Charles-Edouard Brétéché
5b89e2e5f8
refactor: make policy context immutable and fields private ( #5523 )
...
* refactor: make policy context immutable and fields private
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: make policy context immutable and fields private
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2022-12-02 16:14:23 +08:00
Charles-Edouard Brétéché
1ea4a0db19
refactor: use internal cmd package in kyverno ( #5507 )
2022-11-30 13:37:53 +00:00
Charles-Edouard Brétéché
dfded5cc60
feat: propagate context to the metrics package ( #5479 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-11-28 10:30:14 +00:00
Charles-Edouard Brétéché
56aae9f505
fix: admission reports stacking up ( #5457 )
...
* fix: admission reports stacking up
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* utils
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* warmup
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* cleanup
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix logger
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* nits
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-11-24 14:21:08 +01:00
Diego Nicacio
b0f5b2f537
logging action ( #5416 )
...
Signed-off-by: diegonicacio <diegoonicacio@gmail.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
2022-11-21 21:39:20 +05:30
Charles-Edouard Brétéché
cc8f643767
refactor: admission metrics (counter and latency) ( #5245 )
...
* refactor: move all middlewares in handlers sub package
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: admission metrics (counter and latency)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* builder
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* cleanup
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-11-09 18:52:20 +08:00
Charles-Edouard Brétéché
ea1b64ab08
fix: skip admission in dry run requests ( #4994 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
2022-10-17 04:01:06 +00:00
Charles-Edouard Brétéché
f0703a5c6b
fix: don't produce empty admission reports ( #4966 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2022-10-14 15:55:51 +00:00
Charles-Edouard Brétéché
47780bf37f
fix: improve banned types management in reports ( #4953 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-10-14 23:20:30 +08:00
Charles-Edouard Brétéché
287eb84d07
refactor: use context in controllers instead of chan ( #4761 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-09-30 16:54:47 +05:30
Charles-Edouard Brétéché
e0ab72bb9a
feat: reports v2 implementation ( #4608 )
...
This PR refactors the reports generation code.
It removes RCR and CRCR crds and replaces them with AdmissionReport, ClusterAdmissionReport, BackgroundScanReport and ClusterBackgroundScanReport crds.
The new reports system is based on 4 controllers:
Admission reports controller is responsible for cleaning up admission reports and attaching admission reports to their corresponding resource in case of a creation
Background scan reports controller is responsible for creating background scan reports when a resource and/or policy changes
Aggregation controller takes care of aggregation per resource reports into higher level reports (per namespace)
Resources controller is responsible for watching reports that need background scan reports
I added two new flags to disable admission reports and/or background scan reports, the whole reporting system can be disabled if something goes wrong.
I also added a flag to split reports in chunks to avoid creating too large resources.
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
Co-authored-by: prateekpandey14 <prateek.pandey@nirmata.com>
2022-09-28 17:15:16 +05:30
Charles-Edouard Brétéché
e900815dc0
refactor: move validation handler out of webhooks package ( #4556 )
...
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2022-09-09 07:52:38 +00:00
