mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-15 17:51:20 +00:00
Code Activity
2326 commits 15 branches 540 tags 276 MiB
Commit graph

2326 commits

This branch
This branch
All branches
Author SHA1 Message Date
Shuting Zhao
cca1451751 suppress violation on evicted pod 2020-05-26 14:52:49 -07:00
Shuting Zhao
fd0e96b551 - fix violations re-create on the same resource - skip background processing if a resource is to be deleted 2020-05-26 13:56:07 -07:00
Jim Bugwadia
838d02c475
Bugfix/659 support wildcards for namespaces (#871) 
* - support wildcards for namespaces

* do not annotate resource, unless policy is an autogen policy

* close HTTP body

* improve messages

* remove policy store

Policy store was not fully implemented and simply provided a way
to list all polices and get a policy by name, which can be done via
standard client-go interfaces.

We need to revisit and design a better PolicyStore that provides fast
lookups for matching policies based on names, namespaces, etc.

* handle wildcard namespaces in background processing

* fix unit tests 1) remove platform dependent path usage 2) remove policy store

* add test case for mutate with wildcard namespaces
 2020-05-26 10:36:56 -07:00
Jim Bugwadia
2bf5149415
Merge pull request #868 from evalsocket/fix-857 
Added cpu & memory resource requests and limits
 2020-05-21 13:25:13 -07:00
Yuvraj
3204b16559 resource limit added to kyverno defination and kyvrno chart 
Signed-off-by: Yuvraj <yuvraj.yad001@gmail.com>
 2020-05-21 12:18:05 -07:00
Yuvraj
1c1f622d40
Merge branch 'master' into fix-857 2020-05-21 10:57:13 -07:00
Yuvraj
30c2e879e2
update cpu request limit and remove cpu limit 2020-05-21 10:56:35 -07:00
Jim Bugwadia
1db1eccbea
Merge pull request #870 from realshuting/869_auto_gen_annotation 
869 - auto-gen annotation is not inserted connrectly
 2020-05-21 10:45:31 -07:00
Shuting Zhao
bc0c733fa2 remove roles 2020-05-21 10:22:19 -07:00
Shuting Zhao
3952aa5550 remove unused code 2020-05-21 08:49:33 -07:00
Shuting Zhao
2dda3e2a42 pr fix 2020-05-21 08:29:35 -07:00
Shuting Zhao
980ad39df8 update helm chart 2020-05-20 19:18:03 -07:00
Shuting Zhao
e1bdfbce27 update log 2020-05-20 17:08:30 -07:00
Shuting Zhao
ea66d7a7b8 fix CI 2020-05-20 13:58:56 -07:00
Shuting Zhao
bda81f0b93 - fix variable scope - debug log 2020-05-20 13:43:12 -07:00
Shuting Zhao
bc981f9a11 fix 869 2020-05-20 13:42:23 -07:00
Shuting Zhao
ecbc14d559 add clusterrole "admin" "edit" "view" to Kyverno 2020-05-20 13:36:00 -07:00
Yuvraj
7f2be174fb
Typo fixed 2020-05-20 01:41:27 -07:00
Yuvraj
b9da2ab96e
Revert kyverno image version 2020-05-20 01:41:00 -07:00
Yuvraj
6cf630d3f4 Added cpu & memory resource requests and limits 2020-05-20 00:24:14 -07:00
Jim Bugwadia
930811d457
Merge pull request #862 from realshuting/744_deny_requests 
fix #838 - skip adding crd if no schema is defined
 2020-05-19 14:14:18 -07:00
Shuting Zhao
34d05c58c2 PR fixes 2020-05-19 13:04:06 -07:00
Shuting Zhao
f0bd8eae11 clarify names 2020-05-19 12:41:13 -07:00
sgandon
21571ba275
fixed a documentation typo (#864) 2020-05-19 10:33:44 -07:00
Shuting Zhao
df452187bf fix CI 2020-05-19 10:32:42 -07:00
Shuting Zhao
9eb2534d63 - fix pending delete for denying deletion rule - revert timeoutHandler - update log level 2020-05-19 00:14:23 -07:00
Shuting Zhao
0670abe2d2 set log level 2020-05-18 21:16:48 -07:00
Shuting Zhao
140d638a9b fix #838 - skip if crd has no schema defined 2020-05-18 21:02:21 -07:00
Jim Bugwadia
9536a0df22
Merge pull request #860 from realshuting/744_deny_requests 
[1.2.0] 744 deny requests
 2020-05-18 20:57:33 -07:00
Shuting Zhao
74387d2ee4 Fix CI 2020-05-18 20:10:30 -07:00
Shuting Zhao
0e803ae532 fix DENY pending for DELETE request 2020-05-18 20:01:20 -07:00
Shuting Zhao
962b8f9865 Fix bug 2020-05-18 18:30:39 -07:00
Shuting Zhao
416f5ecc00 Merge branch 'master' into 744_deny_requests 
# Conflicts:
#	pkg/utils/util.go
#	pkg/webhooks/server.go
 2020-05-18 18:05:22 -07:00
Shuting Zhao
7348eda222 Fix convert resource with DELETION request 2020-05-18 17:11:08 -07:00
Shuting Zhao
90bd8ee306 Fix match/exclude is not working 2020-05-18 17:10:49 -07:00
Shuting Zhao
852f2bec2d Fix CRD definition 2020-05-18 17:10:35 -07:00
Yuvraj
277402ba4c
Feature - Add checks for k8s version when Kyverno starts (#831) 
* Added k8s version check for mutating and validating'

