github.com/open-telemetry/opentelemetry-go) from 1.25.0 to 1.26.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.25.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/sdk/metric
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-26 09:45:12 +00:00
dependabot[bot]
f70719f166
chore(deps): bump actions/checkout from 4.1.3 to 4.1.4 (#10108)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.3 to 4.1.4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](1d96c772d1...0ad4b8fada)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-26 09:16:42 +00:00
dependabot[bot]
fd3520031c
chore(deps): bump golangci/golangci-lint-action from 4.0.0 to 5.0.0 (#10109)
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 4.0.0 to 5.0.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](3cfe3a4abb...82d40c283a)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-25 14:32:23 +00:00
dependabot[bot]
2da5049775
chore(deps): bump slsa-framework/slsa-github-generator (#10098)
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) from 1.10.0 to 2.0.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.10.0...v2.0.0)

---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-04-25 10:45:13 +00:00
dependabot[bot]
8f39fe513b
chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc (#10114)
Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc](https://github.com/open-telemetry/opentelemetry-go) from 1.25.0 to 1.26.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.25.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-25 16:01:38 +08:00
dependabot[bot]
b55baf50d8
chore(deps): bump helm/kind-action from 1.9.0 to 1.10.0 (#10097)
Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/helm/kind-action/releases)
- [Commits](99576bfa6d...0025e74a8c)

---
updated-dependencies:
- dependency-name: helm/kind-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-24 16:29:27 +00:00
Franco Hielpos
87b8fa98b5
feat: update flowcontrol API version to v1 (#10061)
Signed-off-by: Franco Hielpos <franco@giantswarm.io>
2024-04-24 15:59:14 +00:00
dependabot[bot]
a84db8ba84
chore(deps): bump sigs.k8s.io/controller-runtime from 0.17.2 to 0.17.3 (#10104)
Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.17.2 to 0.17.3.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.17.2...v0.17.3)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-24 13:23:57 +00:00
dependabot[bot]
24ac4f4d30
chore(deps): bump sigs.k8s.io/release-utils from 0.7.7 to 0.8.1 (#10106)
Bumps [sigs.k8s.io/release-utils](https://github.com/kubernetes-sigs/release-utils) from 0.7.7 to 0.8.1.
- [Release notes](https://github.com/kubernetes-sigs/release-utils/releases)
- [Commits](https://github.com/kubernetes-sigs/release-utils/compare/v0.7.7...v0.8.1)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/release-utils
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-24 18:01:41 +08:00
shuting
0257f060bf
chore(deps): bump k8s.io/apimachinery from 0.29.4 to 0.30.0 (#10087)
* chore: bump apimachinary 0.30.0

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: update crds

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
2024-04-24 11:37:59 +05:30
dependabot[bot]
0c4ea11d8e
chore(deps): bump github.com/onsi/gomega from 1.32.0 to 1.33.0 (#10093)
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.32.0 to 1.33.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.32.0...v1.33.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-23 10:27:41 +00:00
dependabot[bot]
4835653522
chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc (#10092)
Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc](https://github.com/open-telemetry/opentelemetry-go) from 1.24.0 to 1.25.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.24.0...v1.25.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-23 06:49:10 +00:00
Jim Bugwadia
ec730bc560
update dev docs (#10089)
* update dev docs

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update dev docs

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

---------

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
2024-04-23 13:47:16 +08:00
dependabot[bot]
d01ff4d29b
chore(deps): bump github.com/fluxcd/pkg/oci from 0.35.0 to 0.36.0 (#10004)
Bumps [github.com/fluxcd/pkg/oci](https://github.com/fluxcd/pkg) from 0.35.0 to 0.36.0.
- [Commits](https://github.com/fluxcd/pkg/compare/oci/v0.35.0...oci/v0.36.0)

---
updated-dependencies:
- dependency-name: github.com/fluxcd/pkg/oci
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-22 17:07:32 +00:00
dependabot[bot]
de8c687899
chore(deps): bump actions/checkout from 4.1.2 to 4.1.3 (#10081)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.2 to 4.1.3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](9bb56186c3...1d96c772d1)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-22 15:03:33 +00:00
Mariam Fahmy
798950f72c
fix: return skip when celPreconditions/matchConditions aren't met (#9940)
* fix: return skip when cel preconditions aren't met

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix test

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: return skip when matchConditions in VAPs aren't met

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-04-22 13:49:25 +00:00
Shubham Singh
dbc12ac2be
[Bug] Enabling many-to-one comparisons for AnyNotIn operator (#9462)
* added cases for int, float

Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com>

* added bool as well

Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com>

* added tests

Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com>

* some more tests

Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com>

* go fmt

Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com>

* fixed the failing test cases

Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com>

---------

Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-04-22 12:12:08 +00:00
dependabot[bot]
022fc4f357
chore(deps): bump sigs.k8s.io/release-utils from 0.7.7 to 0.8.1 (#10071)
Bumps [sigs.k8s.io/release-utils](https://github.com/kubernetes-sigs/release-utils) from 0.7.7 to 0.8.1.
- [Release notes](https://github.com/kubernetes-sigs/release-utils/releases)
- [Commits](https://github.com/kubernetes-sigs/release-utils/compare/v0.7.7...v0.8.1)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/release-utils
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-22 08:52:30 +00:00
NeuroticalT
370abe257e
Fix: metrics exposure inconsistencies and unwanted side-effects (#10016)
* Change: metrics exposure improvement

Signed-off-by: Tamas Eger <tamas.eger@instructure.com>

* Fix: addressing linter errors

Signed-off-by: Tamas Eger <tamas.eger@instructure.com>

* Fix: unit test assert failure

Signed-off-by: Tamas Eger <tamas.eger@instructure.com>

---------

Signed-off-by: Tamas Eger <tamas.eger@instructure.com>
Co-authored-by: Tamas Eger <tamas.eger@instructure.com>
2024-04-22 07:33:04 +00:00
dependabot[bot]
aea0b9934d
chore(deps): bump github.com/onsi/gomega from 1.31.1 to 1.32.0 (#9965)
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.31.1 to 1.32.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.31.1...v1.32.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-04-22 06:44:16 +00:00
Mariam Fahmy
ea64529e63
fix: evaluate namespaceObject for Kyverno policies in the CLI (#9977)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-04-19 10:55:41 +00:00
Mariam Fahmy
e91b80a600
fix: evaluate namespaceObject for VAPs in the CLI (#9978)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-04-19 10:20:03 +00:00
dependabot[bot]
db7a72f950
chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace (#10072)
Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace](https://github.com/open-telemetry/opentelemetry-go) from 1.24.0 to 1.25.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.24.0...v1.25.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-19 17:43:30 +08:00
Mariam Fahmy
815f4bb09d
fix: remove unused parameters (#10007)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-04-18 10:30:35 +00:00
André Bauer
693010563f
[kyverno helm chart] make webhook pod annotations configurable (#9875)
* make webhook pod annotations configurable

Signed-off-by: André Bauer <andre.bauer@staffbase.com>

* run make codegen-helm-all

Signed-off-by: André Bauer <andre.bauer@staffbase.com>

---------

Signed-off-by: André Bauer <andre.bauer@staffbase.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-04-18 09:31:29 +00:00
dependabot[bot]
31905ebee6
chore(deps): bump google.golang.org/grpc from 1.63.0 to 1.63.2 (#10054)
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.63.0 to 1.63.2.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.63.0...v1.63.2)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-18 07:57:46 +00:00
Jim Bugwadia
874f284844
remove broken badges, fix links, add new (#10064)
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
2024-04-18 07:06:52 +00:00
Mariam Fahmy
f98d7d86b3
refactor: add a function to check if VAPs are registered in the API server (#10014)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-04-17 10:01:00 +00:00
Vishal Choudhary
3db5bdfad8
fix: add mutex to mock policy context builder (#10057)
It is possible that two different threads call the build function at the same time causing one append to be lost, this PR adds a mutex to avoid this

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2024-04-17 09:13:19 +00:00
dependabot[bot]
bec5c24660
chore(deps): bump k8s.io/cli-runtime from 0.29.3 to 0.29.4 (#10055)
Bumps [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime) from 0.29.3 to 0.29.4.
- [Commits](https://github.com/kubernetes/cli-runtime/compare/v0.29.3...v0.29.4)

---
updated-dependencies:
- dependency-name: k8s.io/cli-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-17 08:35:36 +00:00
Khaled Emara
fb40aa5f38
feat(audit): use a worker pool for Audit policies (#10048)
* enhancement: split validation logic for enforce and audit policies to return admission response earlier

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: add missing file

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: unit tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: linter issues

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: unit tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: get latest policy object before updating status

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: remove debug code

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: compare before updates

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: initial reconcile

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: updates

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* feat(audit): use a worker pool for Audit policies

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* fix: unit test

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix(attempt): spin up go routine

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* feat: add flags maxAuditWorkers, maxAuditCapacity

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: enable debug log on failure

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: wait group panic

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* load-tests: add stess tests configurations

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* load-tests: disable admissionreports

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: build policy contexts syncronously

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: only run generate and mutate existing go routines when policies are present

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: mutate and verify tests

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: return early if no audit policy

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: run handlegenerate and mutate existing in all cases

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: only test bgapplies in generate test

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: defer wait in tests

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* enhancement: process validate enforce in a go routine

