Jim Bugwadia
|
89d8c3fb41
|
Merge branch 'master' into 452_make_sample_policy_rule_names_consistent
|
2019-11-12 23:18:14 -08:00 |
|
Jim Bugwadia
|
38f6eb1cff
|
Merge branch '452_make_sample_policy_rule_names_consistent' of https://github.com/nirmata/kyverno into 452_make_sample_policy_rule_names_consistent
|
2019-11-12 23:18:08 -08:00 |
|
Jim Bugwadia
|
9d63cfc192
|
Merge branch 'master' into 452_make_sample_policy_rule_names_consistent
|
2019-11-12 23:16:01 -08:00 |
|
Jim Bugwadia
|
4ebc5624d1
|
Merge pull request #470 from nirmata/JimBugwadia-fix-case
Update RequireReadOnlyFS.md
|
2019-11-12 23:12:51 -08:00 |
|
Jim Bugwadia
|
f1fafb184b
|
fix sp
|
2019-11-12 17:41:29 -08:00 |
|
Jim Bugwadia
|
e7536fbf44
|
fix sp
|
2019-11-12 17:40:54 -08:00 |
|
Jim Bugwadia
|
50952fbf48
|
fix case
|
2019-11-12 17:39:12 -08:00 |
|
Jim Bugwadia
|
7131711bb4
|
fix typos
|
2019-11-12 17:34:21 -08:00 |
|
Jim Bugwadia
|
424199041c
|
Update DisallowBindMounts.md
|
2019-11-12 17:33:25 -08:00 |
|
Jim Bugwadia
|
48cd71a576
|
fix add_ns_quota policy
|
2019-11-12 16:37:40 -08:00 |
|
Jim Bugwadia
|
f0841e35b1
|
Merge pull request #467 from nirmata/453_update_docs
update main page and mutation docs
|
2019-11-12 16:23:04 -08:00 |
|
Jim Bugwadia
|
d86bc095e7
|
Update RequireReadOnlyFS.md
fix case
|
2019-11-12 16:19:16 -08:00 |
|
Jim Bugwadia
|
1ff9a8dd5a
|
update main page and mutation docs
|
2019-11-11 19:59:40 -08:00 |
|
Jim Bugwadia
|
8348c5761c
|
fix tests
|
2019-11-11 18:51:21 -08:00 |
|
Jim Bugwadia
|
31d33c5de1
|
update categories and links
|
2019-11-11 18:21:16 -08:00 |
|
Jim Bugwadia
|
8ac71a885c
|
update sections
|
2019-11-11 18:10:34 -08:00 |
|
Jim Bugwadia
|
87be5ca4b8
|
update policies and test cases
|
2019-11-11 17:55:54 -08:00 |
|
Jim Bugwadia
|
3ffb0cfa39
|
add disallow_sysctl and move policies
|
2019-11-11 17:17:09 -08:00 |
|
Jim Bugwadia
|
05503e4fd1
|
update other policies
|
2019-11-11 14:09:07 -08:00 |
|
Jim Bugwadia
|
dd4d091c23
|
update restrict_automount_sa_token
|
2019-11-10 21:57:20 -08:00 |
|
Jim Bugwadia
|
5b2fd96131
|
update LimitNodePort
|
2019-11-10 21:34:22 -08:00 |
|
Jim Bugwadia
|
5e8b6c4183
|
update add_networkPolicy
|
2019-11-10 21:27:50 -08:00 |
|
Jim Bugwadia
|
244909ebb3
|
update require_probes
|
2019-11-10 21:18:17 -08:00 |
|
Jim Bugwadia
|
c1be682a93
|
update require_pod_requests_limits
|
2019-11-10 21:06:49 -08:00 |
|
Jim Bugwadia
|
f668113904
|
update add_ns_quota
|
2019-11-10 20:58:57 -08:00 |
|
Jim Bugwadia
|
1c5db668e0
|
Merge pull request #462 from nirmata/451_fix_disallow_host_net_port
fix disallow_host_network_hostport policy
|
2019-11-10 20:20:34 -08:00 |
|
Jim Bugwadia
|
a6d5fb6e30
|
update restrict_image_registries
|
2019-11-10 18:13:01 -08:00 |
|
Jim Bugwadia
|
f31abbffab
|
update disallow_latest_tag
|
2019-11-10 17:54:38 -08:00 |
|
Jim Bugwadia
|
7f54e8e2e3
|
Merge branch '451_fix_disallow_host_net_port' into 452_make_sample_policy_rule_names_consistent
# Conflicts:
# samples/best_practices/disallow_host_network_hostport.yaml
# test/scenarios/samples/best_practices/disallow_host_network_port.yaml
|
2019-11-10 17:35:43 -08:00 |
|
Jim Bugwadia
|
0fa95d71d0
|
use negation anchor
|
2019-11-10 16:12:47 -08:00 |
|
Jim Bugwadia
|
20736e5e81
|
update disallow_default_namespace and disallow_host_network_port and disallow_host_pid_ipc
|
2019-11-10 15:50:18 -08:00 |
|
Jim Bugwadia
|
170e2a5179
|
update disallow_docker_sock_mount and disallow_host_network_port
|
2019-11-10 12:53:48 -08:00 |
|
Jim Bugwadia
|
fd1a26db29
|
update DisallowBindMounts
|
2019-11-09 16:33:19 -08:00 |
