kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00

Author	SHA1	Message	Date
Charles-Edouard Brétéché	c241cfce44	fix: polex matching code (#9955 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-04-03 18:56:48 +00:00
Anushka Mittal	66a2c7283b	chore: changes to use latest kyverno-json apis (#9980 ) * changes to use latest kyverno-json apis Signed-off-by: Anushka Mittal <anushka@nirmata.com> * codegen diffs Signed-off-by: Anushka Mittal <anushka@nirmata.com> --------- Signed-off-by: Anushka Mittal <anushka@nirmata.com> Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2024-04-02 14:35:26 +00:00
Vishal Choudhary	83f2846572	feat: add TSA cert chain support in cosign (#9961 ) * feat: add TSA cert chain support in cosign Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: add chainsaw test Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * feat: add unit test Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: unit tests Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2024-03-30 20:50:07 +00:00
Vishal Choudhary	1a1954002f	fix: add rekor opts to cosign certificate verification and make rekor url optional (#9957 ) * fix: add rekor opts to cosign certificate verification and make rekor url optional Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: linter Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2024-03-28 18:17:24 -07:00
Vishal Choudhary	baa9eb2fd3	chore: bump controller gen to 0.14.0 (#9953 ) * chore: update controller-gen version and cmd controller gen throws an error when multiple instances of the same generator 'crd' in this case is specified. See: kubernetes-sigs/controller-tools#829 Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * chore: generate code Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-03-28 09:33:17 +01:00
Charles-Edouard Brétéché	4438b24b69	refactor: exception selector interface (#9907 ) * refactor: exception selector interface Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2024-03-28 08:03:01 +00:00
Khaled Emara	bd6eff61cb	chore(gctx): document schema better (#9923 ) Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>	2024-03-20 19:34:40 +00:00
Khaled Emara	429e84be10	fix(globalcontext): panics and validation (#9903 )	2024-03-14 16:12:39 +00:00
Jim Bugwadia	befcd73ea1	add control names and images to PSS results (#9869 ) * add control names and images to PSS results Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove init Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix tets Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update chainsaw tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add unit test Signed-off-by: Jim Bugwadia <jim@nirmata.com> --------- Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2024-03-11 09:32:05 +00:00
Suruchi Kumari	26df05d8c1	[Bug] [CLI] PSS report does not show properties with control details (#9785 ) * add properties in pss report Signed-off-by: GitHub <noreply@github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove tests Signed-off-by: GitHub <noreply@github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix Signed-off-by: GitHub <noreply@github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix lint Signed-off-by: GitHub <noreply@github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore: move chainsaw config at the root of the repo (#9768) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump svenstaro/upload-release-action from 2.7.0 to 2.9.0 (#9767) Bumps [svenstaro/upload-release-action](https://github.com/svenstaro/upload-release-action) from 2.7.0 to 2.9.0. - [Release notes](https://github.com/svenstaro/upload-release-action/releases) - [Changelog](https://github.com/svenstaro/upload-release-action/blob/master/CHANGELOG.md) - [Commits](`1beeb572c1...04733e069f`) --- updated-dependencies: - dependency-name: svenstaro/upload-release-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add test Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fill properties field in test Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove unwanted folders Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remote gitpod file Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix: remove unnecessary podSecurity chainsaw test (#9791) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix: remove unnecessary validation check for podSecurity rule (#9790) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update versions (#9783) Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore: add tests for exceptions in the CLI (#9781) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump go.opentelemetry.io/otel/sdk/metric (#9799) Bumps [go.opentelemetry.io/otel/sdk/metric](https://github.com/open-telemetry/opentelemetry-go) from 1.23.1 to 1.24.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.23.1...v1.24.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/sdk/metric dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc (#9797) Bumps [go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc](https://github.com/open-telemetry/opentelemetry-go) from 1.23.1 to 1.24.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.23.1...v1.24.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump codecov/codecov-action from 4.0.1 to 4.0.2 (#9794) Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.0.1 to 4.0.2. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](`e0b68c6749...0cfda1dd0a`) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump go.opentelemetry.io/otel/exporters/prometheus (#9796) Bumps [go.opentelemetry.io/otel/exporters/prometheus](https://github.com/open-telemetry/opentelemetry-go) from 0.45.2 to 0.46.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/example/prometheus/v0.45.2...example/prometheus/v0.46.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/prometheus dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace (#9795) Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace](https://github.com/open-telemetry/opentelemetry-go) from 1.23.1 to 1.24.