kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00

Author	SHA1	Message	Date
NoSkillGirl	2025fd0f70	fixing clone source replication Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-07-01 15:44:15 +05:30
Vyankatesh Kudtarkar	07910edd15	2074 : Fix Policy cache returns the duplicated policies (#2082 ) * Fix Policy cache returns the duplicated policies * Add testcases	2021-06-30 12:20:21 -07:00
Pooja Singh	cd9e596e7e	[Improvement] Kyverno should not delete downstream resources when a generate policy using the clone behavior has synchronize: true (#1880 ) * debuging issue Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * issue fixed Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * remove policy name in source resource Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * fixed deletion of GR on source updation Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added function in common Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * removing comments Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added generated resource list to the log Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * small improvement Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-06-30 12:00:02 -07:00
Valentin Velkov	63f4c9a884	Configurable success events on policies & resources. Generating failure events on policies by default. (#1939 ) * Remove unused event.Reason const Signed-off-by: Velkov <valentin.velkov@sap.com> * Generate failure events on policies Signed-off-by: Velkov <valentin.velkov@sap.com> * Generate success events on policy Signed-off-by: Velkov <valentin.velkov@sap.com> * Introduce 'generateSuccessEvents' flag Signed-off-by: Velkov <valentin.velkov@sap.com> * Unit tests & chart fix Signed-off-by: Velkov <valentin.velkov@sap.com>	2021-06-29 14:43:11 -07:00
Arsh Sharma	fbc80cdfae	adding support for multiple names in match and exclude blocks (#2010 ) * add names in rd struct Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com> * added checking logic Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com> * updated yamls Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com> * wip: fix empty set problem Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com> * working with exclude Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com> * fixing name and names Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com> * added error if both name and names are specified Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com> * added tests Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com> * changed empty set logic, fixed whitespaces and comments Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com> * fix match and exclude bug Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>	2021-06-28 22:31:22 -07:00
shuting	0a13ce9c73	Revert "Fix Helm deployment name issue" (#2070 )	2021-06-24 14:22:34 -07:00
Pooja Singh	54a85c5da1	Merge pull request #2045 from vyankyGH/fix_deployment_name Fix Helm deployment name issue - install kyverno with helm release name != kyverno	2021-06-24 19:19:19 +05:30
treydock	3b1fd912cb	Move log to debug for wildcard pattern matching (#2064 ) Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>	2021-06-23 16:48:09 -07:00
Vyankatesh Kudtarkar	09909a56f2	Merge pull request #2054 from DarthBenro008/fix/2031 add: http/https regex to kyverno CLI	2021-06-23 10:10:25 +05:30
DarthBenro008	e82e7e7596	refactor: fix minor typos Signed-off-by: DarthBenro008 <hkpdev008@gmail.com>	2021-06-23 00:37:41 +05:30
vivek kumar sahu	faa88699af	fix typo in policy struct (#1992 ) * Updates L-30 Signed-off-by: viveksahu26 vivekkumarsahu650@gmail.com Signed-off-by: viveksahu26 <vivekkumarsahu650@gmail.com> * compile the code using Signed-off-by: viveksahu26 <vivekkumarsahu650@gmail.com>	2021-06-22 10:03:15 -07:00
DarthBenro008	c32526f109	fix: add http/https regex to kyverno CLI Signed-off-by: DarthBenro008 <hkpdev008@gmail.com>	2021-06-22 18:48:23 +05:30
Arsh Sharma	86045fc02c	adding support for policies.kyverno.io/scored annotation (#1976 ) * initial commit Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com> * added debug statements Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com> * fixed report Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com> * removed code for debugging Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com> * newline fix Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com> * fix default case Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>	2021-06-21 18:37:20 -07:00
Pooja Singh	e677e91679	Merge pull request #2024 from NoSkillGirl/2023/CLI_should_validate_all_resources added loop for namespace to validate all the resources	2021-06-19 12:55:13 +05:30
vyankatesh	4f3a780cc4	fix issue	2021-06-17 20:49:28 +05:30
shuting	65975a8b65	Enable webhooks configuration via Helm (#2032 ) * helm - enable configurations of webhooks Signed-off-by: Shuting Zhao <shutting06@gmail.com> * retry on update failure Signed-off-by: Shuting Zhao <shutting06@gmail.com> * update Readme Signed-off-by: Shuting Zhao <shutting06@gmail.com> * address lint errors Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-06-16 23:29:07 -07:00
