kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 07:57:07 +00:00

Author	SHA1	Message	Date
shuting	ecd3d75704	fix: match logic misbehave (#7218 ) * add rule name in ur for mutate existing Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix match logic Signed-off-by: ShutingZhao <shuting@nirmata.com> * linter fixes Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix the match logic to only apply to the new object, unless it's a delete request Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-05-18 21:57:57 +00:00
Charles-Edouard Brétéché	f18f155816	refactor: engine response policy (#7063 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-05-03 13:05:01 +08:00
Charles-Edouard Brétéché	c9bbf38191	refactor: remove more admission request pointers (#6774 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-04-04 13:11:18 +08:00
Charles-Edouard Brétéché	18033a415b	refactor: remove admission request/response pointers (#6769 ) * refactor: remove admission request/response pointers Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-04-03 18:08:57 +00:00
shuting	637f830917	feat: apply generate rules on trigger events (#6508 ) * - fire generation on trigger deletion, with condition rules; - delete downstream if trigger no longer matches; - delete downstream if trigger is deleted, with sync rule Signed-off-by: ShutingZhao <shuting@nirmata.com> * trim condition key spaces Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix UR spec Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test cpol-create-on-trigger-deletion Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test cpol-create-on-trigger-deletion Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test cpol-data-sync-delete-trigger Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test cpol-data-nosync-delete-trigger Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test cpol-data-sync-update-trigger-no-match Signed-off-by: ShutingZhao <shuting@nirmata.com> * rename policy Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test cpol-data-nosync-update-trigger-no-match Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix Signed-off-by: ShutingZhao <shuting@nirmata.com> * add debug logs Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test cpol-clone-create-on-trigger-deletion Signed-off-by: ShutingZhao <shuting@nirmata.com> * update readme Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test cpol-clone-sync-delete-trigger Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test cpol-clone-nosync-delete-trigger Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test cpol-clone-sync-update-trigger-no-match Signed-off-by: ShutingZhao <shuting@nirmata.com> * update readme Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test cpol-clone-nosync-update-trigger-no-match Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-03-10 17:17:10 +00:00
Charles-Edouard Brétéché	43924e131c	refactor: original resource tracking in engine response (#6293 ) * refactor: original resource tracking in engine response Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-02-10 14:04:41 +00:00
Charles-Edouard Brétéché	ed5cf2cdde	refactor: remove PolicySpec from engine api (#6159 ) * refactor: introduce engine api package Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * status Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor: clean engine api package Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * cleanup Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor: remove PolicySpec from engine api Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * rm Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * constructor Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2023-02-10 08:11:21 +00:00
shuting	c8edf1ab32	fix: admission review variables for DELETE operations (#6197 ) * build trigger from the stored admission request payload Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-02-02 14:46:53 +00:00
Charles-Edouard Brétéché	fb94f6ea75	refactor: introduce engine api package (#6154 ) * refactor: introduce engine api package Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * status Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-01-30 11:41:09 +00:00
Charles-Edouard Brétéché	ff728d5f2b	feat: propagate context through engine (#5639 ) * feat: propagate context through engine Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: propagate context through engine Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: propagate context through engine Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: propagate context through engine Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2022-12-09 21:45:11 +08:00
Charles-Edouard Brétéché	83bbf87ff6	feat: use admission review v1 (#5464 ) * feat: use admission review v1 Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * nit Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * logs Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * patch type Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>	2022-11-30 23:37:42 +08:00
Charles-Edouard Brétéché	060f7bb873	refactor: admission response utils (#5234 ) - refactor: admission response utils - unit tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2022-11-08 09:35:08 +00:00
Charles-Edouard Brétéché	d558c12470	refactor: move generation handler out of webhooks package (#4570 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-09 19:49:38 +05:30