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.23.1...v1.24.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * changes Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc (#9798) Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc](https://github.com/open-telemetry/opentelemetry-go) from 1.23.1 to 1.24.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.23.1...v1.24.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump codecov/codecov-action from 4.0.2 to 4.1.0 (#9811) Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.0.2 to 4.1.0. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](`0cfda1dd0a...54bcd8715e`) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp (#9809) Bumps [go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp](https://github.com/open-telemetry/opentelemetry-go-contrib) from 0.48.0 to 0.49.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.48.0...zpages/v0.49.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump golang.org/x/crypto from 0.19.0 to 0.20.0 (#9810) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.19.0 to 0.20.0. - [Commits](https://github.com/golang/crypto/compare/v0.19.0...v0.20.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix lint Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix(globalcontext): old WaitGroup not stopping (#9813) * fix(globalcontext): old waitgroup not stopping Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): add AGE Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * feat(globalcontext): add lastRefreshTime Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): unhandled intormer run exception Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): comment wording Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): codegen Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): linter Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> --------- Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add empty declaration of properties Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add changes Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix: add podSecurity validation checks for exceptions (#9817) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump github.com/sigstore/sigstore from 1.8.1 to 1.8.2 (#9825) Bumps [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](https://github.com/sigstore/sigstore/compare/v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault (#9821) Bumps [github.com/sigstore/sigstore/pkg/signature/kms/hashivault](https://github.com/sigstore/sigstore) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](https://github.com/sigstore/sigstore/compare/v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/hashivault dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/azure (#9823) Bumps [github.com/sigstore/sigstore/pkg/signature/kms/azure](https://github.com/sigstore/sigstore) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](https://github.com/sigstore/sigstore/compare/v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/azure dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump kyverno/action-install-chainsaw from 0.1.6 to 0.1.7 (#9832) Bumps [kyverno/action-install-chainsaw](https://github.com/kyverno/action-install-chainsaw) from 0.1.6 to 0.1.7. - [Release notes](https://github.com/kyverno/action-install-chainsaw/releases) - [Commits](`204730d723...3bf0752f44`) --- updated-dependencies: - dependency-name: kyverno/action-install-chainsaw dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump aquasecurity/trivy-action from 0.17.0 to 0.18.0 (#9831) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.17.0 to 0.18.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](`84384bd6e7...062f259268`) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/gcp (#9830) Bumps [github.com/sigstore/sigstore/pkg/signature/kms/gcp](https://github.com/sigstore/sigstore) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](https://github.com/sigstore/sigstore/compare/v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * [Bug] [CLI] Restore warn-exit-code functionality for apply command (#9828) * Restore warn-exite-code functionality for apply command Signed-off-by: Matt Veitas <mveitas@gmail.com> * Nove error handling Signed-off-by: Matt Veitas <mveitas@gmail.com> * Uncomment println statement Signed-off-by: Matt Veitas <mveitas@gmail.com> * Fixing linting Signed-off-by: Matt Veitas <mveitas@gmail.com> * Adding conformance tets for cli apply command with warn-exit-code Signed-off-by: Matt Veitas <mveitas@gmail.com> * Update path to kubectl-kyverno binary Signed-off-by: Matt Veitas <mveitas@gmail.com> * Add prepare-cli as needed dependency Signed-off-by: Matt Veitas <mveitas@gmail.com> * feat: install kubectl-kyverno in standard conformance tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: update chainsaw config Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: move CLI chainsaw tests to a separate action Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: CLI path Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: name Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: add chainsaw flag '--no-cluster' Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: CLI name Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: Matt Veitas <mveitas@gmail.