* handle subresources
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* make fmt
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix logger name
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix webhook and logs
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* make fmt
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
* Load mutate.targets via dclient
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Do not fail on namespace cleanup for e2e generate
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Fix wildcard name listing for a certain namespace
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Rename onPolicyUpdate to mutateExistingOnPolicyUpdate
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Enable "mutateExistingOnPolicyUpdate" on policy events
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
* add certificates attestor
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* handle duplicate images; use container name as key
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* use OldObject for modify requests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* use unique image names
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* merge main
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* create a single annotation patch across rules and images
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fmt and change annotation key name
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix linter issues
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* split certs from keys
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* make fmt
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix test
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* add Rekor and fix tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix tests
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
* remove YAML multiline support in CM values
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* remove unused code
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix test
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
- Remove GenerateRequest Informer
- Rename GenerateRequest to UpdateRequest in logs and vars
- Fix initContainer leader election
- Convert GenerateRequest to UpdateRequest in initContainer
- Remove unused methods
- Add printer column ruleType to UR
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Fix webhook rules equality when internal is empty
The current implementation of the 'webhookRulesEqual' didn't check for
the corner case were both the internal representation and the API have
length of one, but the internal representation has 1 rule with no
selectors.
In this case the 'webhookRulesEqual' should return false, as the 2
configurations are not the same.
Signed-off-by: Ioannis Bouloumpasis <buluba@arrikto.com>
* Fix tests
Add a small time delay when checking if a Policy is ready in tests to
ensure that the Policy is actually ready.
Signed-off-by: Ioannis Bouloumpasis <buluba@arrikto.com>
* add support for roles, cluster roles and subjects in kyverno cli
Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>
* fixed bug where negation of kernel version caused cpolr to fail
Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com>
* small fix in function validateString
Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com>
* Added necessary tests
Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com>
Added one more test
Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com>
* Add more tests and added a policy to the test folder
Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com>
* added policy for test cli
Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
* Adds e2e test for JSON patch mutate policy
Signed-off-by: afzal442 <afzal442@gmail.com>
* modifies the config to use the optimal version of that policy
Signed-off-by: afzal442 <afzal442@gmail.com>
* Fixes the lint issuue
Signed-off-by: afzal442 <afzal442@gmail.com>
* modifies test to pass
Signed-off-by: afzal442 <afzal442@gmail.com>
* adds changes to resources
Signed-off-by: afzal442 <afzal442@gmail.com>
Co-authored-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
