1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00
Commit graph

30 commits

Author SHA1 Message Date
D N Siva Sathyaseelan
0ee73430de
feat:Add support for condition validation across multiple image verification attestations or context entry (#9960)
* added Validate in ImageVerification

Signed-off-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>

* added Validate in ImageVerification

Signed-off-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>

* validate block added

Signed-off-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>

* Name feild is added in Attestation struct

Signed-off-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>

* added imageInfo in policy context

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* added response from FetchAttestations to contex entry

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* added validate logic

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* condition for name collision in Attestation array is added

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* added conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* added conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* added conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* added conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* added conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* added multiple image verification test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* added multiple image verification test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes in conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes in conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes in conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes in conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* unit test added

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* ValidateVariable is applied in validate

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* change in regex, logic, conformance test, unit test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some logical changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some logical changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some logical changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some logical changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some change in conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* context entries are added as variables

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some logical implementations

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* Validate and multiple Image verification is working

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* moved validate to verify

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* Some changes in conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* Some changes in conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* Some changes in conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* Some changes in imageverifier

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* Some changes in imageverifier

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* unit test added

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* lint fixes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* lint fixes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* lint fixes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* lint fixes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* added validate in verifyimage in v2 policies

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* validate is moved to verifyAttestation

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes in unit tests

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* removed loadcontext

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* enhanced tests

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* enhanced tests

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* Added getRawResp to fing report in statemants

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* aome changes in unit tests

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* aome changes in unit tests

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes in ivm

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* changes in verify in imageverifer

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* added conformance test for trivy and vex

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* added Validate in ImageVerification

Signed-off-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>

* added Validate in ImageVerification

Signed-off-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>

* added imageInfo in policy context

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* added response from FetchAttestations to contex entry

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* added validate logic

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* condition for name collision in Attestation array is added

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* added conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* added conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* added conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* added conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* added conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* added multiple image verification test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* added multiple image verification test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes in conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes in conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes in conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes in conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* unit test added

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* ValidateVariable is applied in validate

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* change in regex, logic, conformance test, unit test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some logical changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some logical changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some logical changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some logical changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some change in conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* context entries are added as variables

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some logical implementations

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* Validate and multiple Image verification is working

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* moved validate to verify

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* Some changes in conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* Some changes in conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* Some changes in conformance test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* Some changes in imageverifier

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* Some changes in imageverifier

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* unit test added

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* lint fixes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* lint fixes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* lint fixes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* lint fixes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* added validate in verifyimage in v2 policies

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* validate is moved to verifyAttestation

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes in unit tests

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* removed loadcontext

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* enhanced tests

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* enhanced tests

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* Added getRawResp to fing report in statemants

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* aome changes in unit tests

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* aome changes in unit tests

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* helm test fix

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* some changes in ivm

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* changes in verify in imageverifer

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* test

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* codegen applied

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

* codegen resolved

Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>

---------

Signed-off-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
Signed-off-by: D N Siva Sathyaseelan <95441117+sivasathyaseeelan@users.noreply.github.com>
Co-authored-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>
2024-09-05 10:33:37 +00:00
Vishal Choudhary
0c2a88638b
fix: properly use useCache field in image verification policies (#10709)
* fix: properly use useCache field in image verification policies

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: add test

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: revert client changes

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-08-19 14:26:07 +00:00
Mariam Fahmy
c46cb06d95
fix: remove unused parameters (#10330)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-05-29 23:29:24 +00:00
Charles-Edouard Brétéché
a1cb4f1c30
fix: remove deprecated imageSignatureRepository flag (#9698)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-02-08 12:10:29 +00:00
Vishal Choudhary
87c7ce254a
feat: add skipImageReferences in verify images (#8633)
* feat: add skipImageReferences in verify images

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: chainsaw tests

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: chainsaw-test.yaml

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: typo in assert

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-23 12:27:39 +00:00
Vishal Choudhary
e6bebeae9b
feat: improve assertion and error messages (#8489) 2023-09-21 12:39:54 +00:00
Vishal Choudhary
fd01e50280
fix: image verify cache test (#8462)
* fix: image verify cache test

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: print err message

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: clear mock

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: defer clear mock

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

---------

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-20 14:03:58 +02:00
Vishal Choudhary
aeabe7048d
feat: update condition in image verify cache tests (#8318)
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-09-11 14:22:10 +00:00
Vishal Choudhary
274e93199b
feat: update ivcache Set() to use Wait() (#8286)
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-09-06 13:31:18 +00:00
Charles-Edouard Brétéché
c51bc5beb8
docs: improve cli commands docs (#8259)
* chore: improve cli commands docs

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* docs

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* experimental

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* version

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* unit tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* oci