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: shuting <shuting@nirmata.com> Co-authored-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/aws (#9822) Bumps [github.com/sigstore/sigstore/pkg/signature/kms/aws](https://github.com/sigstore/sigstore) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](https://github.com/sigstore/sigstore/compare/v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/aws dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove comment and shift line 91 Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * modify test Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * added rseperate function for adding properties in result Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add test for pss report Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove comments Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix: remove duplicate chainsaw tests for PSA (#9835) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * modify policy Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * modify policy in test_dta Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * docs: Add new adopter to ADOPTERS.md (#9841) Signed-off-by: Younsung Lee <cysl@kakao.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix: use gcr crane opts while fetching image descriptors (#9838) Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix: add missing unit tests for podSecurity.hostpathVolume check (#9845) * fix: add missing unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: update pinned lib Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: uncomment code Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix: release CRDs manifests (#9849) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * chore(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#9842) Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.8.4...v1.9.0) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix name access for policy types Signed-off-by: Jim Bugwadia <jim@nirmata.com> * modify pkg report Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * modify name Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add bindings Signed-off-by: Jim Bugwadia <jim@nirmata.com> * Revert "add bindings" This reverts commit c616c11d9bb4dd0554104025fcfb9cf9e25dc02d. Signed-off-by: Jim Bugwadia <jim@nirmata.com> * revert add bindings Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update chainsaw Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update name Signed-off-by: Jim Bugwadia <jim@nirmata.com> * Revert "update name" This reverts commit 84de45b4ce1c5f94d8cbd0a66e893c7907f4a600. Signed-off-by: Jim Bugwadia <jim@nirmata.com> * simplify results Signed-off-by: Jim Bugwadia <jim@nirmata.com> --------- Signed-off-by: GitHub <noreply@github.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Signed-off-by: Matt Veitas <mveitas@gmail.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: shuting <shuting@nirmata.com> Signed-off-by: Younsung Lee <cysl@kakao.com> Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Khaled Emara <khaled.emara@nirmata.com> Co-authored-by: Matt Veitas <mveitas@gmail.com> Co-authored-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Younsung Lee <cysl@kakao.com> Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2024-03-07 13:54:00 -08:00
Matt Veitas	5ef7581c5c	[Bug] [CLI] Restore warn-exit-code functionality for apply command (#9828 ) * Restore warn-exite-code functionality for apply command Signed-off-by: Matt Veitas <mveitas@gmail.com> * Nove error handling Signed-off-by: Matt Veitas <mveitas@gmail.com> * Uncomment println statement Signed-off-by: Matt Veitas <mveitas@gmail.com> * Fixing linting Signed-off-by: Matt Veitas <mveitas@gmail.com> * Adding conformance tets for cli apply command with warn-exit-code Signed-off-by: Matt Veitas <mveitas@gmail.com> * Update path to kubectl-kyverno binary Signed-off-by: Matt Veitas <mveitas@gmail.com> * Add prepare-cli as needed dependency Signed-off-by: Matt Veitas <mveitas@gmail.com> * feat: install kubectl-kyverno in standard conformance tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: update chainsaw config Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: move CLI chainsaw tests to a separate action Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: CLI path Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: name Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: add chainsaw flag '--no-cluster' Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: CLI name Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: Matt Veitas <mveitas@gmail.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: shuting <shuting@nirmata.com> Co-authored-by: ShutingZhao <shuting@nirmata.com>	2024-02-29 13:08:21 +00:00
Jim Bugwadia	a95cd808a4	update versions (#9783 ) Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2024-02-26 07:26:37 +00:00
Khaled Emara	2b2587469d	feat: enhance global context (#9710 ) * feat(globalcontext): add event handling Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * feat(globalcontext): handle cache sync error Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * feat(globalcontext): ensure api is called during init Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * design(events): decouple events from policies a bit Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * feat(globalcontext): use status Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): make status optional Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): status update Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): codegen Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): delete yaml annotations Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): fix status in tests Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcotext): update enqueue func Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): error Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): rbac Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): retry logic Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): unknown api call in test Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * bump Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix: set unique name for each testing resource Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: update readme Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: log msg Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: add delays Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: delay gctce