kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00

Author	SHA1	Message	Date
Charles-Edouard Brétéché	6f4818d724	feat: rework conditions marshaling (#10550 ) * feat: rework conditions marshaling Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-06-27 10:00:02 +03:00
Charles-Edouard Brétéché	e900abf3a0	feat: remove kyverno client v2beta1 (#10543 ) * feat: remove kyverno client v2beta1 Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-06-26 08:48:32 +00:00
Mariam Fahmy	ff88c4c39a	feat: migrate validationFailureAction and validationFailureActionOverrides (#10528 ) * feat: migrate validationFailureAction and validationFailureActionOverrides under validate rule Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * feat: add unit tests Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-06-26 09:13:02 +02:00
shuting	88ae60ea9d	fix: correctly validate patterns for old and new objects (#10310 ) * fix: correctly validate patterns for old and new objects Signed-off-by: ShutingZhao <shuting@nirmata.com> * test: add new scenario to the existing test Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: indention Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: chainsaw tests Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2024-06-25 14:11:34 +00:00
Husni Alhamdani	cd6988d1e2	fix: reset mutable fields orphandownstream (#10478 ) * fix: reset mutable fields orphandownstream Signed-off-by: Husni Alhamdani <dhanielluis@gmail.com> * fix: reset mutable fields orphandownstream Signed-off-by: Husni Alhamdani <dhanielluis@gmail.com> * fix: reset mutable fields orphandownstream Signed-off-by: Husni Alhamdani <dhanielluis@gmail.com> --------- Signed-off-by: Husni Alhamdani <dhanielluis@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2024-06-25 09:24:35 +00:00
Charles-Edouard Brétéché	018d45cb29	feat: add reports circuit breaker (#10499 ) * feat: add reports circuit breaker Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * improve metrics and granularity Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-06-25 11:16:30 +08:00
Mariam Fahmy	94d9bbe73f	chore: use v2 clients for policy exceptions (#10530 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-06-24 16:36:55 +00:00
Mariam Fahmy	e892a0531e	chore: add tests that use spec.webhookConfiguration (#10526 ) * chore: add tests that use spec.webhookConfiguration Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix chainsaw tests Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-06-24 13:40:50 +00:00
Mariam Fahmy	b7bf894fe9	chore: use v2 for exceptions in chainsaw tests (#10529 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-06-24 11:54:57 +00:00
Mariam Fahmy	abe2a2310b	feat: migrate webhookTimeoutSeconds and failurePolicy (#10515 ) * feat: migrate webhookTimeoutSeconds and failurePolicy Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix lint issue Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-06-20 13:04:37 +00:00
Charles-Edouard Brétéché	b36a2ecdcc	feat: bump update request api version (#10508 ) * feat: bump update request api version Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * use v2 Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix linter Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix linter Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-06-20 09:44:43 +00:00
Charles-Edouard Brétéché	a5254f7344	feat: remove old intermediate reports types (#10504 ) * feat: remove old ephemeral reports types Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * helm Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-06-19 19:54:43 +00:00
Mariam Fahmy	88d1063647	chore: use mutateExistingOnPolicyUpdate under mutate rule in chainsaw tests (#10507 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-06-19 18:16:46 +02:00
Mariam Fahmy	9285006f7a	feat: add mutateExistingOnPolicyUpdate field under the mutate rule (#10461 ) * fix Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * feat: add mutateExistingOnPolicyUpdate field under the mutate rule Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-06-19 09:29:19 +00:00
Charles-Edouard Brétéché	6e1def1004	feat: remove v1alpha2 group/version (#10500 ) * feat: remove v1alpha2 group Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-06-19 08:08:15 +00:00
Vishal Choudhary	334594c128	feat: add support for cosign experimental OCI 1.1 signatures (#10228 ) * feat: add support for cosign experimental OCI 1.1 signatures Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: remove unrelated changes Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: linter Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: requested changes Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-06-18 23:03:53 +00:00
Charles-Edouard Brétéché	d75d19ab3d	fix: use generate name for admission reports (#10491 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-06-17 17:54:04 +00:00
Charles-Edouard Brétéché	7f57b9618a	feat: cleanup v2alpha1 kyverno api (#10457 ) * feat: cleanup v2alpha1 kyverno api Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: webhook Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2024-06-14 09:39:36 +00:00
Mariam Fahmy	846439b13e	feat: add generateExisting field under the generate rule (#10441 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-06-13 13:41:46 +00:00
shuting	fe8c429e78	fix: avoid creating duplicate urs for background policies (#10431 ) * feat: add generator abstraction Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: replace urgenerator Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: ko build Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: load threshold from kyverno configmap Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: add metadata client to get ur count Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: add helm option to preserve configmap settings during upgrade Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: add helm option to preserve configmap settings during upgrade 2 Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: rename imports Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: update codegen manifests Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: handle nil value Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: linter issue Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: update threshold to 1000 Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: avoid duplicate URs creation Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: revert false changes Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: simplify background applications Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2024-06-12 15:23:53 +00:00
shuting	9e5c297dcf	feat: add a circuit breaker for updaterequests (#10382 ) * feat: add generator abstraction Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: replace urgenerator Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: ko build Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: load threshold from kyverno configmap Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: add metadata client to get ur count Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: add helm option to preserve configmap settings during upgrade Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: add helm option to preserve configmap settings during upgrade 2 Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: rename imports Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: update codegen manifests Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: handle nil value Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: linter issue Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: update threshold to 1000 Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2024-06-11 08:54:51 +00:00
Vishal Choudhary	2104171b4f	fix: add verbosity to background scanner log (#10404 ) Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2024-06-06 13:51:01 +02:00
Khaled Emara	b834bc0164	fix(gctx): returning old error (#10398 ) Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-06-05 19:35:42 +00:00
mohamedasifs123	97327fd31c	Fix : failed to parse BACKGROUND_SCAN_INTERVAL log message wrong (#9933 ) * Update policy_controller.go Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> Signed-off-by: mohamedasifs123 <asifabu272@gmail.com> * Update policy_controller.go Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> Signed-off-by: mohamedasifs123 <asifabu272@gmail.com> * Update policy_controller.go Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> Signed-off-by: mohamedasifs123 <asifabu272@gmail.com> * Update policy_controller.go -s Signed-off-by: mohamedasifs123 <asifabu272@gmail.com> * Update policy_controller.go Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> Signed-off-by: mohamedasifs123 <asifabu272@gmail.com> * Update policy_controller.go Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> Signed-off-by: mohamedasifs123 <asifabu272@gmail.com> --------- Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> Signed-off-by: mohamedasifs123 <asifabu272@gmail.com> Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-06-05 10:05:31 +00:00
shuting	5260b4f7bc	chore: bump k8s libs to 0.30 (#10285 ) * chore: bump k8s libs to 0.30 Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: update crds Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: bump kubectl-validate Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: fix tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: fix panic Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: fix linter Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: bump k8s Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix sum Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: indent Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: bump deps Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-06-04 15:09:44 +08:00
JenTing	3e37f80f87	Fix typo (#10360 ) Signed-off-by: JenTing Hsiao <hsiaoairplane@gmail.com>	2024-06-02 06:50:40 +00:00
Mariam Fahmy	c46cb06d95	fix: remove unused parameters (#10330 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-05-29 23:29:24 +00:00
Vishal Choudhary	47adea6f1c	feat: add support for background scanning of existing resource in image verification (#10287 ) * feat: add support for background scanning of existing resource in image verification Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: change rule response type to image verify Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * chore: fix nilptr reference Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2024-05-24 09:41:04 +00:00
Khaled Emara	ed4eb9666a	fix(anchor): skip anchors don't have priority (#10206 ) * fix(anchor): give priority to skip anchors Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * test(anchor): conditional anchor with a failing sibling Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * test(anchor): conditional anchor mixed with other results Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(anchor): successful anchor with a skip anchor Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> --------- Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2024-05-22 09:04:14 +00:00
Mariam Fahmy	57b2c5fe4f	fix: add a copy method to the policy context (#10236 ) * fix: add a copy method to the policy context Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * chore: add a CLI test Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * chore: remove mutate changes Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-05-21 15:29:09 +00:00
shuting	e58d7120c6	fix: sort webhookconfig.operations (#10274 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2024-05-21 13:22:08 +00:00
shuting	84e0ced314	fix: webhook config set (#10262 ) * tests: add unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: merge operations map correctly Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2024-05-21 08:33:59 +00:00