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2024-04-17 15:46:18 +08:00
dependabot[bot]
90d1440d82
chore(deps): bump azure/setup-helm from 4.1.0 to 4.2.0 (#10053)
Bumps [azure/setup-helm](https://github.com/azure/setup-helm) from 4.1.0 to 4.2.0.
- [Release notes](https://github.com/azure/setup-helm/releases)
- [Changelog](https://github.com/Azure/setup-helm/blob/main/CHANGELOG.md)
- [Commits](b7246b12e7...fe7b79cd5e)

---
updated-dependencies:
- dependency-name: azure/setup-helm
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-16 09:54:59 +00:00
dependabot[bot]
8c2e58fe61
chore(deps): bump codecov/codecov-action from 4.2.0 to 4.3.0 (#10030)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](7afa10ed9b...84508663e9)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-16 09:22:43 +00:00
dependabot[bot]
f735943c69
chore(deps): bump sigstore/cosign-installer from 3.4.0 to 3.5.0 (#10040)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](e1523de757...59acb6260d)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-16 08:41:29 +00:00
dependabot[bot]
e8cc9908da
chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc (#10041)
Bumps [go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc](https://github.com/open-telemetry/opentelemetry-go) from 1.24.0 to 1.25.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.24.0...v1.25.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-16 07:43:28 +00:00
dependabot[bot]
1998367a5b
chore(deps): bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp (#10042)
Bumps [go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp](https://github.com/open-telemetry/opentelemetry-go-contrib) from 0.49.0 to 0.50.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.49.0...zpages/v0.50.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-16 07:02:34 +00:00
dependabot[bot]
73492ad87d
chore(deps): bump azure/setup-helm from 3.5 to 4 (#10045)
Bumps [azure/setup-helm](https://github.com/azure/setup-helm) from 3.5 to 4.
- [Release notes](https://github.com/azure/setup-helm/releases)
- [Changelog](https://github.com/Azure/setup-helm/blob/main/CHANGELOG.md)
- [Commits](5119fcb908...b7246b12e7)

---
updated-dependencies:
- dependency-name: azure/setup-helm
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-16 14:24:20 +08:00
shuting
3e7a7ac244
fix: policy status reconciliation (#10032)
* fix: get latest policy object before updating status

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: remove debug code

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
2024-04-12 07:08:15 +00:00
Vishal Choudhary
7c83ca189c
chore: bump cosign to v2.2.4 (#10000)
Cosign v2.2.4 has fixes for two advisories for denial of service vulnerabilities - GHSA-95pr-fxf5-86gv and GHSA-88jx-383q-w4qc. This PR bumps to the latest version.

The upstream version of cosign uses prometheus/common version v0.51.1.
There was a breaking change in v0.48.0 of prometheus/common and k8s.io/component-base@v1.29.3 uses a lower version (v0.44.0) which is not compatible with v0.51.1.

To fix this, I have created a new tag in our folk of cosign v2.2.4-deps-fix. Which takes the latest cosign v.2.2.4 and adds a commit to downgrade prometheus common to v0.47.0. Here is the commit history: kyverno/cosign@v2.2.4-deps-fix (commits)

We have to use this folk until k8s.io/component-base releases a new version with the bump to a newer version of prometheus/common.
2024-04-11 04:46:23 +00:00
dependabot[bot]
91dcbc9fe3
chore(deps): bump go.opentelemetry.io/otel/sdk from 1.24.0 to 1.25.0 (#10028)
Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) from 1.24.0 to 1.25.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.24.0...v1.25.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-10 08:12:12 +00:00
Mariam Fahmy
39da5bd927
fix: re-use the maxQueuedEvents (#10024)
* fix: re-use the maxQueuedEvents

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: use the apierrors.IsNotFound instead of checking a specfic error msg

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-04-10 15:41:22 +08:00
dependabot[bot]
87dffbe5be
chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/azure (#10011)
Bumps [github.com/sigstore/sigstore/pkg/signature/kms/azure](https://github.com/sigstore/sigstore) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](https://github.com/sigstore/sigstore/compare/v1.8.2...v1.8.3)

---
updated-dependencies:
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/azure
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-09 19:31:25 +08:00
dependabot[bot]
2503e000f3
chore(deps): bump zgosalvez/github-actions-ensure-sha-pinned-actions (#10019)
Bumps [zgosalvez/github-actions-ensure-sha-pinned-actions](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions) from 3.0.3 to 3.0.4.
- [Release notes](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/releases)
- [Commits](ba37328d4e...19ebcb0bab)

---
updated-dependencies:
- dependency-name: zgosalvez/github-actions-ensure-sha-pinned-actions
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-09 15:41:47 +08:00
dependabot[bot]
f63392b866
chore(deps): bump codecov/codecov-action from 4.1.1 to 4.2.0 (#9995)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.1.1 to 4.2.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](c16abc29c9...7afa10ed9b)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-08 11:10:16 +00:00
shuting
6416d8600e
chore: bump to go 1.22.2 (#10001)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2024-04-08 09:30:05 +00:00