mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00
Code Activity
6114 commits 16 branches 550 tags 288 MiB
Commit graph

325 commits

Author SHA1 Message Date
Shuting Zhao
cafc3883a4 - fix validation to process on patched resource; - format code 2020-01-07 11:32:52 -08:00
Shivkumar Dudhani
ffd2179b03
538 (#587) 
* initial commit

* background policy validation

* correct message

* skip non-background policy process for add/update

* add Generate Request CR

* generate Request Generator Initial

* test generate request CR generation

* initial commit gr generator

* generate controller initial framework

* add crd for generate request

* gr cleanup controller initial commit

* cleanup controller initial

* generate mid-commit

* generate rule processing

* create PV on generate error

* embed resource type

* testing phase 1- generate resources with variable substitution

* fix tests

* comment broken test #586

* add printer column for state

* return if existing resource for clone

* set resync time to 2 mins & remove resource version check in update handler for gr

* generate events for reporting

* fix logs

* cleanup

* CR fixes

* fix logs
 2020-01-07 10:33:28 -08:00
Shuting Zhao
c97b3ce5b0 fetch annotation from resource annotation map 2020-01-06 19:24:24 -08:00
Shuting Zhao
54ecb7738a - insert annotation to podTemplate; - skip apply rule on pod if annotation exists 2019-12-26 15:34:19 -08:00
shivkumar dudhani
793d878b18 correct webhook endpoint 2019-12-13 11:13:58 -08:00
Shuting Zhao
b2ad71cc5e remove channel, introduced a flag to indicate the webhook creation status 2019-12-05 15:49:02 -08:00
Shuting Zhao
183f844029 - move resourcewebhookregister to webhookconfig 2019-12-05 13:51:02 -08:00
Shuting Zhao
0f5cf40eda - holds resource webhook creation requests in a quene; - remove webhookinformer from policy controller and webhookregistrationclient 2019-12-04 12:31:27 -08:00
Shuting Zhao
f506789498 create resource mutating webhook after verifying webhook is active 2019-11-25 18:07:11 -08:00
shivkumar dudhani
3df71f6fea Merge branch 'v1.1.0' into 507_bug 2019-11-18 11:44:17 -08:00
Shivkumar Dudhani
61b202c64a
420 init container (#501) 
* init container to cleanup stale webhook configurations if any.

* remove test code

* use internal pkg for os signals

* move webhook cleanup before http.server shutown.