Charles-Edouard Brétéché	10638362dc	refactor: move image verification handler out of webhooks package (#4569 ) * refactor: move mutation handler out of webhooks package Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: move image verification handler out of webhooks package Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-09 15:05:57 +02:00
Charles-Edouard Brétéché	20b8697ad8	refactor: move mutation handler out of webhooks package (#4567 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-09 12:48:29 +02:00
Charles-Edouard Brétéché	e900815dc0	refactor: move validation handler out of webhooks package (#4556 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-09 07:52:38 +00:00
Charles-Edouard Brétéché	f0fa50b27e	refactor: webhook block and unit tests (#4531 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-08 08:36:31 +00:00
Charles-Edouard Brétéché	8e33532b38	refactor: webhook exclusion and unit tests (#4528 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-08 06:19:18 +00:00
Charles-Edouard Brétéché	c8bbb5bead	refactor: utils for warnings and unit tests (#4523 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-07 14:01:42 +00:00
Charles-Edouard Brétéché	ae31378546	refactor: webhook policy context creation (#4480 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-01 16:52:36 +02:00
shuting	3bf3dcc1af	Add the metric "kyverno_client_queries_total" (#4359 ) * Add metric "kyverno_kube_client_queries_total" Signed-off-by: ShutingZhao <shuting@nirmata.com> * publish metric for missing queries Signed-off-by: ShutingZhao <shuting@nirmata.com> * Refactor the way Kyverno registers QPS metric Signed-off-by: ShutingZhao <shuting@nirmata.com> * Move clientsets to a dedicated folder Signed-off-by: ShutingZhao <shuting@nirmata.com> * Wrap Kyverno client and policyreport client to register client query metric Signed-off-by: ShutingZhao <shuting@nirmata.com> * address linter comments Signed-off-by: ShutingZhao <shuting@nirmata.com> * address linter comments Signed-off-by: ShutingZhao <shuting@nirmata.com> * Switch to use wrapper clients Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-08-31 11:33:47 +05:30
Anutosh Bhat	d92e16526f	Added appropriate logging levels to log.Info() calls wherever necessary (#4341 ) * Added appropriate logging levels to log.Info() calls wherever necessary Signed-off-by: anutosh491 <andersonbhat491@gmail.com> * Changed logging levels to 2 Signed-off-by: anutosh491 <andersonbhat491@gmail.com> Signed-off-by: anutosh491 <andersonbhat491@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-08-18 13:24:59 +00:00
Jim Bugwadia	943c3a1929	use failurePolicy to block or allow requests, on policy errors (#4183 ) * use failurePolicy to block or allow requests, on policy errors Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add warnings Signed-off-by: Jim Bugwadia <jim@nirmata.com> * codegen Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix linter issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add unit tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * handle network errors Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix linter issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix title conversion Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix path in generated file Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix fake metrics Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add check for klog flag initialization Signed-off-by: Jim Bugwadia <jim@nirmata.com> * check for flag reinitialization Signed-off-by: Jim Bugwadia <jim@nirmata.com> * check for flag reinitialization Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix spelling Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix flag init Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2022-08-02 20:24:02 +05:30
Charles-Edouard Brétéché	dae3dad027	refactor: used typed admission request in ur (#4022 ) * refactor: add policy event listener in ur controller (#4012) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `cd1fa030ee`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: used typed admission request in ur Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: used typed admission request in ur Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * Handle the error properly Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> Co-authored-by: ShutingZhao <shuting@nirmata.com>	2022-05-29 07:27:14 +00:00
Charles-Edouard Brétéché	caa769fb1d	refactor: clean updaterequest generator (#3949 ) * refactor: clean updaterequest generator Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: clean updaterequest generator Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-05-23 22:39:12 +08:00
Charles-Edouard Brétéché	5243763674	chore: make dclient import aliases consistent (#3951 ) * chore: make kyverno api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: make apimachinery api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: make dclient api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-17 14:40:51 +00:00
Charles-Edouard Brétéché	0099ef54ad	chore: enable gofmt and gofumpt linters (#3931 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-17 06:19:03 +00:00
Charles-Edouard Brétéché	c112aaefa1	refactor: separate resource mutation/validation handlers from server (#3908 ) * refactor: webhooks server logger Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: separate policy mutation/validation handlers from server Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * separate resource mutation from server code Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-16 22:36:21 +08:00

28 commits