mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00
Code Activity
3452 commits 16 branches 550 tags 288 MiB
Commit graph

7 commits

Author SHA1 Message Date
shuting
104cd310e8
Cleanup Report Change Requests (#2134) 
* clean up RCRs if retry fails

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* cleanup report change request when background scan starts

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* add verb deletecollection to ClusterRole kyverno:customresources

Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-07-14 09:57:16 -07:00
shuting
fd9acf21a7
Auto-recover policy report (#1730) 
* auto-recover policy report

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* add flag background-scan to tune this interval

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* cleanup webhook configurations when Kyverno deployment is deleted

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* reconcile policy reports if Kyverno Configmap changes

Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-03-25 12:28:03 -07:00
shuting
6fc349716c
Switch to use annotations to store resource info in cluster/reportChangeRequest (#1625) 
* skip sending API request for filtered resource

* fix PR comment

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* fixes https://github.com/kyverno/kyverno/issues/1490

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* fix bug - namespace is not returned properly

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* reduce throttling - list resource using lister

* refactor resource cache

* fix test

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* fix label selector

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* fix build failure

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* fixes #1480

* store resource name and kind in (c)rcr's annotation
 2021-02-19 09:09:41 -08:00
shuting
8dcfa185b1
Remove duplicate results' entries from policy report (#1559) 
* remove duplicate results' entries from policy report

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* improve error reporting when removing duplicate result entries

Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-02-08 14:42:17 -08:00
shuting
3c5f9f8888
1398 - Reduce RCR throttling requests (#1406) 
* reduce RCR throttling requests by merging policy application (policy - namespace) results into single RCR

* - refactor policy controller; - fix RCR issue

* - refactor RCR controller; - fix cpolr on ns update; - reduce throttling when getting resources; - fix tests

* update CRD schema

* fix typo
 2020-12-21 11:04:19 -08:00
Shuting Zhao
2d8092d97c fixes https://github.com/kyverno/kyverno/issues/1238 2020-11-18 14:31:43 -08:00
shuting
5e07ecc5f3
Add Policy Report (#1229) 
* add report in cli

* policy report crd added

* policy report added

* configmap added

* added jobs

* added jobs

* bug fixed

* added logic for cli

* common function added

* sub command added for policy report

* subcommand added for report

* common package changed

* configmap added

* added logic for kyverno cli

* added logic for jobs

* added logic for jobs

* added logic for jobs

* added logic for cli

* buf fix

* cli changes

* count bug fix

* docs added for command

* go fmt

* refactor codebase

* remove policy controller for policyreport

* policy report removed

* bug fixes

* bug fixes

* added job trigger if needed

* job deletation logic added

* build failed fix

* fixed e2e test

* remove hard coded variables

* packages adde

* improvment added in jobs sheduler

* policy report yaml added

* cronjob added

* small fixes

* remove background sync

* documentation added for report command

* remove extra log

* small improvement

* tested policy report

* revert hardcoded changes

* changes for demo

* demo changes

* resource aggrigation added

* More changes

* More changes

* - resolve PR comments; - refactor jobs controller

* set rbac for jobs

* add clean up in job controller

* add short names

* remove application scope for policyreport

* move job controller to policyreport

* add report logic in command apply

* - update policy report types;  - upgrade k8s library; - update code gen

* temporarily comment out code to pass CI build

* generate / update policyreport to cluster

* add unit test for CLI report

* add test for apply - generate policy report

* fix unit test

* - remove job controller; - remove in-memory configmap; - clean up kustomize manifest

* remove dependency

* add reportRequest / clusterReportRequest

* clean up policy report

* generate report request

* update crd clusterReportRequest

* - update json tag of report summary; - update definition manifests; -  fix dclient creation

* aggregate reportRequest into policy report

* fix unit tests

* - update report summary to optional; - generate clusterPolicyReport; - remove reportRequests after merged to report

* remove

* generate reportRequest in kyverno namespace

* update resource filter in helm chart

* - rename reportRequest to reportChangeRequest; -rename clusterReportRequest to clusterReportChangeRequest

* generate policy report in background scan

* skip generating report change request if there's entry results

* fix results entry removal when policy / rule gets deleted

* rename apiversion from policy.kubernetes.io to policy.k8s.io

* update summary.* to lower case

* move reportChangeRequest to kyverno.io/v1alpha1

* remove policy report flag

* fix report update

* clean up policy violation CRD

* remove violation CRD from manifest

* clean up policy violation code - remove pvGenerator

* change severity fields to lower case

* update import library

* set report category

Co-authored-by: Yuvraj <yuvraj.yad001@gmail.com>
Co-authored-by: Yuvraj <10830562+evalsocket@users.noreply.github.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
 2020-11-09 11:26:12 -08:00