Mariam Fahmy	59ff771ae8	fix: process the matched resources only for mutate existing policies (#10164 ) * fix: process the matched resources only for mutate existing policies Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix lint issue Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * chore: add unit tests Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2024-05-20 12:40:53 +00:00
shuting	fb9c66f455	feat(perf): add new linter `prealloc` to enforce slice declarations best practice (#10250 ) * feat(perf): add new linter prealloc to enforce slice declarations best practice Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix(linter): prealloac slices Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2024-05-20 14:46:35 +05:30
Jim Bugwadia	46e5d818b1	truncate event messages to 1024 chars (#10255 )	2024-05-20 08:16:30 +00:00
Vishal Choudhary	3af0e461f0	fix: deepcopy patched resource in foreach mutate (#10252 ) * fix: deepcopy patched resource to avoid indirect reversal of its elements Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: copy elements while reversing Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: copy resources inside foreach Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * add test Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add test Signed-off-by: Jim Bugwadia <jim@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2024-05-20 14:45:21 +08:00
shuting	37af1f83a7	fix: isolate reports creation context (#10245 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2024-05-16 15:58:38 +03:00
Mariam Fahmy	900bf48ecf	fix: skip generating VAPs in case namespace's name contains wildcards (#10205 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-05-10 14:19:10 +00:00
Mariam Fahmy	6fec52436a	fix: generate VAPs that match all resources when kinds is set to * (#10208 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-05-09 06:46:10 +00:00
Mariam Fahmy	60e347bedb	feat: support generating VAPs in case of matching resources in specific namespaces (#9981 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2024-05-08 11:09:47 +00:00
Mariam Fahmy	3fa6a8d34e	fix: add resourceNames field in the generated VAPs (#10187 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-05-07 12:19:12 +00:00
Mariam Fahmy	f291407ca9	fix: skip generating VAPs for policies that match multiple resources with a namespace/object selector (#10181 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-05-06 21:52:22 +08:00
Khaled Emara	21602a1e1f	fix(polex): multiple polexes with conditions (#9994 ) Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-05-06 10:28:39 +00:00
Mariam Fahmy	8805620574	fix: add CONNECT operation in the webhook config for pod/exec subresource (#9855 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-05-06 09:51:46 +00:00
Mariam Fahmy	cd33b84a62	fix: add pods/ephemeralcontainers to the generated VAPs (#10162 ) * fix: add pods/ephemeralcontainers to the generated VAPs Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix: remove an extra space Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-05-06 08:29:55 +00:00
Vishal Choudhary	c403a498a3	fix: add error check in jmespath type conversion in context variables (#10152 ) * fix: add error check in jmespath type conversion in context variables Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix(lint): new line in tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: properly update path variable Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: remove log statemet Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2024-05-01 04:30:34 +00:00
Norwin Schnyder	5d50022f43	fix: skip rules without operation in resource webhook creation (#10146 ) * fix: skip rules without operation in resource webhook creation Signed-off-by: Norwin Schnyder <norwin.schnyder+github@gmail.com> * test: add unit test for buildRulesWithOperations Signed-off-by: Norwin Schnyder <norwin.schnyder+github@gmail.com> * fix liniting issues Signed-off-by: Norwin Schnyder <norwin.schnyder+github@gmail.com> --------- Signed-off-by: Norwin Schnyder <norwin.schnyder+github@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2024-04-30 17:05:44 +00:00
Vishal Choudhary	e66a550560	fix: fetch only adopted ephemeral report (#10148 ) Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2024-04-30 15:17:24 +00:00
Khaled Emara	c9d821ee72	fix: shared policy context needs to be copied (#10139 ) * fix: shared policy context needs to be copied Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * test(e2e): concurrent PSS execution Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * test(e2e): wait for pss policies to be ready Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> --------- Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2024-04-30 14:05:33 +00:00
shuting	96ffbadd77	fix: sort pod controllers for autogen rule (#10140 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2024-04-30 12:26:12 +00:00
Mariam Fahmy	77f1f97f6e	chore: remove a package that is imported twice (#10101 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-04-29 10:40:39 +00:00
Mariam Fahmy	798950f72c	fix: return skip when celPreconditions/matchConditions aren't met (#9940 ) * fix: return skip when cel preconditions aren't met Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix test Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix: return skip when matchConditions in VAPs aren't met Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-04-22 13:49:25 +00:00
Shubham Singh	dbc12ac2be	[Bug] Enabling many-to-one comparisons for `AnyNotIn` operator (#9462 ) * added cases for int, float Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com> * added bool as well Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com> * added tests Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com> * some more tests Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com> * go fmt Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com> * fixed the failing test cases Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com> --------- Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2024-04-22 12:12:08 +00:00
NeuroticalT	370abe257e	Fix: metrics exposure inconsistencies and unwanted side-effects (#10016 ) * Change: metrics exposure improvement Signed-off-by: Tamas Eger <tamas.eger@instructure.com> * Fix: addressing linter errors Signed-off-by: Tamas Eger <tamas.eger@instructure.com> * Fix: unit test assert failure Signed-off-by: Tamas Eger <tamas.eger@instructure.com> --------- Signed-off-by: Tamas Eger <tamas.eger@instructure.com> Co-authored-by: Tamas Eger <tamas.eger@instructure.com>	2024-04-22 07:33:04 +00:00
Mariam Fahmy	ea64529e63	fix: evaluate namespaceObject for Kyverno policies in the CLI (#9977 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-04-19 10:55:41 +00:00
Mariam Fahmy	e91b80a600	fix: evaluate namespaceObject for VAPs in the CLI (#9978 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-04-19 10:20:03 +00:00
Mariam Fahmy	f98d7d86b3	refactor: add a function to check if VAPs are registered in the API server (#10014 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-04-17 10:01:00 +00:00
Vishal Choudhary	3db5bdfad8	fix: add mutex to mock policy context builder (#10057 ) It is possible that two different threads call the build function at the same time causing one append to be lost, this PR adds a mutex to avoid this Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2024-04-17 09:13:19 +00:00
Khaled Emara	fb40aa5f38	feat(audit): use a worker pool for Audit policies (#10048 ) * enhancement: split validation logic for enforce and audit policies to return admission response earlier Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: add missing file Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: linter issues Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: get latest policy object before updating status Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: remove debug code Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: compare before updates Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: initial reconcile Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: updates Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat(audit): use a worker pool for Audit policies Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix: unit test Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix(attempt): spin up go routine Signed-off-by: ShutingZhao <shuting@nirmata.com> * feat: add flags maxAuditWorkers, maxAuditCapacity Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: enable debug log on failure Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: wait group panic Signed-off-by: ShutingZhao <shuting@nirmata.com> * load-tests: add stess tests configurations Signed-off-by: ShutingZhao <shuting@nirmata.com> * load-tests: disable admissionreports Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: build policy contexts syncronously Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: only run generate and mutate existing go routines when policies are present Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: mutate and verify tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: return early if no audit policy Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: run handlegenerate and mutate existing in all cases Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: only test bgapplies in generate test Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: defer wait in tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * enhancement: process validate enforce in a go routine Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2024-04-17 15:46:18 +08:00
shuting	3e7a7ac244	fix: policy status reconciliation (#10032 ) * fix: get latest policy object before updating status Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: remove debug code Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2024-04-12 07:08:15 +00:00
Mariam Fahmy	39da5bd927	fix: re-use the maxQueuedEvents (#10024 ) * fix: re-use the maxQueuedEvents Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix: use the apierrors.IsNotFound instead of checking a specfic error msg Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2024-04-10 15:41:22 +08:00
shuting	6416d8600e	chore: bump to go 1.22.2 (#10001 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2024-04-08 09:30:05 +00:00
Khaled Emara	c9055ac2ff	fix(autogen): only generate rule for request kind (#9984 ) * fix(autogen): only generate rule for request kind Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * feat(autogen): use jsoniter instead of std for json Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(atogen): use sets instead of manipulating strings Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(autogen): formatting linter Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(autogen): backwards compatability Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * revert(autogen): old behavior Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix: builds error Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: ShutingZhao <shuting@nirmata.com>	2024-04-04 08:09:30 +00:00
Charles-Edouard Brétéché	c241cfce44	fix: polex matching code (#9955 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-04-03 18:56:48 +00:00
Vishal Choudhary	83f2846572	feat: add TSA cert chain support in cosign (#9961 ) * feat: add TSA cert chain support in cosign Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: add chainsaw test Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: add unit test Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: unit tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2024-03-30 20:50:07 +00:00
Vishal Choudhary	912364293c	fix: cosign ctlog unit tests (#9970 ) Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2024-03-29 16:49:11 +00:00