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* oci

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* jp

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* apply

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* create

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-05 05:14:28 +03:00
Vishal Choudhary
2f6ff9902e
fix test flake: update assertion in image verify cache test (#8248)
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-09-04 13:07:53 +00:00
Amit kumar
6d8ae16afa
added verify image ristretto cache implementation (#7969)
* updated flags

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added ristretto_cache impl

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added bufferSize

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* small nits

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* made cache as private member

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* made cache as private member

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added logger.withValues

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added verify image cache

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* small nits

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added cache tests

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* fixed lint issue

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added chaged policy test

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* cache time should be entered in minutes

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* removed cache.wait()

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* small nits

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* removed client.go logs and added in imageVerifier

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added level to the logs

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added notary image cache verification

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* replace intVar by flag.DurationVar()

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* removed lock from cache clinet

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* updated cosign tests

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added execution latencies comparision

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added assert.Error()

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added error assertion util

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added error log

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* Update pkg/engine/internal/imageverifier.go

Signed-off-by: shuting <shutting06@gmail.com>

* lint fixes

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* removed logs from unit tests

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added ristretto_cache impl

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* removed cache.wait()

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* small nits

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* added asssertions in tests

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* fixed conflicts

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* lint fix

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

* renamed variabls

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>

---------

Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>
Signed-off-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-08-30 07:26:40 +00:00
Vishal Choudhary
62634af6aa
feat: migrate ignoreSCT from rekor to ctlog (#8166)
* feat: migrate ignoreSCT from rekor to ctlog

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: update tests for new crd

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

---------

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-30 08:39:49 +02:00
Vishal Choudhary
e9e44291bf
Support for Cosign 2.0 (#7248)
* cosign 2.0 version upgrade

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* IgnoreTlog and IgnoreSCT updated

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* removed cli packages

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* lazy evaluate vars in conditions (#7238)

* lazy evaluate vars in conditions

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* remove unnecessary conversion

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix test

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* Update test/conformance/kuttl/validate/clusterpolicy/standard/variables/lazyload/conditions/03-manifests.yaml

Signed-off-by: shuting <shutting06@gmail.com>

* Update test/conformance/kuttl/validate/clusterpolicy/standard/variables/lazyload/README.md

Signed-off-by: shuting <shutting06@gmail.com>

* added error check in test

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

---------

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shutting06@gmail.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* in-toto-golang update

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added rekor

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* quote image in error (#7259)

Signed-off-by: bakito <github@bakito.ch>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: auto update webhooks not configuring fail endpoint (#7261)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix latest version check (#7263)

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump svenstaro/upload-release-action from 2.5.0 to 2.6.0 (#7270)

Bumps [svenstaro/upload-release-action](https://github.com/svenstaro/upload-release-action) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/svenstaro/upload-release-action/releases)
- [Changelog](https://github.com/svenstaro/upload-release-action/blob/master/CHANGELOG.md)
- [Commits](7319e4733e...58d5258088)

---
updated-dependencies:
- dependency-name: svenstaro/upload-release-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump sigs.k8s.io/controller-runtime from 0.14.6 to 0.15.0 (#7272)

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.14.6 to 0.15.0.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.14.6...v0.15.0)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add yaml util to check empty document (#7276)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#7274)

Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.6.1 to 5.7.0.
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#7274)

Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.6.1 to 5.7.0.
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#7274)

Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.6.1 to 5.7.0.
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* go mod update

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* removed cosign 1.13.1 dependency

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added default rekor url

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* updated cosign option

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#7274)

Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.6.1 to 5.7.0.
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* go mod update

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* go sum fix

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* NIT

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix failing test: Test_VerifyManifest_MustAll_InvalidYAML

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* suggestions from jim

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* go mod fix

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* updates to cosign verification

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* kuttl test ignore sct

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* go mod fixes

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* go mod update

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* downgrading gcr version

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* null pointer error

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* updated failing cli tests

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* updated kuttl test with complete subjects

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fixed issue with wildcard replacement

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* engine tests

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* removed conflicts with notary

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* updated go mod

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* codegen and test

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added pubkeys test

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* add default CTLogPubKeys

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* cleanup

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* unwanted test

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: auth checks with the APIVersion and the subresource (#7628)

* fix auth checks with apiVersion and subresource

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add kuttl tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* remove duplicate code

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* update permissions

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: harden rbac permissions (#7638)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore(deps): bump sigstore/cosign-installer from 3.0.5 to 3.1.0 (#7664)

Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.5 to 3.1.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](dd6b2e2b61...d13028333d)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 (#7663)

Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.3 to 2.2.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](80e868c13c...08b4669551)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* [Chore] bump notation-go from 1.0.0-rc.3 -> 1.0.0-rc.6 (#7650)