* version check adde

* middelware added

* formate

* Added timeout flag value to webhook server timeout middelware and refactore kubernetes version check

* Fixed test cases

* Removed log

* Update kubernetes version check

* Added check for mutate and validate

* Skip Validation in handleValidateAdmissionRequest if kubernetes version is below 1.14

* Update return object AdmissionResponse

* fixed condition for skiping mutation

* Handle condition for skip feature in case of kubernetes version 1.14.2
 2020-05-18 17:00:52 -07:00
Jim Bugwadia
5595c23eeb
Merge pull request #854 from realshuting/838_fix_CRD_error_log 
838 - fix parse CRD error: added CRD 1.16+ spec
 2020-05-18 13:44:48 -07:00
Shuting Zhao
ad4f06f22d Merge branch 'master' into 744_deny_requests 
# Conflicts:
#	pkg/webhooks/mutation.go
#	pkg/webhooks/server.go
#	pkg/webhooks/validation.go
 2020-05-18 12:32:42 -07:00
Shuting Zhao
bd3a422798 Merge branch '838_fix_CRD_error_log' of https://github.com/realshuting/kyverno into 838_fix_CRD_error_log 
# Conflicts:
#	pkg/policy/apply.go
 2020-05-18 11:57:04 -07:00
Shuting Zhao
df59b97bc7 add constant.go 2020-05-18 11:56:17 -07:00
Shuting Zhao
f97c202d52 extract controller resync period to a constant file 2020-05-18 11:56:17 -07:00
Shuting Zhao
c79f166dd3 increase background sync period to 5 mins 2020-05-18 11:56:17 -07:00
Shuting Zhao
b9d38d2fd3 fix error "failed to list resources" 2020-05-18 11:56:17 -07:00
Shuting Zhao
5128a00e91 suppress log 2020-05-18 11:56:15 -07:00
Shuting Zhao
57e9aaea5f Add crd 1.16+ spec 2020-05-18 11:55:59 -07:00
Yuvraj
c4c28b709b
Feature - Change annotation for auto-generate pod controllers policy (#849) 
* replace auto-generate pod controllers policy

* replace auto-generate pod controllers policy

* handled backword compatibility

* added backword compatibility

* Change annotation for auto-generate pod controllers

* Typo fixed
 2020-05-18 11:50:54 -07:00
Jim Bugwadia
8c4c98d1a4
Merge pull request #855 from nirmata/bugfix/fixes_791_792_832 
Bugfix/fixes 791 792 832
 2020-05-17 19:30:11 -07:00
Yuvraj
0635df7b11
Bug - annotation inserted to podTemplate by auto-gen should reflect the policy name (#850) 
* Added check for  annotation inserted to podTemplate by auto-gen

* skip reporting violation on pod which has annotation pod-policies.kyverno.io/autogen-applied

* Revert Changes

* typo fixed

* Update condition for skiping the pods
 2020-05-17 18:51:56 -07:00
Jim Bugwadia
b763c33a29 fix mock discover client 2020-05-17 17:58:57 -07:00