1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-18 05:31:07 +00:00
Commit graph

49 commits

Author SHA1 Message Date
Vishal Choudhary
69b2124358
fix(readme): add changelog for spec.validate[*].allowExistingViolations field in kyverno chart ()
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2024-12-05 08:58:47 +00:00
Matthias Weilinger
bb3e7d9ddc
add allowExistingViolations option in policy chart ()
Until now it was not possible to set the allowExistingViolations for predefined policies in the policies chart. By default it should be set to , identical to how it is set up in the CRDs. Not only does this now allow users to set the config according to their needs, but this also solves a problem with ArgoCD. As the CRDs set it to true, but the template does not specifically declare the field, ArgoCD falls into a constant sync loop of trying to remove the field.

Signed-off-by: ProbstenHias <matthias.weilinger@gmx.de>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2024-12-02 09:20:26 +05:30
Caio Begotti
9070334df0
fix(policy chart): fix the merging of policyExclude customizations to avoid wrong overrides ()
Signed-off-by: Caio Begotti <caiobegotti@gmail.com>
2024-11-25 11:48:18 +00:00
Sergey Kiyan
338d2ad473
fix: kubernetes and kyverno version annotations in kyverno-policies helm chart to match installed kyverno release and supported versions from Chart.yaml with override option (kyverno#1165) ()
Signed-off-by: kiyanser <sergey.kiyan@strabag.com>
Co-authored-by: kiyanser <sergey.kiyan@strabag.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-11-20 10:15:03 +00:00
Mariam Fahmy
d9b975129c
fix: use failureAction and failureActionOverrides in validate rules ()
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-09-03 10:04:19 +00:00
Thibaut Vanderhaegen
61969c5225
feat: ability to add custom policies in values file ()
* Ability to add custom policies in values file

Signed-off-by: Thibaut Vanderhaegen <thibaut.vanderhaegen@linkurio.us>

Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: treydock <treydock@gmail.com>
2024-05-29 16:24:36 +00:00
Swastik Gour
141e7d056f
feat: added ability to bump version using in-file editing ()
* added ability to bump version using in-file editing

Signed-off-by: swastik959 <Sswastik959@gmail.com>

* corrected error

Signed-off-by: swastik959 <Sswastik959@gmail.com>

* changed the name and added one

Signed-off-by: swastik959 <Sswastik959@gmail.com>

* added corrections

Signed-off-by: swastik959 <Sswastik959@gmail.com>

* few corrections

Signed-off-by: swastik959 <Sswastik959@gmail.com>

* makefile

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* rm tmp

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* codegen

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* codegen

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: swastik959 <Sswastik959@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-01-31 22:24:56 +08:00
Marco Maurer (-Kilchhofer)
2ee9db072a
fix(policies): Add ability to configure skipBackgroundRequests ()
* fix(policies): Add ability to configure skipBackgroundRequests

Signed-off-by: Marco Maurer <mkilchhofer@users.noreply.github.com>

* fix: Drop trailing spaces to fix CI

Signed-off-by: Marco Maurer <mkilchhofer@users.noreply.github.com>

---------

Signed-off-by: Marco Maurer <mkilchhofer@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-01-27 17:42:22 +00:00
siddhikhapare
060aa7fc05
Update helm docs ()
* Update helm docs

Signed-off-by: siddhikhapare <siddhikhapare77@gmail.com>

* changes added

Signed-off-by: siddhikhapare <siddhikhapare77@gmail.com>

* policy file updated

Signed-off-by: siddhikhapare <siddhikhapare77@gmail.com>

---------

Signed-off-by: siddhikhapare <siddhikhapare77@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-12-11 17:38:26 +00:00
treydock
871d8ed3ca
Add policyKind option to kyverno-policies chart ()
Fixes  

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Co-authored-by: shuting <shuting@nirmata.com>
2023-11-16 17:32:38 +08:00
Vishal Choudhary
a3ef4c6d8c
feat: disable validate maintainer for helm gha ()
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
2023-10-26 12:56:26 +00:00
Charles-Edouard Brétéché
ce66667779
chore: add .helmignore to .helmignore ()
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-08-28 10:57:13 +00:00
treydock
2273529a35
fix(policy chart): Skip DELETE requests on policies using deny statements ()
Fixes 

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Co-authored-by: shuting <shuting@nirmata.com>
2023-07-24 14:29:35 +00:00
zirain
424b98a747
charts: changes validationFailureAction default value ()
* charts: changes validationFailureAction default value

Signed-off-by: hejianpeng <hejianpeng2@huawei.com>

* fix helm docs

Signed-off-by: hejianpeng <hejianpeng2@huawei.com>

---------

Signed-off-by: hejianpeng <hejianpeng2@huawei.com>
2023-06-05 08:58:19 +00:00
Linda Ārende
91d5915f78
fix: replace + with _ in Chart.Version label field ()
Signed-off-by: Linda Arende <lda.ext@velux.com>