* Bump notation-go from 1.0.0-rc.3 -> 1.0.0-rc.6

Signed-off-by: webstradev <e.s.westra.95@gmail.com>

* fixed tests

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added tests for repository

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

---------

Signed-off-by: webstradev <e.s.westra.95@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: webstradev <e.s.westra.95@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>

* fix: vscode debug config (#7653)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: pr updater workflow (#7665)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* refactor: add specific loaders from #7597 (#7671)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feat: add cluster select and relabling config for ServiceMonitors (#7659)

* feat: add cluster select and relabling config for ServiceMonitors

Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>

* feat: add cluster select and relabling config for ServiceMonitors

Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>

---------

Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>

* fix: cleanup controller context from #7597 (#7672)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: cleanup controller rbac (#7669)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* refactor: migrate context loaders (part 1) from #7597 (#7676)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* refactor: migrate context loaders (part 2) from #7597 (#7677)

* refactor: migrate context loaders (part 1) from #7597

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* refactor: migrate context loaders (part 2) from #7597

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feat: add lazy loading feature flag (#7680)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: image verification (#7652)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* Fix deferred loading (#7597)

* handle nested contexts

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add feature flag

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add kuttl tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix linter issues

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix CLI regclient

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix: token permissions on report vulns workflow (#7611)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: token permissions (#7619)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: update the flag descriptions of the reports-controller (#7617)

Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com>

* fix: panic if env var not defined (#7613)

* fix: panic if env var not defined

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* use toggles instead of a flag

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update toggle name

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update toggle name

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix roles

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix role

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update manifests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* remove extra unlock

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix loader reset

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* propagate context

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* cm resolver

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* level management

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* address review comments

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add enableDeferredLoading to other controllers

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* re-enable ACR credhelper

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* improve tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* remove image registry client init

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* check for invalid reset/restore

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* recursive kuttl test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* add pre/post queries

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add check for a recursive match

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* new test suite

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* eval loaders at creation level

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* kuttl test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* add an index for resolving deps in order

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* improve comment

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* extract remove method

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* merge main

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* flags

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feature flag

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix flag

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* update unit tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* two rules kuttl test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* update unit tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* revert

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* per rule checkpoint

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix mutate chained rules

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* per rule checpoint/restore

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* log error

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Emmanuel Ferdman <emmanuelferdman@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>

* fix: factorise confimap informer code (#7667)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

* chore(deps): bump sigstore/cosign-installer from 3.1.0 to 3.1.1 (#7689)

Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](d13028333d...6e04d228eb)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: Swap any/all in the error message. (#7688)

Signed-off-by: JaeHeung Han <hylowaker@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feat: add background only policy support (#6666)

* feat: add background only policy support

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* webhook

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* validation

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* kuttl

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* all disabled

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: pr updater workflow (#7697)

* fix: pr updater workflow

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* Update .github/workflows/pr-update.yaml

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

* fix: customizable tracer configuration (#7644)

* fix: customizable tracer configuration

Signed-off-by: Daniel Laszlo <laszlodaniel@icloud.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* fix: harden rbac permissions (#7638)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* chore(deps): bump sigstore/cosign-installer from 3.0.5 to 3.1.0 (#7664)

Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.5 to 3.1.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](dd6b2e2b61...d13028333d)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* chore(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 (#7663)

Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.3 to 2.2.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](80e868c13c...08b4669551)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* use resource.New instead of Merge

Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* fix tabs

Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* [Chore] bump notation-go from 1.0.0-rc.3 -> 1.0.0-rc.6 (#7650)

* Bump notation-go from 1.0.0-rc.3 -> 1.0.0-rc.6

Signed-off-by: webstradev <e.s.westra.95@gmail.com>

* fixed tests

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added tests for repository

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

---------

Signed-off-by: webstradev <e.s.westra.95@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: webstradev <e.s.westra.95@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* fix: vscode debug config (#7653)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* fix: pr updater workflow (#7665)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* refactor: add specific loaders from #7597 (#7671)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* feat: add cluster select and relabling config for ServiceMonitors (#7659)

* feat: add cluster select and relabling config for ServiceMonitors

Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>

* feat: add cluster select and relabling config for ServiceMonitors

Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>

---------

Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* fix: cleanup controller context from #7597 (#7672)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* fix: cleanup controller rbac (#7669)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* refactor: migrate context loaders (part 1) from #7597 (#7676)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* refactor: migrate context loaders (part 2) from #7597 (#7677)

* refactor: migrate context loaders (part 1) from #7597

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* refactor: migrate context loaders (part 2) from #7597

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* feat: add lazy loading feature flag (#7680)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* fix: image verification (#7652)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* Fix deferred loading (#7597)

