Shuting Zhao
|
c0eda74b98
|
update doc
|
2020-03-04 17:40:33 -08:00 |
|
Shuting Zhao
|
f4cc5d30fc
|
Add rules to disallow default namespace for pod controllers.
|
2020-03-04 17:37:51 -08:00 |
|
Jim Bugwadia
|
3903a20dd3
|
Remove autogen annotation
Remove `pod-policies.kyverno.io/autogen-controllers: none`
|
2020-02-07 17:13:56 -08:00 |
|
Shuting Zhao
|
b26ed89880
|
- set failurepolicy of webhookconfiguraitons to ignore; - disable auto-gen on policy disabllow_default_namespace
|
2020-01-15 18:01:50 -08:00 |
|
Shuting Zhao
|
5330138048
|
fix build error
|
2020-01-10 19:35:29 -08:00 |
|
Shuting Zhao
|
8de265d8a4
|
- update samples/policy - retag 1.1.0
|
2020-01-10 19:26:09 -08:00 |
|
Shivkumar Dudhani
|
3cf9141f4d
|
593 feature (#594)
* initial commit
* background policy validation
* correct message
* skip non-background policy process for add/update
* add Generate Request CR
* generate Request Generator Initial
* test generate request CR generation
* initial commit gr generator
* generate controller initial framework
* add crd for generate request
* gr cleanup controller initial commit
* cleanup controller initial
* generate mid-commit
* generate rule processing
* create PV on generate error
* embed resource type
* testing phase 1- generate resources with variable substitution
* fix tests
* comment broken test #586
* add printer column for state
* return if existing resource for clone
* set resync time to 2 mins & remove resource version check in update handler for gr
* generate events for reporting
* fix logs
* initial commit
* fix trailing quote in patch
* remove comments
* initial condition (equal & notequal)
* initial support for conditions
* initial support fo conditions in generate
* support precondition checks
* cleanup
* re-evaluate GR on namespace update using dynamic informers
* add status for generated resources
* display loaded variable SA
* support delete cleanup of generate request main resources
* fix log
* remove namespace from SA username
* support multiple variables per statement for scalar values
* fix fail variables
* add check for userInfo
* validation checks for conditions
* update policy
* refactor logs
* code review
* add openapispec for clusterpolicy preconditions
* Update documentation
* CR fixes
* documentation
* CR fixes
* update variable
* fix logs
* update policy
* pre-defined variables (serviceAccountName & serviceAccountNamespace)
* update test
|
2020-01-07 15:13:57 -08:00 |
|
shuting
|
2d022d457a
|
Merge pull request #584 from nirmata/371_omitempty
add anchors for omitempty tag
|
2020-01-02 11:17:31 -08:00 |
|
Shuting Zhao
|
d36934fe11
|
Merge commit '5b8ab3842b43a72cc675b93b8b72e290adfca1d2' into 518_pod_controller
# Conflicts:
# pkg/api/kyverno/v1/types.go
# pkg/engine/mutation.go
# pkg/engine/mutation_test.go
# pkg/engine/validation.go
# pkg/policy/existing.go
|
2020-01-02 10:32:17 -08:00 |
|
Shuting Zhao
|
e9ac8b8b28
|
update markdown
|
2019-12-30 16:45:22 -08:00 |
|
Shuting Zhao
|
456190b7f8
|
remove failure action
|
2019-12-30 13:55:02 -08:00 |
|
Shuting Zhao
|
d33a89cc0f
|
add anchors for omitempty tag
|
2019-12-30 13:53:51 -08:00 |
|
Shuting Zhao
|
bae2865550
|
- add =() to volumes; - update error msg
|
2019-12-27 14:59:12 -08:00 |
|
shivkumar dudhani
|
66e0181157
|
update tests
|
2019-12-10 10:26:04 -08:00 |
|
shivkumar dudhani
|
4894577ba1
|
update documentation
|
2019-12-10 09:51:15 -08:00 |
|
shivkumar dudhani
|
ee20fcd4a0
|
Update Name
|
2019-12-09 15:33:21 -08:00 |
|
shuting
|
ae53fa1bfc
|