Vishal Choudhary	93eac3f7a4	fix: deferred loader panic when mutate and generate policies are applied (#9935 ) * fix: deferred loader panic when mutate and generate policies are applied Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: update policies Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * remove clusterrolebinding Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: copy only json context Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: polctx Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2024-03-29 14:37:15 +01:00
Vishal Choudhary	1a1954002f	fix: add rekor opts to cosign certificate verification and make rekor url optional (#9957 ) * fix: add rekor opts to cosign certificate verification and make rekor url optional Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: linter Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2024-03-28 18:17:24 -07:00
Charles-Edouard Brétéché	76bd67739a	fix: polex mem footprint (#9954 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-03-28 09:31:40 +00:00
Charles-Edouard Brétéché	4438b24b69	refactor: exception selector interface (#9907 ) * refactor: exception selector interface Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2024-03-28 08:03:01 +00:00
Charles-Edouard Brétéché	ad62014b33	chore: simplify getting exception name (#9916 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-03-15 15:02:57 +00:00
Khaled Emara	429e84be10	fix(globalcontext): panics and validation (#9903 )	2024-03-14 16:12:39 +00:00
Vishal Choudhary	f2833861f8	fix: properly update policy context after preexisting resource in violation check (#9893 ) * fix: properly update policy context after preexisting resource in violation check Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * chore: remove all copy function usages Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * chore: nit Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * refactor context resource swap Signed-off-by: Jim Bugwadia <jim@nirmata.com> * feat: chainsaw tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: test: Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: logger panic Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: copy cover policycontext Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: ShutingZhao <shuting@nirmata.com>	2024-03-13 16:24:53 +00:00
Jim Bugwadia	5e69204c99	add unit test (#9894 ) * add unit test Signed-off-by: Jim Bugwadia <jim@nirmata.com> * revert change Signed-off-by: Jim Bugwadia <jim@nirmata.com> --------- Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2024-03-13 17:09:30 +08:00
Arnaud Tournier	1e09f22e59	give public access to PreProcessPattern (#9887 ) Signed-off-by: Arnaud Tournier <ltearno@gmail.com>	2024-03-12 09:25:00 +00:00
Jim Bugwadia	befcd73ea1	add control names and images to PSS results (#9869 ) * add control names and images to PSS results Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove init Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix tets Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update chainsaw tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add unit test Signed-off-by: Jim Bugwadia <jim@nirmata.com> --------- Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2024-03-11 09:32:05 +00:00
Khaled Emara	b9fc1e3d50	chore(apicall): remove duplicate code (#9880 ) Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>	2024-03-11 15:30:29 +08:00
Suruchi Kumari	26df05d8c1	[Bug] [CLI] PSS report does not show properties with control details (#9785 ) * add properties in pss report Signed-off-by: GitHub <noreply@github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove tests Signed-off-by: GitHub <noreply@github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix Signed-off-by: GitHub <noreply@github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix lint Signed-off-by: GitHub <noreply@github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore: move chainsaw config at the root of the repo (#9768) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump svenstaro/upload-release-action from 2.7.0 to 2.9.0 (#9767) Bumps [svenstaro/upload-release-action](https://github.com/svenstaro/upload-release-action) from 2.7.0 to 2.9.0. - [Release notes](https://github.com/svenstaro/upload-release-action/releases) - [Changelog](https://github.com/svenstaro/upload-release-action/blob/master/CHANGELOG.md) - [Commits](`1beeb572c1...04733e069f`) --- updated-dependencies: - dependency-name: svenstaro/upload-release-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add test Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fill properties field in test Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove unwanted folders Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remote gitpod file Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix: remove unnecessary podSecurity chainsaw test (#9791) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix: remove unnecessary validation check for podSecurity rule (#9790) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update versions (#9783) Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore: add tests for exceptions in the CLI (#9781) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump go.opentelemetry.io/otel/sdk/metric (#9799) Bumps [go.opentelemetry.io/otel/sdk/metric](https://github.com/open-telemetry/opentelemetry-go) from 1.23.1 to 1.24.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.23.1...v1.24.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/sdk/metric dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc (#9797) Bumps [go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc](https://github.com/open-telemetry/opentelemetry-go) from 1.23.1 to 1.24.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.23.1...v1.24.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump codecov/codecov-action from 4.0.1 to 4.0.2 (#9794) Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.0.1 to 4.0.2. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](`e0b68c6749...0cfda1dd0a`) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump go.opentelemetry.io/otel/exporters/prometheus (#9796) Bumps [go.opentelemetry.io/otel/exporters/prometheus](https://github.com/open-telemetry/opentelemetry-go) from 0.45.2 to 0.46.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/example/prometheus/v0.45.2...example/prometheus/v0.46.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/prometheus dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace (#9795) Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace](https://github.com/open-telemetry/opentelemetry-go) from 1.23.1 to 1.24.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.23.1...v1.24.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * changes Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc (#9798) Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc](https://github.com/open-telemetry/opentelemetry-go) from 1.23.1 to 1.24.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.23.1...v1.24.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump codecov/codecov-action from 4.0.2 to 4.1.0 (#9811) Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.0.2 to 4.1.0. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](`0cfda1dd0a...54bcd8715e`) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp (#9809) Bumps [go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp](https://github.com/open-telemetry/opentelemetry-go-contrib) from 0.48.0 to 0.49.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.48.0...zpages/v0.49.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump golang.org/x/crypto from 0.19.0 to 0.20.0 (#9810) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.19.0 to 0.20.0. - [Commits](https://github.com/golang/crypto/compare/v0.19.0...v0.20.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix lint Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix(globalcontext): old WaitGroup not stopping (#9813) * fix(globalcontext): old waitgroup not stopping Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): add AGE Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * feat(globalcontext): add lastRefreshTime Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): unhandled intormer run exception Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): comment wording Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): codegen Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): linter Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> --------- Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add empty declaration of properties Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add changes Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix: add podSecurity validation checks for exceptions (#9817) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump github.com/sigstore/sigstore from 1.8.1 to 1.8.2 (#9825) Bumps [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](https://github.com/sigstore/sigstore/compare/v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault (#9821) Bumps [github.com/sigstore/sigstore/pkg/signature/kms/hashivault](https://github.com/sigstore/sigstore) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](https://github.com/sigstore/sigstore/compare/v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/hashivault dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/azure (#9823) Bumps [github.com/sigstore/sigstore/pkg/signature/kms/azure](https://github.com/sigstore/sigstore) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](https://github.com/sigstore/sigstore/compare/v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/azure dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump kyverno/action-install-chainsaw from 0.1.6 to 0.1.7 (#9832) Bumps [kyverno/action-install-chainsaw](https://github.com/kyverno/action-install-chainsaw) from 0.1.6 to 0.1.7. - [Release notes](https://github.com/kyverno/action-install-chainsaw/releases) - [Commits](`204730d723...3bf0752f44`) --- updated-dependencies: - dependency-name: kyverno/action-install-chainsaw dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump aquasecurity/trivy-action from 0.17.0 to 0.18.0 (#9831) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.17.0 to 0.18.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](`84384bd6e7...062f259268`) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/gcp (#9830) Bumps [github.com/sigstore/sigstore/pkg/signature/kms/gcp](https://github.com/sigstore/sigstore) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](https://github.com/sigstore/sigstore/compare/v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * [Bug] [CLI] Restore warn-exit-code functionality for apply command (#9828) * Restore warn-exite-code functionality for apply command Signed-off-by: Matt Veitas <mveitas@gmail.com> * Nove error handling Signed-off-by: Matt Veitas <mveitas@gmail.com> * Uncomment println statement Signed-off-by: Matt Veitas <mveitas@gmail.com> * Fixing linting Signed-off-by: Matt Veitas <mveitas@gmail.com> * Adding conformance tets for cli apply command with warn-exit-code Signed-off-by: Matt Veitas <mveitas@gmail.com> * Update path to kubectl-kyverno binary Signed-off-by: Matt Veitas <mveitas@gmail.com> * Add prepare-cli as needed dependency Signed-off-by: Matt Veitas <mveitas@gmail.com> * feat: install kubectl-kyverno in standard conformance tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: update chainsaw config Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: move CLI chainsaw tests to a separate action Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: CLI path Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: name Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: add chainsaw flag '--no-cluster' Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: CLI name Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: Matt Veitas <mveitas@gmail.