creation Signed-off-by: ShutingZhao <shuting@nirmata.com> * debug: check Kyverno status Signed-off-by: ShutingZhao <shuting@nirmata.com> * debug: update chainsaw config Signed-off-by: ShutingZhao <shuting@nirmata.com> * debug: revert chainsaw config Signed-off-by: ShutingZhao <shuting@nirmata.com> * test(globalcontext): print actual status Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): add necessary delays and check status before applying Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * test(globalcontext): long refreshInterval Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * debug: log success Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * debug: print informer data Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): use client instead of informer Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * debug: print status after update Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * debug: print ResourceVersion Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * debug: remove gcecontroller from other controllers Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): update status only once Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore: remove excess logs Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): add store to cleanup controller Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> --------- Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-23 10:34:04 +00:00
Mariam Fahmy	0d7cb9527f	feat: support bindings in Kyvenro CLI test command (#9759 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-02-21 14:00:42 +00:00
Mariam Fahmy	2a277a01c4	feat: apply VAP bindings in CLI apply command in offline mode (#9751 ) * feat: apply VAP bindings in CLI apply command in offline mode Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix lint Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix chainsaw tests Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-02-21 07:52:25 +00:00
mohamedasifs123	d114b282de	add plural form aliases for resources and exceptions flags (#9749 ) * Update command.go Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * lint Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * lint Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> --------- Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2024-02-19 21:35:23 +00:00
Mariam Fahmy	31bb10722e	fix: add the support of v2alpha1 exceptions in the CLI (#9714 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-02-12 22:57:03 +00:00
Charles-Edouard Brétéché	a1cb4f1c30	fix: remove deprecated imageSignatureRepository flag (#9698 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-08 12:10:29 +00:00
Charles-Edouard Brétéché	7775541b46	fix: reports aggregation (#9697 ) * chore: rename admission to ephemeral in reports aggregation controller Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: reports aggregation Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * second queue Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * cleanup Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * nit Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * flag Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-08 10:36:01 +00:00
Khaled Emara	10258921ac	feat(validation-webhook): validate global context reference (#9678 ) * feat(validation-webhook): validate global context reference Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(validation-webhook): global reference name Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * test(globalcontext): fix tests after valdiation Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(policycache): dont add NotReady Policies Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): rename e2e tests Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * chore(globalcontext): add entry errors Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * test(globalcontext): fix chainsaw test Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> --------- Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>	2024-02-08 07:46:58 +00:00
Charles-Edouard Brétéché	f1c81dbc69	feat: remove admission controller (#9677 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-07 06:20:35 +00:00
Khaled Emara	589446da5d	chore(globalcontext): drop globalcontext flag (#9652 ) Signed-off-by: Khaled Emara <mail@KhaledEmara.dev> Co-authored-by: shuting <shuting@nirmata.com>	2024-02-05 16:31:08 +00:00
Charles-Edouard Brétéché	c649169a78	feat: add scan command for generic resources (#9651 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-05 15:49:01 +00:00
Charles-Edouard Brétéché	8a0d2a598a	feat: add root command to process generic json resources (#9639 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-05 12:38:01 +00:00
Khaled Emara	8a4d9941de	feat: add globalcontext loader and interface (#9602 ) * feat(globalcontext): add interface Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): package import path Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * design(contextloader): move globalcontext from Load to init Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(globalcontext): remove pointer Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * design(globalcontext): create specific Store Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-05 11:24:37 +00:00
Sanskar Gurdasani	204d061a93	support -e shorthand with --exception (#9624 ) Signed-off-by: Sanskarzz <sanskar.gur@gmail.com>	2024-02-04 10:41:31 +00:00
Vishal Choudhary	3142af64a0	feat: add global context entry validation webhook (#9619 ) * feat: add global context entry validation webhook Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: use `k8s.io/apimachinery/pkg/util/json` instead of `encoding/json` Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: lint Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>	2024-02-02 18:04:50 +01:00