* handle nested contexts

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add feature flag

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add kuttl tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix linter issues

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix CLI regclient

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix: token permissions on report vulns workflow (#7611)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: token permissions (#7619)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: update the flag descriptions of the reports-controller (#7617)

Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com>

* fix: panic if env var not defined (#7613)

* fix: panic if env var not defined

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* use toggles instead of a flag

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update toggle name

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update toggle name

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix roles

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix role

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update manifests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* remove extra unlock

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix loader reset

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* propagate context

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* cm resolver

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* level management

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* address review comments

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add enableDeferredLoading to other controllers

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* re-enable ACR credhelper

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* improve tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* remove image registry client init

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* check for invalid reset/restore

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* recursive kuttl test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* add pre/post queries

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add check for a recursive match

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* new test suite

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* eval loaders at creation level

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* kuttl test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* add an index for resolving deps in order

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* improve comment

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* extract remove method

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* merge main

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* flags

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feature flag

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix flag

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* update unit tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* two rules kuttl test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* update unit tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* revert

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* per rule checkpoint

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix mutate chained rules

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* per rule checpoint/restore

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* log error

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Emmanuel Ferdman <emmanuelferdman@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* fix: factorise confimap informer code (#7667)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* chore(deps): bump sigstore/cosign-installer from 3.1.0 to 3.1.1 (#7689)

Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](d13028333d...6e04d228eb)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* Update pkg/tracing/config.go

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Daniel Laszlo <laszlodaniel@icloud.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: webstradev <e.s.westra.95@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: webstradev <e.s.westra.95@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Frank Jogeleit <frank.jogeleit@lovoo.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Emmanuel Ferdman <emmanuelferdman@gmail.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

* fix: lock schema manager when updating it (#7704)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* test: add kuttl tests for background only policies (#7709)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* Feat: Upgrade controller-gen to v0.12.0 and fix tooling (#7683)

* Upgrade controller-gen and fix tooling

Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>

* Address comments

Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>

* Add a marker in the sed command

Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>

* Upgrade to the latest version and rearrange the annotations

Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>

* Fix failing Verify Codegen tests

Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>

* Remove unnecessary file

Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>

* Restore original version in test folder

Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>

* Add creationTimestamp: null again in the test folder

Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>

---------

Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
Co-authored-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: release signing (#7711) (#7713)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore: use github token instead of pat (#7716)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: reduce token permissions (#7719)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: reduce token permissions (#7721)

* fix: reduce token permissions

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: reduce token permissions

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: make `test --fail-only` return 1 if there are failed tests (#7717)

Signed-off-by: Carles Figuerola <cfiguerola@expediagroup.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* remove redundant tests (#7702)

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: use gh token instead of pat (#7723)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: remove obsolete scripts (#7720)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: reduce token permission (#7729)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: use github token instead of pat (#7727)

* fix: remove jmespath replace directive

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: use github token instead of pat

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: use golang builtin version management (#7654)

* fix: use golang builtin version management

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feat: template for user setup in kuttl (#7731)

Signed-off-by: Alok N <alokme123@gmail.com>

* feat: Add option to add imagePullSecrets to cleanup CronJobs (#7730)

* Add option to add imagePullSecrets to cleanup CronJobs

Signed-off-by: Alexander Olzem <olzemal@pm.me>

* Update chart README

Signed-off-by: Alexander Olzem <olzemal@pm.me>

---------

Signed-off-by: Alexander Olzem <olzemal@pm.me>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: typo in check cmd (#7733)

Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com>

* fix: nits in cli flags (#7736)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore: bump ko version (#7738)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore: bump kind node versions (#7737)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: refactor cli values loading and remove dead code (#7739)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* [Feature] round() JMESPath function (#7489)

* adding roundoff

Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>

* removing unnecessary

Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>

* adding test

Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>

* adding edge case

Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>

* fixing error

Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>

* updating function call

Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>

* updating function jpRound

Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>

* error handling negative

Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>

* fix

Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>

* fix linter

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* parsing

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* cleanup

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore(deps): bump ubuntu from `6120be6` to `0bced47` in /.devcontainer (#7744)

Bumps ubuntu from `6120be6` to `0bced47`.