* update make file and remove init

* update CI script
 2019-11-18 11:41:37 -08:00
shivkumar dudhani
3c3931b67b wat for cache sync and cleanup 2019-11-15 15:59:37 -08:00
shivkumar dudhani
57e8e2a395 Revert "wait for cache to sync and cleanup" 
This reverts commit 9c3b32b903.
 2019-11-15 15:57:18 -08:00
shivkumar dudhani
9c3b32b903 wait for cache to sync and cleanup 2019-11-15 15:53:22 -08:00
Shuting Zhao
b67577994a update apiversion to v1 in code 2019-11-13 13:41:08 -08:00
Shuting Zhao
81ac13cb05 lookup policies from policy store in webhook 2019-11-13 12:15:51 -08:00
Shuting Zhao
fc35a52ad8 Merge branch 'master' into 455_namespace_pv 
# Conflicts:
#	definitions/install_debug.yaml
#	main.go
#	pkg/webhooks/mutation.go
#	pkg/webhooks/server.go
#	pkg/webhooks/validation.go
 2019-11-13 11:46:46 -08:00
Shuting Zhao
2893cc3f7d create namespace pv when validate policy fails 2019-11-12 19:02:31 -08:00
shivkumar dudhani
ccbb6e33a5 introduce policy violation generator 2019-11-12 14:41:29 -08:00
Shuting Zhao
2a14c1f5dc - add profiling; - fix CLI 2019-11-11 21:23:26 -08:00
Shuting Zhao
5a3ed62b13 Merge branch 'master' into 345_support_usergroup_info 
# Conflicts:
#	pkg/engine/validation_test.go
#	pkg/webhooks/annotations.go
#	pkg/webhooks/annotations_test.go
#	pkg/webhooks/mutation.go
#	pkg/webhooks/server.go
#	pkg/webhooks/validation.go
 2019-11-11 19:19:08 -08:00
Shuting Zhao
586b197b00 user sharedInformer for rolebindings and clusterrolebindings 2019-11-11 15:43:13 -08:00
Shuting Zhao
03e85c2266 make getRoleRef a separate package 2019-11-11 14:52:09 -08:00
shivkumar dudhani
f788f0e526 introduce policy store 2019-11-11 11:10:25 -08:00
shivkumar dudhani
f11a05a652 create event on webhook status update 2019-11-10 13:30:15 -08:00
Shuting Zhao
0e9a952d64 get rbac info for an admission request 2019-11-08 18:56:24 -08:00
Shuting Zhao
caf7abfecc Get policy list once in handleAdmissionRequest 2019-11-07 12:13:16 -08:00
shivkumar dudhani
e022084dd0 add checker to verify if mutatingwebhook is enabled or not + refactoring 2019-10-30 13:39:19 -07:00
shivkumar dudhani
c7787eff8d Merge branch 'master' of github.com:nirmata/kyverno into 391_feature 2019-10-29 12:01:15 -07:00
Shivkumar Dudhani
22e7ab1c49
Merge branch 'master' into 261_dynamic_config 2019-10-25 19:17:15 -05:00
shivkumar dudhani
56adc98b8c initial commit 2019-10-25 16:55:48 -05:00
Shuting Zhao
f820cb4c83 implement #387 Generate clusterpolicyviolation when policy action set to "enforce" 2019-10-21 15:55:20 -07:00
shivkumar dudhani
64eab3d1d6 initial commit 2019-10-18 17:38:46 -07:00
shivkumar dudhani
fa53519e2a change CRD Name to ClusterPolicy & ClusterPolicyViolations 2019-09-03 14:51:51 -07:00
shivkumar dudhani
d43b4d93c2 rebase with master 2019-08-30 01:08:54 -07:00
shivkumar dudhani
8737ace7d7 handle http server close connection 2019-08-27 17:00:16 -07:00
shivkumar dudhani
470862a7b1 endpoint for policy mutation + refactor + graceful shutdown 2019-08-27 16:44:10 -07:00
shivkumar dudhani
5b80da32ba replace policyInfo with engineResponse 2019-08-26 13:34:42 -07:00
shivkumar dudhani
b062d70e29 initial redesign 2019-08-23 18:34:23 -07:00
shivkumar dudhani
d8c315e339 fix import cylce after merge + seperate webhookconfig client 2019-08-21 01:07:32 -07:00
shivkumar dudhani
e507fb6422 recieve stats + update violation status move to aggregator 2019-08-20 12:51:25 -07:00
shivkumar dudhani
606c519789 clean up 2019-08-19 17:17:52 -07:00
Shuting Zhao
a83e5c1d05 Merge commit '2192703df1bb26cb8b30a1aece6f9afeed09b214' into 254_dynamic_webhook_configurations 
# Conflicts:
#	pkg/engine/generation.go
#	pkg/engine/overlay.go
#	pkg/engine/utils.go
#	pkg/engine/utils_test.go
#	pkg/gencontroller/controller.go
#	pkg/gencontroller/generation.go
#	pkg/webhooks/mutation.go
#	pkg/webhooks/server.go
 2019-08-19 16:44:38 -07:00
shivkumar dudhani
6580e0e73a remove temp clientNew 2019-08-17 09:58:14 -07:00
Shuting Zhao
a110efb96c Merge branch 'policyViolation' into 254_dynamic_webhook_configurations 
# Conflicts:
#	main.go
#	pkg/annotations/annotations.go
#	pkg/annotations/controller.go
#	pkg/controller/controller.go
#	pkg/controller/controller_test.go
#	pkg/engine/engine.go
#	pkg/engine/generation.go
#	pkg/engine/mutation.go
#	pkg/engine/validation.go
#	pkg/event/controller.go
#	pkg/webhooks/mutation.go
#	pkg/webhooks/policyvalidation.go
#	pkg/webhooks/report.go
#	pkg/webhooks/server.go
#	pkg/webhooks/validation.go
 2019-08-14 19:00:37 -07:00
Shuting Zhao
6b1b6dddfa combine policy engine returns into single struct 2019-08-14 15:18:46 -07:00
Shuting Zhao
e87c72291f - Patch resource between every rule application - move mutation & validation to mutate webhook 2019-08-14 11:51:01 -07:00
shivkumar dudhani
aed0ed0dc1 clean up 2019-08-14 10:01:47 -07:00
shivkumar dudhani
9af6bf9003 update testing v1 2019-08-12 10:02:07 -07:00
shivkumar dudhani
a5e1b43eb7 policy violation support (incomplete) 2019-08-09 20:08:22 -07:00