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: shuting <shuting@nirmata.com> Co-authored-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/aws (#9822) Bumps [github.com/sigstore/sigstore/pkg/signature/kms/aws](https://github.com/sigstore/sigstore) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](https://github.com/sigstore/sigstore/compare/v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/aws dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove comment and shift line 91 Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * modify test Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * added rseperate function for adding properties in result Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add test for pss report Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove comments Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix: remove duplicate chainsaw tests for PSA (#9835) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * modify policy Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * modify policy in test_dta Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * docs: Add new adopter to ADOPTERS.md (#9841) Signed-off-by: Younsung Lee <cysl@kakao.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix: use gcr crane opts while fetching image descriptors (#9838) Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix: add missing unit tests for podSecurity.hostpathVolume check (#9845) * fix: add missing unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: update pinned lib Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: uncomment code Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix: release CRDs manifests (#9849) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#9842) Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.8.4...v1.9.0) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix name access for policy types Signed-off-by: Jim Bugwadia <jim@nirmata.com> * modify pkg report Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * modify name Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add bindings Signed-off-by: Jim Bugwadia <jim@nirmata.com> * Revert "add bindings" This reverts commit c616c11d9bb4dd0554104025fcfb9cf9e25dc02d. Signed-off-by: Jim Bugwadia <jim@nirmata.com> * revert add bindings Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update chainsaw Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update name Signed-off-by: Jim Bugwadia <jim@nirmata.com> * Revert "update name" This reverts commit 84de45b4ce1c5f94d8cbd0a66e893c7907f4a600. Signed-off-by: Jim Bugwadia <jim@nirmata.com> * simplify results Signed-off-by: Jim Bugwadia <jim@nirmata.com> --------- Signed-off-by: GitHub <noreply@github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Signed-off-by: Matt Veitas <mveitas@gmail.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: shuting <shuting@nirmata.com> Signed-off-by: Younsung Lee <cysl@kakao.com> Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Khaled Emara <khaled.emara@nirmata.com> Co-authored-by: Matt Veitas <mveitas@gmail.com> Co-authored-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Younsung Lee <cysl@kakao.com> Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2024-03-07 13:54:00 -08:00
shuting	bc2f50ae13	fix: add missing unit tests for podSecurity.hostpathVolume check (#9845 ) * fix: add missing unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: update pinned lib Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: uncomment code Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2024-03-04 15:23:06 +00:00
Vishal Choudhary	cc7934f42a	fix: use gcr crane opts while fetching image descriptors (#9838 ) Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2024-03-04 08:14:00 +00:00
Mariam Fahmy	07a6bf42f5	fix: add podSecurity validation checks for exceptions (#9817 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-02-28 08:21:10 +00:00
Khaled Emara	511df7a466	fix(globalcontext): old WaitGroup not stopping (#9813 ) * fix(globalcontext): old waitgroup not stopping Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): add AGE Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * feat(globalcontext): add lastRefreshTime Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): unhandled intormer run exception Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): comment wording Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): codegen Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): linter Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> --------- Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>	2024-02-27 18:24:39 +00:00
Mariam Fahmy	103cd460d0	fix: remove unnecessary validation check for podSecurity rule (#9790 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-02-26 06:56:51 +00:00
Vaibhav Mewada	ea48bdeb31	changed the log level in match policy context (#9626 ) Signed-off-by: Vaibhav Mewada <vaibhav@zoop.one> Co-authored-by: Vaibhav Mewada <vaibhav@zoop.one> Co-authored-by: shuting <shuting@nirmata.com>	2024-02-23 11:13:55 +00:00
Khaled Emara	2b2587469d	feat: enhance global context (#9710 ) * feat(globalcontext): add event handling Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * feat(globalcontext): handle cache sync error Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * feat(globalcontext): ensure api is called during init Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * design(events): decouple events from policies a bit Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * feat(globalcontext): use status Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): make status optional Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): status update Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): codegen Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): delete yaml annotations Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): fix status in tests Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcotext): update enqueue func Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): error Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): rbac Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): retry logic Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): unknown api call in test Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * bump Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix: set unique name for each testing resource Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: update readme Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: log msg Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: add delays Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: delay gctce creation Signed-off-by: ShutingZhao <shuting@nirmata.com> * debug: check Kyverno status Signed-off-by: ShutingZhao <shuting@nirmata.com> * debug: update chainsaw config Signed-off-by: ShutingZhao <shuting@nirmata.com> * debug: revert chainsaw config Signed-off-by: ShutingZhao <shuting@nirmata.com> * test(globalcontext): print actual status Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): add necessary delays and check status before applying Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * test(globalcontext): long refreshInterval Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * debug: log success Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * debug: print informer data Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): use client instead of informer Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * debug: print status after update Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * debug: print ResourceVersion Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * debug: remove gcecontroller from other controllers Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): update status only once Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore: remove excess logs Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): add store to cleanup controller Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> --------- Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-23 10:34:04 +00:00
shuting	7a93dcdbc9	chore: default logging format to rfc3339 (#9775 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2024-02-23 10:01:42 +00:00
Mariam Fahmy	956b403c7e	fix: add validation check for podSecurity subrule (#9770 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-02-23 15:16:53 +08:00
Mariam Fahmy	2a277a01c4	feat: apply VAP bindings in CLI apply command in offline mode (#9751 ) * feat: apply VAP bindings in CLI apply command in offline mode Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix lint Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix chainsaw tests Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-02-21 07:52:25 +00:00
mohamedasifs123	d566e9886c	Fix :variables are not getting processed in validation message for "anyPattern" (#9713 ) * Update validate_resource.go Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * Create pod.yaml Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * Create chainsaw-test.yaml Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * Create policy.yaml Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * Update validate_resource.go Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * test Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * test Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * test Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * test Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * Update chainsaw-test.yaml Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * Create README.md Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/variable-substitution-failure-messages/README.md Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com> Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/variable-substitution-failure-messages/README.md Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com> Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/variable-substitution-failure-messages/chainsaw-test.yaml Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com> Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/variable-substitution-failure-messages/README.md Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com> Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> --------- Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>	2024-02-21 07:20:43 +00:00
mohamedasifs123	66f54d8fd6	fix: Policies skipped because of preconditions not met should not be included in admission requests denial responses (#9719 ) * Update block.go Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * Update block.go Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * lint Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * Update block.go Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * test added Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * test Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * test Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * --signoff Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * Create README.md Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * Rename Policy1.yaml to policy-1.yaml Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/check-message-upon-resource-failure/README.md Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com> Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/check-message-upon-resource-failure/README.md Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com> Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/check-message-upon-resource-failure/chainsaw-test.yaml Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com> Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * Rename Policy2.yaml to policy-2.yaml Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * Update chainsaw-test.yaml Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> --------- Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> Co-authored-by: Chip Zoller <chipzoller@gmail.com> Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com> Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2024-02-20 15:42:18 +00:00
Charles-Edouard Brétéché	a1cb4f1c30	fix: remove deprecated imageSignatureRepository flag (#9698 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-08 12:10:29 +00:00