Merge pull request #512 from nirmata/local_test
Add generate rule for default limitrange
|
2019-11-18 17:33:43 -08:00 |
|
Shuting Zhao
|
67d9808002
|
change markdown and link name
|
2019-11-18 16:55:14 -08:00 |
|
Shuting Zhao
|
42a6a87c41
|
update markdown
|
2019-11-18 14:53:51 -08:00 |
|
shivkumar dudhani
|
4edf06047e
|
update policy
|
2019-11-15 21:16:11 -08:00 |
|
Shuting Zhao
|
8343eaf0a8
|
add generate rule for default limitrange
|
2019-11-15 18:32:24 -08:00 |
|
Jim Bugwadia
|
eb24b7502b
|
update policy name
|
2019-11-13 23:31:04 -08:00 |
|
Shuting Zhao
|
4ea6898f00
|
add missing key in sample meta
|
2019-11-13 20:06:43 -08:00 |
|
Shuting Zhao
|
051eba058f
|
update api in samples/
|
2019-11-13 13:56:20 -08:00 |
|
Shuting Zhao
|
45dc0bd358
|
Merge commit 'da5c03f89df3007088b27fc84b08827170e16eda' into 345_support_usergroup_info
# Conflicts:
# test/scenarios/samples/best_practices/add_safe_to_evict2.yaml
|
2019-11-13 00:31:07 -08:00 |
|
Jim Bugwadia
|
f1fafb184b
|
fix sp
|
2019-11-12 17:41:29 -08:00 |
|
Jim Bugwadia
|
e7536fbf44
|
fix sp
|
2019-11-12 17:40:54 -08:00 |
|
Jim Bugwadia
|
50952fbf48
|
fix case
|
2019-11-12 17:39:12 -08:00 |
|
Jim Bugwadia
|
7131711bb4
|
fix typos
|
2019-11-12 17:34:21 -08:00 |
|
Jim Bugwadia
|
424199041c
|
Update DisallowBindMounts.md
|
2019-11-12 17:33:25 -08:00 |
|
Jim Bugwadia
|
48cd71a576
|
fix add_ns_quota policy
|
2019-11-12 16:37:40 -08:00 |
|
Shuting Zhao
|
fb2cc2db9c
|
fix tests
|
2019-11-11 21:40:42 -08:00 |
|
Shuting Zhao
|
85d04f609c
|
remove overlay failure conditionNotPresent as it allows the tag not present
|
2019-11-11 21:03:34 -08:00 |
|
Shuting Zhao
|
5a3ed62b13
|
Merge branch 'master' into 345_support_usergroup_info
# Conflicts:
# pkg/engine/validation_test.go
# pkg/webhooks/annotations.go
# pkg/webhooks/annotations_test.go
# pkg/webhooks/mutation.go
# pkg/webhooks/server.go
# pkg/webhooks/validation.go
|
2019-11-11 19:19:08 -08:00 |
|
Shuting Zhao
|
6c8f4f90da
|
fix patches annotation
|
2019-11-11 18:52:26 -08:00 |
|
Jim Bugwadia
|
8348c5761c
|
fix tests
|
2019-11-11 18:51:21 -08:00 |
|
Jim Bugwadia
|
31d33c5de1
|
update categories and links
|
2019-11-11 18:21:16 -08:00 |
|
Jim Bugwadia
|
8ac71a885c
|
update sections
|
2019-11-11 18:10:34 -08:00 |
|
Jim Bugwadia
|
87be5ca4b8
|
update policies and test cases
|
2019-11-11 17:55:54 -08:00 |
|
Jim Bugwadia
|
3ffb0cfa39
|
add disallow_sysctl and move policies
|
2019-11-11 17:17:09 -08:00 |
|
Jim Bugwadia
|
05503e4fd1
|
update other policies
|
2019-11-11 14:09:07 -08:00 |
|
Jim Bugwadia
|
dd4d091c23
|
update restrict_automount_sa_token
|
2019-11-10 21:57:20 -08:00 |
|
Jim Bugwadia
|
5b2fd96131
|
update LimitNodePort
|
2019-11-10 21:34:22 -08:00 |
|
Jim Bugwadia
|
5e8b6c4183
|
update add_networkPolicy
|
2019-11-10 21:27:50 -08:00 |
|
Jim Bugwadia
|
244909ebb3
|
update require_probes
|
2019-11-10 21:18:17 -08:00 |
|
Jim Bugwadia
|
c1be682a93
|
update require_pod_requests_limits
|
2019-11-10 21:06:49 -08:00 |
|
Jim Bugwadia
|
f668113904
|
update add_ns_quota
|
2019-11-10 20:58:57 -08:00 |
|
Jim Bugwadia
|
a6d5fb6e30
|
update restrict_image_registries
|
2019-11-10 18:13:01 -08:00 |
|
Jim Bugwadia
|
f31abbffab
|
update disallow_latest_tag
|
2019-11-10 17:54:38 -08:00 |
|
Jim Bugwadia
|
7f54e8e2e3
|
Merge branch '451_fix_disallow_host_net_port' into 452_make_sample_policy_rule_names_consistent
# Conflicts:
# samples/best_practices/disallow_host_network_hostport.yaml
# test/scenarios/samples/best_practices/disallow_host_network_port.yaml
|
2019-11-10 17:35:43 -08:00 |
|