mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00
Code Activity
3081 commits 15 branches 540 tags 276 MiB
Commit graph

38 commits

Author SHA1 Message Date
shuting
3bc386955e
Remove unnecessary JSON patches; fixes strategicMergePatch for tolerations (#1478) 
* ignore certain paths when generates JSON patches

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* remove extra comment

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* fix https://github.com/kyverno/kyverno/issues/1339

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* resolve PR comments

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* update comment

Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-01-19 11:08:06 -08:00
Jim Bugwadia
e2f10c6f83 update validation logic 2020-12-23 15:10:07 -08:00
Jim Bugwadia
305adf2fa0 fix typos and improve readability 2020-12-01 22:50:40 -08:00
Jim Bugwadia
125faaf4e3 fix variable substitution 2020-11-25 00:21:51 -08:00
Shuting Zhao
58bc63e1ad remove policy violation from types.go 2020-11-11 15:50:17 -08:00
Shuting Zhao
cdc5190c56 update nirmata/kyverno to kyverno/kyverno 2020-10-07 11:12:31 -07:00
Mohan B E
f60deecdce
Feature/namespaced policy 280 (#1058) 
* namespaced policy crd and cache

* modified main.go

* removed kyverno

* implemented policy violation generator for namespaced policy on audit

* modified cache

* added validation for cluster resource types

* install.yaml

* install.yaml

* removed namespaces from crd and refactored code

* modified NamespacePolicy to Policy

* added ClusterRole aggregate for policies

* modified clusterrole
 2020-08-19 09:07:23 -07:00
shuting
67f7ed0ed3
Bug fix: perform OR across types in UserInfo (#992) 
* remove policy name cache entry on policy DELETE

* buugfix: perform OR in userInfo match

* add function description
 2020-07-14 20:23:30 -07:00
NoSkillGirl
fed8d7f967 small fixes 2020-07-11 18:12:35 +05:30
NoSkillGirl
b23cfa9f93 added auto-gen policy rule for cli 2020-07-11 17:57:07 +05:30
shuting
87fa77fbcc
965 add validate audit handler (#967) 
* store policy names cache to reduce lookup time

* add validate audit handler

* fix #958, remove auto-gen annotation on Pod

* formatting code

* update processTime to readable format

* #586, add back unit test

* update logging info

* remove unused interface

* handle generate policy in a single thread in weboook

* resolve pr comments
 2020-07-09 11:48:34 -07:00
shuting
ed52bd3d9f
Add policy cache based on policyType (#960) 
* add policy cache based on policyType

* fetch policy from cache in webhook

* add unit test for policy cache

* update log for exclude resources filter

* skip webhook mutation on DELETE operation

* remove duplicate k8s version check

* add description
 2020-07-02 12:49:10 -07:00
Jim Bugwadia
65193feccb
update logging, naming, and event retry (#959) 
* update logging and naming

* check per policy patch count
 2020-06-30 11:53:27 -07:00
Jim Bugwadia
838d02c475
Bugfix/659 support wildcards for namespaces (#871) 
* - support wildcards for namespaces

* do not annotate resource, unless policy is an autogen policy

* close HTTP body

* improve messages

* remove policy store

Policy store was not fully implemented and simply provided a way
to list all polices and get a policy by name, which can be done via
standard client-go interfaces.

We need to revisit and design a better PolicyStore that provides fast
lookups for matching policies based on names, namespaces, etc.

* handle wildcard namespaces in background processing

* fix unit tests 1) remove platform dependent path usage 2) remove policy store

* add test case for mutate with wildcard namespaces
 2020-05-26 10:36:56 -07:00
Shuting Zhao
0e803ae532 fix DENY pending for DELETE request 2020-05-18 20:01:20 -07:00
Shuting Zhao
ad4f06f22d Merge branch 'master' into 744_deny_requests 
# Conflicts:
#	pkg/webhooks/mutation.go
#	pkg/webhooks/server.go
#	pkg/webhooks/validation.go
 2020-05-18 12:32:42 -07:00
shravan
5ec300a12d 744 added tests 2020-05-07 02:35:24 +05:30
shravan
34238188da 744 fixing broken delete 2020-04-22 20:45:15 +05:30
Shivkumar Dudhani
2638e1002a
Merge branch 'master' into access_check 2020-03-20 10:07:47 -07:00
shivkumar dudhani
1b1ab78f77 logs & access 2020-03-17 11:05:20 -07:00
shravan
8dda9cc413 725 error response now returns rule message if it exists 2020-03-16 14:08:13 +05:30
shravan
ffd3487ace 725 changed returned error 2020-03-06 17:11:33 +05:30
shravan
afdbc1ac57 725 validationfailureaction enforce now returns a more concise error 2020-03-06 03:47:49 +05:30
shravan
0af0c469a3 634 fixes 2020-02-18 00:01:03 +05:30
shravan
12076f6183 Merge branch 'master' into 253_ValidationInMutationFlag_v3 2020-01-24 23:32:15 +05:30
shravan
53a795e414 resolving merge conflicts 2020-01-24 23:24:20 +05:30
Shivkumar Dudhani
1171ac691b
cleanup phase 1 (#653) 2020-01-24 09:37:12 -08:00
Shuting Zhao
ba8030bec0 change to use validationFailureAction for the mutation failure action 2020-01-16 11:57:28 -08:00
Shuting Zhao
7e59e8e484 mutation failure to not block resource creation 2020-01-15 21:46:58 -08:00
shravan
520e675155 Merge branch 'master' into 253_ValidationInMutationFlag_v2 2020-01-15 19:45:16 +05:30
Shuting Zhao
cca5dd31b6 pass in original resource to validation if patches from mutation is nil 2020-01-13 10:15:52 -08:00
shravan
8dc6b06d79 resolving merge conflicts 2020-01-11 18:33:11 +05:30
Shuting Zhao
e3123e96b6 Merge branch 'master' into add_testscenario 2020-01-08 16:48:15 -08:00
Shuting Zhao
472fa29fce move mutation to subpackage pkg/engine/mutate 2020-01-07 17:06:17 -08:00
Shuting Zhao
cafc3883a4 - fix validation to process on patched resource; - format code 2020-01-07 11:32:52 -08:00
Shuting Zhao
ecbbd04bc5 - remove policy violation created on owner and related logic; - use generic call to create violation info 2020-01-06 17:07:11 -08:00
Shuting Zhao
77955ff212 change the policy action to operate on it's own validationFailureAction 2020-01-06 14:41:02 -08:00
Shivkumar Dudhani
5b8ab3842b
Support variable substitution (#549) 
* initial commit

* variable substitution

* update tests

* update test

* refactor engine packages for validate & generate

* update vendor

* update toml

* support variable substitution in overlay mutation

* missing update

* fix indentation in logs

* store context values as single JSON document using merge patches.

* remove duplicate functions

* fix message string

* Handle processing of policies in background (#569)

* remove condition check while generating mutation patch as conditions are verified in the first iteration

* initial commit

* background policy validation

* correct message

* skip non-background policy process for add/update

* fix order to correct policy registration

* update comment

Co-authored-by: shuting <shutting06@gmail.com>

* refactor

Co-authored-by: shuting <shutting06@gmail.com>
 2019-12-30 17:08:50 -08:00
Renamed from pkg/webhooks/utils.go (Browse further)