Charles-Edouard Brétéché	7775541b46	fix: reports aggregation (#9697 ) * chore: rename admission to ephemeral in reports aggregation controller Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: reports aggregation Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * second queue Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * cleanup Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * nit Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * flag Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-08 10:36:01 +00:00
Khaled Emara	10258921ac	feat(validation-webhook): validate global context reference (#9678 ) * feat(validation-webhook): validate global context reference Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(validation-webhook): global reference name Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * test(globalcontext): fix tests after valdiation Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(policycache): dont add NotReady Policies Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): rename e2e tests Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): add entry errors Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * test(globalcontext): fix chainsaw test Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> --------- Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>	2024-02-08 07:46:58 +00:00
Suruchi Kumari	704c6722ec	[Bug] Fix message and formatting of podSecurity validation failure with restrictedField (#9658 ) * fix format Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> * fix test Signed-off-by: GitHub <noreply@github.com> --------- Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: GitHub <noreply@github.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-08 12:16:23 +08:00
Charles-Edouard Brétéché	6f440ab6c0	chore: rename admission to ephemeral in reports aggregation controller (#9690 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-07 10:29:56 +00:00
Charles-Edouard Brétéché	64176cdbea	fix: don't delete garbage collected policy reports (#9679 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-07 07:10:51 +00:00
Charles-Edouard Brétéché	f1c81dbc69	feat: remove admission controller (#9677 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-07 06:20:35 +00:00
Khaled Emara	1eda4789d1	test(globalcontext): add e2e tests (#9661 ) * fix(globalcontext): validation Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): use existence instead of ready for now Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): improve not ready error message Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): allow any APICall Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): prevent double marshal Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * test(globalcontext): add e2e tests Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): move vaildation to OpenAPI V3 Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> --------- Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2024-02-06 17:03:32 +00:00
Khaled Emara	8a4d9941de	feat: add globalcontext loader and interface (#9602 ) * feat(globalcontext): add interface Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): package import path Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * design(contextloader): move globalcontext from Load to init Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): remove pointer Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * design(globalcontext): create specific Store Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-05 11:24:37 +00:00
Charles-Edouard Brétéché	b532525321	fix: global context crd improvements (#9621 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-02 17:42:20 +00:00
Vishal Choudhary	3142af64a0	feat: add global context entry validation webhook (#9619 ) * feat: add global context entry validation webhook Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: use `k8s.io/apimachinery/pkg/util/json` instead of `encoding/json` Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: lint Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2024-02-02 18:04:50 +01:00
Charles-Edouard Brétéché	2b712107d2	feat: consider maxAPICallResponseLength (#9620 ) * chore: move global context package out of engine Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: consider maxAPICallResponseLength Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-02 15:35:57 +00:00
Charles-Edouard Brétéché	b59353c657	chore: move global context package out of engine (#9618 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-02 14:35:24 +00:00
Vishal Choudhary	10ae9e306c	feat: update refreshInterval in globalcontext CRD to use a duration (#9615 )	2024-02-02 12:06:51 +00:00
Khaled Emara	226fa9515a	feat: add globalcontext controller (#9601 ) * feat: add globalcontext controller Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * rework controller Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * rbac Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * cmd Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix rbac Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * engine Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * k8s resources Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * k8s resource Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * resync zero Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * api call Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * api call Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * clean Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix linter Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-02 10:41:35 +00:00
Mariam Fahmy	3510998d4f	feat: Support CEL expression warnings (#9566 ) * feat: support CEL expression warnings Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix: allow the policy creation but return warnings to the API server Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix tests Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: ShutingZhao <shuting@nirmata.com>	2024-02-02 10:04:02 +00:00
shuting	5f0d53fe34	feat: apply `.matchConditions` when generating reports (#9599 ) * enable matchconditions for reports Signed-off-by: ShutingZhao <shuting@nirmata.com> * update Signed-off-by: ShutingZhao <shuting@nirmata.com> * add chainsaw tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: linter issues Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: move files Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2024-02-02 08:32:28 +00:00
M Viswanath Sai	d102abeb99	Feat: Human readable timestamps in logs (#9276 ) * added timestamp flag and subsequent behaviour changes for logging Signed-off-by: mviswanathsai <mviswanath.sai.met21@itbhu.ac.in> * Changed verbose verbosity level in cli Signed-off-by: mviswanathsai <mviswanath.sai.met21@itbhu.ac.in> * fix linter Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * log level Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: mviswanathsai <mviswanath.sai.met21@itbhu.ac.in> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-01 19:14:47 +00:00
Vishal Choudhary	34c6044c8f	chore(deps): bump github.com/sigstore/cosign/v2 from 2.2.2 to 2.2.3 (#9600 ) Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2024-02-01 15:50:24 +00:00
Charles-Edouard Brétéché	1e0bac2d6f	feat: add global context crd to codegen (#9595 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-01 12:32:13 +00:00
Charles-Edouard Brétéché	0b85bc41b7	feat: add global context crd (#9591 ) * feat: add global context crd Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * merge main Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-01 10:58:31 +00:00
Anushka Mittal	ce0c704086	Deploy specific controllers (#8849 ) * Initial changes for deploy specific controllers Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Include correct values in values.yaml Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Remove check for other controllers Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Sanity checks for other controllers Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * resolve lint errors Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * add separate flags for all crds; conditions for controller crd relation Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * rm global Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * rm global Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * values Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: anushkamittal2001 <anushka@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-01 10:14:05 +00:00
D N Siva Sathyaseelan	f267d19761	test: added test for pkg/utils/policy/marshal.go (#9583 ) * test: added test for pkg/utils/policy/marshal.go Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in> * test: added test for pkg/utils/policy/marshal.go Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in> --------- Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>	2024-01-31 23:00:22 +00:00
Anushka Mittal	cfc9683033	Changes to dynamically configure webhooks (#8437 ) * Changes to dynamically configure webhooks Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Add unit tests Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Add kuttl tests Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Refactoring Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Correct unit test Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Change way of webhooks configured Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Correct tests with new changes Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Add delete operation by default Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Correct tests with new changes Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Correct order for operations Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Add corrections Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Add mutatingwebhookconfiguration test Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Correct unit test Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Added policy.yaml in mutate webhook test Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Add corrections in kuttl test and code Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Change name of test Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Changes to update webhooks manifest Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Add corrections for dynamic-op-mutate kuttl test Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Add minor changes; remove unnecessary file Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Correct adding operations for MutatingWebhookConf Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * dynamic op mutate and validate added Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Resolve conflicts Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Filter rules for mutatingwebhookconf correctly Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * replace TestStep with Test in chainsaw tests Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * converted to new chainsaw-test format Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * minor corrections Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * remove isMutationEmpty() Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * initial changes for dynamic opn enhancements Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * rename variables Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * resolve lint errors Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * refactor code Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * add changes for exclude operations Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * add conformance tests Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * add unit tests Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * corrections in conformance tests Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * modification in unit tests Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * correction in conformance tests Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Update .vscode/launch.json Signed-off-by: shuting <shuting@nirmata.com> * update variable usage Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * remove testresults Signed-off-by: anushkamittal2001 <anushka@nirmata.com> --------- Signed-off-by: anushkamittal2001 <anushka@nirmata.com> Signed-off-by: shuting <shuting@nirmata.com> Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: shuting <shutting06@gmail.com>	2024-01-31 15:46:53 +00:00