---
updated-dependencies:
- dependency-name: ubuntu
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: improve cli apply args check (#7746)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: remove cli dead code (#7748)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* Replaced gcr crane with gcr remote (#7747)

* fix: oras-go/v2 version in go.sum

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* refactor: move kyverno constants out of v1 package (#7760)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore: use register-gen to register k8s types (#7761)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore(deps): bump fluxcd/flux2 from 0.41.2 to 2.0.0 (#7764)

Bumps [fluxcd/flux2](https://github.com/fluxcd/flux2) from 0.41.2 to 2.0.0.
- [Release notes](https://github.com/fluxcd/flux2/releases)
- [Changelog](https://github.com/fluxcd/flux2/blob/main/.goreleaser.yml)
- [Commits](dbda8fbdb8...9ea0a535ea)

---
updated-dependencies:
- dependency-name: fluxcd/flux2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore: introduce defaulters-gen (#7765)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feat: add table output to cli apply command (#7757)

* feat: add table output to cli apply command

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* factorise

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>

* chore: bump cosign in gh workflows (#7715)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore: switch to deepcopy-gen (#7766)

* chore: switch to deepcopy-gen

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore: increase linter timeout (#7767)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* undo: revert back to cosign 2.0.2

cosign 2.1.1 has dependency conflicts with oras

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* remove markers

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore: remove 0_14 version of gcr

k8s-sigstore-manifest got a new version so we can finally upgrade gcr to v0.15

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* add: add logging to tlogs and sct

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* undo: remove registryOpts in favor of registry client opts

added the missing parts from registryOptions in registry client opts

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore: add generated files

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore: clean go mod

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: remove bad logs

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* bug: fix go mod

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: update kubebuilder version in crds

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* update: rollback policy to ignore tlog

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore: update codegen

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

---------

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: shuting <shutting06@gmail.com>
Signed-off-by: bakito <github@bakito.ch>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: webstradev <e.s.westra.95@gmail.com>
Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>
Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com>
Signed-off-by: JaeHeung Han <hylowaker@users.noreply.github.com>
Signed-off-by: Daniel Laszlo <laszlodaniel@icloud.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>
Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
Signed-off-by: Carles Figuerola <cfiguerola@expediagroup.com>
Signed-off-by: Alok N <alokme123@gmail.com>
Signed-off-by: Alexander Olzem <olzemal@pm.me>
Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: shuting <shutting06@gmail.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
Co-authored-by: Marc Brugger <github@bakito.ch>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: webstradev <e.s.westra.95@gmail.com>
Co-authored-by: Frank Jogeleit <frank.jogeleit@lovoo.com>
Co-authored-by: Emmanuel Ferdman <emmanuelferdman@gmail.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: JaeHeung Han <hylowaker@users.noreply.github.com>
Co-authored-by: Daniel Laszlo <laszlodaniel@icloud.com>
Co-authored-by: Md Shahbaz Alam <shahbazalam75508@gmail.com>
Co-authored-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org>
Co-authored-by: Carles-Figuerola <carles@figuerola.info>
Co-authored-by: Alok Naushad <alokme123@gmail.com>
Co-authored-by: Alex Olzem <olzemal@gmail.com>
Co-authored-by: SukhveerS <78963782+Rexbeast2@users.noreply.github.com>
2023-08-15 14:25:55 +00:00
Vishal Choudhary
b385693509
feat: add basic structure for image verify cache (#7890)
* feat: add interface for image verify cache

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add basic client for cache

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add ttl to client

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add flags and flag setup

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: added a default image verify cache

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add propogation of cache to image verifier

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add useCache to image verification types

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* bug: add ivcache to image verifier

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add logger to cache

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* typo: DisabledImageVerfiyCache

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* typo: DisabledImageVerfiyCache

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* Update cmd/internal/flag.go

Signed-off-by: shuting <shutting06@gmail.com>

* feat: add use cache to v2beta1 crd

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* bug: change public attribute TTL to private

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: replace nil in test with disabled cache

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: convert ttl time to time.Duration

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: update opts to use time.Duration

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat:add policy version and remove delete functions

by adding policy version, old entries will automatically become outdated and we will not have to remove them manually

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: remove clear and update get and set to take interface as input

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* style: fix lint issue

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

---------

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-06 21:54:52 +02:00
Charles-Edouard Brétéché
cd9a13e751
chore: move kyverno.io/verify-images constant (#7955)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-02 14:02:21 +00:00
Vishal Choudhary
43685aedc2
Enable flexible registry credential configurations (#7114)
* types added

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added secret fetching and client creation

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* codegen

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fixed tests

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* validate target resource scope & namespace settings (#7098)

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: mutation code (#7095)

* fix: mutation code

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* kuttl tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* lazy loading of context vars (#7071)

* lazy loading of context vars

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* gofumpt

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add kuttl tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

---------

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* moved to policy context

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* removed errors

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* RegistryClientLoader

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* [Feature] Add kuttl tests with policy exceptions disabled (#7117)

* added tests

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* removed redundant code

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* typo fix and README changes

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

---------

Signed-off-by: Ved Ratan <vedratan8@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* Conditions message (#7113)

* add message to conditions

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* extend tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

---------

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump zgosalvez/github-actions-ensure-sha-pinned-actions (#7123)