|
Jim Bugwadia
|
fae8ac0325
|
update RequireReadOnlyRootFS
|
2019-11-09 16:18:33 -08:00 |
|
Jim Bugwadia
|
121b81a83b
|
update disallow new capabilities
|
2019-11-09 16:07:16 -08:00 |
|
Shivkumar Dudhani
|
1613434c46
|
458 cleanup (#464)
* cleanup of policy violation on policy spec changes + refactoring
* remove unused code
* remove duplicate types
* cleanup references
* fix info log and clean code
* code clean
* remove dead code
|
2019-11-08 20:45:26 -08:00 |
|
Jim Bugwadia
|
4e848b48a2
|
add category and description
|
2019-11-08 20:08:23 -08:00 |
|
Jim Bugwadia
|
cba79c69a2
|
update disallow_priviledged
|
2019-11-08 20:04:42 -08:00 |
|
Jim Bugwadia
|
5ce8fd7a9a
|
update disallow_root_user
|
2019-11-08 19:25:43 -08:00 |
|
Jim Bugwadia
|
6baa678e27
|
rename add_safe_to_evict
|
2019-11-08 19:02:49 -08:00 |
|
Jim Bugwadia
|
a0d3f728da
|
fix disallow_host_network_hostport policy
|
2019-11-08 18:26:58 -08:00 |
|
Shivkumar Dudhani
|
687c0c6470
|
Merge pull request #418 from nirmata/391_feature
Check if mutating webhook admission control is enabled
|
2019-11-08 12:55:28 -08:00 |
|
Jim Bugwadia
|
913803a285
|
Merge pull request #459 from nirmata/450_fix_host_pid_ipc_policy
fix policy
|
2019-11-08 10:25:26 -08:00 |
|
Jim Bugwadia
|
ab2e671df5
|
update test scenario and change rule to audit mode
|
2019-11-07 19:28:48 -08:00 |
|
Jim Bugwadia
|
a06313b11c
|
update policy YAML
|
2019-11-07 19:20:51 -08:00 |
|
Jim Bugwadia
|
4aac8f43a9
|
fix test
|
2019-11-07 19:19:33 -08:00 |
|
Jim Bugwadia
|
43e76e1237
|
fix policy
|
2019-11-07 19:03:09 -08:00 |
|
shuting
|
fa7d4a8868
|
Merge pull request #441 from nirmata/432_Improve_validation_messages
432 improve validation messages
|
2019-11-07 12:43:47 -08:00 |
|
Shuting Zhao
|
0c59894690
|
Merge branch '432_Improve_validation_messages' of https://github.com/nirmata/kyverno into 432_Improve_validation_messages
# Conflicts:
# pkg/engine/validation.go
# pkg/engine/validation_test.go
# test/scenarios/other/scenario_validate_disallow_default_serviceaccount.yaml
# test/scenarios/other/scenario_validate_selinux_context.yaml
# test/scenarios/samples/best_practices/scenario_valiadate_require_image_tag_not_latest_deny.yaml
# test/scenarios/samples/best_practices/scenario_validate_disallow_default_namespace.yaml
# test/scenarios/samples/best_practices/scenario_validate_disallow_docker_sock_mount.yaml
# test/scenarios/samples/best_practices/scenario_validate_disallow_helm_tiller.yaml
# test/scenarios/samples/best_practices/scenario_validate_disallow_host_filesystem.yaml
# test/scenarios/samples/best_practices/scenario_validate_disallow_host_network_hostport.yaml
# test/scenarios/samples/best_practices/scenario_validate_disallow_hostpid_hostipc.yaml
# test/scenarios/samples/best_practices/scenario_validate_disallow_new_capabilities.yaml
# test/scenarios/samples/best_practices/scenario_validate_disallow_node_port.yaml
# test/scenarios/samples/best_practices/scenario_validate_disallow_priviledged_privelegesecalation.yaml
# test/scenarios/samples/best_practices/scenario_validate_probes.yaml
# test/scenarios/samples/best_practices/scenario_validate_require_pod_requests_limits.yaml
# test/scenarios/samples/best_practices/scenario_validate_require_readonly_rootfilesystem.yaml
# test/scenarios/samples/more/scenario_validate_container_capabilities.yaml
# test/scenarios/samples/more/scenario_validate_sysctl_configs.yaml
|
2019-11-07 12:34:38 -08:00 |
|
Shuting Zhao
|
ec331b8d17
|
remove resource info in the validation error
|
2019-11-07 12:30:58 -08:00 |
|