shuting	635f160ae0	feat (generate): add `orphanDownstreamOnPolicyDelete` to preserve downstream on policy deletion (#9579 ) * add chainsaw tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * add .orphanDownstreamOnPolicyDelete Signed-off-by: ShutingZhao <shuting@nirmata.com> * update codegen Signed-off-by: ShutingZhao <shuting@nirmata.com> * update docs Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2024-01-31 13:50:38 +02:00
Vishal Choudhary	82b65aebc4	feat: add fail/warn on deprecated/invalid operators (#8624 ) * feat: add fail/warn on deprecated/invalid operators Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: nested for each Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: chainsaw-test.yaml Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2024-01-31 08:40:28 +00:00
Charles-Edouard Brétéché	e969e29eb8	chore: remove reports aggregation per namespace (#9570 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-30 23:08:47 +00:00
Khaled Emara	8fcd9945a1	feat: use custom events watcher (#9324 ) * feat: use cusotm events watcher This custom Event handler solved the problem of a goroutine per Event. Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * test(events): add unit test to EventGenerator Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(events): linter Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * feat: do away with EventBroadcaster Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * eddycharly fixes Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-30 14:08:15 -08:00
Charles-Edouard Brétéché	9102753323	fix: make alternate reports storage transparent (#9553 ) * fix: make alternate reports storage transparent Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * bg scan Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * aggregation Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * aggregation Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * rm manager Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * update Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fixes Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fixes Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-30 14:53:37 +00:00
dreamjz	08d098d262	feat(jmespath):time_parse() support epoch time (#9173 ) Signed-off-by: dreamjz <25699818+dreamjz@users.noreply.github.com> Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-30 07:47:02 +00:00
Mariam Fahmy	831bf3c074	feat: reuse --protectManagedResources flag in the cleanup controller (#8566 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2024-01-30 07:08:30 +00:00
Pushkar Mishra	e6d438289e	added tests for validate foreach with 0 elements (#9459 ) * added tests for validate foreach with 0 doesn't skip Signed-off-by: Pushkar Mishra <pushkarmishra029@gmail.com> * fix Signed-off-by: Pushkar Mishra <pushkarmishra029@gmail.com> --------- Signed-off-by: Pushkar Mishra <pushkarmishra029@gmail.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-29 14:04:41 +00:00
Liang Deng	8298a9a858	fix: validate pattern premature skip (#9155 ) Signed-off-by: Liang Deng <283304489@qq.com> Co-authored-by: shuting <shuting@nirmata.com>	2024-01-29 13:06:39 +00:00
Mariam Fahmy	9ed14cb779	feat: support vap bindings in reports (#9506 ) * feat: support vap bindings in reports Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix: add binding to the rule response Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * add chainsaw test Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix lint Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix chainsaw Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * add chainsaw tests Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix chainsaw tests Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-29 12:49:17 +01:00
Charles-Edouard Brétéché	90cff77300	fix: CRDs codegen (#9542 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-29 09:45:52 +00:00
Charles-Edouard Brétéché	747bc017e5	fix: follow up for #9534 (#9543 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-29 08:54:58 +00:00
Vishal Choudhary	4108415153	feat: use awslabs keychain for AWS and gcr keychain for GCP (#9416 ) * feat: use awslabs keychain for AWS and gcr keychain for GCP Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * chore: remove unused var Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * chore: remove more unused vars Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: gofumpt Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-29 08:25:52 +00:00
mohamedasifs123	e3274386e7	Update validate_resource.go (#9534 ) Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>	2024-01-28 20:41:42 +00:00
Charles-Edouard Brétéché	afede6486d	refactor: use single type for ephemeral reports (#9537 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-27 23:30:04 +00:00
Siva Sathyaseelan	06a5580b2c	test: added test for pkg/utils/admission/metadata.go (#9538 ) Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>	2024-01-27 21:27:54 +01:00
shuting	7170cbb0c2	feat:Webhook config per policy (#9483 ) * add spec.webhookConfigurations Signed-off-by: ShutingZhao <shuting@nirmata.com> * update crd Signed-off-by: ShutingZhao <shuting@nirmata.com> * configure webhook Signed-off-by: ShutingZhao <shuting@nirmata.com> * register webhook handler Signed-off-by: ShutingZhao <shuting@nirmata.com> * skip storing finegrained policies in cache Signed-off-by: ShutingZhao <shuting@nirmata.com> * update resource validate handler Signed-off-by: ShutingZhao <shuting@nirmata.com> * updates Signed-off-by: ShutingZhao <shuting@nirmata.com> * enable mutate resource handler for fine-grained policies Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: tests Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2024-01-27 13:00:22 +00:00
Charles-Edouard Brétéché	f4aba55e0a	fix: move new reports api to top level folder (#9531 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-27 08:03:01 +00:00
Mariam Fahmy	f01f0d6dc4	feat: support podSecurity exclusion in exceptions (#9343 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-01-26 18:43:07 +00:00
Florian Hopfensperger	8781a38849	feat: configure webhook scope based on resource and policy type (#8065 ) * feat: configure webhook scope based on policy type Signed-off-by: Florian Hopfensperger <florian.hopfensperger@allianz.de> * Update pkg/controllers/webhook/controller.go Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: shuting <shuting@nirmata.com> * feat: configure webhook scope based on resource type Signed-off-by: Florian Hopfensperger <florian.hopfensperger@allianz.de> * review comments Signed-off-by: Florian Hopfensperger <florian.hopfensperger@allianz.de> * sorting of webhooks Signed-off-by: Florian Hopfensperger <florian.hopfensperger@allianz.de> * Update pkg/controllers/webhook/utils.go Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix imports Signed-off-by: Florian Hopfensperger <florian.hopfensperger@allianz.de> --------- Signed-off-by: Florian Hopfensperger <florian.hopfensperger@allianz.de> Signed-off-by: shuting <shuting@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-26 15:07:42 +00:00
Vishal Choudhary	e6c39f31a5	feat: add a new API group `reports.kyverno.io` (#9521 ) * feat: add new report interface Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * chore: reports.kyverno.io/v1 apigroup Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * chore: codegen Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: add report manager Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: add reports manager to reports controller Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: add alternateReportStorage to helm chart Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: report utils deepcopy Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * init flag Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: wrong return value Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-26 13:40:29 +00:00
Siva Sathyaseelan	b0737a7f51	test: added test for pkg/utils/admission/policy.go (#9520 ) Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>	2024-01-26 13:10:37 +00:00
Siva Sathyaseelan	ceb004c3a9	test: added test for pkg/utils/admission/exception.go (#9495 ) Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-25 22:59:34 +01:00
Charles-Edouard Brétéché	bc2c50058a	fix: reduce logs in controllers when an item is not found (#9509 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-25 01:12:15 +02:00
Charles-Edouard Brétéché	0b7a6a1e3e	fix: kyverno apply panic for mutate policies (#9492 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-24 09:37:48 +00:00
Vishal Choudhary	87c7ce254a	feat: add skipImageReferences in verify images (#8633 ) * feat: add skipImageReferences in verify images Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: chainsaw tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: chainsaw-test.yaml Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: typo in assert Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-23 12:27:39 +00:00
Mariam Fahmy	d47684c0d9	feat: support validatingadmissionpolicybindings in CLI apply command (#9468 ) * feat: support validatingadmissionpolicybindings in CLI apply command Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix linter issue Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-01-23 11:47:38 +00:00
Siva Sathyaseelan	9da03844a5	test: added test for pkg/utils/admission/cleanup.go (#9486 ) Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-22 21:00:09 +01:00
Lukas Wöhrl	349e363a41	feat: support all valid jsonpatches in validation webhook (#9476 ) Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-22 14:49:08 +00:00
Vishal Choudhary	a0afda4f0a	fix: allow multiple keys in verifyImages.attestations.attestors.entries (#8880 ) * fix: allow multiple keys in verifyImages.attestations.attestors.entries Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2024-01-22 06:49:22 +00:00
Charles-Edouard Brétéché	8795916e14	fix: change generic policy to not return any (#9463 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-20 19:20:22 +02:00
Charles-Edouard Brétéché	a597d65a33	chore: bump otel deps (#9442 ) * chore: bump otel deps Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix semconv version Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-19 09:36:28 +00:00
Mariam Fahmy	a791d9ac35	feat: skip generating VAP when an exception is defined (#9386 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-01-18 15:55:27 +00:00
Mariam Fahmy	b4acbdea2c	fix: use the correct API version for VAPs in the generated events (#9392 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2024-01-18 14:02:07 +00:00
Mariam Fahmy	f0564b3019	feat: re-evaluate policy exceptions for existing resources and modify reports accordingly (#8659 ) * feat: re-evaluate policy exceptions for existing resources and modify reports accordingly Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix: use v2 of exceptions Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix chainsaw test Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix: use properties in the reports result Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix chainsaw tests Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-01-17 10:00:15 -08:00