Charles-Edouard Brétéché	2b712107d2	feat: consider maxAPICallResponseLength (#9620 ) * chore: move global context package out of engine Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: consider maxAPICallResponseLength Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-02 15:35:57 +00:00
Charles-Edouard Brétéché	b59353c657	chore: move global context package out of engine (#9618 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-02 14:35:24 +00:00
Charles-Edouard Brétéché	03af9831f3	feat: add global context support in helm chart (#9614 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-02 11:37:58 +00:00
Khaled Emara	226fa9515a	feat: add globalcontext controller (#9601 ) * feat: add globalcontext controller Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * rework controller Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * rbac Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * cmd Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix rbac Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * engine Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * k8s resources Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * k8s resource Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * resync zero Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * api call Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * api call Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * clean Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix linter Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-02 10:41:35 +00:00
Anushka Mittal	c6d4f33ae9	make exception in cli exportable (#9609 ) Signed-off-by: anushkamittal2001 <anushka@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2024-02-02 08:03:25 +00:00
Anushka Mittal	cf80b66a69	move error message to log (#9238 ) * move error message to log Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Add rephrased error logs Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * silence errors Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * modify tests for silence errors Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: anushkamittal2001 <anushka@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-01 20:41:17 +00:00
M Viswanath Sai	d102abeb99	Feat: Human readable timestamps in logs (#9276 ) * added timestamp flag and subsequent behaviour changes for logging Signed-off-by: mviswanathsai <mviswanath.sai.met21@itbhu.ac.in> * Changed verbose verbosity level in cli Signed-off-by: mviswanathsai <mviswanath.sai.met21@itbhu.ac.in> * fix linter Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * log level Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: mviswanathsai <mviswanath.sai.met21@itbhu.ac.in> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-01 19:14:47 +00:00
Charles-Edouard Brétéché	1c82ae269f	fix: make ApplyCommandConfig public again (#9596 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-01 14:50:58 +00:00
Anushka Mittal	ce0c704086	Deploy specific controllers (#8849 ) * Initial changes for deploy specific controllers Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Include correct values in values.yaml Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Remove check for other controllers Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Sanity checks for other controllers Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * resolve lint errors Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * add separate flags for all crds; conditions for controller crd relation Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * rm global Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * rm global Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * values Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: anushkamittal2001 <anushka@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-02-01 10:14:05 +00:00
Sanskar Gurdasani	231e7a681e	Support PolicyExceptions with CLI (#9525 ) * loding policyExecptions from func Signed-off-by: Sanskarzz <sanskar.gur@gmail.com> * adding PolicyExceptions in crds Signed-off-by: Sanskarzz <sanskar.gur@gmail.com> * adding PolicyExceptions in GetPolicy function Signed-off-by: Sanskarzz <sanskar.gur@gmail.com> * adding policyexceptions in Load function Signed-off-by: Sanskarzz <sanskar.gur@gmail.com> * resolve error becuase of now Getpolicy return policyexceptions Signed-off-by: Sanskarzz <sanskar.gur@gmail.com> * added -exception flag loaded policyexception Signed-off-by: Sanskarzz <sanskar.gur@gmail.com> * added policyexceptions in processor and NewEngine Signed-off-by: Sanskarzz <sanskar.gur@gmail.com> * Revert "added -exception flag loaded policyexception" This reverts commit `f53b205c08`. * Revert "Added support for PolicyExceptions for apply command " This reverts commit `82689ea0c1`. * Update cmd/cli/kubectl-kyverno/commands/test/test.go loading exceptions with policies Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com> Signed-off-by: Sanskar Gurdasani <92817635+Sanskarzz@users.noreply.github.com> * updated GetFullPaths function and remove unnecessary code Signed-off-by: Sanskarzz <sanskar.gur@gmail.com> * added tests for loading exceptions in GetPolicy function Signed-off-by: Sanskarzz <sanskar.gur@gmail.com> * added tests for loading policy exceptions Signed-off-by: Sanskarzz <sanskar.gur@gmail.com> * Used selector in List function Signed-off-by: Sanskarzz <sanskar.gur@gmail.com> * generated cli crd Signed-off-by: Sanskarzz <sanskar.gur@gmail.com> * updated loadpolicy_test tests and corrected kind Signed-off-by: Sanskarzz <sanskar.gur@gmail.com> * resolved unit test error in path_test.go file Signed-off-by: Sanskarzz <sanskar.gur@gmail.com> * limiting the usage of exceptions to ValidatingAdmissionPolicies Signed-off-by: Sanskarzz <sanskar.gur@gmail.com> * remove changes in common code Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fixes Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fixes Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fixes Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fixes Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fixes Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fixes Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fixes Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fixes Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fixes Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fixes Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Sanskarzz <sanskar.gur@gmail.com> Signed-off-by: Sanskar Gurdasani <92817635+Sanskarzz@users.noreply.github.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-31 22:28:14 +00:00
