mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00
Code Activity
4520 commits 16 branches 550 tags 288 MiB
Commit graph

4520 commits

This branch
This branch
All branches
Author SHA1 Message Date
Charles-Edouard Brétéché
18af55ed49
refactor: wait for cache sync (#3765) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-05-03 01:41:39 +08:00
Sambhav Kothari
05c5f1b340
Allow kyverno jp to take yaml files as inputs (#3768) 2022-05-02 17:03:45 +00:00
Sambhav Kothari
0a5f004047
Allow non-object type elements for foreach rules (#3763) 
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
 2022-05-02 16:39:37 +00:00
Charles-Edouard Brétéché
80abda568e
fix: logger call depth (#3759) 
Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>
 2022-05-02 15:49:39 +00:00
Sambhav Kothari
e1ee6e8cbd
Reduce log verbosity for image extractors (#3764) 2022-05-02 15:04:19 +00:00
Charles-Edouard Brétéché
45e3bf452a
chore: remove unused resourcecache package (#3762) 2022-05-02 15:15:44 +01:00
Charles-Edouard Brétéché
972be16ad3
refactor: remove unstructured usage from webhookconfig (#3737) 
* refactor: use typed informers and add tombstone support to webhookconfig

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* refactor: remove unstructured usage from webhookconfig

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-05-02 18:58:04 +08:00
Charles-Edouard Brétéché
87880ad6f1
refactor: use typed informers and add tombstone support to webhookconfig (#3736) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>
 2022-05-02 08:19:39 +00:00
Jim Bugwadia
3cb620499e
Remove YAML multiline support in CM values (#3721) 
* remove YAML multiline support in CM values

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* remove unused code

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix test

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

Co-authored-by: shuting <shuting@nirmata.com>
 2022-05-02 08:57:35 +01:00
Jim Bugwadia
4f8eab76ce
cleanup event messages and sources (#3741) 
* cleanup events

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix sonatype issues

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2022-05-02 05:14:32 +00:00
Sambhav Kothari
655e2a74d7
Add tests for required checks for image verify (#3755) 2022-05-01 18:00:44 -07:00
Jim Bugwadia
0771ffd474
Add error handling and log for image extractor errors (#3724) 
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
 2022-05-01 23:44:51 +00:00
Jim Bugwadia
ef71102b22
Fix verify all images (#3748) 
Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>
 2022-05-01 23:02:49 +00:00
Sambhav Kothari
8342d86a9e
Retry policy creation to avoid flaky CRD readiness (#3752) 
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
 2022-05-01 22:42:14 +00:00
Prateek Nandle
d980a3b883
Fix test Summary printing for failure test cases (#3749) 
* Test Summary printing for failure test cases

Signed-off-by: Prateeknandle <prateeknandle@gmail.com>

* shifted rc.fail block below print statement

Signed-off-by: Prateeknandle <prateeknandle@gmail.com>
 2022-05-01 22:22:40 +00:00
Sambhav Kothari
dd0f6baa7d
Enable tests in makefile (#3699) 2022-05-01 14:20:22 -07:00
Charles-Edouard Brétéché
96b33f6200
refactor: metrics package logger (#3734) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-04-29 19:33:08 +02:00
Jim Bugwadia
e92623b015
Use inclusive language (#3738) 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2022-04-29 17:29:18 +01:00
Prateek Pandey
97f845124f
fix: block policy for missing matched kind (#3733) 
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
 2022-04-29 21:53:18 +08:00
Charles-Edouard Brétéché
82c9c2d08b
fix: missing image verification rules in autogen (#3729) 
* fix: missing image verification rules in autogen

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* fix: missing image verification rules in autogen

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-04-29 13:48:22 +02:00
shuting
a4815f77c4
Convert GenerateRequest to UpdateRequest for backward compatibility (#3730) 
- Remove GenerateRequest Informer
 - Rename GenerateRequest to UpdateRequest in logs and vars
 - Fix initContainer leader election
 - Convert GenerateRequest to UpdateRequest in initContainer
 - Remove unused methods
 - Add printer column ruleType to UR


Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2022-04-29 16:35:49 +05:30
Charles-Edouard Brétéché
de84b8071d
refactor: autogen package logger (#3727) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-04-29 09:12:21 +00:00
Charles-Edouard Brétéché
61a1d40e5e
fix: correct tombstone usage (#3718) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-04-29 09:50:17 +02:00
Charles-Edouard Brétéché
24ed931f42
refactor: remove some api unnecessary pointers (4) (#3713) 
* refactor: remove some api unnecessary pointers

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* refactor: remove some api unnecessary pointers (2)

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* refactor: remove some api unnecessary pointers (3)

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* refactor: remove some api unnecessary pointers (4)

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Co-authored-by: shuting <shuting@nirmata.com>
 2022-04-29 09:12:01 +02:00
shuting
a45986c04d
Set policy kind to generate events in the webhook (#3726) 
* remove mutateExisting field

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* update policy controller to create UR for generate

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* remove debug log

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* - Update api docs
- Ignore e2e tests cleanup failure

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* Add back index to helm template

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* Set policy kind to generate events in the webhook

Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2022-04-29 05:50:55 +00:00
shuting
e248308cb3
Create UR for both mutate and generate policies (#3717) 
* remove mutateExisting field

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* update policy controller to create UR for generate

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* remove debug log

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* - Update api docs
- Ignore e2e tests cleanup failure

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* Add back index to helm template

Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2022-04-29 11:01:02 +05:30
Charles-Edouard Brétéché
7fca026678
fix: remove supported from autogen status (#3714) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-04-28 16:14:48 -07:00
Charles-Edouard Brétéché
d0ada5529c
fix: generated api reference docs (#3711) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-04-28 12:51:44 +00:00
Charles-Edouard Brétéché
b7f42a0d1f
refactor: remove some api unnecessary pointers (3) (#3707) 
* refactor: remove some api unnecessary pointers

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* refactor: remove some api unnecessary pointers (2)

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* refactor: remove some api unnecessary pointers (3)

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-04-28 12:30:23 +00:00
shuting
d3eec03a79
Optimize UR listing on policy events (#3712) 
* Optimize UR listing on policy events

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix new UR creation for multiple policies

Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2022-04-28 10:29:48 +00:00
shuting
eb0b8d352c
- Create events for imageVerify rules (#3710) 
- Skip generating events on blocked resource

Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2022-04-28 17:51:06 +08:00
Charles-Edouard Brétéché
68c35b2f2e
refactor: remove some api unnecessary pointers (2) (#3705) 
* refactor: remove some api unnecessary pointers

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* refactor: remove some api unnecessary pointers (2)

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-04-28 17:11:14 +08:00
Charles-Edouard Brétéché
75e300799a
fix: remove unused type TargetMutation (#3706) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
 2022-04-28 06:05:13 +00:00
Charles-Edouard Brétéché
cf86887d55
refactor: remove some api unnecessary pointers (#3704) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-04-28 12:41:10 +08:00
shuting
b740e84f06
add e2e tests for mutate existing policies (#3703) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2022-04-27 21:44:52 +02:00
Jim Bugwadia
ab5171cee5
Verify digest (#3679) 
* add verifyDigest to check all tags are converted to digests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add required to check for image verification annotation

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* make fmt

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* generate CRD

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* adding imageverify true/false patch

Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>

* patch addition logic

Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>

* image verify CLI tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fixes and unit tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix digest mutate

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fmt

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* make codegen

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix policy cache

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

Co-authored-by: anushkamittal20 <anumittal4641@gmail.com>
 2022-04-27 15:09:52 +00:00
Charles-Edouard Brétéché
b689f1f15c
fix: kind wash in mutate policy helper (#3698) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-04-27 19:38:31 +05:30
Charles-Edouard Brétéché
8b36441cd1
refactor: auth package logger (#3696) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-04-27 13:34:08 +00:00
Charles-Edouard Brétéché
f32ea23c9d
chore: remove unused custom expansions from client (#3697) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-04-27 21:14:49 +08:00
Charles-Edouard Brétéché
f34a542587
refactor: client gen code (#3695) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-04-27 12:30:43 +00:00
Vyankatesh Kudtarkar
d72ecd4853
Fix test command git issue (#3692) 
Co-authored-by: shuting <shutting06@gmail.com>
 2022-04-27 12:49:40 +01:00
Sambhav Kothari
9d13e89697
Enable verifyImages and CLI registry tests (#3684) 
Signed-off-by: Sambhav Kothari <skothari44@bloomberg.net>
 2022-04-27 17:29:54 +08:00
treydock
0ae671ca7a
Cherry-pick release-1.6 Helm changes (#3689) 
* Support releasing kyverno and kyverno-policies chart separately (#3672)

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

* Add DELETE precondition back (#3657)

* Add DELETE precondition back

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

* Add another example and test for 'any'

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

Co-authored-by: shuting <shuting@nirmata.com>
 2022-04-27 03:52:45 +00:00
Chip Zoller
029b69fa6b
Show warnings in Helm chart installation; update issue templates (#3673) 
* add cherry pick requirement

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* adopt github issue forms

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* update PR template with test checklist reminders

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* Add "other" issue template

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add "triage" label to all new issues

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* notes change

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* show warnings

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* update version numbers in issue templates

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add CI file per comments

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* new line for linting

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* stop being smart

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* remove ci file

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: treydock <tdockendorf@osc.edu>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-04-27 01:45:22 +00:00
Charles-Edouard Brétéché
a6924a11ab
refactor: use typed k8s client in tls package (#3678) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-04-26 20:18:14 +00:00
Charles-Edouard Brétéché
c97af0094f
refactor: config package logger (#3683) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-04-26 21:55:24 +02:00
shuting
d5f6167e56
Fix flaky e2e tests for generate policies (#3681) 
* fix flaky generate e2e tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* enable validate, verifyimage e2e tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* set policy names different within a single test

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* do not delete cloned resource when sync generate policy is deleted

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* replace grLister by urLister

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* re-queue pending URs only to fix clone policy deletion

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* remove duplicate import

Signed-off-by: ShutingZhao <shuting@nirmata.com>

Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-04-26 19:18:24 +00:00
Sambhav Kothari
25badfe4fb
Fix regression in wildcard matches in In/AnyIn operators (#3686) 
Signed-off-by: Sambhav Kothari <skothari44@bloomberg.net>

Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
 2022-04-26 18:03:05 +00:00
Charles-Edouard Brétéché
8c930134ef
feat: remove deprecated flags (#3680) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Co-authored-by: shuting <shuting@nirmata.com>
 2022-04-26 14:53:01 +00:00
Mritunjay Kumar Sharma
ebd44131c9
Logic of match service account is fixed for namespace (#3662) 
* attempt to implement new logic for roleRef

Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com>

* fixes match subject map logic

Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com>

* changes namespace for clusterRolebinding

Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com>

* adds tests

Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com>

* fixes in tests

Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com>

* fixes in tests

Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com>
 2022-04-26 14:33:58 +00:00