shuting	600e19b340	fix: clean up URs if the trigger doesn't exist (#9355 ) * clean up URs if trigger is not present Signed-off-by: ShutingZhao <shuting@nirmata.com> * add chainsaw tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * increase timeout Signed-off-by: ShutingZhao <shuting@nirmata.com> * chore: clarify user variables failure Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2024-01-09 10:30:31 +01:00
kanha gupta	f7a962fd11	support for SHA256 jmespath function (#9144 ) Signed-off-by: Kanha gupta <kanhag4163@gmail.com> Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2024-01-05 10:44:26 +00:00
shuting	025a477688	fix: non-trigger resources should be skipped for background policies regardless of `skipBackgroundRequests` settings (#9333 ) * fix skip checks Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: skip request for non-triggers Signed-off-by: ShutingZhao <shuting@nirmata.com> * add missing files Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: empty policy Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2024-01-04 12:47:58 +02:00
Mariam Fahmy	f8c5571ddc	fix: remove the check of exclude in VAPs (#9331 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-01-03 17:37:30 +00:00
Khaled Emara	88798c3e39	feat: add new client for events (#9323 ) Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>	2024-01-03 01:12:05 +00:00
Gurmannat Sohal	6902a2b092	Unit tests for Pod Security Admission Integrations (#8585 ) * feat: enable field-restricted exclusions using the psa Signed-off-by: Liang Deng <283304489@qq.com> * fix ci error Signed-off-by: Liang Deng <283304489@qq.com> * fix ci error Signed-off-by: Liang Deng <283304489@qq.com> * initial unit tests * Add all remaining unit tests Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com> * fine grain unit tests by adding fields and values * add detailed pod level exclusion and related tests * add tests for init & ephemeral containers * add kuttl tests for the new advanced support * add kuttl tests for the new advanced support * add readme for kuttl tests * add replacement in go.mod * resolving CI errors Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com> * fix ci errors Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com> * fix ci errors Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com> * updating pod-security-admissio Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com> * resolving null pointer panic Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com> * resolved conformance error Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com> * chainsaw Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chainsaw Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com> * remove duplication Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com> * fix linting Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com> * remove over computation Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com> * added field checks, pss skip condition Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com> * correcting chainsaw tests Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com> * merge branch 'main' into unit-tests Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com> * fix builds Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: Liang Deng <283304489@qq.com> Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com> Signed-off-by: shuting <shuting@nirmata.com> Signed-off-by: Gurmannat Sohal <95538438+itsgurmannatsohal@users.noreply.github.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Liang Deng <283304489@qq.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-12-26 22:28:08 +08:00
Mariam Fahmy	4fff841cdc	fix: remove policy informer from vap controller (#9279 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-12-26 11:45:26 +00:00
Mariam Fahmy	5f09fa810c	chore: introduce v2 for updaterequests (#9267 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-12-23 00:09:02 +00:00
Charles-Edouard Brétéché	2b5aef75f1	feat: add cleanup policies v2 (#9261 ) * feat: add cleanup policies v2 Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-12-22 20:43:27 +02:00
Vishal Choudhary	ce00df13fa	fix: use http.MaxBytesReader instead of content length for API Calls (#9265 ) * fix: use http.MaxBytesReader instead of content length for API Calls Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: add unit tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: added test for chunked transfer Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2023-12-22 17:05:52 +00:00
Mariam Fahmy	6bffca067a	chore: introduce v2 for internal reports resources (#9262 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-12-22 14:09:00 +00:00
shuting	67b96a7cf2	refactor: mutate checks (#9255 ) * refactor Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-12-22 15:07:17 +02:00
Shubham Singh	6aaa06702f	bug: making `images` consistent with `image` (#9147 ) * adding `ReferenceWithTag` and `GetReferenceWithTag` + Populating them Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com> * Adding tests for the same Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com> * `ReferenceWithTag()` -> `ReferenceWithTag` Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com> * `Strings()` -> `ReferenceWithTag` Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com> * added `ReferenceWithTag` to image_test Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com> * sorting out linter Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com> --------- Signed-off-by: Shubham Singh <shubhammahar1306@gmail.com> Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2023-12-22 11:15:50 +00:00
Charles-Edouard Brétéché	b54e6230c5	refactor: events controller (#9236 ) * refactor: make events controller shutdown graceful Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * nit Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * drain Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor: events controller Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * exception Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * remove queue Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2023-12-22 11:47:22 +01:00
Mariam Fahmy	b61a1f3d18	fix: set v2beta1 of exceptions the storage version (#9254 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2023-12-22 10:13:58 +00:00
hub_Prateek	f344bcf9a7	Fixed error log (#9232 ) * Fixed error log Signed-off-by: hub-Prateek <prateeksaxena462003@gmail.com> * Removed the event Signed-off-by: hub-Prateek <prateeksaxena462003@gmail.com> --------- Signed-off-by: hub-Prateek <prateeksaxena462003@gmail.com>	2023-12-22 07:32:08 +00:00
Honnix	47cafaabd3	Support more signature algorithms (#9102 ) * Support more signature algorithms Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com> * Fix codegen Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com> * Fail loudly for unsupported algorithm Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com> * Fix codegen Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com> * Fix more Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com> --------- Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com> Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2023-12-21 13:27:33 +05:30
shuting	85e0d9b836	fix mutate existing force reconciliation (#9230 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-12-20 16:29:37 +00:00
Charles-Edouard Brétéché	c335670065	chore: add missing context unit test (#9213 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-12-19 15:54:48 +00:00
Mariam Fahmy	8e0a7aa204	feat: promote policy exceptions to v2 (#9208 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-12-19 10:43:39 +00:00
shuting	7282ecca9f	fix: add `skipBackgoundRequests` to configure loop protection option (#9157 ) * fix typo Signed-off-by: ShutingZhao <shuting@nirmata.com> * add new attribute skipBackgroundRequests Signed-off-by: ShutingZhao <shuting@nirmata.com> * move to per rule config Signed-off-by: ShutingZhao <shuting@nirmata.com> * check flag Signed-off-by: ShutingZhao <shuting@nirmata.com> * clean up Signed-off-by: ShutingZhao <shuting@nirmata.com> * update docs Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix logger Signed-off-by: ShutingZhao <shuting@nirmata.com> * add retryCount to ur.status Signed-off-by: ShutingZhao <shuting@nirmata.com> * add chainsaw tests Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-12-19 06:25:12 +00:00
Charles-Edouard Brétéché	8a7c2f0332	chore: bump a couple of deps (#9198 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-12-19 02:52:23 +00:00
kanha gupta	cdc68a629a	support for Add Variable unit test (#9124 ) Signed-off-by: Kanha gupta <kanhag4163@gmail.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-12-19 00:14:17 +00:00
Mariam Fahmy	68a1258899	fix: limit the trigger name to a maximum of 63 characters for mutate existing rules (#9162 ) * fix: limit the trigger name to a maximum of 63 characters for mutate existing rules Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix chainsaw test Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-12-18 09:23:40 +00:00
Vishal Choudhary	c5298cdf85	chore: use sigstore/cosign 2.2.2 on main (#9179 ) * chore: use official cosign on main Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * cleanup: remove redundant if check Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * cleanup: extra require statement Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2023-12-18 06:41:26 +00:00
Jim Bugwadia	f4f34419d9	improve messages (#9168 ) * improve messages Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix typo Signed-off-by: Jim Bugwadia <jim@nirmata.com> --------- Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2023-12-16 10:50:08 +02:00
Mariam Fahmy	eab6b4eceb	fix: updaterequests stuck in pending/fail infinite loop (#9119 ) * fix: updaterequests stuck in pending/fail infinite loop Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix: prevent creating URs upon DELETE unless it is specified Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix chainsaw test Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-12-15 16:42:10 +02:00
shuting	7eb9347ced	fix logger level (#9163 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-12-15 09:51:24 +00:00
Vishal Choudhary	1f4181645b	fix: allow changes to preexisting resource in violation of a policy in Enforce (#9027 ) * fix: allow changes to preexisting resource in violation of a policy in Enforce Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: missing error check Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * nit: cleanup Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: update old policy context Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: preconditions always retured true internal.CheckPreconditions always returned true when v.anyAllConditions, it should be populated with rule.RawAnyAllConditions when newValidator() is used to create a validator Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: fix chainsaw test Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: nit Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * debug Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: update test Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: add namespace Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: add test for bad to good conversion Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: add test step Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2023-12-12 09:17:53 +00:00
Zadkiel Aharonian	5e96b26a48	feat: webhook labels (#9015 ) Signed-off-by: Zadkiel Aharonian <hello@zadkiel.fr> Co-authored-by: shuting <shuting@nirmata.com>	2023-12-07 12:58:31 +00:00
Mariam Fahmy	955738ce20	chore: set cert renewal time to 15 days before expiration (#8567 ) * chore: set cert renewal time to 15 days before expiration Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-12-06 13:37:01 +00:00