shuting	635f160ae0	feat (generate): add `orphanDownstreamOnPolicyDelete` to preserve downstream on policy deletion (#9579 ) * add chainsaw tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * add .orphanDownstreamOnPolicyDelete Signed-off-by: ShutingZhao <shuting@nirmata.com> * update codegen Signed-off-by: ShutingZhao <shuting@nirmata.com> * update docs Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2024-01-31 13:50:38 +02:00
Charles-Edouard Brétéché	13052267d0	chore: small nits in cli test command (#9573 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-31 01:39:47 +00:00
Charles-Edouard Brétéché	2b824be667	fix: omit events flag (#9572 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-30 23:41:13 +00:00
Charles-Edouard Brétéché	e969e29eb8	chore: remove reports aggregation per namespace (#9570 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-30 23:08:47 +00:00
Khaled Emara	8fcd9945a1	feat: use custom events watcher (#9324 ) * feat: use cusotm events watcher This custom Event handler solved the problem of a goroutine per Event. Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * test(events): add unit test to EventGenerator Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * fix(events): linter Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * feat: do away with EventBroadcaster Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> * eddycharly fixes Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-30 14:08:15 -08:00
Charles-Edouard Brétéché	9102753323	fix: make alternate reports storage transparent (#9553 ) * fix: make alternate reports storage transparent Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * bg scan Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * aggregation Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * aggregation Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * rm manager Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * update Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fixes Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fixes Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-30 14:53:37 +00:00
Mariam Fahmy	831bf3c074	feat: reuse --protectManagedResources flag in the cleanup controller (#8566 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2024-01-30 07:08:30 +00:00
Mariam Fahmy	9ed14cb779	feat: support vap bindings in reports (#9506 ) * feat: support vap bindings in reports Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix: add binding to the rule response Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * add chainsaw test Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix lint Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix chainsaw Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * add chainsaw tests Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix chainsaw tests Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-29 12:49:17 +01:00
Mike Bryant	c40dab9ea0	fix: Allow generate cli tests to work with server-side apply policies (#9385 ) * test: Add test case for useServerSideApply Signed-off-by: Mike Bryant <mike.bryant@mettle.co.uk> * fix: Allow generate cli tests to work with server-side apply policies Signed-off-by: Mike Bryant <mike.bryant@mettle.co.uk> --------- Signed-off-by: Mike Bryant <mike.bryant@mettle.co.uk> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-29 11:15:13 +00:00
Vishal Choudhary	4108415153	feat: use awslabs keychain for AWS and gcr keychain for GCP (#9416 ) * feat: use awslabs keychain for AWS and gcr keychain for GCP Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * chore: remove unused var Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * chore: remove more unused vars Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> * fix: gofumpt Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-29 08:25:52 +00:00
mohamedasifs123	1e6f827f42	Fix: not showing error during policy validation error (#9533 ) * Update result.go Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * Update command.go to call function policyvalerror Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> * Update cmd/cli/kubectl-kyverno/processor/result.go Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * Update cmd/cli/kubectl-kyverno/commands/apply/command.go Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * nit Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2024-01-28 23:46:09 +00:00
shuting	7170cbb0c2	feat:Webhook config per policy (#9483 ) * add spec.webhookConfigurations Signed-off-by: ShutingZhao <shuting@nirmata.com> * update crd Signed-off-by: ShutingZhao <shuting@nirmata.com> * configure webhook Signed-off-by: ShutingZhao <shuting@nirmata.com> * register webhook handler Signed-off-by: ShutingZhao <shuting@nirmata.com> * skip storing finegrained policies in cache Signed-off-by: ShutingZhao <shuting@nirmata.com> * update resource validate handler Signed-off-by: ShutingZhao <shuting@nirmata.com> * updates Signed-off-by: ShutingZhao <shuting@nirmata.com> * enable mutate resource handler for fine-grained policies Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: tests Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2024-01-27 13:00:22 +00:00
Mariam Fahmy	f01f0d6dc4	feat: support podSecurity exclusion in exceptions (#9343 ) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2024-01-26 18:43:07 +00:00

1 2 3 4 5 ...

869 commits