Pooja Singh	fec236c365	Merge pull request #3 from NoSkillGirl/master sync with master	2021-06-16 09:40:04 +05:30
NoSkillGirl	e40cd614de	fixing reviewdog error Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-06-16 09:19:58 +05:30
NoSkillGirl	3c1cb89249	seperating code for get resources Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-06-16 08:17:31 +05:30
NoSkillGirl	4d574a7846	removed cluster function Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-06-16 08:12:03 +05:30
NoSkillGirl	f42aff1a42	code optimization Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-06-16 07:56:08 +05:30
shuting	6d5e988ebe	BugFix - update the annotation lastRequestTimestamp from active instances (#2019 ) * fix webhook monitor - inactive instance did not get latest request timestamp Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add checks for registered webhook configs Signed-off-by: Shuting Zhao <shutting06@gmail.com> * update veridy_deployment.sh Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add debug steps in e2d workflow Signed-off-by: Shuting Zhao <shutting06@gmail.com> * fix CI errors Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-06-15 18:39:22 -07:00
NoSkillGirl	b8ada99d50	trying to change the way resource is stored in map Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-06-15 23:35:22 +05:30
NoSkillGirl	09b1592f11	added loop for namespace Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-06-15 18:14:51 +05:30
shuting	fa419439ec	fix merge eror (#2016 ) Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-06-14 15:50:34 -07:00
Shuting Zhao	2abeb9dda7	fix prometheus panics Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-06-14 13:42:57 -07:00
shuting	6f07ea407f	Customize namespaceSelector of Webhookconfigurations (#2003 ) * customize namespaceSelector of webhook configurations from configMap Signed-off-by: Shuting Zhao <shutting06@gmail.com> * update webhook configurations base on UPDATEs of Kyverno ConfigMap Signed-off-by: Shuting Zhao <shutting06@gmail.com> * register webhook configurations with the namespaceSelector from ConfigMap Signed-off-by: Shuting Zhao <shutting06@gmail.com> * address golint comment Signed-off-by: Shuting Zhao <shutting06@gmail.com> * validate webhooks config format Signed-off-by: Shuting Zhao <shutting06@gmail.com> * fix NotDefined scenario Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-06-14 13:01:40 -07:00
Vineeth Reddy	34cf44a857	improve log message for generate policies (#1993 ) Signed-off-by: vineethvanga18 <reddy.8@iitj.ac.in>	2021-06-10 12:48:26 -07:00
Arsh Sharma	7e9be24d90	updating minio verison (#1956 )	2021-06-09 19:16:26 -07:00
Vyankatesh Kudtarkar	9d00348a52	Fix: mutate policies kept applying to these terminating Pods (#1978 ) * Fix Dev setup * Fix mutate policies kept applying to these terminating Pods * fix patch resource issue Co-authored-by: vyankatesh <vyankatesh@neualto.com>	2021-06-09 18:34:10 -07:00
Vineeth Reddy	6d2cb87370	change min support kubernetes version to 1.16 for kyverno 1.4 (#1935 ) * change min support kubernetes version to 1.16 for kyverno 1.4 Signed-off-by: vineethvanga18 <reddy.8@iitj.ac.in> * migrate deployment to apps/v1 Signed-off-by: vineethvanga18 <reddy.8@iitj.ac.in>	2021-06-08 13:14:28 -07:00
shuting	e9a972a362	feat: HA (#1931 ) * Fix Dev setup * webhook monitor - start webhook monitor in main process Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add leaderelection Signed-off-by: Jim Bugwadia <jim@nirmata.com> * - add isLeader; - update to use configmap lock Signed-off-by: Shuting Zhao <shutting06@gmail.com> * - add initialization method - add methods to get attributes Signed-off-by: Shuting Zhao <shutting06@gmail.com> * address comments Signed-off-by: Shuting Zhao <shutting06@gmail.com> * remove newContext in runLeaderElection Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add leader election to GenerateController Signed-off-by: Jim Bugwadia <jim@nirmata.com> * skip processing for non-leaders Signed-off-by: Jim Bugwadia <jim@nirmata.com> * skip processing for non-leaders Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add leader election to generate cleanup controller Signed-off-by: Jim Bugwadia <jim@nirmata.com> * Gracefully drain request * HA - Webhook Register / Webhook Monitor / Certificate Renewer (#1920) * enable leader election for webhook register Signed-off-by: Shuting Zhao <shutting06@gmail.com> * extract certManager to its own process Signed-off-by: Shuting Zhao <shutting06@gmail.com> * leader election for cert manager Signed-off-by: Shuting Zhao <shutting06@gmail.com> * certManager - init certs by the leader Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add leader election to webhook monitor Signed-off-by: Shuting Zhao <shutting06@gmail.com> * update log message Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add leader election to policy controller Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add leader election to policy report controller Signed-off-by: Shuting Zhao <shutting06@gmail.com> * rebuild leader election config Signed-off-by: Shuting Zhao <shutting06@gmail.com> * start informers in leaderelection Signed-off-by: Shuting Zhao <shutting06@gmail.com> * start policy informers in main Signed-off-by: Shuting Zhao <shutting06@gmail.com> * enable leader election in main Signed-off-by: Shuting Zhao <shutting06@gmail.com> * move eventHandler to the leader election start method Signed-off-by: Shuting Zhao <shutting06@gmail.com> * address reviewdog comments Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add clusterrole leaderelection Signed-off-by: Shuting Zhao <shutting06@gmail.com> * fixed generate flow (#1936) Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * - init separate kubeclient for leaderelection - fix webhook monitor Signed-off-by: Shuting Zhao <shutting06@gmail.com> * address reviewdog comments Signed-off-by: Shuting Zhao <shutting06@gmail.com> * cleanup Kyverno managed resources on stopLeading Signed-off-by: Shuting Zhao <shutting06@gmail.com> * tag v1.4.0-beta1 Signed-off-by: Shuting Zhao <shutting06@gmail.com> * fix cleanup process on Kyverno stops Signed-off-by: Shuting Zhao <shutting06@gmail.com> * bump kind to 0.11.0, k8s v1.21 (#1980) Co-authored-by: vyankatesh <vyankatesh@neualto.com> Co-authored-by: vyankatesh <vyankateshkd@gmail.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Pooja Singh <36136335+NoSkillGirl@users.noreply.github.com>	2021-06-08 12:37:19 -07:00
Vyankatesh Kudtarkar	8eb1d4c7fb	Update variable paths when auto generate the controller rules (#1914 ) * Fix Dev setup * Update variable paths * fix testcase issue Co-authored-by: vyankatesh <vyankatesh@neualto.com>	2021-06-07 13:35:53 -07:00
Yashvardhan Kukreja	a931f8f8f5	added: admission_request_timestamp for kyverno_admission_review_latency_milliseconds and a small fix (#1970 ) Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>	2021-06-07 12:53:13 -07:00
Jim Bugwadia	5dfd16ce44	Merge pull request #1946 from RinkiyaKeDad/1944_more_than_fix fix operator matching with spacing	2021-06-02 23:06:03 -07:00
RinkiyaKeDad	29c6e901ab	added test, removed comment Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>	2021-06-03 11:16:50 +05:30
Pooja Singh	d9ad564989	fixed generate flow (#1948 ) Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-06-02 12:09:48 -07:00
RinkiyaKeDad	e94479717c	fixed spacing problem in operators Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>	2021-06-02 12:16:54 +05:30
Bricktop	d8ad5ba8c8	Remove unneeded fmt error (#1927 ) Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de>	2021-06-01 10:54:21 -07:00
Yashvardhan Kukreja	72aa739395	feat: added kyverno_admission_review_latency_milliseconds metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>	2021-05-24 08:06:40 +05:30
Yashvardhan Kukreja	b8f8a47d8d	feat: added kyverno_policy_rule_execution_latency_milliseconds metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>	2021-05-24 08:06:36 +05:30
Yashvardhan Kukreja	43a138a12b	feat: added kyverno_policy_rule_results_info metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>	2021-05-24 08:05:14 +05:30
Yashvardhan Kukreja	833d097c0a	feat: added kyverno_policy_changes_info metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>	2021-05-16 18:07:32 +05:30
Yashvardhan Kukreja	fea074f493	feat: added kyverno_policy_rule_info_total metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>	2021-05-16 18:07:32 +05:30
Yashvardhan Kukreja	bb80e1b641	added: initial prometheus client setup Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>	2021-05-16 13:06:14 +05:30
Max Goncharenko	158b58f819	Fix `{{@}}` behavior (#1908 ) * fixed {{@}} behavior Signed-off-by: Max Goncharenko <kacejot@fex.net> * removed white space from test Signed-off-by: Max Goncharenko <kacejot@fex.net>	2021-05-13 12:27:45 -07:00
shuting	adcb89a1b5	Update to use gvk to store OpenAPI schema (#1906 ) * bump swagger doc to 1.21.0 Signed-off-by: Shuting Zhao <shutting06@gmail.com> * stores openapi schema by gvk Signed-off-by: Shuting Zhao <shutting06@gmail.com> * fix schema validation in CLI Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add missing resource lists Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add e2e tests Signed-off-by: Shuting Zhao <shutting06@gmail.com> * address review doc comments Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-05-13 12:03:13 -07:00
Vyankatesh Kudtarkar	d48f21f6fd	Fix GVK issue for policy cache (#1904 ) * Fix Dev setup * fix GVK Issue for policy cache Co-authored-by: vyankatesh <vyankatesh@neualto.com>	2021-05-11 12:45:34 -07:00
shuting	62dfab7f96	Removes check for strategicMergePatch in forceMutate (#1898 ) * Pass by value in policy cache Signed-off-by: Shuting Zhao <shutting06@gmail.com> * Removes check for strategicMergePatch in forceMutate Signed-off-by: Shuting Zhao <shutting06@gmail.com> * Removes failed test Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-05-07 18:07:41 -07:00
Yashvardhan Kukreja	6b0334f776	fix: consider policy's namespace as well while report rule results to policyreports (#1897 ) Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>	2021-05-07 16:28:32 -07:00

1 2 3 4 5 ...

1917 commits