Jim Bugwadia	46f02a8ba7	optimize JSON context processing using in-memory maps (#8322 ) * optimize JSON context processing using in memory maps Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix excessive logs Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix mutate resource diff Signed-off-by: Jim Bugwadia <jim@nirmata.com> * uncomment tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * copy resource, as it can be modified Signed-off-by: Jim Bugwadia <jim@nirmata.com> * clear prior resource to prevent mutating original Signed-off-by: Jim Bugwadia <jim@nirmata.com> * linter fix Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix ImageInfo to unstructured conversion Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix custom image extractors Signed-off-by: Jim Bugwadia <jim@nirmata.com> * do not update mutated resource in JSON context Signed-off-by: Jim Bugwadia <jim@nirmata.com> * address review comments Signed-off-by: Jim Bugwadia <jim@nirmata.com> --------- Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: shuting <shuting@nirmata.com> Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2023-12-04 07:35:36 +00:00
Charles-Edouard Brétéché	095b22b6af	fix: ttl cleanup not working with cluster wide resources (#9060 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-12-03 00:35:13 +01:00
Jim Bugwadia	296578a456	create interpreter once and reuse across searches (#8299 ) * create interpreter once and reuse across searches Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix excessive logs Signed-off-by: Jim Bugwadia <jim@nirmata.com> * refactor(jmespath): reuse fCall instead of intr Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * refactor(jmespath): use new api Use the new JMESPath API to decouple Interpreter from FunctionCaller Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore: bump go-jmespath Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(jmespath): test case using older API Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> --------- Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Khaled Emara <khaled.emara@nirmata.com> Co-authored-by: Khaled Emara <KhaledEmaraDev@gmail.com>	2023-11-30 16:59:11 +01:00
Mariam Fahmy	1404ea0966	fix: delete VAPs in case Kyverno policies can't be translated (#8887 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-11-27 06:36:01 +00:00
Vishal Choudhary	c630f17ec4	fix: block mutation only when failurePolicy is set to fail (#8952 ) * fix: only block mutation when failurePolicy is set to fail Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: kuttl test Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: add else check Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: update defaulting ns label policy's failure policy to be fail based on readme, this test has nothing to do with failurePolicy and resource should not be blocked in case of ignore failurePolicy Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: there is another Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: update policy Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * nit Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: add logs Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * Update pkg/webhooks/resource/mutation/mutation.go Signed-off-by: shuting <shuting@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Signed-off-by: shuting <shuting@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: shuting <shutting06@gmail.com>	2023-11-22 17:01:46 +00:00
Vishal Choudhary	72524c792c	fix: update KeysAreMissing() to ignore negations in resource (#8953 ) * fix: update KeysAreMissing() to ignore negations in resource KeysAreMissing() checks if a key is missing in a resource, since a negation should not be present in the resource, it should not count as a missing key Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: add tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: pod is supposed to fail Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2023-11-22 09:06:40 +00:00
Vishal Choudhary	5fe16cd487	feat: add checks for max response size in API Call (#8957 ) * feat: add checks for max response size in API Call GET request Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: added changes suggested by jim Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * cleanup Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2023-11-21 10:01:51 +00:00
UgOrange	0079ca1e39	feat: Add external_url_check custom JMESPath function (#8614 ) Signed-off-by: lichanghao.orange <lichanghao.orange@bytedance.com> Signed-off-by: UgOrange <lichanghao.orange@bytedance.com>	2023-11-21 04:17:26 +00:00
AdamKorcz	31c089bcc6	fix: change names of fuzzing policies (#8947 ) Signed-off-by: AdamKorcz <adam@adalogics.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-11-20 01:05:58 +00:00
Dirk Pahl	d8c2c5818d	Make server ports configurable, resolves #7279 (#7728 ) * Make server ports configurable, resolves #7279 Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com> * Make server ports configurable, resolves #7279 Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com> * Switch to flags instead of env vars Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com> * Could not use internal package in webhooks pkg Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com> * Add helm chart changes Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com> * make codegen-docs-all Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com> * make codegen-manifest-all Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com> --------- Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com> Co-authored-by: Dirk Pahl <dirk.pahl@deutschebahn.com> Co-authored-by: shuting <shuting@nirmata.com>	2023-11-17 14:19:53 +00:00
shuting	7b5d7c1e50	chore: bump k8s package to 1.29 (#8929 ) * bumo k8s pkgs to 1.29 Signed-off-by: ShutingZhao <shuting@nirmata.com> * replace to fork Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-11-17 15:42:47 +08:00
Romuald	139551b7ac	fix: use ungreedy pattern to process all variables (#8311 ) * use ungreedy pattern to process all variables Signed-off-by: Romuald du Song <rdusong@chapsvision.com> * use different strategy for regexp to remove the use of ungreedy flag Signed-off-by: Romuald du Song <rdusong@chapsvision.com> --------- Signed-off-by: Romuald du Song <rdusong@chapsvision.com>	2023-11-14 13:23:28 +00:00
Mariam Fahmy	c0e0cea9f4	feat: compute policy exceptions as a part of the rule execution (#8713 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2023-11-13 15:43:25 +00:00
Mariam Fahmy	31858abb0b	fix: use validate.message in case there is no message associated with the CEL expression (#8883 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-11-13 14:53:24 +00:00
AdamKorcz	4da963367d	Close reponse right after succesful request (#8894 ) Signed-off-by: AdamKorcz <adam@adalogics.com>	2023-11-13 13:41:32 +00:00
Satyajit Behera	adc0f175d2	Reduced verbosity of admission request filter INFO log message (#8712 ) * Reduced verbosity of admission request filter INFO log message Signed-off-by: satyazzz123 <beherasatyajit716@gmail.com> * Changed the verbosity level to 4 Signed-off-by: Satyajit Behera <105061492+satyazzz123@users.noreply.github.com> --------- Signed-off-by: satyazzz123 <beherasatyajit716@gmail.com> Signed-off-by: Satyajit Behera <105061492+satyazzz123@users.noreply.github.com> Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-11-10 11:34:34 +00:00
Jim Bugwadia	c1015bf619	Reduce deps (#8654 ) * fix excessive logs Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove cosign dependency from API package Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update UserAgent Signed-off-by: Jim Bugwadia <jim@nirmata.com> --------- Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2023-11-09 13:04:24 +00:00
Vishal Choudhary	878bc48e51	chore: bump cosign to v2.2.1 (#8855 ) Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2023-11-09 12:22:35 +00:00
shuting	5bd3faca97	chore (deps): bump a couple of deps (#8867 ) * bump github.com/distribution/distribution from 2.8.2+incompatible to 2.8.3+incompatible Signed-off-by: ShutingZhao <shuting@nirmata.com> * bump sigs.k8s.io/kubectl-validate from 0.0.1 to 0.0.2 Signed-off-by: ShutingZhao <shuting@nirmata.com> * bump aquasecurity/trivy-action from 0.13.1 to 0.14.0 Signed-off-by: ShutingZhao <shuting@nirmata.com> * bump sigstore/scaffolding from 838c26c783a08cf497dfff29d95ca90c6eeba3df to 46eb35c1c415d976c7f9d3ee4c936e65c35e8e3e Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-11-09 16:25:15 +05:30
Chandan-DK	cafc0990f9	fix: generate policy fails if triggered resource name exceeds 63 characters limit (#8466 ) * fix: generate label resource name character length issue Signed-off-by: Chandan-DK <chandandk468@gmail.com> * add source label Signed-off-by: Chandan-DK <chandandk468@gmail.com> * modify newUR function Signed-off-by: Chandan-DK <chandandk468@gmail.com> * fix Signed-off-by: Chandan-DK <chandandk468@gmail.com> * improve readability Signed-off-by: Chandan-DK <chandandk468@gmail.com> * remove generate source name label Signed-off-by: Chandan-DK <chandandk468@gmail.com> * Revert changes Signed-off-by: Chandan-DK <chandandk468@gmail.com> * update ResourceSpec Signed-off-by: Chandan-DK <chandandk468@gmail.com> * add URGenerateResourceUIDLabel Signed-off-by: Chandan-DK <chandandk468@gmail.com> * make codegen crds all Signed-off-by: Chandan-DK <chandandk468@gmail.com> * make codegen client all Signed-off-by: Chandan-DK <chandandk468@gmail.com> * add GenerateSourceUIDLabel Signed-off-by: Chandan-DK <chandandk468@gmail.com> * modify comment Signed-off-by: Chandan-DK <chandandk468@gmail.com> * make codegen crds all Signed-off-by: Chandan-DK <chandandk468@gmail.com> * make codegen-docs-all Signed-off-by: Chandan-DK <chandandk468@gmail.com> * make codegen-all Signed-off-by: Chandan-DK <chandandk468@gmail.com> * set trigger uid Signed-off-by: Chandan-DK <chandandk468@gmail.com> * add uid in transform() Signed-off-by: Chandan-DK <chandandk468@gmail.com> * add name label Signed-off-by: Chandan-DK <chandandk468@gmail.com> * fix: use resource name labels along with its UID Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix: use the resource name label only if its uid label isn't set Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * add kuttl tests Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix: delete the trigger resource in the test Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix: delete the source in the kuttl test Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * add generate trigger uid label Signed-off-by: Chandan-DK <chandandk468@gmail.com> * modify TriggerInfo function Signed-off-by: Chandan-DK <chandandk468@gmail.com> * populate uid field for new update requests Signed-off-by: Chandan-DK <chandandk468@gmail.com> * populate new ur spec with uid Signed-off-by: Chandan-DK <chandandk468@gmail.com> * handle downstream resources cleanup Signed-off-by: Chandan-DK <chandandk468@gmail.com> * populate uid of ur status Signed-off-by: Chandan-DK <chandandk468@gmail.com> * fetch triggers by the UID label Signed-off-by: ShutingZhao <shuting@nirmata.com> * label triggers Signed-off-by: ShutingZhao <shuting@nirmata.com> * fetch trigger by comparing UID Signed-off-by: ShutingZhao <shuting@nirmata.com> * fetch cloneList downstream resource by UID Signed-off-by: ShutingZhao <shuting@nirmata.com> * update test names Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove trigger name label assertions from kuttl tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * add unit name selector Signed-off-by: ShutingZhao <shuting@nirmata.com> * add sleep Signed-off-by: ShutingZhao <shuting@nirmata.com> * assert events on failures Signed-off-by: ShutingZhao <shuting@nirmata.com> * rename tests Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: Chandan-DK <chandandk468@gmail.com> Signed-off-by: Chip Zoller <chipzoller@gmail.com> Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Signed-off-by: shuting <shuting@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Chip Zoller <chipzoller@gmail.com> Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2023-11-06 10:37:13 +00:00

... 2 3 4 5 6 ...

3822 commits