Signed-off-by: Linda Arende <lda.ext@velux.com>
Co-authored-by: Linda Arende <lda.ext@velux.com>
2023-01-19 14:59:09 +00:00
shuting
0f332b1885
fix chart invalid annotations ()
Signed-off-by: ShutingZhao <shuting@nirmata.com>

Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-01-10 13:47:17 +00:00
Vishal Choudhary
3624697fdc
Walk back change in PSS policy to send to to_upper ()
* removed to_upper

Signed-off-by: Vishal Choudhary <contactvishaltech@gmail.com>

* additional braces removal

Signed-off-by: Vishal Choudhary <contactvishaltech@gmail.com>

* undo

Signed-off-by: Vishal Choudhary <contactvishaltech@gmail.com>

* changes stated in chart.yaml

Signed-off-by: Vishal Choudhary <contactvishaltech@gmail.com>

Signed-off-by: Vishal Choudhary <contactvishaltech@gmail.com>
2023-01-03 15:13:54 +00:00
cuttingedge1109
5244730f7a
feat: Add default CI test values for helm charts ()
* feat: Add default CI test values for helm charts

Signed-off-by: cuttingedge1109 <jamescarl20190101@outlook.com>

* Bump chart versions

Signed-off-by: cuttingedge1109 <jamescarl20190101@outlook.com>

* Revert version bump following release process

Signed-off-by: cuttingedge1109 <jamescarl20190101@outlook.com>

Signed-off-by: cuttingedge1109 <jamescarl20190101@outlook.com>
Co-authored-by: shuting <shuting@nirmata.com>
2022-12-01 10:39:59 +00:00
Marco Kilchhofer
91adf68602
feat(policies chart): Add ability to set autogen behavior ()
* feat(kyverno-policies): Add ability to set autogen behavior

Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>

* fix(kyverno-policies): Fix missing labels

Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>

* chore: Apply changes from code review

- Update changelog annotations
- Add test

Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>

* Update charts/kyverno-policies/Chart.yaml

Signed-off-by: shuting <shutting06@gmail.com>

* fix: Move test-autogen-none.yaml -> test-autogen-none-values.yaml

Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>

* fix: Run make codegen-helm-all

Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>

Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>
Signed-off-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: shuting <shutting06@gmail.com>
2022-12-01 10:05:56 +00:00
Chip Zoller
b522274d74
updates with case insensitivity guarantee ()
* updates with case insensitivity guarantee

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* fix syntax

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-10-17 07:43:12 +00:00
Chip Zoller
3c70843fdf
Fix background scan with request.operation ()
* update version drop-down

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* Add workflow to detect and report on image vulnerabilities

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* pin deps

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* bump JasonEtco/create-an-issue

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* bump versions in drop-downs

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* fix background mode scan with request.operation

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* Revert "bump versions in drop-downs"

This reverts commit 5fcea048dd.

* Revert "bump JasonEtco/create-an-issue"

This reverts commit f0d44c7aca.

Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
2022-10-13 16:34:49 +00:00
David Young
eb96862cd1
Auto-detect Kyverno version in policies chart ()
* Auto-detect Kyverno version in policies chart

Signed-off-by: David Young <davidy@funkypenguin.co.nz>

* Don't bump chart (another process will do this)

Signed-off-by: David Young <davidy@funkypenguin.co.nz>

* Also don't bump version in README

Signed-off-by: David Young <davidy@funkypenguin.co.nz>

Signed-off-by: David Young <davidy@funkypenguin.co.nz>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-09-02 15:41:02 +00:00
Samuel Torres
b135edf171
chore: Bump helm-docs version to v1.11.0 ()
In order to fix an issue on M1 Macbooks,
see https://github.com/norwoodj/helm-docs/issues/131,
we're bumping the helm-docs tool to the v1.11.0 which fixes
that issue, making the generation of the helm docs to work
again.

Signed-off-by: Samuel Torres <samuelpirestorres@gmail.com>

Signed-off-by: Samuel Torres <samuelpirestorres@gmail.com>
2022-09-01 23:03:14 +00:00
Daniel Schunack
1e5282c707
[Feature] Add ability to get additional policies from restricted ()
* Add includeRestrictedPolicies function
* Add Test Case

Signed-off-by: dschunack <dschunack@web.de>
2022-08-29 17:45:29 +00:00
Daniel Schunack
7b31f456c9
[Feature] Add posibility to set validationFailureAction by Policy ()
* Implement validationFailureActionByPolicy
* Update README.md
* Add artifacthub.io/changes entry
* Add Test Case
Signed-off-by: dschunack <dschunack@web.de>
2022-08-25 15:29:20 +00:00
shuting
7b363612ad
Sync 1.7.3 Helm versions ()
Signed-off-by: ShutingZhao <shuting@nirmata.com>

Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-08-24 14:26:21 +00:00
Tom Stewart
ca3d346fcc
support failurePolicy in kyverno-policies helm chart ()
* support failurePolicy in kyverno-policies helm chart