Bumps [zgosalvez/github-actions-ensure-sha-pinned-actions](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/releases)
- [Commits](21991cec25...555a30da26)

---
updated-dependencies:
- dependency-name: zgosalvez/github-actions-ensure-sha-pinned-actions
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump sigs.k8s.io/kustomize/kyaml from 0.14.1 to 0.14.2 (#7121)

Bumps [sigs.k8s.io/kustomize/kyaml](https://github.com/kubernetes-sigs/kustomize) from 0.14.1 to 0.14.2.
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases)
- [Commits](https://github.com/kubernetes-sigs/kustomize/compare/kyaml/v0.14.1...kyaml/v0.14.2)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/kustomize/kyaml
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump oras.land/oras-go/v2 from 2.0.2 to 2.1.0 (#7102)

Bumps [oras.land/oras-go/v2](https://github.com/oras-project/oras-go) from 2.0.2 to 2.1.0.
- [Release notes](https://github.com/oras-project/oras-go/releases)
- [Commits](https://github.com/oras-project/oras-go/compare/v2.0.2...v2.1.0)

---
updated-dependencies:
- dependency-name: oras.land/oras-go/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* add condition msg to v2beta1 (#7126)

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: print container flags and their values (#7127)

* add condition msg to v2beta1

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* print flags settings

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* remove the container flag genWorker from the admission controller (#7132)

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump google.golang.org/grpc from 1.54.0 to 1.55.0 (#7103)

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.54.0 to 1.55.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.54.0...v1.55.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* remove the duplicate entry (#7125)

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump sigs.k8s.io/kustomize/api from 0.13.2 to 0.13.3 (#7120)

Bumps [sigs.k8s.io/kustomize/api](https://github.com/kubernetes-sigs/kustomize) from 0.13.2 to 0.13.3.
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases)
- [Commits](https://github.com/kubernetes-sigs/kustomize/compare/api/v0.13.2...api/v0.13.3)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/kustomize/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* update background scan logging messages (#7142)

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* Update chart with v2 to v3 migration guidance. (#7144)

* add Saxo Bank and Velux as adopters

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* update chart README and validations

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* codegen

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* add Controller Internals info (#7147)

Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* Supporting ValidatingAdmissionPolicy in kyverno cli (apply and test command) (#6656)

* feat: add policy reporter to the dev lab

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* refactor: remove obsolete structs from CLI

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* more

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* codegen

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* Supporting ValidatingAdmissionPolicy in kyverno apply

Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>

* chore: bump k8s from v0.26.3 to v0.27.0-rc.0

Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>

* Support validating admission policy in kyverno apply

Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>

* Support validating admission policy in kyverno test

Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>

* refactoring

Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>

* Adding kyverno apply tests for validating admission policy

Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>

* fix

Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>

* fix

Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>

* running codegen-all

Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>

* fix

Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>

* Adding IsVap field in TestResults

Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>

* chore: bump k8s from v0.27.0-rc.0 to v0.27.1

Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>

* fix

Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>

* fix

Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>

* Fix vap in engine response

Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>

* codegen

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump sigs.k8s.io/kustomize/api from 0.13.3 to 0.13.4 (#7150)

Bumps [sigs.k8s.io/kustomize/api](https://github.com/kubernetes-sigs/kustomize) from 0.13.3 to 0.13.4.
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases)
- [Commits](https://github.com/kubernetes-sigs/kustomize/compare/api/v0.13.3...api/v0.13.4)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/kustomize/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump golang.org/x/crypto from 0.8.0 to 0.9.0 (#7149)

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.8.0 to 0.9.0.
- [Commits](https://github.com/golang/crypto/compare/v0.8.0...v0.9.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* Added `omit-events` flag to allow disabling of event emission  (#7010)

* added comma seperated flag

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* reason added in logs

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added requested changes

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* kuttl test init

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* updated kuttl tests

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* updated behavior

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fixed flawed behavior

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* updated test location and added readme

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* tests

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* updated step

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* omit events

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

---------

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: let reports controller quit when loosing the lead (#7153)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump slsa-framework/slsa-github-generator (#7160)

Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.5.0...v1.6.0)

---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore: bump otel deps (#7152)

* chore: bump otel deps

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump github.com/cloudflare/circl from 1.3.2 to 1.3.3 (#7172)

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump github.com/docker/distribution (#7171)

Bumps [github.com/docker/distribution](https://github.com/docker/distribution) from 2.8.1+incompatible to 2.8.2+incompatible.
- [Release notes](https://github.com/docker/distribution/releases)
- [Commits](https://github.com/docker/distribution/compare/v2.8.1...v2.8.2)