Signed-off-by: Tom Stewart <thomas.stewart@arcadia.com>
2022-08-09 17:12:27 -04:00
shuting
a190b6ed56
sync Helm versions ()
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-07-25 06:33:51 +00:00
shuting
008b9ab48e
sync release versions ()
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-06-17 09:30:06 +00:00
shuting
d30778eab6
Sync v1.7.0 release manifests ()
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-06-02 11:20:33 +00:00
treydock
ee46e9ed19
Ensure preconditions are present with default values ()
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
2022-05-31 20:39:06 +00:00
treydock
566eae7d94
Fix handling of kyverno-policies version check when port in image tag ()
* Fix handling of kyverno-policies version check when port in image tag
Fixes 

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

* Add release notes for chart

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

* Fix release notes and use splitList

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
2022-05-31 15:02:19 +00:00
Charles-Edouard Brétéché
daddae27b4
fix: add helmignore ()
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Co-authored-by: treydock <tdockendorf@osc.edu>
2022-05-17 18:34:16 +00:00
treydock
0ae671ca7a
Cherry-pick release-1.6 Helm changes ()
* Support releasing kyverno and kyverno-policies chart separately ()

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

* Add DELETE precondition back ()

* Add DELETE precondition back

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

* Add another example and test for 'any'

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

Co-authored-by: shuting <shuting@nirmata.com>
2022-04-27 03:52:45 +00:00
Charles-Edouard Brétéché
81bf12dfab
chore: add support for artifacthub.io/changes in helm charts ()
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Co-authored-by: Jim Bugwadia <jim@nirmata.com>
2022-04-24 13:10:27 -07:00
Charles-Edouard Brétéché
0b717bcecc
chore: add artifacthub operator and prerelease annotations ()
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-04-21 18:29:54 +02:00
treydock
1cfc80d32a
Allow kyverno-policies to have preconditions defined ()
* Allow kyverno-policies to have preconditions defined

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

* Fix docs

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
2022-04-18 17:59:47 +00:00
Prateek Nandle
a0d3f31851
updating version in Chart.yaml ()
* updatimg version in Chart.yaml

Signed-off-by: Prateeknandle <prateeknandle@gmail.com>

* changes from, make gen-helm

Signed-off-by: Prateeknandle <prateeknandle@gmail.com>

Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
2022-04-18 15:37:18 +00:00
Charles-Edouard Brétéché
c84939df00
chore: drop helm v2 ()
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-02-28 08:50:39 -05:00
Charles-Edouard Brétéché
b7f6fc81db
feat: gen kyverno-policies helm chart docs ()
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-02-25 16:22:00 +00:00
Charles-Edouard Brétéché
c79b66d3a3
feat: support background mode configuration in kyverno-policies chart ()
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Co-authored-by: shuting <shuting@nirmata.com>
2022-02-24 16:31:51 +00:00
shuting
a970953d51
Sync latest changes to release/install.yaml ()
* sync latest changes to release/install.yaml

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* bump chart versions

Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-02-15 17:24:39 +00:00
treydock
3f1a0bfd6c
Allow setting validationFailureActionOverrides for policies ()
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
2022-02-09 16:24:35 +08:00
treydock
4e0d8ca612
Update kyverno-policies chart with latest pod-security policies ()
* Update kyverno-policies chart with latest pod-security policies
Fixes 
Fixes 

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

* Update README to have better example

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

* Use chart testing during e2e to test against ci values

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

* Fix e2e tests for Helm chart

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

* Fix Kyverno chart testing to actually test values, and fix networkpolicy template

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

* Update README for exclusion

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

* Allow adding 'other' policies via Helm

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

* Update Chart.yaml for kyverno-policies

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

* Bump minimum Kubernetes version in charts

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

* Update kyverno-policies chart readme

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

* Use version that should catch all pre-releases

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

* Use version that should catch all pre-releases (part 2)

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

* Use same logic to get git tag by using Makefile target for updating Helm values

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Prateek Pandey <prateekpandey14@gmail.com>
2022-02-04 14:47:36 +08:00
shuting
326d141a6d
bump chart versions ()
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2022-02-03 09:31:10 +00:00
shuting
04189e450c
bump chart version to release fix for https://github.com/kyverno/kyverno/pull/2655 ()
Signed-off-by: ShutingZhao <shutting06@gmail.com>
2021-11-03 16:15:01 -04:00
Bricktop
b53ec25ca5
Make whitespace consistent in various helm charts ()
Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de>
2021-10-28 23:11:30 -07:00
ShutingZhao
eddd258a40 release v1.5.0-rc1
Signed-off-by: ShutingZhao <shutting06@gmail.com>
2021-10-07 16:04:08 -07:00
treydock
e1daf2085d
Switch Helm CRDs back to kyverno chart and move Policies to dedicated chart ()
* Switch Helm CRDs back to kyverno chart and move Policies to dedicate chart

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

* Fix policies chart labels

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

* Remove README items moved to kyverno-policies chart

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
2021-09-22 13:56:10 -07:00