---
updated-dependencies:
- dependency-name: github.com/docker/distribution
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump github.com/go-logr/zapr from 1.2.3 to 1.2.4 (#7177)

Bumps [github.com/go-logr/zapr](https://github.com/go-logr/zapr) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/go-logr/zapr/releases)
- [Commits](https://github.com/go-logr/zapr/compare/v1.2.3...v1.2.4)

---
updated-dependencies:
- dependency-name: github.com/go-logr/zapr
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* Add refactor note (#7169)

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fixed typo in the v2 to v3 helm migration guide (#7163)

* fixed typo in the v2 to v3 helm migration guide

Signed-off-by: Richard Parke <richardparke15@gmail.com>

* codegen

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Richard Parke <richardparke15@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump github.com/distribution/distribution (#7178)

Bumps [github.com/distribution/distribution](https://github.com/distribution/distribution) from 2.8.1+incompatible to 2.8.2+incompatible.
- [Release notes](https://github.com/distribution/distribution/releases)
- [Commits](https://github.com/distribution/distribution/compare/v2.8.1...v2.8.2)

---
updated-dependencies:
- dependency-name: github.com/distribution/distribution
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* tweaks (#7166)

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add logging feature to helm chart (#7181)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* refactor: hide json context from caller (#7139)

* refactor: hide json context from caller

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* unit tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* feat: add omit-events feature in helm chart (#7185)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: preconditions in mutate existing rules (#7183)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: use structured jsonpatch instead of byte arrays (#7186)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added secret lister

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* changes from review

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added rclientloader to policy context

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* refactor changes

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* NIT

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added RegistryClientLoaderNewOrDie to policy context

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* CI fixes

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: panic for policy variable validation (#7079)

* fix panic

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* check errors

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: remove policy-reporter from dev lab (#7196)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: cleanup controller metrics name (#7198)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: http request metrics (#7197)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* remove unused code (#7203)

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* handle Deny rules where conditions eval to true (#7204)

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* [Bug] Enforce message wrong (#7208)

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fixed tests

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

---------

Signed-off-by: Ved Ratan <vedratan8@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump codecov/codecov-action from 3.1.3 to 3.1.4 (#7207)

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.3 to 3.1.4.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](894ff025c7...eaaf4bedf3)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump sigstore/cosign-installer from 3.0.3 to 3.0.4 (#7215)

Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.3 to 3.0.4.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](204a51a57a...03d0fecf17)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: panic in reports controller (#7220)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: mutate existing auth check (#7219)

* fix auth check when using variables in ns

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add kuttl tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: do not exclude kube-system service accounts by default (#7225)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* docs: add reports system design doc (#6949)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump k8s.io/apimachinery from 0.27.1 to 0.27.2 (#7227)

Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.27.1...v0.27.2)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump k8s.io/cli-runtime from 0.27.1 to 0.27.2 (#7228)

Bumps [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/cli-runtime/compare/v0.27.1...v0.27.2)

---
updated-dependencies:
- dependency-name: k8s.io/cli-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump sigstore/cosign-installer from 3.0.4 to 3.0.5 (#7229)

Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.4 to 3.0.5.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](03d0fecf17...dd6b2e2b61)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump k8s.io/pod-security-admission from 0.27.1 to 0.27.2 (#7232)

Bumps [k8s.io/pod-security-admission](https://github.com/kubernetes/pod-security-admission) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/pod-security-admission/compare/v0.27.1...v0.27.2)

---
updated-dependencies:
- dependency-name: k8s.io/pod-security-admission
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: match logic misbehave (#7218)

* add rule name in ur for mutate existing

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix match logic

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* linter fixes

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix the match logic to only apply to the new object, unless it's a delete request

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix unit tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#7240)

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.2...v1.8.3)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump github.com/onsi/gomega from 1.27.6 to 1.27.7 (#7239)

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.6 to 1.27.7.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.27.6...v1.27.7)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump k8s.io/kube-aggregator from 0.27.1 to 0.27.2 (#7241)

Bumps [k8s.io/kube-aggregator](https://github.com/kubernetes/kube-aggregator) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/kube-aggregator/compare/v0.27.1...v0.27.2)

---
updated-dependencies:
- dependency-name: k8s.io/kube-aggregator
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump k8s.io/apiextensions-apiserver from 0.27.1 to 0.27.2 (#7242)

Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.27.1 to 0.27.2.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.27.1...v0.27.2)

---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* passing rclientloader directly

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* lazy evaluate vars in conditions (#7238)

* lazy evaluate vars in conditions

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* remove unnecessary conversion

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix test

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* Update test/conformance/kuttl/validate/clusterpolicy/standard/variables/lazyload/conditions/03-manifests.yaml

Signed-off-by: shuting <shutting06@gmail.com>

* Update test/conformance/kuttl/validate/clusterpolicy/standard/variables/lazyload/README.md

Signed-off-by: shuting <shutting06@gmail.com>

* added error check in test

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

---------

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shutting06@gmail.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* quote image in error (#7259)

Signed-off-by: bakito <github@bakito.ch>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: auto update webhooks not configuring fail endpoint (#7261)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix latest version check (#7263)

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump svenstaro/upload-release-action from 2.5.0 to 2.6.0 (#7270)

Bumps [svenstaro/upload-release-action](https://github.com/svenstaro/upload-release-action) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/svenstaro/upload-release-action/releases)
- [Changelog](https://github.com/svenstaro/upload-release-action/blob/master/CHANGELOG.md)
- [Commits](7319e4733e...58d5258088)

---
updated-dependencies:
- dependency-name: svenstaro/upload-release-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump sigs.k8s.io/controller-runtime from 0.14.6 to 0.15.0 (#7272)

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.14.6 to 0.15.0.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.14.6...v0.15.0)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat: add yaml util to check empty document (#7276)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#7274)

Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.6.1 to 5.7.0.
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* NIT

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* Azure to ACR

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* go mod fix

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* codegen

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* NIT

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* adding kuttl test

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* use pointer

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fixes

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* cleanup

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* global client

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* cleanup

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* added kubeclient

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added nil kubeclient check

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* context

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* factory

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* more fixes

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* secrets lister

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* flags

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix cli

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix kuttl test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix kuttl test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix kuttl test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* kuttl test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* factories

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: Richard Parke <richardparke15@gmail.com>
Signed-off-by: shuting <shutting06@gmail.com>
Signed-off-by: bakito <github@bakito.ch>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Ved Ratan <82467006+VedRatan@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Mariam Fahmy <55502281+MariamFahmy98@users.noreply.github.com>
Co-authored-by: rparke <50015370+rparke@users.noreply.github.com>
Co-authored-by: shuting <shutting06@gmail.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
Co-authored-by: Marc Brugger <github@bakito.ch>
2023-06-16 13:37:08 +00:00
Charles-Edouard Brétéché
a727ffca42
refactor: introduce engine image data client interface (#7529)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-14 10:06:52 +00:00
Charles-Edouard Brétéché
3d5341949b
feat: switch json patch lib for real (#7452)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-08 10:23:20 +00:00
Charles-Edouard Brétéché
863ed5c384
fix: stop recording json patches in rule responses (part 2) (#7422)
* fix: stop recording json patches in rule responses (part 2)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-06 00:41:46 +08:00
Charles-Edouard Brétéché
6bc3761b7a
refactor: stop recording json patches but generate them on demand (part 1) (#7394)
* refactor: stop recording json patches but generate them on demand

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* changed lib

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix verify images

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* image verif tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* unit tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-06-05 12:33:23 +00:00
Charles-Edouard Brétéché
cbce1c91b7
fix: cosign global var (#7397)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-02 12:18:10 +00:00
Charles-Edouard Brétéché
79a255a1e6
fix: use structured jsonpatch instead of byte arrays (#7186)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-05-13 16:56:54 +08:00
Charles-Edouard Brétéché
83840a2462
refactor: hide json context from caller (#7139)
* refactor: hide json context from caller

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* unit tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-05-12 14:14:48 +00:00
Jim Bugwadia
f287e0a220
Conditions message (#7113)
* add message to conditions

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* extend tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

---------

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
2023-05-08 15:34:23 +08:00
Charles-Edouard Brétéché
544fe04508
refactor: introduce jmespath interface (#6882)
* refactor: introduce jmespath interface

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-13 11:29:40 +00:00
Charles-Edouard Brétéché
784ca07419
refactor: engine rule response creation (#6784)
* refactor: engine rule response creation

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* private fields

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* more private

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* more more private

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* more private

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* more private

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* more private

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* more private

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* more private

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* more private

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* more private

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* more private

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* more private

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix unit tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-05 10:35:38 +00:00
Charles-Edouard Brétéché
b2340785fc
refactor: kyverno_policy_results metric management (#6781)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-04 23:07:43 +08:00
Charles-Edouard Brétéché
2f1ac317f4
feat: add flag to skip resource filters in reports controller (#6778)
* feat: add flag to skip resource filters in reports controller

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* codegen

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-04 13:05:29 +00:00
Charles-Edouard Brétéché
b4a4e3a4f3
refactor: don't process context/preconditions in invokeHandler (#6751)
* refactor: engine handlers

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* refactor: don't process context/preconditions in invokeHandler

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-03 12:57:48 +08:00
Renamed from pkg/engine/imageVerify_test.go (Browse further)